Category: Java

Posted on

Debugging Hibernate using Log4J Logs

People who work with Hibernate often want to see, what SQL it is prepairing behind the seen and how it is mapping in real for debug purpose. We can achieve this by enable log4j for Hibernate classes. This will give a detailed debug info.

If using log4j.properties, enter the below line at end:

### log JDBC bind parameters ###
log4j.logger.net.sf.hibernate.type=debug

### log prepared statement cache activity ###
log4j.logger.net.sf.hibernate.ps.PreparedStatementCache=debug

If using log4j XML file, enter below line before <root>:

<logger name="org.hibernate">
    <level value="debug"/>
</logger>

<logger name="org.hibernate.SQL">
    <level value="debug"/>
</logger>

<logger name="org.hibernate.type">
    <level value="debug"/>
</logger>

Happy Coding 🙂

Posted on

java.security.NoSuchAlgorithmException: No implementation for AES/CBC/NoPadding found

Hi,

From past few days I and my few team members were getting the following error during LDAP authentication:

javax.net.ssl.SSLException: Algorithm missing:  
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.f(DashoA12275)
    at com.sun.net.ssl.internal.ssl.SunJSSE_ax.a(DashoA12275)
    at com.sun.net.ssl.internal.ssl.SunJSSE_az.j(DashoA12275)
    at com.sun.net.ssl.internal.ssl.SunJSSE_az.a(DashoA12275)
    at com.sun.net.ssl.internal.ssl.SunJSSE_az.a(DashoA12275)
    at com.sun.net.ssl.internal.ssl.SunJSSE_ax.a(DashoA12275)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA12275)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.j(DashoA12275)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(DashoA12275)
    at com.xx.cat.fndt.auth.impl.ssl.TrustingSSLSocketFactory.getSSLSocket(TrustingSSLSocketFactory.java:147)
    at com.xx.cat.fndt.auth.impl.ssl.TrustingSSLSocketFactory.makeSocket(TrustingSSLSocketFactory.java:209)
    at netscape.ldap.LDAPConnSetupMgr.connectServer(LDAPConnSetupMgr.java:411)
    at netscape.ldap.LDAPConnSetupMgr.openSerial(LDAPConnSetupMgr.java:343)
    at netscape.ldap.LDAPConnSetupMgr.connect(LDAPConnSetupMgr.java:237)
    at netscape.ldap.LDAPConnSetupMgr.openConnection(LDAPConnSetupMgr.java:163)
    at netscape.ldap.LDAPConnection.connect(LDAPConnection.java:1033)
    at netscape.ldap.LDAPConnection.connect(LDAPConnection.java:915)
    at netscape.ldap.LDAPConnection.connect(LDAPConnection.java:759)
    at com.xx.cat.fndt.auth.impl.ldap.LDAPAuthenticationInterface.getConnection(LDAPAuthenticationInterface.java:309)
    at com.xx.cat.fndt.auth.impl.ldap.LDAPAuthenticationInterface.getAuthenticatedConnection(LDAPAuthenticationInterface.java:248)
    at com.xx.cat.fndt.auth.impl.ldap.LDAPAuthenticationInterface.authenticate(LDAPAuthenticationInterface.java:69)
    at com.xx.qoc.svc.qoms.model.service.AdminManagerImpl.authenticateUser(AdminManagerImpl.java:71)
    at com.xx.qoc.svc.qoms.controller.QomsLogn010InptController.onSubmit(QomsLogn010InptController.java:208)
    at org.springframework.web.servlet.mvc.SimpleFormController.processFormSubmission(SimpleFormController.java:267)
    at org.springframework.web.servlet.mvc.AbstractFormController.handleRequestInternal(AbstractFormController.java:250)
    at com.xx.qoc.svc.qoms.controller.QomsLogn010InptController.handleRequestInternal(QomsLogn010InptController.java:160)
    at org.springframework.web.servlet.mvc.AbstractController.handleRequest(AbstractController.java:153)
    at org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter.handle(SimpleControllerHandlerAdapter.java:48)
    at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:857)
    at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:792)
    at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:475)
    at org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:440)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:709)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
    at com.xx.qoc.fndt.filter.BlackoutFilter.doFilter(BlackoutFilter.java:257)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
    at com.xx.qoc.fndt.filter.PropertiesFilter.doFilter(PropertiesFilter.java:178)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
    at com.xx.qoc.fndt.filter.LoggingFilter.doFilter(LoggingFilter.java:152)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
    at com.xx.qoc.fndt.filter.RequestHeadersFilter.doFilter(RequestHeadersFilter.java:104)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
    at com.xx.qoc.fndt.filter.ExceptionHandlerFilter.doFilter(ExceptionHandlerFilter.java:105)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)
    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
    at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869)
    at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664)
    at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
    at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80)
    at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
    at java.lang.Thread.run(Thread.java:534)
Caused by: java.security.NoSuchAlgorithmException: Could not create cipher AES/128
    at com.sun.net.ssl.internal.ssl.CipherBox$JCECipherBox.a(DashoA12275)
    at com.sun.net.ssl.internal.ssl.SunJSSE_h.a(DashoA12275)
    at com.sun.net.ssl.internal.ssl.CipherSuite$BulkCipher.a(DashoA12275)
    at com.sun.net.ssl.internal.ssl.SunJSSE_ax.c(DashoA12275)
    … 63 more
Caused by: java.security.NoSuchAlgorithmException: No implementation for AES/CBC/NoPadding found
    at com.sun.net.ssl.internal.ssl.SunJSSE_i.d(DashoA12275)
    at com.sun.net.ssl.internal.ssl.SunJSSE_i.a(DashoA12275)
    at com.sun.net.ssl.internal.ssl.CipherBox$JCECipherBox.<init>(DashoA12275)
    … 67 more

