I assume you know what Tomcat and Docker are. Tomcat image by default has no user and no application deployed. It was designed to fork the image and use it with your own configuration. I couldn’t find any introduction which shows how to deploy your own Tomcat with user management enabled for your side projects. Everything was either too complex for my needs or did not answer the question “how to deploy Tomcat to play with it, deploy in it, destroy it”.

So, here I wrote a simple snippet that builds a local Tomcat docker image with your username and password and enables you to run Spring-Boot project, login from remote IP address (by default you can login only from IP Tomcat is running on).

  1. You need your own Dockerfile which forks Tomcat
  2. tomcat-users.xml file which contains roles, username and password
  3. context.xml file which enables you to login to Tomcat instance from remote IP

You can clone my Tomcat repository from GitLab, modify tomcat-users.xml with your own username and password and built it locally, but here you can see all the source code I used in the repository.

Source for the Dockerfile the image forks tomcat:8.0-jre8, copies local user management file and context to the image. Of course it has to expose port 8080 where Tomcat will be listening for connections:

FROM tomcat:8.0-jre8
MAINTAINER info@agilob.net
COPY tomcat-users.xml /usr/local/tomcat/conf/tomcat-users.xml
COPY context.xml /usr/local/tomcat/webapps/manager/META-INF/context.xml
EXPOSE 8080/tcp

tomcat-users.xml contains list of users, their roles and passwords, it’s simple as that:

<!--?xml version="1.0" encoding="UTF-8"?-->
<tomcat-users xmlns="http://tomcat.apache.org/xml"
              xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
              xsi:schemaLocation="http://tomcat.apache.org/xml tomcat-users.xsd"
              version="1.0">
  <user username="user" password="password" roles="admin-gui,admin-script,manager-gui,manager-script,manager-status,manager-jmx"/>
</tomcat-users>

The next one is context.xml which allows you to login to a remote server using your home IP (I deploy Tomcat on my dedicated server and connect to it from home):

<?xml version="1.0" encoding="UTF-8"?>
<Context antiResourceLocking="false" privileged="true" >
    <!--
    <Valve className="org.apache.catalina.valves.RemoteAddrValve"
         allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1" />
    -->
</Context>

The last part of my setup is to automate the build process. I want to build the image and automatically deploy it in local Docker:

#!/bin/bash -e
docker build . | tee .log.txt
TAG=`cat .log.txt | tail -n1 | awk 'NF>1{printf $NF}'`
docker run --restart=always -it -p 8080:8080 $TAG

Now, when you run bash ./build.sh as root, it will automatically build the image for you and start it.

There are plenty of online tutorials showing how to create database-based authentication for Spring. Some of them use SQL query to authenticate user and retrieve its roles, some use DAO… but none of them worked well for me and all of them had some major problems, even like SQL Injection. So, in this post I will explain my approach and present final solution with a database (MySQL), User and Role class and UserDetailsService implementation.

The goal is to create basic webpage with login form and signup form (which includes fields validation) that handles different roles. Then, you and me can use it as a template project.

This tutorial doesn’t include steps how to setup your IDE and build environment. We’re going straight to code, and I will try to avoid as much boilterplate as possible, so the code won’t include getters and setters. If you still write them by hand, time to learn about Lombok project (which I use here) or any other code generator.

Continue reading

Everyone knows it’s important to keep dependencies up to date. The risks of not updating them are very often high: you risk losing your data or data of your customers, being part of a botnet or simply getting hacked by script kiddies replacing your frontpage with something shameful.
Not everyone knows how easy it is to keep your dependencies up to date with gradle. Both gradle and maven have plugins to check for updates in your list of dependencies.

Continue reading

To be able to access two databases in SpringBoot you must define two data sources. In my case I had one database for identity details of users, like username, name, email, address etc. and second database for everything else.

You have to define one @Configuration class for each database and each class will wired its own datasource to services (like JpaRepository or CrudRepository) to defined packages.

Continue reading

In my spare time I develop applications on Android. I also “maintain” F-Droid repository for some of my public projects. I wanted to automatically publish each build after:

  1. Compilation passed
  2. Test on a connected device passed
  3. Signed build completed

So I made a simple setup with help of GitLabCI and own F-Droid repository. This post does not describe how to configure F-Droid repository or configuration of GItLabCI-runner, because official documentation is much better than I could write it. This post just describes how I use both services to automate boring deployment.

GtiLabCI is run on your own hardware, so it can have access to your files, configuration etc. It’s an advantage over Travis, as you can run any custom command, like testing on connected device or on pre-configured emulator, connected to remote hosts where CI slave is on a trusted machine.

Continue reading

I’m working on a new Android project which I inherited. Well, I forked it because I didn’t feel welcomed to contribute to the project and I see a lot of places where improvements are needed.

First, I need to improve the codebase. Previous developers didn’t care about any Java coding guidelines from Oracle, Google, CERT or even Android. Some of the problems I have to solve now are:

  • inconsistent style
  • catch (Exception e){}
  • catch(Throwable e){}
  • ArrayList<Object> list = new ArrayList<String>()
  • complex methods – if {switch {for {if {else {}}}}
  • new Thread().start()

To quickly start clean-up and identify those problems, different static code analysis tools can be used; one of them is SonarQube.

Continue reading

My major project in Java (Android) involved image manipulation where I used JHLabs. I found there was no easy way to add JHLabs support for Android without extracting sources and manually adding them to the project. So there it is now:
https://gitlab.com/agilob/JHLabs_android

It’s compatible with gradle build system, so you can easily add it to your gradle project.

To use it in your project:

  1. Go to the main folder of your application
  2. mkdir third_party
  3. Edit settings.gradle and add this line
    include 'third_party:jhlabs2'
  4. Add this line to your dependencies:
    compile project(':third_party:jhlabs2')
  5. It should be done now!

You can see it working in my project!

I saw such question on SO. There was no solution with RegEx so… I was bored I think.

public static boolean isValid(String ip) {
    boolean isvalid;
 
    isvalid = ip.matches(
            "(([0-9]|[0-9]{0,2}|1[0-9]*{0,2}|2[0-5][0-5]|0{0,3}).){3}" +
             "([0-9]|[0-9]{0,2}|1[0-9]*{0,2}|2[0-5][0-5]|0{0,3})"
    );
 
    return isvalid;
}

Continue reading