I tried to deploy a websocket application using Tomcat 7.0 in Eclipse.
After i deployed the app on localhost, when i try to access the websocket it throws an error like this
WebSocket connection to
'ws://localhost:8080/GroupChatServer/chat?name=hari' failed: Error
during WebSocket handshake: Unexpected response code: 404
I deployed the app in
http://localhost:8080/GroupChatServer/
I tried a sample chat app from this link:
GroupChatServer
can anyone help me to solve this?
You did not provide enough details to answer the question absolutely.
But i had a similar problem
The Error during the handshake happens, because Tomcat has its own api for websockets. Thus you might have added the JSR implementation or something similar as javax.websocket-api in your pom.xml there comes a conflict at runtime.
Try to not export your Websocket-library to your webserver, thus it uses its own implementation.
If you use maven, set the websocket dependency as provided:
<!-- Provided Websocket API, because tomcat has its own implementation -->
<dependency>
<groupId>javax.websocket</groupId>
<artifactId>javax.websocket-api</artifactId>
<version>1.1</version>
<scope>provided</scope>
</dependency>
Related
Multi part file upload in spring boot application is not working with tomcat version 9.0.31. But this functionality working fine with older version 9.0.30 .But there is a vulnerability in this version and forced to upgrade the version.
See the error given below
"timestamp": "2020-03-09T08:01:56.169+0000",
"status": 500,
"error": "Internal Server Error",
"message": "Failed to parse multipart servlet request; nested exception is java.io.IOException: org.apache.tomcat.util.http.fileupload.impl.IOFileUploadException: Processing of multipart/form-data request failed. Stream ended unexpectedly",
Error log is given below
nested exception is org.springframework.web.multipart.MultipartException: Failed to parse multipart servlet request; nested exception is java.io.IOException: org.apache.tomcat.util.http.fileupload.impl.IOFileUploadException: Processing of multipart/form-data request failed. Stream ended unexpectedly] with root causeorg.apache.tomcat.util.http.fileupload.MultipartStream$MalformedStreamException: Stream ended unexpectedly
Please help to resolve this.
I think the bug has been fixed with latest tomcat version 9.0.33.
The multi-part file upload functionality which was not working in version 9.0.31, has also been fixed with the upgrade. Also, I have tried checking if there are any vulnerability using owasp dependency checker and found that there are no vulnerabilities in this version.
Just upgrade your dependency with the below version:
<!-- https://mvnrepository.com/artifact/org.apache.tomcat.embed/tomcat-embed-core -->
<dependency>
<groupId>org.apache.tomcat.embed</groupId>
<artifactId>tomcat-embed-core</artifactId>
<version>9.0.33</version>
</dependency>
This is a bug in Tomcat 9.0.31. There's already an entry in Apache's Bugzilla: https://bz.apache.org/bugzilla/show_bug.cgi?id=64195.
According to the bug report, to prevent this issue you can either
- use Http11Nio2Protocol instead of Http11NioProtocol
- use Tomcat 9.0.30, where this doesn't happen (but has the critical Ghostcat vulnerability in Tomcat's AJP protocol)
The issue will be fixed in 9.0.32 (which is not released yet).
Note: When using http instead of https the problem also does not appear.
Another possible solution is to check user with which tomcat server is running.
In my case, it was not running with root user. If that's the case just restart the tomcat server with root user and problem will be solved.
I have a spring boot REST API application for a project with 2 different setups ( =2 different jars). Both need to be realized, but I have no idea on how to do it or what the best way would be.
Both setups need to have a connection with an online database (on a server; AWS) and a connection with an offline or local database (running on the machine/pc itself). It is the offline or local connection that is different between both setups.
Setup 1:
When the application is started it needs to connect to the online database. When an error occurs or connection to the online database is lost, it needs to connect to the offline/local database.
It is not required that that it will reconnect with the online database after an error occurred or the connection was lost.
Setup 2:
When the application is started it needs to connect to both the online and the offline database. So when the user does a post to the REST API, both the online and the offline database need to be updated (unless an error occurs or the connection to the online database is lost). If the user just does a get request, it is preferred to get the data from the online database, unless an error occurs or the connection to the online database is lost, than it can use the offline database.
