Sahan's Blog

Thursday, June 4, 2015

Android HttpUrlConnection Disable default content encoding in gzip

At present i have came across a scenario that our ESB is not responding to gzip format content encoded requests. Though ESB successfully call back end service after decoding these gzip requests originated from android apps which use HttpUrlConnection, ESB is not capable of respond the request after backend service successfully hand the response to ESB

Neither web nor Google helped me to understand how the default gzip encoding stops.

And then it came to my mind. Just set “Content-Encoding” to “identity” and you are done.

HttpURLConnection con = (HttpURLConnection) url.openConnection();

con.setRequestProperty(“Content-Encoding”, “identity”);

con.setRequestProperty(“Accept-Encoding”, “identity”);

http://ift.tt/eA8V8J June 04, 2015 at 12:18PM

Friday, September 26, 2014

Still not using Maven ? Then here is some dependancy tips

AXIS2 CLIENT

   axis2-xmlbeans-1.6.2
   axis2-transport-http-1.6.2
   axis2-transport-local-1.6.2
   axis2-adb-1.6.2
   axis2-kernel-1.6.2
   axiom-api-1.2.13
   axiom-impl-1.2.13
   neethi-3.0.2
   XmlSchema-1.4.7
   httpcore-4.0
   mail-1.4
   commons-httpclient-3.1
   commons-codec-1.3
   commons-logging-1.1.1
   wsdl4j-1.6.2

JAX-WS
    jaxb-impl.jar
    jaxws-api.jar
    jaxws-rt.jar
    gmbal-api-only.jar
    management-api.jar
    stax-ex.jar
    streambuffer.jar
    policy.jar
   ha-api.jar
   jaxb-core.jar

JERSEY
   asm-3.1.jar
   jackson-core-asl-1.9.2.jar
   jackson-jaxrs-1.9.2.jar
   jackson-mapper-asl-1.9.2.jar
   jackson-xc-1.9.2.jar
   jersey-client-1.17.1.jar
   jersey-core-1.17.1.jar
   jersey-json-1.17.1.jar
   jersey-server-1.17.1.jar
   jersey-servlet-1.17.1.jar
   jettison-1.1.jar
   jsr311-api-1.1.1.jar

LOG4J
   log4j-1.2.17.jar

STRUTS 2
   commons-fileupload-x.y.z.jar
   commons-io-x.y.z.jar
   commons-lang-x.y.jar
   commons-logging-x.y.z.jar
   commons-logging-api-x.y.jar
   freemarker-x.y.z.jar
   javassist-.xy.z.GA
   ognl-x.y.z.jar
   struts2-core-x.y.z.jar
   xwork-core.x.y.z.jar
   commons-lang3-3.1.jar

OPEN SAML 2.6
   serializer-2.10.0
   xalan-2.7.1
   xercesImpl-2.10.0
   xml-apis-2.10.0
   xmltooling-1.4.1
   xmlsec-1.5.6
   slf4j-api-1.7.5
   openws-1.5.1
   opensaml-2.6.1
   joda-time-2.2
   esapi-2.0.1
   commons-lang-2.6

HIBERNATE 4.1
   commons-collections-3.2.1.jar
   antlr-2.7.7.jar
    commons-lang3-3.1.jar
    commons-logging-1.1.3.jar
    dom4j-1.6.1.jar
    hibernate-commons-annotations-4.0.1.Final.jar
    hibernate-core-4.2.0.Final.jar
    hibernate-jpa-2.0-api-1.0.1.Final.jar
    javassist-3.15.0-GA.jar
    jboss-logging-3.1.0.GA.jar
    jboss-transaction-api_1.1_spec-1.0.0.Final.jar

Tuesday, September 23, 2014

JBOSS - java.lang.NoSuchMethodError: org.jboss.logmanager.LogContext.getAttachment

I came through below error while i was trying to use newer version of hibernate with jboss 5.1.2 EAP. The reason for this is with the classloader. Even though we created a jboss-classloading.xml file and instruct jboss to give priority to our classloader, it still try to pick jboss logging from server class loader than the jar inside war file.

