Spring Roo Rev005

CYBER SECURITY INFORMATION TECHNOLOGY CRITICAL INFRASTRUCTURE HOMELAND SECURITY MULTI-USER NETWORK CYBER SECURITY INFORMATION TECHNOLOGY CRITICAL INFRASTRUCTURE

Spring Roo
(By Rich Helton)
(Date September 15, 2011)

State of Colorado
Office of Cyber Security

State of Colorado Office of Cyber Security

Spring Framework, AOP and IoC
  Aspect Oriented Programming takes Object Oriented Programming
one step further by separating out the cross-cutting concerns and
assigning them to the framework. An example of a cross-cutting
concern is Transaction management.
  The Spring framework is an Open source framework that introduces
AOP by managing, or taking care of the plumbing, of the business
objects. http://www.springsource.com/
  Spring introduces the concept of Inversion of Control (IoC), which
simply means instead of having the application call the framework, the
framework will call the components defined by the application.
  I like to think of IoC as collecting the application pieces in modular
blocks. The IoC will pass the appropriate object into the Class when it
needs to work with that object.
  Spring provides the "Spring Security" framework that allows
different implementations to be connected seamlessly to the
application.


Spring
•  The Spring Framework is an open source application framework for the
Java platform. See http://en.wikipedia.org/wiki/Spring_Framework
•  Besides the benefits of using IOC and AOP, Spring comes with many
frameworks for Web Flow, MVC, Annotations, Transaction Management
and Data Access. Spring Roo is a quick way to put those pieces together.


MVC

 The Model-View-Controller is the most common design pattern in
Software Architecture.
Here are the pieces:


Spring MVC

  Spring has its own MVC framework. See
http://static.springsource.org/spring/docs/3.0.x/spring-framework-reference/
html/mvc.html
  Spring MVC is designed around a DispatcherServlet that dispatches the
requests to handlers. Theses handlers are handled through the
configuration which will map them, the views, and define the locale,
uploading files and other configurations.
  The Controller is defined through the @Controller annotation.
  Mapping URLs are done through the @RequestMapping annotation. This
mapping can be done in the controller as well.
  The ModelMap class can be used to map the model to the view for display.
  The model is simply an entity that can also be passed from the View to the
Controller and from the Controller to the View.
  The ModelAndView function contains the Model and View information for
mapping to the View from the Controller.


Spring Web Flow
  The system is ideal for building web application modules that guide the user
through controlled navigations that drive business process.
  The Web Flow philosophy says that any page can be drawn as a simple
flow chart where each state in the page flow is either a view or the action.
  Web Flow manages the transition between states and requires input from
the actions , or the views, to determine the next step of the configured
execution path of the page flow.
  See http://www.ervacon.com/products/swf/intro/index.html
  The Web Flow will have a Controller, a FlowController, that could be for
different web flows like an Ajax FlowController.
  The FlowController is a JavaBean in the application context of the
DispatcherServlet.
  The Web Flow will have a web flow schema that will define the different
states, like view states and action states that are used.
  The Flow Controller will use a Flow Executer to execute these states in the
schema.


What are Spring Faces

•  When working with Spring Web Flow, and connecting Java Server Faces,
there needs to be a layer integrating the two frameworks. That layer is
Spring Faces.
•  See
http://static.springsource.org/spring-webflow/docs/2.0-m1/reference/spring-
faces.html and
http://static.springsource.org/spring-webflow/docs/2.0.x/reference/html/
ch12.html


What are JavaServer Faces

•  JavaServer Faces (JSF) is a request-driven MVC web framework based on
component-driven UI design model, using XML files called view templates
or Facelets views
•  See http://en.wikipedia.org/wiki/JavaServer_Faces
•  JSF is a server-side technology for developing web applications with rich
user interfaces. Which includes a framework for validation, error handling,
data conversion, internalization and custom components.


