unescape special characters when using JAXB Marshalling

JAXB used to convert java objects to XML and XML to Java objects.
Please see full example on http://technicalminds.in/core-java/jaxb/jaxb-hello-world-example/

JAXB provides default escaping while doing the marshalling process.
But there are situations when we don't want to escape the special characters.
To explain more about this, i will reuse the same example explained in the above post. For example you want to show the name as  "Sivaranjani <Java Developer>"

Normal Approach and Output

Customer.Java

package jaxb;
import java.io.File;
import java.io.IOException;
import java.io.Writer;
import java.util.Date;import javax.xml.bind.JAXBContext;
import javax.xml.bind.JAXBException;
import javax.xml.bind.Marshaller;
import com.sun.xml.bind.marshaller.CharacterEscapeHandler;
public class Marshalling {
public static void main(String args[])throws JAXBException{
/**
* Create Customer Java Object
*/
Customer customer = new Customer();
customer.setFisrtName("Sivaranjani <Java Developer>");
customer.setLastName("Rajadurai");
customer.setEmailAddress("siva@gmail.com");
customer.setDob(new Date());/**
* Creating Jaxb Context and Marshaller
*/
JAXBContext jaxbContext = JAXBContext.newInstance(Customer.class);
Marshaller marshaller = jaxbContext.createMarshaller();
marshaller.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, true);/**
* Creates the xml output in the console
*/
marshaller.marshal(customer, System.out);/**
* Create xml output in a file
*/
File file = new File("JaxbXml.xml");
marshaller.marshal(customer, file);
}
}
class JaxbCharacterEscapeHandler implements CharacterEscapeHandler {
public void escape(char[] buf, int start, int len, boolean isAttValue,
Writer out) throws IOException {
for (int i = start; i < start + len; i++) {
char ch = buf[i];
out.write(ch);
}
}
}

and the output file will be,

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<customer>
<dob>2014-01-29T18:01:33.047+05:30</dob>
<emailAddress>siva@gmail.com</emailAddress>
<fisrtName>Sivaranjani &lt;Java Developer&gt;</fisrtName>
<lastName>Rajadurai</lastName>
</customer>

So in the above output, the angular brackets in first name are replaced with special characters. So to avoid that, we have to use the CharacterEscapeHandler provided by JAXB.

Steps:

1. Create a class that implements the com.sun.xml.bind.marshaller.CharacterEscapeHandler interface.


2. Create an instance of that.


3. Set that instance in the marshaller's Marshaller.JAXB_ENCODING property.

CharacterEscapeHandler Approach:

package jaxb;
import java.io.File;
import java.io.IOException;
import java.io.Writer;
import java.util.Date;
import javax.xml.bind.JAXBContext;
import javax.xml.bind.JAXBException;
import javax.xml.bind.Marshaller;
import com.sun.xml.bind.marshaller.CharacterEscapeHandler;
public class Marshalling {
public static void main(String args[])throws JAXBException{
/**
* Create Customer Java Object
*/
Customer customer = new Customer();
customer.setFisrtName("Sivaranjani <Java Developer>");
customer.setLastName("Rajadurai");
customer.setEmailAddress("siva@gmail.com");
customer.setDob(new Date());/**
* Creating Jaxb Context and Marshaller
*/
JAXBContext jaxbContext = JAXBContext.newInstance(Customer.class);
Marshaller marshaller = jaxbContext.createMarshaller();
marshaller.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, true);/**
* Creates the xml output in the console
*/
marshaller.marshal(customer, System.out);
/**
* Code to unescape special character while marshalling
*/
marshaller.setProperty(Marshaller.JAXB_ENCODING, "US-ASCII");
 CharacterEscapeHandler escapeHandler = new JaxbCharacterEscapeHandler();
 marshaller.setProperty("com.sun.xml.bind.characterEscapeHandler", escapeHandler);
/**
* Create xml output in a file
*/
File file = new File("JaxbXml.xml");
marshaller.marshal(customer, file);
}
}
class JaxbCharacterEscapeHandler implements CharacterEscapeHandler {
public void escape(char[] buf, int start, int len, boolean isAttValue,
Writer out) throws IOException {
for (int i = start; i < start + len; i++) {
char ch = buf[i];
out.write(ch);
}
}
}

Now see the output,

<?xml version="1.0" encoding="US-ASCII" standalone="yes"?>
<customer>
<dob>2014-01-29T18:10:13.916+05:30</dob>
<emailAddress>siva@gmail.com</emailAddress>
<fisrtName>Sivaranjani <Java Developer></fisrtName>
<lastName>Rajadurai</lastName>
</customer>

Limitations:

• It won't work when you set the Marshaller.JAXB_ENCODING as "UTF-8". It is bug reported on JIRA


• unmarshalling wont work with the XML file generated.

JAXB Hello World example

JAXB stands for Java Architecture for XML Binding. This helps to convert Java objects to XML and XML objects to java. JAXB provides marshalling and unmarshalling to do this.
Marshalling - Convert Java object to XML format
Unmarshalling -Convert XML to Java Object

Marshalling and unmarshalling can be done with JAXB annotated java beans. So first let’s create a bean with a name Customer.