Caused by: java.lang.NoSuchMethodError: org.jboss.logmanager.LogContext.getAttachment(Ljava/lang/String;Lorg/jboss/logmanager/Logger$AttachmentKey;)Ljava/lang/Object;

  at org.jboss.logging.JBossLogManagerProvider.doGetLogger(JBossLogManagerProvider.java:52)

  at org.jboss.logging.JBossLogManagerProvider.getLogger(JBossLogManagerProvider.java:47)

  at org.jboss.logging.Logger.getLogger(Logger.java:2164)

  at org.jboss.logging.Logger.getMessageLogger(Logger.java:2263)

  at org.jboss.logging.Logger.getMessageLogger(Logger.java:2215)

So how to over come this is as follow.

1. Download the zip from here.

2. Unzip it and run ant in the project’s root folder.

3. Copy the resulting .jar in the dist directory to $JBOSS_HOME/server/$PROFILE/deployers.

4. Create a file named jboss-classloading.xml and place it in your deployment’s WEB-INF or META-INF folders with the following contents:

<classloading xmlns="urn:jboss:classloading:1.0"

              domain="MyDeploymentDomain"

              parent-domain="NoHibernateNoJBLoggingDomain"

              parent-first="false"

              export-all="NON_EMPTY"

              import-all="true">

</classloading>

The set of packages filtered from your deployment is defined in NoHibernateNoJBLoggingDomain.jar at META-INF/jboss-beans.xml. See below for the default contents of this file:

<?xml version="1.0" encoding="UTF-8"?>

<deployment xmlns="urn:jboss:bean-deployer:2.0">

   <bean name="NoHibernateNoJBLoggingDomain" class="com.jboss.examples.classloader.FilteredDefaultDomain">

       <property name="domainName">NoHibernateNoJBLoggingDomain</property>

       <property name="filterPackages">org.hibernate,org.jboss.logmanager</property>

   </bean>

</deployment>

Now You are good to go!!!

Thursday, August 28, 2014

iOS - short note, how to change view of tabs in UiTabBarController

for (UINavigationController * nav in self.tabBarController.viewControllers) {

[nav.tabBarItem setTitleTextAttributes:[NSDictionary dictionaryWithObjectsAndKeys:

[UIColor grayColor],

NSForegroundColorAttributeName,

[UIFont systemFontOfSize:12], NSFontAttributeName,

nil]

forState:UIControlStateNormal];

[nav.tabBarItem setTitleTextAttributes:[NSDictionary dictionaryWithObjectsAndKeys:

[UIColor colorWithRed:0.0 green:122/255.0 blue:1.0 alpha:1], NSForegroundColorAttributeName,

[UIFont systemFontOfSize:14], NSFontAttributeName,

nil]

forState:UIControlStateSelected];

}

Monday, August 4, 2014

How to force change jboss class loader method 2

In my previous post there is the first method where you can force jboss to isolate class loader of your web app from server class loader. Here what happen is before adding jars in server classpath, jboss will search jars in your web app classpath. If matching jars or duplicating jars found jboss will give priority to the jars found in your web app’s classpath.

So to achieve this the first method is create an entry in jboss-web.xml which is the jboss specific deployment descriptor. The second method is creating a separate xml file “jboss-classloading.xml” in your app’s “WEB-INF” folder and add the class loading instructions in that file. An example is given below.

***** parent daomain is optional.

JBOSS EAP 5.1.2 & Sun Metro JAX-WS

Jboss does have their own web service implementation which is JBossWS-CXF, based out of Apache CXF. But if you are into JAX-WS metro stack you can simply use it with jboss.

1. Overide the class loader to load SUN Metro stack instead jboss supplied jax-ws version.

create “jboss-web.xml” file in “WEB-INF” folder with following content.

