iBatis | Configuring xml file as a datasource in ibatis - ibatis

How do I configure an xml file as the datasource in iBatis?
thanks,
R

If you are using Tomcat you can configure the DataSource in config.xml and have the following definition in your iBatis configuration xml where comp/env/jdbc/db is your jndi definition in Tomcat.
<bean id="JndiDatasource" class="org.springframework.jndi.JndiObjectFactoryBean">
<property name="jndiName" value="java:comp/env/jdbc/db"/>
<property name="resourceRef" value="true" />
</bean>
If its a standalone application:
<bean id="jdbc.DataSource"
class="org.apache.commons.dbcp.BasicDataSource">
<property name="driverClassName" value="oracle.jdbc.OracleDriver"/>
<property name="initialSize" value="${jdbc.initialSize}"/>
<property name="maxActive" value="${jdbc.maxActive}"/>
<property name="minIdle" value="${jdbc.minIdle}"/>
<property name="password" value="${jdbc.dbpassword}"/>
<property name="url" value="${jdbc.dburl}"/>
<property name="username" value="${jdbc.dbuser}"/>
<property name="accessToUnderlyingConnectionAllowed" value="true"/>
</bean>

You can use JndiDataSourceFactory.. here is what i got from the IBATIS documentation:
JndiDataSourceFactory -
This implementation will retrieve a DataSource implementation from a JNDI context from within
an application container. This is typically used when an application server is in use and a
container managed connection pool and associated DataSource implementation are provided. The
standard way to access a JDBC DataSource implementation is via a JNDI context.
JndiDataSourceFactory provides functionality to access such a DataSource via JNDI. The
configuration parameters that must be specified in the datasource stanza are as follows:
I used Spring to configure IBATIS with AppServer defined Data Source, the spring framework has a nice integration with IBATIS. look at org.springframework.orm.ibatis.SqlMapClientFactoryBean to do this.

If you are looking for complete (working) example then, http://ganeshtiwaridotcomdotnp.blogspot.com/2011/05/tutorial-on-ibatis-using-eclipse-ibator_31.html might help you.
This article contains all the configuration settings for ibatis with ibator plugin and working sample examples with downloadable code.

Related

Camel Split/RecipientList Threads & Transaction Boundaries

In Apache Camel 2.20.2, I created a route with a split() and recipientlist(). I would like the entire route and recipients of each Exchange to occur in the same transaction. I am confused about when Camel will use a separate thread and transaction boundary. I've read through the Camel documentation and combed through various articles/forums on the web. I am looking for a definitive answer.
In Camel I have this route:
from("seda:process")
.transacted("TRANS_REQUIRESNEW")
.to("sql:classpath:sql/SelForUpdate.sql?dataSource=DataSource1")
.split(body())
.shareUnitOfWork()
.setHeader("transactionId", simple("${body.transactionId}"))
// Datasource 2 updates happening using "direct:xxxx" recipients
.recipientList().method(Routing.class).shareUnitOfWork().end()
.to("sql:classpath:sql/UpdateDateProcessed.sql?dataSource=DataSource1");
In the Spring context I defined the transaction management:
<jee:jndi-lookup expected-type="javax.sql.DataSource" id="Datasource1" jndi-name="jdbc/Datasource1"/>
<jee:jndi-lookup expected-type="javax.sql.DataSource" id="Datasource2" jndi-name="jdbc/Datasource2"/>
<bean id="datasource1TxManager" class="org.springframework.jdbc.datasource.DataSourceTransactionManager">
<property name="dataSource" ref="Datasource1" />
</bean>
<bean id="datasource2TxManager" class="org.springframework.jdbc.datasource.DataSourceTransactionManager">
<property name="dataSource" ref="Datasource2" />
</bean>
<bean id="TRANS_REQUIRESNEW"
class="org.apache.camel.spring.spi.SpringTransactionPolicy">
<property name="transactionManager">
<bean id="txMgrRouting"
class="org.springframework.data.transaction.ChainedTransactionManager">
<constructor-arg>
<list>
<ref bean="datasource1TxManager" />
<ref bean="datasource2TxManager" />
</list>
</constructor-arg>
</bean>
</property>
<property name="propagationBehaviorName"
value="PROPAGATION_REQUIRES_NEW" />
</bean>
When I run the route, it appears that the updates to Datasource1 and Datasource2 are happening in separate transactions. In addition, it appears the SelForUpdate.sql and UpdateDateProcessed.sql for Datasource1 are happening in separate transactions.
My question is, where are new threads created in this code, and where are the transaction boundaries? How would I get this to happen in one transaction context?
In reading the Apache Camel Developer's Cookbook, I understand the Split and RecipientList patterns both use the same thread for all processing (unless parallel processing is used). With the SpringTransactionPolicy beans that I've created, it seems all work in this route and recipient routes should take place in the same transaction context. Am I correct?

