Enterprise Architecture & Integration, SOA, ESB, Web Services & Cloud Integration

Enterprise Architecture & Integration, SOA, ESB, Web Services & Cloud Integration

Thursday, 6 November 2014

Tomcat authentication using Remote Address Filter / Remote Address Valve



Remote Address Filer or Remote Address Valve lets you to check the remote machine IP address and decide whether to allow or deny access. This is really useful when you want to enforce system to system authentication. Filter is nothing but an interceptor which will be used by Tomcat server to check if remote server can access the application. For more information, you can check the original documentation at http://tomcat.apache.org/tomcat-7.0-doc/config/valve.html#Remote_Address_Filter. In this post, I am trying to explain the power of regular expressions in configuring IP addresses in allow or deny attribute.

 1. A sample valve configuration that allows access only to localhost is:
<Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="127.0.0.1"/>

2. The "allow" attribute can take comma separated values to support configuring more than one remote IP address. This is useful when you have a few IP addresses. If you need to configure a big list of IP addresses, this is going to be tough for you. In this case, you can configure the filter with wild card character to allow (or deny) multiple IP addresses. Sample is as below:

<Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="10.110.156.*"/>
The above will allow from 10.110.156.0 to 10.110.156.255.

3. Alternatively, Tomcat server allows you to use regular expression to have fine control on the way IP addresses are being configured. Look at the below examples:

<Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="10\.110\.156\.\d{1,3}"/>
The above will allow IP addresses from 10.110.156.0 to 10.110.156.999. This is almost similar to output of wildcard example shown above.

4. You may want to still fine tune the values.
<Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="10\.110\.156\.[1-2][0-9]"/>
The above will allow IP addresses from 10.110.156.10 to 10.110.156.29 only.

So it is really up to how you write regular expression to achieve proper filtering of IP addresses. This link http://docs.oracle.com/javase/7/docs/api/java/util/regex/Pattern.html can provide more detailed information on regular expressions.

Happy securing tomcat server!


Posted by at No comments:
Labels: ,

Friday, 19 September 2014

Apache Camel - Failed to resolve endpoint: smtps://smtp.gmail.com:465

Problem:

While routing incoming JMS message to send mail using "smtps", camel is spitting this error:

Caused by: org.apache.camel.ResolveEndpointFailedException: Failed to resolve endpoint: smtps://smtp.gmail.com:465?debugMode=true&password=bbb&username=aaa%40gmail.com due to: No component found with scheme: smtps
    at org.apache.camel.impl.DefaultCamelContext.getEndpoint(DefaultCamelContext.java:534)
    at org.apache.camel.util.CamelContextHelper.getMandatoryEndpoint(CamelContextHelper.java:63)
    at org.apache.camel.model.RouteDefinition.resolveEndpoint(RouteDefinition.java:192)
    at org.apache.camel.impl.DefaultRouteContext.resolveEndpoint(DefaultRouteContext.java:106)
    at org.apache.camel.impl.DefaultRouteContext.resolveEndpoint(DefaultRouteContext.java:112)
    at org.apache.camel.model.SendDefinition.resolveEndpoint(SendDefinition.java:61)
    at org.apache.camel.model.SendDefinition.createProcessor(SendDefinition.java:55)
    at org.apache.camel.model.ProcessorDefinition.makeProcessor(ProcessorDefinition.java:500)
    at org.apache.camel.model.ProcessorDefinition.addRoutes(ProcessorDefinition.java:213)
    at org.apache.camel.model.RouteDefinition.addRoutes(RouteDefinition.java:909)
    ... 18 more

Camel configuration:
 
<bean id="myNotificationListener" class="MyNotificationListener"/>
  
<camel:camelContext xmlns="http://camel.apache.org/schema/spring">
   <route id="sendmailnotification">
      <from uri="activemq:queue:AuditQueue"/>
      <bean ref="myNotificationListener" method="onMessage"/>
      <setHeader headerName="subject">
        <constant>new incident reported</constant>
      </setHeader>
      <removeHeader headerName="JMSTimestamp">
      </removeHeader>
      <to uri="smtps://smtp.gmail.com:465?username=aaa@gmail.com&amp;password=bbb&amp;debugMode=true"/>
    </route>



Solution:
Please add camel-mail.jar and mail.jar to your classpath
Posted by at No comments:
Labels: , , , ,

Unable to locate Spring NamespaceHandler for XML schema namespace [http://camel.apache.org/schema/spring]

Problem:
Exception in thread "main" org.springframework.beans.factory.parsing.BeanDefinitionParsingException: Configuration problem: Unable to locate Spring NamespaceHandler for XML schema namespace [http://camel.apache.org/schema/spring]
Offending resource: class path resource [camel-context.xml]


Solution:
Very simple: Add camel-spring.jar to classpath





Posted by at No comments:
Labels: , , , , ,

Tuesday, 29 April 2014

How to access OracleConnection in Tomcat server

If you ever want to access underlying Oracle Connection in an application deployed in Tomcat server, you can use the following simple code.

try{
 java.sql.Connection connection = ConnectionManager.getConnection();
 OracleConnection ocn = connection.unwrap( OracleConnection.class );       
 XMLType xmlReq = new XMLType(ocn, rxml);
 ...
 ...
 ...

}catch(Exception e){
 e.printStackTrace();
}


For more documentation, please read http://docs.oracle.com/javase/6/docs/api/java/sql/Wrapper.html#unwrap(java.lang.Class)

Hope this tip is useful to you.
Posted by at No comments:
Labels: , , ,

Tuesday, 25 March 2014

How to access oracle.jdbc.OracleCallableStatement object in JBoss or Tomcat servers

Though it may not be advisable to directly work on the underlying vendor specific API such as oracle.jdbc.OracleCallableStatement, how would do you access it when situation arises.

Use the below snippet for a JBoss deployed application:
public static OracleCallableStatement getOracleCallableStatement(java.sql.CallableStatement callableStatement) throws SQLException {
     OracleCallableStatement ocs = null;
if(callableStatement instanceof org.jboss.resource.adapter.jdbc.WrappedCallableStatement) {
            org.jboss.resource.adapter.jdbc.WrappedCallableStatement wc = (org.jboss.resource.adapter.jdbc.WrappedCallableStatement) callableStatement;
            Statement stmt = wc.getUnderlyingStatement();
            ocs = (OracleCallableStatement) stmt;
        }
       return ocs;
}

For java doc, please read http://docs.jboss.org/jbossas/javadoc/4.0.2/org/jboss/resource/adapter/jdbc/WrappedCallableStatement.html


Use the below snippet for a Tomcat deployed application:
public static OracleCallableStatement getOracleCallableStatement(java.sql.CallableStatement callableStatement) throws SQLException {
     OracleCallableStatement ocs = null;

if( callableStatement instanceof org.apache.tomcat.dbcp.dbcp.DelegatingCallableStatement) {
            org.apache.tomcat.dbcp.dbcp.DelegatingCallableStatement dcs = (org.apache.tomcat.dbcp.dbcp.DelegatingCallableStatement) callableStatement;
            ocs = (OracleCallableStatement)dcs.getInnermostDelegate();
        } 
       return ocs;
}


Hope this is useful. Let me know if comments.



Posted by at 6 comments:
Labels: , , , , ,
Subscribe to: Posts (Atom)