<?xml version=”1.0” encoding=”UTF-8”?>
<jboss-web>
   <context-root>/MyApp</context-root>
   <class-loading java2ClassLoadingCompliance=”false”>
       <loader-repository>
           org.myapp:loader=MyApp.war
           <loader-repository-config>
               java2ParentDelegation=false
           </loader-repository-config>
       </loader-repository>
   </class-loading>
</jboss-web>

2. Add WSServletContextListener listner to web.xml file

<listener>
<listener-class>com.sun.xml.ws.transport.http.servlet.WSServletContextListener</listener-class>
</listener>

3. Add servlet and servlet mapping for WSServlet

<servlet>
    <servlet-name>WSServlet</servlet-name>
    <servlet-class>
           com.sun.xml.ws.transport.http.servlet.WSServlet
        </servlet-class>
    <load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
    <servlet-name>WSServlet</servlet-name>
    <url-pattern>/*</url-pattern>
   <!— <url-pattern>/services/*</url-pattern> —>
</servlet-mapping>

You may now get your web service not only work but dynamic WSDL creation also working.

Wednesday, July 23, 2014

WSO2 IS SAML SSO using openSAML java library

In this blog post i will explain how to write a sample SSO service provider code using wso2is as the identity provider and openSAML as the supporting library to create SAML request.

First download the wso2IS from [1] and openSAML release from [2]. Then startup the wso2is. Create a new java web application project and import below jars from opensaml lib and lib/endorsed folders.

serializer-2.10.0
   xalan-2.7.1
   xercesImpl-2.10.0
   xml-apis-2.10.0
   xmltooling-1.4.1
   xmlsec-1.5.6
   slf4j-api-1.7.5
   openws-1.5.1
   opensaml-2.6.1
   joda-time-2.2
   esapi-2.0.1
   commons-lang-2.6

Also include “axiom-api.jar” from apache axis project which has the UIDGenerator.java class.

Lets take our service provider name is “test.com” & our consumer landing page is “http://localhost:8080/test.com/home.jsp”. (You have to register a new service provider with above fields in wso2 identity server. To do so please refer [3] )

You can use below code to sent login & logout saml requests.

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.StringWriter;
import java.net.URLEncoder;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Random;
import java.util.zip.Deflater;
import java.util.zip.DeflaterOutputStream;

import javax.xml.namespace.QName;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.parsers.ParserConfigurationException;

import org.joda.time.DateTime;
import org.opensaml.Configuration;
import org.opensaml.DefaultBootstrap;
import org.opensaml.common.SAMLVersion;
import org.opensaml.saml2.core.Assertion;
import org.opensaml.saml2.core.Attribute;
import org.opensaml.saml2.core.AttributeStatement;
import org.opensaml.saml2.core.AuthnContextClassRef;
import org.opensaml.saml2.core.AuthnContextComparisonTypeEnumeration;
import org.opensaml.saml2.core.AuthnRequest;
import org.opensaml.saml2.core.Issuer;
import org.opensaml.saml2.core.LogoutRequest;
import org.opensaml.saml2.core.NameID;
import org.opensaml.saml2.core.NameIDPolicy;
import org.opensaml.saml2.core.RequestAbstractType;
import org.opensaml.saml2.core.RequestedAuthnContext;
import org.opensaml.saml2.core.Response;
import org.opensaml.saml2.core.SessionIndex;
import org.opensaml.saml2.core.impl.AuthnContextClassRefBuilder;
import org.opensaml.saml2.core.impl.AuthnRequestBuilder;
import org.opensaml.saml2.core.impl.IssuerBuilder;
import org.opensaml.saml2.core.impl.LogoutRequestBuilder;
import org.opensaml.saml2.core.impl.NameIDBuilder;
import org.opensaml.saml2.core.impl.NameIDPolicyBuilder;
import org.opensaml.saml2.core.impl.RequestedAuthnContextBuilder;
import org.opensaml.saml2.core.impl.SessionIndexBuilder;
import org.opensaml.xml.ConfigurationException;
import org.opensaml.xml.XMLObject;
import org.opensaml.xml.XMLObjectBuilder;
import org.opensaml.xml.XMLObjectBuilderFactory;
import org.opensaml.xml.io.Marshaller;
import org.opensaml.xml.io.MarshallingException;
import org.opensaml.xml.io.Unmarshaller;
import org.opensaml.xml.io.UnmarshallerFactory;
import org.opensaml.xml.io.UnmarshallingException;
import org.opensaml.xml.util.Base64;
import org.opensaml.xml.util.XMLHelper;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.xml.sax.SAXException;

