Re: Finding the base reference for an application
[Sorry for the delay, I had been sick for a few days] Rob: at least one of the reverse proxies is an Apache, but I don't have any control over the mod_proxy configuration. There might be others on the other side, too. The sysadmins seem to like the Apache default with the mangled headers, although I don't really understand why either. But it seems to be one of those topics they don't really want to discuss (which makes me question it less verbally but more mentally :-) ). David: if you use Apache 2 you can turn the host mangling off: http://httpd.apache.org/docs/2.0/mod/mod_proxy.html#proxypreservehost I was hoping there is some hook in the Restlet engine to do a reverse mangling right when the request comes in, but maybe I'll just leave my hacks for now and hope it's not going to fall apart in the next maintenance cycle. Peter Rob Heittman wrote: Well, that's partly why I complicated the situation with a hostname change, port change, and a URI prefix change (because the URI part I can't deal with via the host header alone). But -- assuming the only difference is the hostname -- it's a question of who's doing the configuring of the creative proxy setup. If the proxy admin and server admin are the same person or can collaborate, then what you describe is fine. But here, couldn't I maybe just use IP forwarding/NAT, and avoid proxying at all ... ? If the proxy admin can't count on the server admin to accept the external hostnames, then the proxy admin would definitely want the host header rewritten to something the server would understand internally. For your EC2 node cluster can you just use a DNS round robin? One nice thing about RESTful services is that it typically doesn't matter a hoot which node responds. If you have a fairly dynamic DNS that can take a bad (or under-maintenance) node out of rotation, that can do a good job for a lot of simple cases. I know vanishingly little about EC2 though ... don't even know if nodes have discrete IPs :-) On Fri, Apr 24, 2009 at 8:57 PM, David Fogel carrotsa...@gmail.com wrote: Hi Rob- Okay, I think I'm getting the idea of what you're using the proxy for. But in the situation you describe of routing an external domain temporarily to some internal desktop server, couldn't you use virtual hosts to do the routing in the desktop, and use the original external domain? i.e. couldn't you have, on your internal desktop, a virtual host set up for demosomething.solertium.com? Why does the code need to know anything at all about mydesktophost.internal.solertium.com:8182? Sorry for all the grilling, but like I said, we've been trying to figure out a good architecture for deploying our restlet-osgi stuff on a cluster of amazon EC2 nodes, (and Amazon won't be coming out with their built-in load-balancing feature until later in the summmer- curses!), and so I'm in the midst of diving into networking sysadmin stuff that I know too little about... -Dave -- http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447dsMessageId=1900649 -- http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447dsMessageId=1901113 -- http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447dsMessageId=1991049
GWT 1.6.4 (client only)
Hi, I have the org.restlet.gwt 1.2-SNAPSHOT and I'm using it only for the client capabilities, i.e. the server is in another project so I don't need the org.restlet.ext.gwt for the GWT Shell. The problem is that I have to build the jar with the source files because GWT complains that could not found the source for the restlet classes. I also have to modify the GWT.gwt.xml and remove all dependencies... seems that those modules don't exist in 1.6.4?? The correct dependencies I put in my own GWT module xml. The question is: Is org.restlet.gwt ready to use with GWT 1.6.4? -- http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447dsMessageId=1983674
RE: GWT.gwt.xml not present in trunk of gwt module
Ok sorry there is no issue, I mixed up between the 2 modules org.restlet.ext.gwt and the org.restlet.gwt... -- http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447dsMessageId=1979881
Re: Questions about HTTP Authentication
Try:
l.debug(getSecret():+ new
String(getRequest().getChallengeResponse().getSecret()));
Rémi
On Wed, Apr 29, 2009 at 14:25, mstricker m...@maxstricker.it wrote:
Hello,
yes I tried to use getSecret() but with no success. Here the results of my
testing:
the code that tries to read the secret:
if (getRequest().getChallengeResponse() != null) {
l.debug(getCredentials():+getRequest().getChallengeResponse().getCredentials());
l.debug(getIdentifier():+getRequest().getChallengeResponse().getIdentifier());
l.debug(getPrincipal():+getRequest().getChallengeResponse().getPrincipal());
l.debug(getScheme():+getRequest().getChallengeResponse().getScheme());
l.debug(getSecret():+getRequest().getChallengeResponse().getSecret().toString());
}
the output:
14:20:19,218 DEBUG TestResource:66 - getCredentials():dXNlcjp0ZXN0
14:20:19,218 DEBUG TestResource:67 - getIdentifier():user
14:20:19,218 DEBUG TestResource:68 - getPrincipal():user
14:20:19,218 DEBUG TestResource:69 - getScheme():HTTP_Basic
14:20:19,218 DEBUG TestResource:70 - getSecret():[...@d5a2a9
The input was username user and password test.
