Search Results

Search found 2872 results on 115 pages for 'packet injection'.

Page 9/115 | < Previous Page | 5 6 7 8 9 10 11 12 13 14 15 16  | Next Page >

  • Dependency Injection: Jetty 7

    - by Malax
    Hi StackOverflow! My application requires several interface implementations which require a Jetty server to do their job. This is, however, not necessarily the case in every implementations of those interfaces so the Jetty server is only a dependency. Since it would be a huge amount of pain to wrap the entire jetty server with all its logging, connector and Handler configurations, I want to inject the server to those implementations with Spring. I decided that injecting the Server class is not a good idea because an implementation could stop the server even if its required at another location. Currently I inject empty HandlerList classes to those implementations and they register their handlers to avoid those problems. The Problem: Those handlers might interfere with other handlers for example: implementation one might register a handler for /foo and implementation two too... problem. Has anyone used Jetty in such an environment? And how could this problem be solved? My XML to clarify my problem: <bean id="jetty" class="org.eclipse.jetty.server.Server" destroy-method="stop"> <property name="connectors"> <list> <bean class="org.eclipse.jetty.server.bio.SocketConnector"> <property name="host" value="10.8.0.46" /> <property name="port" value="9999" /> </bean> </list> </property> <property name="handler"> <bean class="org.eclipse.jetty.server.handler.HandlerCollection"> <property name="handlers"> <list> <ref bean="jetty.handlerList" /> <bean class="org.eclipse.jetty.server.handler.RequestLogHandler"> <property name="requestLog"> <bean class="org.eclipse.jetty.server.NCSARequestLog"> <constructor-arg value="${jetty.logfile}" /> <property name="extended" value="false"/> </bean> </property> </bean> </list> </property> </bean> </property> <property name="sendServerVersion" value="false" /> </bean> <bean id="jetty.handlerList" class="org.eclipse.jetty.server.handler.HandlerList" /> If I require an empty HandlerList I use something like this where com.example.myapp.util.ioc.CreateHandlerListFactory is a org.springframework.beans.factory.FactoryBean which creates a new HandlerList within the given HandlerList. <constructor-arg> <bean class="com.example.myapp.util.ioc.CreateHandlerListFactory"> <constructor-arg ref="jetty.handlerList"/> </bean> </constructor-arg>

