I assume you know what Tomcat and Docker are. Tomcat image by default has no user and no application deployed. It was designed to fork the image and use it with your own configuration. I couldn’t find any introduction which shows how to deploy your own Tomcat with user management enabled for your side projects. Everything was either too complex for my needs or did not answer the question “how to deploy Tomcat to play with it, deploy in it, destroy it”.

So, here I wrote a simple snippet that builds a local Tomcat docker image with your username and password and enables you to run Spring-Boot project, login from remote IP address (by default you can login only from IP Tomcat is running on).

  1. You need your own Dockerfile which forks Tomcat
  2. tomcat-users.xml file which contains roles, username and password
  3. context.xml file which enables you to login to Tomcat instance from remote IP

You can clone my Tomcat repository from GitLab, modify tomcat-users.xml with your own username and password and built it locally, but here you can see all the source code I used in the repository.

Source for the Dockerfile the image forks tomcat:8.0-jre8, copies local user management file and context to the image. Of course it has to expose port 8080 where Tomcat will be listening for connections:

FROM tomcat:8.0-jre8
MAINTAINER info@agilob.net
COPY tomcat-users.xml /usr/local/tomcat/conf/tomcat-users.xml
COPY context.xml /usr/local/tomcat/webapps/manager/META-INF/context.xml
EXPOSE 8080/tcp

tomcat-users.xml contains list of users, their roles and passwords, it’s simple as that:

<!--?xml version="1.0" encoding="UTF-8"?-->
<tomcat-users xmlns="http://tomcat.apache.org/xml"
              xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
              xsi:schemaLocation="http://tomcat.apache.org/xml tomcat-users.xsd"
              version="1.0">
  <user username="user" password="password" roles="admin-gui,admin-script,manager-gui,manager-script,manager-status,manager-jmx"/>
</tomcat-users>

The next one is context.xml which allows you to login to a remote server using your home IP (I deploy Tomcat on my dedicated server and connect to it from home):

<?xml version="1.0" encoding="UTF-8"?>
<Context antiResourceLocking="false" privileged="true" >
    <!--
    <Valve className="org.apache.catalina.valves.RemoteAddrValve"
         allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1" />
    -->
</Context>

The last part of my setup is to automate the build process. I want to build the image and automatically deploy it in local Docker:

#!/bin/bash -e
docker build . | tee .log.txt
TAG=`cat .log.txt | tail -n1 | awk 'NF>1{printf $NF}'`
docker run --restart=always -it -p 8080:8080 $TAG

Now, when you run bash ./build.sh as root, it will automatically build the image for you and start it.

There are plenty of online tutorials showing how to create database-based authentication for Spring. Some of them use SQL query to authenticate user and retrieve its roles, some use DAO… but none of them worked well for me and all of them had some major problems, even like SQL Injection. So, in this post I will explain my approach and present final solution with a database (MySQL), User and Role class and UserDetailsService implementation.

The goal is to create basic webpage with login form and signup form (which includes fields validation) that handles different roles. Then, you and me can use it as a template project.

This tutorial doesn’t include steps how to setup your IDE and build environment. We’re going straight to code, and I will try to avoid as much boilterplate as possible, so the code won’t include getters and setters. If you still write them by hand, time to learn about Lombok project (which I use here) or any other code generator.

Continue reading

Everyone knows it’s important to keep dependencies up to date. The risks of not updating them are very often high: you risk losing your data or data of your customers, being part of a botnet or simply getting hacked by script kiddies replacing your frontpage with something shameful.
Not everyone knows how easy it is to keep your dependencies up to date with gradle. Both gradle and maven have plugins to check for updates in your list of dependencies.

Continue reading

To be able to access two databases in SpringBoot you must define two data sources. In my case I had one database for identity details of users, like username, name, email, address etc. and second database for everything else.

You have to define one @Configuration class for each database and each class will wired its own datasource to services (like JpaRepository or CrudRepository) to defined packages.

Continue reading

I’m working on a new Android project which I inherited. Well, I forked it because I didn’t feel welcomed to contribute to the project and I see a lot of places where improvements are needed.

First, I need to improve the codebase. Previous developers didn’t care about any Java coding guidelines from Oracle, Google, CERT or even Android. Some of the problems I have to solve now are:

  • inconsistent style
  • catch (Exception e){}
  • catch(Throwable e){}
  • ArrayList<Object> list = new ArrayList<String>()
  • complex methods – if {switch {for {if {else {}}}}
  • new Thread().start()

To quickly start clean-up and identify those problems, different static code analysis tools can be used; one of them is SonarQube.

