Glen Iris

Ranch Hand
+ Follow
since Jul 13, 2011
Glen likes ...
Netbeans IDE Chrome Java
Merit badge: grant badges
For More
Cows and Likes
Total received
In last 30 days
Total given
Total received
Received in last 30 days
Total given
Given in last 30 days
Forums and Threads
Scavenger Hunt
expand Ranch Hand Scavenger Hunt
expand Greenhorn Scavenger Hunt

Recent posts by Glen Iris

Hello all.

I hope you can advise. I have a Java Spring web application. It renders jsps to the browser. I would now like to render the content of some of these jsps in iframes which can be embedded on other websites.
When I create a simple HTML page with an iFrame in it, the jsp content does not render due as, by default, my web application has "X-Frame-Options: SAMEORIGIN"

My ideal end result is that I store a list of websites on the server-side and the jsps each site is allowed serve in an iFrame.

I spent a long time searching for a guide on how to set up and configure this but so far I have had no joy. What I gather, is that I need to configure a ContentSecurityPolicyFilter filter. Is that correct?  Is there a guide somewhere that shows how to achieve what I want using CSP's? Or, can you please point me in the right direction and let me know if I am on the right track?


3 years ago
Hi Guys,

I passed the OCJP 6 exam back in 2012. I was hoping to upgrade my certification to 9.

1. Are there any books that you can recommend for this?
2. If not, what is the best book to go from 6 to 8?


L Foster wrote:Hi, Glen.
given you annotated IrisService as @Service, have you injected it using @Autowire?


L Foster wrote:
However, did you do any research on whether this might be some kind of order dependency?

no. It seems to me that I cannot autowire a dependency into class that is itself, autowired into somewhere else. Makes no sense and I am sure I am doing something ridiculous. As a work around, I have just instantiated the dependencies using old fashioned Java. Object x = new Object();

L Foster wrote:
Finally, I have not looked at "@Service" yet.  Still learning.  I have seen @Component, and that is treated as a bean.

This may be the blind leading the blind here but AFAIK, @Service is just a more specialised version of @Component.
7 years ago
Hi Guys,

I have been working with Spring for a while now. I have felt my way around rather than learned via certification. One thing that I have not figured out yet is this scenario.

I have an endpoint 'GlenEndpoint' annotated with @Endpoint.

'GlenEndpoint' has an Autowired service 'IrisService'. IrisService is itself annotated with @Service.

This works well as long IrisService instantiates any dependencies as POJO's in the old fashioned way. Eg,

However, if I attempt to autowire the AmountOwedUtil object, the application can not start up correctly, complaining that there is no qualifying bean of this type. This happens even though I have annotated the AmountOwedUtil class with @Service. I have also made sure that all relevant packages are covered by component scanning. I should mention that AmountOwedUtil is in a separate package to both IrisService and GlenEndpoint.

I know that this is likely something very simple, but so far it has me banging my head against the wall  

Please help,

7 years ago
Hello again guys.

I have spent the past week implementing PRG and mine eyes have been opened. It is exactly what I needed.

However, I am still seeing one issue. My application uses Spring Security. I have a method to handle GET requests to '/login' (the login page) and this is fine. Any POST requests to '/login' are obviously handled by Spring as I did create a method to capture POST requests to '/login' but my break points were never hit. Therefore I cannot explicitly enforce the PRG 'Design Pattern' here as Spring is handling POST calls to the 'login' url.

The issue I am seeing is, when a user logs out, they are redirected to /login. If the user then refreshes the 'login' page, and subsequently attempts to enter his/her details, they see a 404. I had suspicious around what was causing this but so far, my investigations have not proved fruitful. Below is my Spring Security config:

I would appreciate any clues toward what you think the issue may be.

Many Thanks,

8 years ago
Perfect answer. Sincere Thanks Bear. I knew there was a way but had no idea what it was.
8 years ago
Hi Folks,

I was hoping for some advice. I am building a java spring web application. A feature exists in the application whereby a user can create a booking. Once they do so, they are brought to the booking confirmation page. My question is, how should a web app behave when the user clicks 'back' at this point?

So currently, they just see a browser (Chrome) warning . I am wondering, how should I handle this? Should I intercept the back call and bring them to a 403 (or some such generic) page? Should I disable the user from clicking 'back' in the browser. I know that neither of these options are good ideas, but I am not sure what other options I have. I would love to hear how you guys handle similar situations.

Thanks again,

8 years ago

Tapas Chand wrote:In web.xml you have defined the session cookie http-only.
But you have not made it secure.
Have you yet learnt about the <secure> attribute?

Thanks for the reply Tapas.

I have been searching for more information on '<secure>' but have not found any. Can you help me narrow my search please? Is it a Spring specific thing?
8 years ago

You could have a request Param in your method signature for all 3 ip strings. Set the required to false. Then add logic in the method to determine which parameter, if any, has a value.
8 years ago

You are attempting to send your from to /signin.

You need to have a method in your controller that will map to that. eg:

8 years ago
Hi Guys,

I have configured my Spring application using xml (things were going that way...)

Using Chrome, I can see that my session cookie is not checked as secure. I already have the following code in my deployment descriptor (web.xml) file:

I was wondering if there is any Spring specific task I need to perform in order to achieve this?


8 years ago
Hey Friends,

I want to learn Spring and having played around with it for some time now, I still have not got the hang of it.

I am toying with the idea of shelling out for Spring training. I was wondering:

1. How good are the courses, i.e will I have a great understanding of Spring afterwards like I did of Java when I completed my Java Certification?
2. As a Spring novice, could I do the Spring Web training instead of the Spring Core training (the web topics look like they could be useful on a forthcoming project)


Hey folks,

I have configured a SOAP web service using Spring and xsd's. It is fairly simple, My service hits a class with hard coded values which get returned to the caller of the SOAP service.

I would now like to have that hard coded class read from a database. But I would like this to be configured with Hibernate. So I know I need to annotate the class, its properties and its methods with Hibernate specific tags like @column. However, when I do this (type the annotations in the class file) and compile the application, these annotations get overwritten as the Class is being generated by an xsd.

My question:

How do I adapt my xsd to also include Hibernate annotations?