Customer.Java

package jaxb;
import java.util.Date;
import javax.xml.bind.annotation.XmlRootElement;
@XmlRootElement
public class Customer {
private String FisrtName;
private String LastName;
private Date dob;
private String emailAddress;
public String getFisrtName() {
return FisrtName;
}
public void setFisrtName(String fisrtName) {
FisrtName = fisrtName;
}
public String getLastName() {
return LastName;
}
public void setLastName(String lastName) {
LastName = lastName;
}
public Date getDob() {
return dob;
}
public void setDob(Date dob) {
this.dob = dob;
}
public String getEmailAddress() {
return emailAddress;
}
public void setEmailAddress(String emailAddress) {
this.emailAddress = emailAddress;
}
}

Marshalling:
Here we will create the customer object and generate the xml file using the JAXB.
Marshalling.java

package jaxb;
import java.io.File;
import java.util.Date;import javax.xml.bind.JAXBContext;
import javax.xml.bind.JAXBException;
import javax.xml.bind.Marshaller;

public class Marshalling {
public static void main(String args[])throws JAXBException{
/**
* Create Customer Object
*/
Customer customer = new Customer();
customer.setFisrtName("Sivaranjani");
customer.setLastName("Rajadurai");
customer.setEmailAddress("siva@gmail.com");
customer.setDob(new Date());

/**
* Creating Jaxb Context and Marshaller
*/
JAXBContext jaxbContext = JAXBContext.newInstance(Customer.class);
Marshaller marshaller = jaxbContext.createMarshaller();
marshaller.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, true);

/**
* Creates the xml output in the console
*/
marshaller.marshal(customer, System.out);

/**
* Create xml output in a file
*/
File file = new File("JaxbXml.xml");
marshaller.marshal(customer, file);
}
}

Output:
First marshaller.marshal(customer, System.out); function prints the output on the console as below.

<customer>
<dob>2014-01-27T23:06:00.547+05:30</dob>
<emailAddress>siva@gmail.com</emailAddress>
<fisrtName>Sivaranjani</fisrtName>
<lastName>Rajadurai</lastName>
</customer>

Second function marshaller.marshal(customer, file); creates a file named JaxbXml.xml at class path.

UnMarshalling.java

package jaxb;
import java.io.File;
import javax.xml.bind.JAXBContext;
import javax.xml.bind.JAXBException;
import javax.xml.bind.Marshaller;
import javax.xml.bind.Unmarshaller;

public class UnMarshalling {
public static void main(String args[]) throws JAXBException {
/**
* Creating Jaxb Context and Marshaller
*/
JAXBContext jaxbContext = JAXBContext.newInstance(Customer.class);
Unmarshaller unMarshaller = jaxbContext.createUnmarshaller();

/**
* Get the xml file to convert
*/
File file = new File("JaxbXml.xml");

/**
* Unmarshaling the file
*/
Customer customer = (Customer) unMarshaller.unmarshal(file);
System.out.println("First Name: " + customer.getFisrtName() + "\n"
+ "Last Name: " + customer.getLastName());
}
}

Output:
First Name: Sivaranjani
Last Name: Rajadurai

Java Class Loader - An easy explanation for beginners

What is Java Class Loader

A Class Loader is an object that is responsible for loading the classes. It takes class name (with full package notation. Ex: java.lang.Object) as an input and attempts to locate or construct the class. Class loader loads classes in a platform dependent manner.

When Classes needs to be Loaded?

Class loading can happen in the following situation.

• when a class has public static void main


• when the static method of a class is called


• when a instance of a class is created


• when calling the class using reflection libraries (class.forName)

Types of Class Loaders

Bootstrap Class Loader:
As of Java 1.2, Bootstrap class loader is embedded inside JVM. It is the parent of all the other class loaders.This class loader loads the run time environment. (\jre\lib\rt.jar).

Extension Class Loader:
Extension class loader is the next level class loader and it has bootstrap as a parent. It loads the extension libraries from \jre\lib\ext\.

System Class Loader:
System class loader is the next level of Extension class loader and it loads the classes from the CLASSPATH.

Custom Class Loader:
JVM also supports custom class loaders creation. It can be created by extending the java.lang.ClassLoader class and overriding the loadClass() method.

Class Loader Principles:

There are mainly three principles followed in Class Loader.

Delegation:
Whenever the JVM requests for the class loader, the class loader consult it's parents before attempting to service it by itself. This principle is called delegation.

Visibility:
The child class loaders can see the classes loaded by the parent class loaders but the vice-verse is not true.

Uniqueness:
According to principle the classes loaded be parent should not be loaded by the child. Force loading causes the exception.

Building a Simple Class Loader

As i mentioned before custom class loaders can be built by sub classing with java.lang.ClassLoader and overwriting some of the abstract methods. Before going to the code, we will see the explanation for these methods.

loadClass()
This is the only method which need to be overwritten.

Syntax: loadClass(String name, boolean resolvIt)
name - name of the class to loaded
resolveit - if set to true, all the reference classes should be loaded.

