EnduroTracker

Resize EBS Volumes , Here is A Link

2011-07-18T20:59:00.000-07:00

If you need to increase the size of an EBS volume, here is good article to accomplish this: article

Developing and Testing in Android Against Local Web Services

2011-06-19T14:42:00.001-07:00

Found a great post on Developing and Testing in Android Against Local Web Services, so I thought I would share it.
http://denimgroup.posterous.com/android-dns-setup-for-developing-and-testing

Recommend using Fluent Nhibernate

2010-11-18T17:55:00.000-08:00

I have been using Fluent Nhibernate instead of Nhibernate with xml config files.
It is definitely helpful in preventing configuration typos.
There other contrib projects for Nhibernate that I have found extremely useful
including Nhibernate Validator and NHibernate Spatial.
Nhibernate is independent from Hibernate and it doesn't benefit from a large corporate backer. Due to this Nhibernate and contrib projects are spread across multiple websites.
Main Site:
Fluent Nhibernate:

Unit Testing Restful Web Services using Restlet and Jaxb

2010-01-22T09:43:00.000-08:00

One way to post data to a Restful web services is to Serialize your object using Jaxb (Java Architecture for XML Binding) when you are using Java. Since you are dealing with Web Services you client code could also be in .Net, javascript, PHP, Rails, etc. But, in this post we are assuming your client is Java based. If you Object class is in a separate project from your Test project, one thing that will cause you to pull your hair out is you will get : JAXBException stating errors creating marshaller or unmarshaller, unless you place a jaxb.index file with your Object class in the same package. For example, if the Object that you are Serializing is Sample.java with the package com.acme.businessobjects, then you have to place a jaxb.index file with the package com.acme.businessobjects. Within the jaxb.index file just place one line with just the class name: Sample, and that's it.
Here is link to javadoc that discuss this: http://java.sun.com/javase/6/docs/api/javax/xml/bind/JAXBContext.html

The best way to understand Jaxb is to create a sample object called Sample, and create a test case

To demonstrate this issue create 2 projects , one that contains the Sample.java class, and one the contains you Test case. Note: Initially do not place a jaxb.index file with your Sample.java, this way you will see the JaxbException. After you see that you get the JaxbException, then place an jaxb.index file with your Sample.java, and rebuild your project. The second time around, once you have an jaxb.index file, your JAXBException will eliminated.

The test case uses a schema file named: sample.xsd, this is created using Sun's schemagen tool that comes with Java. From the command line: schemagen path/Sample.java. This creates a file named schema1.xsd, rename this file and copy to your test project folder. For detailed info see: Sun JAXB Tutorial

@XmlAccessorType(XmlAccessType.FIELD)
@XmlRootElement
public class Sample {
@XmlElement(name = "value")
private String val;

public Sample() {
}

public Sample(String val) {
this.val = val;
}

public String getVal() {
return val;
}

public void setVal(String val) {
this.val = val;
}

@Override
public String toString() {
return "Sample [val=" + val + "]";
}
}

This test case below tests both Marshalling and Unmarshalling using Jaxb.

public void testGenerateMarshallerToFile() throws JAXBException, FileNotFoundException, SAXException
{
JAXBContext context1 = JAXBContext.newInstance(Sample.class);

JAXBContext context2 = JAXBContext.newInstance("com.acme.businessobjects");

Marshaller m = context1.createMarshaller();
m.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, true);
Sample sample = new Sample();
sample.setVal("Hello");
final File f = new File("src/test/java/com/endurotracker/gwt/test/rest/api/sample.xml");
m.marshal(sample, new FileOutputStream(f));

Unmarshaller um = context2.createUnmarshaller();

um.setSchema(getSchema("Sample.xsd"));

Object bce = um.unmarshal(f);

m.marshal(bce, System.out);

}

To test your Restlet web services with Jaxb, you will need to create a SampleResource class. Luckily, for you there is such a test in the org.restlet.test package, so you will only need to download the latest restlet source code. restlet.org The name of the test class you are interested in is: JaxbIntegrationConverterTestCase

Restful Web Services using Asp.net MVC

2010-01-01T11:01:00.000-08:00

Microsoft's new Asp.net MVC framework can also easily support Restful Web Services.
Controller actions can be called from Ajax based based websites using Javascript.
For example if you create a controller named APIController with a method:GetUsers,
then a Restful url would be /API/GetUsers. To implement your Restful Web Services using Asp.net MVC, take a look at these excellent write ups,
create-rest-api-using-asp-net-mvc-that-speaks-both-json-and-plain-xml, and
Creating-a-RESTful-Web-Service-Using-ASPNet-MVC-Part-1-Introduction

Restful Web Services using Restlet Framework

2009-12-31T08:52:00.000-08:00

Restlet framework is a Restful Web Service framework written Java.

restful.org

However, Microsoft has worked with the team behind Restlet and has enabled interoperability between Azure ADO.net and Restlet.

microsoft-selects-restlet-to-show-rest-interoperability

Other big companies like Google also use the Restlet framework for writing Web Services in a Restful way. I always lean towards projects that are well documented and the Restlet framework has some good documentation including examples, tutorials, and api documents. In addition, if you want to integrate a Spring Web project with Restlet, here is a good write up,

restlet-with-spring

If your website leverages ajax via javascript, one of the nice things with Restlets is that you can easily call your Restful Web Services using javascript.

Restlets has implemented lots of extensions, for example if you want to write a smartphone app in android to call Restful Web Services, Restlets has an extension for this.

Restlet is extremely flexible and can be called from either a Web client or Web server code.

Spring MVC with SiteMesh Decoration Framework and Velocity Templates

2009-12-17T18:11:00.000-08:00

Most developers hate to repeat themselves, so they like to reuse as much code as possible. The folks at OpenSymphony.org who also brought you Quartz developed Sitemesh to utilize the Gang of Four pattern composition.
In short, SiteMesh is a web-page layout and decoration framework. It allows you to
reuse your layouts (header and footer for example) throughout your site, so that
you site has a consistent look and feel.

The general documentation at the SiteMesh Site site is quite good but I needed to utilize Sitemesh in the following specific scenario, I am using Spring MVC and Velocity Templates.

Since the general install documentation, installation instructions is very good, I will not repeat it here. Once you have downloaded and setup your web project, you will have 3 xml config that you will be dealing with, web.xml, sitemesh.xml, and decorators.xml. In my case I am using Spring MVC and Velocity, so I need to customize my web.xml configuration to handle this setup. Here is how my web.xml is configured:

If you followed the SiteMesh Install steps at their site and then customized your
web.xml for your Spring MVC web project, you should now have SiteMesh configured correctly to use with Spring MVC and Velocity.
Important to note in your decorators.xml since you are using Velocity,
you will be using *.vm decorator files, here is an example decorators.xml file:

<?xml version="1.0" encoding="ISO-8859-1"?>
<decorators defaultdir="/decorators">



<decorator name="default" page="default.vm">
<pattern>/*</pattern>
</decorator>

</decorators>

Using CAS 4 within a Load Balanced Environment

2009-11-24T11:19:00.000-08:00

My journey begins with HA which means High Availability.
I'm not crazy about acronyms because given the variety of words in the english language they can mean any combination of things.

I have 2 main requirements/constraints when running my website:
1) Always be load balanced for High Availability,redundancy and also allow easy scalability.
2) Allow use Hibernate across multiple databases. I have a separate database for users (user db), and a separate database for the core of the web application.

My website is load balanced using Apache, I have a single load balance server , and 2 web servers also running Apache.
They get load balanced via Apache ProxyReverse or mod_proxy module.

I added a third requirement to my web application, always allow the users to sign in once and sign in with one set of credentials (username/password).
Another words, don't have separate sign up, sign in processes for third party applications like forums that you have tacked onto to your site.

This third requirement is straight forward and may appear easy to some, but it can be complicated and time consuming to implement.
Luckily, the folks at jasig.org , created CAS , Central Authentication Service, which can be implemented into one's website.
It is Java based, but can be integrated with lots of different website technology stacks like .Net, PHP, Perl, ColdFusion, Ruby on Rails, etc.

Combining these 3 requirements means that I need to be able to have CAS load balanced across multiple servers and multiple databases.
The standard implementation of CAS stores a user's credentials in the session. However, when CAS is implemented this way, the web site
ends up losing the credentials on redirects, etc.

To solve this issue CAS 4 (Cas version 4) introduced the concept of Database Session Storage named JpaSessionStorage in CAS.
Due to requirement #2, I had to implement my own Session Storage class that utilizes Spring's JtaTransactionManager rather EntityManager.
This allows for managing transactions over multiple databases.

I created a class called: JpaSessionStorageUsingJtaImpl within the package:org.jasig.cas.server.session, and part of the cas 4 project: cas-server-sessionstorage-jpa.
Here is my code:

package org.jasig.cas.server.session;

import org.springframework.test.context.transaction.TransactionConfiguration;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.util.Assert;
import org.springframework.beans.factory.annotation.Autowired;

import org.springframework.stereotype.Component;
import org.springframework.stereotype.Repository;
import org.javalid.annotations.validation.CollectionSize;
import org.javalid.annotations.validation.NotNull;
import org.javalid.annotations.validation.MinValue;
import org.jasig.cas.server.authentication.Authentication;
import org.jasig.cas.server.login.LoginRequest;
import org.jasig.cas.server.util.Cleanable;

import org.hibernate.Query;
import org.hibernate.Session;
import org.hibernate.SessionFactory;
import org.hibernate.Transaction;

import javax.annotation.Resource;
import javax.persistence.*;

import java.util.ArrayList;
import java.util.List;

/***
* Session Storage Implementation that uses Spring's a JtaTransactionManager rather
* than EntityManager. Allows for managing transactions over multiple databases which
* is required in some web application implementations.
* @author David Driscoll
*
*/
@TransactionConfiguration(transactionManager="jtaTransactionManager", defaultRollback=false)
@Transactional
@Repository
/*public class JpaSessionStorageUsingJtaImpl extends AbstractSessionStorageImpl implements Cleanable{*/
public class JpaSessionStorageUsingJtaImpl implements SessionStorage, Cleanable{
@Resource(name="sessionFactory3")
private org.hibernate.SessionFactory sessionFactory;

@NotNull
@CollectionSize(mode=CollectionSize.MODE_MINIMUM, minimumSize = 1)
@Autowired(required=false)
private List sessionFactories = new ArrayList();

/*@Override
@Autowired
protected void setSessionFactories(List sessionFactories)
{
this.sessionFactories = sessionFactories;
}*/

@MinValue(1)
private long purgeTimeOut = 21600000;

@MinValue(1)
private int purgeMaxCount = Integer.MAX_VALUE;

public JpaSessionStorageUsingJtaImpl(){}

@Autowired(required=true)
public JpaSessionStorageUsingJtaImpl(List sessionFactories) {
this.sessionFactories = sessionFactories;
}

public org.jasig.cas.server.session.Session createSession(
LoginRequest loginRequest, Authentication authentication)
throws InvalidatedSessionException {
try{
if (loginRequest.getOriginalAccess() != null && loginRequest.getOriginalAccess().getParentSession() != null) {
org.jasig.cas.server.session.Session parentSession = loginRequest.getOriginalAccess().getParentSession();
org.jasig.cas.server.session.Session childSession = parentSession.createDelegatedSession(authentication);
addSession(childSession);
return childSession;
}

if(this.sessionFactories != null){
for ( org.jasig.cas.server.session.SessionFactory sessionFactory : this.sessionFactories) {
org.jasig.cas.server.session.Session session = sessionFactory.getSession(authentication);

if (session != null) {
addSession(session);
return session;
}
}
}

throw new IllegalStateException("No SessionFactory configured that can handle this type of Authentication.");
}
catch(Exception ex){
System.out.println("exception in createSession, exception message:" + ex.getMessage());
throw new IllegalStateException("No SessionFactory configured that can handle this type of Authentication.");
}
}

protected void addSession(org.jasig.cas.server.session.Session session) {
Assert.isInstanceOf(JpaSessionImpl.class, session);
this.sessionFactory.getCurrentSession().persist(session);
}

public org.jasig.cas.server.session.Session destroySession(String sessionId) {
try {

Query query = this.sessionFactory.getCurrentSession().createQuery("select s from session s where s.sessionId = :sessionId").setParameter("sessionId", sessionId);
org.jasig.cas.server.session.Session session = (org.jasig.cas.server.session.Session) query.uniqueResult();
this.sessionFactory.getCurrentSession().delete(session);
return session;
} catch (Exception e) {
return null;
}
}

public org.jasig.cas.server.session.Session findSessionBySessionId(String sessionId) {
try {
Query query = this.sessionFactory.getCurrentSession().createQuery("select s from session s where s.sessionId = :sessionId").setParameter("sessionId", sessionId);
org.jasig.cas.server.session.Session session = (org.jasig.cas.server.session.Session) query.uniqueResult();
return session;
} catch ( Exception e) {
return null;
}
}

public org.jasig.cas.server.session.Session updateSession(org.jasig.cas.server.session.Session session) {
this.sessionFactory.getCurrentSession().update(session);
return session;
}

public org.jasig.cas.server.session.Session findSessionByAccessId(String accessId) {
try {
Query query = this.sessionFactory.getCurrentSession().
createQuery("select s from session s, IN(s.casProtocolAccesses) c where c.id = :accessId").setParameter("accessId", accessId);
org.jasig.cas.server.session.Session session = (org.jasig.cas.server.session.Session) query.uniqueResult();
return session;

} catch ( Exception e) {
return null;
}
}

public void purge() {
Query query = this.sessionFactory.getCurrentSession().
createQuery("delete from session s");
query.executeUpdate();
}

public void prune() {

Query query = this.sessionFactory.getCurrentSession().
createQuery("Delete From session s where (s.state.creationTime + :timeOut) >= :currentTime or s.state.count > :maxCount").
setParameter("timeOut", this.purgeTimeOut).setParameter("currentTime", System.currentTimeMillis()).setParameter("maxCount", this.purgeMaxCount);
query.executeUpdate();
}

public void setPurgeTimeOut(long purgeTimeOut) {
this.purgeTimeOut = purgeTimeOut;
}

public void setPurgeMaxCount(int purgeMaxCount) {
this.purgeMaxCount = purgeMaxCount;
}

You will need to setup your JTA configuration for your CAS 4 datasource.
See my series of blog posts on setting up Spring with Multiple Databases to setup JTA appropriately, here : http://endurotracker.blogspot.com/2009/08/using-spring-with-multiple-databases.html
CAS 4 uses utilizes autowiring annotations, so you only need to reference this new class in your pom.xml for it to be found and used as the session storage mechanism.
Here is a xml snippet from the pom.xml file:

<dependency>
<groupId>org.jasig.cas</groupId>
<artifactId>cas-server-sessionstorage-jpa</artifactId>
<version>${project.version}</version>
<scope>runtime</scope>
<type>jar</type>
</dependency>

Using CAS 4 within a Load Balanced Environment Completed!

Single Sign On with CAS Part 2 Integrating with Roller

2009-11-24T10:17:00.000-08:00

Overview

In part 2, we will go over how to integrate CAS 4 Single Sign On with Roller ( a open source blog engine , see roller.apache.com ).
In this usage scenario we authenticate the user using CAS4 which in this case stores Username/password information in a separate User db from Roller's db.
So we will not be authenticating using Roller's db, however we will use Roller's db to determine what the users role / access rights are within the Roller application. (i.e Are they an editor, administrator, or do they not have a role yet).
Since Roller has implemented SSO for LDAP environment, we can utilize this and Roller will automatically create a role for a user if they do not have one yet. The default role is editor for their own blog.
The workflow for Roller integrating CAS 4 is as follows, user goes to a secured page on the roller application site, the user will get redirected to the
CAS 4 application site and be asked to login. After successful login, the user will be redirect back to where they started on the roller application site.
If they checked the remember me check box , then in the future, they will not have to login again until their remember me cookie expires.

