English

How to make Apache HttpClient trust Let's Encrypt Certificate Authority

<build> <resources> <resource> <directory>src/main/resources</directory> <filtering>false</filtering> </resource> </resources> </build> import javax.net.ssl.X509TrustManager; import java.security.cert.CertificateException; import java.security.cert.X509Certificate; public class TrustManagerDelegate implements X509TrustManager { private final X509TrustManager mainTrustManager; private final X509TrustManager fallbackTrustManager; public TrustManagerDelegate(X509TrustManager mainTrustManager, X509TrustManager fallbackTrustManager) { this.mainTrustManager = mainTrustManager; this.fallbackTrustManager = fallbackTrustManager; } @Override public void checkClientTrusted(final X509Certificate[] x509Certificates, final String authType) throws CertificateException { try { mainTrustManager.checkClientTrusted(x509Certificates, authType); } catch(CertificateException ignored) { this.fallbackTrustManager.checkClientTrusted(x509Certificates, authType); } } @Override public void checkServerTrusted(final X509Certificate[] x509Certificates, final String authType) throws CertificateException { try { mainTrustManager.

How do YOU test access control of your application?

@AllowedForAdministrator @AllowedForTerminalOrganizationOwner @DeniedForMerchant public void blockTerminal(Terminal terminal) { //business logic } @Test @RunAsUser("owner@fg.cz") public void shouldBlockTerminalAsOrganizationOwner() throws Exception { Terminal terminal = terminalManager.getTerminalById(100); assertNull(terminal.getDateBlocked()); terminalManager.blockTerminal(terminal); terminal = terminalManager.getTerminalById(100); assertNotNull(terminal.getDateBlocked()); } @Test @RunAsUser("administrator@fg.cz") public void shouldBlockTerminalAsAdministrator() throws Exception { Terminal terminal = terminalManager.getTerminalById(100); terminalManager.blockTerminal(terminal); } @Test(expected = AccessDeniedException.class) @RunAsUser("merchant@fg.cz") public void shouldFailToBlockTerminalAsMerchant() throws Exception { Terminal terminal = terminalManager.getTerminalById(100); terminalManager.blockTerminal(terminal); } @Test(expected = AccessDeniedException.class) public void shouldFailToBlockTerminalAsUnauthorized() throws Exception { Terminal terminal = terminalManager.

Combining custom annotations for securing methods with Spring Security

@PreAuthorize("principal.userObject.administrator") public void approveOrganization(Organization organization) { //... content ... } @PreAuthorize("principal.userObject.isOwnerOf(#organization.id) or principal.userObject.administrator") public void updateOrganization(Organization organization) { //... content ... } @PreAuthorize("(branch.isPartOf(organization) and principal.userObject.isManagerOf(#branch.id)) or principal.userObject.isOwnerOf(#organization.id) or principal.userObject.administrator") public void updateOrganizationBranch(Organization organization, Branch branch) { //... content ... } //and more ... example was shortened principal.userObject.administrator // means administrator with super rights is logged in principal.userObject.isOwnerOf(#organization.id) // means user that is owner of particular organization //(has super rights related to his organization) is logged in branch.

When does your Spring @Transactional attribute apply on CgLib proxies

<tx:annotation-driven proxy-target-class="true"/> <bean class="org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator"> <property name="proxyTargetClass" value="true"/> </bean> <bean class="org.springframework.transaction.interceptor.TransactionAttributeSourceAdvisor"> <property name="transactionInterceptor" ref="transactionInterceptor"/> </bean> <bean id="transactionInterceptor" class="org.springframework.transaction.interceptor.TransactionInterceptor"> <property name="transactionManager" ref="transactionManager"/> <property name="transactionAttributeSource"> <bean class="cz.novoj.business.transactionalRelover.CglibOptimizedAnnotationTransactionAttributeSource"/> </property> </bean> public class CglibOptimizedAnnotationTransactionAttributeSource extends AnnotationTransactionAttributeSource { private static final Log log = LogFactory.getLog(CglibOptimizedAnnotationTransactionAttributeSource.class); @Override protected TransactionAttribute findTransactionAttribute(Method method) { Class declaringClass = method.getDeclaringClass(); if (AopUtils.isCglibProxyClass(declaringClass)) { try { //find appropriate method on parent class Method superMethod = declaringClass.getSuperclass().getMethod(method.getName(), method.getParameterTypes()); return super.findTransactionAttribute(superMethod); } catch (Exception ex) { if(log.

Groovy - making existing objects refreshable

@SuppressWarnings({"RawUseOfParameterizedType"}) public class DevelopmentGroovyFactory implements ScriptingFactory { private static final Log log = LogFactory.getLog(DevelopmentGroovyFactory.class); private final GroovyScriptEngine engine; private final long refreshInterval; private ResourceConnector resourceConnector; private boolean closed; public DevelopmentGroovyFactory(ClassLoader parentClassLoader, String[] urls, long refreshInterval) { try { this.engine = new GroovyScriptEngine(urls, parentClassLoader); this.engine.getGroovyClassLoader().setShouldRecompile(true); this.refreshInterval = refreshInterval * 1000L; GroovyGarbageCollectorMonitor.addGroovyScriptEngineToMonitoring(engine); } catch(IOException ex) { String msg = "Invalid source urls: " + ex.getLocalizedMessage(); log.error(msg); throw new RuntimeException(msg, ex); } } public DevelopmentGroovyFactory(ClassLoader parentClassLoader, URL[] urls, long refreshInterval) { this.