    Read the article

  • EntityManager injection works in JBoss 7.1.1 but not WebSphere 7

    - by BikerJared
    I've built an EJB that will manage my database access. I'm building a web app around it that uses Struts 2. The problem I'm having is when I deploy the ear, the EntityManager doesn't get injected into my service class (and winds up null and results in NullPointerExceptions). The weird thing is, it works on JBoss 7.1.1 but not on WebSphere 7. You'll notice that Struts doesn't inject the EJB, so I've got some intercepter code that does that. My current working theory right now is that the WS7 container can't inject the EntityManager because of Struts for some unknown reason. My next step is to try Spring next, but I'd really like to get this to work if possible. I've spent a few days searching and trying various things and haven't had any luck. I figured I'd give this a shot. Let me know if I can provide additional information. <?xml version="1.0" encoding="UTF-8"?> <persistence xmlns="http://java.sun.com/xml/ns/persistence" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" version="1.0" xsi:schemaLocation="http://java.sun.com/xml/ns/persistence http://java.sun.com/xml/ns/persistence/persistence_1_0.xsd"> <persistence-unit name="JPATestPU" transaction-type="JTA"> <description>JPATest Persistence Unit</description> <jta-data-source>jdbc/Test-DS</jta-data-source> <class>org.jaredstevens.jpatest.db.entities.User</class> <properties> <property name="hibernate.hbm2ddl.auto" value="update"/> </properties> </persistence-unit> </persistence> package org.jaredstevens.jpatest.db.entities; import java.io.Serializable; import javax.persistence.*; @Entity @Table public class User implements Serializable { private static final long serialVersionUID = -2643583108587251245L; private long id; private String name; private String email; @Id @GeneratedValue(strategy = GenerationType.TABLE) public long getId() { return id; } public void setId(long id) { this.id = id; } @Column(nullable=false) public String getName() { return this.name; } public void setName( String name ) { this.name = name; } @Column(nullable=false) public String getEmail() { return this.email; } @Column(nullable=false) public void setEmail( String email ) { this.email= email; } } package org.jaredstevens.jpatest.db.services; import java.util.List; import javax.ejb.Remote; import javax.ejb.Stateless; import javax.ejb.TransactionAttribute; import javax.ejb.TransactionAttributeType; import javax.persistence.EntityManager; import javax.persistence.PersistenceContext; import javax.persistence.PersistenceContextType; import javax.persistence.Query; import org.jaredstevens.jpatest.db.entities.User; import org.jaredstevens.jpatest.db.interfaces.IUserService; @Stateless(name="UserService",mappedName="UserService") @Remote public class UserService implements IUserService { @PersistenceContext(unitName="JPATestPU",type=PersistenceContextType.TRANSACTION) private EntityManager em; @TransactionAttribute(TransactionAttributeType.REQUIRED) public User getUserById(long userId) { User retVal = null; if(userId > 0) { retVal = (User)this.getEm().find(User.class, userId); } return retVal; } @TransactionAttribute(TransactionAttributeType.REQUIRED) public List<User> getUsers() { List<User> retVal = null; String sql; sql = "SELECT u FROM User u ORDER BY u.id ASC"; Query q = this.getEm().createQuery(sql); retVal = (List<User>)q.getResultList(); return retVal; } @TransactionAttribute(TransactionAttributeType.REQUIRED) public void save(User user) { this.getEm().persist(user); } @TransactionAttribute(TransactionAttributeType.REQUIRED) public boolean remove(long userId) { boolean retVal = false; if(userId > 0) { User user = null; user = (User)this.getEm().find(User.class, userId); if(user != null) this.getEm().remove(user); if(this.getEm().find(User.class, userId) == null) retVal = true; } return retVal; } public EntityManager getEm() { return em; } public void setEm(EntityManager em) { this.em = em; } } package org.jaredstevens.jpatest.actions.user; import javax.ejb.EJB; import org.jaredstevens.jpatest.db.entities.User; import org.jaredstevens.jpatest.db.interfaces.IUserService; import com.opensymphony.xwork2.ActionSupport; public class UserAction extends ActionSupport { @EJB(mappedName="UserService") private IUserService userService; private static final long serialVersionUID = 1L; private String userId; private String name; private String email; private User user; public String getUserById() { String retVal = ActionSupport.SUCCESS; this.setUser(userService.getUserById(Long.parseLong(this.userId))); return retVal; } public String save() { String retVal = ActionSupport.SUCCESS; User user = new User(); if(this.getUserId() != null && Long.parseLong(this.getUserId()) > 0) user.setId(Long.parseLong(this.getUserId())); user.setName(this.getName()); user.setEmail(this.getEmail()); userService.save(user); this.setUser(user); return retVal; } public String getUserId() { return this.userId; } public void setUserId(String userId) { this.userId = userId; } public String getName() { return this.name; } public void setName( String name ) { this.name = name; } public String getEmail() { return this.email; } public void setEmail( String email ) { this.email = email; } public User getUser() { return this.user; } public void setUser(User user) { this.user = user; } } package org.jaredstevens.jpatest.utils; import com.opensymphony.xwork2.ActionInvocation; import com.opensymphony.xwork2.interceptor.Interceptor; public class EJBAnnotationProcessorInterceptor implements Interceptor { private static final long serialVersionUID = 1L; public void destroy() { } public void init() { } public String intercept(ActionInvocation ai) throws Exception { EJBAnnotationProcessor.process(ai.getAction()); return ai.invoke(); } } package org.jaredstevens.jpatest.utils; import java.lang.reflect.Field; import javax.ejb.EJB; import javax.naming.Context; import javax.naming.InitialContext; import javax.naming.NamingException; public class EJBAnnotationProcessor { public static void process(Object instance)throws Exception{ Field[] fields = instance.getClass().getDeclaredFields(); if(fields != null && fields.length > 0){ EJB ejb; for(Field field : fields){ ejb = field.getAnnotation(EJB.class); if(ejb != null){ field.setAccessible(true); field.set(instance, EJBAnnotationProcessor.getEJB(ejb.mappedName())); } } } } private static Object getEJB(String mappedName) { Object retVal = null; String path = ""; Context cxt = null; String[] paths = {"cell/nodes/virgoNode01/servers/server1/","java:module/"}; for( int i=0; i < paths.length; ++i ) { try { path = paths[i]+mappedName; cxt = new InitialContext(); retVal = cxt.lookup(path); if(retVal != null) break; } catch (NamingException e) { retVal = null; } } return retVal; } } <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE struts PUBLIC "-//Apache Software Foundation//DTD Struts Configuration 2.0//EN" "http://struts.apache.org/dtds/struts-2.0.dtd"> <struts> <constant name="struts.devMode" value="true" /> <package name="basicstruts2" namespace="/diagnostics" extends="struts-default"> <interceptors> <interceptor name="ejbAnnotationProcessor" class="org.jaredstevens.jpatest.utils.EJBAnnotationProcessorInterceptor"/> <interceptor-stack name="baseStack"> <interceptor-ref name="defaultStack"/> <interceptor-ref name="ejbAnnotationProcessor"/> </interceptor-stack> </interceptors> <default-interceptor-ref name="baseStack"/> </package> <package name="restAPI" namespace="/conduit" extends="json-default"> <interceptors> <interceptor name="ejbAnnotationProcessor" class="org.jaredstevens.jpatest.utils.EJBAnnotationProcessorInterceptor" /> <interceptor-stack