To test it I used the RESTClient (available at
http://code.google.com/p/rest-client/) with the following settings for
authentication:
Auth Type : Basic. Preemtive, Username user Password test
any ideas?
Best Regards,
mstricker
Am 28.04.2009 um 11:36 schrieb Thierry Boileau (via Nabble):
Hello,
did you try with simple calls to ChallengeResponse#getIdentifier and
ChallengeResponse#getSecret()?
I check these methods and they return the login and password in clear.
Best regards,
Thierry Boileau
Hi,
i found that my Client sends the Basic HTTP Authentication as Base64
encoded String containing username + : + pass
I decode it in this way:
public static boolean authenticate(ChallengeResponse challenge) {
if (challenge != null) {
String username = ;
String password = ;
BASE64Decoder decoder = new BASE64Decoder();
try {
logger.debug(Credentials: +challenge.getCredentials());
String usernpass = new
String(decoder.decodeBuffer(challenge.getCredentials().toString()));
username = usernpass.substring(0,
usernpass.indexOf(:));
password = usernpass.substring(usernpass.indexOf(:)
+ 1);
boolean auth = User.authenticate(username, password);
logger.debug(auth);
return auth;
} catch (IOException ex) {
return false;
}
} else {
return false;
}
}
Am 27.04.2009 um 17:54 schrieb João Pereira (via Nabble):
Hi,
I'm also facing the same problem. The credentials and secret are not
in clear text.
I've created a guard and override the public boolean
checkSecret(Request request, String identifier, char[] secret)
However the secret and
request.getChallengeResponse().getCredentials() are not in plain
text. What the algorithm to decode to the original?
--
http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447dsMessageId=1947397
http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447dsMessageId=1947397
View this message in context: Re: Questions about HTTP Authentication
http://n2.nabble.com/Questions-about-HTTP-Authentication-tp2665559p2728071.html
Sent from the Restlet Discuss mailing list archive
http://n2.nabble.com/Restlet-Discuss-f1400322.html at Nabble.com.
--
http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447dsMessageId=1961264
--
View this message in context: Re: Questions about HTTP
Authenticationhttp://n2.nabble.com/Questions-about-HTTP-Authentication-tp2665559p2740252.html
Sent from the Restlet Discuss mailing list
archivehttp://n2.nabble.com/Restlet-Discuss-f1400322.htmlat Nabble.com.
--
http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447dsMessageId=1979623
Re: content negocitation by file extension
Hi Stephen, Thanks, that did the trick. However we have a side effect. We have a custom mime type that we register on the Metadata service and when we ask explicitly for it through the extension, we get a 406. What we have done so far is a filter that recognizes the file extension and if it matches an existing metdata, it overrides the accepted mime types in the ClientInfo of the request. Is there any other way to achieve the same with a standard tunnel? Thanks, Stéphane On Tue, Apr 28, 2009 at 12:23 PM, Stephan Koops stephan.ko...@web.dewrote: Hi Stephane, in the (Restlet) class Application there must be a methode getTunnelService(), where you could switch it on; its something like setExtensionTunnel(true) on the TunnelService. If you don't found it, search directly for the method name setExtensionTunnel. best regards Stephan Stephane Nicoll schrieb: Hi, I was reading http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447dsMessageId=11479 http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447dsMessageId=11479 and it is still unclear to me how to add this to our application. We would like exactly what is suggested in one of the post, that is force the mime type by using a file extension that we could override/configure. For the moment, we have 5 extensions registered in the system and we would like to be able to force one of those mime types if the related extension is used in the url. This should be done application-wide. It seems that Restlet 1.1 provides this but I can't find an example or the way to do it. Any idea? Thanks, Stéphane -- Large Systems Suck: This rule is 100% transitive. If you build one, you suck -- S.Yegge -- http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447dsMessageId=1961961 -- Large Systems Suck: This rule is 100% transitive. If you build one, you suck -- S.Yegge -- http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447dsMessageId=1978487