import com.opensymphony.xwork2.util.logging.Logger;
import com.opensymphony.xwork2.util.logging.LoggerFactory;

public class SAMLConsumer {

   private static final Logger logger = LoggerFactory.getLogger(SAMLConsumer.class);
   private static boolean isBootstraped = false;

   private static final String ISSUER_URL = “test.com”;
   private static final String CONSUMER_URL = “http://localhost:8080/test.com/home.jsp”;

   private static final String NAME_SPACE_URI_ISSUER = “urn:oasis:names:tc:SAML:2.0:assertion”;
   private static final String NAME_SPACE_URI_AUTH = “urn:oasis:names:tc:SAML:2.0:protocol”;
   private static final String SAML_TRANSPORT_TYPE_PWD_PROTECTED = “urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport”;
   private static final String SAML_TRANSPORT_PROTOCOL_BINDING = “urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST”;

   private static final String LOCAL_NAME_ISSUER = “Issuer”;
   private static final String LOCAL_NAME_AUTHRQ = “AuthnRequest”;
   private static final String NAME_SPACE_PREFIX = “samlp”;
   private static final String AUTH_CNTXT_REF = “AuthnContextClassRef”;
   private static final String SAML = “saml”;

   public static String buildLoginRequest() throws IllegalArgumentException, SecurityException, IllegalAccessException, NoSuchFieldException, MarshallingException, IOException {
       logger.info(“started”);

       IssuerBuilder issuerBuilder = new IssuerBuilder();
       Issuer issuer = issuerBuilder.buildObject(NAME_SPACE_URI_ISSUER, LOCAL_NAME_ISSUER, “samlp”);
       issuer.setValue(ISSUER_URL);

       NameIDPolicyBuilder nameIdPolicyBuilder = new NameIDPolicyBuilder();
       NameIDPolicy nameIdPolicy = nameIdPolicyBuilder.buildObject();
       nameIdPolicy.setFormat(“urn:oasis:names:tc:SAML:2.0:nameid-format:persistent”);
       nameIdPolicy.setSPNameQualifier(“Isser”);
       nameIdPolicy.setAllowCreate(new Boolean(true));

       AuthnContextClassRefBuilder authnContextClassRefBuilder = new AuthnContextClassRefBuilder();
       AuthnContextClassRef authnContextClassRef =
                                                    authnContextClassRefBuilder.buildObject(NAME_SPACE_URI_ISSUER,
                                                           AUTH_CNTXT_REF, SAML);
       authnContextClassRef.setAuthnContextClassRef(SAML_TRANSPORT_TYPE_PWD_PROTECTED);

       RequestedAuthnContextBuilder requestedAuthnContextBuilder =
                                                       new RequestedAuthnContextBuilder();
       RequestedAuthnContext requestedAuthnContext = requestedAuthnContextBuilder.buildObject();
       requestedAuthnContext.setComparison(AuthnContextComparisonTypeEnumeration.EXACT);
       requestedAuthnContext.getAuthnContextClassRefs().add(authnContextClassRef);

       DateTime issueInstant = new DateTime();
       AuthnRequestBuilder authnRequestBuilder = new AuthnRequestBuilder();
       AuthnRequest authnRequest = authnRequestBuilder.buildObject(NAME_SPACE_URI_AUTH, LOCAL_NAME_AUTHRQ, NAME_SPACE_PREFIX);
       authnRequest.setForceAuthn(new Boolean(false));
       authnRequest.setIsPassive(new Boolean(false));
       authnRequest.setIssueInstant(issueInstant);
       authnRequest.setProtocolBinding(SAML_TRANSPORT_PROTOCOL_BINDING);
       authnRequest.setAssertionConsumerServiceURL(CONSUMER_URL);
       authnRequest.setIssuer(issuer);
       authnRequest.setNameIDPolicy(nameIdPolicy);
       authnRequest.setRequestedAuthnContext(requestedAuthnContext);

