Castiel Snow

Ranch Hand
+ Follow
since Aug 06, 2019
Cows and Likes
Cows
Total received
1
In last 30 days
0
Total given
0
Likes
Total received
0
Received in last 30 days
0
Total given
7
Given in last 30 days
0
Forums and Threads
Scavenger Hunt
expand Ranch Hand Scavenger Hunt
expand Greenhorn Scavenger Hunt

Recent posts by Castiel Snow

Problem

Stuck on implementing change of schema after user login, following a StackOverFlow.

Description


Im following the stackoverflow solution at: https://stackoverflow.com/questions/39357367/change-database-schema-during-runtime-based-on-logged-in-user

The spring version im using is: :

   : Spring Boot ::        (v2.3.3.RELEASE)




I've created the class below. But I have no idea on how to use it properly.

What im trying to achieve is:

Springboot initializes in a default login database URL.
After login, it should use the class below to define which schema it should use based on the UserDetails class.

Im stuck. Im reading every tutorial, book I can find but im stuck. Please helpp







1 month ago
Hi!
I came up with a partial solution.

What Im planning to do is:

-Connect the spring boot directly to the login schema.
-Set up spring boot to use my custom User class.

-Login

-Change schema based on the login information.

--
Im a bit stuck on this part:
-Change schema based on the login information.

I found some information regarding people wanting to use 2 or 3 databases but in my case, it could be 'n' schemas GLOBALLY depending on which user log-in.






1 month ago
I have a message to my past self:

You can use Platform.isFxApplicationThread() to check if you are working on the UI thread or not.
You dont need or shouldnt  use Platform.runLater if you are already inside a UI thread.



https://docs.oracle.com/javase/8/javafx/api/javafx/application/Platform.html

You can use:

String s = Platform.isFxApplicationThread() ? "UI Thread" : "Background Thread";
System.out.println(s);

Inside a thread to find out whats going on.

Also, note that, when you are inside the @FXML initialize() method, you are in a UI thread. Which can be confirmed by the method above.


1 month ago
Question
How do I set up a custom login with Spring Boot? I need to use the same connection method of a legacy app I have.




Things to know before I explain

-I have a javafx App that connects to a data base using a php website as proxy/Login
-Obviously, this javafx app has the User class already defined.
-The javafx  application logs in with the web service and retrieves the database URL.
-The javafx  application uses the database URL to access a database directly.

Or, to simplify: The user put the login and password and click LOGIN -> The app,  goes to the webhost, sends the data to a certain php file and requests the database url and data that comes ENCRYPTED through JASPYR and it also comes through https. Once the data is returned, we decrypt it and login to the database directly.


-Im building a SpringBoot application to work with this legacy app.


Where Am I stuck?

I have built a Spring boot maven project and im reading a lot about Spring boot. My first step is to create a login page that behaves as the legacy app.

Currently, Im using a InMemorySecurityConfig as follows:




I dont know how to start. I think I have to find away to define the correct User model and then use a class to login that actually allows me to manually login.




Here is the legacy class that I use on my javafx App below. How do I start to convert this to spring boot? Please help.







How do I start? Any tips on how to start is greatly appreciated.

Im expecting that I have to somehow tell spring boot which User class to use, to tell spring to NOT instantly connect to the database and wait for the database info to be retrieved by the login page, and a way to login using spring.




The following topic explains my login process: https://coderanch.com/t/731125/engineering/Encrypt-JAVA-jasypt-Decrypt-PHP


PS: If the topic is not clear, please let me know. English isnt my first language but im trying my best.
#ThisForumRocks



References:
https://coderanch.com/t/735809/frameworks/User-Authentication-Authorization-Spring-Boot

https://spring.io/guides/gs/securing-web/

https://coderanch.com/t/734572/databases/Changing-database-DNS-Cname-adjustment
1 month ago
Problem/Question

"Application developers need to update their connection strings to point to the new server, and your customers need to know the new server address as well."