Tomcat

•  Tomcat can be downloaded http://tomcat.apache.org/ , and is a Servlet
Container that can run Java Objects.
•  This is one of the free Spring supported Web Servers from Apache, others
include Apache Geronimo, JBoss, Oracle WebLogic and many more.
•  Tomcat has a startup.bat or startup shell to start the server.
•  After it starts, it can be accessed using http://127.0.0.1:8080/
•  Many of the deployments will be deployed in the /WebApps/ directory as a
WAR (Web Archive) file, similar to a JAR (Java Archive) file. See
http://en.wikipedia.org/wiki/WAR_(Sun_file_format)


• Tomcat

  Tomcat is a Servlet and Java Server Pages Container developed by
Apache, reference http://en.wikipedia.org/wiki/Tomcat_(software)
and http://tomcat.apache.org/ .
  It provides a Java HTTP Server to run Java code.
  Catalina is Tomcat’s servlet container.
  A servlet container a Java class that responds to HTTP requests.
  A HTTP request is an HTTP page that will call Java code and
execute an action running on the Tomcat Server.
  The Tomcat server may be started with a startup script and use
different ports so that many servers may be provide different
services.


Benefits of Tomcat/Catalina

  Tomcat can run a web server by just starting the startup.bat or
startup.sh.
  It uses other scripts to setclasspath, start catalina shutdown.
  A directory structure is used locally that can contain the classes,
libraries, configurations, etc.
  This way multiple tomcat server can be used in their own
containment area, or directory, without affecting other instances of
the Java Web Server.
  The Tomcat Web Server is Operating System dependent, and does
not require a formal installation or setup to be run. Only that the
directory and its contents are copied over correctly.
  Again, all of this is Open Source.


• Tomcat Directory


• Tomcat Directory

  bin  Directory containing the scripts and Tomcat JAR files.
  conf  The properties and XML files that configure the server,
including ports, Admin ports, database connections, etc.
  lib  The supporting JAR files needed to run Tomcat.
  logs  log files that are written during runtime and startup.
  webapps  any WAR files that contain the web applications. WAR
files are similar to JAR files except they also contain the Web pages,
like JSPs and Servlets. This is where the Flex applications will be
stored.

•  Reference
http://tomcat.apache.org/tomcat-3.3-doc/tomcat-
ug.html#directory_structure

Catalina

  Tomcat is the web server that presents HTML and Java Server
Pages (JSP’s).
  Catalina is the servlet code that responds on the server to server
requests and sends its response in HMTL, JSPs and even XML.
  A Servlet will receive a request and issue a response after processing
the request. It may do a database lookup, call other code or many
other tasks.
  Catalina is a container that will pool, secure, and oversee these
servlets as they are configured. The servlets are the binary code to
be executed.
  There is a Java Servlet protocol to be explored further at
http://en.wikipedia.org/wiki/Java_Servlet#Servlet_containers


Tomcat Management Interface

•  Tomcat has a management interface for loading new applications,


Springsource

•  Spring has several reference applications for MVC and Webflow.
•  They can be found at http://www.springsource.org/webflow-samples .
•  The installation of Webflow can be found
http://www.installationwiki.org/Setup_for_Spring_Web_Flow_2 .



Apache
Maven


• What is it?

  Apache Maven 2 is a software tool for Java project management and
build automation.
  It uses a .pom file in XML form that will generate a configuration
for pulling down libraries from Maven repositories, building the
project and even testing the project with results.
  See http://en.wikipedia.org/wiki/Apache_Maven, http://
maven.apache.org/guides/getting-started/index.html,
http://maven.apache.org/guides/getting-started/index.html and
http://maven.apache.org/ as a reference.


• POM

  The Project Object Model (POM) is used in Apache Maven to
describe the software project being built.
  The POM can also be generated using IDE’s like NetBeans that will
use a plugin to Maven to generate the files.
  The POM files are in XML format.


POM Example


Maven Directory structure

  Maven uses a predefined directory structure called a standard
project structure.
  The pom.xml will be stored in the project home directory which is
the base directory for the file tree.
  From this base directory, there will be a src and target directory:


• Maven Directory structure

  The src/main/java directory is where the Java source code is
stored.
  The src/main/resources are where the application resources are
stored like GIF files.
  The src/main/config are where the configuration files are stored.
  The src/main/webapp are where the web application WAR files
are stored.
  The src/test/java are where the Unit test files are stored.


