Posts

Showing posts from 2012

Creating Spring Boot MVC application with AWS DynamoDB in 10 mins

Image
AWS DynamoDB DB is a serverless NOSQL database. You can understand how to build a spring boot Java web MVC application (Game Leaderboard) reading a AWS DynamoDB in 10 mins. Source of the demo code: https://github.com/babysteps-topro/spring-mvc-dynamodb Command to run the project: mvn spring-boot:run Video explain the table design: https://youtu.be/V0GtrBfY7XM Prerequisite: Install the AWS CLI: https://youtu.be/pE-Q_4YXlR0 Video explain the how to create the table: https://youtu.be/sBZIVLlmpxY

Lightweight Web Application Framework : PrimeFaces (JSF) + Guice + MyBatis (PART1)

Recently, my friend asks me how to build a lightweight java web application. Many Java web developer would choose Spring and hibernate to build a traditional web application. However, it may not be lightweight enough. I suggested him try to use Guice and MyBatis to build the application framework. Although Spring is more feature-riched than Guice, I admitted that Guice is more lightweight and easier to use. MyBatis is also a lightweight SQL map framework. It can integrate with Guice framework very well. Here, I will try to set up a simple web application with PrimeFaces, Guice and MyBatis. I hope that my friend could learn how to do it. :) Using MyFaces and PrimeFaces in presentation layer. Integrate MyFaces and PrimeFaces is simple. Just simply get the JARS file from MyFaces website and PrimeFaces website . For MyFaces, just add the following sample configuration into your web.xml. <display-name>TestGuice</display-name> <context-param> <param-name&g

Session Timeout Handling on JSF AJAX request

When we develop JSF application with AJAX behaviour, we may experience the problem in handling timeout scenario of Ajax request. For example, if you are using J2EE Form-based authentication, a normal request should be redirected to the login page after session timeout. However, if your request is AJAX, the response could not be treated properly on the client-side. User will remain on the same page and does not aware that the session is expired. Many people proposed solution for this issue. The followings are two of possible solutions involve the use of Spring security framework: 1. Oleg Varaksin's post 2. Spring Security 3 and ICEfaces 3 Tutorial Yet, some applications may just using simple mechanism to stored their authentication and authorization information in session. For those application that is not using Spring Security framework, how can they handle such problem? I just modified the solution proposed by Oleg Varaksin a bit as my reference. First, create a simple s

Accessing Weblogic Embedded LDAP programmatically by Spring LDAP module

Image
Oracle Weblogic Application Server includes an embedded LDAP server which acts as the default security provider data store. There are few methods to access the embedded LDAP server. Oracle Weblogic provides an administration console for user to access it. We can create user, create group or edit detail through this administration console. We could also access the embedded LDAP programmatically. Using WLST ( Weblogic Scripting tool ) is a standard way to do it but you need have knowledge of Jython programming. Alternatively, if you want to access by Java language, you can access the Weblogic MBeans directly. However, this is not an easy task. You can see this link for more detail. In this article, I will show you an alternative way to access the Weblogic Embedded LDAP programmatically with Spring-LDAP. If you are acquainted with Spring, you may find this method quite easy and useful. In the following example, we do simple operation like search user, create user and add user to grou

Writing your spring security expression language annotation - PART 3

In the last part of tutorial, I will discuss how to override the behaviour of defualt spring security method expression. You may wonder why I need to override the default behaviour of these methods. The reason behind is that, in recent development project, we are reviewing the developer's code and we hope to maintain a standard coding practice. We find that the default method expression is too flexible. In our case, under similar coding scenario, some developers use hasRole() for security checking while other developers using hasPermission() for security checking. In order to keep the maintainability of the program, we thus have an idea to disallow developer to use certain secruity method expression. That's why we have the crazy idea of overriding the default behaviour of these methods. (This may not be a good idea :P. But anyway, we have implement it :D) In this example, I simply show how to override the default behaviour of hasRole() method. You can not do this by override

Writing your spring security expression language annotation - PART 2

We are now going into the second part of the tutorial. In this post, it will show you how to add a new custom expression for @PreAuthorize annotation. For example, I will show how to add a adminOnly() expression language to the security expression root. Step 1: Define your custom security expression root class You have to first create a new security expression root class. This class should be extended from the abstract class org.springframework.security.access.expression.SecurityExpressionRoot. You can add your custom This class is similar to org.springframework.security.access.expression.method.MethodSecurityExpressionRoot but with your new custom method added. As an example, I just add a very simple mehod adminOnly() which check if the user has admin role. public class MyMethodSecurityExpressionRoot extends SecurityExpressionRoot { private static Logger logger = LoggerFactory.getLogger(MyMethodSecurityExpressionRoot.class); private Object filterObject; priva