name="baseStack"> <interceptor-ref name="defaultStack" /> <interceptor-ref name="ejbAnnotationProcessor" /> </interceptor-stack> </interceptors> <default-interceptor-ref name="baseStack" /> <action name="UserAction.getUserById" class="org.jaredstevens.jpatest.actions.user.UserAction" method="getUserById"> <result type="json"> <param name="ignoreHierarchy">false</param> <param name="includeProperties"> ^user\.id, ^user\.name, ^user\.email </param> </result> <result name="error" type="json" /> </action> <action name="UserAction.save" class="org.jaredstevens.jpatest.actions.user.UserAction" method="save"> <result type="json"> <param name="ignoreHierarchy">false</param> <param name="includeProperties"> ^user\.id, ^user\.name, ^user\.email </param> </result> <result name="error" type="json" /> </action> </package> </struts> Stack Trace java.lang.NullPointerException org.jaredstevens.jpatest.actions.user.UserAction.save(UserAction.java:38) sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:60) sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:37) java.lang.reflect.Method.invoke(Method.java:611) com.opensymphony.xwork2.DefaultActionInvocation.invokeAction(DefaultActionInvocation.java:453) com.opensymphony.xwork2.DefaultActionInvocation.invokeActionOnly(DefaultActionInvocation.java:292) com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:255) org.jaredstevens.jpatest.utils.EJBAnnotationProcessorInterceptor.intercept(EJBAnnotationProcessorInterceptor.java:21) com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:249) org.apache.struts2.interceptor.debugging.DebuggingInterceptor.intercept(DebuggingInterceptor.java:256) com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:249) com.opensymphony.xwork2.interceptor.DefaultWorkflowInterceptor.doIntercept(DefaultWorkflowInterceptor.java:176) com.opensymphony.xwork2.interceptor.MethodFilterInterceptor.intercept(MethodFilterInterceptor.java:98) com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:249) com.opensymphony.xwork2.validator.ValidationInterceptor.doIntercept(ValidationInterceptor.java:265) org.apache.struts2.interceptor.validation.AnnotationValidationInterceptor.doIntercept(AnnotationValidationInterceptor.java:68) com.opensymphony.xwork2.interceptor.MethodFilterInterceptor.intercept(MethodFilterInterceptor.java:98) com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:249) com.opensymphony.xwork2.interceptor.ConversionErrorInterceptor.intercept(ConversionErrorInterceptor.java:138) com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:249) com.opensymphony.xwork2.interceptor.ParametersInterceptor.doIntercept(ParametersInterceptor.java:211) com.opensymphony.xwork2.interceptor.MethodFilterInterceptor.intercept(MethodFilterInterceptor.java:98) com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:249) com.opensymphony.xwork2.interceptor.ParametersInterceptor.doIntercept(ParametersInterceptor.java:211) com.opensymphony.xwork2.interceptor.MethodFilterInterceptor.intercept(MethodFilterInterceptor.java:98) com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:249) com.opensymphony.xwork2.interceptor.StaticParametersInterceptor.intercept(StaticParametersInterceptor.java:190) com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:249) org.apache.struts2.interceptor.MultiselectInterceptor.intercept(MultiselectInterceptor.java:75) com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:249) org.apache.struts2.interceptor.CheckboxInterceptor.intercept(CheckboxInterceptor.java:90) com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:249) org.apache.struts2.interceptor.FileUploadInterceptor.intercept(FileUploadInterceptor.java:243) com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:249) com.opensymphony.xwork2.interceptor.ModelDrivenInterceptor.intercept(ModelDrivenInterceptor.java:100) com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:249) com.opensymphony.xwork2.interceptor.ScopedModelDrivenInterceptor.intercept(ScopedModelDrivenInterceptor.java:141) com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:249) com.opensymphony.xwork2.interceptor.ChainingInterceptor.intercept(ChainingInterceptor.java:145) com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:249) com.opensymphony.xwork2.interceptor.PrepareInterceptor.doIntercept(PrepareInterceptor.java:171) com.opensymphony.xwork2.interceptor.MethodFilterInterceptor.intercept(MethodFilterInterceptor.java:98) com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:249) com.opensymphony.xwork2.interceptor.I18nInterceptor.intercept(I18nInterceptor.java:176) com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:249) org.apache.struts2.interceptor.ServletConfigInterceptor.intercept(ServletConfigInterceptor.java:164) com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:249) com.opensymphony.xwork2.interceptor.AliasInterceptor.intercept(AliasInterceptor.java:192) com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:249) com.opensymphony.xwork2.interceptor.ExceptionMappingInterceptor.intercept(ExceptionMappingInterceptor.java:187) com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:249) org.apache.struts2.impl.StrutsActionProxy.execute(StrutsActionProxy.java:54) org.apache.struts2.dispatcher.Dispatcher.serviceAction(Dispatcher.java:511) org.apache.struts2.dispatcher.ng.ExecuteOperations.executeAction(ExecuteOperations.java:77) org.apache.struts2.dispatcher.ng.filter.StrutsPrepareAndExecuteFilter.doFilter(StrutsPrepareAndExecuteFilter.java:91) com.ibm.ws.webcontainer.filter.FilterInstanceWrapper.doFilter(FilterInstanceWrapper.java:188) com.ibm.ws.webcontainer.filter.WebAppFilterChain.doFilter(WebAppFilterChain.java:116) com.ibm.ws.webcontainer.filter.WebAppFilterChain._doFilter(WebAppFilterChain.java:77) com.ibm.ws.webcontainer.filter.WebAppFilterManager.doFilter(WebAppFilterManager.java:908) com.ibm.ws.webcontainer.filter.WebAppFilterManager.invokeFilters(WebAppFilterManager.java:997) com.ibm.ws.webcontainer.extension.DefaultExtensionProcessor.invokeFilters(DefaultExtensionProcessor.java:1062) com.ibm.ws.webcontainer.extension.DefaultExtensionProcessor.handleRequest(DefaultExtensionProcessor.java:982) com.ibm.ws.webcontainer.webapp.WebApp.handleRequest(WebApp.java:3935) com.ibm.ws.webcontainer.webapp.WebGroup.handleRequest(WebGroup.java:276) com.ibm.ws.webcontainer.WebContainer.handleRequest(WebContainer.java:931) com.ibm.ws.webcontainer.WSWebContainer.handleRequest(WSWebContainer.java:1583) com.ibm.ws.webcontainer.channel.WCChannelLink.ready(WCChannelLink.java:186) com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleDiscrimination(HttpInboundLink.java:452) com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleNewRequest(HttpInboundLink.java:511) com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.processRequest(HttpInboundLink.java:305) com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.ready(HttpInboundLink.java:276) com.ibm.ws.tcp.channel.impl.NewConnectionInitialReadCallback.sendToDiscriminators(NewConnectionInitialReadCallback.java:214) com.ibm.ws.tcp.channel.impl.NewConnectionInitialReadCallback.complete(NewConnectionInitialReadCallback.java:113) com.ibm.ws.tcp.channel.impl.AioReadCompletionListener.futureCompleted(AioReadCompletionListener.java:165) com.ibm.io.async.AbstractAsyncFuture.invokeCallback(AbstractAsyncFuture.java:217) com.ibm.io.async.AsyncChannelFuture.fireCompletionActions(AsyncChannelFuture.java:161) com.ibm.io.async.AsyncFuture.completed(AsyncFuture.java:138) com.ibm.io.async.ResultHandler.complete(ResultHandler.java:204) com.ibm.io.async.ResultHandler.runEventProcessingLoop(ResultHandler.java:775) com.ibm.io.async.ResultHandler$2.run(ResultHandler.java:905) com.ibm.ws.util.ThreadPool$Worker.run(ThreadPool.java:1604)