I have a desktop software. This java software has the following logic:

1-User inserts username and password. He presses "login" button.The data is then sent to a web server for validation.

2-In case of success, a JSON is sent back to the java app with the database url, username, password and most importantly THE SCHEMA etc. Note that, while the server IP is normally the same, the schema changes, thats why the JSON sents the correct schema URL for the client.

3-The java app then uses information from the JSON to connect to the MySQL directly.

Thats how it works. However, Theres a problem:
When the software was installed, I had to ask the IT of a few companies  to make sure the mysql address, which is typically the same, to be allowed through the firewall.
And now, we are currently in need of changing our current database from Hosting X to Hosting Y.

So basically it falls to this:
If I want to move a database from one server to another, or stand up a new server and move everything over to it, I will have to ask each IT to allow the new IP on their firewalls.


Proposed Solution

Researching, Ive come up with a solution. Im not sure its valid So thats why I came here in the first place heh.

So here's the thing.

On step 2, described above, the JSON sends the database URL like this:

jdbc:mysql://192.X.X.X:3306/ACME_SCHEMA1

Where X was a number but Ive just redacted for the topic.

The solution is, for the JSON to deliver this instead:


jdbc:mysql://db.acme.com.br:3306/ACME_SCHEMA1


By doing that, I can change the Register of db.acme.com.br from hg.acme.com.br TO aws.acme.com.br.

And I can just ask every IT to allow db.acme.com.br in their firewalls. So whenever I change databases, their firewall wont disrupt the connection.

Will this work? I know its not perfect but im working with a Legacy software so the structure has to make do.

Thanks a lot!






References:


https://www.techrepublic.com/blog/data-center/use-the-dns-cname-for-database-connectivity/

https://port1433.com/2016/08/03/using-dns-aliases-to-manage-database-connections/

https://coderanch.com/t/731125/engineering/Encrypt-JAVA-jasypt-Decrypt-PHP
For my own use. But I also want to give back to the community.
5 months ago
Hello everyone,

I made a topic some hours ago that lead me to a public repository : https://github.com/biezhi/webp-io

However, I had to update the library used, cwebp and make changes to the code.
Since its my first public fork, I want it to be good enough so others can use it as well. I think its good to give back to the community.

My fork is located here: https://github.com/KenobySky/webp-io

I have questions and any help would  be appreciated. Critiques too.

1- Do I have to update POM with my data?
2- What other changes to the project, not code-related do I have to make?
3- When I try to include the project with gradle, I get a weird error:



Execution failed for task ':compileJava'.
> Could not resolve all files for configuration ':compileClasspath'.
  > Could not find com.github.KenobySky:webp-io:master.
    Searched in the following locations:
      - https://repo.maven.apache.org/maven2/com/github/KenobySky/webp-io/master/webp-io-master.pom
    If the artifact you are trying to retrieve can be found in the repository but without metadata in 'Maven POM' format, you need to adjust the 'metadataSources { ... }' of the repository declaration.
    Required by:
        project :

* Try:
Run with --stacktrace option to get the stack trace. Run with --info or --debug option to get more log output. Run with --scan to get full insights.

* Get more help at https://help.gradle.org



Thanks a lot.
5 months ago
I will report back once I get this feature rolling.
Hopefully will help others.
5 months ago

Tim Holloway wrote:Tone down the boldface a little. It makes it look like you are shouting. Your spacing is all that's needed to make your points visible.

You forgot a very common solution, which is to upload the images to an ordinary image file directory. So there's a third solution.

Although I should caution you that if you do that, don't upload into a directory within your WAR or your webapp server. That can fail or cause data to get lost when you update the WAR. Always upload to an external data directory. In Unix/Linux, the /var/lib directories are commonly used for purposes like that. For maximum flexibility, however, don't hard-code the upload directory path into the webapp logic. Put it in a webapp environment object so that you can set it when the app is deployed and the app can read it using JNDI.

