I have an issue working in IBM Mobile First v7.0 Analytics console.
In analytics console the data was not loaded from mobile first server.but all data are stored in Worklight database...
The following configuration i did for my application and deployed in production server...
Worklight.proerties file enable JNDI proerties
wl.analytics.url=http://192.168.1.3:9080/analytics-service/data
wl.analytics.console.url=http://192.168.1.3:9080/analytics/console
Keep the analytics.ear file in my application foler...
C:\IBM\WebSphere\Liberty\usr\servers\testserver\apps
Server.xml
<feature>jndi-1.0</feature>
</featureManager>
<application location="analytics.ear"
name="analytics-ear"
type="ear">
<application-bnd>
<security-role name="worklightadmin">
<user name="admin"/>
</security-role>
<security-role name="worklightdeployer">
<user name="deployer"/>
</security-role>
<security-role name="worklightmonitor">
<user name="monitor"/>
</security-role>
<security-role name="worklightoperator">
<user name="operator"/>
</security-role>
</application-bnd>
</application>
If I did any mistake, kindly anyone help me
Since you are using security roles on your analytics console you need to send data with a username and password. Inside your server.xml for your Operations Console, you can set these username and password with the following JNDI properties:
<jndiEntry jndiName="AppName/wl.analytics.username" value="admin"/>
<jndiEntry jndiName="AppName/wl.analytics.password" value="admin"/>
Also, make sure that your security roles an constraints match your server.xml to the WEB.xml in your analytics-service.war. Default is the security configuration below:
<security-constraint>
<security-role>
<role-name>worklightadmin</role-name>
</security-role>
<security-constraint>
<web-resource-collection>
<web-resource-name>allAccess</web-resource-name>
<url-pattern>/data/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>worklightadmin</role-name>
<role-name>worklightdeployer</role-name>
<role-name>worklightmonitor</role-name>
<role-name>worklightoperator</role-name>
</auth-constraint>
<user-data-constraint>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
The role-names will need to match the names that you use in your basic registry.
Related
I am running two different applications(war files) in single tomcat. those two may contact each other.
Now I want to block some of the HTTP methods for application2. So I have added the following into my web.xml in tomcat config folder,
<security-constraint>
<web-resource-collection>
<web-resource-name><strong>restricted methods</strong></web-resource-name>
<url-pattern>/app2/*</url-pattern>
<http-method>OPTIONS</http-method>
<http-method>TRACE</http-method>
</web-resource-collection>
<auth-constraint />
</security-constraint>
After adding this also I am not getting 403 response for OPTIONS request. it's giving response as 200. but
<security-constraint>
<web-resource-collection>
<web-resource-name><strong>restricted methods</strong></web-resource-name>
<url-pattern>/*</url-pattern>
<http-method>OPTIONS</http-method>
<http-method>TRACE</http-method>
</web-resource-collection>
<auth-constraint />
</security-constraint>
without mentioning app2 in URL pattern it's giving 403 response for OPTIONS request.
Now my question is how can I block some HTTP methods for my application2 alone?
Ihanks in advance.
I need to run tests again an existing database in Drupal 8.
I already tried to replace default sqllite connection info with the right mysql database's info in phpunit.xml
Here's my phpunit.xml file :
<?xml version="1.0" encoding="UTF-8"?>
<phpunit xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:noNamespaceSchemaLocation="http://schema.phpunit.de/4.1/phpunit.xsd"
bootstrap="test/bootstrap.php"
beStrictAboutTestsThatDoNotTestAnything="true"
beStrictAboutOutputDuringTests="true"
beStrictAboutChangesToGlobalState="true"
strictConfigSchema="false">
<testsuites>
<testsuite name="drupal-composer-project tests">
<directory>./test/</directory>
</testsuite>
</testsuites>
<php>
<!-- Set error reporting to E_ALL. -->
<ini name="error_reporting" value="32767"/>
<!-- Do not limit the amount of memory tests take to run. -->
<ini name="memory_limit" value="-1"/>
<env name="SIMPLETEST_BASE_URL" value="http://localhost"/>
<env name="SIMPLETEST_DB" value="mysql://user:password#mysql/databasename"/>
<env name="BROWSERTEST_OUTPUT_DIRECTORY" value=""/>
</php>
<filter>
<whitelist processUncoveredFilesFromWhitelist="true">
<directory suffix=".php">src</directory>
</whitelist>
</filter>
<listeners>
<listener class="\Drupal\Tests\Listeners\DrupalListener">
</listener>
<!-- The Symfony deprecation listener has to come after the Drupal listener -->
<listener class="Symfony\Bridge\PhpUnit\SymfonyTestsListener">
</listener>
</listeners>
<logging>
<log type="coverage-html" target="../../coverage" charset="UTF-8" yui="true" highlight="true"/>
<log type="coverage-clover" target="../../clover.xml"/>
<log type="coverage-crap4j" target="../../crap4j.xml"/>
</logging>
</phpunit>
When I log database information, I see that a test prefix is added, and this prefix will create tables inside my existing database. How can I make the tests run directly on my own database and tables ?
If you want to run tests on the existing database, you need to use Drupal Test Traits. Here's some introduction text for this testing framework.