• Running Maven

  The “mvn” command is used to run maven. It must be executed in
the project home directory. Here are some of the commands:



Spring Roo


Spring Roo Intro

  Spring Roo, http://en.wikipedia.org/wiki/Spring_Roo , is an open
source software tool that uses convention-over-configuration
principles to provide rapid application development of Java-based
enterprise software.
  The reulsing application use common Java technologies such as
Spring Framework, Java Persistence API, Java Server Pages,
Apache Mavin and AspectJ.
  The Spring Roo home page can be found at
http://www.springsource.org/roo .
  A good tutorial can be found at
http://blog.springsource.com/2009/05/27/roo-part-2/
  Installation can be found at http://www.springsource.org/roo/start


Why Spring Roo?

  Spring Roo is mentioned in
http://europe.springone.com/dl/springone-amsterdam-2009/
slides/RodJohnson_WelcomeKeynote.pdf as part of the Future of
Java Innovation.
  A great case study is the Tom-Tom, http://www.tomtom.com/ ,
where it cut development time by 50% for a customer base of 45
million, http://www.springsource.org/node/3001 .


Spring Roo Download
  Spring Roo can also be incorporated in the Spring Tool Suite,
http://www.springsource.com/developer/sts which is a Eclipse UI
running a VMWare vFabric optimized server for Spring.


Spring Roo Web Flow

  To install Spring web flow on Spring Roo, we will use the “roo> web
flow” command. A project has to be created first, and we will start
with the PetClinic that comes a Samples/clinic.roo file to get
started.


Spring Roo Web Flow

  Many artifacts are created, including a pom.xml for a Maven build,
and the templated src files,


Spring Roo Web Flow

  Next, run “perform tests” to see if everything generated correctly,
which will run for several minutes (it will perform Maven JUnit
tests in the src directory)…


Spring Roo Web Flow

  Look for the “Build Success” …


Spring Roo Web Flow

  Add the webflow and perform tests after, do “perform tests” after
significant changes to ensure there are no issues….


Spring Roo Web Flow

  The web flow command will create the flow view state files in src
mainwebappWEB-INFviewssampleflow and a webflow-
config .xml in srcmainwebappWEB-INFspring, the views
appear as:


Log4J

  A Log4J logger is created in src/main/resources/log4j.properties,
and can be changed so it logs to a file appender, see
http://logging.apache.org/log4j/1.2/manual.html


Running

  Running the new Pet Clinic application in tomcat can be done from
Maven.
  Quit Roo and run “mvn clean tomcat:run” in the project.


Running

  Then access the browser with http://localhost:8080/petclinic/ and
select the SampleFlow to access the web flow.


Wedding

  A Wedding RSVP example that uses HSQL DB as a database can be
found at http://blog.springsource.com/2009/05/27/roo-part-2/


HSQL Database

  HSQLDB (Hyper Structured Query Language Database) is a
relational database management system written in Java. See
http://en.wikipedia.org/wiki/HSQLDB .
  HSSQLDB is loaded at runtime of Tomcat through its JDBC Java
Database Driver, so it does not persist information in a database
that is already loaded into the Operating System like MySQL or SQL
Server. Therefore, HSSQLDB is normally used in a development
environment.
  Where is the data saved?
  The configuration of the HSSQLDB is saved in the “database/
jiradb.properties” file.
  The data of the HSSQLDB is saved in the “database/
jiradb.script” file.


HSQL Database

  In the configuration, I set the properties to /tmp/our-wedding, the
“/tmp” is the directory and the “our-wedding” are the files.

  From database properties set --key database.url --value
jdbc:hsqldb:/tmp/our-wedding


HSQL Database

  Where is the data saved?
  The configuration of the HSQLDB is saved in the “/tmp/our-
wedding.properties” file.
  The data of the HSSQLDB is saved in the “/tmp/our-
wedding.script” file.
  The hsqldb-1.8.0.10.jar , running from Maven, will be from a
~Home.m2repositoryhsqldb directory that has stored
Maven running JARs.
  Notice the data saved in script when entering an RSVP:


HS SQL Display
  Running “java -cp hsqldb-1.8.0.10.jar
org.hsqldb.util.DatabaseManager -user sa -url jdbc:hsqldb:our-
wedding” :


Maven Selenium
  Selenium, web testing, can also be run from Maven using “mvn
selenium:selenese”
  Selenium is a Firefox plugin, so FireFox must be installed.
  The Tomcat server must also be running from the previous “mvn
tomcat:run” example.
  A Firefox browser will appear during the run and a “weddingtarget
selenium.html” will be the result.


