We are blocked with this issue, I will try to put it in words below.
Please have a look at the image first or keep it opened in parallel.
Project is an old Ant based project. Using Spring 4.2.4 currently. Configuration is XML-based.
Class XYZProjectSample is present inside XYZ.jar and a non-Spring class file present inside ABC.war, say ABCWarSample.java like below:
//non -spring outer class
class ABCWarSample {
//spring-based inner class
#Configurable
class InnerBean {
#Autowired
XYZProjectSample xyzProjectSampleInstance;
}
private XYZProjectSample getService() {
return new InnerBean().xyzProjectSampleInstance;
}
}
For combining these two classes from different modules, load time weaving is used.
Inside ABC.war project's spring-context.xml file they have used load time weaving via
<context:load-time-weaver aspectj-weaving="on"/>
Now this above line is giving error with Jboss EAP 7.2 as mentioned here.
They mentioned upgrade to Spring 5, we did it but encountered page loading issue. like half content coming without and JS and header.
They have used requestDispatcher.include() method to combine two responses. However we see only one and one is lost and there is no visible able error in the logs.
Now point two if we keep the Spring version 4, server doesn't start and gives the same issue, see here.
We tried some fixes given on internet but nothing has worked so far.
All I am looking for as of now is an alternative of this load time weaving for resolving this dependency. I thought about using compile time weaving, but that requires aspectj-maven plugin and we are using ant scripts.
I am really stuck here. Any advice or alternative solution can be really really helpful.
Please feel free to revert in case of any confusions or if you need more information.
Related
I'be been struggling for about 20 hours and also working in the weekend as you can see and I can't make this work. I think I have exhausted all the online options
I have copied the example here
https://rieckpil.de/howto-simple-form-based-authentication-for-jsf-2-3-with-java-ee-8-security-api/
in a new Dynamic web project in Eclipse for Java Enterprise Developers. I activated JSF 2.3 in the project facets (since I know that TomEE can use them)
I copied the classes, I set the web.xml to be the same.
My project runtime is TomEE8 (which is basically Tomcat9 with CDI and other stuff)
When I try to run the project on TomEE, I get this error:
javax.enterprise.inject.UnsatisfiedResolutionException: Api type
[javax.security.enterprise.SecurityContext] is not found with the
qualifiers Qualifiers: [#javax.enterprise.inject.Default()] for
injection into Field Injection Point, field name : securityContext,
Bean Owner : [LoginBacking, WebBeansType:MANAGED, Name:loginBacking,
API Types:[java.lang.Object,LoginBacking],
Qualifiers:[javax.inject.Named,javax.enterprise.inject.Default,javax.enterprise.inject.Any]]
I have tried creating the beans.xml file in my WEB-INF folder
I have created another bean with this annotation:
#FacesConfig(
// Activates CDI build-in beans
version = JSF_2_3
)
I have tried not using TomEE and using Tomcat 9 with weld, same problem.
I have no idea how to make this work. The thing is I need to add user login to my main application, but if this simple example won't work I don't think I can do this and I'm feeling very down.
If anyone can help me see the light, I'd be appreciative. I am also open to using the old method (ManagedBean and ManagedProperty I guess), but I'm not sure if it has the same effect.
Thanks!
Time for an answer.
It seems like TomEE does not provide an implementation for javaee-web-api. I had to add my own.
I have added the Soteria implementation to my lib file
https://search.maven.org/classic/#search%7Cga%7C1%7Ca%3A%22javax.security.enterprise%22
Now all seems well (at least the app is running).
Good luck!
I have created a simple web app by following the book "Mastering Spring MVC". Everything was working fine, however, during the testing chapter, I have created two beans with #Primary annotation. 1. ProviderSignInController and 2. An Impl of my search service class. Both of these are in package src/test/java.
The problem here is that if I deploy my application, even then, these two beans come into the picture and I am not able to work with my actual authentication and search service.
I am not getting any error or exception. I would like to know what could be the best way to automatically inject my mocks/stubs while testing and actual implementations when I deploy the app in my dev environment.
The source code link is here. Thanks.
Instead of #Primary, I'd suggest using #Profile("PRODUCTION") along side #Bean for your real/production beans/classes & #Profile("!PRODUCTION") with your test beans/classes. Then, specify the active profile(s) at runtime
-Dspring.profiles.active=PRODUCTION, ...