I checked the java.security and found that all the providers are registered correctly:
security.provider.1=sun.security.provider.Sun
security.provider.2=com.sun.net.ssl.internal.ssl.Provider
security.provider.3=com.sun.rsajca.Provider
security.provider.4=com.sun.crypto.provider.SunJCE
security.provider.5=sun.security.jgss.SunProvider

I did some analysis, when i run the code from a windows batch file, it works but if i run it within Eclipse, it throws this Algorithm not found exception. i checked the JVM version and classpath and it looks okay.

I make a little program to find out whether all the providers are available during runtime or not
 Provider[] provs = Security.getProviders();

In result I get only one privider and all other were missing. The jar was not getting loaded in eclipse tomcat during runtime.

For solution, I added following three jar files in tomcat boot classpath and it worked form me and my team members Smile

-rt.jar
-jsse.jar
-jce.jar

Posted on

Rename log4j.properties

Some time the need arises to have our log4j.properties with different name. By default, if no other configuration is given, log4j will search your classpath for a 'log4j.properties' file.

Now to use your own named log4j property add the following line in your main program:

  PropertyConfigurator.configure("File  name with path")

exmaple:

 PropertyConfigurator.configure("c:\\logs\\my-log4j.properties")   this will set this as a default property name and all done =)

Posted on

Log4j errors : log4j:WARN No appenders could be found for logger, log4j:WARN Please initialize the log4j system properly

This is a very common problem, it occurs when log4j.properties not found in classpath.

Create a file called log4j.properties. Place it in the root folder where your java classes are found. When log4j initializes, it will look for a file named EXACTLY log4j.properties (if you are using a properties file).

Another alternate way is to put the path to the log4j.properties file in your classpath.

Hope this will help you 🙂 

Posted on

HSQLDB : java.sql.SQLException: User not found: SA

While running HSQLDB in standalone mode you may face the error

  java.sql.SQLException: User not found: SA

This is because while creating the DB using script file you are not creating the user

CREATE USER SA PASSWORD ""

The above command you have to include in your db.script file db is your database name) this will creates a user by name SA with blank password.

