Setup
Setup
Setup
1 Install Java 8
4 Install Maven
5 SpringProject CVS
7 Datatables
8. Thymeleaf
9. Others:
11. Setting up multiple instances of WildFly Server and controlling from STS
14. XSSFilter
1 Install Java 8
/common/FromBharat/wildfly-8.2.0.Final.zip
OR
ighlighted in
8.2.0.Final/standalone/configuration/standalone.xml, and add the TWO changes h
yellow as below
<security-realm name="ApplicationRealm">
<authentication>
<local default-user="$local" allowed-users="*" skip-group-loading="true"/>
<properties path="application-users.properties"
relative-to="jboss.server.config.dir"/>
</authentication>
<authorization>
<properties path="application-roles.properties"
relative-to="jboss.server.config.dir"/>
</authorization>
</security-realm>
<security-realm name="UndertowRealm">
<server-identities>
<ssl protocol="TLS">
<keystore path="jb.keystore" relative-to="jboss.server.config.dir"
keystore-password="changeit"/>
</ssl>
</server-identities>
</security-realm>
<!--<subsystem xmlns="urn:jboss:domain:webservices:1.2">
<wsdl-host>${jboss.bind.address:127.0.0.1}</wsdl-host>
<endpoint-config name="Standard-Endpoint-Config"/>
<endpoint-config name="Recording-Endpoint-Config">
<pre-handler-chain name="recording-handlers"
protocol-bindings="##SOAP11_HTTP ##SOAP11_HTTP_MTOM ##SOAP12_HTTP
##SOAP12_HTTP_MTOM">
<handler name="RecordingHandler"
class="org.jboss.ws.common.invocation.RecordingServerHandler"/>
</pre-handler-chain>
</endpoint-config>
<client-config name="Standard-Client-Config"/>
</subsystem>-->
2. In case you face ‘SSLException’ in HMRC VSIPS E-Filing , then you have to add VSIPS
SSL Certificate to the JDK Keystore file.
ii) Again under Java, go to Compiler -> Errors/Warnings, and change below setting
Empty statement - Error
Value of local variable is not used - Error
Unused import - Error
Unnecessary else statement -Warning
Unnecessary cast or instanceof operation - Warning
iii) Download codetemplates.xml file from your Google Drive. Back to STS, Window->
Preferences -> Java -> Code Style -> Code Templates and import the codetemplates.xml
Set the Home directory to where you unzip your WildFly, JRE set to JDK1.8 and click Finish
v) Note : After, checkout and build, STS may throw “Error” ( “red cross” ) for the file
datatypes.dtd. This DTD file is given by HMRC, and used as it is for XML parsing. To avoid the
“red cross” for this error, you may Turn-off the DTD validation using following step :
4 Install Maven
Please follow the installation instructions available in the Apache Maven website -
http://maven.apache.org/.
5 SpringProject CVS
Checkout SpringProject from CVS repository.
After you take the latest CVS changes, you will need to update your Local Maven Repository
with few Webservice related JARs, for e.g PAPDIS jar. For this, copy the ws-papdis folder ,
from SpringProject/lib/Local-Maven-Repos
/home/your-name/.m2/repository
so, you should see /home/your-name/.m2/repository/ws-papdis, after doing the copy operation.
In the course of development, there could be more JARs added to the source code, so
periodically do check if you have correctly updated the Local Maven Repository.
In STS, File menu -> Import -> Existing Maven Project, point Root folder to the location
SpringProject and follow the wizard instructions from thereon.
GenLife Project :
sing STS Menu option, Import -> Existing Maven Project,
To start work on GenLife project, u
import the sub-projects namely :
base-common
base-payroll
base-aepm
friendly-pensions
genlife
For building ‘genlife’ application using STS, right click on ‘genlife’ , Run As > Run
Configuration > Maven Build > Press New Button and set up as below :
Name : GENLIFE_BUILD
Base Directory : YourLocalCVSPath/SpringProject
Goals : clean install -projects genlife -also-make
Efileready Project :
For building ‘efileready’ application using STS, right click on ‘efileready’ , Run As > Run
Configuration > Maven Build > Press New Button and set up as below :
Name : EFILEREADY_BUILD
Base Directory : YourLocalCVSPath/SpringProject
Goals : clean install -projects efileready -also-make
to change to
The parameter iPageEnd in the “Spring” version of procedure holds the total number of
rows to be shown per page . The “iPageEnd” parameter name is retained as it is, for
convenience sake.
