We have a requirement of enabling universal link in our application. We have a java based web application(spring) and a iOS app. To enable universal link as per apple we need to create a json file apple-app-association-file and host this file in the server.
Now java web app is deployed in tomcat in windows server and apche 2.4 is being used as web server. Please let me know how to host the apple-app-association-file in the tomcat or web server or inside the war file(inside the code), we are using maven structure.
according to docs, we need to remove the file extentsion and file should be access as below:
url of web app: https://xyz.example.com
where xyz.example.com is mapped to a web app which is there in webapp folder in tomcat.(localhost:8080/webApp)
apple-app-association-file to be accessed as: https://xyz.example.com/apple-app-association-file
now as the extension is not there how can i host it.Do i need to make the code changes and treated it as servle request. Even if i do so it wont be a good idea to execute a servet just to access a file
Also, it's also important that the file is served with the correct MIME-type, for Universal Links it can be served as application/json. How to set mime type in tomcat or java web app(spring)
First rename file to apple-app-site-association.json, then write next Spring configuration:
#EnableWebMvc
public class WebClientConfig extends WebMvcConfigurerAdapter {
#Override
public void addResourceHandlers(ResourceHandlerRegistry registry) {
registry.addResourceHandler("/.well-known/*")
.addResourceLocations("/path/to/your/static/resources")
.resourceChain(true)
.addResolver(new PathResourceResolver() {
#Override
protected Resource getResource(String resourcePath, Resource location) throws IOException {
if (resourcePath.equals("apple-app-site-association")) {
return location.createRelative("apple-app-site-association.json");
}
return super.getResource(resourcePath, location);
}
});
}
}
As described here: developer.apple.com
You can place the file at the root of your server or in the .well-known subdirectory.
Then the file will be served with the correct MIME-type "application/json" and accessed as: https://xyz.example.com/.well-known/apple-app-association-file
The Solution from pITer Simonov works for me! But i had to add the root path
inside
< servlet-mapping > (in web.xml)
like this:
< url-pattern >/</url-pattern >
After that, the resource handler work fine!
I did it with a standard REST controller + endpoint.
import lombok.extern.slf4j.Slf4j;
import org.springframework.http.MediaType;
import org.springframework.util.StreamUtils;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
import java.io.IOException;
import java.io.InputStream;
import java.nio.charset.Charset;
#RestController
#RequestMapping("/.well-known")
#Slf4j
public class WebClientConfig {
#GetMapping(value = "/apple-app-site-association",
produces = MediaType.APPLICATION_JSON_VALUE)
public String addResourceHandlers() {
String json = "";
InputStream inputStream = getClass().getResourceAsStream("/apple-app-association.json");
try(InputStream stream = inputStream) {
json = StreamUtils.copyToString(stream, Charset.forName("UTF-8"));
} catch (IOException ioe) {
log.error("Apple app association could not be retrieved! iOS app will be impacted. Error: " +
ioe.getMessage());
}
return json;
}
}
Note: the apple-app-asociation.json file is under src/main/resources
Related
I'm trying to make a Spring MVC app with Spring boot, Spring Security and Thymeleaf.
The problem is - when i'm requesting a page with it's html and css, i'm not getting the correct MIME type for my css file, thus why Chrome cannot load it with status "canceled" and the message "Refused to apply style from 'http://localhost:8080/login' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled."