Maven Selenium
  Running the command “mvn selenium:selenese”


Maven Selenium
  The selenium.html results:


What is Selenium IDE

  Selenium IDE is another Open Source concept that is a Integrated
Development Environment running on top of the FireFox browser as a
plugin.
  Supports load testing.
  This allows a recording of the browser actions that can be played
back execute buttons being pushed and actions inside the
browser.
  Assertions can be executed on the HTML pages itself for checking
specific information.
  The test itself can be exported into Java, .NET, Perl, Ruby, etc,
and then code to execute the tests in that language.


Selenium IDE Test
(running from Firefox)


Selenium is now integrated in the site

  Running in Firefox, we can select Selenium Tests,


Selenium is now integrated in the site

  We get the last tests,


Setting Log4j

  Running “roo> logging setup --package WEB --level DEBUG” will
rewrite the “log4j.properties” to log on Debug with the spring
framework.


Log4j

  Even though the basic JDK logging framework can accept
changes on destination through its Handler in the
“logging.properties”, Log4j offers more advanced features in its
XML use of its Appender class.
  Appenders add functionality to add logging to the current
logging, for instance printing to the console and then adding
appenders to send email logs through SMTP.
  Log4j supports XML configuration and a text configuration in
log4j.properties.
  Log4J is an Apache framework found at
http://logging.apache.org/log4j/1.2/ and more information can
be found at http://en.wikipedia.org/wiki/Log4j


An example Log4j JSP code

• <%@ page import="org.apache.log4j.Logger" %><html><head>
<title>Demonstration log4j usage in jsp</title></head><body>
<%
Logger log = Logger.getLogger("com.demo.test");
log.debug("Show DEBUG message");
log.info("Show INFO message");
log.warn("Show WARN message");
log.error("Show ERROR message");
log.fatal("Show FATAL message");
%>
<b>
The log messages are shown in the Tomcat console and in the
${catalina.home}/logs/demo.log file.
</b></body></html>


An example Log4j demo.log

• 2008-08-11 20:03:43,379 [com.demo.test] DEBUG - Show
DEBUG message.
2008-08-11 20:03:43,409 [com.demo.test] INFO - Show
INFO message.
2008-08-11 20:03:43,409 [com.demo.test] WARN - Show
WARN message.
2008-08-11 20:03:43,409 [com.demo.test] ERROR - Show
ERROR message.
2008-08-11 20:03:43,419 [com.demo.test] FATAL - Show
FATAL message.


An example SMTP Appender

  An Appender is configured in the log4j.properties to define the
loggers. Here is a sample of an logger to send email logs:


Spring Security

  Spring security is the de-facto standard for securing Spring
application. It is a highly customizable authentication and
access-control framework.
http://static.springsource.org/spring-security/site/
  Running “roo> security setup”,


Spring Security
  While Spring Security templates are now stubbed out, the
applicationContext-Security.xml needs to be edited to point to
newly created Login page:


Now we get out Login page
  Login page:


Backup
  Run “roo> backup” to created a backup zip of the current src:


MVC
  Run “roo> controller class --class ~.web.PublicRsvpController” to
create the stubs for a Controller class.


MVC
  The PublicRsvpController.java stub.
  @RequestMapping will map the URL to the Controller
  @Controller will define this as a Controller class.
  For example, index will be called from the URL, then process the
function and call the View.


Entity (Model)
  Next, we will create a Roo Finder.
  Roo Finders provide methods to search through your entities
using JPA.
  We will list the available finders using “roo> finder list”:


Entity (Model)
  Next, we will create one of the available Roo Finders by using
“roo> finder add”.