8. For Accessing @RequestParam from html page in controller - We have created a simple
com.iss.common.domain.ParameterBean.java under base-common, which contains
commonly used attributes. This can be extended by adding more attributes, if need be.
This bean eases, if were to pass more @RequestParam to the controller. The following
are already defined:
1. batchID
2. taxYear
3. backUrl
ii) Create the DAO Class with @Repository annotation. Name the DAO implementation file with
suffix “Impl” . For e.g Interface is PayslipDAO.java, Implementation is PayslipDAOImpl.java
iii) Copy the DAO method signature from the “Old DAO” e
xcluding the params related to
“Transaction Type” if any.
SimpleJdbcCall jc = getSimpleJdbcCall("SFT_ERPAYSLIP_CSV")
.returningResultSet("refcursor", (RowMapper) new PayslipBeanMapper());
SqlParameterSource inparam = new MapSqlParameterSource()
.addValue("iErID", iErID)
viii) In case of an “INSERT along with SELECT” proc ( for e.g returning AUTOGENERATED ID
Key value ) , add @Transactional(rollbackFor = Exception.class) in the Service layer.
ix) In case, you need to work with the complete ResultSet object ( e.g XML Formation, or
creating complex nested Domain objects ) , you can make use of the
JdbcTemplate.query(String sql, ResultSetExtractor rse, Object args ) , instead of the
SimpleJdbcCall + RowMapper approach.
X) Related to DAO Migration for methods using the Gateway Server (GS) or
Authentication Server (AS)
In Live Deployment, the GS resides “in front of” the Operation Server (OS) or Resource Server
(RS) , i.e the actual web application. At the moment, there is considerable functionality involving
the GS DataSource like Admin Section. In the Struts Source code, the methods using the GS
DataSource can be identified based on the .init statement as shown below :
fpsSignUpDAO.init(Constants.GATEWAY_DSN);
In such cases involving GS DataSource note the following , during code migration :
● To format the float data further to add commas and currency symbols, will be
done in html pages. For example to show commas in Datatables column code as
follows
sData.toString().replace( /\B(?=(\d{3})+(?!\d))/ g, ",");
● In case to add pound currency symbol with commas in Datatables column code
as follows
'£ ' +sData.toString().replace( /\B(?=(\ d{3})+(?!\d))/ g, ",");
7 Datatables
We need to make the datatables request as POST. For this we need to add the following in
datatables def.
for the existing pages which are already coded, follow these steps
1. Add the above “fnServerData” to datatable def if not defined. For “fnServerData” refer
above.
2. Copy the sAjaxSource data to url under a jax def.
3. Delete sAjaxSource.
4. Delete $.getJSON part fully - if exists.
The bean class used for listing the data for Datatables should be light (avoid compose
other bean classes). It should contain only those elements/attributes pertaining to the
list page (in some cases few extra attributes are unavoidable).
ote,
Creating List bean for a list pages keeps the JSON data structure simple and light. N
before creating check the already existing beans for matching attributes if any.
8. Thymeleaf
1. To show validation error messages which contains <br/>(new line), and or any special
symbols in the error message string, use the below method
<span class="help-block" th:each="err : ${#fields.errors('fieldname')}" th:utext="${err}" />
or
<span class="help-block" th:each="err : ${fieldname}" th:utext="${err}" ></span>
2. To show validation error message which does not have <br/> (new line) in the error
message, use the below method
<span class="help-block" th:errors="*{fieldname}"></span>
3. QuickLinks - Help - You can find the quick links help files under WEB-INF/thl/quicklinks.
In quicklinks html file the id is prefixed with ‘js’ for a purpose, please follow the same in
case if you are adding a new help link.
sample quicklink:
<div class="col-sm-2 form-control-static"><a href="#" class="help-button" id="qtn8FL3"
title="Password">?</a></div>
Please make sure the id is present in the quick link file which you import in ‘th:replace’.
<script th:src="@{/resources/js/jquery.qtip.min.js}"></script>
<div th:replace="quicklinks/filename :: filename">quicklinks</div>
<script th:src="@{/resources/js/bc-quicklink.js}"></script>
Please fill in the correct file name and Import only required quick link files. You need add
the above lines after the last </script>
/*]]>*/
</script>
example:
/*]]>*/
</script>
<script th:src="@{/resources/js/jquery.qtip.min.js}"></script>
<div th:replace="quicklinks/forgotloginql :: forgotloginql">quicklinks</div>
<script th:src="@{/resources/js/bc-quicklink.js}"></script>
For every additional quicklink html file repeat the above g reen code snippet.