I'm linking the css file correctly:
" "
The css file is contained in:
resources -> static -> css - > style.css
I've allowed all resouces from the resources folder in the Security config file:
package org.isp.configuration;
import org.isp.services.api.UserService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.MediaType;
import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.web.servlet.config.annotation.ContentNegotiationConfigurer;
#Configuration
#EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
#Autowired
private UserService userService;
#Override
protected void configure(AuthenticationManagerBuilder auth)
throws Exception {
auth.authenticationProvider(authenticationProvider());
}
#Bean
public DaoAuthenticationProvider authenticationProvider() {
DaoAuthenticationProvider authProvider
= new DaoAuthenticationProvider();
authProvider.setUserDetailsService(this.userService);
authProvider.setPasswordEncoder(getBCryptPasswordEncoder());
return authProvider;
}
#Override
protected void configure(HttpSecurity http) throws Exception {
String[] permitted = new String[]{
"/", "/home","/register","/about","/png/**",
"/css/**","/icons/**","/img/**","/js/**","/layer/**"
};
http
.authorizeRequests()
.antMatchers(permitted).permitAll()
.anyRequest().authenticated()
.and()
.formLogin().loginPage("/login").permitAll()
.defaultSuccessUrl("/dashboard")
.usernameParameter("username")
.passwordParameter("password")
.and()
.logout().logoutSuccessUrl("/login?logout").permitAll()
.and()
.exceptionHandling().accessDeniedPage("/unauthorized")
.and()
.csrf().disable();
}
#Bean
public BCryptPasswordEncoder getBCryptPasswordEncoder(){
return new BCryptPasswordEncoder();
}
}
This is my html page:
<!DOCTYPE html>
<html lang="en" xmlns="http://www.w3.org/1999/xhtml"
xmlns:th="http://www.thymeleaf.org" >
<head>
<title>Index</title>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css">
**<link rel="stylesheet" href="../static/css/style.css" type="text/css">**
</head>
<body>
<div th:include="~{fragments/navbar :: navbar}"></div>
<div class="container">
<h3>Home</h3>
<p>This is the home page of the project!</p>
</div>
<div th:include="~{fragments/footer :: footer}" class="footer"></div>
</body>
</html>
Any ideas how can i fix the incorrect MIME type? Is there any configuration im missing?
In my case, I have to permit requests for static files to get it to work.
#Configuration
#EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
#Overide
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.antMatchers("/js/**", "/css/**").permitAll()
.anyRequest().authenticated()
.and()
.formLogin()
.loginPage("/login")
.permitAll();
}
}
I've just been struggling with the same issue, and I finally realized that it was a red herring - the real problem was 404, and the MIME type error came from Spring's handling of it. As explained in the Spring Boot docs, its built-in error handling automatically redirects to /error and outputs the error details as JSON. When I checked my logs, I saw a 404 in my webserver access log and the following in my application log:
DEBUG DispatcherServlet:869 - DispatcherServlet with name 'dispatcherServlet' processing GET request for [/error]
DEBUG RequestMappingHandlerMapping:310 - Looking up handler method for path /error
DEBUG RequestMappingHandlerMapping:317 - Returning handler method [public org.springframework.http.ResponseEntity<java.util.Map<java.lang.String, java.lang.Object>> org.springframework.boot.autoconfigure.web.BasicErrorController.error(javax.servlet.http.HttpServletRequest)]
DEBUG HttpEntityMethodProcessor:234 - Written [{timestamp=Fri Apr 06 14:06:54 PDT 2018, status=404, error=Not Found, message=No message available, path=/css/style.css}] as "application/json" using [org.springframework.http.converter.json.MappingJackson2HttpMessageConverter#5ef96137]
So, your real problem is that Spring is not finding your static resources. You'll want to make sure the resources folder is in your classpath, or explicitly set the locations using the spring.resources.static-locations property.
In my case, I have used additional filter. So all kind of request will go through that filter. even css and js file used to go through that.
At this point, for some request in the ratio of 1/7 or 1/10, I get mime type issue, for css file the server returns with the type of application/javascript or application/json and ect.
Then I used #WebFilter and allows only api request to go through that filter.
#WebFilter(urlPatterns = "/api/*")
Now the css and js files not allowed in that additional filter. and then I did't find issue with mime type.
In my point of view, when we have too many filters the backend fails to handle frequent request for resources (js, css, img ...), So it returns with wrong MIME type.
Hope, this would help someone, who face this kind of issue
A client had the case today (24 nov 2021) when Spring Security was redirecting most of the requested urls to "/login" equivalent functional endpoint. No assets were loaded, and the same message you get about mimetype was in their Google Chrome console logs.
Diagnostic was done with entering the assets with wrong mimetype and see the loading of the "/login" endpoint.
It was resolved with adding some Spring Security mapping rules in their SecurityConfig.class of their Spring Boot Application, so the webapp is running well now.