Entity (Model)
  Among many things, it will set the @RooEntity in the Rsvp.java
file to add the finder and a corresponding Rsvp_Roo_Finder.aj
(AspectJ) file that defines the finder query.


Email
  Roo can also set up the stubs for email support using “roo> email
sender setup”, the email.properties will be used to set up the
SMPT connection properties:


Setting up for STS
  Roo can also set up the project files for STS, or Eclipse, by
running “roo> perform eclipse”:


Import into STS
  After an Eclipse/STS project is set up, it can now be imported
into STS from the File->Import->General->Existing Project:


Import into STS
  Imported….



Fields
and Pizza.roo


Commands
  To view the available commands, just push TAB:


Pizza.roo
  Some of this is covered in
http://static.springsource.org/spring-roo/reference/html-single/
index.html
  Creating the top level with “project –topLevelPackage
com.springsource.roo.pizzashop”:


Hint
  Typing in “hint” will assist us in what to do next, and typing part
of the command and TAB will give us options:


Persistence
  We set up HSQL DB persistence by running “persistence setup --
provider HIBERNATE --database
HYPERSONIC_IN_MEMORY” :


Persistence
  We can see the database properties by running “database
properties list” :


Creating our first Entity
  The enities are models that will map to the database, and the first
one is treated like a base class to add fields to, using “entity –
class ~.domain.Topping –testAutomatically” :


Creating our first Entity
  Our class, the @RooEntity is a JPA annotation, @RooJavaBean
creates JaveBean accessors and mutators, see
http://static.springsource.org/spring-roo/
org.springframework.roo.annotations/apidocs/ :


Creating our first Fields
  First, let’s see what fields are available, like enum and date:


  While looking at Springs validation from annotation, we know
that Spring can annotate a field, like @NotNull, and it will give an
exception if a null is passed through.
  Roo can put these in when declaring fields, and these are
available with the string field:


  Let’s create a simple string called “name” with “field string –
fieldName name –notNull –sizeMin 2”:

  As:


Creating more Fields
  To just simplify some of the running, I am going to create a small
script of classes and fields, and use “script fields.roo”, like Pizza
and price, to run it:

  Running:


Adding Relationships
  Adding many toppings to a Pizza, with “field set --fieldName
toppings --type ~.domain.Topping”, notice we are in the Pizza
domain:

  It created the “toppings” field in the Pizza class:


Adding Relationships
  Now we add the Many to One, by adding the Base class to the
Pizza class:

  It created the “base” field in the Pizza class:


Creating more Fields
  Creating fields2.roo for PizzaOrder, which has name, address,
total and delivery Date:

  Running:


Enum Field Commands
  Creating Enum Field commands can be found at
http://static.springsource.org/spring-roo/reference/html/
command-index.html#command-index-enum-constant


Adding Enum
  Lets’s add a DeliveryType enum with “enum type –class
~.domain.DeliveryTypeEnum”, and add the field to PizzaOrder:


Adding Enum
  It added DeliveryType into the PizzaOrder:


Maven perform commands
  There are many perform commands that will execute from
Maven:

  Perform “package” creates the JAR or WAR, “eclipse” will create
an Eclipse project, “tests” perform the Maven tests, “command”
Maven specific command, “clean” will execute a full clean.


Perform tests
  Using “perform tests” checks to see if there are currently issues
with the source code (Always wait for the “Build Success” or
“Build Failure” at the end):


Creating the Web tier
  Use “web mvc setup” will setup the basic Web configutation,
JSPXs, icons, and png files in a webapp directory.


  If you look through the files, you will notice under webapps
WEB-INFviews several files like “index.jspx”, “header.jspx”,
“footer.jspx” and exception jspx files.
  Some of these files are defined in “layouts.xml”:


  The layouts.xml file is defining the Apache Tiles format.
  Roo will put this layout will put Tiles, or templates, in the
following format:


Apache Tiles
  Apache Tiles is a templating framework built to simplify the
development of the web application user interfaces.
  See http://tiles.apache.org/
  Tiles is similar to JSTL templates to form the composite of a
website.
  To customize these pages, you merely need to customize the
various parts that make up the pages.