    Read the article

  • Successful SQL Injection despite PHP Magic Quotes

    - by Crimson
    I have always read that Magic Quotes do not stop SQL Injections at all but I am not able to understand why not! As an example, let's say we have the following query: SELECT * FROM tablename WHERE email='$x'; Now, if the user input makes $x=' OR 1=1 --, the query would be: SELECT * FROM tablename WHERE email='\' OR 1=1 --'; The backslash will be added by Magic Quotes with no damage done whatsoever! Is there a way that I am not seeing where the user can bypass the Magic Quote insertions here?

    Read the article

  • Logging exceptions during bean injection

    - by Marc W
    I think this is a pretty basic question, but after Googling around I can't seem to find the answer. What I need is a way to log some custom output with log4j during Spring bean construction. I have a factory class called ResponderFactory (being used as an instance factory in Spring) with a factory method that can throw 2 different types of exception. public CollectorResponder collectorResponder(String inputQueueName) throws ConfigurationException, BrokerConnectionException {} Now, normally I could wrap a call to this method in a try-catch block with 2 catch clauses to handle the logging situations for each of the exceptions. However, if I'm using Spring to inject this CollectorResponder, created with the factory, into another class I don't see how this is possible. <bean id="responderFactory" class="com.package.ResponderFactory"> <constructor-arg index="0" ref="basicDispatcher" /> <constructor-arg index="1" value="http://localhost:9000" /> </bean> <bean id="collectorResponder" class="com.package.CollectorResponder" factory-bean="responderFactory" factory-method="collectorResponder"> <constructor-arg value="collector.in" /> </bean> <bean id="collectorConsumer" class="com.package.CollectorConsumer"> <constructor-arg ref="collectorResponder" /> </bean> Again, I want to catch these exceptions when the collectorResponder bean is instantiated. Right now I'm dealing with this is CollectorConsumer when I instantiate using new CollectorResponder(...). Is there any way I can do this?