Continue reading

I saw such question on SO. There was no solution with RegEx so… I was bored I think.

public static boolean isValid(String ip) {
    boolean isvalid;
 
    isvalid = ip.matches(
            "(([0-9]|[0-9]{0,2}|1[0-9]*{0,2}|2[0-5][0-5]|0{0,3}).){3}" +
             "([0-9]|[0-9]{0,2}|1[0-9]*{0,2}|2[0-5][0-5]|0{0,3})"
    );
 
    return isvalid;
}

Continue reading

Recently we got many new top-level domains like .international, .berlin etc, so older regular expressions are no longer valid.
Below you can see a list of valid domains; an address may contain . (dot), – (minus) and .subdomain (domain may contain many sub-domains). A domain must end with a letter, it cannot be . (dot) or a number.

  • site.international
  • site.international.com
  • site.ac.uk
  • site.org
  • site.babia-gora.pl
  • site.pl

Email address may contain a delimiter like – or + and . (dot), it might contain numbers and for sure contain letters. Below is a list of valid email addresses:

  • info9@agilob.net
  • in-fo@site.international
  • in.fo@site.ac.uk
  • in+fo@site.babia-gora.pl
  • 1in-+fo2@site.babia-gora.pl

A regular expression to match gTLD domains can look like this:

^[A-Za-z0-9][A-Za-z0-9/.-]*\.*[A-Za-z]$

and regular expression to match emails in domains above like this:

[A-Za-z0-9-+/.]*@^[A-Za-z0-9][A-Za-z0-9/.-]*\.*[A-Za-z]$

Code to test those regexpes:

package regexp;
 
import java.util.ArrayList;
 
public class RegExpMatcher {
 
    public static void main(String[] args) {
        ArrayList domains = new ArrayList<>();
        domains.add("site.international");
        domains.add("site.international.com");
        domains.add("site.ac.uk");
        domains.add("site.org");
        domains.add("site.babia-gora.pl");
        domains.add("site.pl");
 
        boolean matches;
        System.out.println("Matching domains: ");
 
        for (int i = 0; i < domains.size(); i++) {
            matches = domains.get(i).matches("^[A-Za-z0-9][A-Za-z0-9.-]*\.*[A-Za-z]$");
            if (matches == true) {
                System.out.println(domains.get(i) + " matches");
            } else {
                System.err.println(domains.get(i) + " doesn't match");
            }
        }
 
        System.out.println("nnMatching email addresses: ");
 
        ArrayList emails = new ArrayList&lt;&gt;();
        emails.add("info9@agilob.net");
        emails.add("in-fo@site.international");
        emails.add("in.fo@site.ac.uk");
        emails.add("in+fo@site.babia-gora.pl");
        emails.add("1in-+fo2@site.babia-gora.pl");
 
        for (int i = 0; i < emails.size(); i++) {
            matches = emails.get(i).matches("[A-Za-z0-9-+.]*@[A-Za-z0-9][A-Za-z0-9.-]*\.*[A-Za-z]$");
            if (matches == true) {
                System.out.println(emails.get(i) + " matches");
            } else {
                System.err.println(emails.get(i) + " doesn't match");
            }
        }
    }
}

Output:

Matching domains: 
site.international matches
site.international.com matches
site.ac.uk matches
site.org matches
site.babia-gora.pl matches
site.pl matches


Matching email addresses: 
info9@agilob.net matches
in-fo@site.international matches
in.fo@site.ac.uk matches
in+fo@site.babia-gora.pl matches
1in-+fo2@site.babia-gora.pl matches

Just a quick fix.

Instead of:

Connection con = null;
 
String url = "jdbc:mysql://localhost:3306/mysql";
String user = "user";
String password = "password";
con = DriverManager.getConnection(url, user, password);

You should have:

Connection con = null;
 
String url = "jdbc:mysql://localhost:3306/mysql";
String user = "user";
String password = "password";
 
try {
    Class.forName("com.mysql.jdbc.Driver").newInstance();
} catch (Exception ex) {
    System.err.println(ex.getMessage());
}
con = DriverManager.getConnection(url, user, password);

Continue reading