Web MVC
  The previous “web mvc setup” command only setup some basic
views, but not the controllers.
  Looking at other available “web mvc” commands”

  “web mvc all” will create all the controllers but a package name is
required.


Web MVC All
  Running “web mvc all --package ~.web” will give us controllers
for all the entities in the “comsprinsourceroopizzashopweb”
directory:


The Controller
  Looking at the Controller, we see that it has the “@Controller”
annotation, the “@RequestMapping” for the URL, and the
“@RooWebScaffold” which will define the path of the class and
the View to back out into, see
http://static.springsource.org/spring-roo/reference/html/base-
web.html :

  Scaffolding are the Roo annotations that provide the ability to
automatically generate View and Controller information.


Maven Tomcat Run
  To run the Pizza Shop, we run the Maven command outside of
Roo, “mvn tomcat:run”:


Running
  Browse http://localhost:8080/pizzashop/ :



Vote.Roo
With JMS and Email


Vote.Roo

  There are several examples in the /Spring-Roo/samples directory.
http://static.springsource.org/spring-roo/reference/html/intro.html
  Clinic.roo is the PetClinic script and demonstrates entity
relationships of different cardinalities.
  Vote.roo is the Voting sample that demonstrates Spring Security,
JMS and email support.
  Wedding.roo demonstrates a Weddign RSVP program.
  Expenses.roo is a Google Web Toolkit (GWT) example that shows
GWT scaffolding.
  A good tutorial on vote.roo can be found at
http://stsmedia.net/introducing-spring-roo-part-2-security-jms-
email-support/


Vote.Roo

  Let’s start by creating the directory and running “script vote.roo”.


Vote.Roo

  We see that vote.roo will setup its HSQLDB.


Vote.Roo

  And some basic security in “applicationContext-security.xml”.


Vote.Roo

  Readinf vote.roo, we see the scripts that create these as “persistence
setup --provider HIBERNATE --database
HYPERSONIC_PERSISTENT” and “security setup”:


Vote.Roo

  Running out of the box, we run “mvn tomcat:run” and browse
http://localhost:8080/vote/ :


Vote.Roo

  When clicking on “Create New Choice”, we are going to be
forwarded to a Login page, this is because “applicationContext-
security.xml” has “choices/**” access is the Admin Role.


Vote.Roo

  We are forwarded to a Login Screen.


Vote.Roo

  The roles are also currently saved in “applicationContext-
security.xml”. The passwords are saved in a sha-256 hash format so
they are not readable:


Vote.Roo

  That 256 byte string for the Admin’s password will simply be
hashed from the password “admin”. Using “admin”,”admin”,


Vote.Roo

  Now we can create a choice saved in HSQLDB,


Vote.Roo

  And add a Vote with Drop-Down name, IP and Date,


Vote.Roo

  Let’s look at the Calendar, the Calendar is being loaded as a Spring
Decoration that is loading dijit code from datetime.tagx

  Reading vote.roo, this is create with the “field date registered –type
java.util.Date –notnull –past”:



Vote.Roo
And JMS


JMS

  Java Messaging Service, is a publish-subscribe protocol to queue
requests. See http://en.wikipedia.org/wiki/Java_Message_Service
  The Spring Roo JMS commands can be found at
http://static.springsource.org/spring-roo/reference/html/
command-index.html#command-index-jms-setup


JMS

  Spring JMS is JMS that works inside the Spring framework, and the
Spring framework nuisances must be understood. A good
introduction can be found at
http://static.springsource.org/spring/docs/3.0.x/spring-
framework-reference/html/jms.html
  In JMS, there will be a Producer, that sends messages, and a
Consumer, that receives messages.
  The package “org.springframework.jms.core” provides the core
functionality for using JMS.
  The package “org.springframework.jms.support” provides
JMSException translation functionality.
  The JmsTemplate class is the central class in the JMS core package.
It contains many convenience methods to send a message.


Apache ActiveMQ

  One of the best Open Source mechanism mentioned on Wiki’s page
is Apache’s ActiveMQ. See http://en.wikipedia.org/wiki/ActiveMQ
and http://activemq.apache.org/
  Active MQ supports languages like C/C++, .NET, and scripting
languages like Python, Perl and PHP.
  It also has Ajax support and a REST API.


