I am using Wildfly 10.1.0.Final on the Ubuntu 16.04.02 LTS Server, I put the SSL from letsencrypt.org running with the H2 (HTTP 2) protocol and Spring Security 4.2.2.RELEASE in Production.
The server is working fine with a very good performance and is not slow but I'm getting many bug reports in the wildfly log of java.net.URISyntaxException (Error 500), from user agents like "Mozilla / 5.0 Jorgee".
I would like to know how I can block these type of bad user agents (malware, bots, etc) and(or) prevent this from happening.
Thanks in advance for all the help.
I had the same problem multiple times recently and the requests origin were random (Brazil, Germany, Argentine, US, Ireland...). I'm not sure if there is a way to blacklist these request within WildFly configuration however, you may want to consider to create a custom Java EE Filter.
The solution to my problem was to get a WAF in front of the CDN but if you don't have one you may want to add Nginx in front of your Web App and blacklist the user agent "Jorgee" as well as paths such as:
/2phpmyadmin/
/admin/phpMyAdmin/
...
You can find more info in this blog post by Kurtis Rader.
Related
I have a Java 8 web app running on a Tomcat 8 container that was deployed using AWS Elastic Beanstalk to an EC2 instance. I then configured Route 53 to point myapp.com to the Elastic Beanstalk endpoint as an alias, and did the same with www.myapp.com.
The problem is that when I login with either of them, the session is not shared with the other one. For example, if I login with myapp.com, and then try to access www.myapp.com, I'm being asked to login again. This problem is reproducible vice-versa and with the logout function too.
I've read this answer explaining the issue and while I understand the theory, I'm unsure on how to actually implement this. I tried pointing www.myapp.com directly to myapp.com as an alias on Route 53. I also tried configuring EB to use an Elastic Load Balancer and checked the Sticky Sessions option.
Is this something that can be configured on AWS or do I need to configure my code to accommodate this? An example would be really helpful. The application is a standard Enterprise Java web app with JSP and uses Spring Security for authentication.
Basically you need the Tomcat server to set domain="myapp.com" on every Set-Cookie header of every response.
There are many ways to do that. But the easiest way is to edit /src/resources/application.properties file in your application and set server.session.cookie.domain to myapp.com.
We are facing some issue with our spring boot application. we are using Embedded tomcat. when we hit couple of urls with the keywords having special characters, its not reaching our application. The application is hosted in google cloud. We are unable to reproduce this on local, but when he hit the same url in other environments , we can see the blank page. We checked by adding lot of logs in filters and our controllers, the request is not coming to our application it self. Can somebody help me with this issue.
Example: www.test.com/s/5%2F8%20spark%20plug
as #chrylis mentioned, there isn't anything that you can do in your application to allow this type of URL to work, as the problem is before your application, and your application never gets the request.
I recommend that instead of spending a lot of time investigating why the Google Cloud platform is choking on the URLs, you take a hard look at your application and ask yourself if you really need these 'nonstandard' urls.
If, for instance, "5%2F8%20spark%20plug" is something provided by an end-user (or a url-encoded version of something provided by an end-user), then perhaps it would be better to use an id (a Long or a UUID) instead - something that is "normalized" and known to not create a URL-parsing issue.
I'm trying to allow a web application running on Linux Ubuntu 10.04.4 and WildFly 9 to access files on a windows share using the JCIFS library ( https://jcifs.samba.org/ ). When testing Samba connections in isolation from the rest of our web application and not using WildFly everything seems to work ok.
The issue is if the connection fails when connecting from the WildFly container - the wildfly processing jumps to 100% CPU, and stays there. As of now this is 12 hours # 100% CPU on our test system - so it's not timing out, if indeed something should be.
Using JCIFS in isolation from our webapp and Wildfly the protocol, authentication and file not found exceptions are caught and logged and it does not cause the java process to consume loads of CPU like the other scenario.
If anyone has any advise regarding their own experience or approaches to troubleshooting I could take I would be very grateful.
Hi I am trying to use infinispan as a remote caching solution and when following through the guide i see the following:
> This server provides easy to use RESTful HTTP access to the Infinispan
> data grid, build on JAX_RS. This application is delivered (currently)
> as a WAR file, which you can deploy to a servlet container (as many
> instances as you need).
I could not find the WAR in the 5.3.0.Final.
But i see that Infispan Server installation can serve as a Remote Data Grid, so is the REST interface included in the server installation with the latest release?
If yes
What server is it running on ?
Do we need licence to run the Server on enterprise level?
What is the good way to deploy it in any other Application Server?
Any help will be highly appreciated?
But i see that Infinispan Server installation can serve as a Remote Data Grid, so is the REST interface included in the server installation with the latest release?
We will be talking about this: https://github.com/infinispan/infinispan-server Answer is, I'd say, yes. When you will use Infinispan Server, you will have possibility of accessing Infinispan cache via REST endpoint. (see readme + see endpoint subsystem in, for example, standalone.xml configuration file) After start of this standalone server you can connect to http://127.0.0.1:8080/ (REST server) and start using it according to the rules described in the documentation.
What server is it running on ?
The whole Infinispan server is very based on JBoss AS. Imagine "big" JBoss AS minus all unnecessary systems, subsystems and functionality. This "little boy" is Infinispan Server which, for example, doesn't support deploying applications etc.
Do we need licence to run the Server on enterprise level?
No. This is open source project. If you still looking for "officially" supported version, I'd suggest you to check Red Hat's JBoss Data Grid solution, which is productized and supported Infinispan + Infinispan Server. See http://www.redhat.com/products/jbossenterprisemiddleware/data-grid/
What is the good way to deploy it in any other Application Server?
There is no such a way. As I mentioner earlier, Infinispan Server itself is standalone server which already contains everything you need for caching and running cluster of virtually 128 (or even more) nodes.
Any help will be highly appreciated?
Maybe. I can't answer this question properly :(
I want to exchange E-Mails from a locally installed Microsoft Outlook through a Java Application which is running on a Tomcat Server.
In the past this was no Problem but since we switched the tomcat server from a "normal" starting routine to be started as a service (which is done for performance reasons) my Connection to Outlook is not working anymore.
As I was searching for a Solution to this quite for a long time (with no found solution) I decided to leave a post here.
I already know, that
The Outlook Object Model is unsuitable to run in a Windows service
which can be found at http://support.microsoft.com/kb/237913. Due to the registry hive HKEY_CURRENT_USER which is not loaded when a service is started.
But in this case I think a simple 'No - that’s not possible' can’t be a solution and that’s why I am asking here for help.
Is it for example possible to let the application on the tomcat start a new local application which then connects to Outlook?
Is it possible to manually load the HKEY_CURRENT_USER hive?
or on the other hand do this by using a solution which I did not mention yet?
Thanks a lot in advance!
You probably need to create a plugin to outlook which submits the email to your application using web-services (or similar).
I believe this is the usual way of realising requirements like this.