    Read the article

  • IoC / Dependency Injection - please explain code versus XML

    - by steve.macdonald
    I understand basically how IoC frameworks work, however one thing I don't quite get is how code-based config is supposed to work. With XML I understand how you could add a new assembly to a deployed application, then change the config in XML to include it. If the application is already deployed (i.e., compiled in some form) then how can code changes be made without recompiling? Or is that what people do, just change config in code and recompile?

    Read the article

  • How far does Dependency Injection reach?

    - by Baddie
    My web app solution consists of 3 projects: Web App (ASP.NET MVC) Business Logic Layer (Class Library) Database Layer (Entity Framework) I want to use Ninject to manage the lifetime of the DataContext generated by the Entity Framework in the Database Layer. The Business Logic layer consists of classes which reference repositories (located in the database layer) and my ASP.NET MVC app references the business logic layer's service classes to run code. Each repository creates an instance of the MyDataContext object from the Entity Framework Repository public class MyRepository { private MyDataContext db; public MyRepository { this.db = new MyDataContext(); } // methods } Business Logic Classes public class BizLogicClass { private MyRepository repos; public MyRepository { this.repos = new MyRepository(); } // do stuff with the repos } Will Ninject handle the lifetime of MyDataContext despite the lengthy dependency chain from the Web App to the Data Layer?

    Read the article

  • StructureMap resolve dependency through injection instead of service location

    - by Chris Marisic
    In my project I register many ISerializers implementations with the assembly scanner. FWIW this is the code that registers my ISerializers Scan(scanner => { scanner.AssemblyContainingType<ISerializer>(); scanner.AddAllTypesOf<ISerializer>().NameBy(type => type.Name); scanner.WithDefaultConventions(); }); Which then correctly registers ISerializer (...ISerializer) Scoped as: Transient JsonSerializer Configured Instance of ...JsonSerializer BsonSerializer Configured Instance of ...BsonSerializer And so forth. Currently the only way I've been able to figure out how to resolve the serializer I want is to hardcode a service location call with jsonSerializer = ObjectFactory.GetNamedInstance<ISerializer>("JsonSerializer"); Now I know in my class that I specifically want the jsonSerializer so is there a way to configure a rule or similar that says for ISerializer's to connect the named instance based on the property name? So that I could have MySomeClass(ISerializer jsonSerializer, ....) And StructureMap correctly resolve this scenario? Or am I approaching this wrong and perhaps I should just register the concrete type that implements ISerializer and then just specifically use MySomeClass(JsonSerializer jsonSerializer, ....) for something along these lines with the concrete class?

    Read the article

  • Instance management with Dependency injection (DI)

    - by Sven
    Hello I'm trying to understand how DI exactly works. I'm currently using Windsor as DI container. I use this to load my services dynamically in code without direct reference. But I have change behaviour and want to know a bit more on the instance mgmt using DI. I have a web app projct, here is a WCF service using PerCall as instancemode. This means, new instance/call. In this WCF I call a service (loaded via DI) and this service calls another service (again loaded via DI). The WCF is a new instance in the appdomain, but what about the services. They are also new instances? Is this DI container shared among all WCF instances and are the services in this container also single instances? Can anyone clarify?

    Read the article

  • ruby on rails params injection

    - by Julien P.
    Hello everyone, I have a question about ruby on rails and the process of assigning variables using the params variable passed through a form class User attr_accessible :available_to_admins, :name end Let's say that I have a field that is only available to my admins. Assuming that you are not an admin, I am going to not display the available_to_admins input in your form. After that, when I want to save your data I'll just do a: User.update_attributes(params[:user]) If you are an admin, then no problem, the params[:user] is going to contain name and available_tu_admins and if you're not then only your name. Since the available_to_admins is an attr_accessible parameter, how should I prevent non admin users from being able to inject a variable containing the available_to_admins input with their new value?

