Re: Auditing function
I've done something similar in the past. Rather than rely on the restlet access logging service, I collected all the data I needed in an object as the request was processed. After the request completed, I spun off another thread to write to the log object to the database. If the database wasn't available, I did backup logging to a file. I _think_ I did this in the confines of wither log4j or slf4j, but I can't remember. On Sun, Apr 3, 2011 at 8:31 PM, Paul Morris wrote: > I've been looking into this since my initial post and want to add a couple > of thoughts to clarify my intention here. I found the LogService Restlet > class which looks very robust but I need to customize some of the logging > here for auditing and compliance purposes (i.e. identify the user based on > querying a session server using a token) so I think I'm looking at something > homegrown. But again, I'd like to implement some way to sort of "copy" the > request on the way in and "copy" the response on the way out, parse through > those copies (perhaps in another thread) to break them out cleanly into a > database. > > -- > > http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=2716636 > -- http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=2719277
RE: Cannot select MediaType when using ClientResource.wrap
Hi Christoph, Sorry, the visibility of handle(Request) was only increased in 2.1... 2.1 M3 is already quite stable, so if you can upgrade that would be best for you and 2.1 M4 will have the better solution soon. Best regards, Jerome -- Restlet ~ Founder and Technical Lead ~ http://www.restlet.org Noelios Technologies ~ http://www.noelios.com -Message d'origine- De : christoph.dietze [mailto:christoph.die...@ergodirekt.de] Envoyé : mardi 12 avril 2011 15:52 À : discuss@restlet.tigris.org Objet : RE: Cannot select MediaType when using ClientResource.wrap Hello Jerome, thanks for the quick answers. The solution you describe for 2.1-M4 looks ideal to me, I am looking forward to it. I tried the workaround you proposed by overriding ClientResource.handle(). However, that didnt work: ClientResource.handle() is never called and ClientResource.handle(Request) is private. cheers, Christoph -- View this message in context: http://restlet-discuss.1400322.n2.nabble.com/Cannot-select-MediaType-when-using-ClientResource-wrap-tp6264755p6265212.html Sent from the Restlet Discuss mailing list archive at Nabble.com. -- http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=2719102 -- http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=2719110
RE: OAuth & Restlet
Hi, Yes it should be OK to use, we are working on finalizing it for the 2.1-SNAPSHOT, but these are only minor fixes. If you are planning on using the OAuthProxy (which is used to gain access to e.g. facebook) I would wait a day or two since we are fixing a minor synchronizing issue. If you want to try it out that would be great. Be sure to also compile the OpenID extension since it uses that for tests. Thanks, martin -- http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=2719109
RE: Cannot select MediaType when using ClientResource.wrap
Hello Jerome, thanks for the quick answers. The solution you describe for 2.1-M4 looks ideal to me, I am looking forward to it. I tried the workaround you proposed by overriding ClientResource.handle(). However, that didnt work: ClientResource.handle() is never called and ClientResource.handle(Request) is private. cheers, Christoph -- View this message in context: http://restlet-discuss.1400322.n2.nabble.com/Cannot-select-MediaType-when-using-ClientResource-wrap-tp6264755p6265212.html Sent from the Restlet Discuss mailing list archive at Nabble.com. -- http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=2719102
RE: GET through Proxy
Hi Sersan, For those settings to be taken into account, you need the org.restlet.ext.net.jar in your classpath to use HttpURLConnection as your Restlet HTTP client. Best regards, Jerome -- Restlet ~ Founder and Technical Lead ~ http://www.restlet.org Noelios Technologies ~ http://www.noelios.com -Message d'origine- De : sersan [mailto:metal...@hotmail.com] Envoyé : jeudi 7 avril 2011 23:27 À : discuss@restlet.tigris.org Objet : RE: GET through Proxy Hi, any news on this.. I still can't make it work behind a proxy. -- http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=2717826 -- http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=2719101
RE: Cannot select MediaType when using ClientResource.wrap
Hi again,
This enhancement is now in SVN trunk (future 2.1 M4):
- ClientResource now respects any change to the clientInfo preferences
when using dynamic proxies (via wrap() for example). It only overwrites
them if the default preferences state (empty lists) is found at
invocation
time.
Note that in this case, conversion hints provided via annotation values such as
"gwt" are ignored.
Best regards,
Jerome
--
Restlet ~ Founder and Technical Lead ~ http://www.restlet.org
Noelios Technologies ~ http://www.noelios.com
-Message d'origine-
De : Jerome Louvel [mailto:jerome.lou...@noelios.com]
Envoyé : mardi 12 avril 2011 15:13
À : 'discuss'
Objet : RE: Cannot select MediaType when using ClientResource.wrap
Hi Christoph,
It should be possible to override those settings by using a value in your
Restlet annotations such as @Get("gwt") or @Get("jos"). For the latter case,
you need to register this extension into the metadataService of your
application:
getMetadataService().addExtension("jos", MediaType.APPLICATION_JAVA_OBJECT);
This isn't fully satisfactory as you need to touch the annotated interface. A
better approach would be to override ClientResource and extend the
handle(Request) method.