Setting Up Your Development Environment
Roller uses Ant for compiling and deployment.
Depending on which IDE you use and what you development style is you may wish
to create a new empty roller_custom java project with Maven enabled if you want to use Maven dependency management instead using Ant and library references. I typically use Eclipse and Maven, so I created an empty roller_custom java project
and a new pom.xml, then enabled maven. This way I will be able to use Eclispe with Maven. I then built Roller using the ant build file (/roller/apps/weblogger/build.xml) to make sure Roller compiles correctly under ant first. To install Roller's jars into your local Maven Repository , you will need to use the experimental ant build file, /roller/build-poms.xml). You will need to download maven-ant-tasks-2.0.10.jar, and install it to roller/tools/buildtime/maven/maven-ant-tasks-2.0.10.jar and make sure to update it reference location in /roller/build-poms.xml. Next, I referenced the Roller's jars and CAS4 client jar in my roller_custom pom.xml file, like so:

<dependency>
<groupid>org.apache.roller</groupid>
<artifactid>roller-core</artifactid>
<version>4.0</version>
<type>jar</type>
</dependency>
<dependency>
<groupid>org.apache.roller</groupid>
<artifactid>roller-business</artifactid>
<version>4.0</version>
<type>jar</type>
</dependency>
<dependency>
<groupid>org.apache.roller</groupid>
<artifactid>planet-business</artifactid>
<version>4.0</version>
<type>jar</type>
</dependency>
<dependency>
<groupid>org.apache.roller</groupid>
<artifactid>planet-web</artifactid>
<version>4.0</version>
<type>jar</type>
</dependency>
<dependency>
<groupid>org.apache.roller</groupid>
<artifactid>roller-web</artifactid>
<version>4.0</version>
<type>jar</type>
</dependency>
<dependency>
<groupid>org.jasig.cas</groupid>
<artifactid>cas-client-core</artifactid>
<version>3.1.5</version>
</dependency>

Unfortunately this next part is time consuming. You will need to reference all the .jars that Roller references in your Pom.xml under /roller/tools, Roller has a lot of references so it is time consuming.
But, with all this hard work, you now have Maven goodness, and easy debugging compatibilty using Eclipse with Jetty if you wish.

SSO Implementation

Out of the box Roller supports SSO with LDAP. To use Spring Security with RememberMeServices we need to update
the class: RollerUserDetailsService.java, to include the specific Role Name Prefix that Spring Security looks for.
Specifically, Spring Security looks for the prefix "ROLE_" in every role name.

Additionally, Roller has a property setting for Autoprovision a user's account, we therefore will use this to automatically create a User if the Account exists in our CAS User db , but not in our Roller db.

Therefore we updated RememberMeServices like this:

public class RollerUserDetailsService implements UserDetailsService {

//Spring Security uses special required rolePrefix, typically ROLE_
private String rolePrefix = "";

public RollerUserDetailsService()
{

}

/**
* Allows a default role prefix to be specified. If this is set to a non-empty value, then it is
* automatically prepended to any roles read in from the db. This may for example be used to add the
* ROLE_ prefix expected to exist in role names (by default) by some other Spring Security
* classes, in the case that the prefix is not already present in the db.
*
* @param rolePrefix the new prefix
*/
public void setRolePrefix(String rolePrefix) {
this.rolePrefix = rolePrefix;
}

protected String getRolePrefix() {
return rolePrefix;
}

public UserDetails loadUserByUsername(String userName)
throws UsernameNotFoundException, DataAccessException {
try {
Weblogger roller = WebloggerFactory.getWeblogger();
UserManager umgr = roller.getUserManager();
User userData = null;
if (userName.startsWith("http://")) {
if (userName.endsWith("/")) {
userName = userName.substring(0, userName.length() -1 );
}
try {
userData = umgr.getUserByAttribute(
UserAttribute.Attributes.OPENID_URL.toString(),
userName);
} catch (WebloggerException ex) {
throw new DataRetrievalFailureException("ERROR in user lookup", ex);
}
String name;
String password;
GrantedAuthority[] authorities;

// We are not throwing UsernameNotFound exception in case of
// openid authentication in order to recieve user SREG attributes
// from the authentication filter and save them
if (userData == null) {
authorities = new GrantedAuthority[1];
GrantedAuthority g = new GrantedAuthorityImpl("openidLogin");
authorities[0] = g;
name = "openid";
password = "openid";
} else {
authorities = getAuthorities(userData, umgr);
name = userData.getUserName();
password = userData.getPassword();
}
UserDetails usr = new org.springframework.security.userdetails.User(name, password, true, authorities);
return usr;

} else {
try {
userData = umgr.getUserByUserName(userName);
} catch (WebloggerException ex) {
throw new DataRetrievalFailureException("ERROR in user lookup", ex);
}
if (userData == null) {

//determine if autoProvisioning is enabled if so create User
if (WebloggerConfig.getBooleanProperty("users.sso.autoProvision.enabled"))
{
AutoProvision provisioner = RollerContext.getAutoProvision();
if(provisioner != null) {
boolean userProvisioned = provisioner.execute(userName);
if(userProvisioned) {
// try lookup again real quick
try{
userData = umgr.getUserByUserName(userName);
}
catch (WebloggerException e) {
throw new UsernameNotFoundException("ERROR no user: " + userName);
}
}
}
}
else
{
throw new UsernameNotFoundException("ERROR no user: " + userName);
}
}
}
GrantedAuthority[] authorities = getAuthorities(userData, umgr);
return new org.springframework.security.userdetails.User(userData.getUserName(), userData.getPassword(), true, authorities);

} catch (WebloggerException ex) {
throw new DataAccessResourceFailureException("ERROR: fetching roles", ex);
}

}

private GrantedAuthority[] getAuthorities(User userData, UserManager umgr) throws WebloggerException {
List roles = umgr.getRoles(userData);
GrantedAuthority[] authorities = new GrantedAuthorityImpl[roles.size()];

if(!rolePrefix.isEmpty())
{
authorities = new GrantedAuthorityImpl[roles.size()*2];
}

int i = 0;
for (String role : roles) {
//add Roller Security Role for use with non-Spring Security Implementations
authorities[i++] = new GrantedAuthorityImpl(role);
//add Spring Security Role
authorities[i++] = new GrantedAuthorityImpl(rolePrefix + role);
}
return authorities;
}

}

In addition, since we need to get the Roles for a user from Roller's db so we may need to implement a Custom RememberMeServices class.
Developers will probably need to implement their own custom class, if they created their RememberMe cookie not using the standard Spring Security Remember Me configuration.
Here is a brief code outline (snippet), if you for example you call your class:

RollerRememberMeServices. You will need to extend AbstractRememberMeServices class which is a part of Spring Security ( using Spring Security 2.0) and implement all the required methods.

public class RollerRememberMeServices extends AbstractRememberMeServices{

}

One of the key methods is: processAutoLoginCoookie,

This method returns UserDetails object, within this method you will need to extract the username from the RememberMe cookie (this will vary depending on what you stored in your cookie value, some people will store username, some will store email, etc).
With the username you can the create a UserDetails object by doing something like this:

UserDetails userDetails = getUserDetailsService().loadUserByUsername(username);

Configuring those Config Files
Step 1 (optional , only if you wish to use Jetty as your debugging web server),
update your pom.xml file.

<plugin>
<groupId>org.mortbay.jetty</groupId>
<artifactId>jetty-maven-plugin</artifactId>
<version>7.0.0.1beta2</version>
<configuration>
<webAppConfig>
<contextPath>/roller_custom</contextPath>
<tempDirectory>${project.build.directory}/work</tempDirectory>
</webAppConfig>
<connectors>
<connector implementation="org.eclipse.jetty.server.nio.SelectChannelConnector">
<port>8090</port>
</connector>
</connectors>
</configuration>



</plugin>

Step 2: Updated web.xml (added Spring Security and CAS4):

<?xml version="1.0" encoding="UTF-8"?>
<web-app version="2.4" xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">

<display-name>Roller Weblogger</display-name>

<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/security.xml,
/WEB-INF/jndi.xml
</param-value>
</context-param>

<filter>
<filter-name>struts2</filter-name>
<filter-class>org.apache.struts2.dispatcher.FilterDispatcher</filter-class>
</filter>


<filter>
<filter-name>struts2-cleanup</filter-name>
<filter-class>org.apache.struts2.dispatcher.ActionContextCleanUp</filter-class>
</filter>


<filter>
<filter-name>CAS Single Sign Out Filter</filter-name>
<filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class>
</filter>





<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>

<filter>
<filter-name>DebugFilter</filter-name>
<filter-class>org.apache.roller.weblogger.ui.core.filters.DebugFilter</filter-class>
</filter>

<filter>
<filter-name>PersistenceSessionFilter</filter-name>
<filter-class>org.apache.roller.weblogger.ui.core.filters.PersistenceSessionFilter</filter-class>
</filter>

<filter>
<filter-name>BootstrapFilter</filter-name>
<filter-class>org.apache.roller.weblogger.ui.core.filters.BootstrapFilter</filter-class>
</filter>



<filter>
<filter-name>RequestMappingFilter</filter-name>
<filter-class>org.apache.roller.weblogger.ui.rendering.filters.RequestMappingFilter</filter-class>
</filter>

<filter>
<filter-name>InitFilter</filter-name>
<filter-class>org.apache.roller.weblogger.ui.core.filters.InitFilter</filter-class>
</filter>

<filter>
<filter-name>IPBanFilter</filter-name>
<filter-class>org.apache.roller.weblogger.ui.core.filters.IPBanFilter</filter-class>
</filter>

<filter>
<filter-name>SchemeEnforcementFilter</filter-name>
<filter-class>org.apache.roller.weblogger.ui.core.filters.SchemeEnforcementFilter</filter-class>
</filter>

<filter>
<filter-name>CharEncodingFilter</filter-name>
<filter-class>org.apache.roller.weblogger.ui.core.filters.CharEncodingFilter</filter-class>
</filter>






<filter-mapping>
<filter-name>CharEncodingFilter</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
<dispatcher>FORWARD</dispatcher>
</filter-mapping>


<filter-mapping>
<filter-name>IPBanFilter</filter-name>
<url-pattern>/roller-ui/rendering/comment/*</url-pattern>
<dispatcher>FORWARD</dispatcher>
</filter-mapping>
<filter-mapping>
<filter-name>IPBanFilter</filter-name>
<url-pattern>/roller-ui/rendering/trackback/*</url-pattern>
<dispatcher>FORWARD</dispatcher>
</filter-mapping>


<filter-mapping>
<filter-name>SchemeEnforcementFilter</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
</filter-mapping>

<filter-mapping>
<filter-name>CAS Single Sign Out Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>




<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>

<filter-mapping>
<filter-name>BootstrapFilter</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
</filter-mapping>


<filter-mapping>
<filter-name>PersistenceSessionFilter</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
</filter-mapping>


<filter-mapping>
<filter-name>InitFilter</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
</filter-mapping>


<filter-mapping>
<filter-name>RequestMappingFilter</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
</filter-mapping>




<filter-mapping>
<filter-name>struts2-cleanup</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
<dispatcher>FORWARD</dispatcher>
</filter-mapping>

<filter-mapping>
<filter-name>struts2</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
<dispatcher>FORWARD</dispatcher>
</filter-mapping>



<listener>
<listener-class>org.jasig.cas.client.session.SingleSignOutHttpSessionListener</listener-class>
</listener>

<listener>
<listener-class>org.apache.roller.weblogger.ui.core.RollerSession</listener-class>
</listener>

<listener>
<listener-class>org.apache.roller.weblogger.ui.core.RollerContext</listener-class>
</listener>

<listener>
<listener-class>org.apache.tiles.web.startup.TilesListener</listener-class>
</listener>


<servlet>
<servlet-name>PageServlet</servlet-name>
<servlet-class>org.apache.roller.weblogger.ui.rendering.servlets.PageServlet</servlet-class>
<load-on-startup>5</load-on-startup>
</servlet>

<servlet>
<servlet-name>FeedServlet</servlet-name>
<servlet-class>org.apache.roller.weblogger.ui.rendering.servlets.FeedServlet</servlet-class>
<load-on-startup>5</load-on-startup>
</servlet>

<servlet>
<servlet-name>ResourceServlet</servlet-name>
<servlet-class>org.apache.roller.weblogger.ui.rendering.servlets.ResourceServlet</servlet-class>
<load-on-startup>5</load-on-startup>
</servlet>

<servlet>
<servlet-name>MediaResourceServlet</servlet-name>
<servlet-class>org.apache.roller.weblogger.ui.rendering.servlets.MediaResourceServlet</servlet-class>
<load-on-startup>5</load-on-startup>
</servlet>

<servlet>
<servlet-name>SearchServlet</servlet-name>
<servlet-class>org.apache.roller.weblogger.ui.rendering.servlets.SearchServlet</servlet-class>
<load-on-startup>5</load-on-startup>
</servlet>

<servlet>
<servlet-name>OpenSearchServlet</servlet-name>
<servlet-class>org.apache.roller.weblogger.webservices.opensearch.OpenSearchServlet</servlet-class>
<load-on-startup>10</load-on-startup>
</servlet>

<servlet>
<servlet-name>CommentServlet</servlet-name>
<servlet-class>org.apache.roller.weblogger.ui.rendering.servlets.CommentServlet</servlet-class>
<load-on-startup>7</load-on-startup>
</servlet>

<servlet>
<servlet-name>TrackbackServlet</servlet-name>
<servlet-class>org.apache.roller.weblogger.ui.rendering.servlets.TrackbackServlet</servlet-class>
<load-on-startup>7</load-on-startup>
</servlet>

<servlet>
<servlet-name>RSDServlet</servlet-name>
<servlet-class>org.apache.roller.weblogger.ui.rendering.servlets.RSDServlet</servlet-class>
<load-on-startup>7</load-on-startup>
</servlet>

<servlet>
<servlet-name>PlanetFeedServlet</servlet-name>
<servlet-class>org.apache.roller.weblogger.ui.rendering.servlets.PlanetFeedServlet</servlet-class>
<load-on-startup>7</load-on-startup>
</servlet>

<servlet>
<servlet-name>CommentAuthenticatorServlet</servlet-name>
<servlet-class>org.apache.roller.weblogger.ui.rendering.servlets.CommentAuthenticatorServlet</servlet-class>
<load-on-startup>7</load-on-startup>
</servlet>

<servlet>
<servlet-name>PreviewServlet</servlet-name>
<servlet-class>org.apache.roller.weblogger.ui.rendering.servlets.PreviewServlet</servlet-class>
<load-on-startup>9</load-on-startup>
</servlet>

<servlet>
<servlet-name>PreviewResourceServlet</servlet-name>
<servlet-class>org.apache.roller.weblogger.ui.rendering.servlets.PreviewResourceServlet</servlet-class>
<load-on-startup>9</load-on-startup>
</servlet>

<servlet>
<servlet-name>PreviewThemeImageServlet</servlet-name>
<servlet-class>org.apache.roller.weblogger.ui.rendering.servlets.PreviewThemeImageServlet</servlet-class>
<load-on-startup>9</load-on-startup>
</servlet>

<servlet>
<servlet-name>RedirectServlet</servlet-name>
<servlet-class>org.apache.roller.weblogger.ui.rendering.velocity.deprecated.RedirectServlet</servlet-class>
<load-on-startup>9</load-on-startup>
</servlet>