I have a local json file and trying to read from Http get method.The application throwing an exception on console(404). I have read if you use webpack the assets/data are not available as for the angular-cli.json. I'm using webpack. Do you know where to put the json file so it can be read?
import {IProduct} from './product.model';
#Injectable()
export class ProductService {
private productUrl = require('./product.json');
constructor(private _http: HttpClient) { }
getProducts(): Observable<IProduct[]> {
return this._http.get<IProduct[]>(this.productUrl)
.do((data) => console.log('products: ' + JSON.stringify(data)))
.catch(this.handleError);
}
}
where product.json is in the same dir of the ProductService.
With webpack, no matter where you have stored your json file, you can access it from anywhere, but always starting from the src folder.
So it should look something like this:
return this._http.get<IProduct[]>('src/app/services/product.json')
i.e just mark the complete path to your json file starting from src.
If using angular cli
AFAIK there is one way to do this.
Save the file (say file.json) in assets folder.
In you angular-cli.json file, go to node: apps> assets and verify that name "assets" exists.
Now access:
http://localhost:[PORT_NUMBER]/assets/file.json
BTW, your web app should not be your api. Instead of consuming json file, create variables in your services.
Example:
import { Injectable } from "#angular/core";
#Injectable()
export class DataMockService {
public GetObjects(): any {
return {
name: "nilay", ...
};
}
}
This question has two parts:
By default, what URL protocols are considered valid for specifying resources to Cypher's LOAD CSV command?
So far, I've successfully loaded CSV files into Neo4j using http and file protocols. A comment on this unrelated question indicates that ftp works as well, but I haven't had tried this because I have no use case.
What practical options do I have to configure non-standard URI protocols? I'm running up against a Neo.TransientError.Statement.ExternalResourceFailure: with "Invalid URL specified (unknown protocol)". Other than digging into the Neo4j source, is there anyway to modify this validation/setting, provided that the host machine is capable of resolving the resource with the specified protocol?
Neo4j relies on the capabilities of the JVM. According to https://docs.oracle.com/javase/7/docs/api/java/net/URL.html the default protocols are:
http, https, ftp, file, jar
Please note that file URLs are interpreted from the server's point of view and not from the client side (a common source of confusion).
To use custom URLs you need to understand how the JVM deals with those. The javadocs for URL class explain an approach by using a system property to provide custom URL handlers. It should be good enough to provide this system property in neo4j-wrapper.conf and drop the jar file containing your handler classes into the plugins folder. (Note: I did not validate that approach myself, but I'm pretty confident that it will work).
Here is a complete example, using the technique of implementing your own URLStreamHandler to handle the resource protocol. You must name your class 'Handler', and the last segment of the package name must be the protocol name (in this case, resource)
src/main/java/com/example/protocols/resource/Handler.java:
package com.example.protocols.resource;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.net.URL;
import java.net.URLConnection;
import java.net.URLStreamHandler;
public class Handler extends URLStreamHandler {
private final ClassLoader classLoader;
public Handler() {
this.classLoader = getClass().getClassLoader();
}
#Override
protected URLConnection openConnection(URL url) throws IOException {
URL resource = classLoader.getResource(url.getPath());
if (resource == null) {
throw new FileNotFoundException("Resource file not found: " + url.getPath());
}
return resource.openConnection();
}
}
From here, we need to set the system property java.protocol.handler.pkgs to include the base package com.example.protocols so that the protocol is registered. This can be done statically in a Neo4j ExtensionFactory. Since the class gets loaded by Neo4j, we know that the static block will be executed. We also need to provide our own URLAccessRule, since Neo4j by default only allows use of a few select protocols. This can also happen in the ExtensionFactory.