How to login into oracle database using encrypted username and password?

I encrypted username and password of oracle database using camel-jasypt component. How to login to oracle database using the encrypted values?
I guess you need to wire up a Datasource and I further guess you are using spring for that.
Then, it's probably easier to use plain jasypt than the Camel component (as you wire up the DataSource out of the Camel route).
Something like this (uses the same approach as is done in Apache ActiveMQ, refered to from the Camel-jasypt documentation). That said, you can of course also use the Camel jasypt component for stuff you need to encrypt inside the route itself.
<bean id="configurationEncryptor" class="org.jasypt.encryption.pbe.StandardPBEStringEncryptor">
<property name="algorithm" value="PBEWithMD5AndDES"/>
<property name="password" value="activemq"/>
</bean>
<bean id="propertyConfigurer" class="org.jasypt.spring.properties.EncryptablePropertyPlaceholderConfigurer">
<constructor-arg ref="configurationEncryptor" />
<property name="location" value="file:/conf/credentials-enc.properties"/>
</bean>
<bean id="dataSource" class="org.apache.commons.dbcp.BasicDataSource" destroy-method="close">
<property name="driverClassName" value="com.oracle.Whatever"/>
<property name="url" value="jdbc:foo://hostname/database"/>
<property name="username" value="user"/>
<property name="password" value="${jdbc.password}"/>
</bean>