<servlet>
<servlet-name>StrutsRedirectServlet</servlet-name>
<servlet-class>org.apache.roller.weblogger.ui.struts2.util.StrutsRedirectServlet</servlet-class>
<load-on-startup>9</load-on-startup>
</servlet>

<servlet>
<servlet-name>AtomServlet</servlet-name>
<servlet-class>com.sun.syndication.propono.atom.server.AtomServlet</servlet-class>
</servlet>

<servlet>
<servlet-name>CommentDataServlet</servlet-name>
<servlet-class>org.apache.roller.weblogger.ui.struts2.ajax.CommentDataServlet</servlet-class>
</servlet>

<servlet>
<servlet-name>UserDataServlet</servlet-name>
<servlet-class>org.apache.roller.weblogger.ui.struts2.ajax.UserDataServlet</servlet-class>
</servlet>

<servlet>
<servlet-name>AdminServlet</servlet-name>
<servlet-class>org.apache.roller.weblogger.webservices.adminprotocol.AdminServlet</servlet-class>
</servlet>

<servlet>
<servlet-name>TagDataServlet</servlet-name>
<servlet-class>org.apache.roller.weblogger.webservices.tagdata.TagDataServlet</servlet-class>
</servlet>

<servlet>
<servlet-name>XmlRpcServlet</servlet-name>
<servlet-class>org.apache.xmlrpc.webserver.XmlRpcServlet</servlet-class>
<init-param>
<description>
Sets, whether the servlet supports vendor extensions for XML-RPC.
</description>
<param-name>enabledForExtensions</param-name>
<param-value>true</param-value>
</init-param>
</servlet>



<servlet>
<servlet-name>RequestTokenServlet</servlet-name>
<servlet-class>org.apache.roller.weblogger.webservices.oauth.RequestTokenServlet</servlet-class>
</servlet>

<servlet>
<servlet-name>AuthorizationServlet</servlet-name>
<servlet-class>org.apache.roller.weblogger.webservices.oauth.AuthorizationServlet</servlet-class>
</servlet>

<servlet>
<servlet-name>AccessTokenServlet</servlet-name>
<servlet-class>org.apache.roller.weblogger.webservices.oauth.AccessTokenServlet</servlet-class>
</servlet>

<servlet-mapping>
<servlet-name>RequestTokenServlet</servlet-name>
<url-pattern>/roller-services/oauth/requestToken</url-pattern>
</servlet-mapping>

<servlet-mapping>
<servlet-name>AuthorizationServlet</servlet-name>
<url-pattern>/roller-services/oauth/authorize</url-pattern>
</servlet-mapping>

<servlet-mapping>
<servlet-name>AccessTokenServlet</servlet-name>
<url-pattern>/roller-services/oauth/accessToken</url-pattern>
</servlet-mapping>




<servlet-mapping>
<servlet-name>PageServlet</servlet-name>
<url-pattern>/roller-ui/rendering/page/*</url-pattern>
</servlet-mapping>

<servlet-mapping>
<servlet-name>FeedServlet</servlet-name>
<url-pattern>/roller-ui/rendering/feed/*</url-pattern>
</servlet-mapping>

<servlet-mapping>
<servlet-name>ResourceServlet</servlet-name>
<url-pattern>/roller-ui/rendering/resources/*</url-pattern>
</servlet-mapping>

<servlet-mapping>
<servlet-name>MediaResourceServlet</servlet-name>
<url-pattern>/roller-ui/rendering/media-resources/*</url-pattern>
</servlet-mapping>

<servlet-mapping>
<servlet-name>CommentServlet</servlet-name>
<url-pattern>/roller-ui/rendering/comment/*</url-pattern>
</servlet-mapping>

<servlet-mapping>
<servlet-name>TrackbackServlet</servlet-name>
<url-pattern>/roller-ui/rendering/trackback/*</url-pattern>
</servlet-mapping>

<servlet-mapping>
<servlet-name>RSDServlet</servlet-name>
<url-pattern>/roller-ui/rendering/rsd/*</url-pattern>
</servlet-mapping>

<servlet-mapping>
<servlet-name>SearchServlet</servlet-name>
<url-pattern>/roller-ui/rendering/search/*</url-pattern>
</servlet-mapping>

<servlet-mapping>
<servlet-name>PlanetFeedServlet</servlet-name>
<url-pattern>/planetrss/*</url-pattern>
</servlet-mapping>

<servlet-mapping>
<servlet-name>CommentAuthenticatorServlet</servlet-name>
<url-pattern>/CommentAuthenticatorServlet</url-pattern>
</servlet-mapping>


<servlet-mapping>
<servlet-name>PreviewServlet</servlet-name>
<url-pattern>/roller-ui/authoring/preview/*</url-pattern>
</servlet-mapping>

<servlet-mapping>
<servlet-name>PreviewResourceServlet</servlet-name>
<url-pattern>/roller-ui/authoring/previewresource/*</url-pattern>
</servlet-mapping>

<servlet-mapping>
<servlet-name>PreviewThemeImageServlet</servlet-name>
<url-pattern>/roller-ui/authoring/previewtheme</url-pattern>
</servlet-mapping>


<servlet-mapping>
<servlet-name>CommentDataServlet</servlet-name>
<url-pattern>/roller-ui/authoring/commentdata/*</url-pattern>
</servlet-mapping>

<servlet-mapping>
<servlet-name>UserDataServlet</servlet-name>
<url-pattern>/roller-ui/authoring/userdata/*</url-pattern>
</servlet-mapping>


<servlet-mapping>
<servlet-name>XmlRpcServlet</servlet-name>
<url-pattern>/roller-services/xmlrpc</url-pattern>
</servlet-mapping>

<servlet-mapping>
<servlet-name>AtomServlet</servlet-name>
<url-pattern>/roller-services/app/*</url-pattern>
</servlet-mapping>

<servlet-mapping>
<servlet-name>AdminServlet</servlet-name>
<url-pattern>/roller-services/rap/*</url-pattern>
</servlet-mapping>

<servlet-mapping>
<servlet-name>TagDataServlet</servlet-name>
<url-pattern>/roller-services/tagdata/*</url-pattern>
</servlet-mapping>

<servlet-mapping>
<servlet-name>OpenSearchServlet</servlet-name>
<url-pattern>/roller-services/opensearch/*</url-pattern>
</servlet-mapping>


<servlet-mapping>
<servlet-name>RedirectServlet</servlet-name>
<url-pattern>/language/*</url-pattern>
</servlet-mapping>

<servlet-mapping>
<servlet-name>RedirectServlet</servlet-name>
<url-pattern>/comments/*</url-pattern>
</servlet-mapping>

<servlet-mapping>
<servlet-name>RedirectServlet</servlet-name>
<url-pattern>/resources/*</url-pattern>
</servlet-mapping>

<servlet-mapping>
<servlet-name>RedirectServlet</servlet-name>
<url-pattern>/rsd/*</url-pattern>
</servlet-mapping>

<servlet-mapping>
<servlet-name>RedirectServlet</servlet-name>
<url-pattern>/flavor/*</url-pattern>
</servlet-mapping>

<servlet-mapping>
<servlet-name>RedirectServlet</servlet-name>
<url-pattern>/rss/*</url-pattern>
</servlet-mapping>

<servlet-mapping>
<servlet-name>RedirectServlet</servlet-name>
<url-pattern>/atom/*</url-pattern>
</servlet-mapping>

<servlet-mapping>
<servlet-name>RedirectServlet</servlet-name>
<url-pattern>/page/*</url-pattern>
</servlet-mapping>

<servlet-mapping>
<servlet-name>RedirectServlet</servlet-name>
<url-pattern>/search/*</url-pattern>
</servlet-mapping>

<servlet-mapping>
<servlet-name>RedirectServlet</servlet-name>
<url-pattern>/xmlrpc/*</url-pattern>
</servlet-mapping>

<servlet-mapping>
<servlet-name>RedirectServlet</servlet-name>
<url-pattern>/editor/*</url-pattern>
</servlet-mapping>

<servlet-mapping>
<servlet-name>RedirectServlet</servlet-name>
<url-pattern>/admin/*</url-pattern>
</servlet-mapping>


<servlet-mapping>
<servlet-name>StrutsRedirectServlet</servlet-name>
<url-pattern>/roller-ui/yourWebsites.do</url-pattern>
</servlet-mapping>

<servlet-mapping>
<servlet-name>StrutsRedirectServlet</servlet-name>
<url-pattern>/roller-ui/authoring/commentManagement.do</url-pattern>
</servlet-mapping>

<session-config>
<session-timeout>30</session-timeout>
</session-config>

<welcome-file-list>
<welcome-file>home.jsp</welcome-file>
<welcome-file>index.jsp</welcome-file>
<welcome-file>index.html</welcome-file>
</welcome-file-list>

<error-page>
<exception-type>java.lang.Exception</exception-type>
<location>/roller-ui/errors/error.jsp</location>
</error-page>

<error-page>
<error-code>403</error-code>
<location>/roller-ui/errors/403.jsp</location>
</error-page>

<error-page>
<error-code>404</error-code>
<location>/roller-ui/errors/404.jsp</location>
</error-page>






</web-app>

Step 3: Updated Security.xml:

<?xml version="1.0" encoding="UTF-8"?>

<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:p="http://www.springframework.org/schema/p"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:aop="http://www.springframework.org/schema/aop"
xmlns:tx="http://www.springframework.org/schema/tx"
xmlns:jee="http://www.springframework.org/schema/jee"
xsi:schemaLocation="http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-2.5.xsd
http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-2.5.xsd
http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-2.5.xsd
http://www.springframework.org/schema/jee http://www.springframework.org/schema/jee/spring-jee-2.5.xsd">



<http entry-point-ref="casProcessingFilterEntryPoint">
<intercept-url pattern="/images/**" filters="none"/>
<intercept-url pattern="/scripts/**" filters="none"/>
<intercept-url pattern="/styles/**" filters="none"/>
<intercept-url pattern="/roller-ui/login-redirect**" access="ROLE_admin,ROLE_editor" />

<intercept-url pattern="/roller-ui/profile**" access="ROLE_admin,ROLE_editor"/>
<intercept-url pattern="/roller-ui/createWeblog**" access="ROLE_admin,ROLE_editor"/>
<intercept-url pattern="/roller-ui/menu**" access="ROLE_admin,ROLE_editor"/>
<intercept-url pattern="/roller-ui/authoring/**" access="ROLE_admin,ROLE_editor"/>
<intercept-url pattern="/roller-ui/admin/**" access="ROLE_admin"/>
<intercept-url pattern="/rewrite-status*" access="ROLE_admin"/>
<intercept-url pattern="/roller-ui/user.do*" access="ROLE_USER"/>
<anonymous />
<http-basic />
</http>




<beans:bean id="casProcessingFilter" class="org.springframework.security.ui.cas.CasProcessingFilter">
<custom-filter after="CAS_PROCESSING_FILTER"/>
<beans:property name="authenticationManager" ref="authenticationManager"/>
<beans:property name="authenticationFailureUrl" value="/roller-ui/login.rol?error=true"/>
<beans:property name="defaultTargetUrl" value="/"/>
<beans:property name="rememberMeServices" ref="rememberMeServices" />
<beans:property name="filterProcessesUrl" value="/j_spring_cas_security_check"/>
</beans:bean>

<beans:bean id="casProcessingFilterEntryPoint" class="org.springframework.security.ui.cas.CasProcessingFilterEntryPoint">

<beans:property name="loginUrl" value="http://localhost:8080/cas/login"/>

<beans:property name="serviceProperties" ref="serviceProperties"/>
</beans:bean>


<beans:bean id="casAuthenticationProvider" class="org.springframework.security.providers.cas.CasAuthenticationProvider">
<custom-authentication-provider />
<beans:property name="userDetailsService" ref="userRollerService"/>
<beans:property name="serviceProperties" ref="serviceProperties" />
<beans:property name="ticketValidator">
<beans:bean class="org.jasig.cas.client.validation.Cas20ServiceTicketValidator">
<beans:constructor-arg index="0" value="http://localhost:8080/cas" />
</beans:bean>
</beans:property>
<beans:property name="key" value="an_id_for_this_auth_provider_only"/>
</beans:bean>

<beans:bean id="proxyGrantingTicketStorage" class="org.jasig.cas.client.proxy.ProxyGrantingTicketStorageImpl" />

<beans:bean id="serviceProperties" class="org.springframework.security.ui.cas.ServiceProperties">
<beans:property name="service" value="http://localj.endurotracker.com:8090/roller_custom/j_spring_cas_security_check"/>
<beans:property name="sendRenew" value="false"/>
</beans:bean>



<beans:bean id="userRollerService"
class="org.apache.roller.weblogger.ui.core.security.RollerUserDetailsService" >
<beans:property name="rolePrefix" value="ROLE_"/>
</beans:bean>





<beans:bean id="rememberMeProcessingFilter" class="org.springframework.security.ui.rememberme.RememberMeProcessingFilter">
<custom-filter position="REMEMBER_ME_FILTER" />
<beans:property name="authenticationManager" ref="authenticationManager" />
<beans:property name="rememberMeServices" ref="rememberMeServices" />
</beans:bean>



<context:annotation-config />


<aop:aspectj-autoproxy />


<beans:bean class="org.springframework.beans.factory.annotation.RequiredAnnotationBeanPostProcessor" />

<beans:bean id="securityService"
class="yourPackage.SecurityService">
<beans:property name="usersDao" ref="usersDao" />
</beans:bean>


<beans:bean id="usersDao"
class="yourPackage.UsersDao">
<beans:property name="sessionFactory" ref="sessionFactory"/>
</beans:bean>

<beans:bean id="usersInRolesDao"
class="yourPackage.UsersInRolesDao">
<beans:property name="sessionFactory" ref="sessionFactory"/>
</beans:bean>

<beans:bean id="userService" class="yourPackage.UserService">
<beans:property name="usersDao" ref="usersDao" />
<beans:property name="authMgr" ref="authenticationManager"/>
<beans:property name="userCache" ref="userCache" />
<beans:property name="messageSource" ref="messageSource" />
<beans:property name="userTokenCache" ref="userTokenCache"/>
</beans:bean>

<beans:bean id="rememberMeAuthenticationProvider" class="org.springframework.security.providers.rememberme.RememberMeAuthenticationProvider">
<custom-authentication-provider />
<beans:property name="key" value="CHANGE_THIS_2" />
</beans:bean>

<beans:bean id="authenticationManager" class="org.springframework.security.providers.ProviderManager">
<beans:property name="providers">
<beans:list>
<beans:ref local="casAuthenticationProvider" />
<beans:bean class="org.springframework.security.providers.anonymous.AnonymousAuthenticationProvider">
<beans:property name="key" value="CHANGE_THIS_1" />
</beans:bean>
<beans:ref local="rememberMeAuthenticationProvider" />
</beans:list>
</beans:property>
</beans:bean>





<beans:bean id="rememberMeServices" class="org.apache.roller.weblogger.business.rememberme.RollerRememberMeServices">
<beans:property name="userDetailsService" ref="userRollerService" />
<beans:property name="userService" ref="userService" />
<beans:property name="key" value="CHANGE_THIS_2" />
<beans:property name="parameter" value="_spring_security_remember_me" />
<beans:property name="cookieName" value="SPRING_SECURITY_REMEMBER_ME_COOKIE" />
<beans:property name="cookieDomain" value=".yourwebsite.com" />
<beans:property name="tokenValiditySeconds" value="1209600" />
</beans:bean>

<beans:bean id="passwordEncoder" class="yourPackage.PasswordEncoder">
<beans:property name="passwordFormatforBean" value="Hashed" />
</beans:bean>

<beans:bean id="userTokenCache" class="org.springframework.cache.ehcache.EhCacheFactoryBean">
<beans:property name="cacheManager" ref="cacheManager" />
<beans:property name="cacheName" value = "yourPackage.UserTokenCache"/>
</beans:bean>

<beans:bean id="cacheManager" class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean">
<beans:property name="configLocation" value="classpath:ehcache.xml" />
</beans:bean>

<beans:bean id="userCacheBackend" class="org.springframework.cache.ehcache.EhCacheFactoryBean">
<beans:property name="cacheManager" ref="cacheManager" />
<beans:property name="cacheName" value="userCache" />
</beans:bean>

<beans:bean id="userCache" class="org.springframework.security.providers.dao.cache.EhCacheBasedUserCache">
<beans:property name="cache">
<beans:ref local="userCacheBackend" />
</beans:property>
</beans:bean>

</beans:beans>

Integrating Roller with CAS 4 Completed !

