is there a way to set mime4j strict parsing to true for resteasy without hacking into and extending MultipartFormDataInputImpl? according to mime4j 0.8 javadoc, the default value is false. we want to have it throw an exception rather than having a warn as what default gives
public void setStrictParsing(boolean strictParsing)
Defines whether minor violations of the MIME specification should be tolerated or
should result in a MimeException. If this parameter is set to true, a
strict interpretation of the MIME specification will be enforced, If
this parameter is set to false minor violations will result in a
warning in the log.
Related
I had a Flink 1.15.1 job configured with
execution.checkpointing.mode='EXACTLY_ONCE'
that was failing with the following error
Sink: Committer (2/2)#732 (36640a337c6ccdc733d176b18adab979) switched from INITIALIZING to FAILED with failure cause: java.lang.IllegalStateException: Failed to commit KafkaCommittable{producerId=4521984, epoch=0, transactionalId=}
...
Caused by: org.apache.kafka.common.config.ConfigException: Invalid value for configuration transactional.id: String must be non-empty
that happened after the first checkpoint was triggered. The strange thing about it is that the KafkaSinkBuilder was used without calling setDeliverGuarantee, and hence the default delivery guarantee was expected to be used, which is NONE 1.
Is that even possible to start with? Shouldn't kafka transactions be involved only when one follows this recipe in 2?
* <p>One can also configure different {#link DeliveryGuarantee} by using {#link
* #setDeliverGuarantee(DeliveryGuarantee)} but keep in mind when using {#link
* DeliveryGuarantee#EXACTLY_ONCE} one must set the transactionalIdPrefix {#link
* #setTransactionalIdPrefix(String)}.
So, in my case, without calling setDeliverGuarantee (nor setTransactionalIdPrefix), I cannot understand why I was seeing these errors. To avoid the problem, I temporarily relaxed the checkpointing settings to
execution.checkpointing.mode='AT_LEAST_ONCE'
but I'd like to understand what was happening.
Like the JavaDoc mentions, if you enable exactly-once, you must set a transactionalIdPrefix. A complete recipe on how-to configure exactly-once with Apache Kafka can be found in this recipe: https://www.docs.immerok.cloud/docs/cookbook/exactly-once-with-apache-kafka-and-apache-flink/
Disclaimer: I work for Immerok
So I have two demo applications to test. One in .net 4.7 and the other in .net core 3.1.
When running the applications I'm getting different results depending the one used.
In both of them I put the CertificationValidationMode to None.
In .Net core I'm getting this error:
ITfoxtec.Identity.Saml2.Cryptography.InvalidSignatureException: Signature is invalid.
at ITfoxtec.Identity.Saml2.Saml2Request.ValidateXmlSignature(SignatureValidation documentValidationResult)
at ITfoxtec.Identity.Saml2.Saml2Request.Read(String xml, Boolean validateXmlSignature)
at ITfoxtec.Identity.Saml2.Saml2Response.Read(String xml, Boolean validateXmlSignature)
at ITfoxtec.Identity.Saml2.Saml2AuthnResponse.Read(String xml, Boolean validateXmlSignature)
at ITfoxtec.Identity.Saml2.Saml2PostBinding.Read(HttpRequest request, Saml2Request saml2RequestResponse, String messageName, Boolean validateXmlSignature)
at ITfoxtec.Identity.Saml2.Saml2PostBinding.UnbindInternal(HttpRequest request, Saml2Request saml2RequestResponse, String messageName)
at ITfoxtec.Identity.Saml2.Saml2Binding`1.Unbind(HttpRequest request, Saml2Response saml2Response)
which is good because I modified the assertion to extend the time for testing and at that point I'm assuming that the validation was bypassed and it is failing because it does not match.
In .Net Framework, this error is coming up:
ID4037: The key needed to verify the signature could not be resolved from the following security key
identifier
'SecurityKeyIdentifier(
IsReadOnly = False,
Count = 1,
Clause[0] = System.IdentityModel.Tokens.Saml2SecurityKeyIdentifierClause
)
'. Ensure that the SecurityTokenResolver is populated with the required key.
at System.IdentityModel.EnvelopedSignatureReader.ResolveSigningCredentials()
at System.IdentityModel.EnvelopedSignatureReader.OnEndOfRootElement()
at System.IdentityModel.EnvelopedSignatureReader.Read()
at System.Xml.XmlReader.ReadEndElement()
at System.IdentityModel.Tokens.Saml2SecurityTokenHandler.ReadAssertion(XmlReader reader)
at System.IdentityModel.Tokens.Saml2SecurityTokenHandler.ReadToken(XmlReader reader)
at ITfoxtec.Identity.Saml2.Saml2AuthnResponse.ReadSecurityToken(XmlNode assertionElement)
at ITfoxtec.Identity.Saml2.Saml2AuthnResponse.Read(String xml, Boolean validateXmlSignature)
at ITfoxtec.Identity.Saml2.Saml2PostBinding.Read(HttpRequest request, Saml2Request saml2RequestResponse, String messageName, Boolean validateXmlSignature)
at ITfoxtec.Identity.Saml2.Saml2Binding`1.ReadSamlResponse(HttpRequest request, Saml2Response saml2Response)
Here I'm thinking that the validation is happening, it is not bypassed, and it is failing. Basically the Validation Mode is ignored.