In this extended method, you can customize/rewrite the clientInfo preferences.
This will be executed after the annotation/proxy processing logic. Let me know
if this doesn't work.
I'm also exploring in 2.1 a smarter default logic that would respect any
predefine client preference in the prototype request wrapped by ClientResource.
Stay tuned!
Hope this helps,
Jérôme
-Message d'origine-
De : christoph.dietze [mailto:christoph.die...@ergodirekt.de]
Envoyé : mardi 12 avril 2011 13:25
À : discuss@restlet.tigris.org
Objet : Cannot select MediaType when using ClientResource.wrap
Hello,
I set up a server which can serve a resource in both APPLICATION_JAVA_OBJECT,
as well as APPLICATION_JAVA_OBJECT_GWT representation.
I can test this using
new
ClientResource("http://blockedcontent:/service/hello";).get(MediaType.APPLICATION_JAVA_OBJECT);
and
new
ClientResource("http://blockedcontent:/service/hello";).get(MediaType.APPLICATION_JAVA_OBJECT_GWT);
However, when using the ClientResource.wrap() I cannot select the MediaType.
- when org.restlet.ext.gwt-2.0.6.jar is in the client's classpath, the accepted
mediatypes of the request always are
[application/x-java-serialized-object+gwt:1.0,
application/x-java-serialized-object:1.0,
application/x-java-serialized-object+xml:1.0]
- when org.restlet.ext.gwt-2.0.6.jar is not in the client's classpath, the
accepted mediatypes are [application/x-java-serialized-object:1.0,
application/x-java-serialized-object+xml:1.0]
Setting the accepted mediatypes as described here does not work
http://restlet-discuss.1400322.n2.nabble.com/Restlet-Server-GWT-restlet-client-tp6200833p6200833.html
i.e., I tried both
ClientResource cr = new
ClientResource("http://blockedcontent:/service/hello";);
cr.getClientInfo().setAcceptedMediaTypes(
Arrays.asList(new Preference(MediaType.APPLICATION_JAVA_OBJECT)));
ContactResource resource = cr.wrap(ContactResource.class); Contact contact =
resource.retrieve(); // ...
and
ClientResource cr = new
ClientResource("http://blockedcontent:/service/hello";);
ContactResource resource = cr.wrap(ContactResource.class); ClientProxy p =
(ClientProxy) resource;
p.getClientResource().getClientInfo().setAcceptedMediaTypes(
Arrays.asList(new Preference(MediaType.APPLICATION_JAVA_OBJECT)));
Contact contact = resource.retrieve();
But I get always get the GWT representation when the gwt jar is in the
classpath. This fails to deserialize since I call from a Java program, not a
GWT app. I want to get the java object mediatype.
Thus, it seems that the client's accepted media types of a wrapped resource are
solely derived from the libraries on the classpath and cannot be overwritten.
So,how can I use a java serialized object mediatype with ClientResource.wrap,
even though the gwt jar is in the classpath?
--
View this message in context:
http://restlet-discuss.1400322.n2.nabble.com/Cannot-select-MediaType-when-using-ClientResource-wrap-tp6264755p6264755.html
Sent from the Restlet Discuss mailing list archive at Nabble.com.
--
http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=2719056
--
http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=2719091
RE: Cannot select MediaType when using ClientResource.wrap
Hi Christoph,
It should be possible to override those settings by using a value in your
Restlet annotations such as @Get("gwt") or @Get("jos"). For the latter case,
you need to register this extension into the metadataService of your
application:
getMetadataService().addExtension("jos",
MediaType.APPLICATION_JAVA_OBJECT);
This isn't fully satisfactory as you need to touch the annotated interface.
A better approach would be to override ClientResource and extend the
handle(Request) method.
In this extended method, you can customize/rewrite the clientInfo
preferences. This will be executed after the annotation/proxy processing
logic. Let me know if this doesn't work.
I'm also exploring in 2.1 a smarter default logic that would respect any
predefine client preference in the prototype request wrapped by
ClientResource. Stay tuned!
Hope this helps,
Jérôme
-Message d'origine-
De : christoph.dietze [mailto:christoph.die...@ergodirekt.de]
Envoyé : mardi 12 avril 2011 13:25
À : discuss@restlet.tigris.org
Objet : Cannot select MediaType when using ClientResource.wrap
Hello,
I set up a server which can serve a resource in both
APPLICATION_JAVA_OBJECT, as well as APPLICATION_JAVA_OBJECT_GWT
representation.
