Skip to main content

Home/ SoftwareEngineering/ Group items tagged Java

Rss Feed Group items tagged

Filter: All | Bookmarks | Topics Simple Middle
kuni katsuya

Java Persistence/Auditing and Security - Wikibooks, open books for an open world - 0 views

en.wikibooks.org/...Auditing_and_Security

jpa auditing security

shared by kuni katsuya on 25 Jul 12 - No Cached
  • Use a common database user id, and manage auditing and security in the application
  • managed in the application by having an application user, and a single shared database user
  • adding a AUDIT_USER and AUDIT_TIMESTAMP column to all of the audited tables and auditUser and auditTimestamp field to all of the audited objects
  • ...5 more annotations...
  • When the application inserts or updates an object, it will set these fields and they will be stored in the database. JPA events could also be used to record the audit information, or to write to a separate audit table.
  • Example AuditedObject class
  • @MappedSuperclass public Class AuditedObject {
  • @Column("AUDIT_USER"); protected String auditUser; @Column("AUDIT_TIMESTAMP"); protected Calendar auditTimestamp;
  • @PrePersist @PreUpdate public void updateAuditInfo() { setAuditUser((String)AuditedObject.currentUser.get()); setAuditTimestamp(Calendar.getInstance()); }
  • kuni katsuya on 25 Jul 12
     
    Use a common database user id, and manage auditing and security in the application
kuni katsuya

MySQL :: MySQL 5.1 Reference Manual :: 21.3.5.1 Driver/Datasource Class Names, URL Synt... - 0 views

dev.mysql.com/...-configuration-properties.html

mysql jdbc configuration

shared by kuni katsuya on 17 Jul 12 - Cached
  • The name of the class that implements java.sql.Driver in MySQL Connector/J is com.mysql.jdbc.Driver
  • JDBC URL Format The JDBC URL format for MySQL Connector/J is as follows, with items in square brackets ([, ]) being optional: jdbc:mysql://[host][,failoverhost...][:port]/[database] » [?propertyName1][=propertyValue1][&propertyName2][=propertyValue2]... If the host name is not specified, it defaults to 127.0.0.1. If the port is not specified, it defaults to 3306, the default port number for MySQL servers. jdbc:mysql://[host:port],[host:port].../[database] » [?propertyName1][=propertyValue1][&propertyName2][=propertyValue2]... Here is a sample connection URL: jdbc:mysql://localhost:3306/sakila?profileSQL=true
  • Initial Database for Connection If the database is not specified, the connection is made with no default database
  • ...2 more annotations...
  • fully specify table names using the database name (that is, SELECT dbname.tablename.colname FROM dbname.tablename...) in your SQL
  • work with multiple databases
    • kuni katsuya
      kuni katsuya on 17 Jul 12
       
      including cross database joins
kuni katsuya

Java Persistence/Runtime - Wikibooks, open books for an open world - 0 views

en.wikibooks.org/...Runtime

jpa runtime javaee javaee6 SessionBean injection EntityManager

shared by kuni katsuya on 17 Jul 12 - No Cached
  • In JEE the EntityManager or EntityManagerFactory can
  • injected into a SessionBean
  • A managed EntityManager should never be closed, and integrates with JTA transactions
  • ...3 more annotations...
  • Example of injecting an EntityManager and EntityManagerFactory in a SessionBean
  • @Stateless
  • @PersistenceContext(unitName="acme") private EntityManager entityManager;
kuni katsuya

Spring Security - Features - 0 views

static.springsource.org/...features.html

Java security SpringSecurity

shared by kuni katsuya on 09 Aug 12 - Cached
  • Domain object instance security: In many applications it's desirable to define Access Control Lists (ACLs) for individual domain object instances. We provide a comprehensive ACL package with features including integer bit masking, permission inheritance (including blocking), an optimized JDBC-backed ACL repository, caching and a pluggable, interface-driven design.
  • OpenID Support: the web's emerging single sign-on standard (supported by Google, IBM, Sun, Yahoo and others) is also supported in Spring Security
  • Easy integration with existing databases: Our implementations have been designed to make it easy to use your existing authentication schema and data (without modification). Of course, you can also provide your own Data Access Object if you wish. Password encoding: Of course, passwords in your authentication repository need not be in plain text. We support both SHA and MD5 encoding, and also pluggable "salt" providers to maximise password security.
  • ...5 more annotations...
  • Caching: Spring Security optionally integrates with Spring's Ehcache factory. This flexibility means your database (or other authentication repository) is not repeatedly queried for authentication information when using Spring Security with stateless applications.
  • Run-as replacement: The system fully supports temporarily replacing the authenticated principal for the duration of the web request or bean invocation. This enables you to build public-facing object tiers with different security configurations than your backend objects.
  • Tag library support: Your JSP files can use our taglib to ensure that protected content like links and messages are only displayed to users holding the appropriate granted authorities. The taglib also fully integrates with Spring Security's ACL services, and obtaining extra information about the logged-in principal.
  • User Provisioning APIs: Support for groups, hierarchical roles and a user management API, which all combine to reduce development time and significantly improve system administration.
  • Enterprise-wide single sign on using CAS 3: Spring Security integrates with JA-SIG's open source Central Authentication Service (CAS)
kuni katsuya

Appendix C. Spring Security Dependencies - 0 views

static.springsource.org/...appendix-dependencies.html

java security SpringSecurity dependencies

shared by kuni katsuya on 09 Aug 12 - No Cached
  • Spring Security Dependencies
  • This appendix provides a reference of the modules in Spring Security and the additional dependencies that they require in order to function in a running application
  • C.1 spring-security-coreThe core module must be included in any project using Spring Security.
  • ...8 more annotations...
  • DependencyVersionDescriptionaopalliance1.0Required for method security implementation.
  • spring-aop Method security is based on Spring AOP
  • spring-beans Required for Spring configuration
  • spring-expression Required for expression-based method security (optional)
  • spring-jdbc Required if using a database to store user data (optional).
  • spring-tx Required if using a database to store user data (optional).
  • C.6 spring-security-aclThe ACL module.
  • spring-jdbc Required if you are using the default JDBC-based AclService (optional if you implement your own).spring-tx Required if you are using the default JDBC-based AclService (optional if you implement your own).
kuni katsuya

Enterprise JavaBeans 3.1 with Contexts and Dependency Injection: The Perfect Synergy - 0 views

www.oracle.com/...ejb-3-1-175064.html

javaee6 ejb3.1

shared by kuni katsuya on 09 Aug 12 - No Cached
  • EJB beans cannot be directly exposed to JSF or JSP without a little help from CDI
  • CDI doesn't provide any transactional, monitoring, or concurrency aspect out of the box
  • stateless EJB 3.1 bean as boundary (Facade)
  • ...1 more annotation...
  • injected managed beans (controls) results in the simplest possible architecture
« First ‹ Previous 361 - 380 of 421 Next › Last »
Showing 20 items per page