Group items matching

in title, tags, annotations or url

application stops working when you move it to another server

project in Flex Builder

check “use remote object access service”

This adds a compiler argument pointing to the location of your

When you then

your application, the required

of services-config.xml are

read at

not at runtime

{server.name}

{server.port}

{context.root}

{server.name} and {server.port} are replaced at

{context.root} is still substituted at

Flex SDK provides an API that allows you to configure your channels at runtime

number of ways you can pass values to a SWF at runtime

read a configuration file using HTTPService at application startup

Example of injecting an EntityManager and EntityManagerFactory in a SessionBean

@Stateless

@PersistenceContext(unitName="acme") private EntityManager entityManager;

for each workspace, in files stored in <workspace>/.metadata/.plugin/org.eclipse.core.runtime/.settings

for each project --for project-level settings -- in files stored in a .settings sub-directory of your project folder

Is there an UML editor for Eclipse? An Eclipse Modelling project-based UML editor can be installed from the Eclipse update site "Modelling > UML2 Tools SDK". See Creating UML 2 diagrams with Eclipse UML2 Tools - Tutorial for an introduction.

How do I debug Eclipse? How can I see what plug-ins are being started? Why aren't the plug-ins I installed showing up in the UI? How do I start the OSGi console?

Debugging OSGi Bundle Loading Issues There are a few flags you can pass to Eclipse on the commandline or in your eclipse.ini file that might help: -consolelog - log everything in workspace/.metadata/.log to the console where you launched Eclipse as well -debug - more verbose console output -console - start the Equinox OSGi console to interact with OSGi directly -noexit - when Eclipse closes, keep the OSGi console running until you type 'exit' or hit CTRL-C so you can keep debugging See Where Is My Bundle? for an overview of how to use the OSGi console for diagnosing problems.

Debugging Eclipse Using Eclipse You can also debug an Eclipse instance from another instance through remote debugging: Start the instance to be debugged with "-vmargs -Xdebug -agentlib:jdwp=transport=dt_socket,server=y,address=8000". You should see a message like "Listening for transport dt_socket at address: 8000" Open Run → Debug Configurations... and create a Remote Java Application configuration with connection type "Socket Attach" and connecting to the client at port 8000. Set the project to a bundle project with the right dependencies for the bundles that you are trying to debug. Launch the configuration. The JDWP agent supports other useful arguments, like "suspend=n" so that the process does not suspend. For more details, see Oracle's Java Debug Wire Protocol (JDWP) connection docs.

I just installed Eclipse on my 64-bit system, but it does not start. What is the problem? Make sure that you have downloaded the 64-bit version of Eclipse (it should have x86_64 somewhere in its name) and have installed a 64-bit JVM. Likewise, if you run a 32-bit JVM, then you should use the 32-bit version of Eclipse.

When I start Eclipse it says "Workspace in use or cannot be created, choose a different one.", what should I do? There are a couple of things you can try. Delete the workspace/.metadata/.lock file. Check your running processes to make sure there aren't any remaining Java or Eclipse processes running. When in doubt, restart your computer. :) Try starting Eclipse on a different workspace (from the workspace selection dialog, or by using a command line argument like -data /home/user/tmp-workspace), then switch back to your original workspace.

How do I uninstall a plug-in? You can view your list of installed software by checking your installation details from about dialog. Help > About > Installation Details

I'm having memory, heap, or permgen problems, what can I do? FAQ How do I increase the heap size available to Eclipse? FAQ How do I increase the permgen size available to Eclipse?

Eclipse seems to be hanging on startup. How can I find out why? If none of the solutions outlined in this section reveal the problem, then you can try debugging an Eclipse instance as a debug target from another Eclipse instance. This is surprisingly easy: Start Eclipse in a "new" blank workspace (e.g., C:\TEMP\WS, or /tmp) Create a new Debug configuration: Run -> Debug Configurations; then click on "Eclipse Applications" and select the New Launch Configuration. If you believe it's something about a particular workspace, then set the workspace to your normal workspace. If you believe the hang is caused by a particular plugin, disable the plugin and verify. Launch and then see. Using this approach, you can break with the debugger to see where hangs are occurring. You can also change the selection of plugins that the instance is launched with.

