Group items matching

in title, tags, annotations or url

listen to lifecycle events during a session's lifetime

retain the IP address or host name of the host from where the session was initiated

can be prolonged via a touch() method to keep them 'alive' if desired

can use Shiro sessions in existing web applications and you

easily stored in any data source

can be

across applications if needed

'poor man's SSO'

simple sign-on experience since the shared session can retain authentication state

interface-based and implemented with POJOs

allows you to easily configure all session components with any JavaBeans-compatible configuration format, like JSON, YAML

easily extend

customize session management functionality

session data can be easily stored in any number of data sources

easily clustered using any of the readily-available networked caching products

no matter what container you deploy to, your sessions will be clustered the same way

No need for container-specific configuration!

Shiro sessions can be 'shared' across various client technologies

listen for these events and react to them for custom application behavior

SecurityUtils.getSubject()

currentUser.getSession()

If the Subject already has a Session, the boolean argument is ignored and the Session is returned immediately

If the Subject does not yet have a Session and the create boolean argument is true,

and returned.

If the Subject does not yet have a Session and the create boolean argument is false, a new session will not be created and null is returned.

method functions the same way as the

HttpServletRequest.getSession(boolean create) method:

Benefit

Violation of the encapsulation

domain model's objects cannot guarantee their correctness

Necessitates a service layer when sharing domain logic across differing consumers of an object model.

Makes a model less expressive and harder to understand.

Facilitates code duplication among transactional scripts and similar use cases, reduces code reuse.

Liabilities

Liabilities

Liabilities

Changes for Hibernate 3.5 applications

if your application uses Hibernate 3 classes that are not available in Hibernate 4, for example, some of the validator or search classes, you may see ClassNotFoundExceptions when you deploy your application. If you encounter this problem, you can try one of two approaches: You may be able to resolve the issue by copying the specific Hibernate 3 JARs containing those classes into the application "/lib" directory or by adding them to the classpath using some other method. In some cases this may result in ClassCastExceptions or other class loading issues due to the mixed use of the Hibernate versions, so you will need to use the second approach. You need to tell the server to use only the Hibernate 3 libraries and you will need to add exclusions for the Hibernate 4 libraries. Details on how to do this are described here: JPA Reference Guide.

In previous versions of the application server, the JCA data source configuration was defined in a file with a suffix of *-ds.xml. This file was then deployed in the server's deploy directory. The JDBC driver was copied to the server lib/ directory or packaged in the application's WEB-INF/lib/ directory. In AS7, this has all changed. You will no longer package the JDBC driver with the application or in the server/lib directory. The *-ds.xml file is now obsolete and the datasource configuration information is now defined in the standalone/configuration/standalone.xml or in the domain/configuration/domain.xml file. A JDBC 4-compliant driver can be installed as a deployment or as a core module. A driver that is JDBC 4-compliant contains a META-INF/services/java.sql.Driver file that specifies the driver class name. A driver that is not JDBC 4-compliant requires additional steps, as noted below.

DataSource Configuration

domain mode, the configuration file is the domain/configuration/domain.xml

standalone mode, you will configure the datasource in the standalone/configuration/standalone.xml

MySQL datasource element:

        <connection-url>jdbc:mysql://localhost:3306/YourApplicationURL</connection-url>        <driver-class> com.mysql.jdbc.Driver </driver-class>        <driver> mysql-connector-java-5.1.15.jar </driver>

       <security>            <user-name> USERID </user-name>            <password> PASSWORD</password>        </security>

example of the driver element for driver that is not JDBC 4-compliant. The driver-class must be specified since it there is no META-INF/services/java.sql.Driver file that specifies the driver class name.

 <driver-class>com.mysql.jdbc.Driver</driver-class>

JDBC driver can be installed into the container in one of two ways: either as a deployment or as a core module

Install the JDBC driver

Install the JDBC driver as a deployment

In AS7 standalone mode, you simply copy the JDBC 4-compliant JAR into the AS7_HOME/standalone/deployments directory

example of a MySQL JDBC driver installed as a deployment:     AS7_HOME/standalone/deployments/mysql-connector-java-5.1.15.jar

always have to include this library in either WEB-INF/lib

support for CDI is included in the library granite-cdi.jar

10.1. Configuration with Servlet 3 On Servlet 3 compliant containers, GraniteDS can use the new APIs to automatically register its own servlets and filters and thus does not need any particular configuration in web.xml. This automatic setup is triggered when GraniteDS finds a class annotated with @FlexFilter in one of the application archives:

@FlexFilter(configProvider=CDIConfigProvider.class) public class GraniteConfig { }  

list of annotation names that enable remote access to CDI beans

@FlexFilter declaration will setup an AMF processor for the specified url pattern

@TideEnabled

@RemoteDestination

always declared by default

10.3.2. Typesafe Remoting with Dependency Injection

It is possible to benefit from even more type safety by using the annotation [Inject] instead of In. When using this annotation, the full class name is used to find the target bean in the CDI context instead of the bean name.