As for S3, that's fine if you want to store images in the cloud. I'd say that storing images as BLOBs in a database would be last choice.



Alrighty. I tend to do that because well.. a known moose competitor forces users to write very styled texts or they downvote you hehe.

But, I cant store locally. Its Not possible due to restrictions.

Im looking into converting every image to webp with https://developers.google.com/speed/webp/download.

Ive just forked this https://github.com/biezhi/webp-io

Ive updated with the new binaries and im going to commit to my fork.







5 months ago
Hello again

Im working in a new solution for a necessity I have in this software im working with and I've never done anything like this before so im just curious about it.

Im working with JDK 11, JavaFX and Gradle and MySQL.

The userneeds to be able to upload images and store them.
The user can retrieve to view them at any time.

Obs: Im going to pre-process the images, compressing them as much as I can. Not sure the logic yet, but this is certainly a 'must-do'.


So I came up with two solutions:

1) Store the image in AWS s3. Save the hyperlink to the image in the mysql database.

2) Store the image in mysql.



I know these solutions depends on some information..

How many Images will be stored?
Unknown. It wont be a lot. In Theory it could be as much as I define and in practice it should be around 40 per month. And needs to be stored forever or until the user deletes ir OR STOP PAYING xd.


Will it be frequently retrieved?
Yes.


What should I do? Go with S3?


Thanks for any help



5 months ago
"Can't you convert it to a Java servlet?"
Yes. Good Idea actually.

6 months ago
Having all database access done through your web service is not very difficult.

Hmm, Ive heard its very difficult.
Im using hibernate on java currently.. Would I need to make major changes?


2- Yes, I want to insist in this solution for now. But im interested in what you said about webservice. I might do that afterwards.
6 months ago
Where is the database URL stored? Surely not in the same database that the URL points to? How would the web service know where to retrieve the URL from?
How does the admin application log in? Does it use a fixed password that is shared with the client application? This is a super bad idea.
Where does the admin application run? Also in untrusted domains?
Why does the client application access the database directly, rather than through the web service?

1- In the same database but in a different schema. What happens is that, depending on the user login, it points to a different schema.

2- The admin is just another java app that encrypts the information and stores it there.

3- The admin app just run in my machine.

4- Because since im a solo dev, I dont have time to implement a web service to be the middleware. its a future feature though.
6 months ago
(Sorry, didnt mean to)² . The quarantine is affecting my attention


1- The database URL is previously encrypted by the 'admin version' of the app. So both apps are supposed to decrypt it.

2-Paranoia. And, if someone, somehow, get access to the database, they still would need to decrypt those informations. Which may seem irrelevant since they would already had access to the database itself. However, I think that a small encryption would suffice just so its not plain-text.
6 months ago
Hi!
I will try to answer your questions the best I can.

1-Regular users and in non-controlled domains. Basically end-user. So I have no control of where the app is running. Its supposed to run anywhere the client wants.

2- Ok, I will give a small example:

--- Suppose 0 to n desktop users.
--- Suppose a single Mysql Database in the cloud (read AWS).
--- Suppose a single WebHost which holds a website and the php files that are accessed.

The user install the java desktop app.
The user put the login and password and click LOGIN -> The app,  goes to the webhost, sends the data to a certain php file and requests the database url and data that comes ENCRYPTED through JASPYR and it also comes through https. Once the data is returned, we decrypt it and login to the database directly.
...

Certain data can be accessed direcltly to the website through php files without the java app. So the php logic should be able to decrypt the database url as well.

--

I know this isnt perfect but its a small system and its safe enough for its purposes.

In Summary:

Open x.jar --> Click Login --> Send POST with data --> receive ENCRYPTED database url and data --> login directly to database.

What is encrypted? Database URL in the database.
Who should decrypt it? Java app and php
How safe should it be? Enough to avoid simple hacks and not so much that is slow or causes problems to the users.

And since it uses HTTPS, it already has some additional protection layer.






6 months ago