Re: bug? - AccessControlException on Restlet GAE module
Thierry, I use gae, and this followRedirect seems to be missing from there. Zsolt 2009/4/29 Thierry Boileau thierry.boil...@noelios.com Hello Zsolt, if you want to catch the redirection, just disable the automatic redirection (ClientResource#setFollowRedirect(false)). Then, you can check the status. I hope this helps, Best regards, Thierry Boileau Bonjour Thierry, I do this: ClientResource itemsR = new ClientResource(http://localhost:8080/gae_restlet/items;); Representation r = itemsR.get(); In the web.xml all URLs are security constrained, so GAE automatically redirects get to its login page. I am stuck at this point, because I could not figure out the way to catch the redirect. Thanks, Zsolt 2009/4/28 Thierry Boileau thierry.boil...@noelios.com mailto:thierry.boil...@noelios.com Hello Zsolt, do you mean that you want your clientResource to redirect automatically? In this case, this is the new default behavior (see the followRedirect attribute). best regards, Thierry Boileau Hi Jerome, Your fix worked great for me! I use the FirstResource example to learn Restlet, which is based on ClientResource. Unfortunately I do not know how I should handle this kind of redirect in ClientResource. I have checked wiki and examples but I did not find any hints, so I would appretiate your help on this. Thanks, Zsolt 2009/4/25 Jerome Louvel jerome.lou...@noelios.com mailto:jerome.lou...@noelios.com mailto:jerome.lou...@noelios.com mailto:jerome.lou...@noelios.com Hi Keke, I've changed the way it this method is implemented in order to construct the Subject with the principals set already updated. This should prevent security exception. Let me know if it works better. Best regards, Jerome Louvel -- Restlet ~ Founder and Lead developer ~ http://www.restlet.org http://www.restlet.org/ Noelios Technologies ~ Co-founder ~ http://www.noelios.com http://www.noelios.com/ *De :* keke [mailto:iamk...@gmail.com mailto:iamk...@gmail.com mailto:iamk...@gmail.com mailto:iamk...@gmail.com] *Envoyé :* samedi 18 avril 2009 16:57 *À :* discuss@restlet.tigris.org mailto:discuss@restlet.tigris.org mailto:discuss@restlet.tigris.org mailto:discuss@restlet.tigris.org *Objet :* Re: bug? - AccessControlException on Restlet GAE module Can I simply return null in ServletCall.getSubject, because in GAE application usually relies on GAE's authentication. Cheers, Keke - We paranoid love life On Sat, Apr 18, 2009 at 10:25 PM, keke iamk...@gmail.com mailto:iamk...@gmail.com mailto:iamk...@gmail.com mailto:iamk...@gmail.com wrote: Hi, Does anybody else get AccessControlException when using restlet-gae? Everything goes well, unless I need to use GAE's authentication feature. After a successful login (on development env), I got following exception: java.security.AccessControlException: access denied (javax.security.auth.AuthPermission modifyPrincipals) B B B B B B B at java.security.AccessControlContext.checkPermission(Unknown Source) B B B B B B B at java.security.AccessController.checkPermission(Unknown Source) B B B B B B B at java.lang.SecurityManager.checkPermission(Unknown Source) B B B B B B B at com.google.appengine.tools.development.DevAppServerFactory$CustomSecurityManager.checkPermission(DevAppServerFactory.java:76) B B B B B B B at javax.security.auth.Subject$SecureSet.add(Unknown Source) B B B B B B B at java.util.Collections$SynchronizedCollection.add(Unknown Source) B B B B B B B at org.restlet.engine.servlet.ServletCall.getSubject(ServletCall.java:345) B B B B B B B at org.restlet.engine.http.HttpRequest.getClientInfo(HttpRequest.java:231) Can I just use a mock Subject in gae env? Cheers, Keke - We paranoid love life --
RE: Re: securing the whole application
Thanks. I'll try that. -- http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447dsMessageId=1978079
RE: bug? - AccessControlException on Restlet GAE module