Am I thinking this wrong?
Thanks
As you say the result looks correct regarding .NET core.
It looks like the .Net Framework cannot find a certificate that match the certificate used in the SAML. 2.0 AuthnResponse. Maybe the .Net Framework application is not configured with the correct certificate? I do not think it has anything to do with the Validation Mode.
In the AngularJS docu you can see the following default header added to each request:
Accept: application/json, text/plain, * / *
I couldn't find what * / * means but I suppose it means ANY MIME TYPE.
Am I right? Sorry for the dumb question, but I couldn't find it explained anywhere...
Many thanks.
Yes. From the HTTP specification:
"The asterisk * character is used to group media types into ranges, with "*/*" indicating all media types"
You can read the whole spec in RFC 7231.
Yes, it means all mime types. As you can see at HTTP 1.1 Standards.
The asterisk "*" character is used to group media types into ranges,
with "*/*" indicating all media types and "type/*" indicating all
subtypes of that type. The media-range MAY include media type
parameters that are applicable to that range.
* / * actually is invalid; whitespace is not allowed here (and it was actually a bug in the angular documentation)
*/* however indeed means "any", see RFC 7231, Section 5.3.2 (https://greenbytes.de/tech/webdav/rfc7231.html#rfc.section.5.3.2.p.2)
i use solr 4.3 for my website ,
whie i query one data with morelike this function ,
sometime this exception goes out :
org.apache.solr.common.SolrException: parsing error
at org.apache.solr.client.solrj.impl.BinaryResponseParser.processResponse(BinaryResponseParser.java:43)
at org.apache.solr.client.solrj.impl.HttpSolrServer.request(HttpSolrServer.java:385)
at org.apache.solr.client.solrj.impl.HttpSolrServer.request(HttpSolrServer.java:180)
at org.apache.solr.client.solrj.request.QueryRequest.process(QueryRequest.java:90)
at org.apache.solr.client.solrj.SolrServer.query(SolrServer.java:301)
parsing error??
how was it ?
why it occures ?
thanks for your reply .
this code :
the code :
public MoreLikeThisQueryResponse(QueryResponse queryResponse) {
this.queryResponse = queryResponse;
NamedList<Object> res = this.queryResponse.getResponse();
for (int i = 0; i < res.size(); i++) {
String name = res.getName(i);
if ("match".equals(name)) {
this.matchResult = (SolrDocumentList) res.getVal(i);
}
}
}
This type of "parsing error" in the BinaryResponseParser.processResponse method typically indicates that the server is returning a raw HTML text response rather than a Solr javabin response. Typically that means that the server container (Tomcat or Jetty) is detecting and reporting an error before Solr gets a chance to handle the error and obey the wt parameter which sets the response format to javabin.
Check the server log for the actual error.
I had a similar problem.
It seems that there might be a compatibility error is your are not using the EXACT compatible versions of Solr and Solrj.
To resolve this, you have to specify
server.setParser(new XMLResponseParser());
Quoting from Solrj
SolrJ generally maintains backwards compatibility, so you can use a newer SolrJ with an older Solr, or an older SolrJ with a newer Solr. There are some minor exceptions to this general rule:
If you're mixing 1.x and a later major version, you must set the response parser to XML, because the two versions use incompatible versions of javabin.
I have a simple JPA #Entity that has a property of type
java.util.Locale.
When I try and persist this, I get the following error:
java.lang.IllegalArgumentException: locale: java.util.Locale is not a supported property type.
at com.google.appengine.api.datastore.DataTypeUtils.checkSupportedSingleValue( DataTypeUtils.java:174)
...
In the appengine SDK (1.3.1), datanucleus-core-1.1.5.jar contains
plugin.xml which contains the following type conversion "extension":
<java-type name="java.util.Locale" persistent="true" embedded="true"
string-converter="org.datanucleus.store.types.LocaleStringConverter"/>
How do I "activate" this type converter in my #Entity class?
This seems to be a significant limitation of Google's use of datanucleus. See the following (2nd last heading):
http://datanucleus.blogspot.com/2010/01/gaej-and-jdojpa.html