WSO2 Identity Server - LDAP user store not working

I'm trying to configure the Identity Server (4.1.0) against our corporate Active Directory.
I am using the ReadOnlyLDAPUserStoreManager class. Here is the configuration for the user store:
<UserStoreManager class="org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager">
<Property name="ReadOnly">true</Property>
<Property name="MaxUserNameListLength">100</Property>
<Property name="ConnectionURL">ldap://host</Property>
<Property name="ConnectionName">ommitted</Property>
<Property name="ConnectionPassword">xxxxxx</Property>
<Property name="passwordHashMethod">PLAIN_TEXT</Property>
<Property name="UserSearchBase">searchbase</Property>
<Property name="UserNameListFilter">(objectClass=user)</Property>
<Property name="UserNameAttribute">sAMAccountName</Property>
<Property name="ReadLDAPGroups">true</Property>
<Property name="GroupSearchBase">groupbase</Property>
<Property name="GroupNameListFilter">(objectClass=group)</Property>
<Property name="GroupNameAttribute">sAMAccountName</Property>
<Property name="MembershipAttribute">memberOf</Property>
<Property name="UserRolesCacheEnabled">false</Property>
<Property name="ReplaceEscapeCharactersAtUserLogin">true</Property>
<Property name="maxFailedLoginAttempt">0</Property>
</UserStoreManager>
I've removed specific connection details and UserSearchBase and GroupSearchBase. IS starts up successfully, and I can see users and roles listed.
I'm encountering the following issues:
The Identity server does not correctly map assigned roles to users. Even though my AD uses the 'memberOf' attribute to define group membership, Identity server does not have any assigned to a particular user
I am not able to log in to the Identity server admin UI with a user from my LDAP store. When I configure Realm/Configuration in the following way:
admin
AD_user_name
admin
everyone
jdbc/WSO2CarbonDB
org.wso2.carbon.user.core.config.multitenancy.CommonLDAPRealmConfigBuilder
org.wso2.carbon.user.core.config.multitenancy.CommonLDAPRealmConfigBuilder</Property-->
Does anyone have any suggestion for integrating with a readonly LDAP store that is ACtive directory?
Update
Working with WSO2 support, I would advise everyone to wait until IS 4.1.1 before attempting this particular use case. Older versions of the product simply do not work very well. I will update as I know more.
I don't know about Active Directory, but we were facing a similar problem on OpenLDAP, we could not list the roles of a user, the reason was, our LDAP was relating a user to a group by only using it's UID, for example, on the role the attribute memberUid was:
memberUid = alandaniel
but the way WSO2 org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager
expects is:
memberUid = uid=alandaniel,ou=x,dc=y,dc=z
so i had to customize the user.core plugin.
Instead of creating the query:
(&(objectClass=posixGroup)(memberUid=uid=alandaniel,ou=x,dc=y,dc=z))
it will now use
(&(objectClass=posixGroup)(memberUid=alandaniel))
So if you really need to customize it, extend ReadOnlyLDAPUserStoreManager and customize the method getExternalRoleListOfUser(..)
*The versions used were WSO2 IS 4.1.0 and WSO2 ESB 4.6.0.
I have used the attached configuration in a recent customer engagement
Can you try with this, connecting with a user which has read access to AD ?
Also, newest version of IS now supports multiple user stores. If you want a single active store, make sure to comment the default one. Otherwise, you need to add a domain name per user store (here ad-domain).
User stores setup is described here:
http://docs.wso2.org/wiki/display/IS400/Configuring+User+Stores
Hope this helps,
Isabelle.
<UserStoreManager class="org.wso2.carbon.user.core.ldap.ActiveDirectoryUserStoreManager">
<Property name="DomainName">ad-domain</Property>
<Property name="defaultRealmName">My-Realm</Property>
<Property name="kdcEnabled">false</Property>
<Property name="ConnectionURL">ldap://myserver:389</Property>
<Property name="ConnectionName">CN=yyyy,ou=xxxxx</Property>
<Property name="ConnectionPassword">xxxxxxx</Property>
<Property name="passwordHashMethod">PLAIN_TEXT</Property>
<Property name="UserSearchBase">ou=xxxx,...</Property>
<Property name="UserEntryObjectClass">user</Property>
<Property name="UserNameAttribute">sAMAccountName</Property>
<Property name="isADLDSRole">false</Property>
<Property name="userAccountControl">512</Property>
<Property name="UserNameListFilter">(objectClass=user)</Property>
<Property name="UserNameSearchFilter">(&(objectClass=user)(cn=?))</Property>
<Property name="UsernameJavaRegEx">[a-zA-Z0-9._-|//]{3,30}$</Property>
<Property name="UsernameJavaScriptRegEx">^[\\S]{3,30}$</Property>
<Property name="PasswordJavaScriptRegEx">^[\\S]{5,30}$</Property>
<Property name="RolenameJavaScriptRegEx">^[\\S]{3,30}$</Property>
<Property name="RolenameJavaRegEx">[a-zA-Z0-9._-|//]{3,30}$</Property>
<Property name="ReadLDAPGroups">true</Property>
<Property name="WriteLDAPGroups">false</Property>
<Property name="EmptyRolesAllowed">true</Property>
<Property name="GroupSearchBase">ou=xxxxx</Property>
<Property name="GroupEntryObjectClass">group</Property>
<Property name="GroupNameAttribute">cn</Property>
<Property name="MembershipAttribute">member</Property>
<Property name="GroupNameListFilter">(objectcategory=group)</Property>
<Property name="GroupNameSearchFilter">(&(objectClass=group)(cn=?))</Property>
<Property name="UserRolesCacheEnabled">true</Property>
<Property name="Referral">follow</Property>
<Property name="BackLinksEnabled">true</Property>
<Property name="maxFailedLoginAttempt">0</Property>
</UserStoreManager>
Please refer following blog post by Suresh.
http://sureshatt.blogspot.com/2012/07/how-to-connect-wso2-api-manager-to.html
It has an example of using ReadOnlyLDAPUserStoreManager.
I hope that helps.
Thanks.
Update:
I can confirm that the WSO2 IS 4.1.1 resolves the issue and this works as expected. I've come to the conclusion the product 4.1.0 flat out doesn't work.
The dev team has fixed the issues in those features and it's in the latest release.
Good luck.

need to connect two databases with Hibernate and JPA

I have an application that uses one database, for now i have this data-access-config.xml configured.
<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:tx="http://www.springframework.org/schema/tx"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.1.xsd">
<!-- Instructs Spring to perfrom declarative transaction management on annotated classes -->
<tx:annotation-driven />
<!-- Drives transactions using local JPA APIs -->
<bean id="transactionManager" class="org.springframework.orm.jpa.JpaTransactionManager">
<property name="entityManagerFactory" ref="entityManagerFactory" />
</bean>
<!-- Creates a EntityManagerFactory for use with the Hibernate JPA provider and a simple in-memory data source populated with test data -->
<bean id="entityManagerFactory" class="org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean">
<property name="dataSource" ref="dataSource" />
<property name="jpaVendorAdapter">
<bean class="org.springframework.orm.jpa.vendor.HibernateJpaVendorAdapter" />
</property>
</bean>
<bean id="dataSource" class="org.springframework.jdbc.datasource.DriverManagerDataSource">
<property name="driverClassName" value="org.postgresql.Driver" />
<property name="url" value="jdbc:postgresql://localhost:5432/database1" />
<property name="username" value="admin1" />
<property name="password" value="some_pass" />
</bean>
</beans>
it connects good, but now i need to configure a second database (in the same server), tried to duplicate the EntityManagerfactory but throws an error, that cannot have two Entities managers at the same time so im confused here. Im using Hibernate+JPA+Spring
Thanks!!!
Something like this should work I believe:
<bean id="emf" class="org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean">
<property name="dataSource" ref="dataSource" />
...
</bean>
<bean id="emf1" class="org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean">
<property name="dataSource" ref="dataSource1" />
...
</bean>
The in the DAO, use
#PersistenceContext(unitName = "emf1")
private EntityManager em;
The above will tell the DAO to use the emf1 instance.
Maybe you forgot to name your second entity manager something different than your first?
You might need to use a "persistence unit manager" which will help manage your persistence units. See the Spring documentation on multiple persistence units. You will have the 2 data sources, 1 entity manager factory, and 1 persistence unit manager.
The entity manager factor will have a reference to the persistence unit manager (instead of the 2 data sources), and then the persistence unit manager will have a reference to the 2 data sources.