Security

integration between the client RemoteObject credentials and the server-side container security

client-side component named

API to define runtime authorization checks on the Flex UI

bindable property

represents the current authentication state

integrated with server-side role-based security

clear the security cache manually with

other CDI Extensions projects.

container agnostic

different containers get activated via

CDI container integration via

Building Apache DeltaSpike

DeltaSpike-0.3

Release Notes

[DELTASPIKE-62] - Discuss security module

[DELTASPIKE-74] - unit and integration tests for @Secured

 [DELTASPIKE-75] - documentation for @Secured

[DELTASPIKE-78] - review and discuss Authentication API

 [DELTASPIKE-77] - review and discuss Identity API

[DELTASPIKE-79] - review and discuss Authorization API

[DELTASPIKE-81] - review and discuss Identity Management

[DELTASPIKE-82] - review and discuss external authentication

[DELTASPIKE-176] - unit and integration tests for @Transactional

[DELTASPIKE-177] - documentation for @Transactional

 [DELTASPIKE-179] - unit and integration tests for @TransactionScoped

[DELTASPIKE-175] - @Transactional for EntityTransaction

 [DELTASPIKE-178] - @TransactionScoped

 [DELTASPIKE-190] - Create ConfigurableDataSource

[DELTASPIKE-219] - @Transactional for JTA UserTransaction

[DELTASPIKE-230] - Fallback stragtegy for resource bundles and locales

  [DELTASPIKE-223] - Add convention for @MessageResource annotated types.

XSDDataTypes Package: This package contains classes representing XSD primitive data types. This package is available as an XMI file. To import the file as a UML Package, use EA's XMI import facility which is available from the menu item: Project | Import/Export | Import Package from XMI. UML Profile for XML: This resource file contains the stereotyped classes which allow the schema generation to be customized. The UML Profile for XML can be imported into a model using the Resource View (see Importing Profiles for details on importing UML profiles into EA).

Steps to Generate XSD: Select the package to be converted to XSD by right-clicking on the package in the Project Browser. Select Project | Generate XML Schema from the main menu. Set the desired output file using the Filename field. Set the desired xml encoding using the Encoding field. Click on the Generate button to generate the schema. The progress of the schema generator will be shown in the Progress edit box.

services-config.xml

define manually the endpoint for remote services

service initializer in a static block of the main mxml file

Cdi.getInstance().addComponentWithFactory("serviceInitializer", DefaultServiceInitializer, { contextRoot: "/my-cdi-app" } );

tideAnnotations

High-Level Overview

essentially a security specific 'view' of the the currently executing user

instances are all bound to (and require) a

When you interact with a Subject, those interactions translate to subject-specific interactions with the SecurityManager

'umbrella’ object that coordinates its internal security components that together form an object graph

‘connector’ between Shiro and your

Shiro looks up many of these things from one or more Realms configured for an application

component responsible determining users' access control in the application

if a user is allowed to do something or not

knows how to create and manage user

lifecycles

Shiro has the ability to natively manage user Sessions in any environment, even if there is no Web/Servlet or EJB container available

Shiro will use

if available, (e.g. Servlet Container)

if there isn't one, such as in a standalone application or non-web environment, it will use its

exists to allow any datasource to be used to

performs Session persistence (CRUD) operations on behalf of the SessionManager

allows any data store to be plugged in to the Session Management infrastructure

creates and manages Cache instance lifecycles used by other Shiro components

improve performance while using these data source

‘connector’ between Shiro and your application’s security data

‘connector’ between Shiro and your application’s security data

‘connector’ between Shiro and your application’s security data

‘connector’ between Shiro and your application’s security data

3 separate projects: a Java project, a Flex project and a Webapp project.

GraniteDS archetypes

archetypeGroupId: org.graniteds.archetypes archetypeVersion: 1.1.0.GA archetypeArtifactId:

Maven 3.x required

mvn archetype:generate    -DarchetypeGroupId=org.graniteds.archetypes    -DarchetypeArtifactId=graniteds-tide-spring-jpa-hibernate    -DarchetypeVersion=1.1.0.GA    -DgroupId=org.example    -DartifactId=springgds    -Dversion=1.0-SNAPSHOT

cd springgdsmvn clean package

build the project

CDI archetype requires a Java EE 6 server and uses an embedded GlassFish

cd webappmvn embedded-glassfish:run

With the Eclipse Maven integration (the M2E plugin), you can simply choose one of the archetypes when doing New Maven Project.

mvn war:war

two very easy ways to quickly create a new GraniteDS project

Application-created persistence units

Native Hibernate applications

native (i.e. non-JPA)

JPA applications that create an EntityManagerFactory on their own, either using the PersistenceProvider SPI directly or through an intermediary mechanism such as Spring's LocalContainerEntityManagerFactoryBean

standard Java EE-applications may ignore the provider implementation and rely on the standard features provided by the container - JBoss AS7 supporting standard JPA 1.0 and 2.0

future versions of JBoss AS7 it will be possible to use alternative persistence provider implementations

Asynchronous Servlets Performance

With a non NIO or non Continuation based server, this would require around 11,000 threads to handle 10,000 simultaneous users. Jetty handles this number of connections with only 250 threads.

Classical synchronous model: 10,000 concurrent users -> 11,000 server threads. 1.1 ratio.

Comet asynchronous model: 10,000 concurrent users -> 250 server threads. 0.025 ratio.

classical (synchronous) servlet model

request -> immediate processing -> response

Comet implementations rely on a different model:

request -> wait for available data -> response

With synchronous servlet processing, each request is handled by one dedicated server thread

"JOINED" strategy

each entity in the inheritance hierarchy has its own table and that the table of each class only contains columns for that class

Users can have many Albums

Album containing Photos