       String authReqRandomId = Integer.toHexString(new Double(Math.random()).intValue());

       authnRequest.setID(authReqRandomId);
       authnRequest.setVersion(SAMLVersion.VERSION_20);

       return marshall(authnRequest);

   }

   public static String buildLogoutRequest(String user) throws MarshallingException, IOException {

       LogoutRequest logoutReq = new LogoutRequestBuilder().buildObject();

       logoutReq.setID(createID());

       DateTime issueInstant = new DateTime();
       logoutReq.setIssueInstant(issueInstant);
       logoutReq.setNotOnOrAfter(new DateTime(issueInstant.getMillis() + 5 * 60 * 1000));

       IssuerBuilder issuerBuilder = new IssuerBuilder();
       Issuer issuer = issuerBuilder.buildObject();
       issuer.setValue(ISSUER_URL);
       logoutReq.setIssuer(issuer);

       NameID nameId = new NameIDBuilder().buildObject();
       nameId.setFormat(“urn:oasis:names:tc:SAML:2.0:nameid-format:entity”);
       nameId.setValue(user);
       logoutReq.setNameID(nameId);

       SessionIndex sessionIndex = new SessionIndexBuilder().buildObject();
       sessionIndex.setSessionIndex(UIDGenerator.generateUID());
       logoutReq.getSessionIndexes().add(sessionIndex);

       logoutReq.setReason(“Single Logout”);

       return marshall(logoutReq);
   }

   private static String marshall(RequestAbstractType authnRequest) throws MarshallingException, IOException {
       doBootstrap();
       Marshaller marshaller = Configuration.getMarshallerFactory().getMarshaller(authnRequest);
       Element authDOM = marshaller.marshall(authnRequest);


       StringWriter rspWrt = new StringWriter();
       XMLHelper.writeNode(authDOM, rspWrt);
       String requestMessage = rspWrt.toString();

       System.out.println(requestMessage);

       Deflater deflater = new Deflater(Deflater.DEFLATED, true);
       ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
       DeflaterOutputStream deflaterOutputStream = new DeflaterOutputStream(byteArrayOutputStream, deflater);
       deflaterOutputStream.write(requestMessage.getBytes());
       deflaterOutputStream.close();

       /* Encoding the compressed message */
       String encodedRequestMessage = Base64.encodeBytes(byteArrayOutputStream.toByteArray(), Base64.DONT_BREAK_LINES);
       String encodedAuthnRequest = URLEncoder.encode(encodedRequestMessage,”UTF-8”).trim();;

       return encodedAuthnRequest;
   }


   public static <T> T createSAMLObject(final Class<T> clazz) throws IllegalArgumentException, SecurityException, IllegalAccessException, NoSuchFieldException {
       XMLObjectBuilderFactory builderFactory = Configuration.getBuilderFactory();

       QName defaultElementName = (QName)clazz.getDeclaredField(“DEFAULT_ELEMENT_NAME”).get(null);
       Map<QName, XMLObjectBuilder> builderMap= builderFactory.getBuilders();
       System.out.println(“is nul “ + builderMap.get(defaultElementName));

       return null;
   }

   private static void doBootstrap() {
       if(!isBootstraped) {
           try {
               DefaultBootstrap.bootstrap();
               isBootstraped = true;
           } catch (ConfigurationException e) {
               logger.error(“Error calling bootstrap”, e);
           }
       }
   }

   public static Map<String, String> processResponse(String response) {

       XMLObject resp = null;

       try {
           resp = unmarshall(response);
       } catch (ConfigurationException e) {
           // TODO Auto-generated catch block
           e.printStackTrace();
       } catch (ParserConfigurationException e) {
           // TODO Auto-generated catch block
           e.printStackTrace();
       } catch (SAXException e) {
           // TODO Auto-generated catch block
           e.printStackTrace();
       } catch (IOException e) {
           // TODO Auto-generated catch block
           e.printStackTrace();
       } catch (UnmarshallingException e) {
           // TODO Auto-generated catch block
           e.printStackTrace();
       }

       return getResult(resp);