I was working on a project and doing something or other does not work. Where should I start? Try refreshing your projects. Try cleaning your your projects using the menu item Project/Clean to trigger a rebuild. Try closing/reopening your projects. Try restarting Eclipse.

4.2 Where are Eclipse's log files located?

Where are Eclipse's log files located? <workspace>/.metadata/.log You can view this workspace log as a view if you have PDE installed on your computer (which you would if you have downloaded the Eclipse SDK). You can open that view via Window -> Show View -> Other -> PDE Runtime -> Error Log. <eclipse install>/configuration/<sometimestamp>.log <eclipse install>/configuration/org.eclipse.update/install.log

Where are Eclipse preferences stored?

Where are Eclipse preferences stored?

Where are Eclipse preferences stored?

Where are update site bookmarks stored? It is within an XML file called <user_home>/.eclipse/org.eclipse.platform_3.1.2/configuration/org.eclipse.update/bookmarks.xml. Your Eclipse version may vary.

do not at all describe "who" is able to perform the action(s)

Multiple Parts

Wildcard Permissions support the concept of multiple levels or parts. For example, you could restructure the previous simple example by granting a user the permission printer:query

Multiple Values Each part can contain multiple values. So instead of granting the user both the "printer:print" and "printer:query" permissions, you could simply grant them one: printer:print,query

All Values What if you wanted to grant a user all values in a particular part? It would be more convenient to do this than to have to manually list every value. Again, based on the wildcard character, we can do this. If the printer domain had 3 possible actions (query, print, and manage), this: printer:query,print,manage

simply becomes this: printer:*

Using the wildcard in this way scales better than explicitly listing actions since, if you added a new action to the application later, you don't need to update the permissions that use the wildcard character in that part.

Finally, it is also possible to use the wildcard token in any part of a wildcard permission string. For example, if you wanted to grant a user the "view" action across all domains (not just printers), you could grant this: *:view Then any permission check for "foo:view" would return true

Instance-Level Access Control

instance-level Access Control Lists

Checking Permissions

SecurityUtils.getSubject().isPermitted("printer:print:lp7200")

printer:*:*

all actions on a single printer

printer:*:lp7200

missing parts imply that the user has access to all values corresponding to that part

printer:print is equivalent to printer:print:*

Missing Parts

rule of thumb is to

when performing permission checks

first part is the

that is being operated on (printer)

second part is the

(query) being performed

three parts - the first is the

the second is the

third is the

allow access to

can only leave off parts from the end of the string

Performance Considerations

runtime implication logic must execute for

implicitly using Shiro's default

which executes the necessary implication logic

When using permission strings like the ones shown above, you're

Shiro's default behavior for Realm

for every permission check

need to be checked individually for implication

as the number of permissions assigned to a user or their roles or groups increase, the time to perform the check will necessarily increase

If a Realm implementor has a

more efficient way of checking permissions and performing this implication logic

should implement that as part of their

implies

user:*:12345

user:update:12345

printer

implies

printer:print

Implication, not Equality

permission

are evaluated by

logic - not equality checks

the former implies the latter

superset of functionality

implication logic can be executed at runtime

because Permissions represent raw functionality and only change when the application's source code changes, they are immutable at runtime - they represent 'what' the system can do

by transitive association, the user 'has' the permissions in their roles

all Permission checks are relegated to Realm implementations, and only those implementations really determine how a user 'has' a permission or not

Realm could use the semantics described here, or it could utilize some other mechanism entirely

If caching is enabled and if any authorization data for an account is changed at runtime, such as adding or removing roles and/or permissions, the subclass implementation should clear the cached AuthorizationInfo for that account via the

getAuthorizationInfo

AuthorizingRealm

AuthorizationInfo getAuthorizationInfo(PrincipalCollection principals)

Returns an account's authorization-specific information for the specified principals, or null if no account could be found

This implementation obtains the actual AuthorizationInfo object

and then caches it for efficient reuse if caching is enabled

clearCachedAuthorizationInfo(PrincipalCollection principals)

Clears out the AuthorizationInfo cache entry for the specified account.