Loads the class by the name given. If resolveit is set to true prepares the class with all the references.

defineClass()
This method is final method which cant be overwritten. It will take the raw bytes of data either from network or local file system and turns that into an class object.

findSystemClass()
It locates the file from the local file system .If it can locate the specified file, then  it calls the defineClass to convert the raw bytes to class object.

findLoadedClass()
If the class is already been loaded then that will be cached by this method. Before making any feature requests of loadClass, this method will be called to check the class from cache.

Putting it all together

1. First JVM request for the class


2. The current class loader's loadClass will be called.  And it will take care the further processes.


3. The loadClass() method calls the findLoadedClass() method to check if it is available on the cache.


4. If it is found it will return the class. Otherwise it uses the delegation and passes the request to it's parent.


5. If it is found by any of the parent's then it will be returned by the parent's class loader. Otherwise findSystemClass() will be called and it will attempts to locate the file from the local file system.


6. If the file is found it will be passed to defineClass() which constructs the class object and it will be returned to JVM.


7. Otherwise ClassNotFoundException will be thrown.

The below figure depicts this flow. This is not the accurate picture but rough flow.



 

Sample Code

MyClassLoader.java

import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
public class MyClassloader extends ClassLoader {
private byte[] getBytes(String filename) throws IOException {
File file = new File(filename);
long len = file.length();
byte raw[] = new byte[(int) len];
FileInputStream fin = new FileInputStream(file);
int r = fin.read(raw);
if (r != len)
throw new IOException("Cant read the file");
fin.close();
return raw;
}
public Class loadClass(String name, boolean resolve)
throws ClassNotFoundException {
Class finalClass = null;
finalClass = findLoadedClass(name);
String classFilename = name + ".class";
try {
byte raw[] = getBytes(classFilename);
finalClass = defineClass(name, raw, 0, raw.length);
} catch (IOException ie) {
}
if (finalClass == null) {
finalClass = findSystemClass(name);
}
if (resolve && finalClass != null)
resolveClass(finalClass);
if (finalClass == null)
throw new ClassNotFoundException(name);
return finalClass;
}
}

ClassLoaderTest.java

import java.lang.reflect.Method;
public class ClassLoaderTest {
public static void main(String args[])throws Exception{
MyClassloader classloader= new MyClassloader();
String progClass = args[0];
String progArgs[] = new String[args.length - 1];
System.arraycopy(args, 1, progArgs, 0, progArgs.length);
Class clas = classloader.loadClass(progClass,true);
Class mainArgType[] = { (new String[0]).getClass() };
Method main = clas.getMethod("main", mainArgType);
Object argsArray[] = { progArgs };
main.invoke(null, argsArray);
}
}

Animal.Java

public class Animal {
static public void main(String args[])throws Exception {
System.out.println("Called animal by the class loader"+ Animal.class.getClassLoader());
}
}

Compilation Steps

javac -cp . Animal.java

javac -cp . MyClassloader.java

javac -cp . ClassLoaderTest.java

Run

java -cp . ClassLoaderTest Animal

Output:

Called animal by the class loader MyClassloader@422ede

From the output we can see, the animal class is loaded by the MyclassLoader.

Difference between jdk jre jvm and jit

Java is called as platform independent because it can run in any of the operating system, if   jre/jdk is(Java Run-time Environment) installed on it.  There are different jre's/jdk's  depends on operating system which can talk with it's OS. But all the jre's/jdk's use a common language called byte code. The java compiler reads the source code and and converts that to class file which can be understood by java interpreters of all the jre's independent of the operating system.
So the java source code compiled in a window's system can be run in ubuntu system or vice versa.

Different jdk's for each operating system has it's own compilers,interpreters  and java virtual machine packed together as a single unit which makes it easy to run independent of the platform.
Generally when we install JDK, it installs many components. The main components are Java Compiler(javac), Java Interpreter (java), and JRE.

Overview :


JDK:
JDK = java utilities (Compiler, Interpreter etc..)+ JRE
JDK contains JRE along with many utilities like java compiler , java interpreter, applet viewer, jar achiever etc..  This provides complete set of tools to java programmer to compile, load,interpret and execute the code in a platform independent manner.

JRE:
JRE = JVM + Class loader + Class libraries
JRE is Java runtime environment which has JVM, Class loader, byte code verifier and class libraries. The compiled byte code will be given to JRE, then JRE does the following main processes.

• JRE's class loader loads the required .class files into memory


• JVM instance will be created  and it executes the class files.

JVM:
JVM = Java Interpreter + jit+ Garbage Collector + threads and synchronization +..
JVM is the computing machine where, it interprets, and executes the byte code. It has a instruction set which uses memory and it handles garbage collection, synchronization and threading etc..

JIT:
JIT is a compiler inside JRE. JIT compiler compiles the byte code to the native code of operating system in which it runs and thus it increases the performance.

How to Import and Export with MySQL for Excel Utility

MySQL for Excel is a very nice tool to export or import between MySQL and Excel.

Many people will be facing problems in converting the Excel data to MySQL Table data. This week I came across this tool and found helpful for every one. It is simply superb.