Single Sign On with CAS and RememberMe Part 1

2009-11-18T19:43:00.000-08:00

Overview
As an avid internet user I have a lot of different sites that I use, for most sites I have a separate user account and password.
With lots of accounts, it can be hard to remember all my different user names and passwords.
With Endurotracker.com, we want to make you user experience as enjoyable as possible. So, unlike some sites where you need to 3 different username and passwords one for main site, one for forum , and one for blog engine, we have made so that you only need a Single Sign On or Username/password combo for all the different applications.
In this series of blog entries, I will discuss how I implement Single Sign across 3 different applications, Roller ( a Open Source Blogging Engine),
JForum ( a Open Source Forum Engine), and our main application Endurotracker.com.
The way we implement Single Sign On (SSO) will be to use CAS 4, Central Authentication System 4 written by www.jasig.org and the
Spring Framework, specifically Spring Security formerly Aegis Security.
At a high level the way SSO works is : if a user is not logged in and they go to a secure area of the Roller application, then they will get prompted
to log in (via a redirect to the CAS 4 application), after successful login they get redirected back to where they where in the Roller application.
SSO will be implemented on 3 applications so this type of workflow will occur for the 3 applications, Roller, JForum, and Endurotracker.

Setting of CAS4

In this section we will go over how CAS4 was setup.

Step 1: Get CAS4 from jasig.org's SVN trunk repository

Step 2: Configure your Eclipse IDE and setup the CAS4 project : cas-server-webapp.
Optional (but good idea for debugging) , pull in all the CAS4 projects (over a dozen projects).

RememberMe Implementation

CAS4 takes advantage of the Open Source framework Spring. Specifically it uses Spring Web Flow and Spring Security.
(see www.springsource.org for full documenation).
In a nutshell, the way we implement RememberMe is by creating a RememberMe cookie and then utilize this cookie to determine
who the user is. If the RememberMe cookie is not found or is expired we force the user to login.
You can use the standard RememberMeServices class from Spring Security or you can create your own RememberMeServices class
if you need a implement things like encrypting your cookies. We implement our own RememberMeServices class to encrypt the values
stored in our cookies. Creating your own RememberMeServices class is optional.

Add this html snippet to promptForCredentials.jsp which will add a remember me check box to the login form:

Remember Me

For Spring Web Flow, to store whether the user has checked rememberMe check box, we need to create a small class, CaptchaRememberMeCredentialImpl.java, here is the source (small class):

@Component
@ValidateDefinition
public class CaptchaRememberMeAuthenticationResponsePluginImpl extends CaptchaAuthenticationResponsePluginImpl implements AuthenticationResponsePlugin {

//WARNING: implement all required methods this is just a SNIPPET for illustration purposes, this code will not compile, you will
// need to implement all required methods and add your imports, etc.

public static final String SPRING_SECURITY_REMEMBER_ME_COOKIE_KEY = "SPRING_SECURITY_REMEMBER_ME_COOKIE";

@Override
public void handle(final LoginRequest loginRequest, final AuthenticationResponse response) {
if (response.succeeded()) {

String username ="";
String password ="";
List creds = loginRequest.getCredentials();
if(creds.size() > 0)
{
CaptchaRememberMeCredentialImpl userCred = (CaptchaRememberMeCredentialImpl) creds.get(0);
username = userCred.getUsername();
password = userCred.getPassword();

if (!StringUtils.hasLength(username) || !StringUtils.hasLength(password)) {

return;
}

//if isRememberMe is false then return (don't set rememberme cookie)
if(userCred.isRememberMe()==false)
{

return;
}

//need to implement your own UserDetails Class , see Spring Security's UserDetails javadoc for more info
UserDetails userDetails = getUserDetailsService().loadUserByUsername(username);
if(userDetails != null){

Users user = userDetails .getUser();

RequestContext context = RequestContextHolder.getRequestContext();
ExternalContext externalContext = context.getExternalContext();

//determine what data you wish to store in cookie value
//typically store username or email as the key, or userid possibly
String cookieValue = user.getUserName().toString();
response.getAttributes().put(SPRING_SECURITY_REMEMBER_ME_COOKIE_KEY, cookieValue);

}

return;
}
else
{

return;

}
}

}

}

To set the cookie we need to implement an Authentication plugin and a cookie creator class.
CAS4 has implemented a plugin architecture that allows developers to create custom plugins.
Once you create a plugin, to get CAS4 to use it you just reference the plugin in the your deployment configuration file (in CAS3 called deployerConfigContext.xml) or if you utilize annotations will get picked up automagically. (i.e @Component, etc)
In this case our plugin will need to get called during the authentication process, so we will extend the CaptchaAuthenticationResponsePluginImpl
and implement AuthenticationResponsePlugin.
In a nutshell the plugin calculates the Cookie's value and stores it in the HttpResponse.
During the workflow after successful authentication the RememberMeCookieCreater class , extracts the Cookie's value from
the HttpResponse and creates new RememberMe Cookie using this value as input.

We use org.springframework.web.util.CookieGenerator to generate the remember me cookie, and see configuration section further down.

We then have to configure the Spring Web Flow configuration file, login.xml (locate under /webapp/WEB-INF/login/login.xml) to call this class during our workflow.

Here is the xml snippets:

xml snippet 1, update credentials var to use CaptchaRememberMeCredentialsImpl:

<var name="credentials" class="org.jasig.cas.server.authentication.CaptchaRememberMeCredentialImpl" />

xml snippet 2, add rememberme property:
<binder>
            <binding property="username" required="true" />
            <binding property="password" required="true" />
            <binding property="captchaResponse" required="false" />
            <binding property="rememberMe" required="true" />
</binder>





xml snippet 3:
<transition on="submit" to="determineIfSessionCreated">
            <evaluate expression="loginRequest.credentials.add(credentials)" />
            <evaluate expression="centralAuthenticationService.login(loginRequest)" result="requestScope.loginResponse" result-type="org.jasig.cas.server.login.LoginResponse" />
            <evaluate expression="sessionCookieCreater.createSessionCookie(loginResponse, null, externalContext)" />
            
            <evaluate expression="rememberMeCookieCreater.createSessionCookie(loginResponse, null, externalContext)" />
            <evaluate expression="loginRequest.setSessionId(loginResponse.sessionId)" />
        </transition>

Editing Configuration:

Step 3: Edit cas-server-webapp's pom.xml to allow for use of jetty (web server used in eclipse for debugging)
pom.xml Snippet:

<plugin>
                <groupId>org.mortbay.jetty</groupId>
                <artifactId>jetty-maven-plugin</artifactId>
                <version>7.0.0.1beta2</version>
                <configuration>
                    <webAppConfig>
                      <contextPath>/cas</contextPath>
                    </webAppConfig>
                    <connectors>
                       <connector implementation="org.eclipse.jetty.server.nio.SelectChannelConnector">
                            <port>8080</port>
                         </connector>
                    </connectors>
                </configuration>

Step 4: Update web.xml
             Update the section like this:

<context-param>
              <param-name>contextConfigLocation</param-name>
             <param-value>
               WEB-INF/cas-servlet.xml,
               WEB-INF/spring/applicationContext.xml,
               WEB-INF/spring/jcaptcha-configuration.xml,
               WEB-INF/spring/testAuthenticationHandler-configuration.xml,
               WEB-INF/spring/urlCredentialAuthenticationHandler-configuration.xml,
               /WEB-INF/deployerConfigContext.xml,
               /WEB-INF/jndi.xml
              </param-value>
            </context-param>

Step 5: Example cas-servlet.xml (if you run into issues):

<?xml version="1.0" encoding="UTF-8"?>

<beans xmlns="http://www.springframework.org/schema/beans"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
       xmlns:webflow="http://www.springframework.org/schema/webflow-config"
       xmlns:p="http://www.springframework.org/schema/p"
       xmlns:util="http://www.springframework.org/schema/util"
       xmlns:context="http://www.springframework.org/schema/context"
       xmlns:security="http://www.springframework.org/schema/security"
       xsi:schemaLocation="http://www.springframework.org/schema/beans
                           http://www.springframework.org/schema/beans/spring-beans-2.5.xsd
                           http://www.springframework.org/schema/webflow-config
                           http://www.springframework.org/schema/webflow-config/spring-webflow-config-2.0.xsd
                           http://www.springframework.org/schema/util
                           http://www.springframework.org/schema/util/spring-util-2.5.xsd
                           http://www.springframework.org/schema/context
                           http://www.springframework.org/schema/context/spring-context.xsd
                           http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.4.xsd">



    
    <webflow:flow-registry id="flowRegistry">
        <webflow:flow-location path="/WEB-INF/login/login.xml" id="login"/>
    </webflow:flow-registry>
    <webflow:flow-executor id="flowExecutor" />

    <bean class="org.springframework.webflow.mvc.servlet.FlowHandlerMapping" >
        <property name="order" value="0" />
        <property name="flowRegistry" ref="flowRegistry" />
    </bean>

    <bean class="org.springframework.web.servlet.i18n.CookieLocaleResolver" />


    <bean class="org.springframework.webflow.mvc.servlet.FlowHandlerAdapter" >
        <property name="flowExecutor" ref="flowExecutor" />
    </bean>


    <bean class="org.springframework.web.servlet.mvc.annotation.DefaultAnnotationHandlerMapping" >
       <property name="order" value="0" />
    </bean>

    <bean class="org.springframework.web.servlet.view.UrlBasedViewResolver" >
             <property name="prefix" value="/WEB-INF/jsp/" />
             <property name="suffix" value=".jsp" />
             <property name="viewClass" value="org.springframework.web.servlet.view.JstlView" />
    </bean>


    
    <bean class="org.springframework.web.servlet.mvc.annotation.AnnotationMethodHandlerAdapter" />

    
    <bean class="org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter" />


</beans>
Step 6: Update spring/applicationContext.xml:
<?xml version="1.0" encoding="UTF-8"?>

<beans xmlns="http://www.springframework.org/schema/beans"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
       xmlns:p="http://www.springframework.org/schema/p"
       xmlns:context="http://www.springframework.org/schema/context"
       xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd
       http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd">

    <context:component-scan base-package="org.jasig.cas.server.authentication"/>
    <context:component-scan base-package="org.jasig.cas.server.login"/>
    <context:component-scan base-package="org.jasig.cas.server.logout"/>
    <context:component-scan base-package="org.jasig.cas.server.session"/>
    <context:component-scan base-package="org.jasig.cas.server.util"/>
    <context:component-scan base-package="org.jasig.cas.server"/>
    <context:component-scan base-package="org.jasig.cas.server.login"/>
    <context:component-scan base-package="org.jasig.cas.server.session"/>
    <context:component-scan base-package="org.jasig.cas.server.web"/>


    <context:annotation-config />


    
    <bean id="authenticationManager" class="org.jasig.cas.server.authentication.DefaultAuthenticationManagerImpl">
    </bean>

    <bean id="messageSource" class="org.springframework.context.support.ResourceBundleMessageSource">
        <property name="basenames">
            <list>
                <value>org/javalid/core/validator/jv_messages</value>
                <value>messages</value>
                <value>org/jasig/cas/server/messages/log</value>
                <value>org/jasig/cas/server/session/messages/cas_messages</value>
            </list>
        </property>
    </bean>

    <bean id="casMessageSource" class="org.jasig.cas.server.util.CasMessageSourceAccessor" />


</beans>
Step 7: Example spring/jcaptcha-configuration.xml (current trunk version):
<?xml version="1.0" encoding="UTF-8"?>

<beans xmlns="http://www.springframework.org/schema/beans"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
       xmlns:p="http://www.springframework.org/schema/p"
       xmlns:context="http://www.springframework.org/schema/context"
       xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd
       http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd">

    <bean class="com.octo.captcha.service.image.DefaultManageableImageCaptchaService" id="imageCaptchaService" />

    <bean
       class="org.jasig.cas.server.authentication.DefaultCaptchaStatusImpl" id="captchaStatus"/>

    <bean class="org.jasig.cas.server.authentication.DefaultCaptchaStatusImplFactory" id="captchaStatusFactory" >
          <property name="numberOfFailures" value="2" />
          <property name="numberOfMilliseconds" value="60000" />
    </bean>

    <bean class="org.jasig.cas.server.authentication.InMemoryCaptchaStatusStorageImpl" id="captchaStatusStorage" />
</beans>

Step 8: Create deployerConfigContext.xml (main customization config file):
<?xml version="1.0" encoding="UTF-8"?>

<beans xmlns="http://www.springframework.org/schema/beans"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
       xmlns:p="http://www.springframework.org/schema/p"
       xmlns:context="http://www.springframework.org/schema/context"
       xmlns:aop="http://www.springframework.org/schema/aop"
       xmlns:tx="http://www.springframework.org/schema/tx"
       xmlns:jee="http://www.springframework.org/schema/jee"
       xmlns:security="http://www.springframework.org/schema/security"
       xsi:schemaLocation="http://www.springframework.org/schema/beans
                           http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
                           http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-2.5.xsd
                http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-2.5.xsd
                http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-2.5.xsd
                http://www.springframework.org/schema/jee http://www.springframework.org/schema/jee/spring-jee-2.5.xsd
                http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.4.xsd">
    




     <bean class="org.springframework.web.util.CookieGenerator" id="sessionCookieGenerator"
          p:cookieName="TGT"
          p:cookieSecure="false"/>


    <bean class="org.springframework.web.util.CookieGenerator" id="rememberMeCookieGenerator"
          p:cookieName="SPRING_SECURITY_REMEMBER_ME_COOKIE"
          p:cookieDomain=".endurotracker.com"
          p:cookieMaxAge="1209600"
          p:cookieSecure="false" />


    
    
    



    
    
    

    
    
    

    
   <bean class="yourPackage.YourCustomAuthenticationHandler" >
               <property name="securityService" ref="securityService" />
    </bean>



     
    
    <context:annotation-config />

    <aop:aspectj-autoproxy />

    
     <bean class="org.springframework.beans.factory.annotation.RequiredAnnotationBeanPostProcessor" />


    <bean id="securityService"
                 class="yourpackagename.SecurityService">
                <property name="usersDao" ref="usersDao" />
    </bean>

    <bean id="usersDao"
              class="yourpackagename.UsersDao">
           <property name="sessionFactory" ref="sessionFactory"/>
    </bean>

    

    <bean id="usersInRolesDao"
        class="yourpackagename.UsersInRolesDao">
        <property name="sessionFactory" ref="sessionFactory"/>
    </bean>

   

    <bean id="userService" class="yourPackageName.UserService">
          <property name="usersDao" ref="usersDao" />
          <property name="authMgr" ref="yourCustomAuthenticationManager"/>
          <property name="userCache" ref="userCache" />
          <property name="messageSource" ref="messageSource" />
          <property name="userTokenCache" ref="userTokenCache"/>
    </bean>

