Posts Tagged ‘Spring’
Saturday, February 21st, 2009
I’m a fan of the spring framework and I have recently become a fan of DWR as well. Both of them together are just unstoppable, they take ajax and bean exposure through javascript to a new level. I have written about my experiences integrating the two and about validating forms using ajax. I’d advise you to read at least the integration article before continuing.
Using annotations to configure the spring container is a very useful feature, a majority of developers prefer to use annotations rather than XML files. However, annotation driven configuration of DWR through spring was not possible in older versions of DWR. The new version however, allows such configuration and with ease I might add. You can now use DWR with spring with almost no configuration in your XML files(a little bit of configuration is required but it doesn’t go beyond 10 lines or so). The best part however is that you don’t need to configure a seperate servlet for DWR at all, all calls to dwr can be routed through the spring dispatcher servlet which helps cut down configuration even more. (more…)
Tags: Ajax, dwr, Spring, spring dwr integration
Posted in Spring | 40 Comments »
Thursday, February 19th, 2009
If you haven’t already, please first read my article on configuring spring security and after that the article on writing a custom AuthenticationprocessingFilter. It is imperative that you know how to do both before you continue.
We always want to know who is on our website, how many users are logged in and how many visitors are present. Not only is the information useful, it also looks good. 
I tried looking for pluggable solutions to track users but couldn’t find any. Having implemented spring security in a few web apps, I decided to see if there was an easy way to do this. (more…)
Tags: Spring, spring security, web, web security
Posted in Spring Security | 14 Comments »
Monday, February 16th, 2009
Question like this one popup on the spring security forum all the time. The question is almost always the same. The system must perform some custom action after a user logs in or out of the system. And almost always this action has to be performed on the session like setting an attribute or removing one. Sometimes user’s also want to put their own User object in the session for later use in the application. All these actions can be performed by writing a custom AuthenticationProcessingFilter and replacing the default instance on the filter chain with your implementation.
Before I show you how to write your very own filter, (more…)
Tags: Spring, spring security, web security
Posted in Spring Security | 20 Comments »
Saturday, February 14th, 2009
More often than not people come to the spring forums asking about PropertyEditor’s. PropertyEditors are needed when you want to convert a string value to an object. Say for example, your command object contains a reference to a User object and the list of user’s is shown in the jsp with the value of the option box serving as the id of the user. Once the form is submitted, unless you have a custom property editor for your user class, you will receive validation errors. (more…)
Tags: jsp, Spring, web
Posted in Spring | 2 Comments »
Friday, February 13th, 2009
It’s all to common for beginners of spring to stumble upon what may look like odd spring problems. Most users think that these are bugs while more often than not they are expected spring behaviour. I myself have stumbled upon my fair share of such problems.
One such problem is clearing the data contained within the formBackingObject (or command object) after a successful (more…)
Tags: jsp, Spring
Posted in Spring, Tips & Tricks | No Comments »
Wednesday, February 11th, 2009
I wish spring security would work on their documentation and tell people how easy it is to implement a custom service for loading user details. You don’t HAVE to use JDBC to do that, you can write your very own hibernate, toplink or whatever DAO to do just that. It’s important to realise that spring-security does not send your password to the database ever. Instead it loads a user’s details and then compares it’s password internally before validating the user and granting it access to internal pages. (more…)
Tags: dwr, Java, Spring, spring security, web security
Posted in Spring Security | 11 Comments »
Tuesday, February 10th, 2009
Form validation is an integral part of any web application. While most developers rely on client side validations, the good ones always perform server side validations as well before accepting any data. You never know what kind of a malicious attack/vulnerability might be exposed if you don’t validate all data. Submitting, validating and then returning to the form again (if errors exist) is the normal flow but we can assist the user further by validating his data immediately. This form of validating user data is in no way supposed to substitute server side validation but only supposed to help the user and make your interface a little more snazzy. (more…)
Tags: Ajax, dwr, Java, Spring
Posted in Ajax, Spring | 3 Comments »
Monday, February 9th, 2009
In my earlier article I had detailed how to get DWR working with spring. Once you get that done, how exactly do you use it? Even though DWR provides a very powerful debugging page, a real-world example never hurts.