The steps to export your Excel data to MySQL table is below,

For export as a New table data,

1. Open the excel sheet from where you want to export data


2. Go to Data tab, then click MySQL for Excel


3. Make sure database server is running. Click on new connection down the page and fill all the details


4. Double click on the connection under Local/Remote connections to open the connection and enter password.This lists all the schema under the connection


5. Double click on the schema to open


6. Now select the value to export


7. Now the export option will be enabled on the right side


8. Click on export Excel data to new table


9. A pop opens where it asks for the table name and primary keys


10. Just follow those steps and click on export.


11. Table is created under the schema, with the table name you entered.

You may feel this is very easy. Now the interesting thing comes. This is what i required and it took me one day to figure it out.
What happens if you want one column of the excel data to be exported to one Column of the table??. Here the most important thing is you have to follow the synchronization. Even if you are exporting one column the row should be in sync. For example Salary of Siva should match Salary of Siva in table. You should mesh up the data.

The steps are below.

1. Follow till the 5th step above.


2. Click the table(example test) to which you want to export the data from excel sheet.


3. Click on Edit MySQL data


4. This opens the table in a separate sheet with the name of the table(test). Suppose this table has 2 columns named 'A' and 'B' .


5. There is excel sheet named newtestdata.xls, and it has 2 columns named 'A' and 'B' .


6. Now we wanted to move the  newtestdata.xls 's 'B' column to test table.


7. First make sure, newtestdata.xls's 'B' column and test sheet's 'B' columns are following same order.


8. then check whether the sheet is editable. If not,


9. press ALT + f11


10. double click the sheet where the table to be edited is shown. (Test sheet)


11. copy the below code on the white space
    

    Sub PasswordBreaker()
'Breaks worksheet password protection.
Dim i As Integer, j As Integer, k As Integer
Dim l As Integer, m As Integer, n As Integer
Dim i1 As Integer, i2 As Integer, i3 As Integer
Dim i4 As Integer, i5 As Integer, i6 As Integer
On Error Resume Next
For i = 65 To 66: For j = 65 To 66: For k = 65 To 66
For l = 65 To 66: For m = 65 To 66: For i1 = 65 To 66
For i2 = 65 To 66: For i3 = 65 To 66: For i4 = 65 To 66
For i5 = 65 To 66: For i6 = 65 To 66: For n = 32 To 126
ActiveSheet.Unprotect Chr(i) & Chr(j) & Chr(k) & _
Chr(l) & Chr(m) & Chr(i1) & Chr(i2) & Chr(i3) & _
Chr(i4) & Chr(i5) & Chr(i6) & Chr(n)
If ActiveSheet.ProtectContents = False Then
MsgBox "One usable password is " & Chr(i) & Chr(j) & _
Chr(k) & Chr(l) & Chr(m) & Chr(i1) & Chr(i2) & _
Chr(i3) & Chr(i4) & Chr(i5) & Chr(i6) & Chr(n)
Exit Sub
End If
Next: Next: Next: Next: Next: Next
Next: Next: Next: Next: Next: Next
End Sub

    
    


12. press f5


13. now the column will be editable on sheet test.


14. copy the data inside column 'B'.


15. press commit changes.

Thats all. The changes are now committed to database.

Jquery conflicts with other libraries like prototype.js

Most of the time when using jquery with other libraries, there will be lots of conflicts. That is because most of the libraries uses "$" as a shortcut. So when using two such libraries and calling "$" will confuses the code. I hated javascript libraries until i found that  jquery provides a nice solution for this.

The approach was explained in Jquery's official website. The solution given was, we have to put jquery in no-conflict mode.

How to put jquery in no-conflict mode:

For example you are using the following two libraries,
<script type="text/javascript" src="<%=request.getContextPath()%>/js/prototype.js"></script>
<script type="text/javascript" src="<%=request.getContextPath()%>/js/jquery-1.10.2.min.js"></script>

then immediately after loading jquery and before using it first time, add the following code,

<script >var $j = jQuery.noConflict();</script>

This will make sure that, $j will call jquery and $ will be used to call prototype. you can use any name in place $j. For example $k,$l...

Other Approach

There was another approach explained, without changing the default "$" shortcut. I have not tried this approach. Please check this if you like.

Here we have to call "jQuery.noConflict();" first and then pass the "$" in the document.ready function. And we can use "$" normally as before.

Example:

<script src="prototype.js"></script>
<script src="jquery.js"></script>
<script>
jQuery.noConflict();
jQuery( document ).ready(function( $ ) {
$( "div" ).hide();
});
</script>

Struts2 json result on jquery grid

As you all know struts2 supports JSON type results.When returning json result in struts2, many times I used to get the error

Class org.apache.struts2.json.JSONWriter can not access a member of class with modifiers "public"...

Usually this error will not be shown on the screen. To find the error, you should use any plugins like httpfox of firefox.
After a long search with many tools I got the reason for the issue and I am posting it here, as it can save many of your's time.