Hi Zsolt, The Restlet/GAE edition is a branch of the SVN trunk so it doesn't contain this feature yet. We will fully update the branch again for Restlet 1.2 M3. We also have some plans to automate the update of the GAE branch to remove such issues. Best regards, Jerome Louvel -- Restlet ~ Founder and Lead developer ~ http://www.restlet.org/ http://www.restlet.org Noelios Technologies ~ Co-founder ~ http://www.noelios.com http://www.noelios.com _ De : Zsolt Kovacs [mailto:zs.m...@gmail.com] Envoyé : mercredi 29 avril 2009 13:03 À : discuss@restlet.tigris.org Objet : Re: bug? - AccessControlException on Restlet GAE module Thierry, I use gae, and this followRedirect seems to be missing from there. Zsolt 2009/4/29 Thierry Boileau thierry.boil...@noelios.com Hello Zsolt, if you want to catch the redirection, just disable the automatic redirection (ClientResource#setFollowRedirect(false)). Then, you can check the status. I hope this helps, Best regards, Thierry Boileau Bonjour Thierry, I do this: ClientResource itemsR = new ClientResource(http://localhost:8080/gae_restlet/items;); Representation r = itemsR.get(); In the web.xml all URLs are security constrained, so GAE automatically redirects get to its login page. I am stuck at this point, because I could not figure out the way to catch the redirect. Thanks, Zsolt 2009/4/28 Thierry Boileau thierry.boil...@noelios.com mailto:thierry.boil...@noelios.com � � Hello Zsolt, � � do you mean that you want your clientResource to redirect � � automatically? � � In this case, this is the new default behavior (see the � � followRedirect � � attribute). � � best regards, � � Thierry Boileau � � Hi Jerome, � � � � Your fix worked great for me! � � � � I use the FirstResource example to learn Restlet, which is based on � � ClientResource. Unfortunately I do not know how I should handle this � � kind of redirect in ClientResource. I have checked wiki and examples � � but I did not find any hints, so I would appretiate your help on � � this. � � � � Thanks, � � � � Zsolt � � � � 2009/4/25 Jerome Louvel jerome.lou...@noelios.com � � mailto:jerome.lou...@noelios.com � � mailto:jerome.lou...@noelios.com � � mailto:jerome.lou...@noelios.com � � � � � � Hi Keke, � � � � � � I've changed the way it this method is implemented in order to � � � � construct the Subject with the principals set already updated. � � � � This should prevent security exception. Let me know if it works � � � � better. � � � � � � Best regards, � � � � Jerome Louvel � � � � -- � � � � Restlet ~ Founder and Lead developer ~ http://www.restlet.org � � � � http://www.restlet.org/ � � � � Noelios Technologies ~ Co-founder ~ http://www.noelios.com � � � � http://www.noelios.com/ � � � � � � � � � � *De :* keke [mailto:iamk...@gmail.com � � mailto:iamk...@gmail.com mailto:iamk...@gmail.com � � mailto:iamk...@gmail.com] � � � � *Envoy� :* samedi 18 avril 2009 16:57 � � � � *� :* discuss@restlet.tigris.org � � mailto:discuss@restlet.tigris.org � � mailto:discuss@restlet.tigris.org � � mailto:discuss@restlet.tigris.org � � � � *Objet :* Re: bug? - AccessControlException on Restlet GAE � � module � � � � � � Can I simply return null in ServletCall.getSubject, because � � in GAE � � � � application usually relies on GAE's authentication. � � � � � � Cheers, � � � � Keke � � � � - � � � � We paranoid love life � � � � � � � � On Sat, Apr 18, 2009 at 10:25 PM, keke iamk...@gmail.com � � mailto:iamk...@gmail.com � � � � mailto:iamk...@gmail.com mailto:iamk...@gmail.com wrote: � � � � � � � � Hi, � � � � � � � � Does anybody else get AccessControlException when using � � � � � � restlet-gae? � � � � � � � � Everything goes well, unless I need to use GAE's � � � � � � authentication feature. After a successful login (on � � � � � � development env), I got following exception: � � � � � � java.security.AccessControlException: access denied � � � � � � (javax.security.auth.AuthPermission modifyPrincipals) � � � � � � B B B B B B B at � � � � java.security.AccessControlContext.checkPermission(Unknown Source) � � � � � � B B B B B B B at � � � � � � java.security.AccessController.checkPermission(Unknown � � Source) � � � � � � B B B B B B B at � � � � � � java.lang.SecurityManager.checkPermission(Unknown Source) � � � � � � B B B B B B B at � � � � com.google.appengine.tools.development.DevAppServerFactory$CustomSecurityManager.checkPermission(DevAppServerFactory.java:76) � � � � � � B B B B B B B at � � � � � � javax.security.auth.Subject$SecureSet.add(Unknown Source) � � � � � � B B B B B B B at � � � � � � java.util.Collections$SynchronizedCollection.add(Unknown � � Source) � � � � � � B B B B B B B at � �
RE: GWT 1.6.4 (client only)
