we are trying to implement rest client using quarkus and as per the documentation below are the application properties to set to call rest api
org.acme.rest.client.ExtensionsService/mp-rest/url=https://stage.code.quarkus.io/api
org.acme.rest.client.ExtensionsService/mp-rest/scope=javax.inject.Singleton
key-field in application property is having special character slash '/' it is not allowed in containerized platforms (openshift) to configure this property and only allowed characters for key are -,_, dot and alphanumaric characters. Please suggest any other way to change the naming convention for the key field in application property.
Related
I'm receiving Oauth2.0 tokens that have forward slashes in them with the content type set to application/json in the response headers. The Nimbus OAuth 2.0 SDK I'm using relies on this particular json library. Since it escapes forward slashes my tokens end up containing "\/" instead of "/". I know I could replace all offending instances, or substitute a UUID for "/" -- is there a way to simply tell the parser not to escape the slashes in the first place? Gson seems to have this functionality with its disableHtmlEscaping() method.
myJSONObject.toJSONString(new JSONStyle(JSONStyle.FLAG_PROTECT_4WEB)) passes slashes through undisturbed.
I'm building a REST back end based on spring and i'm using spring security to secure the requests. But i'm lookin for an issue to login by sending parameters in json rather than defaults parameters sent by the default login page of spring security.
I'm working with spring security 4.0.1 and spring 4.1
Any issue please?
If you're using just username and password, you can simply add a new filter to the stack, akin to the existing UsernamePasswordAuthenticationFilter, that would react to a specific URL only (just like the default one reacts to j_spring_security_check only), parse the JSON and create the very same UsernamePasswordAuthenticationToken that the default filter creates. This leaves the auth provider the same as the token didn't change.
If you need more fields in addition to username and password, either create a new token type (or use existing one if it makes sense) and a new auth provider that can deal with that token type. You can also just cram extra fields into UsernamePasswordAuthenticationToken using setDetails(), but this is a bit hacky.
I have been testing webhooks from http://context.io/ with Firebase. Which will fire off a POST whenever a valid email is sent.
The issue is that a couple of the keys have a '.' in the name. Which has Firebase sending me a 400 error:
"error" : "Invalid data; couldn't parse JSON object, array, or value. Perhaps you're using invalid characters in your key names."
Can I use security rules to manipulate the newData to replace the '.' or do i need to a use a proxy server in-between.
If so, what is the recommended approach for a thin nodejs proxy server, only made to do this.
Security rules only enforce security and cannot be used as translators or filters. Thus, you'll have to manipulate the keys before sending them to Firebase.
It doesn't look like you are forced to use the email as the key, since you can structure the URL to which context.io sends your requests. Could you save the effort of a proxy by using the context.io unique ids or some other unique id instead of email address?
If you REALLY want to work with the email as the key, you can still do it using a base64 encoded value of the email address.
This has many benefits including sorting integrity as well as faster lookups if you're constantly searching by email and accessing data within that.
Ref:
Python: https://docs.python.org/3/library/base64.html
Javascript: http://www.w3schools.com/jsref/met_win_atob.asp
I have an app that I'm working on converting from CF8 to CF10 and some of my remote CFCs where the data coming back should be JSON are now failing because there seems to be a "//" pre-pended to the returned data. For example here's an output of a returned structure:
//{"SUCCESS":true,"ERRORS":[],"DATA":{"COLUMNS":["AUTHRESULT","SPID","EMAIL","RID"],"DATA":[[true,361541,"user#domain.com",""]]}}
The same function run through the same CFC on the CF8 server gives:
{"ERRORS":[],"SUCCESS":true,"DATA":{"COLUMNS":["AUTHRESULT","SPID","EMAIL","RID"],"DATA":[[true,361541,"user#domain.com",""]]}}
The CFC that proxies all requests does have returnFormat="JSON" - but there is no SerializeJSON() being called in either the proxyCFC or the CFC that is extended from proxyCFC.
I'm not sure what's the best way to handle this. Trimming off the '//' in the response would be possible but it doesn't seem "right". I need to address it on the CF10 end of things because these functions are in use not only in our app, but some remote apps as well (and some are through http:// posts and some are through jQuery Ajax calls).
That is a server side setting in the ColdFusion admin, under settings. Prefix serialized JSON with. It is enabled by default for security. Protects web services, which return JSON data from cross-site scripting attacks by prefixing serialized JSON strings with a custom prefix.. Perhaps you had turned this off on your ColdFusion 8 server. I do not recommend turning it off though.
See this post from Raymond Camden - Handling JSON with prefixes in jQuery and jQueryUI
NOTE: this setting can also be set per-application by setting secureJSON and secureJSONPrefix in your Application.cfc file. See the documentation about that here - Application variables.
secureJSON - A Boolean value that specifies whether to add a security prefix in front of the value that a ColdFusion function returns in JSON-format in response to a remote call.
The default value is the value of the Prefix serialized JSON setting in the Administrator Server Settings > Settings page (which defaults to false). You can override this value in the cffunction tag.
secureJSONPrefix - The security prefix to put in front of the value that a ColdFusion function returns in JSON-format in response to a remote call if the secureJSON setting is true.
The default value is the value of the Prefix serialized JSON setting in the Administrator Server Settings > Settings page (which defaults to //, the JavaScript comment character).
I am building one web application using:
SPRING MVC
SPRING SECURITY
HIBERNATE
mySQL
I want to add internationalization support for Japanese language in my app.
To display label and messages from properties file in japanese language , I have made use of Spring Locale Interceptor and its working fine.
What I need , I want to store Japanese characters in Database (not in Unicode) from user inputs and want to display on page.
Also , when i enters Japanese characters in form , in POJO, it is automatically converted in unicode, how can i disable this behaviour?
To store or read characters in the database with explicitly specified encoding, use useUnicode and characterEncoding properties in your JDBC URL. see http://dev.mysql.com/doc/refman/5.1/en/connector-j-reference-charsets.html and http://dev.mysql.com/doc/refman/5.1/en/connector-j-reference-configuration-properties.html
In the 2nd question, do you mean that you want to use byte[] instead of java.lang.String when you treat input strings? I think you can do it, but I can not recommend it.