    <bean id="rememberMeAuthenticationProvider" class="org.springframework.security.providers.rememberme.RememberMeAuthenticationProvider">
            <security:custom-authentication-provider />
            <property name="key" value="CHANGE_THIS_2" />
    </bean>


     <bean id="yourCustomAuthenticationManager" class="org.springframework.security.providers.ProviderManager">
          <property name="providers">
               <list>
                    <ref local="daoAuthenticationProvider" />
                    <bean class="org.springframework.security.providers.anonymous.AnonymousAuthenticationProvider">
                         <property name="key" value="CHANGE_THIS_1" />
                    </bean>
                    <ref local="rememberMeAuthenticationProvider" />
               </list>
          </property>
     </bean>

    
     <bean id="rememberMeServices" class="org.springframework.security.ui.rememberme.TokenBasedRememberMeServices">
     <property name="userDetailsService" ref="usersDao"/>
      <property name="key" value="CHANGE_THIS_2"/>
    </bean>

    
     
           
           <property name="cookieDomain" value=".yourwebsite.com" />
    </bean>-->

    <bean id="daoAuthenticationProvider" class="org.springframework.security.providers.dao.DaoAuthenticationProvider">
          <security:custom-authentication-provider />
          <property name="userDetailsService" ref="usersDao" />
          <property name="passwordEncoder" ref="passwordEncoder" />
          <property name="userCache" ref="userCache" />
        </bean>


    <bean id="passwordEncoder" class="yourPackage.CustomPasswordEncoder">
          <property name="passwordFormatforBean" value="Hashed" />
    </bean>

    <bean id="userTokenCache" class="org.springframework.cache.ehcache.EhCacheFactoryBean">
          <property name="cacheManager" ref="cacheManager" />
          <property name="cacheName" value = "yourPackage.UserTokenCache"/>
     </bean>

     <bean id="cacheManager" class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean">
          <property name="configLocation" value="classpath:ehcache.xml" />
     </bean>

    <bean id="userCacheBackend" class="org.springframework.cache.ehcache.EhCacheFactoryBean">
          <property name="cacheManager" ref="cacheManager" />
          <property name="cacheName" value="userCache" />
    </bean>

    <bean id="userCache" class="org.springframework.security.providers.dao.cache.EhCacheBasedUserCache">
          <property name="cache">
               <ref local="userCacheBackend" />
          </property>
    </bean>



</beans>

New Features Released

2009-11-18T18:59:00.000-08:00

We have released a new update to www.EnduroTracker.com.
In this release, we are making EnduroTracker free as in free beer.
We also added 2 more Social features. The first being user forums where users can discuss endurance training. The second being the ability to create your own blog at www.EnduroTracker.com. Some of open source tools that we utilized included Jasig.org's CAS (Centralized Authentiation Service), Apache's Roller blogging engine, and jforum.net's forum. I plan to have a series of posting discussing how to setup and use CAS in general, and how to use CAS with a load balancer. I also plan to create a blog post on setting up security with Roller. The theme of these future postings being how to implement Single Sign On (SSO) across multiple web applications.

New Feature Import Data from Garmin Devices

2009-08-29T00:49:00.000-07:00

Just a quick note, www.Endurotracker.com has a new feature that lets users quickly import
data from their Garmin devices.
We used the Spring Framework, Hibernate, and Garmin's excellent xml schemas to build this feature.

Using Spring with multiple databases Part 5, Unit Testing using JUnit 4 and Annotations

2009-08-12T15:06:00.000-07:00

One of the great features of the Spring framework is they have create support for Unit Testing in JUnit. Also you have the ability to use Annotations to cut down on the amount of xml you need to get your test code up and running.
Here is a example that I used to test my Login Controller:

package com.endurotracker.gwt.server.web.controllers;

import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertNotNull;

import java.util.List;

import org.apache.log4j.Logger;
import org.junit.runner.RunWith;
import org.junit.Test;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.Authentication;
import org.springframework.security.context.SecurityContext;
import org.springframework.security.context.SecurityContextHolder;
import org.springframework.security.context.SecurityContextImpl;
import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
import org.springframework.security.providers.dao.DaoAuthenticationProvider;
import org.springframework.security.providers.dao.cache.EhCacheBasedUserCache;
import org.springframework.security.userdetails.UserDetails;
import org.springframework.test.context.ContextConfiguration;
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
import org.springframework.test.context.transaction.TransactionConfiguration;
import org.springframework.transaction.annotation.Transactional;

import com.endurotracker.gwt.dao.UsersDao;
import com.endurotracker.gwt.model.ServerSideUser;
import com.endurotracker.gwt.model.Users;
import com.endurotracker.gwt.server.service.UserService;

/**
* @author David
*
*/
@RunWith(SpringJUnit4ClassRunner.class)
@ContextConfiguration(locations = { "/applicationContext.xml","/jndi.xml","/applicationContext-acegi-security.xml" })
@TransactionConfiguration(transactionManager="jtaTransactionManager", defaultRollback=false)
@Transactional
public class LoginControllerTest {

@Autowired
private DaoAuthenticationProvider daoAuthenticationProvider;
@Autowired
private UsersDao userDetailsService;
@Autowired
private UsersDao usersDao;
@Autowired
private EhCacheBasedUserCache userCache;

@Autowired
private UserService userService;
@Autowired
LoginController loginController;

private static final Logger log = Logger.getLogger(LoginControllerTest.class);

@Test
public void testLogin()
{
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("admin","pwd");

Authentication auth = daoAuthenticationProvider.authenticate(token);

//set SecurityContext
SecurityContext context = new SecurityContextImpl();
context.setAuthentication(auth);
SecurityContextHolder.setContext(context);

Object obj = auth.getPrincipal();
String username = "";

if (obj instanceof UserDetails) {
username = ((UserDetails) obj).getUsername();
} else {
username = obj.toString();
}

//place in Cache
log.debug("loadUserByUsername " + username);

ServerSideUser serverUser = null;

boolean useCache = true;

if (useCache) {
serverUser = (ServerSideUser) userCache
.getUserFromCache(username);
}

List users;
Users u;
if (serverUser == null) {

users = usersDao.GetByProperty("username", username);
if(users.size() > 0)
{
u = users.get(0);
userCache.putUserInCache(new ServerSideUser(u));
}
else
{
u = null;
}

}

//Test if user can now be found, after being placed in cache
Users user = userService.getCurrentUser();

loginController = new LoginController(user);

assertNotNull(loginController);

}

@Test
public void testShowLogin()
{
loginController = new LoginController();
String returnViewname = loginController.showHandler();

assertEquals("showLogin",returnViewname);
}
}

Hopefully, these posts will help some people who had very little success previously finding good examples on how to setup Spring with multiple databases (datasources).
I know I did.

Using Spring with multiple databases Part 4

2009-08-12T14:45:00.000-07:00

In your web config file (web.xml) you reference your applicationcontext.xml file and any other configuration file that you need to use.
To configure Atomikos we created a xml file called jndi.xml and reference it in our web.xml file like so:

<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/applicationContext.xml,
/WEB-INF/jndi.xml
</param-value>
</context-param>

Here is how we configured Atomikos Transaction Manager in our jndi.xml file:

<?xml version="1.0" encoding="UTF-8"?>


<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:tx="http://www.springframework.org/schema/tx"
xmlns:jee="http://www.springframework.org/schema/jee"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-2.5.xsd
http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-2.5.xsd
http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop.xsd
http://www.springframework.org/schema/jee http://www.springframework.org/schema/jee/spring-jee-2.5.xsd">

<bean id="userTransactionService"
class="com.atomikos.icatch.config.UserTransactionServiceImp"
init-method="init" destroy-method="shutdownForce">
<constructor-arg>

<props>
<prop key="com.atomikos.icatch.service">
com.atomikos.icatch.standalone.UserTransactionServiceFactory
</prop>
<prop key="com.atomikos.icatch.enable_logging">
false
</prop>
</props>
</constructor-arg>
</bean>


<bean id="AtomikosTransactionManager" class="com.atomikos.icatch.jta.UserTransactionManager"
init-method="init" destroy-method="close">


<property name="forceShutdown" value="false" />
</bean>


<bean id="AtomikosUserTransaction" class="com.atomikos.icatch.jta.UserTransactionImp">
<property name="transactionTimeout" value="300" />
</bean>

<bean id="jndi"
class="org.apache.xbean.spring.jndi.SpringInitialContextFactory"
factory-method="makeInitialContext">
<property name="entries">
<map>
<entry key="java:comp/TransactionManager" value-ref="AtomikosTransactionManager" />
<entry key="java:comp/UserTransaction" value-ref="AtomikosUserTransaction" />
<entry key="java:comp/UserTransactionService" value-ref="AtomikosUserTransaction" />
</map>
</property>
</bean>

</beans>

In the current trunk of Spring 3.0.0, when using the Spring MVC framework , I ended up having to place @Transactional (which tells the JVM to create a transaction) in my controller classes. I would have preferred to have them on my Data Access objects, but my Unit Tests revealed that Transactions only got created in the Spring MVC world when placed on my Controller classes.
Here is a code snippet example:

@Controller
@TransactionConfiguration(transactionManager="jtaTransactionManager", defaultRollback=false)
@Transactional
public class WizardController {

private static final Logger log = Logger
.getLogger(WizardController.class);

@Autowired
UserService userService;

In part 5, I will go over how to setup unit tests using JUnit 4 and Spring's Unit Test Annotations.

Using Spring with multiple databases Part 3

2009-08-12T14:28:00.000-07:00

In this part, we setup our SessionFactories in our applicationcontext.xml file.
In our SessionFactories we specify our datasource, our entity classes, and also our hibernate properties.
Since we are using multiple databases, in this case 2 databases, we need to create two SessionFactory configurations.
Here is our first SessionFactory config that we place in applicationcontext.xml:

<bean id="sessionFactory"
class="org.springframework.orm.hibernate3.annotation.AnnotationSessionFactoryBean">
<property name="dataSource" ref="dataSource" />
<property name="annotatedClasses">
<list>
<value>com.endurotracker.gwt.model.Users</value>

</list>
</property>
<property name="hibernateProperties">
<props>
<prop key="hibernate.dialect">org.hibernate.dialect.PostgreSQLDialect</prop>
<prop key="hibernate.show_sql">true</prop>
<prop key="hibernate.connection.isolation">3</prop>
<prop key="hibernate.current_session_context_class">jta</prop>
<prop key="hibernate.transaction.factory_class">com.endurotracker.gwt.transaction.AtomikosJTATransactionFactory</prop>
<prop key="hibernate.transaction.manager_lookup_class">com.atomikos.icatch.jta.hibernate3.TransactionManagerLookup</prop>
</props>
</property>
</bean>

Here is our second SessionFactory config that we place in applicationcontext.xml:

<bean id="sessionFactory2"
class="org.springframework.orm.hibernate3.annotation.AnnotationSessionFactoryBean">
<property name="dataSource" ref="dataSource2" />
<property name="annotatedClasses">
<list>
<value>com.endurotracker.gwt.model.Activitytype</value>
</list>
</property>
<property name="hibernateProperties">
<props>
<prop key="hibernate.dialect">org.hibernate.dialect.PostgreSQLDialect</prop>
<prop key="hibernate.show_sql">true</prop>
<prop key="hibernate.connection.isolation">3</prop>
<prop key="hibernate.current_session_context_class">jta</prop>
<prop key="hibernate.transaction.factory_class">com.endurotracker.gwt.transaction.AtomikosJTATransactionFactory</prop>
<prop key="hibernate.transaction.manager_lookup_class">com.atomikos.icatch.jta.hibernate3.TransactionManagerLookup</prop>
</props>
</property>
</bean>

You will notice that we have 2 hibernate properties related to transactions:
hibernate.transaction.factory_class and hibernate.transaction.manager_lookup_class.
Due to a Hibernate bug ( bug HHH-3110), we had to create the following class which we reference as com.endurotracker.gwt.transaction.AtomikosJTATransactionFactory, so you can take this code and create your own class as well and update this property to your class name:

public class AtomikosJTATransactionFactory extends JTATransactionFactory{
UserTransaction userTransaction;

@Override
protected UserTransaction getUserTransaction() {
if (this.userTransaction == null)
{
this.userTransaction = new UserTransactionImp();
}

return this.userTransaction;

}

}

In Part 4, we will configure our Atomikos Transaction Manager via Atomikos' Transaction beans, and talk about how to use @Transactional Annotations in our Data Access layer and Controller layer. In Part 5, we will setup some unit tests using JUnit 4 and Spring's unit testing Annotations.

Using Spring with multiple databases Part 2

2009-08-12T13:42:00.000-07:00

If you want to debug the Spring and Hibernate source code, using your SVN client of choice download the prerequisites (or if you use Maven you can update your pom.xml to reference the applicable jar files).
For Spring the version is 3.0.0.Build-SNAPSHOT.
Since, we are using the Trunk (the bleeding edge), it is probably best to be able to debug their code, so I suggest you download the source code. Additionally, you will be able to more easily contribute patches if you like.

Spring 3.0 Framework Source Control Repository (SVN): https://src.springframework.org/svn/spring-framework/trunk

Hibernate Trunk SVN: http://anonsvn.jboss.org/repos/hibernate/core/trunk

To download Atomikos, go to http://www.atomikos.com/Main/TransactionsEssentials

Atomikos is open source but they have you register prior to downloading the code.

When developing web applications in Java, you can end up with a lot of lines of xml code in your config files. To alleviate the number of lines of xml configuration code, Spring introduced Annotations which allow you to add Annotations or configuration settings within your classes. The key Annotation that we will be using is @Transactional which tells the JVM to create a transaction for this class or method. Spring also has Annotations like @Controller that tells the JVM that this class is a Controller. This allows developers to cut down on the amount of xml configurations that they need to specify. Unfortunately, we still to have some xml configuration, so let's setup our datasources xml in our applicationcontext.xml file.

Here is the top section of our xml (applicationcontext.xml) file:

In order to the Atomikos Transaction Manager, our datasources need to be configured
using Atomikos datasource classes. Using other datasources class types won't work.
Here is an example of how to configure the datasources:

<bean id="dataSource" class="com.atomikos.jdbc.nonxa.AtomikosNonXADataSourceBean">
<property name="uniqueResourceName"><value>NONXADBMS</value></property>
<property name="user"><value>admin</value></property>
<property name="password"><value>password</value></property>
<property name="url"><value>jdbc:postgresql://localhost/usersdb</value></property>
<property name="driverClassName"><value>org.postgresql.Driver</value></property>
<property name="poolSize"><value>1</value></property>
<property name="borrowConnectionTimeout"><value>60</value></property>
</bean>

<bean id="dataSource2" class="com.atomikos.jdbc.nonxa.AtomikosNonXADataSourceBean">
<property name="uniqueResourceName"><value>NONXADBMS2</value></property>
<property name="user"><value>admin</value></property>
<property name="password"><value>password</value></property>
<property name="url"><value>jdbc:postgresql://localhost/accountingdb</value></property>
<property name="driverClassName"><value>org.postgresql.Driver</value></property>
<property name="poolSize"><value>1</value></property>
<property name="borrowConnectionTimeout"><value>60</value></property>
</bean>

In part 3, we will setup our SessionFactories.