Hi there, We haven't updated our Restlet/GWT edition to GWT 1.6.4 yet. This is however planned for later in Restlet 1.2 development cycle. If you can provide us with help for this update, like patches and guidance, that would save us time and make it happen earlier! Best regards, Jerome Louvel -- Restlet ~ Founder and Lead developer ~ http://www.restlet.org Noelios Technologies ~ Co-founder ~ http://www.noelios.com -Message d'origine- De : webp...@tigris.org [mailto:webp...@tigris.org] Envoyé : mercredi 29 avril 2009 20:41 À : discuss@restlet.tigris.org Objet : GWT 1.6.4 (client only) Hi, I have the org.restlet.gwt 1.2-SNAPSHOT and I'm using it only for the client capabilities, i.e. the server is in another project so I don't need the org.restlet.ext.gwt for the GWT Shell. The problem is that I have to build the jar with the source files because GWT complains that could not found the source for the restlet classes. I also have to modify the GWT.gwt.xml and remove all dependencies... seems that those modules don't exist in 1.6.4?? The correct dependencies I put in my own GWT module xml. The question is: Is org.restlet.gwt ready to use with GWT 1.6.4? -- http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447dsMessageId=19836 74 -- http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447dsMessageId=1993492
RE: content negocitation by file extension
Hi Stephane, From my point of view, it should work. You should be able to use an extension declared in the MetadataService as an extension at the end of your URIs. TunnelService should pick it up and do the trick for you. If not, I would suggest to package a reproducible sample and add it to a defect report. Best regards, Jerome Louvel -- Restlet ~ Founder and Lead developer ~ http://www.restlet.org/ http://www.restlet.org Noelios Technologies ~ Co-founder ~ http://www.noelios.com/ http://www.noelios.com _ De : Stephane Nicoll [mailto:stephane.nic...@gmail.com] Envoyé : mercredi 29 avril 2009 13:48 À : discuss@restlet.tigris.org Objet : Re: content negocitation by file extension Hi Stephen, Thanks, that did the trick. However we have a side effect. We have a custom mime type that we register on the Metadata service and when we ask explicitly for it through the extension, we get a 406. What we have done so far is a filter that recognizes the file extension and if it matches an existing metdata, it overrides the accepted mime types in the ClientInfo of the request. Is there any other way to achieve the same with a standard tunnel? Thanks, St�phane On Tue, Apr 28, 2009 at 12:23 PM, Stephan Koops stephan.ko...@web.de wrote: Hi Stephane, in the (Restlet) class Application there must be a methode getTunnelService(), where you could switch it on; its something like setExtensionTunnel(true) on the TunnelService. If you don't found it, search directly for the method name setExtensionTunnel. best regards � �Stephan Stephane Nicoll schrieb: Hi, I was reading http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447 http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447dsMessageId=11479 dsMessageId=11479 http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447 http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447dsMessageId=11479 dsMessageId=11479 and it is still unclear to me how to add this to our application. We would like exactly what is suggested in one of the post, that is force the mime type by using a file extension that we could override/configure. For the moment, we have 5 extensions registered in the system and we would like to be able to force one of those mime types if the related extension is used in the url. This should be done application-wide. It seems that Restlet 1.1 provides this but I can't find an example or the way to do it. Any idea? Thanks, St�phane -- Large Systems Suck: This rule is 100% transitive. If you build one, you suck -- S.Yegge -- http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447 http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447dsMessageId=1961961 dsMessageId=1961961 -- Large Systems Suck: This rule is 100% transitive. If you build one, you suck -- S.Yegge -- http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447dsMessageId=1993761
Re: bug? - AccessControlException on Restlet GAE module