Posted on

org.apache.jasper.JasperException: Failed to load or instantiate TagLibraryValidator class: org.apache.taglibs.standard.tlv.JstlCoreTLV

Today while running following  JSP

<%@ page session="false"%>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<%@ taglib prefix="fmt" uri="http://java.sun.com/jsp/jstl/fmt" %>
<c:redirect url="/index.htm"/>

I was hitting a error 

org.apache.jasper.JasperException: Failed to load or instantiate TagLibraryValidator class: org.apache.taglibs.standard.tlv.JstlCoreTLV 

I checked my classpath and found that standard.jar was missing in my WEB-INF/lib.

I added the same and all set..it works fine 🙂

Posted on

Spring cross site scripting XSS issues solution

XSS (Cross-site Scripting) is one of the most common vulnerabilities with a web-application. And, it can be exploited by hackers very easily without using any sophisticated tool.

How does it work?
Most web-applications have forms (text-box etc.) to receive input-data from user. So, a web-application may have a input-text-field to get 'user-id'. The hacker may enter anything in it including "JavaScript". If the hacker enters JavaScript (a malicious code), the server may process it, and then return it. In this case, user-id is not authenticated and it is sent as it is on the error page.

If the user's input data is returned as it is, the java-script code may execute. And, hacker wins!!

I am posting solution for Spring… 

In Spring-MVC, form-tags are used to create jsp page. Spring MVC provides multiple options to encode the html-escape-sequences on server side.

  • At global level, it can be defined in web.xml file. This will be applicable to entire application. All form-tags would refer to this definition. The sample code is shown below:

         <context-param>
            <param-name>defaultHtmlEscape</param-name>
            <param-value>true</param-value>
        </context-param>

  • At page level, it is defined as a tag-declaration. The code is:

          Any form-tag, after the above declaration uses html-escape-sequence-encoding.

          <spring:htmlEscape defaultHtmlEscape="true" />

  • Third option is to define it as attribute for each form-tag. For example, a input-text can be defined as :

          <form:input path="name" htmlEscape="true" />

           Depending upon requirement, it can be implemented as global, page or tag level.

I hope this information helps. Please do post your comments 🙂

Posted on

How To: Read web/META-INF/MANIFEST.MF in Web Application

Hi All, 

As you all know In web application inside web directory there is a META-INF directory. Inside which we have MANIFEST.MF that holds version information. I have to read the MANIFEST.MF from this directrory. Need the manifest info for the purpose of build info and have to show in footer of each page. It's easy to read it in case of JAR file and while searching on net I got mostly examples on jar,classpath related Manifest. But my requirement was to read web/META-INF/MANIFEST.MF file.

So I am posting here what I done:

Inside web application then using the ServletContext.getResourceAsStream
method should work and same I used.

// for a Servlet, you can get the ServletContext like this
 ServletContext aContext = getServletConfig().getServletContext();
 InputStream inputStream = aContext.getResourceAsStream("/META-INF/MANIFEST.MF");

In Spring application do following inside controller:

//Build Info
ServletContext aContext= getServletContext();
InputStream fis =aContext.getResourceAsStream("/META-INF/MANIFEST.MF");

Hope this helps you 🙂 . Do post your comments

Posted on

svnant: java.lang.NoClassDefFoundError: com/trilead/ssh2/InteractiveCallback

Today I was integrating svn with ant using svnant plugin. I encountered the error

java.lang.NoClassDefFoundError: com/trilead/ssh2/InteractiveCallback 

Basically I was operating on SSH layer so it needs a additional support for connecting to the server.

this is looking for trilead-ssh2-build213.zip that can be found  at following url

Link: http://www.trilead.com/Download/Trilead_SSH_for_Java/