venerdì 29 aprile 2011
Temporary Suspension
Unfortunately I have to dedicate myself on other projects and exams, thus I planned to stop working on this project. I hope to restart soon. See ya!
mercoledì 20 aprile 2011
JPA and Many-to-Many relationships
I spent a few days in order to clearly comprehend how JPA really works. In particular I was hesitant about the relation between the User table and the Instructor/Customer tables. After generating the Entity classes from the tables using the guided procedure on Eclipse I discovered that the User entity had a many-to-many relation with Customer and a many-to-many relation with Instructor. I was not sure if it was correct and how I had to manage it, however it turned out that everything was correct and the matter was simpler than I could ever expected.
The relation was clearly many-to-many due to the connection tables user_customer and user_instructor. For this reason the User entity has a Set of Customer entity and a Set of Instructor entity in it. So accessing one of the two, after retrieving the User from the DB using the email as PK, was quite a joke:
User user = em.find(User.class, email);
Customer customer = user.getCustomers().iterator().next();
Et voilà! I have my Customer entity ready for use.
Here are some useful links on the subject:
http://www.giuseppesicari.it/articoli/jpa-java-persistence-api/
http://en.wikibooks.org/wiki/Java_Persistence/Relationships
http://www.oracle.com/technetwork/articles/javaee/jpa-137156.html
The relation was clearly many-to-many due to the connection tables user_customer and user_instructor. For this reason the User entity has a Set of Customer entity and a Set of Instructor entity in it. So accessing one of the two, after retrieving the User from the DB using the email as PK, was quite a joke:
User user = em.find(User.class, email);
Customer customer = user.getCustomers().iterator().next();
Et voilà! I have my Customer entity ready for use.
Here are some useful links on the subject:
http://www.giuseppesicari.it/articoli/jpa-java-persistence-api/
http://en.wikibooks.org/wiki/Java_Persistence/Relationships
http://www.oracle.com/technetwork/articles/javaee/jpa-137156.html
domenica 17 aprile 2011
domain.xml damaged
Unfortunately today I went straight into an unexpected blackout. I didn't lost anything because I used to save my work very often, however when I switched back on my PC I discovered that Glassfish was not working anymore. By double-clicking on the Glassfish server in the Servers tab of Eclipse I discovered that the Server Port Number and Admin Server Port Number parameters were setted to the wrong values (8080111 and 4848111 respectively instead of 8080 and 4848). Trying to launch Glassfish I always received an error message, which was obviously that 8080111 was not a valid port in the range 1 - 65536. After an hour of investigation I discovered that the domain.xml file inside the glassfish/domains/domain1/config folder was completely corrupted. Luckily in the same folder there was a backup file called domain.xml.bak, so I just copy-paste the content inside the original file and everything worked again.
venerdì 8 aprile 2011
JDBC Realm in Glassfish
Following the Java EE 6 Tutorial I discovered how to secure the Application Server.
In particular I need an authentication mechanism for identify the users and give access to specific resources. In my project there are 3 kinds of users: customers, instructors and the agency (or the admin/superuser in this case). This means that we have 3 different roles with different privileges. The declaration of a role is defined in the web.xml file, in the following way:
<security-role>
<description>User role</description>
<role-name>USER</role-name>
</security-role>
The mapping between users and roles is specified in the sun-web.xml file, as following:
<security-role-mapping>
<role-name>USER</role-name>
<group-name>customer</group-name>
</security-role-mapping>
For my requirements the better solution is to configure a realm, which is a complete database of users and groups that identify valid users of a web application and are controlled by the same authentication
policy. Configuring a JDBC Realm on Glassfish is pretty simple. I followed this link, which is a bit old, but is suitable for our purposes. In the administration console of Glassfish we have to go on Configurations, Security and Realms, then we can add a new Realm.
These are the values of my SnowInstructionsRealm:
Realm Name: SnowInstructionsRealm
Class Name: com.sun.enterprise.security.auth.realm.jdbc.JDBCRealm
JAAS Context: jdbcRealm
JNDI: jdbc/snowinstructions
User Table: user
User Name Column: email
Password Column: password
Group Table: user
Group Name Column: groupid
Digest Algorithm: none
It's important to note that the credentials of users and the corresponding role are saved inside the same table (user). Also each user can be mapped only to one group (which are agency, instructor, customer), which is the better choice in this case. Moreover the password are stored in clear inside the database (Digest Algorithm is set to none) in order to simplify the project in the initial phases. Maybe before the final deliver I will add the MD5 support. If you don't insert any value this option will be the default one.
In particular I need an authentication mechanism for identify the users and give access to specific resources. In my project there are 3 kinds of users: customers, instructors and the agency (or the admin/superuser in this case). This means that we have 3 different roles with different privileges. The declaration of a role is defined in the web.xml file, in the following way:
<security-role>
<description>User role</description>
<role-name>USER</role-name>
</security-role>
The mapping between users and roles is specified in the sun-web.xml file, as following:
<security-role-mapping>
<role-name>USER</role-name>
<group-name>customer</group-name>
</security-role-mapping>
For my requirements the better solution is to configure a realm, which is a complete database of users and groups that identify valid users of a web application and are controlled by the same authentication
policy. Configuring a JDBC Realm on Glassfish is pretty simple. I followed this link, which is a bit old, but is suitable for our purposes. In the administration console of Glassfish we have to go on Configurations, Security and Realms, then we can add a new Realm.
These are the values of my SnowInstructionsRealm:
Realm Name: SnowInstructionsRealm
Class Name: com.sun.enterprise.security.auth.realm.jdbc.JDBCRealm
JAAS Context: jdbcRealm
JNDI: jdbc/snowinstructions
User Table: user
User Name Column: email
Password Column: password
Group Table: user
Group Name Column: groupid
Digest Algorithm: none
It's important to note that the credentials of users and the corresponding role are saved inside the same table (user). Also each user can be mapped only to one group (which are agency, instructor, customer), which is the better choice in this case. Moreover the password are stored in clear inside the database (Digest Algorithm is set to none) in order to simplify the project in the initial phases. Maybe before the final deliver I will add the MD5 support. If you don't insert any value this option will be the default one.
Iscriviti a:
Post (Atom)