src/main/java/com/example/protocols/ProtocolInitializerFactory.java:
package com.example.protocols;
import org.neo4j.annotations.service.ServiceProvider;
import org.neo4j.graphdb.security.URLAccessRule;
import org.neo4j.kernel.extension.ExtensionFactory;
import org.neo4j.kernel.extension.ExtensionType;
import org.neo4j.kernel.extension.context.ExtensionContext;
import org.neo4j.kernel.lifecycle.Lifecycle;
import org.neo4j.kernel.lifecycle.LifecycleAdapter;
#ServiceProvider
public class ProtocolInitializerFactory extends ExtensionFactory<ProtocolInitializerFactory.Dependencies> {
private static final String PROTOCOL_HANDLER_PACKAGES = "java.protocol.handler.pkgs";
private static final String PROTOCOL_PACKAGE = ProtocolInitializerFactory.class.getPackageName();
static {
String currentValue = System.getProperty(PROTOCOL_HANDLER_PACKAGES, "");
if (currentValue.isEmpty()) {
System.setProperty(PROTOCOL_HANDLER_PACKAGES, PROTOCOL_PACKAGE);
} else if (!currentValue.contains(PROTOCOL_PACKAGE)) {
System.setProperty(PROTOCOL_HANDLER_PACKAGES, currentValue + "|" + PROTOCOL_PACKAGE);
}
}
public interface Dependencies {
URLAccessRule urlAccessRule();
}
public ProtocolInitializerFactory() {
super(ExtensionType.DATABASE, "ProtocolInitializer");
}
#Override
public Lifecycle newInstance(ExtensionContext context, Dependencies dependencies) {
URLAccessRule urlAccessRule = dependencies.urlAccessRule();
return LifecycleAdapter.onInit(() -> {
URLAccessRule customRule = (config, url) -> {
if ("resource".equals(url.getProtocol())) { // Check the protocol name
return url; // Optionally, you can validate the URL here and throw an exception if it is not valid or should not be allowed access
}
return urlAccessRule.validate(config, url);
};
context.dependencySatisfier().satisfyDependency(customRule);
});
}
}
After setting this up, follow the guide to packaging these classes as a Neo4j plugin and drop it into your database's plugins directory.
Admittedly, needing to override the default URLAccessRule feels a little bit shady. It may be better to simply implement the URLStreamHandler, and use another CSV loading method like APOC's apoc.load.csv. This will not require overriding the URLAccessRule, but it will require setting the Java system property java.protocol.handler.pkgs.
I am developing a light weight server App with a RESTful api implemented with Jersey 2.12 and Jackson 2.
I am writing tests while developing using JUnit and JerseyTest. I know that my Jersey Resources work as expected including the marshalling from and to JSON because I tested them manually with the PostMan Chrome plugin.
My GET tests with query parameters work well too, based on the example in the Jersey documentation
Here is a simplified (I have left out boilerplate code to make the idea clearer) example of a test I'd like to write:
import static org.junit.Assert.assertTrue;
import javax.ws.rs.client.Entity;
import javax.ws.rs.client.WebTarget;
import javax.ws.rs.core.Application;
import javax.ws.rs.core.Response;
import org.glassfish.jersey.server.ResourceConfig;
import org.glassfish.jersey.test.JerseyTest;
import org.junit.Test;
import com.acme.api.rest.SessionsEndPoint;
import com.acme.api.rest.beans.UserCredentialsBean;
public class TestSession extends JerseyTest {
#Override
protected Application configure() {
return new ResourceConfig(SessionsEndPoint.class);
}
#Test
public void test() {
UserCredentialsBean userCredentialsBean = new UserCredentialsBean();
userCredentialsBean.setUserId("alice");
userCredentialsBean.setPassword("secret");
WebTarget theTarget = target("sessions/login");
Response response = theTarget.request().post( Entity.entity(UserCredentialsBean.class, "application/json"));
assertTrue(true);
}
}
The basic problem I have is that I cannot find any documentation on how to properly use the WebTarget class for post requests. the WebTarget theTarget is constructed correctly but the line:
Response response = theTarget.request().post( Entity.entity(UserCredentialsBean.class, "application/json"));
does not work.
As I understand the WebTarget class is fairly new in the JerseyTest framework. Is there anybody who can point me at any recent documentation, examples, or just explain here how I can get this to work?
I did do a lot of googling before I posted my question here, but after checking back my eyes suddenly fell on this Related Question. I did search on SO several times but never found this question. Anyway, here's the solution to my problem:
I started implementing as explained in the accepted answer and got it to work quickly.
Then I decided that you it should be possible to avoid using JSON string representations at all, and I got that to work to.