Hi Jerome, Thanks, it is perfect. Zsolt 2009/4/30 Jerome Louvel jerome.lou...@noelios.com Hi Zsolt, The Restlet/GAE edition is a branch of the SVN trunk so it doesn't contain this feature yet. We will fully update the branch again for Restlet 1.2 M3. We also have some plans to automate the update of the GAE branch to remove such issues. Best regards, Jerome Louvel -- Restlet ~ Founder and Lead developer ~ http://www.restlet.org Noelios Technologies ~ Co-founder ~ http://www.noelios.com -- *De :* Zsolt Kovacs [mailto:zs.m...@gmail.com] *Envoyé :* mercredi 29 avril 2009 13:03 *À :* discuss@restlet.tigris.org *Objet :* Re: bug? - AccessControlException on Restlet GAE module Thierry, I use gae, and this followRedirect seems to be missing from there. Zsolt 2009/4/29 Thierry Boileau thierry.boil...@noelios.com Hello Zsolt, if you want to catch the redirection, just disable the automatic redirection (ClientResource#setFollowRedirect(false)). Then, you can check the status. I hope this helps, Best regards, Thierry Boileau Bonjour Thierry, I do this: ClientResource itemsR = new ClientResource(http://localhost:8080/gae_restlet/items;); Representation r = itemsR.get(); In the web.xml all URLs are security constrained, so GAE automatically redirects get to its login page. I am stuck at this point, because I could not figure out the way to catch the redirect. Thanks, Zsolt 2009/4/28 Thierry Boileau thierry.boil...@noelios.com mailto:thierry.boil...@noelios.com � � Hello Zsolt, � � do you mean that you want your clientResource to redirect � � automatically? � � In this case, this is the new default behavior (see the � � followRedirect � � attribute). � � best regards, � � Thierry Boileau � � Hi Jerome, � � � � Your fix worked great for me! � � � � I use the FirstResource example to learn Restlet, which is based on � � ClientResource. Unfortunately I do not know how I should handle this � � kind of redirect in ClientResource. I have checked wiki and examples � � but I did not find any hints, so I would appretiate your help on � � this. � � � � Thanks, � � � � Zsolt � � � � 2009/4/25 Jerome Louvel jerome.lou...@noelios.com � � mailto:jerome.lou...@noelios.com � � mailto:jerome.lou...@noelios.com � � mailto:jerome.lou...@noelios.com � � � � � � Hi Keke, � � � � � � I've changed the way it this method is implemented in order to � � � � construct the Subject with the principals set already updated. � � � � This should prevent security exception. Let me know if it works � � � � better. � � � � � � Best regards, � � � � Jerome Louvel � � � � -- � � � � Restlet ~ Founder and Lead developer ~ http://www.restlet.org � � � � http://www.restlet.org/ � � � � Noelios Technologies ~ Co-founder ~ http://www.noelios.com � � � � http://www.noelios.com/ � � � � � � � � � � *De :* keke [mailto:iamk...@gmail.com � � mailto:iamk...@gmail.com mailto:iamk...@gmail.com � � mailto:iamk...@gmail.com] � � � � *Envoy� :* samedi 18 avril 2009 16:57 � � � � *� :* discuss@restlet.tigris.org � � mailto:discuss@restlet.tigris.org � � mailto:discuss@restlet.tigris.org � � mailto:discuss@restlet.tigris.org � � � � *Objet :* Re: bug? - AccessControlException on Restlet GAE � � module � � � � � � Can I simply return null in ServletCall.getSubject, because � � in GAE � � � � application usually relies on GAE's authentication. � � � � � � Cheers, � � � � Keke � � � � - � � � � We paranoid love life � � � � � � � � On Sat, Apr 18, 2009 at 10:25 PM, keke iamk...@gmail.com � � mailto:iamk...@gmail.com � � � � mailto:iamk...@gmail.com mailto:iamk...@gmail.com wrote: � � � � � � � � Hi, � � � � � � � � Does anybody else get AccessControlException when using � � � � � � restlet-gae? � � � � � � � � Everything goes well, unless I need to use GAE's � � � � � � authentication feature. After a successful login (on � � � � � � development env), I got following exception: � � � � � � java.security.AccessControlException: access denied � � � � � � (javax.security.auth.AuthPermission modifyPrincipals) � � � � � � B B B B B B B at � � � � java.security.AccessControlContext.checkPermission(Unknown Source) � � � � � � B B B B B B B at � � � � � � java.security.AccessController.checkPermission(Unknown � � Source) � � � � � � B B B B B B B at � � � � � � java.lang.SecurityManager.checkPermission(Unknown Source) � � � � � � B B B B B B B at � � � � com.google.appengine.tools.development.DevAppServerFactory$CustomSecurityManager.checkPermission(DevAppServerFactory.java:76) � � � � � � B B B B B B B at � � � � � �
Re: content negocitation by file extension