Writing your spring security expression language annotation - PART 1

Spring security expression language is very useful. It helps to secure your service/web methods with one line of code. It supports @PreAuthorize and @Secured. In the coming three posts, I will talk about how to add custom behaviour to the @PreAuthorize annotation. Part 1 - Customize "hasPermission()" expression Part 2 - Add new customize method security expression Part 3 - Override default behaviour of spring security expression (e.g. hasRole() , permitAll() ...) In this post, I will discuss how to add custom rule for permission checking in your application. This is somewhat similar to what describe in Sold Craft's post . You can reference it for more details. Step 1: Add configuration in your spring security xml file. You should first add the DefaultMethodSecurityExpressionHandler. It will instantiate a default MethodSecurityExpressionRoot which provides you all the default security expression (e.g. isAutghenticated(), isAnonymous() ,etc ) . Besides, you ha

Adding Hibernate native SQL features into your Spring Data Repository

JPA provides @NamedNativeQuery for you to use native SQL. However, the usage is not so convenient, especially when you need to map multiple entities in your native SQL. You have to define a set of SqlResultSetMapping mapping which is quite error prone. For those who have used Hibernate native SQL features before, you will find that it is much more easier to use than JPA's @NamedNativeQuery. In recent projects, I am using Spring Data JPA. I have added hibernate native query features to my Spring Data base repostory. You can now perform native query in JPA without SqlResultSetMapping. 1. Add you cusomt annotation @NativeQueries and @NativeQuery @Target(ElementType.TYPE) @Retention(RetentionPolicy.RUNTIME) public @interface NativeQueries { NativeQuery[] queries() default {}; } @Retention(RetentionPolicy.RUNTIME) public @interface NativeQuery { String name() default ""; String sql() default ""; } 2. Add the method "queryNatively" in base Spri

Inject SLF4J logger by annotation

Actually, the following class is not written by me. It is written my colleage. I know he is referencing from another post from Java Geeks . I found this is quite handy so I put it here as a reference. The main idea is make use of the BeanPostProcessors interface. We first create an "LoggableInjector" class which implement the BeanPostProcessors interface. This injector class gets the SLF4J logger and assign to the beans property after the bean creation by the Spring IOC continaer. 1. Create Loggable annotation @Retention(RetentionPolicy.RUNTIME) @Target(ElementType.FIELD) @Documented public @interface Loggable { //for slf4j } 2. Create LoggableInjector class to add logger to the bean @Component public class LoggableInjector implements BeanPostProcessor { public Object postProcessAfterInitialization(Object bean, String beanName) throws BeansException { return bean; } public Object postProcessBeforeInitialization(final Object bean, Str

Adding Hibernate Entity Level Filtering feature to Spring Data JPA Repository

Those who have used data filtering features of hibernate should know that it is very powerful. You could define a set of filtering criteria to an entity class or a collection. Spring data JPA is a very handy library but it does not have fitering features. In this post, I will demonstrate how to add the hibernate filter features at entity level. We can just use annotation in your repositoy interface to enable this features. Step 1. Define filter at entity level as usual. Just use hibernate @FilterDef annotation. @Entity @Table(name = "STUDENT") @FilterDef(name="filterBySchoolAndClass", parameters={@ParamDef(name="school", type="string"),@ParamDef(name="class", type="integer")}) public class Student extends GenericEntity implements Serializable { ... } Step2. Define two custom annotations. These two annotations are to be used in your repository interfaces. You could apply the hibernate filter defined in step 1 to spe

Customizing Spring Data JPA Repository

Spring Data is a very convenient library. However, as the project as quite new, it is not well featured. By default, Spring Data JPA will provide implementation of the DAO based on SimpleJpaRepository. In recent project, I have developed a customize repository base class so that I could add more features on it. You could add vendor specific features to this repository base class as you like. Configuration You have to add the following configuration to you spring beans configuration file. You have to specified a new repository factory class. We will develop the class later. <jpa:repositories base-package="example.borislam.dao" factory-class="example.borislam.data.springData.DefaultRepositoryFactoryBean/> Just develop an interface extending JpaRepository. You should remember to annotate it with @NoRepositoryBean. @NoRepositoryBean public interface GenericRepository <T, ID extends Serializable> extends JpaRepository<T, ID> { } Define

Welcome to Programming Peacefully!

I am an information technology professional from Hong Kong. In Hong Kong, it is so ridiculous that many IT professionals do not like programming. I had even heard that some analyst programmers said that they "hate" programming. Many of them will go to the area of project management and their technical skills may become outdated.  I keep this blog just want to share some of my experience in software development and to exchange knowledge from technology lovers all over the world. If you think that my programme is written badly, please feel free to comment on it. I always want to get improvement on my technical skills :). Apart from programming, I also love music. I like to play a musical instrument called "Ukulele". If you are interest in it, we can also share something about ukulele in this blog. :)