The code above works if modified as follows:
import static org.junit.Assert.assertTrue;
import javax.ws.rs.client.Entity;
import javax.ws.rs.client.WebTarget;
import javax.ws.rs.core.Application;
import javax.ws.rs.core.Response;
import org.glassfish.jersey.server.ResourceConfig;
import org.glassfish.jersey.test.JerseyTest;
import org.junit.Test;
import com.acme.api.rest.SessionsEndPoint;
import com.acme.api.rest.beans.UserCredentialsBean;
public class TestSession extends JerseyTest {
#Override
protected Application configure() {
return new ResourceConfig(SessionsEndPoint.class);
}
#Test
public void test() {
UserCredentialsBean userCredentialsBean = new UserCredentialsBean();
userCredentialsBean.setUserId("alice");
userCredentialsBean.setPassword("secret");
LoginResponseBean loginResponseBean =
target("sessions/login")
.request(MediaType.APPLICATION_JSON_TYPE)
.post(
Entity.entity(
userCredentialsBean,
MediaType.APPLICATION_JSON_TYPE
),
LoginResponseBean.class
);
assertTrue(
loginResponseBean.isSuccess()
&&
loginResponseBean.getToken().length()==36
);
}
}
LoginResponseBean is a plain Java Bean. Just getters and setters and a default constructor.
Marshalling to- and from JSON is done by the framework, either by moxy or jackson as the JSON provider.
I am unable to read JSON from rest webservice using angularjs $http. I have a simple rest webservice in a different project which return JSON. When I try to hit rest service from angular it goes to error part.
Below is my code:
Restful service in Java :
package com.demoapp.rest;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.UriInfo;
import javax.ws.rs.Consumes;
import javax.ws.rs.PUT;
import javax.ws.rs.Path;
import javax.ws.rs.GET;
import javax.ws.rs.Produces;
/**
* REST Web Service
*/
#Path("Employee")
public class EmployeeResource {
#Context
private UriInfo context;
/**
* Creates a new instance of EmployeeResource
*/
public EmployeeResource() {
}
/**
* Retrieves representation of an instance of com.demoapp.rest.EmployeeResource
* #return an instance of java.lang.String
*/
#GET
#Produces("application/json")
public String getJson() {
//TODO return proper representation object
return "({\"id\":3,\"name\":\"Joe\"})";
}
/**
* PUT method for updating or creating an instance of EmployeeResource
* #param content representation for the resource
* #return an HTTP response with content of the updated or created resource.
*/
#PUT
#Consumes("application/json")
public void putJson(String content) {
}
}
Angularjs code :
angular.module('myApp.controllers', [])
.controller('MyCtrl1', ['$scope', '$http', function($scope, $http) {
$http.jsonp(
/*Doesn't work*/ 'http://localhost:8080/mavenproject1/webresources/Employee?callback=JSON_CALLBACK'
/*Works*/ /*'http://api.openweathermap.org/data/2.5/weather?lat=35&lon=139&callback=JSON_CALLBACK'*/
)
.success(function(data) {
console.log('Success '+data);
})
.error(function(data) {
console.log('Error '+data);
});
}])
.controller('MyCtrl2', [function() {
}]);
I am getting error for first url (localhost..) and same angularjs code works for another public restful service.
Can anyone please tell why angularjs returns error in console for (http://localhost..) restful service and goes to success for (http://api.openweathermap.org/....) ?
Where exactly am I going wrong?
You are trying to access a resource by jsonp but your REST service returns plain json. You need to use
$http.get('http://localhost:8080/mavenproject1/webresources/Employee').
The url http://api.openweathermap.org works because they return the jsonp format. You need this format if you make request to other domains. Jsonp means that the result is wrapped in a function call. The name of the function is dynamically generated and is specified by the callback parameter in your example.
EDIT (results from the discussion above - in production this app will also run on two different servers, so there are the following options to solve the problem)
1) you may use the Access-Control-Allow-Origin header in your jboss server. Have a look at this answer how to do this: Set response headers not using filter - RESTeasy.
2) you may use a reverse proxy in front of your tomcat and your jboss server. For example the apache webserver can do this. Here is an answer that addresses this problem: How to correctly configure a reverse proxy with Apache, to be used for cross-domain AJAX?
3) you can switch to jsonp - this is a little bit complicated because it is not supported directly by RESTEasy. Have a look at this post: How enable JSONP in RESTEasy?