Ok, we secured our JSF web application by using a JSF form. The user information is still stored in a flat text file. But as stated before, your application server provides more. This lesson, we move forward to GlassFish’s JDBCRealm, which allows you to store the user information within the database. Continue reading “Tutorial web development (with JSF) XV – Security with JDBCRealm”
Author: Michael Müller
Review list updated
I just updated the list of my reviews [1]. And added a new review about “The Art of unit Testing” (Ger) [2].
Do you like an English translation?
[1] http://it-rezension.de/
[2] http://it-rezension.de/Books/review.xhtml?reviewId=25
CDI issue using GlassFish 4
Within a web application, you often need a state to create a session lifecycle. You may create a CDI named been with session scope, to keep track of some user data. Suppose, you have a JSF application. Assigned to your pages you might use named beans with request scope. If you need some session-wide info, you can use CDI:
@inject SessionBean mySessionBean
I moved an application which ran without known problems on GlassFish 3 to GlassFish 4. Everything worked fine, as long as I tested the app for myself. But using this app concurrent with other users, sometimes the app showed me a session timeout, could not restore a conversation or, in one case, showed me data of a concurrent user. It seemed, a SessionBean object of a different user had been injected to the request bean assigned to my request. Continue reading “CDI issue using GlassFish 4”
WebSite key-figures
Since beginning of 2012, I track visits of my web site to generate some anonymous statistics. This is done by using Piwik on my local server. To keep your privacy, only shortened IP addresses are recorded by this tracking system.
I’m going to present some key-figures, which might be interesting to know about. My blog is almost about computer science, especially web development. Developers may prefer other systems and devices than users with different interests. Thus, these key-figures cannot be generalized. They only represent data about visitors of my blog. Continue reading “WebSite key-figures”
Tutorial web development (with JSF) XIV – Security Part III
Now, after we’ve addressed basic log-in with simple file realm, I want to move on by exchanging the authentication method. Remember, this tutorial is about web development with JavaServer Faces. All I showed for container based security so far, is technology entirely independent from JSF. Same applies to simple form log-in. But, it’s possible to embed this into some JSF techniques. And, further on, using programmatic log-in, this is done by the use of JSF. Continue reading “Tutorial web development (with JSF) XIV – Security Part III”
Tutorial web development (with JSF) XIII – Security Part II
In this part of the security trail, we start with Basic Authentication and fileRealm. For some basic background information, please refer to the former part.
To secure the TinyCalutor, we need to add a security constraint to web.xml. Continue reading “Tutorial web development (with JSF) XIII – Security Part II”
NetBeans enhancements
I suggested some NetBeans enhancements. If you like such features too, please vote for them:
- Test code usually is separated from productive code, e.g. by usage of two folders like java/main and java/test. It is common to place test in the same packages as the code under test. In NetBeans, project tree, there are two branches, Source Packages and Test Packages. By a common convention, tests are named like the class to be tested with a postfix of Test, e. g. MyClass and MyClassTest The suggestion is to display a third branch Logical Packages, which is a merged view. Thus, a test are displayed next to the classes to be tested. [Task #239800]
- When renaming a class, NetBeans offers the option to rename the test too. The suggestion is to offer a similar feature whilst renaming a package. [Task #240025]
- When you write java code and refer a non-existent method, NetBeans offers a create method feature. When you edit a JSF page, NetBeans alerts missing property or missing method. I recommended to offer a create feature too. [Task #239818]
Tutorial web development (with JSF) XII – Security Part I
Sometimes it is crucial to protect an application or data against unauthorized access. Although there is no need to secure my tiny calculator, I’m going to demonstrate the principals of container based security by using this small app. For a description of the project, please refer to Tutorial web development (with JSF) III: Basic arithmetics.
Container provided security is not specific to JSF. It’s part of the HTTP handling and might be used by a simple servlet too. But later on, I’m going to show you, how to integrate this into a JSF application by using programmatic access. But, first of all, some background. Continue reading “Tutorial web development (with JSF) XII – Security Part I”
NetCAT 8 started today
The NetBeans Community Acceptance Testing program (NetCAT) for the upcoming version 8.0 started today. Join this program and help to improve this great IDE.
Read about this program on the NetCAT site [1].
Signing up for this program is nothing more than simply filling a small web form [2]. It’s recommended to subscribe to the NetCAT mailing list. A link is provided at the end of registration.
[1] wiki.netbeans.org/NetCAT
[2] services.netbeans.org/dashboard/web/netcat_signup.php
GlassFish 4 and UTF-8
Do you build web applications with JSF and GlassFish? And do you need to process inputs with characters which are coded with multi-bytes using UTF-8, e.g. German Umlauts? You might have recognized a strange behavior if you use GlassFish 4.
Now, let’s check for the problem by building a simple application. With NetBeans, simply choose New Project, Java Web, Web Application. Add JSF as framework. If you need detailed information how to create a web application with NetBeans, please take a look into my JSF tutorial. Continue reading “GlassFish 4 and UTF-8”