    Read the article

  • Dependency Injection Question - ASP.NET

    - by Paul
    I'm starting a web application that contains the following projects: Booking.Web Booking.Services Booking.DataObjects Booking.Data I'm using the repository pattern in my data project only. All services will be the same, no matter what happens. However, if a customer wants to use Access, it will use a different data repository than if the customer wants to use SQL Server. I have StructureMap, and want to be able to do the following: Web project is unaffected. It's a web forms application that will only know about the services project and the dataobjects project. When a service is called, it will use StructureMap (by looking up the bootstrapper.cs file) to see which data repository to use. An example of a services class is the error logging class: public class ErrorLog : IErrorLog { ILogging logger; public ErrorLog() { } public ErrorLog(ILogging logger) { this.logger = logger; } public void AddToLog(string errorMessage) { try { AddToDatabaseLog(errorMessage); } catch (Exception ex) { AddToFileLog(ex.Message); } finally { AddToFileLog(errorMessage); } } private void AddToDatabaseLog(string errorMessage) { ErrorObject error = new ErrorObject { ErrorDateTime = DateTime.Now, ErrorMessage = errorMessage }; logger.Insert(error); } private void AddToFileLog(string errorMessage) { // TODO: Take this value from the web.config instead of hard coding it TextWriter writer = new StreamWriter(@"E:\Work\Booking\Booking\Booking.Web\Logs\ErrorLog.txt", true); writer.WriteLine(DateTime.Now.ToString() + " ---------- " + errorMessage); writer.Close(); } } I want to be able to call this service from my web project, without defining which repository to use for the data access. My boostrapper.cs file in the services project is defined as: public class Bootstrapper { public static void ConfigureStructureMap() { ObjectFactory.Initialize(x => { x.AddRegistry(new ServiceRegistry()); } ); } public class ServiceRegistry : Registry { protected override void configure() { ForRequestedType<IErrorLog>().TheDefaultIsConcreteType<Booking.Services.Logging.ErrorLog>(); ForRequestedType<ILogging>().TheDefaultIsConcreteType<SqlServerLoggingProvider>(); } } } What else do I need to get this to work? When I defined a test, the ILogger object was null. Thanks,

    Read the article

  • Website Link Injection

    - by Ryan B
    I have a website that is fairly static. It has some forms on it to send in contact information, mailing list submissions, etc. Perhaps hours/days after an upload to the site I found that the main index page had new code in it that I had not placed there that contained a hidden bunch of links in a invisible div. I have the following code the handles the variables sent in from the form. <?php // PHP Mail Order to [email protected] w/ some error detection. $jamemail = "[email protected]"; function check_input($data, $problem='') { $data = trim($data); $data = stripslashes($data); $data = htmlspecialchars($data); if ($problem && strlen($data) == 0) { die($problem); } return $data; } $email = check_input($_POST['email'], "Please input email address."); $name = check_input($_POST['name'], "Please input name."); mail($jamemail, "Mailing List Submission", "Name: " . $name . " Email: " .$email); header('Location: index.php'); ?> I have the following code within the index page to present the form with some Javascript to do error detection on the content of the submission prior to submission. <form action="sendlist.php" method="post" onSubmit="return checkmaill(this);"> <label for="name"><strong>Name: </strong></label> <input type="text" name="name"/><br /> <label for="email"><strong>Email: </strong></label> <input type="text" name="email"/><br /> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type="submit" value="Subscribe" style="width: 100px;"/> </form> At the end of the day, the source code where the injected hyperlinks is as follows: </body> </html><!-- google --><font style="position: absolute;overflow: hidden;height: 0;width: 0"> xeex172901 <a href=http://menorca.caeb.com/od9c2/xjdmy/onondaga.php>onondaga</a> <a href=http://menorca.caeb.com/od9c2/xjdmy/tami.php>tami</a> <a href=http://menorca.caeb.com/od9c2/xjdmy/shotguns.php>shotguns</a> <a href=http://menorca.caeb.com/od9c2/xjdmy/weir.php>weir</a> <a href=http://menorca.caeb.com/od9c2/xjdmy/copperhead.php>copperhead</a> <a href=http://menorca.caeb.com/od9c2/xjdmy/mpv.php>mpv</a> <a href=http://menorca.caeb.com/od9c2/xjdmy/brunei.php>brunei</a> <a href=http://menorca.caeb.com/od9c2/xjdmy/doreen.php>doreen</a>

    Read the article

  • Is testability alone justification for dependency injection?

    - by fearofawhackplanet
    The advantages of DI, as far as I am aware, are: Reduced Dependencies More Reusable Code More Testable Code More Readable Code Say I have a repository, OrderRepository, which acts as a repository for an Order object generated through a Linq to Sql dbml. I can't make my orders repository generic as it performs mapping between the Linq Order entity and my own Order POCO domain class. Since the OrderRepository by necessity is dependent on a specific Linq to Sql DataContext, parameter passing of the DataContext can't really be said to make the code reuseable or reduce dependencies in any meaningful way. It also makes the code harder to read, as to instantiate the repository I now need to write new OrdersRepository(new MyLinqDataContext()) which additionally is contrary to the main purpose of the repository, that being to abstract/hide the existence of the DataContext from consuming code. So in general I think this would be a pretty horrible design, but it would give the benefit of facilitating unit testing. Is this enough justification? Or is there a third way? I'd be very interested in hearing opinions.