So the reason for this issue is,
When we are getting the json result from the struts request, the plugin tries to serialize the entire object graph and converting it into json.
To avoid this,use the below code and exclude the parameters which you don't want to serialize.
Generally the session variables declared in the classes should not be serialized for which i was getting the error. So mention the variable name in excludeproperties as follows

<action name="XXXAction" class="yourxxxclass" method="xxxmethod">
<result name="success" type="json" >
<param name="excludeProperties">
xxx(variable from yourxxxclass which you don't want to serialize)
</param>
</result>
</action>

Singleton object in Clustered Environment - An RMI Approach

RMI (Remote Method Invocation), helps application to call remote objects  on different JVM on Different host.
For example, consider the scenario where Singleton objects in Clustered Environments.
There will be one object presents per JVM. But if the design says, there should be one and only singleton object in the distributed environment, then how to achieve this?

Luckily RMI can be used to achieve this. ( But there are some limitations when the server singleton object crashes. This is discussed in the following link.http://www.javaspecialists.eu/archive/Issue052.html)

There will be one singleton object created in one clustered machine, and all other machines can use RMI to call this remote object.

This is the singleton class which creates its own object.

package intro;
importjava.io.Serializable;
public class SingletonObjectimplements Serializable {
private static final long serialVersionUID = 1L;
private static SingletonObjectsingletonObject = null;
privateSingletonObject() {
}
public static synchronized SingletonObjectgetSingletonObject() {
if (singletonObject == null) {
singletonObject = newSingletonObject();
}
return singletonObject;
}
}

Once RMI client find the remote object by lookup method, it uses this interface directly to access object.

RMI remote interface

package intro;
import java.rmi.*;
public interface SingletonGetterextends Remote {
public SingletonObjectgetSingleton() throws RemoteException;
}

This implements the interface method and defines the functionality.

RMI interface implementation:

package intro;
import java.rmi.*;
importjava.rmi.server.UnicastRemoteObject;
public class SingletonGetterImplextendsUnicastRemoteObject implements SingletonGetter {
public SingletonGetterImpl() throws RemoteException{}
public SingletonObject getSingleton() throws RemoteException{
returnSingletonObject.getSingletonObject();
}
}

The server RMI, which creates the remote object and binds that with the rmi registry.
Server Cluster

package intro;
import java.rmi.*;
import java.net.*;
public class SingletonRMIClusterServer{
public static void main(String[] args) {
try {
SingletonGetterImpllocalObject = new SingletonGetterImpl();
Naming.rebind("rmi:///SingletonObject", localObject);
} catch(RemoteExceptionre) {
re.printStackTrace();
} catch(MalformedURLExceptionmfe) {
mfe.printStackTrace();
}
}
}

The cluster which requires the singleton object, uses the server host and bind name to get the remote object. And using the remote object it gets the singleton object.

Client Cluster:

package intro;

import java.rmi.*;
import java.net.*;

public class SingletonRMIClusterConsumer{
public static void main(String[] args) {
try {
String host =
(args.length > 0) ? args[0] : "localhost";
SingletonGetter remObject =
(SingletonGetter)Naming.lookup("rmi://" + host +"/SingletonObject");
System.out.println(remObject.getSingleton());
} catch(RemoteException re) {
re.printStackTrace();
} catch(NotBoundException nbe) {
nbe.printStackTrace();
} catch(MalformedURLException mfe) {
mfe.printStackTrace();

}
}
}

Troubleshooting: 

Problem:

java.rmi.ConnectException: Connection refused to host: x.x.x.x; nested exception is:
    java.net.ConnectException: Connection refused: connect
Solution:
Go to command prompt and execute the below statement

 start rmiregistry

Problem:
java.rmi.ServerException: RemoteException occurred in server thread; nested exception is:
java.rmi.UnmarshalException: error unmarshalling arguments; nested exception is:
java.lang.ClassNotFoundException: intro.SingletonGetter

Solution:
Navigate to the class files location and execute the command,
start rmiregistry

Also use the same JVM for running the RMI registry and server / RMI registry and client

Spring AbstractRoutingDataSource for Multiple Schemas/DB

Spring AbstractRoutingDataSource for Multiple Schemas/DB helps to change the database dynamically.
For example, I can explain the situation as  follows.
Suppose you have an application which supports multiple languages and you want to connect to different databases on language selection. Then you can go with this approach and redirect the user based on the language selected.
The steps are below.

JSP:

• Create a select box populated with all the language, and on change call a struts action with the help of ajax.

<s:select headerKey="-1" headerValue="Select Language"
list="#{'en':'English','hi':'Hindi','ka':'Kannada','ta':'Tamil','te':'Telugu'}"
name="language" onchange="changeLanguage(this) "/>

AJAX Code

function changeLanguage(language){

    var url = 'LanguageAction.action?request_locale='
        + language.value;
    var myAjax = new Ajax.Request(url, {
    method : 'post',
     onComplete: function(originalRequest){
          location.reload(true);        

         }
});

}

setting the language in request_locale and calling the action makes sure that, selected language will be automatically stored in session with the variable named,WW_TRANS_I18N_LOCALE