always have to include this library in either WEB-INF/lib

support for CDI is included in the library granite-cdi.jar

10.1. Configuration with Servlet 3 On Servlet 3 compliant containers, GraniteDS can use the new APIs to automatically register its own servlets and filters and thus does not need any particular configuration in web.xml. This automatic setup is triggered when GraniteDS finds a class annotated with @FlexFilter in one of the application archives:

@FlexFilter(configProvider=CDIConfigProvider.class) public class GraniteConfig { }  

list of annotation names that enable remote access to CDI beans

@FlexFilter declaration will setup an AMF processor for the specified url pattern

@TideEnabled

@RemoteDestination

always declared by default

10.3.2. Typesafe Remoting with Dependency Injection

It is possible to benefit from even more type safety by using the annotation [Inject] instead of In. When using this annotation, the full class name is used to find the target bean in the CDI context instead of the bean name.

Security

integration between the client RemoteObject credentials and the server-side container security

client-side component named

API to define runtime authorization checks on the Flex UI

bindable property

represents the current authentication state

integrated with server-side role-based security

clear the security cache manually with

are intuitive

Subject

'Subject' can mean a human being, but also a 3rd party process, daemon account, or anything similar. It simply means 'the thing that is currently interacting with the software'

Subject currentUser = SecurityUtils.getSubject();

SecurityManager

SecurityManager manages security operations for all users

Realms

Realm acts as the ‘bridge’ or ‘connector’ between Shiro and your application’s security data. That is, when it comes time to actually interact with security-related data like user accounts to perform authentication (login) and authorization (access control), Shiro looks up many of these things from one or more Realms configured for an application.

Realm is essentially a security-specific DAO

Shiro provides out-of-the-box Realms to connect to a number of security data sources (aka directories) such as LDAP, relational databases (JDBC), text configuration sources like INI and properties files, and more

Authorization

A permission is a raw statement of functionality, for example ‘open a door’, ‘create a blog entry’, ‘delete the ‘jsmith’ user’, etc. By having permissions reflect your application’s raw functionality, you only need to change permission checks when you change your application’s functionality. In turn, you can assign permissions to roles or to users as necessary at runtime.

“Run As” support for assuming the identity of another Subject

 enabled="{identity.hasRole('admin')}"

button labeled Delete will be enabled only if the user has the role admin

The discussion whether or not to use Spring vs. Java EE for new enterprise Java applications is a no-brainer

Why migrate?

since then fallen a prey to the hungry minds of Venture Capitalists and finally into the hands of a virtualization company called VMware

While the different companies and individuals behind the Spring framework have been doing some work in the JCP their voting behavior on important JSRs is peculiar to say the least

outdated ORM solution like JDBC templates

some developers completely stopped looking at new developments in the Java EE space and might have lost track of the current state of technology

size of the deployment archive

fairly standard Java EE 6 application will take up about 100 kilobytes

comparable Spring application weighs in at a whopping 30 Megabytes!

Lightweight

Firing up the latest JBoss AS 7 Application Server from scratch and deploying a full blown Java EE 6 application into the server takes somewhere between two and five seconds on a standard machine. This is in the same league as a Tomcat / Spring combo

Dependency injection

Java EE 6, the Context and Dependency Injection (CDI) specification was introduced to the Java platform, which has a very powerful contextual DI model adding extensibility of injectable enterprise services

Aspect Oriented Programming

“AOP Light” and this is exactly what Java EE Interceptors do

common pitfall when taking AOP too far is that your code might end up all asymmetric and unreadable. This is due to the fact that the aspect and its implementation are not in the same place. Determining what a piece of code will do at runtime at a glance will be really hard

Testing

With Arquillian we can get rid of mocking frameworks and test Java EE components in their natural environment

Tooling

capabilities comparison matrix below to map Spring’s technology to that of Java EE

Capability Spring JavaEE Dependency Injection Spring Container CDI Transactions AOP / annotations EJB Web framework Spring Web MVC JSF AOP AspectJ (limited to Spring beans) Interceptors Messaging JMS JMS / CDI Data Access JDBC templates / other ORM / JPA JPA RESTful Web Services Spring Web MVC (3.0) JAX-RS Integration testing Spring Test framework Arquillian *