It is not required that that it will reconnect with the online database after an error occurred or the connection was lost, but in this setup it would be nice.
Synchronizing the data after connection has been established again isn't required either (but would maybe be a nice feature).
I have seen a similar post where the solution was to use ha-jdbc but it is an old post... Maven just doesn't find the dependency when I try adding it to my pom.xml file.
After some more searching and trying I was able to add ha-jdbc to my pom.xml. What I had to do was add a repository that contained ha-jdbc.
<project>
<repositories>
<repository>
<id>jbossrepository</id>
<name>jbossrepository</name>
<url>https://repository.jboss.org/nexus/content/repositories/thirdparty-releases/</url>
</repository>
</repositories>
<dependency>
<dependency>
<groupId>net.sf.ha-jdbc</groupId>
<artifactId>ha-jdbc</artifactId>
<version>3.0.3</version>
</dependency>
</dependency>
</project>
Yet to see if I can get it to work and if it is what I am looking for...
ha-jdbc isn't worth trying, one error or problem after the other, it's just old java too...
Versions:
- java: 1.8
- org.springframework.boot (spring-boot-starter-parent): 2.1.8.RELEASE
- Database (online & offline): PostgreSQL 11.5
Take a look this example code. There you can find already implemented a working solution.
The logic behind it is EnableJpaRepositories which enables it based on packages (basePackages)
Summary: I have an SAAJ Client that calls a remote Web Service over HTTPS. Both Client and Server authentication via certificates is required. I can successfully invoke the service when running a JUnit test in my IDE, but fail to connect when running in JBoss.
Keystore/Truststore Configuration Details: In both the IDE and JBoss, I'm setting the keystore and truststore via system properties: javax.net.ssl.keyStore, javax.net.ssl.keyStorePassword, javax.net.ssl.trustStore, javax.net.ssl.trustStorePassword
Logging Configuration: In JBoss, I've enabled SSL Debug logging via the system property: javax.net.debug=SSL. I've also enabled CXF logging via a logging.properties file.
JBoss SSL Logging Output Summary:
SSL logging shows no WARN or ERROR logs
SSL logging shows a session is established at the time of the call to the remote service
JBoss CXF Logging Output Summary:
CXF logging shows that the POST is sent to the service via Conduit null.http-conduit
CXF logging shows this conduit is "configured for plain http", has "No Trust Decider", and has "No Auth Supplier" (I'm not entirely sure what all of this means, but it sounds relevant)
Stack Trace: Here's the actual stack trace I'm getting
Caused by: javax.xml.soap.SOAPException: JBWS024004: SOAP message could not be sent
at org.jboss.wsf.stack.cxf.saaj.SOAPConnectionImpl.call(SOAPConnectionImpl.java:124)
at my.client.soap.MySAAJClient.invoke(MySAAJClient.java:37) [my-client-0.0.1-SNAPSHOT.jar:]
... 17 more
Caused by: org.apache.cxf.transport.http.HTTPException: HTTP response '403: Forbidden' when communicating with https://remote.service.url.here/
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponseInternal(HTTPConduit.java:1542)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponse(HTTPConduit.java:1502)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1309)
at org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:56)
at org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:627)
at org.jboss.wsf.stack.cxf.saaj.SOAPConnectionImpl.call(SOAPConnectionImpl.java:120)
... 19 more
Other Information
I don't have direct access to the logs of the remote web service, but I'm told that they "don't show anything"
CXF comes into play because it is used by JBoss. I don't have any CXF dependencies included in my project and it's not in play when I run the code in my IDE.
What I've Tried: I've been focused on CXF because again, this all runs fine when executed in my IDE where CXF is not in play and the CXF log that says the conduit has been "configured for plain http" scares me. I've tried including a jboss-cxf.xml, jbossws-cxf.xml, or cxf.xml configuration file in my WAR that includes the keystore and truststore configuration. This has not worked and I can't even tell that CXF is seeing these files.