Spring RoutingDatasource:

package com.genral.utility;

import java.util.Locale;
import java.util.Map;

import org.springframework.jdbc.datasource.lookup.AbstractRoutingDataSource;

import com.opensymphony.xwork2.ActionContext;
import com.opensymphony.xwork2.interceptor.I18nInterceptor;
/**
 * 
 * @author Sivaranjani D
 *
 */
public class RoutingDataSource extends AbstractRoutingDataSource {
    Locale locale = null;
    String language = "";
    LanguageType languageType = null;

    protected Object determineCurrentLookupKey() {

        if (ActionContext.getContext() != null) {
            Map<String, Object> session = ActionContext.getContext()
                    .getSession();

            if (session != null
                    && session
                            .containsKey(I18nInterceptor.DEFAULT_SESSION_ATTRIBUTE)) {
                locale = (Locale) session
                        .get(I18nInterceptor.DEFAULT_SESSION_ATTRIBUTE);
            }else{
                locale = new Locale("en");
            }

            language = locale.toString();

            if (language.equalsIgnoreCase("en"))
                languageType = LanguageType.English;
            else if (language.equalsIgnoreCase("ka"))
                languageType = LanguageType.Kannada;

        }
        return languageType;

    }

}

Generally the spring datasource should be implemented with the ThreadLocal concept. But here we are using the Struts2's ActionContext. Because, The ActionContext is thread local which means that values stored in the ActionContext are unique per thread. So whenever we are making a request to the database the language in session(I18nInterceptor.DEFAULT_SESSION_ATTRIBUTE) will be checked and that particular database will be chosen by RoutingDatasource.

•  Now configure data source with the spring's RoutingDataSource class. Since each DB request goes with this datasource, we are linking our DynamicRoutingDataSource here

<bean id="dataSource" >
   <property name="targetDataSources">
      <map key-type="com.genral.utility.LanguageType">
         <entry key="English" value-ref="englishDataSource"/>
         <entry key="Hindi" value-ref="hindiDataSource"/>
         <entry key="Tamil" value-ref="tamilDataSource"/>
         <entry key="Kannada" value-ref="kannadaDataSource"/>
      </map>
   </property>
   <property name="defaultTargetDataSource" ref="englishDataSource"/>
</bean>

  <bean id="parentDataSource"

         abstract="true">
  <property name="driverClassName" value="${jdbc.driverClassName}" />
   <property name="username" value="${jdbc.username}" />
    <property name="password" value="${jdbc.password}" />
</bean>

<bean id="englishDataSource" parent="parentDataSource">
  <property name="url" value="${jdbc.url.english}" />
</bean>

<bean id="hindiDataSource" parent="parentDataSource">
  <property name="url" value="${jdbc.url.hindi}" />
</bean>

<bean id="tamilDataSource" parent="parentDataSource">
  <property name="url" value="${jdbc.url.tamil}" />
</bean>

<bean id="kannadaDataSource" parent="parentDataSource">
  <property name="url" value="${jdbc.url.kannada}" />
</bean>

LanguageType Class:

package com.genral.utility;
public enum LanguageType {
English,
Hindi,
Kannada,
Tamil,
Telugu
}

Struts2 with Spring Security Example

Spring security is very good and interesting technology for addressing the complex web security issues. And integrating this with MVC based struts2 framework will be definitely help many people. So In this post I will tell the steps needed to implement Struts2 with Spring Security with some code example .

•  Add this filter in web.xml

<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy
</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>FORWARD</dispatcher>
<dispatcher>REQUEST</dispatcher>
</filter-mapping>

• Create the login page as follows,

<s:form action="authenticationFilter" method="post" id="homeLogin">
<s:textfield id="loginid" name="j_username" value="" theme="simple" />
<s:password id="pwd" name="j_password" value="" theme="simple" />

<s:submit value="Login" " />
</s:form>

• Create springsecurity.xml and configure it in web.xml as follows

<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/classes/SpringBeans.xml,/WEB-INF/classes/springsecurity.xml
</param-value>
</context-param>

• Now the request with the /authenticationFilter Should be processed by Spring security. So configure springsecurity.xml as follows.

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"xmlns:util="http://www.springframework.org/schema/util"
xmlns:security="http://www.springframework.org/schema/security"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.2.xsd
http://www.springframework.org/schema/util
http://www.springframework.org/schema/util/spring-util-3.2.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.2.xsd">

<bean id="springSecurityFilterChain" class="org.springframework.security.web.FilterChainProxy" />
<security:http pattern="/home.jsp " security="none"/>

<security:http auto-config="false" use-expressions="true"
entry-point-ref="authenticationEntryPoint">
<security:headers>
<security:cache-control />
<security:content-type-options />
<security:hsts />
<security:frame-options />
<security:xss-protection />

</security:headers>

<security:session-management
invalid-session-url="/sessionTimeout.html" />

<security:custom-filter position="FORM_LOGIN_FILTER" ref="myFilter" />
<security:custom-filter ref="basicAuthenticationFilter" after="BASIC_AUTH_FILTER" />

<security:intercept-url pattern="/crossdomain.xml"
access="permitAll" />

<security:intercept-url pattern="/**"
access="isAuthenticated()" />
<security:remember-me />

<security:access-denied-handler
error-page="/notauthorised.jsp" />

</security:http>

<bean id="authenticationEntryPoint"
class="org.springframework.security.web.authentication.DelegatingAuthenticationEntryPoint">
<constructor-arg>
<map>
<entry key="hasHeader('User-Agent','Java')"
value-ref="basicAuthEntryPoint" />
</map>
</constructor-arg>
<property name="defaultEntryPoint" ref="LoginUrlAuthenticationEntryPoint"/>
</bean>