The problem was the way I was executing the application.
When I launched the application directly from eclipse (Run As Spring Boot App), the tests were included in the build as they were present in the classpath.
I modified my approach and now I am using gradle build (gradle bootRun) to launch my app. This solves the problem. Thanks to #DwB for providing the hint.
I am trying to follow one of the basic Spring Security tutorials in order to have a foundation to test something more advanced afterwards. But the tutorial is not working. Here is the link:
http://docs.spring.io/spring-security/site/docs/3.2.x/guides/hellomvc.html
Here is what I have done so far:
1.) I followed the instructions explicitly up to the start of the section titled “Verify SecurityConfig is loaded”.
2.) I was then not sure what to do with the “Verify SecurityConfig is loaded” section because it does not give instructions, only explanations. So at first I just skipped it and moved to the section titled “Exploring the secured application, but Run As..Run on Server launched the unsecured app with no login required.”
3.) Next, I tried importing the MessageWebApplicationInitializer.java and RootConfiguration.java classes from the messages-jc sample mentioned in the “Verify SecurityConfig is loaded” section, but this caused a failure of the app to get launched when tomcat was restarted, with errors about beans of specific names not being resolved.
4.) So I started importing the classes for each of the named beans from the messages-jc project and resolving one error after another, but the number of these tells me that the author could not possibly have meant for readers to manually import so many classes that are not described in the tutorial.
How can I get this tutorial to work?
I really just want to add a custom login form, but I have to start with something simpler and build up with a tutorial.
A major problem with the Spring example projects is that they are rarely self-contained, so that a project never contains all the required code. One thus has to do a lot of detective work to figure out where else the example project is pulling code from. It would be nice to just have a simple example project that contains within the project all the code required to execute the project. Such nesting may explain the problems described above.
Note
I am using Eclipse Mars and Tomcat 8, not the STS and tc server. But this should not matter.
Edit
Diff command results in the following. How should I interpret it?
I did not scroll down to the target section since that is all generated, but I could if someone needs me to.
As part of the evolution of my software I'm trying to move Spring's configuration from XML to annotation-based configuration (I found it easier to manipulate certain configuration elements).
All works fine as long as I'm running unit tests in Maven, but when I'm trying to use the produced signed jar from another module of my project, I get errors stating that signer information from a CGLIB enhanced class doesn't match other classes in the same package.
Looking into the matter I could find that apparently Spring will always use CGLIB to enhance #Configuration classes, and then that CGLIB doesn't seem to play nice with signed jars since its dynamically created classes reside in the same package as the original.
Has anyone figured a way to use Java Configuration in signed jars ?
PS: I double checked the package name isn't present anywhere else ;)
After raising this same issue on Spring JIRA (https://jira.spring.io/browse/SPR-12833), it appears that there is indeed a conflict between CGLIB and signed jars that impacts Spring-based application.
That said a simple workaround consists in using a #Component annotation on the class instead of #Configuration. I'm not 100% sure what the side effects could be but it worked fine for me.
I had a similar problem with AOP proxies which use CGLIB. I dug a little bit deeper and found out that this issue has been already solved in original CGLIB repository. I hope spring team will merge it into their version of CGLIB. Until they will fix it, I use my workaround with custom class loader for ApplicationContext with disabled security checks.
I described this solution in my blog, I hope it'll be useful for somebody.
I have a "plugin like" architecture and I want to create one instance of each class that implements a dedicated interface and put these in a cache. (To have a singleton-ish effect).
The plugins will be provided as jars and put into the app engine war file before the app is uploaded.
I have tried to use the ClassPathScanningCandidateComponentProvider as I'm using spring anyway, but this didn't work. The provider complained that it was not able to find the HttpServletResponse class file while scanning the classpath. I can't get around this, when I add the servlet jar, then I'll get of course problems, because the same jar is also provided by the GAE. If I don't, I'm getting the error above...
So I tried to add a static initialization code, but of course this doesn't work, because the class is initialized when it's instantiated for the first time. (Well I knew that but it was worth a try)
The last chance I currently see is that I create a properties file with all plugin classes when the package is created, but this requires writing of a maven plugin etc. and I'd like to avoid that.
Is there something that I am missing?
OK, I think I'll try to write my own classloader. This way, I could even put the plugins in the datastore and I can detect all the necessary classes etc.
:-)