Using Spring with multiple databases Part 1

2009-08-11T14:17:00.000-07:00

This series of articles is about how to use the Spring framework within your application to reference multiple databases or in Java parlance datasources.
In a previous project, I used NHibernate and ActiveRecord and I was able to relatively painlessly use multiple databases. In Spring, to use multiple databases it took longer since my googling came up with some examples , but not complete enough that when tested gave me what I needed. In the Spring framework world and in the Java world in general there all several database persistences technologies. There is plain vanilla Hibernate, there is JPA via Hibernate, there is JPA via TopLink, there is Spring's HibernateTemplating, and plenty more.
To setup Spring with multiple databases, we are going to do the following:
Prerequisite:
Download and setup SpringFramework 3.0 from the Trunk.
Download and setup Hibernate 3.5 from the Trunk.
Download and setup Atomikos Transaction Manager. (optional download sources)
1) Setup our datasources in our applicationcontext.xml
2) Setup SessionFactory configurations in our applicationcontext.xml
3) Setup JTATransactionManager configurations in our applicationcontext.xml
4) Create a custom JTATransactionFactory class to deal with Hibernate bug: HHH-3110
5) Configure Atomikos (turn off logging on Atomikos)
6) Configure Dao and Controllers with @Transactional annotation
Editors Note: Need @Transactional annotation in Controller , having @Transactional in Dao did not always create a Transaction.
7) Create Unit Tests
8) Take a break!

In part 2, we will setup our datasources. In part 3, we will setup our SessionFactories.

Add Any Gadget to Your Gmail (including ours)

2009-07-01T12:18:00.000-07:00

After watching a presensation online at Google I/O , they demonstrated that in addition to being able to add gadgets to you google home page ( www.google.com/igoogle), you can also add gadgets to you gmail page.
Here is how you do it:
To add a gadget to the left nav of your Gmail account, follow these steps:

1. Go to the 'Labs' tab under Gmail Settings.
2. Enable the 'Add any gadget by URL' experiment and click 'Save Changes.'
3. Now you'll have a 'Gadgets' tab under Settings.
4. Enter the URL of an OpenSocial gadget spec and click 'Add'.

In EnduroTracker.com's case the url is: http://endurosocial.googlecode.com/svn/trunk/trunk/qaendurotrackeroauth.xml

On Newsstands now, Wired - July 2009 - Athletes - Track your Data

2009-06-17T15:42:00.000-07:00

As software developer who works on a site that does exactly this,
I was very pleased to see the cover of Wired this month (July 2009) covering
Athletes who now Track their data using Gps devices, heart rate monitors, etc.
and also use different websites similar to mine (http://www.EnduroTracker.com )to plan, track, and analyze their data.

Gadgets and Widgets Oh My!

2009-06-11T14:25:00.001-07:00

In this blog post I thought I would talk about OpenSocial Gadgets since Google starting promoting Gadgets last week by way
of having celebrities share their iGoogle setup with selected Gadgets.
At a high level a container site like iGoogle (http://www.google.com/igoogle) let's users add gadgets to their customizable home page.
A gadget is a web application in itself, and can do pretty much anything a standard web page can do (except its real estate/size on page is restricted).
For example, you can add Espn's gadget to your iGoogle page, and it will display headlines from Espn. You can also add things like a weather gadget, and even a Google gmail gadget so you can read your email without leaving iGoogle. As an avid internet user I find that after a while, I can end up with 20 or more browser tabs or browser windows open when I'm browsing thru my favorite sites. However, if all my favorite sites had gadgets I could just have 1 tab open to iGoogle and I browse my favorites from all in one place. It is great for consolidating and streamlining how you use the internet.
Being a fan of making users internet experience better, I took the plunge and developed a OpenSocial Gadget for http://www.EnduroTracker.com.
To add the Gadget to your iGoogle page just click the google icon on the bottom of the site.
If you are developer and want to take the plunge I have a few suggestions.
There is some good documentation out there. The first documentation to read is the igoogle developer's guide, http://code.google.com/apis/igoogle/docs/igoogledevguide.html
After reading thru the majority of this documentation, it is a good idea to create a simple Hello World gadget using google's sandbox.
If you need to utilize security/authentication to pull data from your site, then you will need to implement OAuth. It is a good idea to first read the documentation and demos
at http://oauth.net .
A good code example of using OAuth from both a provider and consumer perspective, is http://lab.madgex.com/oauth-net/
If you are going down the OAuth path and are choosing to create a Gadget for iGoogle, your site will need to implemented an OAuth Provider.
I have implemented an OAuth provider using the Open Source MVC framework for .Net (C#) Castle MonoRail, if anyone using Castle MonoRail is interested in
viewing or using my OAuth provider code let me know by leaving a comment and I can share it via code.google.com.
In a nutshell, you will need a Container (iGoogle), a OAuth provider (your site), and your Gadget code (an xml file).
Once you have picked your Container (google has one as does yahoo, myspace, etc), written your OAuth provider code, and have a some Gadget code,
you should test all your code locally. This way you can have your own local sandbox to step thru your code as you work out the kinks.
How can I implement a Container like igoogle locally? Well, the short answer is that you can use Shindig which is an open source container.
It is available here: http://incubator.apache.org/shindig/
If you want to setup Shindig, see my March 16th blog entry below.
There are major benefits to using OpenSocial and OAuth. Both projects are standards driven meaning that they work with lots of different sites and vendors
to come up with best standards for all parties involved. This means that lots of sites are using OpenSocial and OAuth. The major players being Google, Yahoo,
Twitter, and MySpace. Once you implemented OpenSocial and OAuth for one of these sites, it will be very easy to integrate with the other sites. This means developers
don't have to write separate integration code for each site. Developers can use the DRY principle (don't repeat yourself).

Nice Article on General Setup of Fedora 9

2009-06-04T15:00:00.000-07:00

Here is a decent article on how to setup Fedora 9 in general using yum.
http://www.mjmwired.net/resources/mjm-fedora-f9.html#yum

New Feature Google Gadget

2009-05-28T11:21:00.000-07:00

We are proud to now offer the ability to view your current weekly mileage statistics on your Google home page by using our EnduroTracker Gadget.
There are 2 ways to add the EnduroTracker Gadget to your Google home page. The first and easiest is to go to www.EnduroTracker.com
and click the Google icon on the bottom of the page.
The second way is to log into your Google home page at www.google.com/ig, click Add Stuff link on the top right hand side. On the next page, click on the Add Feed or gadget link located on the left side midway down the page. Enter or paste the following url into the input box: http://endurosocial.googlecode.com/svn/trunk/trunk/qaendurotrackeroauth.xml
To personalize the gadget , click the personalize link within the gadget, and login using your EnduroTracker credentials.

Also you can click the link below, to add the EnduroTracker Gadget to your Google home page

New Amazon EC2 Features

2009-05-18T08:35:00.000-07:00

Amazon EC2 just added some higher level applications/services
like AutoScaling, Load Balancing, and Monitoring , link : http://aws.amazon.com/autoscaling/

Setting up Load Balancing and Monitoring on your own is straight forward, but AutoScaling is not easy. AutoScaling could be extremely useful to most people using EC2.

OpenSocial using OAuth and ShinDig

2009-03-16T15:04:00.001-07:00

OpenSocial is a standard to allow social websites to communicate with other social websites.
For example developers can create widgets/gadgets that can be placed on their google home page
(http://www.google.com/ig) that get contacts/friends from twitter.com.

Shindig is a java application that acts as a container for hosting these gadgets.
OAuth is the authentication standard for authenticating a user across different sites.
For extensive coverage of OAuth see, http://oauth.net/ .

In this document , I will discuss how to setup a developer's environment so that he/she can
run a sample OpenSocial gadget using OAuth.

We will need a Consumer website (site where gadget is hosted), and a OAuth Provider site (where gadget gets its data from).
We will be using Shindig as our Container Site/ OAuth Consumer for hosting this sample OpenSocial gadget.
In OAuth parlance Shindig is the Consumer site.
We will use oauth code project from google code as our OAuth Provider site, http://oauth.googlecode.com

In this example Shindig (Container Site/OAuth Consumer) will be run on port 8080.
OAuth.googlecode will be run on port 9090.

Overview of Steps

1. Download, compile/package, configure and run (via Jetty WebServer )oauth provider example site on port 9090
from http://oauth.googlecode.com
2. Download, compile, configure , and run in Eclipse IDE the Shindig (Consumer/Container site) using Jetty Webserver on
port 8080 via Maven Jetty Plugin.
3. Apply recommended edits/patches to Shindig
4. Startup OAuth Provider Site via command line.
5. Startup Shindig site via Eclipse using External Tools configuration for Jetty.

Prerequisite Software:
1. Download and Install a SVN client (i.e Tortoise SVN) , http://tortoisesvn.tigris.org/
2. Download and Install Java (JDK/JRE) 1.5 or later and set the JAVA_HOME environment variable. See, http://java.sun.com
3. Download and Install Maven (a build tool like ant but with a ton of features) , http://maven.apache.org/download.html
2. Download and Install Eclipse IDE , choose Java EE Developers Version from , http://www.eclipse.org/downloads/
3. Install the Maven2 Plugin in Eclipse
Steps:
A. Help -> Software Updates -> Find and Install
B. Search for new features to Install
C. Create a new remote update site for Maven 2 plugin
Name: Maven2 - Sonatype
Url: http://m2eclipse.sonatype.org/update/
D. Select the site and click finish
E. There are optional dependencies on mylyn and subclipse. Get them here if you don't have them.
link: http://m2eclipse.sonatype.org/update/
Otherwise, just install the Maven Integration plugin.

Detail Steps for setting up OAuth provider example site
1. Using your svn client (Tortoise SVN), download the oauth code from http://oauth.googlecode.com/svn/code/java
2. Open a command window, and navigate to download location.
3. at command line: mvn
(This will run the default build step for the oauth project, and will compile the code )

Detail Steps for setting up Shindig
Note: Setting up Shindig in Eclipse was time consuming for me , for some reason the Maven plugin
in Eclipse didn't auto detect all the dependencies, and I had to right click on the Shindig and
select Maven - > Add dependecy -> and add each dependency listed in the pom.xml file.

Most of the steps here are from: http://incubator.apache.org/shindig/#tab-building

Setup new workspace and project

Creating a new workspace eliminates the performance cost from existing projects and makes it easier to manage the
code.

File -> Switch Workspace -> Other...
Select directory to store workspace
- Do not select a parent directory of the shindig source (e.g. ~/src/shindig) as Eclipse won't allow
- you to
  create the Java project.
- Something like ~/eclipse/workspaces/shindig would work fine
File -> New -> Java Project
1. Name the project. The instructions below will assume "SHINDIG".
2. Select 'Create project from existing source' and navigate to .../src/shindig/java
3. Click Finish
4. If you see a dialog for "Open Associated Perspective", click Ok. Don't worry about the errors after
  loading as they will be fixed in the next step.
Right-click the project, select Maven : Enable Dependency Management
Right-click the project, select Maven : Update Project Configuration
Optionally, if you would like to be able to browse or step into the code of your dependent jars when
debugging, you need the source jars.
Right-click the project, select Maven : Download Sources and
Eclipse will automatically know about these sources when debugging.
You can browse them under Maven Dependencies in your project.
If you'll be using AllTests to run tests or generate code coverage stats, adjust the project's output folders.
1. Project -> Properties -> Java Build Path -> Source
2. Locate and open SHINDIG/gadgets/src/test/java
3. Select Output Folder: (Default Output Folder) and click Edit...
4. Select Specific Output Folder
5. Enter target/test-classes and click OK.
6. Repeat for SHINDIG/social-api/src/test/java

Debug using Eclipse

Overview of Debugging
You will need to setup an External Tools Configuration in Eclipse to enable the Jetty WebServer.
You will also need to setup a Debugging Configuration in Eclipse.
Another reference site is: http://cwiki.apache.org/WICKET/maven-jetty-plugin.html

Setting Up External Tools Configuration
Select In Eclipse Run -> External Tools -> External Tools Configuration
Select the New Launch Configuration, name it "Maven-Jetty"
In the Main tab, fill in Location box with your Maven execution location. (i.e D:\Maven\bin\mvn.bat)
In the Main tab, fill in the Working Directory of your Shindig project. ( i.e ${workspace_loc:/SHINDIG} )
In the Main tab, fill in the Arguments box with : jetty:run-war -f pom.xml
Select the Enironment tab, click New Variable enter Name : JAVA_HOME, value: (location of your JAVA_HOME, i.e c:\SUN\sdk\jdk)
click New again, enter Name: MAVEN_OPTS,
value: -Xdebug -Xnoagent -Djava.compiler=NONE -Xrunjdwp:transport=dt_socket,address=8080,server=y,suspend=y

Setup Debug Configuration
Select Run - Debug -> Remote Java Application. Click New Launch Configuration icon, name this: " Debug Maven Jetty".
Fill in the dialog by selecting your project: SHINDIG.
In the connection properties, set Host to: localhost, Port: 8080.

Patches to Shindig Trunk that you should apply yourself:
Patch #1
Class: OAuthRequest.java, method: fetchRequestToken
Near Line: 327
Edits:
HttpRequest request = new HttpRequest(
Uri.parse(accessor.consumer.serviceProvider.requestTokenURL));
request.setMethod(accessorInfo.getHttpMethod().toString());
//Bug - Need to Set authtype as well, otherwise AuthType always
//defaults to NONE via the HttpRequest constructor.
request.setAuthType(realRequest.getAuthType());

Patch #2
Class: OAuthRequest.java, method: createHttpRequest
Near Line: 485
private HttpRequest createHttpRequest(HttpRequest base,
List<Map.Entry<String, String>> oauthParams) throws OAuthRequestException {

OAuthParamLocation paramLocation = accessorInfo.getParamLocation();

// paramLocation could be overriden by a run-time parameter to fetchRequest

//bug alert: no need afaik to create a new HttpRequest instance,
//since we pass it the base HttpRequest instance in as a parameter
//The use case of having an authType other than NONE is a real use case
//If we leave this line in then the authType always gets overriden to NONE
//via this constructor new HttpRequest(base)
//HttpRequest result = new HttpRequest(base);
HttpRequest result = base;
// If someone specifies that OAuth parameters go in the body, but then sends a request for
// data using GET, we've got a choice. We can throw some type of error, since a GET request
// can't have a body, or we can stick the parameters somewhere else, like, say, the header.
// We opt to put them in the header, since that stands some chance of working with some
// OAuth service providers.
if (paramLocation == OAuthParamLocation.POST_BODY &&
!result.getMethod().equals("POST")) {
paramLocation = OAuthParamLocation.AUTH_HEADER;
}

switch (paramLocation) {
case AUTH_HEADER:
result.addHeader("Authorization", getAuthorizationHeader(oauthParams));
break;

case POST_BODY:
String contentType = result.getHeader("Content-Type");
if (!OAuth.isFormEncoded(contentType)) {
throw responseParams.oauthRequestException(OAuthError.INVALID_REQUEST,
"OAuth param location can only be post_body if post body if of " +
"type x-www-form-urlencoded");
}
String oauthData = OAuthUtil.formEncode(oauthParams);
if (result.getPostBodyLength() == 0) {
result.setPostBody(CharsetUtil.getUtf8Bytes(oauthData));
} else {
result.setPostBody((result.getPostBodyAsString() + '&' + oauthData).getBytes());
}
break;

case URI_QUERY:
result.setUri(Uri.parse(OAuthUtil.addParameters(result.getUri().toString(), oauthParams)));
break;
}

return result;
}

Startup OAuth Provider Site via command line

1. Open a command window, and change directory to download location of oauth
2. at command line: cd example/oauth-provider
( This is the main directory for the sample oauth-provider website )
3. at command line: mvn -Djetty.port=9090 jetty:run-war
(this will run the oauth-provider website using the jetty webserver on port 9090)

Startup Shindig site via Eclipse using External Tools configuration for Jetty

Prerequisite: Create consumer key file using OpenSSL from the command line. Download at: http://www.openssl.org/related/binaries.html
1. Open Command Line and run:
openssl req -newkey rsa:1024 -days 365 -nodes -x509 -keyout testkey.pem -out testkey.pem -subj '/CN=mytestkey'
2. From Command Line run:
openssl pkcs8 -in testkey.pem -out oauthkey.pem -topk8 -nocrypt -outform PEM
3. copy oauthkey.pem to : Shindig\java\server\src\main\webapp\WEB-INF
4. Edit Shindig\java\common\conf\shindig.properties and edit shindig.signing.key-name and shindig.signing.key-file
# OAuth confiugration, including the key file for signing requests
# The URL base to use for full OAuth support (three-legged)
shindig.oauth.state-key=
shindig.oauth.base-url=/oauth/
shindig.oauth.authorize-action=/WEB-INF/authorize.jsp
shindig.signing.key-name=mytestkey
shindig.signing.key-file=/WEB-INF/testkey.pem

Steps:
1. Assuming you have the Shindig project open in Eclipse,
select Run - > External Tool Configuration -> select "Maven-Jetty" ( created in the "Setting Up External Tools Configuration" above)
2. Next if you want to debug and set breakpoints,
select Run -> Debug Configurations -> select " Debug Maven Jetty" configuration.
( created in the "Setup Debug Configuration" step above.