<bean id="basicAuthEntryPoint"class="org.springframework.security.web.authentication.www.BasicAuthenticationEntryPoint">
<property name="realmName" value="REST Realm" />
</bean>

<bean id="basicAuthenticationFilter"class="org.springframework.security.web.authentication.www.BasicAuthenticationFilter">
<property name="authenticationManager" ref="authManager"/>
<property name="authenticationEntryPoint" ref="basicAuthEntryPoint" />
</bean>

<bean id="LoginUrlAuthenticationEntryPoint"
class="org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint">
<property name="loginFormUrl" value="/e-learning" />
</bean>
<security:authentication-manager alias="authManager" erase-credentials="false">
<security:authentication-provider
user-service-ref="jdbcUserService" />

</security:authentication-manager>
<bean id="jdbcUserService"
class="org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl">
<property name="dataSource" ref="dataSource" />
<property name="usersByUsernameQuery"
value="select username,password,flag AS ENABLED
from adm_usermaster where username=? " />
<property name="authoritiesByUsernameQuery"
value="select au.username, ar.rolename
from adm_usermaster au, adm_rolemaster ar where au.roleid= ar.roleid and au.username = ?"/>

</bean>

<bean id="myFilter" class="com.genral.security.SecurityFilter">
<property name="authenticationManager" ref="authManager" />
<property name="filterProcessesUrl" value="/authenticationFilter" />
<property name="authenticationFailureHandler" ref="failureHandler" />
<property name="authenticationSuccessHandler" ref="successHandler" />

</bean>

<bean id="successHandler"
class="org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler">
<property name="defaultTargetUrl" value="/authentication" />
<property name="alwaysUseDefaultTargetUrl" value="true" />
</bean>

<bean id="failureHandler"
class="org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler">
<property name="defaultFailureUrl" value="/error.jsp?login_error=1" />
</bean>

</beans>

So whenever the login page is submitted, authenticationFilter will be processed by spring security and it will call the  com.genral.security.SecurityFilter class.

This creates UsernamePasswordAuthenticationToken object with username and password. The authenticationManager.authenticate() uses the authManager declared  in configuration file and authenticates the user.

 SecurityFilter.java

package com.genral.security;

import java.io.IOException;

import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;
/**
*
* @author Sivaranjani D
*
*/
public class SecurityFilter extends AbstractAuthenticationProcessingFilter {

private static final String DEFAULT_FILTER_PROCESSES_URL = "/authenticationFilter";
private static final String POST = "POST";

public SecurityFilter() {
super(DEFAULT_FILTER_PROCESSES_URL);
}

@Override
public Authentication attemptAuthentication(HttpServletRequest request,
HttpServletResponse response) throws AuthenticationException,
IOException, ServletException, BadCredentialsException {
Authentication authentication = new UsernamePasswordAuthenticationToken(
request.getParameter("j_username").toString(),
request.getParameter("j_password").toString());

authentication = getAuthenticationManager().authenticate(
authentication);

SecurityContextHolder.getContext().setAuthentication(authentication);
return authentication;

}

@Override
public void doFilter(ServletRequest req, ServletResponse res,
FilterChain chain) throws IOException, ServletException {
final HttpServletRequest request = (HttpServletRequest) req;
final HttpServletResponse
response = (HttpServletResponse) res;
if (request.getMethod().equals(POST)) {

// If the incoming request is a POST, then we send it up
// to the AbstractAuthenticationProcessingFilter.
super.doFilter(request, response, chain);
} else {

// If it's a GET, we ignore this request and send it
// to the next filter in the chain. In this case, that
// pretty much means the request will hit the /login
// controller which will process the request to show the
// login page.

super.doFilter(request, response, chain);
}
}
}

Web Application Security Issues - CSRF

The top ten vulnerabilities given by OWASP for the year 2013 is listed in the below link.
https://www.owasp.org/index.php/Category:OWASP_Top_Ten_ProjectIn Web Application Security Issues, CSRF vulnerability  has been in the OWASP top ten for the past 6 years.CSRF can be understood with the below flow.

• Victim logged in his bank account and authenticated.


• Victim opened another tab, which is an attacker's website.


• There is an image, which says that you got a prize money of 1000$'s.


• Victim got excited and clicked on that image


• The image link was coded as below by the attacker.

<img src="http://victimsbank.com/transfer.do?acc=ATTACKERSACCOUNT&amt=10000" width="1" height="1" border="0" />

• So when the victim clicks on the link, the browser sends the request to the bank's website.


• Since Mr.Victim was already authenticated by the bank's website, the bank approves this transaction.

This is called as CSRF attack. This will be possible if the bank has not taken care of the web application vulnerability issues at the time of coding.

How the victim's bank should have avoided this issue?

• On the form transfer page, add a csrf token.


• This should be send to the server in request each time.


• Now when the attacker's site, try the above URL the token value fails with the server value and the transaction fails.

Highlight duplicate values in Microsoft Excel 2010 using Mysql for Excel

Mysql for excel is an excel add-in used to easily import and export between MS Excel and Mysql database.