Single Sign On (SSO): How to use Active Directory as an authentication method for CAS service?

I am developing a portal to Liferay and want to apply there a Single Sign On mechanism (SSO). I am using Jasig CAS for centralized authentication of my multiple web applications. Until now I know that I am able to use CAS as an authentication method but the next step would be to add some more intelligence and ask the authentication from an Active Directory server.
This should be possible by using AD as a "database" towards which the authentication is made, but I am new on these things and do not know how to make this with Jasig CAS.
Any clue how to accomplish this task?
I'm making a few assumptions here, so please let me know if I'm off target:
You're using a version of CAS between 3.3.2 and 3.4.8.
You want to tie CAS into Active Directory via LDAP (for Kerberos or SPNEGO see references below) using the Bind LDAP Handler (for FastBind see references below).
You're familiar with building CAS from source via Maven.
Prerequisite
If you're going to bind to AD via "ldaps://" (as opposed to "ldap://"), the JVM on your CAS server needs to trust the SSL certificate of your Active Directory server. If you're using a self-signed cert for AD, you'll need to import this into the JVM's trust store.
Summary
Within your CAS source tree, you'll need to make changes to the following files:
cas-server-webapp/pom.xml
cas-server-webapp/src/main/webapp/WEB-INF/deployerConfigContext.xml
Details
pom.xml:
Add the following within <dependencies>:
<!-- LDAP support -->
<dependency>
<groupId>${project.groupId}</groupId>
<artifactId>cas-server-support-ldap</artifactId>
<version>${project.version}</version>
</dependency>
deployerConfigContext.xml:
Reconfigure your Authentication Handers:
Look for: <property name="authenticationHandlers">. Inside this is a <list>, and inside this are (probably) two <bean ...> elements
Keep this one:
<bean class="org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler" p:httpClient-ref="httpClient" />
The other <bean> (again, probably) corresponds to the current method of authentication you're using. (I'm not clear based upon the question, as there are several ways
CAS can do this without using external services. The default is SimpleTestUsernamePasswordAuthenticationHandler, this authenticates as long as username is equal to password). Replace that <bean> with:
<!-- LDAP bind Authentication Handler -->
<bean class="org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler">
<property name="filter" value="uid=%u" />
<property name="searchBase" value="{your LDAP search path, e.g.: cn=users,dc=example,dc=com}" />
<property name="contextSource" ref="LDAPcontextSource" />
<property name="ignorePartialResultException" value="yes" /> <!-- fix because of how AD returns results -->
</bean>
Modify the "searchBase" property according to your AD configuration.
Create a Context Source for LDAP:
Add this somewhere within the root <beans> element:
<bean id="LDAPcontextSource" class="org.springframework.ldap.core.support.LdapContextSource">
<property name="pooled" value="false"/>
<property name="urls">
<list>
<value>{URL of your AD server, e.g.: ldaps://ad.example.com}/</value>
</list>
</property>
<property name="userDn" value="{your account that has permission to bind to AD, e.g.: uid=someuser, dc=example, dc=com}"/>
<property name="password" value="{your password for bind}"/>
<property name="baseEnvironmentProperties">
<map>
<entry>
<key>
<value>java.naming.security.authentication</value>
</key>
<value>simple</value>
</entry>
</map>
</property>
</bean>
Modify "urls", "userDn" and "password" accordingly.
Rebuild cas-server-webapp and try it.
References:
https://wiki.jasig.org/display/CASUM/LDAP
https://wiki.jasig.org/display/CASUM/Active+Directory

Resources