Hello Stephane, did you try to register your extension with the addExtension(String, Metadata, boolean) method having the boolean value set to true? best regards, Thierry Boileau Hi Stephen, Thanks, that did the trick. However we have a side effect. We have a custom mime type that we register on the Metadata service and when we ask explicitly for it through the extension, we get a 406. What we have done so far is a filter that recognizes the file extension and if it matches an existing metdata, it overrides the accepted mime types in the ClientInfo of the request. Is there any other way to achieve the same with a standard tunnel? Thanks, Stéphane On Tue, Apr 28, 2009 at 12:23 PM, Stephan Koops stephan.ko...@web.de mailto:stephan.ko...@web.de wrote: Hi Stephane, in the (Restlet) class Application there must be a methode getTunnelService(), where you could switch it on; its something like setExtensionTunnel(true) on the TunnelService. If you don't found it, search directly for the method name setExtensionTunnel. best regards Stephan Stephane Nicoll schrieb: Hi, I was reading http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447dsMessageId=11479 http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447dsMessageId=11479 http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447dsMessageId=11479 http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447dsMessageId=11479 and it is still unclear to me how to add this to our application. We would like exactly what is suggested in one of the post, that is force the mime type by using a file extension that we could override/configure. For the moment, we have 5 extensions registered in the system and we would like to be able to force one of those mime types if the related extension is used in the url. This should be done application-wide. It seems that Restlet 1.1 provides this but I can't find an example or the way to do it. Any idea? Thanks, Stéphane -- Large Systems Suck: This rule is 100% transitive. If you build one, you suck -- S.Yegge -- http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447dsMessageId=1961961 http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447dsMessageId=1961961 -- Large Systems Suck: This rule is 100% transitive. If you build one, you suck -- S.Yegge -- http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447dsMessageId=1994672
RE: GWT 1.6.4 (client only)
I'll do a few more test and have the changes posted. -- http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447dsMessageId=1995122
errormessage, but correct url
Hi there,
i am using Restlet as a serversite application. It is running on a Tomcat 6.0.
While using my (restlet-)resources, i have to query another webservice from
this resources. Im doing it as follows (example, but original url):
String uri =
http://osopc4.ub.uni-osnabrueck.de:8080/DB=1/XML=ON/SET=3/TTL=1/CMD?ACT=SRCHAIKT=1016SRT=YOPTRM=9783540759409;;
final Request request = new Request(Method.GET, uri);
Response response = new Client(Protocol.HTTP).handle(request);
String result;
try {
result = response.getEntity().getText();
System.out.println(result);
} catch (IOException e) {
e.printStackTrace();
}
I always get as response text a message saying There is no server defined for
this path.. But the response text should be an xml representation of the
result to my query
I wonder, because when I paste this url into the browser, I get a correct
response without any errors.
Are there any changes made to url in the implementation when I call new Request
or handle?
I stepped through the source, but I didnt see any problems. Maybe I am too
blind.
Btw. Is it possible to use Sessions in my resources?
Thanks in advance
Stefan
--
http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447dsMessageId=1994891
Re: errormessage, but correct url
Hello Jon,
I've just copy/paste your code, and it works well...
Do you work behind a proxy?
best regards,
Thierry Boileau
Hi there,
i am using Restlet as a serversite application. It is running on a Tomcat 6.0.
While using my (restlet-)resources, i have to query another webservice from
this resources. Im doing it as follows (example, but original url):
String uri =
http://osopc4.ub.uni-osnabrueck.de:8080/DB=1/XML=ON/SET=3/TTL=1/CMD?ACT=SRCHAIKT=1016SRT=YOPTRM=9783540759409;;
final Request request = new Request(Method.GET, uri);
Response response = new Client(Protocol.HTTP).handle(request);
String result;
try {
result = response.getEntity().getText();
System.out.println(result);
} catch (IOException e) {
e.printStackTrace();
}
I always get as response text a message saying There is no server defined
for this path.. But the response text should be an xml representation of the
result to my query
I wonder, because when I paste this url into the browser, I get a correct
response without any errors.
Are there any changes made to url in the implementation when I call new
Request or handle?
I stepped through the source, but I didnt see any problems. Maybe I am too
blind.