But, as #DirkScholten said, you should avoid run tests on the existing database. An exception is running User Acceptance Tests, they need data from the production database in order to simulate an end-user experience. In this case, ensure that you run tests in isolate environment, so as not tests send some mail to the real user or do some changes via API on real servers.
If you just need some custom settings or field on you Drupal's test instance, then a better option is to create your own installation profile and use them in your tests. Here's instructions.
The third option is to use config_installer and doing tests on custom site configuration. From Drupal 8.6 you don't need this module, it's in the Drupal's core.
I have created a java servlet web application. It's working properly with "http". Now I want to set "https" secured connection to the server. For that, I have configured the things properly in the tomcatserver/conf/server.xml as follows.
Connector port="8443" protocol="HTTP/1.1"
maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
keystoreFile="conf\localhost.jks" keystorePass="xxxx"
clientAuth="false" sslProtocol="TLS" />
then I have configured the things on web.xml file also as follows.
<security-constraint>
<web-resource-collection>
<web-resource-name>HTTPSOnly</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
when I send a request through postman, I am given following error.
here I have attached the request header also.
how can I solve this?
I'm running OrientDb 2.2.6 in embedded mode. I have to grant security permissions to my code so the SecurityManager allows it to run. One permission I would particularly prefer not to grant is ("java.lang.reflect.ReflectPermission" "suppressAccessChecks"). Instead of granting permissions, I would rather start the server without requiring reflection. Is there a way to start the OrientDb server in embedded mode without reflection?
Here is my configuration:
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<orient-server>
<network>
<protocols>
<protocol implementation="com.orientechnologies.orient.server.network.protocol.binary.ONetworkProtocolBinary" name="binary"/>
</protocols>
<listeners>
<listener protocol="binary" socket="default" port-range="2424-2430" ip-address="0.0.0.0"/>
</listeners>
</network>
<users>
<user resources="*" password="root" name="root"/>
<user resources="connect,server.listDatabases,server.dblist" password="guest" name="guest"/>
</users>
<properties>
<entry value="1" name="db.pool.min"/>
<entry value="50" name="db.pool.max"/>
<entry value="true" name="profiler.enabled"/>
</properties>
</orient-server>
The code I'm using was taken from OrientDb documentation. Its only three lines:
server = OServerMain.create();
// orientServerConfigFile is a file object for the configuration given above
server.startup(orientServerConfigFile.getInputStream());
server.activate();
The relevant stack trace is below:
2016-09-12 15:41:55:557 FINE Access denied
Permission that failed: ("java.lang.reflect.ReflectPermission" "suppressAccessChecks")
ProtectionDomain that failed: file:/*/modules/orientSystemDb-se.jar
Stack trace causing the failure:
java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
java.lang.reflect.AccessibleObject.setAccessible(AccessibleObject.java:128)
com.orientechnologies.common.util.OMemory.getPhysicalMemorySize(OMemory.java:65)
com.orientechnologies.orient.core.engine.OMemoryAndLocalPaginatedEnginesInitializer.configureDefaultDiskCacheSize(OMemoryAndLocalPaginatedEnginesInitiali
com.orientechnologies.orient.core.engine.OMemoryAndLocalPaginatedEnginesInitializer.configureDefaults(OMemoryAndLocalPaginatedEnginesInitializer.java:63)
com.orientechnologies.orient.core.engine.OMemoryAndLocalPaginatedEnginesInitializer.initialize(OMemoryAndLocalPaginatedEnginesInitializer.java:52)
com.orientechnologies.orient.core.engine.local.OEngineLocalPaginated.startup(OEngineLocalPaginated.java:56)
com.orientechnologies.orient.core.Orient.startEngine(Orient.java:872)
com.orientechnologies.orient.core.Orient.loadStorage(Orient.java:480)
com.orientechnologies.orient.core.db.document.ODatabaseDocumentTx.<init>(ODatabaseDocumentTx.java:167)
com.orientechnologies.orient.core.db.document.ODatabaseDocumentTx.<init>(ODatabaseDocumentTx.java:148)
com.orientechnologies.orient.server.OSystemDatabase.init(OSystemDatabase.java:151)
com.orientechnologies.orient.server.OSystemDatabase.<init>(OSystemDatabase.java:44)
com.orientechnologies.orient.server.OServer.initSystemDatabase(OServer.java:1227)
com.orientechnologies.orient.server.OServer.activate(OServer.java:342)
I have a web application running on Apache Tomcat 8.x. I have my custom users configured in tomcat-users.xml as follows.
<role rolename="admin"/>
<role rolename="user"/>
<user username="admin" password="admin" roles="admin, user"/>
<user username="user1" password="password1" roles="user"/>
<user username="user2" password="password2" roles="user"/>
I also have the following in tomcat-users.xml so that I can access the Tomcat admin console.
<role rolename="manager-gui"/>
<user username="tomcat" password="s3cret" roles="manager-gui"/>
Is there a way, I could use the Tomcat Admin console to add more users to tomcat-users.xml without having to edit the xml file manually?
No.
If you need to secure your application with something that will have access to manage its own users then you should move away from text files.