butonic.de Rotating Header Image

java

A simple JAX-RS security context example in GlassFish

Jun 18th, 2010
by Jörn Dreyer.
1 comment

When creating a REST api with Java EE 6 and JAX-RS there comes the time when you start thinking about security. In our case we were trying to set up HTTP Basic Auth for the REST api to identify users and keep them from deleting other peoples stuff. It took me a while to understand the different aspects of configuring HTTP Basic Auth when using GlassFish:

  1. Use SecurityContext in your Java code to access the authentication information.
  2. To enable HTTP Basic Auth add a <security-constraint> section to your web.xml
  3. Map user roles to GlassFish groups by creating a sun-web.xml
  4. Configure a FileRealm / JDBCRealm in GlassFish to store user passwords

I will detail the steps with a simple deleteRating() example and xml snippets.
(more…)

Moved from pebble to serendipity / apache to lighttpd / courier to postfix + cyrus

Mar 21st, 2007
by Jörn Dreyer.
No comments yet

I moved from pebble to serendipity (or s9y as they call it). Mainly, because pebble was the only JAVA process here and that sucked up quite a lot of resources on a host with 32 virtual machines. I imported the old posts and added redirects for all the old urls. Although s9y is written in php, which I dislike as a language, I am quite impressed with its features. For now I enabled comments as it comes with some nice anti spam measures … well see how things work out.

Apache was dumped in favour of lighttpd as I do not need all the functions of apache and it uses a smaller memory footprint … and maybe because lighttpd is hip and I wanted to try it out ;)

As we are going to use postfix/cyrus in the university I read a few IMAP performance comparisons and a lot of docu. Both outperform courier: cyrus performance and postfix documentation made the decision easier…

I hope nothing got broken ;)

so long

Using Cosmo / Bedework CalDAV with Evolution

Feb 8th, 2007
by Jörn Dreyer.
3 comments

This evening I was toying around with Cosmo, Bedework and Evolution v2.9.6 on Ubuntu Feisty Fawn. In a perfect world that only would have taken a few minutes…

Unfortunately, Evolution did not really like  the URL I tried to feed it for Cosmo:
caldav://localhost:8080/cosmo/home/testuser/Cosmo – for the current release
Using a browser (and the HTTP protocol) I was able to retrieve the calendar as mime text/text, but Evolution failed to recognize anything. It would even refuse to let me create events when the Cosmo calendar was selected, thinking it was read only …

With Bedework I tried the following with partial success:
http://localhost:8080/ucaldav/user/caluser1/calendar – for the current quickstart release
Evolution fails to import any data from the server. However, events added in Evolution are correctly displayed on the users webcalendar. When pointing a browser to the URL I get this HTML code:

Very strange … the table statement seems to be missing a closing bracket? Could that be the error? I will have to take a closer look at this …

so long

butonic