I can test this using
new
ClientResource("http://blockedcontent:/service/hello";).get(MediaType.APP
LICATION_JAVA_OBJECT);
and
new
ClientResource("http://blockedcontent:/service/hello";).get(MediaType.APP
LICATION_JAVA_OBJECT_GWT);
However, when using the ClientResource.wrap() I cannot select the MediaType.
- when org.restlet.ext.gwt-2.0.6.jar is in the client's classpath, the
accepted mediatypes of the request always are
[application/x-java-serialized-object+gwt:1.0,
application/x-java-serialized-object:1.0,
application/x-java-serialized-object+xml:1.0]
- when org.restlet.ext.gwt-2.0.6.jar is not in the client's classpath, the
accepted mediatypes are [application/x-java-serialized-object:1.0,
application/x-java-serialized-object+xml:1.0]
Setting the accepted mediatypes as described here does not work
http://restlet-discuss.1400322.n2.nabble.com/Restlet-Server-GWT-restlet-clie
nt-tp6200833p6200833.html
i.e., I tried both
ClientResource cr = new
ClientResource("http://blockedcontent:/service/hello";);
cr.getClientInfo().setAcceptedMediaTypes(
Arrays.asList(new Preference(MediaType.APPLICATION_JAVA_OBJECT)));
ContactResource resource = cr.wrap(ContactResource.class); Contact contact =
resource.retrieve(); // ...
and
ClientResource cr = new
ClientResource("http://blockedcontent:/service/hello";);
ContactResource resource = cr.wrap(ContactResource.class); ClientProxy p =
(ClientProxy) resource;
p.getClientResource().getClientInfo().setAcceptedMediaTypes(
Arrays.asList(new Preference(MediaType.APPLICATION_JAVA_OBJECT)));
Contact contact = resource.retrieve();
But I get always get the GWT representation when the gwt jar is in the
classpath. This fails to deserialize since I call from a Java program, not a
GWT app. I want to get the java object mediatype.
Thus, it seems that the client's accepted media types of a wrapped resource
are solely derived from the libraries on the classpath and cannot be
overwritten.
So,how can I use a java serialized object mediatype with
ClientResource.wrap, even though the gwt jar is in the classpath?
--
View this message in context:
http://restlet-discuss.1400322.n2.nabble.com/Cannot-select-MediaType-when-us
ing-ClientResource-wrap-tp6264755p6264755.html
Sent from the Restlet Discuss mailing list archive at Nabble.com.
--
http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=27190
56
--
http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=2719084
Cannot select MediaType when using ClientResource.wrap
Hello,
I set up a server which can serve a resource in both
APPLICATION_JAVA_OBJECT, as well as APPLICATION_JAVA_OBJECT_GWT
representation.
I can test this using
new
ClientResource("http://blockedcontent:/service/hello";).get(MediaType.APPLICATION_JAVA_OBJECT);
and
new
ClientResource("http://blockedcontent:/service/hello";).get(MediaType.APPLICATION_JAVA_OBJECT_GWT);
However, when using the ClientResource.wrap() I cannot select the MediaType.
- when org.restlet.ext.gwt-2.0.6.jar is in the client's classpath, the
accepted mediatypes of the request always are
[application/x-java-serialized-object+gwt:1.0,
application/x-java-serialized-object:1.0,
application/x-java-serialized-object+xml:1.0]
- when org.restlet.ext.gwt-2.0.6.jar is not in the client's classpath, the
accepted mediatypes are
[application/x-java-serialized-object:1.0,
application/x-java-serialized-object+xml:1.0]
Setting the accepted mediatypes as described here does not work
http://restlet-discuss.1400322.n2.nabble.com/Restlet-Server-GWT-restlet-client-tp6200833p6200833.html
i.e., I tried both
ClientResource cr = new
ClientResource("http://blockedcontent:/service/hello";);
cr.getClientInfo().setAcceptedMediaTypes(
Arrays.asList(new Preference(MediaType.APPLICATION_JAVA_OBJECT)));
ContactResource resource = cr.wrap(ContactResource.class);
Contact contact = resource.retrieve();
// ...
and
ClientResource cr = new
ClientResource("http://blockedcontent:/service/hello";);
ContactResource resource = cr.wrap(ContactResource.class);
ClientProxy p = (ClientProxy) resource;
p.getClientResource().getClientInfo().setAcceptedMediaTypes(
Arrays.asList(new Preference(MediaType.APPLICATION_JAVA_OBJECT)));
Contact contact = resource.retrieve();
But I get always get the GWT representation when the gwt jar is in the
classpath. This fails to deserialize since I call from a Java program, not a
GWT app. I want to get the java object mediatype.