Btw. Is it possible to use Sessions in my resources?
Thanks in advance
Stefan
--
http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447dsMessageId=1994891
--
http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447dsMessageId=1996166
RE: Re: GWT 1.6.4 (client only)
For org.restlet.gwt the only changes I made were: In GWT.gwt.xml I used only two deps: inherits name=com.google.gwt.json.JSON/ inherits name=com.google.gwt.xml.XML/ And generated the jar with the java files inside. -- http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447dsMessageId=1997374
RE: GWT 1.6.4 (client only)
Hi, (I think that I already posted this message anonymously...) I'm trying to understand why the GwtShellServletWrapper doesn't start in hosted mode. It seems to be some classloader problems... Anyway, I found something that I'm feeling it's not right in org.restlet.engine.Engine.java, in the loadClass(String className). In line : result = Class.forName(className); this can result in a ClassNotFoundException that will make the method throw that exception and the last two conditions will never be evaluated. In hosted mode, I'm only having success if I surround this code with a try/catch and ignore the exception. I can load the class with the ClassLoader.getSystemClassLoader() However, in org.restlet.ext.gwt.GwtShellServletWrapper, lines: this.gwtShellServletServiceMethod = this.gwtShellServlet.getClass() .getMethod(service, javax.servlet.ServletRequest.class, javax.servlet.ServletResponse.class); The method cannot be found in the class... that's why I suspect that can be some classloader problems. any hint? -- http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447dsMessageId=1997282
RE: GWT 1.6.4 (client only)
Hi, I'm trying to understand why the GwtShellServletWrapper doesn't start in hosted mode. It seems to be some classloader problems... Anyway, I found something that I'm feeling it's not right in org.restlet.engine.Engine.java, in the loadClass(String className). In line : result = Class.forName(className); this can result in a ClassNotFoundException that will make the method throw that exception and the last two conditions will never be evaluated. In hosted mode, I'm only having success if I surround this code with a try/catch and ignore the exception. I can load the class with the ClassLoader.getSystemClassLoader() However, in org.restlet.ext.gwt.GwtShellServletWrapper, lines: this.gwtShellServletServiceMethod = this.gwtShellServlet.getClass() .getMethod(service, javax.servlet.ServletRequest.class, javax.servlet.ServletResponse.class); The method cannot be found in the class... that's why I suspect that can be some classloader problems. any hint? -- http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447dsMessageId=1997243
Returning HTTP error 500 from the constructor of a Resource
Hello there, I'm starting to learn and use Restlets (1.1.x) and I have
a question:
I have a resource that I want to represent. For that representation I
need some data stored in a DB (it's not a DB actually, but the concept
is the same). So, following the pattern presented in the examples (1st
resource, tutorial, etc.) I do the DB query in the Resource's
constructor and fill a private instance of the object I'm trying to
represent in the Resource.
If that DB query (or any other data gathering mechanism to get the
'real' resource) fails (a.k.a. an exception is thrown while fetching
data), is it OK (both restlet-wise, REST-wise and web
application-wise) to return an HTTP error 500 right there in the
Resource constructor?
Something like this:
public MyResource(Context ctx, Request req, Response res) {
super(ctx, req, res);
try {
myObject = fetchDataFromDB();
}
catch (Exception e) {
getLogger().log(Level.SEVERE, e);
e.printStackTrace();
response.setStatus(Status.SERVER_ERROR_INTERNAL, e);
}
}
Thanks in advance for your prompt and accurate answer.
--
Fabián Mandelbaum
IS Engineer
--
http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447dsMessageId=1997123
Re: errormessage, but correct url
It looks like you're not doing anything wrong ... time to look for server bizarreness ... ? If you have the ability to sniff outgoing headers (e.g. with wireshark) try comparing the headers in your browser generated request versus your Restlet generated request. Sometimes a minor and insignificant difference can expose a server side bug. For example, last week I wasted a day tracking down a bug with a third party web service that would return a similarly cryptic error when the Content-Type header was application/xml; charset=UTF-8 as opposed to just application/xml ... service worked fine in some browsers, not in others. - Rob On Thu, Apr 30, 2009 at 2:15 PM, Jon Doe sriff...@uni-osnabrueck.de wrote: Doesnt matter if I take this example or use the code in my application on the Tomcat server. I always get the following response: -- http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447dsMessageId=2000147
