Authorization-constraint imposes authentication

Today I came along a strange problem in Geronimo: I wanted to grant access to everyone (even to those who are not logged in) to a URL which is protected by a <security-constraint>. So I defined a <default-principal> in my geronimo-web.xml and assigned this user to my role which is required to access the URL. To my surprise the login form appeared every time I tried to access the URL.

After some research in the net I found the Geronimo bug 2564 which describes my problem pretty precise. I also found the blog entry Inconsistency between Servlet specification implementations which reveals different implementations of the security part of J2EE. In a foil about J2EE security I spotted the following phrase which would explain my problems:

Authorization-constraint imposes authentication
So I removed the <security-constraint> from my URL and accepted that J2EE (or its implementations?) are not perfect in every way...

Install Eclipse and WTP

A working development environment is really important for every developer because it highly speeds up your building time and helps you to avoid failures. I personally use Eclipse and the Web Tools Project Plugin for my daily development for Geronimo. I'll show you how to install and configure the following products:

Eclipse Web Tools

Download the "All-in-one" package for your operating system from the download page of the Eclipse Web Tools and extract the downloaded archive to any folder you want. Under Linux I prefer to keep the applications I downloaded by myself under ~/applications. So my Eclipse is located under ~/applications/eclipse.

While you're downloading the archive create a folder to save your projects (e.g. ~/workspace). Launch now Eclipse by executing the binary inside the eclipse folder. Point the appearing dialog to the folder you've just created and press "OK". Close the welcome tab by pressing the cross in the left upper corner.





Geronimo Eclipse Plugin

Select now "Window / Open Perspective / Other..." from the menu bar and choose "J2EE" from the list. Open the wizard to define a new server by selecting "File / New / Other...", filtering for "server" and clicking "Next >". Click on the link named "Don't see your server listed? Click here", select "Geronimo v1.1", click "Next >" and accept the appearing license by clicking "Finish".

Confirm the dialog with "OK", wait until the download is complete and click then "Yes". Eclipse restarts and you need to launch the wizard again by selecting "File / New / Other..." from the menu bar and find the server wizard by using the filter. Click "Next >" and select "Apache Geronimo v1.1 Server" from the group "Apache". Click again "Next >", fill out the "Application Server Installation Directory" and click "Finish".

The server appears now in the view part labeled "Servers" and you should be able to run it by clicking on the button "Start the Server".

If you changed the default user ID or password of Geronimo (system/manager) you can set them by double-clicking on the server and alter the security settings.

Some thoughts about the future of Geronimo

Geronimo is great because it's free and and open source. Now that Sun has open sourced Java and Glassfish there are some new points in the application server fight. Glassfish was actually announced to be open source before but now it will be available under the GPL. Is Geronimo still needed? Geronimo is still J2EE 1.4 and there seems to be a lot of development to be done to make Geronimo Java EE 5 compatible. Glassfish is already on the level of Java EE 5.

A thing I like at the moment more on Geronimo over Glassfish is it's simple installation. But I think we will see some improvements in the future. And since Glassfish will be included in Ubuntu the installation on Linux systems becomes hopefully really easy.

The question is, if there are still any reasons to use Geronimo in the future since Glassfish exists and will become productive ready soon? Is the market great enough for three (JBoss is also still here) open source servers?

AJAX, Unicode and Java

As you might already noticed I'm actually busy in using JavaScript. That's mainly because I develop an AJAX application based on J2EE. To simplify my work with JavaScript I use the library mootools which is a great facilitation over plain JavaScript, especially if you'd like to to your stuff object oriented.

By using the library I came around a strange problem with unicode handling. My application was written completely in UTF-8 but as soon as I sent data over AJAX to the server it didn't get handled correctly.

After some search I came across the solution: simply add the following line of to the top of your Servlet to let it know the POST data is UTF-8 encoded.

public class ChatServlet extends javax.servlet.http.HttpServlet implements
javax.servlet.Servlet {

protected void doPost(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {
request.setCharacterEncoding("UTF-8");
}
}

Log to Firefox console

You can log to the Firefox console by using the method "dump" in javascript. To enable this feature in Firefox type in about:config in the address bar and create there a new boolean entry with the name "browser.dom.window.dump.enabled" and the value "true".

Now start Firefox from the command line by entering "firefox -console". All messages passed to dump() will be printed on the command line.

To automatically add a timestamp to your messages and avoid error messages in other browsers I've created this little function:

function log(message) {
if(window.dump) {
var date = new Date();
var hours = date.getHours();
if(hours < 10) hours = "0" + hours;
var minutes = date.getMinutes();
if(minutes < 10) minutes = "0" + minutes;
var seconds = date.getSeconds();
if(seconds < 10) seconds = "0" + seconds;
dump(hours + ":" + minutes + ":" + seconds + " - someapp: " + message + "\n");
}
}

Custom database pool

If you (like me) can't download the driver thought the console of Geronimo because you're behind a proxy then use the following steps to deploy your own database driver into Geronimo:

  1. Download the JDBC driver from your vendor (e.g. the MySQL JDBC Driver).
  2. Create a new folder inside the Geronimo repository folder named after the database vedor (e.g. mysql).
  3. Create another folder with a description of the driver as name (e.g. mysql-connector-java).
  4. Create a third folder with the version number as name (e.g. 3.1.12).
  5. Now put the jar into the last created folder and name him after this structure: $description-$version.jar (e.g. mysql-connector-java-3.1.12.jar). Keep in mind that the description and the version number of the file name must match it's parent folders.
After this five steps your repository should look as followed:



As the driver is now available inside Geronimo start the server and browse to the console (http://localhost:8080/console/). Enter your user name and password (defaults are system/manager) and select the link "Services / Database Pools" from the console navigation.



Create now a new database pool by using the database pool wizard. Enter a name for your pool and select your database type (e.g. MySQL) and click "Next". The new database driver you just added should be available as "Driver JAR". Select it, provide the other required settings like authentication information and server name and click again on "Next". To finish the wizard click "Skip Test and Deploy".

Welcome to J2EE on Geronimo

I'd like to share some thoughts and experiences about developing J2EE applications for Apache Geronimo.

Copyright © 2008 - J2EE on Geronimo - is proudly powered by Blogger
Smashing Magazine - Design Disease - Blog and Web - Dilectio Blogger Template