This is a intial draft, so let me know if additional comments or steps should be added.
Have fun with OpenSocial and Shindig!

Postgresql Spatial Database (GIS) using PostGIS

2009-02-04T11:12:00.001-08:00

Postgresql is a open source database that has an add-on module named PostGIS.
PostGis adds support for geographic objects. It allows you to spatial enable your databases.
With the onset of websites like Google maps, having the ability to map locations, map routes, etc, is becoming common place.
With PostGis, I am able to quickly and easily determine distances between 2 locations. I can retrieve longitude and latitude values.

Installing PostGIS

I am using Fedora 8, so I needed to install PostGis from source.

Install from Source Method
1) download, configure, make proj (version 4.6.1)
notes: yum installs files to /usr/share/pgsql/contrib/lwpostgis.sql, postgis_comments.sql, spatial_ref_sys.sql,
from source files get installed to /usr/share/lwpostgis.sql, lwpostgis_upgrade.sql, spatial_ref_sys.sql

2) After compiling proj from source,
a) edit /etc/ld.so.conf
add /usr/local/lib
b) ldconfig
c) recompile PostGis ( if previously installed)

3) Compiling PostGis from source,
a) just run ./configure (without options)
b) then: make
c) make install
4) createlang plpgsql [yourdatabase]
5) psql -d [yourdatabase] -f lwpostgis.sql
6) psql -d [yourdatabase] -f spatial_ref_sys.sql
PostGis is found at http://postgis.refractions.net

Amazon Flexible Payments Service Part 3, Co-branded Flow

2009-02-04T11:01:00.001-08:00

In a typical website, you want your customer to have a payment link that starts the process of them paying for services/products that your site has provided to them via Amazon. This typical process end to end is called Co-Branded UI process in Amazon's FPS documentation.
There are 3 roles in the process: Sender, Caller, and Recipient. The sender is the entity sending money. The Caller is the entity calling the Amazon FPS Api. The recipient is the entity who will receives the payment. Amazon uses tokens to provide secure handle to payment instructions.
In this process 3 tokens are used a Caller token, Recipient token, and Sender token. Your web application will need to create a Caller Token, and Recipient Token.
In the Co-Branded UI process , once you customer chooses a product/service and payment amount, they get redirected to Amazon's FPS website where they log in using their Amazon account, select their payment method. It is here in this part of the process on the Amazon site where the Sender token is created. After confirming their payment method, and amount on the Amazon site, the user gets redirect back to you site. When they are redirected back to your site, Amazon passes back to your site the Sender token. Your site will need to acquire this sender token information, and then your site will need to formally request/submit a payment authorization to Amazon FPS Webservice.
Amazon can then notify you when payment was successful either via a scheduled job that you create that queries Amazon FPS, or via Instant Payment Notification which requires you to setup a Web Service that Amazon calls when payment is successful. One of the undocumented Payment Transaction Statuses that I found is "Initiated". In their WSDL file they only define: "Success", "Failure". This can cause issues if you are not expecting to receive this status of "Initiated", and are only expecting to the 2 values of "Success" or "Failure".
The best way to get comfortable with Amazon FPS in my humble opinion is to review and work thru the examples and sample applications.

Amazon Flexible Payments Service Part 2, Setup

2009-02-04T10:33:00.001-08:00

In order to use Amazon FPS, you will need to create an aws developer account (Amazon Web Services Account) and sign up for Amazon FPS sandbox account.
Follow the steps in the Amazon FPS Getting Started Guide, http://developer.amazonwebservices.com/connect/entry.jspa?externalID=913&categoryID=125
After completing these steps, you should setup you local development environment, and work thru some of sample applications.
I ended up working thru the Java sample applications and rewriting them in C# to get a solid understanding of Amazon FPS.
It is important know what your requirements for you payment application are ahead of time, so that you can pick which features of Amazon FPS you want use. Do you want to retrieve your payment notification from Amazon in a scheduled job or Do you want know instantly when a payment transaction is completed?
If you want to know instantly when a payment transaction is completed and don't want have to deal with creating a scheduled job, then use Amazon's IPN feature (Instant Payment Notification). IPN requires that you setup a Web Service on your web server that Amazon FPS can access to notify you of payments. If you don't want to setup a Web Service for IPN, you will need to go the scheduled job route.

Small addition to John Resig's Bringing the Browser to the Server

2009-01-07T12:31:00.000-08:00

After reading John Resig's article: http://ejohn.org/projects/bringing-the-browser-to-the-server which was written over a year ago. I wanted to try out some of things he demonstrated.
By combining Mozilla's Rhino project with a few javascript files, John was able to do
a number of useful things like automated javascript testing and web screen scraping.
He also outlined some pseudo code for creating a web app environment.
The one thing he ran out of time was integrating an html parser into this setup.
At his suggestion I have integrated the nekohtml html parser into this setup.
In order to use this setup you should follow these steps:

1. Get jquery source code . Via SVN at http://jqueryjs.googlecode.com/svn/trunk/. Important get REVISION 2302
2. Get Rhino ( source code optional), site: http://www.mozilla.org/rhino/
3. Get Nekohtml source code, site: http://nekohtml.sourceforge.net/
4. Edit /jquery/jquery/build/runtest/env.js (starting at line 135)
window.DOMDocument = function(file){
this._file = file;
//OLD
//this._dom = Packages.javax.xml.parsers.
// DocumentBuilderFactory.newInstance()
// .newDocumentBuilder().parse(file);

//NEW
var parser = new Packages.org.cyberneko.html.parsers.DOMParser();
var source = new Packages.org.apache.xerces.xni.parser.XMLInputSource(null,null,null,file,"UTF8");
parser.parse(source);
this._dom = parser.getDocument();

if ( !obj_nodes.containsKey( this._dom ) )
obj_nodes.put( this._dom, this );
};

5. You can run your javascript file via the Rhino Debugger App
command line:
java -cp build/nekohtml.jar;build/nekohtmlXni.jar;build/xml-apis.jar;build/xercesImpl.jar;build/xercesSamples.jar;build/js.jar org.mozilla.javascript.tools.debugger.Main filename.js

Note: Some further updates to env.js will be necessary to get it to run the html parser outside the Rhino Debugger App.

New and Improved www.endurotracker.com

2008-12-31T13:57:00.000-08:00

After 3 months of work, there is a new and improved www.EnduroTracker.com site available.
This site is targeted towards the triathlete or endurance athlete who want to plan and track their training sessions from any available internet enabled device (PC, iphone, blackberry, etc).
If you have friends who do endurance sports like Triathlons, bike races, road races, or swim races refer them to www.endurotracker.com. ( a triathlon training log site )
On a technical note, www.EnduroTracker.com is now using substantial more hardware, and is now using several new redundancy strategies to handle large loads, maximize performance, and deal with hardware disaster scenarios. It uses redundant web servers, and redundant database servers.

Host Names in Linux

2008-12-19T11:02:00.000-08:00

Configure the Hostname

On the shoulders of giants, this an excerpt from very detailed post on postfix (smtp software) at

http://souptonuts.sourceforge.net/postfix_tutorial.html

The computer that these examples are taken from is "squeezel.squeezel.com", and it exists on IP address 192.168.1.81. The short name is just squeezel. Another computer, on IP address "192.168.1.155" is "tape.squeezel.com".

     /etc/hosts

   # Do not remove the following line, or various programs
   # that require network functionality will fail.
   127.0.0.1       localhost.localdomain           localhost
   192.168.1.81    squeezel.squeezel.com           squeezel
   192.168.1.155   tape.squeezel.com               tape

You may also want to edit "/etc/sysconfig/network" and add or check the following.

    HOSTNAME=squeezel.squeezel.com

Finally, to put all changes into effect now, run the following command with root privileges.

   $ hostname squeezel.squeezel.com

Some of the settings in the postfix "main.cf" file depend upon the hostname.

Amazon Flexible Payments Service (FPS) Part I, An Overview

2008-12-01T11:31:00.000-08:00

Amazon Flexible Payments Service (FPS) is a set of web services that allow developers create applications to move money from one entity to another. Payment can be in the form of credit cards, bank account , or Amazon Payments balance.
Requests can be made either via SOAP or REST. In my case I had to use REST because Mono (.Net on Linux) has not implemented WSE 2 or WSE 3.
Another important feature to be aware of is Instant Payment Notification (IPN). This frees up a developer from having to implement a scheduled job that queries Amazon FPS for completion of payments. Because IPN will push (publish) a response to your listening website/webservice for you.

References:
Getting Started Guide: http://docs.amazonwebservices.com/AmazonFPS/2007-01-08/FPSGettingStartedGuide/
Developers Guide: http://docs.amazonwebservices.com/AmazonFPS/2007-01-08/FPSDeveloperGuide/

Configuring SSL on a Web Server using Apache

2008-11-18T07:31:00.000-08:00

Here is a link to an article on setting up SSL on an Apache web server.
http://www.onlamp.com/pub/a/onlamp/2008/03/04/step-by-step-configuring-ssl-under-apache.html

These are the steps that I followed from the article:

I am setting up a qa web server , so I did this :

1) " For testing purposes, or for small LANs, you can create a self-signed certificate. This can be done by issuing this command: "

openssl req -new -x509 -days 365 -sha1 -newkey rsa:1024 \
-nodes -keyout server.key -out server.crt \
-subj '/O=Company/OU=Department/CN=www.example.com'

Note: You will need to have setup a self-signing Certificate
Authority on your server. This enables you to create your own temporary
certificates for testing purposes. See my blog post on setting up
Email/SMTP on Amazon EC2 for how this is done.

2) Next, I installed mod_ssl on Apache:
For Fedora, command line: yum install mod_ssl

3) Update /etc/httpd/conf.d/ssl.conf,
add a reference to your certificate (server.crt) and your key (server.key),
For example:
# Server Certificate:
# Point SSLCertificateFile at a PEM encoded certificate. If
# the certificate is encrypted, then you will be prompted for a
# pass phrase. Note that a kill -HUP will prompt again. A new
# certificate can be generated using the genkey(1) command.

SSLCertificateFile /etc/httpd/certs/server.crt

# Server Private Key:
# If the key is not combined with the certificate, use this
# directive to point at the key file. Keep in mind that if
# you've both a RSA and a DSA private key you can configure
# both in parallel (to also allow the use of DSA ciphers, etc.)

SSLCertificateKeyFile /etc/httpd/certs/server.key

4) Enable Port 443 on your server and firewall
(Amazon EC2 command line:
ec2-authorize default -p 443 )

Conclusion: You now have a QA Web server with a temporary certificate that can run web sites
using SSL ( https ). For production Web servers , you will need to purchase a permanent certificate
from a trusted certificate authority like Verisign.

Updated Email Setup on Amazon EC2

2008-11-17T20:09:00.001-08:00

SMTP/Email Setup on Amazon EC2

Summary:
Create an Smtp server installation on Amazon EC2 that relays email to
your gmail email account. Gmail has a nice email client so this allows us to leverage gmail’s rich features. Our smtp software package is postfix.

Prerequisites:

Familiar with create and launching instances using Amazon EC2, and familiar with editing config files in linux.

Links to
documentation on Amazon EC2 and how to create and launch instances:

http://developer.amazonwebservices.com/connect/kbcategory.jspa?categoryID=84

1. Install Postfix

For Fedora 8: yum install
postfix

2. Setup/Install Certificate Authority for Self Signing

yum install openssl-perl

3. Create Server Certificate

cd /et/pki/tls/misc

./CA.pl -newca

4. Copy cert file to postfix folder

cp /etc/pki/CA/cacert.pem
/etc/postfix

5. Create Certificates (self signed certificates for testing
purposes)

openssl
genrsa -out enduro.key 1024
openssl
req -new -key enduro.key -out enduro.csr

openssl
req -new -x509 -key enduro.key
-out enduro.pem
-days 1095

Authorize Port 587
At desktop/client command line: ec2-authorize default –p 587

7. Update Postfix Config file, master.cf

This file is located in /etc/postfix/master.cf.
You need to specify port so that service runs on port 587

Sample entry:

#
==========================================================================
#
service type private unpriv chroot wakeup
maxproc command + args
#
(yes) (yes) (yes) (never) (100)
#
==========================================================================
127.0.0.1:587
inet n -
n -
- smtpd

Edit 2^nd
Postfix config file, main.cf

This file is located in /etc/postfix/main.cf

I will not detail this entire config file because the configuration
details will depend on your environment. But, in a nutshell you want
to do the following: update the relevant hostname and ips in main.cf
and add something like this to end of main.cf:

## TLS
Settings
#auth
smtp_sasl_auth_enable=yes
smtp_sasl_password_maps
= hash:/etc/postfix/sasl_passwd

#tls
smtp_use_tls =
yes
smtp_sasl_security_options =
noanonymous
smtp_sasl_tls_security_options =
noanonymous
smtp_tls_note_starttls_offer = yes
tls_random_source
= dev:/dev/urandom
smtp_tls_scert_verifydepth =
5
smtp_tls_key_file=/etc/postfix/enduro.key
smtp_tls_cert_file=/etc/postfix/enduro.pem
smtpd_tls_ask_ccert
= yes
smtpd_tls_req_ccert =no
smtp_tls_enforce_peername = no

9. Also make sure you have this entry in main.cf

relayhost = [smtp.gmail.com]:587

10. Using vi or your favorite editor, create the follwing file,
/etc/postfix/sasl_passwd

and using this format below for its content, add your email
address and password:

#
Contents of sasl_passwd
#
[smtp.gmail.com]:587
myemail@gmail.com:pa33w0r8

11. Now test
this file by running this simple "hash" key test.

$
postmap -q [smtp.gmail.com]:587 sasl_passwd

myemail@gmail.com:pa33w0r8

12. You'll
need to protect your password so that only the postfix group and root
can read it by changing the access rights as follows:

$
chown root.postfix sasl_passwd*
$ chmod 0640 sasl_passwd*

( PostFix binary location: /usr/sbin/postfix )

13.Start
PostFix,

command line:
postfix start

14. Use sendmail
from command line to test:

Cmd line:
sendmail mytargetemail@gmail.com this is test

Next: Hit Enter ,
then type a dot, then Hit Enter

(Note: make sure
Sendmail is started (cmd line: service sendmail restart)

(Note: logs errors
to /var/log/maillog)

Alternatively Test
Sendmail using this by creating a text file (mail.txt) in the below
format)

date:
todays-date
to: user@domain.com
subject:
subject
from: your-name@domain.com

Body of
message goes here

Then call sendmail with
that file as an input:

Command
line: /usr/sbin/sendmail email-address < mail.txt

Or you can use the -t
option to to tell sendmail to read the header of the message to
figure out who to send it to.