9. Others:
Due to the way of our live server setup, request.getRemoteAddr() will not return you the correct
user IP, instead it give you 127.0.0.1
String ip = request.getHeader("X-Forwarded-For");
if(ip == null){
ip = request.getRemoteAddr();
}
There is requirement to include Efileready as a part of another Parent project. Hence there is
need, to group the ‘Efileready’ application, under one global pattern as ‘/efr/*’, so that “access
control” can be imposed selectively, based on whether end-user opts to use Efileready service
or not. Now all the existing Efileready Controllers need to extend “EfrBaseController” which
defines the EFR Prefix Constant as “/efr”.
2. If any class-level url mappings are defined, remove them and move them to method
level.
3. Next, go to the related *.html page, and make the necessary changes to get the URL
prefix.
The goal is to leave "standalone" unmodified for AEX and work on another Server instance for
DemoPP under folder "standalone-aps". This will allow, AEX and DemoPP to run
simultaneously.
1. Open a terminal, and check if you have defined JBOSS_HOME , in your .bash_profile. If yes,
remove it.
2. Start STS, go to Servers Tab, clean your existing Server ( which is set to 9090 ), and remove
already deployed applications if any. Make sure /opt/wildfly-8.2.0.Final/standalone/deployments
is empty.
3. Open a terminal, change to /opt/wildfly-8.2.0.Final/ folder. Run the following command to
create a copy for DemoPP.
5. In STS, Window / Preferences / Server / Runtime Environments / Add , create a New WildFly
Runtime Environment and call the runtime as "WildFly 8.2 Runtime APS". In the wizard, point
the location of configuration file to ../../standard-aps/configuration/standalone.xml.
6. In the Servers Tab, right click New / Server, Select WildFly 8.0 with the runtime created at
Step 5, and give the Server name as "WildFly 8.2 Runtime APS Server".
7. In the Servers Tab, double click on the server created at Step 6 (or press F3) to open the
parameter editor.
In section "Server Ports", uncheck "Detect from Local Runtime" and specify offset 1000.
Select "Use a custom deploy folder" and edit the directory fields.
8. In the server’s parameter editor, go back to the overview, General Information, click “Open
launch configuration”.
The “Program arguments” should look like the Screenshot , and as given below
Right Click on able-pension-system, Run As > Run on Server > Select "WildFly 8.2 Runtime
APS Server" > Finish
Ref Link :
https://developer.jboss.org/wiki/HowToDefineMultipleJboss7ServerInstancesBasedOnTheStand
aloneFolderUsingEclipseJunoAndJbossTools40
You will need to import your localhost ssl certificate to your java keystore (cacerts)
To do that, first start the app, and in your browser url click on the padlock and export the
certificate. You can save as localhost.crt, then run this keytool command to import it into your
java keystore.
/usr/java/latest/bin/keytool -importcert -alias localhost -file localhost.crt
-keystore /usr/java/latest/jre/lib/security/cacerts
Your java path may be different, please make sure it is the one you use in STS.
14. XSSFilter
All Request parameter values will be screened by XSSFilter, and validated against following
pattern ( complying with OWASP) :
HTTPParameterValuePattern = Pattern.compile("^[:\\p{L}\\p{N}\\w\\.\\-/+=_
!$*?@%,'()&\\n\\t\\r]{0,3000}$"
Any request parameter value with characters not satisfying above pattern will be treated as
'offending' and will be removed by XSSFilter. Characters like " | < > are not allowed, and for
understanding purpose, they are referred as 'Special Characters' henceforth. If any field can
genuinely have 'Special Characters', then the URL and the related request parameter name
must be given in ExcludeFromFilter.properties of that application, so that XSSFilter will not
validate that particular Request parameter value
Further, for fields which are allowed to include ‘Special characters’, it must be ensured that
when they are shown back in View Form page, or Datatables List page, the value is just
displayed as text , and it does not cause any unwanted script execution.
For e.g, check the field by entering value as
<script>alert(1)</script>
https://docs.spring.io/spring-security/site/docs/current/reference/html/csrf.html
http://www.thymeleaf.org/whatsnew21.html#reqdata
For this purpose, every Thymeleaf page having <form> tag must have th:action specifying the
default action for that page.