My Questions (Updated)
Is there any way to get JBoss/CXF to see that this is a secure connection and use the keystore/truststore configured via system properties?
Is there any way for me to direct JBoss (via jboss-deployment-structur.xml maybe?) to use a different SAAJ implementation for my deployment?
Do you have any thoughts on other things I should be looking into?
Update 1
I believe I've confirmed that the JBoss-CXF integration is the issue. I was able to remove JBoss's SOAPConnectionImpl by modifying the file {JBOSS_HOME}/modules/system/layers/base/org/jboss/ws/saaj-impl/main/module.xml. I commented out the module dependency <module name="org.jboss.ws.jaxws-client" services="import"/>.
After making this change, my application was able to connect to the remote service with no issues.
Although this shows that the JBoss-CXF integration is this issue, I can't modify the deployment environment in this way. I need to identify another solution.
I'd go for system properties (or at least knowing the configuration of the system) as they might override whatever you specify in your deployment.
What version of cxf is used on the deployment environment? Do you have any info on the configuration of cxf on your deployment environment? From the documentation (http://cxf.apache.org/docs/ws-security.html), I can see you need to configure WSS4J interceptors for cxf 2.0.x or earlier, so you could check if this is okay on your deployment environment.
I have web application build using JSF, Tomcat as app container, Google Guice for injection and Azure as storage. Everything is working so far, web app is serving pages etc.
I needed to consume SOAP service so I generated class from WSDL using WSDL2JAVA (from Axis2 distribution) and I added dependencies to my pom.xml file:
<dependency>
<groupId>org.apache.axis2</groupId>
<artifactId>axis2-kernel</artifactId>
<version>1.6.2</version>
</dependency>
<dependency>
<groupId>org.apache.axis2</groupId>
<artifactId>axis2-adb</artifactId>
<version>1.6.2</version>
</dependency>
I need only to consume SOAP, I am not building a SOAP server. Unfortunately after including Maven dependencies and stub class I keep getting errors when I try to connect to my web app:
java.lang.IllegalArgumentException: Null InputStream is not a valid argument
com.ctc.wstx.stax.WstxInputFactory.createSR(WstxInputFactory.java:614)
com.ctc.wstx.stax.WstxInputFactory.createXMLStreamReader(WstxInputFactory.java:317)
I don't have any code related to SOAP (other than unused stub class), I don't do any outgoing requests.
Question is: does Axis install anything in it's default configuration which can interfere with other mechanisms of web application (class finding, injection, servlets etc.)?
I'm working on a Jax-RS RESTful web-service. While I'm still coding (in Eclipse), I'd like to be able to debug easily, so I decided to have a Maven project and I use dependencies to the Grizzly web server, allowing me to start up a server with merely 2 lines of code (not even having to build the WAR file).
In my web-service implementation class (the one with #Path) I have injected the context as member variable:
#javax.ws.rs.core.Context
ServletContext context;
When I check the context variable for null, it will not be null if I build the WAR file and deploy it in TomCat, but it will be null when I start my Grizzly server and check it then. Starting the Grizzly v1.9 server is done as follows:
String url = "http://localhost:1234";
SelectorThread srv = GrizzlyServerFactory.create(url);
I've tried to find solutions to this with Google, someone suggested to enable "load-on-startup" in the web.xml, but this didn't help either.
Any ideas?
Cheers!
My guess is that you use Grizzly without the Servlet Container extension. Theoretically JAX-RS may run not only on servlet environment, but then you cannot get the ServletContext or HttpServletRequest or Response.
While the other answer here made some sense, I wasn't too sure, because according to the maven dependency tree, the servlet package was also included.
I could fix the problem by migrating to a different maven dependency. I'm now using
<dependency>
<groupId>com.sun.jersey</groupId>
<artifactId>jersey-grizzly2</artifactId>
<version>1.9.1</version>
</dependency>
and followed the instructions of http://blogs.oracle.com/PavelBucek/entry/jersey_grizzly_2_x_integration (Sample) to make it work. The servlet context is now successfully injected.