    Read the article

  • Dependency injection: Scoping by region (Guice, Spring, Whatever)

    - by Itay
    Here's a simplified version of my needs. I have a program where every B object has its own C and D object, injected through Guice. In addition an A object is injected into every C and D objects. What I want: that for each B object, its C and D objects will be injected with the same A object. Specifically, I want the output of the program (below) to be: Created C0 with [A0] Created D0 with [A0] Created B0 with [C0, D0] Created C1 with [A1] Created D1 with [A1] Created B1 with [C1, D1] Where it currently produces the following output: Created C0 with [A0] Created D0 with [A1] <-- Should be A0 Created B0 with [C0, D0] Created C1 with [A2] <-- Should be A1 Created D1 with [A3] <-- Should be A1 Created B1 with [C1, D1] I am expecting DI containers to allow this kind of customization but so far I had no luck in finding a solution. Below is my Guice-based code, but a Spring-based (or other DI containers-based) solution is welcome. import java.util.Arrays; import com.google.inject.*; public class Main { public static class Super { private static Map<Class<?>,Integer> map = new HashMap<Class<?>,Integer>(); private Integer value; public Super(Object... args) { value = map.get(getClass()); value = value == null ? 0 : ++value; map.put(getClass(), value); if(args.length > 0) System.out.println("Created " + this + " with " + Arrays.toString(args)); } @Override public final String toString() { return "" + getClass().getSimpleName().charAt(0) + value; } } public interface A { } public static class AImpl extends Super implements A { } public interface B { } public static class BImpl extends Super implements B { @Inject public BImpl(C c, D d) { super(c,d); } } public interface C { } public static class CImpl extends Super implements C { @Inject public CImpl(A a) { super(a); } } public interface D { } public static class DImpl extends Super implements D { @Inject public DImpl(A a) { super(a); } } public static class MyModule extends AbstractModule { @Override protected void configure() { bind(A.class).to(AImpl.class); bind(B.class).to(BImpl.class); bind(C.class).to(CImpl.class); bind(D.class).to(DImpl.class); } } public static void main(String[] args) { Injector inj = Guice.createInjector(new MyModule()); inj.getInstance(B.class); inj.getInstance(B.class); } }

    Read the article

  • Dependency Injection and Unit of Work pattern

    - by sunwukung
    I have a dilemma. I've used DI (read: factory) to provide core components for a homebrew ORM. The container provides database connections, DAO's,Mappers and their resultant Domain Objects on request. Here's a basic outline of the Mappers and Domain Object classes class Mapper{ public function __constructor($DAO){ $this->DAO = $DAO; } public function load($id){ if(isset(Monitor::members[$id]){ return Monitor::members[$id]; $values = $this->DAO->selectStmt($id); //field mapping process omitted for brevity $Object = new Object($values); return $Object; } } class User(){ public function setName($string){ $this->name = $string; //mark modified by means fair or foul } } The ORM also contains a class (Monitor) based on the Unit of Work pattern i.e. class Monitor(){ private static array modified; private static array dirty; public function markClean($class); public function markModified($class); } The ORM class itself simply co-ordinates resources extracted from the DI container. So, to instantiate a new User object: $Container = new DI_Container; $ORM = new ORM($Container); $User = $ORM->load('user',1); //at this point the container instantiates a mapper class //and passes a database connection to it via the constructor //the mapper then takes the second argument and loads the user with that id $User->setName('Rumpelstiltskin');//at this point, User must mark itself as "modified" My question is this. At the point when a user sets values on a Domain Object class, I need to mark the class as "dirty" in the Monitor class. I have one of three options as I can see it 1: Pass an instance of the Monitor class to the Domain Object. I noticed this gets marked as recursive in FirePHP - i.e. $this-Monitor-markModified($this) 2: Instantiate the Monitor directly in the Domain Object - does this break DI? 3: Make the Monitor methods static, and call them from inside the Domain Object - this breaks DI too doesn't it? What would be your recommended course of action (other than use an existing ORM, I'm doing this for fun...)

    Read the article

  • SQL Injection on INSERT

    - by freddy
    Hi, I'm currently testing Vulnerabiltys to SQL Injections for my companys application as an it-trainee. So I found, that the application is indeed vulnerable to injections because I can alter some of the insert statements. So I altered the insert Statement to this: INSERT INTO tablename( column, column1, column2, column3, column4,column5, column6, column7, column8 ) VALUES ( 10965972, 185796154, 25, 23,2023, '', CURRENT_DATE, 'v0201100', 18); DELETE * FROM tablename;-- , 2023,'a', CURRENT_DATE, 'v0201100', 18 ) I thought this should be a correct statement, but the MySQL Server returned this Error: MySQL Error: 1064 (You have an error in your SQL syntax;[...] Would be nice if somebody could help and tell my why the syntax is wrong... Thanks for your help :-)

    Read the article

  • Dependency Injection: How to maintain multiple configurations?