Thus, it seems that the client's accepted media types of a wrapped resource
are solely derived from the libraries on the classpath and cannot be
overwritten.
So,how can I use a java serialized object mediatype with
ClientResource.wrap, even though the gwt jar is in the classpath?
--
View this message in context:
http://restlet-discuss.1400322.n2.nabble.com/Cannot-select-MediaType-when-using-ClientResource-wrap-tp6264755p6264755.html
Sent from the Restlet Discuss mailing list archive at Nabble.com.
--
http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=2719056
OAuth & Restlet
Hi, I was looking for OAuth support in Restlet. Can somebody tell me the status of the OAuth extension kept in incubator. Can it be used? Regards Lokendra -- http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=2719023
Solution Design Crisis
Hi at all
I'm Stefano from Italy (so...sorry for my not so good english). I come from
JSP-Relational DB and Java world (before 2007) and after some years of stop,
I'm trying to develop a new platform for building collaborative journalistic
stuffs (eg. article, newspapers and so on) using "new" technologies (REST,
NOSQL, workflow engine). So the scenario is quite simple:
1) Different Kind of people can access to platform (anonimous users,
writers, readers, editors, administrators) and everyone of them can be, for
example, editor for one article and also only reader for another one)
2)collaborative resources can have different kind of protection policy in
example, some articles are private (manageable only by their owner), other
are manageable by a dinamic group of users, and finally other are public
(manageable by every autentichated user)
So I've already buy restlet in action MEAP ebook (great job) for better
understand RESTLET powerful characteristics and after 6 chapter I'm in
crisis on secure issues (probably because of my servlet stateful
background).
I mean that in JSP world , after a login form , usually I use
session.setParameter ("user", User) using a POJO User with some methods
like public Boolean checkModification(Article ID) that return true if
current user can modify resource with given ID, and public Boolean
checkView(Article ID) that return true if current user can view resource.
Obviusly those methods have business logic that check in some way permission
grant (i. e. a SQL query on a RDBMS). In my opinion, in this way is avoid
also the problem of cross injection because the user pojo is in memory in
context session on server side.
I'm sure (or better, I hope) that the same kind of security can be reached
also with RESTLET frameworkbut I'm confused about this topic and about
the better solution for my project.
For other features i need to use Restlet as Servlet in Tomcat , so please
..can everyone guide me in the choose of right secure architecture, to
obtain content protection policy (like explained above)and also to avoid
malicius injection, by using Tomcat and Restlet?
I hope in your help...thanks in advance.
Stefano
--
View this message in context:
http://restlet-discuss.1400322.n2.nabble.com/Solution-Design-Crisis-tp6264271p6264271.html
Sent from the Restlet Discuss mailing list archive at Nabble.com.
--
http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=2719025
Solution Design Crisis
Hi at all
I'm Stefano from Italy (so...sorry for my not so good english). I come from
JSP-Relational DB and Java world (before 2007) and after some years of stop,
I'm trying to develop a new platform for building collaborative journalistic
stuffs (eg. article, newspapers and so on) using "new" technologies (REST,
NOSQL, workflow engine). So the scenario is quite simple:
1) Different Kind of people can access to platform (anonimous users,
writers, readers, editors, administrators) and everyone of them can be, for
example, editor for one article and also only reader for another one)
2)collaborative resources can have different kind of protection policy in
example, some articles are private (manageable only by their owner), other
are manageable by a dinamic group of users, and finally other are public
(manageable by every autentichated user)
So I've already buy restlet in action MEAP ebook (great job) for better
understand RESTLET powerful characteristics and after 6 chapter I'm in
crisis on secure issues (probably because of my servlet stateful
background).
I mean that in JSP world , after a login form , usually I use
session.setParameter ("user", User) using a POJO User with some methods
like public Boolean checkModification(Article ID) that return true if
current user can modify resource with given ID, and public Boolean
checkView(Article ID) that return true if current user can view resource.
Obviusly those methods have business logic that check in some way permission
grant (i. e. a SQL query on a RDBMS). In my opinion, in this way is avoid
also the problem of cross injection because the user pojo is in memory in
context session on server side.
I'm sure (or better, I hope) that the same kind of security can be reached
also with RESTLET frameworkbut I'm confused about this topic and about
the better solution for my project.
For other features i need to use Restlet as Servlet in Tomcat , so please
..can everyone guide me in the choose of right secure architecture, to
obtain content protection policy (like explained above)and also to avoid
malicius injection, by using Tomcat and Restlet?
I hope in your help...thanks in advance.
Stefano
--
View this message in context:
http://restlet-discuss.1400322.n2.nabble.com/Solution-Design-Crisis-tp6264270p6264270.html
Sent from the Restlet Discuss mailing list archive at Nabble.com.
--
http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=2719024