Example Sheet

Steps to Highlight Duplicate records

• Select the column


• Click on Home -->Conditional Formatting -->Highlight Cells Rules --> Duplicate Values, as given below

• Select the colors as below. Click "OK" to highlight all duplicate value

• Now you can see all the duplicate records highlighted as below.

Steps to Create Maven Project with Eclipse

Introduction
Apache Maven is used for software project management. It uses the project object model (POM), and using that maven manages the build, reporting and documentation from a single place.
Steps to Create Maven Project with Eclipse
Download Maven

• Download Maven from http://maven.apache.org/download.cgi


•  Open conf/settings.xml and replace localRepository with  <localRepository>C:/.m2/repository</localRepository>. This is the place where all the downloaded artifacts will be stored.


• Add the following environment variables.

 M2_HOME=C:\Program Files\Apache Software Foundation\apache-maven-3.0.3        PATH=C:\Program Files\Apache Software Foundation\apache-maven-3.0.3\bin

• To test Maven is working or not, Open command prompt and enter mvn. You will see as below.

• 

• Add Eclipse Plugin for Maven


• Open eclipse and go to Help->Install New Software


• Enter the following in the first tab.http://download.eclipse.org/technology/m2e/releases/1.0/1.0.200.20111228-1245


• Check the box Maven Integration for eclipse and install the component.


• Click File->New->Other. In wizards, enter  maven,select maven project and click next


• Then check the tab "create a simple project", and click Next.


• Fill the form as follows.

• Give Next and Finish.


• Now the Maven project is created with one artifact named test.


• You can see the below structure in eclipse

• pom.xml will tell about the artifact name and the package type.


• Now create web.xml and index.html as below

• Add these statements in web.xml

<?xml version="1.0" encoding="UTF-8"?><web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" id="WebApp_ID" version="2.5">
<display-name>test</display-name>
<welcome-file-list>
<welcome-file>index.html</welcome-file>
</welcome-file-list>
</web-app>

and index.html,

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>First Maven Web</title>
</head>
<body>
Welcome to Maven!!
</body>
</html>

• Now right click on test and do "Maven install"

• In the console you can see the message, Build Success


[INFO] --- maven-install-plugin:2.3.1:install (default-install) @ test ---
[INFO] Installing C:\Users\Sivaranjani D\workspace\test\target\test-0.0.1-SNAPSHOT.war to C:\Users\Sivaranjani D\.m2\repository\test\test\0.0.1-SNAPSHOT\test-0.0.1-SNAPSHOT.war
[INFO] Installing C:\Users\Sivaranjani D\workspace\test\pom.xml to C:\Users\Sivaranjani D\.m2\repository\test\test\0.0.1-SNAPSHOT\test-0.0.1-SNAPSHOT.pom
[INFO] ------------------------------------------------------------------------
[INFO] BUILD SUCCESS
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 1.773s
[INFO] Finished at: Fri Aug 30 17:39:35 IST 2013
[INFO] Final Memory: 10M/121M
[INFO] ------------------------------------------------------------------------

• Now check your target folder, where you can see the built web application ready for use.

Accessing Spring Secured URL with Java ImageIo.read()

Problem Statement: Accessing Spring Secured URL with Java ImageIo.read()
There is a requirement in my application, where i need to access the spring secured URL using ImageIO.read(urlConnection.getInputStream()) of Java.

But the problem was, it always resulted in non authorized and i was redirected to the login page.
So ImageIO.read(urlConnection.getInputStream()) gives null always.

Solution:
After a long search i found the spring's Delegatingauthenticationentrypoint could be the easiest and simple solution.

So the approach which i followed is,

In Java client where you want to read the image,

First,Create Basic authentication String and set that in connection

String authString = SecurityContextHolder.getContext().getAuthentication().getName() + ":" + SecurityContextHolder.getContext().getAuthentication().getCredentials().toString();
byte[] authEncBytes = Base64.encodeBase64(authString.getBytes());
String authStringEnc = new String(authEncBytes);
URLConnection urlConnection = url.openConnection();
urlConnection.setRequestProperty("Authorization", "Basic " + authStringEnc);

Then use ImageIo.read() as follows,

image = ImageIO.read(urlConnection.getInputStream());

In Springsecurity.xml,

Add these below statements

<security:http auto-config="false" use-expressions="true"
entry-point-ref="authenticationEntryPoint">
<security:custom-filter position="FORM_LOGIN_FILTER" ref="myFilter" />
<security:custom-filter ref="basicAuthenticationFilter" after="BASIC_AUTH_FILTER" />
</security:http>

Now define authenticationEntryPoint,

<bean id="authenticationEntryPoint"
class="org.springframework.security.web.authentication.DelegatingAuthenticationEntryPoint">              <constructor-arg>
<map>
<entry key="hasHeader('User-Agent','Java')"
value-ref="basicAuthEntryPoint" />
</map>
</constructor-arg>
<property name="defaultEntryPoint" ref="LoginUrlAuthenticationEntryPoint"/>
</bean>

This clearly tells that, requests which all has headers with User-Agent as Java will use the
basicAuthEntryPoint.
And whichever fails that condition they will use the LoginUrlAuthenticationEntryPoint.