Our Technique

  For vote.roo, we will set up a MyAccesListener and
JmsTopicSecurityListener.
  The MyAccessListener will listen for Access Exceptions in Vote and
send a message to the Queue using the JmsTemplate.
  The JmsTopicSecurityListener will listen for the message with the
onMessage function and send an email to the administrator.


Creating the Access Listener

  First, create the class with “class –class
~.security.MyAccessListener”, which create an empty class.


Creating the Access Listener

  Now, we will add the Application Listener code and print bad
authentications, we use @Component to have it load:


Adding the Bean

  Starting up Tomcat with “mvn tomcat:run” , I login incorrectly into
the Vote app and it prints the “not Authorized” information in the
Tomcat window:


Adding JMS

  We are going to set up JMS with the service name as
“securityAlerts” and the type as “TOPIC”.
  The type is either QUEUE, with messages to be read, or TOPIC,
which are particular messages sent to multiple subscribers.
  Running “jms setup --provider ACTIVEMQ_IN_MEMORY --
destinationType TOPIC --destinationName securityAlerts”


Adding JMSTemplate

  Now we add JmsTemplate to MyAccessListener to send JMS
messages with “field jms template” since we are in the context on
MyAccessListener (Note: This will Autowire JmsTemplate, so then
remove the MyAccessListener bean from applicationContext.xml):


Adding JMS Listener

  Now we create the JMS Listener class with “jms listener class --class
~.security.JmsSecurityTopicListener --destinationName
securityAlerts --destinationType TOPIC”, which will be basic class
with the onMessage:


We add to MyAccessListener

  We are going to add some code to MyAccessListener to format the
event:


Set up the email properties

  Revisiting the Roo commands:


Set up the email properties

  We are now setting up the email properties with “email sender
setup --hostServer localhost --protocol SMTP --port 587 --
username rich --password secret%pass” and view it with “properties
list --name email.properties --path SPRING_CONFIG_ROOT”:


Email Template

  We will now setup an email in JmsTopicListener to send emails
when it receives a message with “field email template --class
~.security.JmsSecurityTopicListener” :


Email Template

  Add the code to call sendMessage:


Testing Email

  To test email, we will set up a local SMTP server for test called
Neptune, http://donovanbrown.com/post/Neptune.aspx


Testing Email

  Testing again, Neptune receives an email for an invalid Login (this
was a lot of work, but there is a lot of functionality):



SQL
Role Access


MySQL

  We are going to install MySQL.
  A free Open Source database that can run as a service and is more
relational for production use is the MySQL database. See
http://en.wikipedia.org/wiki/MySQL .
  Install MySQL from http://www.mysql.com/downloads/mysql/
  Here is an example to create the myTestAppDB:
  mysql> create database myTestAppDB character set utf8;
  Here is an example to create user “myUser” password “XXXXXXXX”
•  mysql> CREATE USER ‘myUser’@’localhost’ IDENTIFIED BY
‘XXXXXXXX’;
•  mysql> GRANT ALL PRIVILEGES ON *.* TO ‘jirauser’@’localhost’
WITH GRANT OPTION;


Typical Security

  In order to save some time, we are going to use a Roo addon
package called Typical Security.
  Typical Security can be found at
http://code.google.com/p/spring-roo-addon-typical-security/


Typical Security roo

  We are going to run the following roo script which will setup typical
security:


Database Properties

  To see the “database.properties”, run “database properties list” :


Running

  We will run the “mvn tomcat:run” as before, and browse to
http://localhost:8080/testapp-web/.


Running

  We will create a new user by going through signup (Notice it already
has Captcha and the fields):


Running

  We are successful:


Running

  We are successful by looking at the users:


Running

  We are successful by looking at the MySQL database:



LDAP


Spring Roo Rev005

Recomendados

Recomendados

Mais conteúdo relacionado

Mais procurados

Mais procurados (20)

Destaque

Destaque (8)

Semelhante a Spring Roo Rev005

Semelhante a Spring Roo Rev005 (20)

Mais de Rich Helton

Mais de Rich Helton (14)

Spring Roo Rev005