   }

   private static XMLObject unmarshall(String responseMessage) throws ConfigurationException,
                           ParserConfigurationException, SAXException, IOException, UnmarshallingException {

       doBootstrap();
       DocumentBuilderFactory documentBuilderFactory = DocumentBuilderFactory.newInstance();
       documentBuilderFactory.setNamespaceAware(true);
       DocumentBuilder docBuilder = documentBuilderFactory.newDocumentBuilder();

       byte[] base64DecodedResponse = Base64.decode(responseMessage.trim());

       System.out.println(new String(base64DecodedResponse));

       ByteArrayInputStream is = new ByteArrayInputStream(base64DecodedResponse);

       Document document = docBuilder.parse(is);
       Element element = document.getDocumentElement();
       UnmarshallerFactory unmarshallerFactory = Configuration.getUnmarshallerFactory();
       Unmarshaller unmarshaller = unmarshallerFactory.getUnmarshaller(element);
       return unmarshaller.unmarshall(element);

   }

   private static Map<String, String> getResult(XMLObject responseXmlObj) {

       if (responseXmlObj.getDOM().getNodeName().equals(“saml2p:LogoutResponse”)) {
           logger.error(“user logout”);
           return null;
       }

       Response response = (Response) responseXmlObj;
       logger.info(“SAML resp” + response);

       Assertion assertion = response.getAssertions().get(0);
       Map<String, String> resutls = new HashMap<String, String>();

       /*
       * If the request has failed, the IDP shouldn’t send an assertion.
       * SSO profile spec 4.1.4.2 <Response> Usage
       */
       if (assertion != null) {

           String subject = assertion.getSubject().getNameID().getValue();
           resutls.put(“Subject”, subject); // get the subject

           List<AttributeStatement> attributeStatementList = assertion.getAttributeStatements();

           if (attributeStatementList != null) {
               // we have received attributes of user
               Iterator<AttributeStatement> attribStatIter = attributeStatementList.iterator();
               while (attribStatIter.hasNext()) {
                   AttributeStatement statment = attribStatIter.next();
                   List<Attribute> attributesList = statment.getAttributes();
                   Iterator<Attribute> attributesIter = attributesList.iterator();
                   while (attributesIter.hasNext()) {
                       Attribute attrib = attributesIter.next();
                       Element value = attrib.getAttributeValues().get(0).getDOM();
                       String attribValue = value.getTextContent();
                       resutls.put(attrib.getName(), attribValue);
                   }
               }
           }
       }
       return resutls;
   }

   public static String createID() {

        byte[] bytes = new byte[20]; // 160 bit

        new Random().nextBytes(bytes);

        char[] charMapping = {‘a’, ‘b’, ‘c’, ‘d’, ‘e’, ‘f’, ‘g’, ‘h’, ‘i’, ‘j’, ‘k’, ‘l’, ‘m’, ‘n’, ‘o’, ‘p’};

        char[] chars = new char[40];

        for (int i = 0; i < bytes.length; i++) {
            int left = (bytes[i] » 4) & 0x0f;
            int right = bytes[i] & 0x0f;
            chars[i * 2] = charMapping[left];
            chars[i * 2 + 1] = charMapping[right];
        }

        return String.valueOf(chars);
    }

}

[1] http://wso2.com/products/identity-server/

[2] https://wiki.shibboleth.net/confluence/display/OpenSAML/Home

[3] http://pavithramadurangi.blogspot.com/2013/09/saml-20-sso-with-wso2-is-450.html