The secret of Groovy script refresh

public void testReloadGroovyClass() throws Exception { //loads class, creates instance of it and calls nonparametrized method helloWorld, all references are //then stored in custom class GroovyContext GroovyContext ctx = createInstanceAndCallMethod(engine, "com.fg.mock.MainGroovyClass", "helloWorld"); //initial result of helloWorld method is following assertEquals("Hello Universe.", ctx.getGroovyResult()); //we'll change source file contents so as method returns different value modifyGroovyFile( "com/fg/mock/MainGroovyClass.groovy", "return HELLO_UNIVERSE;", "return \"Bye bye\";" ); //existing instances will remain unchanged assertEquals("Hello Universe.

Teamcity & CVS & Maven: release on server

<scm> <connection>scm:cvs:ext:anonymous@mycvsserver:/CVSRoot/groupFolder:projectX</connection> </scm> java.lang.IllegalArgumentException: Unrecognized CVS Root: :ssh:anonymous@mycvsserver:/CVSRoot/groupFolder at org.netbeans.lib.cvsclient.connection.ConnectionFactory.getConnection(ConnectionFactory.java:88) at org.apache.maven.scm.provider.cvslib.cvsjava.util.CvsConnection.connect(CvsConnection.java:158) at org.apache.maven.scm.provider.cvslib.cvsjava.util.CvsConnection.processCommand(CvsConnection.java:475) at org.apache.maven.scm.provider.cvslib.cvsjava.command.checkin.CvsJavaCheckInCommand.executeCvsCommand(CvsJavaCheckInCommand.java:55) at org.apache.maven.scm.provider.cvslib.command.checkin.AbstractCvsCheckInCommand.executeCheckInCommand(AbstractCvsCheckInCommand.java:89) at org.apache.maven.scm.command.checkin.AbstractCheckInCommand.executeCommand(AbstractCheckInCommand.java:53) at org.apache.maven.scm.command.AbstractCommand.execute(AbstractCommand.java:58) at org.apache.maven.scm.provider.cvslib.AbstractCvsScmProvider.executeCommand(AbstractCvsScmProvider.java:521) at org.apache.maven.scm.provider.cvslib.AbstractCvsScmProvider.checkin(AbstractCvsScmProvider.java:585) at org.apache.maven.scm.provider.AbstractScmProvider.checkIn(AbstractScmProvider.java:365) at org.apache.maven.shared.release.phase.ScmCommitPhase.checkin(ScmCommitPhase.java:124) at org.apache.maven.shared.release.phase.ScmCommitPhase.execute(ScmCommitPhase.java:109) at org.apache.maven.shared.release.DefaultReleaseManager.prepare(DefaultReleaseManager.java:194) at org.apache.maven.shared.release.DefaultReleaseManager.prepare(DefaultReleaseManager.java:131) at org.apache.maven.shared.release.DefaultReleaseManager.prepare(DefaultReleaseManager.java:94) at org.apache.maven.plugins.release.PrepareReleaseMojo.execute(PrepareReleaseMojo.java:136) at org.apache.maven.plugin.DefaultPluginManager.executeMojo(DefaultPluginManager.java:451) at org.apache.maven.lifecycle.DefaultLifecycleExecutor.executeGoals(DefaultLifecycleExecutor.java:558) at org.apache.maven.lifecycle.DefaultLifecycleExecutor.executeStandaloneGoal(DefaultLifecycleExecutor.java:512) at org.apache.maven.lifecycle.DefaultLifecycleExecutor.executeGoal(DefaultLifecycleExecutor.java:482) at org.apache.maven.lifecycle.DefaultLifecycleExecutor.executeGoalAndHandleFailures(DefaultLifecycleExecutor.java:330) at org.apache.maven.lifecycle.DefaultLifecycleExecutor.executeTaskSegments(DefaultLifecycleExecutor.java:227) at org.apache.maven.lifecycle.DefaultLifecycleExecutor.execute(DefaultLifecycleExecutor.java:142)

Running AJAX with jQuery in Stripes Framework

<filter> <display-name>Stripes Filter</display-name> <filter-name>StripesFilter</filter-name> <filter-class>net.sourceforge.stripes.controller.StripesFilter</filter-class> <init-param><param-name>ActionResolver.UrlFilters</param-name><param-value>WEB-INF/classes</param-value> </init-param> <init-param><param-name>LocalePicker.Locales</param-name><param-value>cs_CZ:windows-1250</param-value> </init-param> ... other configuration ... </filter> <filter> <display-name>Stripes Filter Ajax</display-name> <filter-name>StripesFilterAjax</filter-name> <filter-class>net.sourceforge.stripes.controller.StripesFilter</filter-class> <init-param><param-name>ActionResolver.UrlFilters</param-name><param-value>WEB-INF/classes</param-value> </init-param> <init-param><param-name>LocalePicker.Locales</param-name><param-value>cs_CZ:UTF-8</param-value> </init-param> ... other configuration ... </filter> <filter-mapping> <filter-name>StripesFilter</filter-name> <url-pattern>*.x</url-pattern> <dispatcher>REQUEST</dispatcher> </filter-mapping> <filter-mapping> <filter-name>StripesFilterAjax</filter-name> <url-pattern>*.ajax</url-pattern> <dispatcher>REQUEST</dispatcher> </filter-mapping> @UrlBinding("/consultation/newQuery.x") @StrictBinding public class NewQueryAction extends AbstractAction implements ValidationErrorHandler { @SpringBean protected QueryManager queryManager; @ValidateNestedProperties({ @Validate(field = "idIssue", on = "createQuery", required = true), @Validate(field = "author", on = "createQuery", required = false), @Validate(field = "idUser", on = "createQuery", required = false), @Validate(field = "title", on = "createQuery", required = true), @Validate(field = "query", on = "createQuery", required = true) }) protected Query query = new Query(); @AllowBinding protected Integer idIssue; @AllowBinding .