Command
line: /usr/sbin/sendmail -t < mail.txt

This will process the
To: and CC: lines for you and send the mail to the
correct addresses.

Blogspot Tip of the Day, You can use Google Docs to Publish directly to your blog

2008-11-12T12:11:00.000-08:00

Blogging Tip of The Day, You can use Google Docs to Publish directly to your blog.

For example so you are writing a long article (in my case long technical thing), it is much easier
to write something using a word processor like Word or Google Docs.
If you write something in Google Docs, you have the option to "Publish as Web Page"
within this option you can then choose to publish it to your Blog.
If it is to blogspot, you click configure your blogspot settings, enter your info then click Publish to Blog.

Mono on Fedora 9 - Installation/Setup/Configuration

2008-11-12T12:01:00.001-08:00

Previously, I have setup Mono on Fedora 8 using a prebuilt image.

See blog post: http://endurotracker.blogspot.com

Summary:

Install and configure Mono (.net framework) on Fedora 9.

Notes: Yum did not seem to detect the dependencies of between xsp and mod_mono
if you follow the order of the steps at : http://www.inprose.com/articles/10-enable-aspnet-support-in-fedora-linux.html
You end up with fc9 version of mod_mono, but a fc10 version of xsp which is bad.
You want all your libraries to be a fc10 version.
Your web server, Apache can be the fc9 version.

Steps:

1) Install Apache fc9: yum install httpd
2) Disable SELinux, from UI , click System -> Administration -> SELinux Management ( from linked article above mentions that from command line: setenforce 0 , but I could not get this to work)
3) Install fc10 mod_mono from rawhide repository ( which depends on mono-core, mono-web, and xsp, so this will can installed all at the same time in this step):
yum install --enablerepo=rawhide mod_mono
4) Grant permissions to apache user to execute and create directories under var/run ( apache runs under user: apache by default), command line: chmod 777 /var/run -R

5) After the successful install we need to configure Apache to allow it to run Mono applications (typical usage asp.net web pages, and .asmx web services).
In this test case , we are using the test asp.net pages that got installed under /usr/lib/xsp/test when we installed xsp above in the install mod_mono step.
On completion of this step, we can open our browser and go to http://localhost/test to see our Mono Test Page in action.

Edit /etc/httpd/conf/httpd.conf

Add these entries to the end of the file:
#Test Mono Setup
MonoAutoApplication enabled
MonoServerPath test /usr/bin/mod-mono-server2
Alias test "/usr/lib/xsp/test"
MonoApplications test "/test:/usr/lib/xsp/test"

MonoSetServerAlias test
SetHandler mono

MonoSetEnv MONO_IOMAP=all

6) Done! Go to go to http://localhost/test to test your setup.

Amazon Flexible Payment Service , A Series of Blog Posts

2008-11-10T11:14:00.000-08:00

I am planning to write a series of blog posts detailing my experience
with Amazon's Flexible Payment Service.(http://aws.amazon.com/fps/) Amazon's offering competes with PayPal, Google Checkout, http://www.authorize.net/, and other payment api's.

I am creating a series of blogs because Amazon's FPS API is a large offering and a single blog post would only skim the surface.
Series topics will include:

Overview of Amazon FPS,
Setting up your Environment/Creating your FPS account,
Creating Payment Instructions,
Creating a database to store submitted transactions,
Using Co-Branded UI,
Creating Pay Request,
Pull Method - Create a Job to Polling Amazon's FPS Service for successful Pay Request,
Push Method - Use Amazon Notifications to get Status of Pay Requests

JQuery and MonoRail

2008-09-28T21:19:00.000-07:00

Over the weekend, I made the move from RC3 of Monorail (http://castleproject.org) to the Trunk of Monorail targeting .Net 2.0.

I took this opportunity because, Ayende (http://ayende.com/blog/) released some code on the Castle project mailing list as well as being added to the Trunk that helps people who prefer JQuery as one of their Javascript library. Ayende shared a JQueryGenerator class and a JQueryElementGenerator class.

Side Note to avoid conflicts with other javascript libraries add this to you layout template wrapped in the script tag:
<script type="text/javascript">
{
var jQuery = jQuery.noConflict();
});
</script>

I starting using them and created a few personal Unit test classes to test them. These test classes at the moment do not have full coverage, but they are a start.
When targeting the .Net 2.0 framework I ran into an issue with JSGeneratorDispatcher when it called a the hide method on JSQueryGenerator class. The resolution ended up being to add a params attribute to the method signature of methods that have an array in the signature. (Important: This is now patched in the trunk)
For example changing:
public override void Hide(string[] ids)
{
SelectRelevantElements(ids);
CodeGenerator.Write(".hide();");
}
To:
public override void Hide(params string[] ids)
{
SelectRelevantElements(ids);
CodeGenerator.Write(".hide();");
}

Steps to use JQuery in MonoRail

I recommend:

1) Either commenting out the other javascript libraries referenced in your layout view, or adding an alias for JQuery and wrap this in script tag.
<script type="text/javascript">
{
var jQuery = jQuery.noConflict();
});
</script>
2) Add JQuery to you layout:
<script type="text/javascript" src="$siteroot/content/js/jquery-1.2.6.js"> </script>

3) Use the latest Monorail source code from the Trunk, to take advantage of Javascript Generation using JQuery as you default.
Update global.asax.cs , add :
using Castle.MonoRail.Framework.JSGeneration;
using Castle.MonoRail.Framework.JSGeneration.jQuery;

also add method To Your Global.asax:
public void Configure(IMonoRailConfiguration config)
{

config.JSGeneratorConfiguration.AddLibrary("jquery-1.2.6", typeof(JQueryGenerator))
.AddExtension(typeof(CommonJSExtension))
.SetAsDefault();

}

3) Create yourself a helper class for JQuery to make it easier to create Ajax calls, etc. via JQuery.

Cloud Computing: Setup Postgresql to use Amazon Elastic Block Store (EBS)

2008-08-28T16:25:00.000-07:00

Cloud Computing: Setup Postgresql to use Amazon Elastic Block Store (EBS)

Prerequisites: Familiar with creating and launching instances using Amazon EC2, and familiar with editing config files in linux. Also make sure that Postgresql is installed on your instance, see installation steps at http://endurotracker.blogspot.com .

Overview

We will follow the same initial steps as outlined on Amazon’s developer website ( http://developer.amazonwebservices.com ). The latter steps will be specific to Postgresql.

1) Creating an Amazon EBS Volume

In this example, the user calls the CreateVolume API, specifying an 10 GB volume.

$ ec2-create-volume --size 10 --availability-zone us-east-1a

VOLUME vol-4d826724 858993459200 creating 2008-02-14T00:00:00+0000

$ ec2-describe-volumes vol-4d826724

VOLUME vol-4d826724 858993459200 available 2008-02-14T00:00:00+0000

2) Attach the Amazon EBS Volume to an Instance

In this example, the user calls the AttachVolume API to attach the volume vol-4d826724 to the instance i-6058a509 and expose it as the device /dev/sdh.

$ ec2-attach-volume vol-4d826724 -i i-6058a509 -d /dev/sdh

ATTACHMENT vol-4d826724 i-6058a509 /dev/sdh attaching 2008-02-14T00:15:00+0000

3) Describing Volumes and Instances

After creating Amazon EBS volumes and attaching them to instances, you can list them using the DescribeVolumes and the DescribeInstances functions.

To list all volumes owned by the user, including their status, the user invokes the DescribeVolumes function.

$ ec2-describe-volumes

VOLUME vol-4d826724 858993459200 in-use 2008-02-14T00:00:00+0000

ATTACHMENT vol-4d826724 i-6058a509 /dev/sdh attached 2008-02-14T00:00:17+0000

VOLUME vol-50957039 13958643712 available 2008-02-091T00:00:00+0000

VOLUME vol-6682670f 1073741824 in-use 2008-02-11T12:00:00+0000

ATTACHMENT vol-6682670f i-69a54000 /dev/sdh attached 2008-02-11T13:56:00+0000

The function returns the volume ID, capacity, status (in-use or available) and creation time of each volume. If the volume is attached, an attachment line shows the volume ID, the instance ID to which the volume is attached, the device name exposed to the instance, its status (attaching, attached, detaching, detached) and when it was attached.

The user can also view volumes that are attached to running instances by using the DescribeInstances function.

$ ec2-describe-instances

RESERVATION r-e112fc88 416161254515 default

INSTANCE i-3b887c52 ami-3fd13456 ec2-67-202-27-216.compute-1.amazonaws.com domU-12-31-38-00-35-94.compute-1.internalrunning gsg-keypair 0 m1.small 2007-11-26T13:20:35+0000 vol-4d826724

RESERVATION r-e612fc8f 416161254515 default

INSTANCE i-21b63c22 ami-3fd13456 ec2-67-202-18-227.compute-1.amazonaws.com domU-12-31-38-00-39-28.compute-1.internalrunning gsg-keypair 0 m1.small 2007-11-26T13:21:51+0000 vol-6682670f,vol-50957039

4) Create ext3 filesystem on persistence volume (Amazon EBS) and mount the volume

Command line: yes | mkfs -t ext3 /dev/sdh

Command line: mkdir /mnt/pgsql

Command Line: mount /dev/sdh /mnt/pgsql

5) Stop Postgresql if it is already running on your instance

Cmd line: service postgresql stop

6) Copy postgresql folders to /mnt/pgsql

On Fedora 8, the folder is /var/lib/pgsql, copy the contents of the folder to /mnt/pgsql.

7) Change the owner of /mnt/pgsql to postgres user, and initial db cluster

Command line: chown –R postgres /mnt/pgsql

su –postgres

initdb –D /mnt/pgsql/data

8) Edit postgresql startup script and change all entries from /var/lib/pgsql to /mnt/pgsql

command line: vi /etc/rc.d/init.d/postgresql

9) Configure postgres for local access (see previous postgres setup post) (you will need to edit /mnt/pgsql/data/pg_hba.conf and /mnt/pgsql/data/postgresql.conf)

10) Start postgresql

command line: service postgresql start

10) Enjoy !

DB Cloud Computing: Postgresql Setup on Amazon EC2 using Fedora 8

2008-08-27T18:08:00.000-07:00

Postgresql Setup on Amazon EC2 using Fedora 8

Prerequisites: Familiar with creating and launching instances using Amazon EC2, and familiar with editing config files in linux.

Links to documentation on Amazon EC2 and how to create and launch instances:

http://developer.amazonwebservices.com/connect/kbcategory.jspa?categoryID=84

click on Technical documentation link.

Thanks goes to this article: http://www.postgresonline.com/journal/index.php?/archives/45-An-Almost-Idiots-Guide-to-PostgreSQL-YUM.html

There are some things missing from that article that I have addressed here.

1) Create Ami instance from pre-existing instance and launch instance.

Use ami-0abe5a63 for example, see url: http://www.nonhostile.com/mono-on-amazon-ec2.asp

url: http://developer.amazonwebservices.com/connect/entry.jspa?externalID=1616&categoryID=101

2) Logon to your instance using an SSH client (in windows you can use Putty)

3) Login as root

4) Edit /etc/yum/pluginconf.d/fastestmirror.conf and add to the end: exclude=postgresql*

(differs from the instructions at http://yum.pgsqlrpms.org/howtoyum.php to prevent your YUM update from getting postgresql from other sources)

5) Select the appropriate repository config file for your OS and choose 8.3 from here and navigating thru: http://yum.pgsqlrpms.org/reporpms/repoview/letter_p.group.html

Note the install file - should look something like http://yum.pgsqlrpms.org/reporpms/8.3/pgdg-fedora-8.3-4.noarch.rpm

6) Do a wget of the appropriate one: e.g.
wget http://yum.pgsqlrpms.org/reporpms/8.3/pgdg-fedora-8.3-4.noarch.rpm

7) Next install the rpm config file with:
rpm -ivh pgdg-fedora-8.4-1.noarch.rpm

8) Install the things that you want. These are the ones we tend to install

yum install postgresql

yum install postgresql-server

yum install postgis

yum install pgadmin3

Note:On Fedora 8, postgresql default location is /var/lib/pgsql/data

9) Create a user postgres

Add command prompt : useradd postgres

10) Set new user’s password

Add command prompt: passwd postgres

11) Initialize postgreSql

At command prompt:

chown postgres /var/lib/pgsql/data

su postgres

initdb –D /var/lib/pgsql/data

12) Configure postgresql for local access

From command line ( start up vi and add the 2 entries):

vi /var/lib/pgsql/data/pg_hba.conf
- add:local all all trust
host all all 127.0.0.1 255.255.255.255 trust
host all all 0.0.0.0 255.255.255.255 reject

13) To configure remote access, from command line, pass in range of external ips to allow access to:

vi /var/lib/pgsql/data/postgresql.conf

listen_addresses = ‘*’

vi /var/lib/pgsql/data/pg_hba.conf

host all all [start ip range] [end ip range] trust
14) Assuming you have the AMI tools installed on your desktop, from the command line authorize the default port of 5432, by doing the following:

c:\amitools\ec2-authorize default –p 5432

Note: Now you can use the Postgres Admin UI Tools (pgAdmin III) from the machines that you granted remote access to. PgAdmin III allows you to administer Postgresql via a GUI. You can get this tool by installing Postgresql on your Windows desktop(s). I recommend this since it makes administration much easier.

15) Restart Postgresql, from command line (logged in as root):

service postgresql restart

16) Create a db if you like, from command line:

su – postgres

createdb db_name

17) Create a postgresql username with password for new db.

From command line: (-U postgres , means username postgres)

createuser –P –U postgres

18) Restart postgresql

19) Test your connection

psql –U db_username db_name

Cloud Computing: Mono Setup on Amazon EC2

2008-08-27T18:07:00.000-07:00

Mono Setup on Amazon EC2 with optional config for MonoRail

Prerequisites: Familiar with create and launching instances using Amazon EC2, and familiar with editing config files in linux.

Links to documentation on Amazon EC2 and how to create and launch instances:

http://developer.amazonwebservices.com/connect/kbcategory.jspa?categoryID=84

click on Technical documentation link.

For porting application to Mono see article:
http://www.mono-project.com/Guide:_Porting_ASP.NET_Applications

1) Create Ami instance from pre-existing instance and launch instance.

Use ami-0abe5a63, see url: http://www.nonhostile.com/mono-on-amazon-ec2.asp

url: http://developer.amazonwebservices.com/connect/entry.jspa?externalID=1616&categoryID=101

2) Update Apache on this instance. This instance is a Fedora 8 image with Apache

Edit /etc/httpd/conf/httpd.conf

Add these entries to the end to use test app from mono:

MonoServerPath default /opt/mono-1.9.1/bin/mod-mono-server2

Alias / “/opt/mono-1.9.1/lib/xsp/test”

AddMonoApplications default “/:/opt/mono-1.9.1/lib/xsp/test”

MonoSetServerAlias default

SetHandler mono

Here is other entry example (notice using MonoApplications instead of AddMonoApplications)

(not sure why examples differ), but both syntax work:

Alias hellomonoweb “/opt/mono-1.9.1/lib/xsp/hellomonoweb”

MonoApplications “/hellomonoweb:/opt/mono-1.9.1/lib/xsp/hellomonoweb”

SetHandler mono

</Location>

Important to disable case sensitivity for files and file paths add this entry. This prevents issues like file not found due to differences between Linux and Windows handling of case sensitivity for files and file paths:

MonoSetEnv MONO_IOMAP=all

3) Optionally, if you are using MonoRail, a .Net implementation of Ruby on Rails ( see castleproject.org), add the following entry to /etc/httpd/conf.d/mod_mono.conf:

AddType applications/x-asp-net .rails