    - by Malax
    Hi StackOverflow, Lets assume we've build a system with a DI framework which is working quite fine. This system currently uses JMS to "talk" with other systems not maintained by us. The majority of our customers like the JMS approach and uses it according to our specification. The component which does all the messaging is injected with Spring into the rest of the application. Now we got the case that one customer cannot implement the JMS solution and want to use another messaging technology. Thats not a problem because we can simply implement a messaging service using this technology and inject it in the rest of the application. But how are we supposed to handle the deployment and maintenance of the configuration? Since the application uses Spring i could imagine to check in all the configurations i have for this application and the system administrator could start the application and passing the name of the DI XML file to specify which configuration should be loaded. But... it just don't feel right. Are there any solutions for such cases available? What are the best-practices you use? I could even imagine more complex scenarios which do not contain only one service substitution... Thanks a lot!

    Read the article

  • Trouble with object injection in Spring.Net

    - by Abdel Olakara
    Hi all, I have a issue with my Spring.Net configuration where its not injecting an object. I have a CommService to which an object named GeneralEmail is injected to. Here is the configuration: <!-- GeneralMail Object --> <object id="GeneralMailObject" type="CommUtil.Email.GeneralEmail, CommUtil"> <constructor-arg name="host" value="xxxxx.com"/> <constructor-arg name="port" value="25"/> <constructor-arg name="user" value="[email protected]"/> <constructor-arg name="password" value="xxxxx"/> <constructor-arg name="template" value="xxxxx"/> </object> <!-- Communication Service --> <object id="CommServiceObject" type="TApp.Code.Services.CommService, TApp"> <property name="emailService" ref="GeneralMailObject" /> </object> The communication service object is again injected to many other aspx pages & service. In one scenario, I need to call the commnucation service from an static WebMethod. I try doing: CommService cso = new CommService(); But when i try to get the emailService object, its null! why didn't the spring inject the GeneralMail object into my cso object? What am I doing wrong and how do I access the object from spring container. Thanks in advance for the suggestions and solutions. Reagrds, Abdel Olakara

    Read the article

  • MySQL INJECTION Solution...

    - by Val
    I have been bothered for so long by the MySQL injections and was thinking of a way to eliminate this problem all together. I have came up with something below hope that many people will find this useful. The only Draw back I can think of this is the partial search: Jo =returns "John" by using the like %% statement. Here is a php solution: <?php function safeQ(){ $search= array('delete','select');//and every keyword... $replace= array(base64_encode('delete'),base64_encode('select')); foreach($_REQUEST as $k=>$v){ str_replace($search, $replace, $v); } } foo(); function html($str){ $search= array(base64_encode('delete'),base64_encode('select')); $replace= array('delete','select');//and every keyword... str_replace($search, $replace, $str); } //example 1 ... ... $result = mysql_fetch_array($query); echo html($result[0]['field_name']); //example 2 $select = 'SELECT * FROM safeQ($_GET['query']) '; //example 3 $insert = 'INSERT INTO .... value(safeQ($_GET['query']))'; ?> I know, I know that you still could inject using 1=1 or any other type of injections... but this I think could solve half of your problem so the right mysql query is executed. So my question is if anyone can find any draw backs on this then please feel free to comment here. PLEASE GIVE AN ANSWER only if you think that this is a very useful solution and no major drawbacks are found OR you think is a bad idea all together...

    Read the article

  • deep injection - spring

    - by Bob
    What is the best way (or options) for accessing spring components at layers deep within the application that aren't managed by spring? For example, I have a low level utility POJO class into which I need to autowire/inject a spring component. I'll call it LowLevelHelper. There are multiple classes that use LowLevelHelper - most are layers away from anything that is hooked up with spring. One option would be to make all the layers in to spring components, but that seems like I'm hacking my design to force spring to help me. I have some complex things going on that won't be nearly as clean if I have to @Autowire all the pieces and don't new anything. Another option might be to manually inject the component in the low level class, but I'm not really sure if this is possible or the right solution.

    Read the article

  • SQL Injection prevention

    - by simonsabin
    Just asking people not to use a list of certain words is not prevention from SQL Injection https://homebank.sactocu.org/UA2004/faq-mfa.htm#pp6 To protect yourself from SQL Injection you have to do 1 simple thing. Do not build your SQL statements by concatenating values passed by the user into a string an executing them. If your query has to be dynamic then make sure any values passed by a user are passed as parameters and use sp_executesql in TSQL or a SqlCommand object in ADO.Net...(read more)

    Read the article

< Previous Page | 5 6 7 8 9 10 11 12 13 14 15 16  | Next Page >