I’ll construct a simple page which will present the user with a list of countries (populated via DWR on body load). Once the user selects a country (more…)
Tags: Ajax, dwr, Java, Spring
Posted in Ajax, Spring | 3 Comments »
Monday, February 9th, 2009
So I managed to configure spring security in my last article here but what do I do now. How do I create the login form, login.jsp for my users to authenticate from. I searched around and found a few articles but none that listed out the login page. Then I looked in the spring-security distribution (more…)
Tags: Java, Spring, spring security, web security
Posted in Spring Security | 7 Comments »
Sunday, February 8th, 2009
I have written another post listing how to construct your login and logout pages to work with spring-security. It’s important that you read this post first if you’re new to spring-security.
Security in web applications is a big concern. More often than not developers miss securing a few pages here and there. These pages aren’t a huge concern till someone finds them and starts to mess with your system using them. Then the scramble to fix and re-evaluate your security starts. So, why don’t we secure ALL our pages instead of most of them? And why don’t we allow access to only those which we define and block access to everything else? This inverted model of security is what has been implemented in spring security. It’s a beautiful and powerful solution to securing web apps. Yes, i’m a spring fanboi but you’ll love spring security too once you love it.
As with anything else related to spring the learning curve on spring-security is just as steep. But once you get the hang of it, it’s easy peasy and you can use the same configuration over and over again in your web apps. It’s also worthwhile to mention that spring-security’s documentation could be a LOT better in terms of content not to mention better laid out. (more…)
Tags: Java, security, Spring, spring security
Posted in Spring Security | 12 Comments »
Saturday, February 7th, 2009
I like DWR, it’s a very strong framework for enriching your simple web application with ajax. It’s particularly useful for java developers because no one likes to write javascript to make XMLHttpRequest’s to call the server, parse the response and then set stuff in your jsp so that the response is displayed in a proper manner. You can effectively expose your entire class simply by defining it’s methods in your dwr.xml and then writing converter’s for your objects. The util.js that comes with dwr is very useful too even if you aren’t using dwr, it provides a lot of helpful methods to do stuff in javascript.
The debug page is probably what I loved the most about dwr. It lists out what classes have been exposed including their methods in a very simple manner. You can immediately test if you have configured dwr and if it’s working properly. You can also test out your exposed methods, with and without parameters, and see their responses. It’s lovely and I wish more applications would do this.
Running DWR with spring however is a (more…)
Tags: dwr, Java, Spring, spring dwr integration
Posted in Ajax, Spring | 34 Comments »
Friday, February 6th, 2009
A question commonly asked on the spring forums is that a service makes calls to multiple DAOs, how can ALL the calls be rolledback if any of the calls throws an exception. The simplest way to do this is to make your service transactional while keeping your DAOs non-transactional.
Example Service :
//imports & package
@Service
@Transactional
public class UserServiceImpl implements UserService {
@Override
public void addUser(User user) {
userDao.doFirstOperation();
userDao.doSecondOperation();
}
}
Notice the lack of @Transactional annotation in the DAO below.
public class UserDao {
public void doFirstOperation() {
// some stuff
}
public void doSecondOperation() {
// some stuff
}
}
Remember that your DAO methods MUST through an unchecked or runtime exception for the transaction to rollback on its own. Otherwise you have to declare the rollback in case of a checked exception.
Tags: Java, Spring, transaction management
Posted in Spring, Tips & Tricks | 5 Comments »
Saturday, January 31st, 2009
Spring Framework is by the most versatile framework for java applications. It can be used with any kind of application, be it an applet, a swing app or a web application.
Spring transaction management is one of the most powerful features of spring. It manages your transactions for you with minimal code, infact all you need to do is put a few lines of code in your configuration file and then annotate your classes/methods with the @Transactional annotation. Combining this with ORM tools such as hibernate, what you have is full fledged transaction management running in under 5 minutes.
(more…)
Tags: hibernate, Java, jmx, monitoring, Spring
Posted in Spring, Tips & Tricks | No Comments »