Since spring-boot comes with embedded tomcat containers, I was wondering how is the patching being done. If I decide to go for using embedded approach and a security vulnerability has been found out and the tomcat community has released a patch, how do I apply that patch to the embedded tomcat container which comes with the Spring-boot.
Any help would be greatly appreciated since it will help to decide to go the traditional route of standalone tomcats v's embedded.
According to this Spring blog post, you can specify any version of Tomcat you want. As long as it's released to the Maven repo, just add the following property to your Maven build properties specifying whatever version you like: <tomcat.version>8.0.3</tomcat.version>.
See http://mvnrepository.com/artifact/org.apache.tomcat.embed/tomcat-embed-core for versions currently available in Maven Central.
Related
I have a RESTful web service application in java deployed on google app-engine which uses jersey 1.18.6.
I want to use postmark java client to send transactional emails from it.
When I integrated it, i was seeing the following exception:
javax.ws.rs.core.Response$Status$Family.familyOf(I)Ljavax/ws/rs/core/Response$Status$Family
From what I could find, I think this error was because of there were two different (and probably incompatible) version of jersey being used ,1.18.6 for jersey-server, jersey-guice and jersey-bundle and 2.25.1 for jersey-client (by postmark).
Then I tried to make the jersey version 1.18,6 throughout, so in the my main project pom, while including the dependency for postmark, I excluded the jersey-client (by added exclusions header) and separately added jersey-client dependency in my main project .
But then I got the following error:
java.lang.NoClassDefFoundError: javax/ws/rs/core/MultivaluedHashMap
This is I think the class MultivaluedHashMap is present only in jax-rs 2.x versions (which is compatible with jersey 2.x versions)
So my questions are:
Is there a version of postmark java client library which uses jersey 1.x instead of jersey 2.x?
If no then what options do I have other than migrating my main project from jersey 1.x to jersey 2.x. I don't want to do that since we will have to migrate not just the jersey dependencies but I think some other things like guice, shiro etc. which would be time consuming. Also it doesn't really seem optimal to modify multiple existing dependencies just to include one additional module.
There isn't. The very first commit of the project's pom.xml already used Jersey 2.25.1
as Mureinik mentioned above, when we worked on the library, our plan at Postmark was to use newer library versions, since they are better options in long run.
On our Github page Rupert made good suggestions, from which I find separate ClassLoader a good choice. I will play a bit with the library code in next couple of days on compatibility, however we are always in favour of using newer libraries for our codebase.
please check out my latest comment on Github issues page for possible solution for using older Jersey version https://github.com/wildbit/postmark-java/issues/11
It should be pretty easy to port the library to Jersey 1.x by porting only the HttpClient class on your side.
I am working with jboss 6.2 that has resteasy standard version set to 2.3.7.
I need to use resteasy 3.0.8 and currently I am trying to achieve this result using maven and specifying that version in the pom, the correct resteasy is put in the war but seems like jboss keeps on using 2.3.7.
I am wondering if I am following the right path and if somebody can provide me some web resources to solve my issues.
I had the same issue.
This link could be usefull, it works great for me.
I've been reading about using Spring Boot and Gradle to quickly build RESTful services: https://spring.io/guides/gs/rest-service/. I'd like to give it a try but I need to build a war that's compatible with servlet 2.4 (I know.. life in the 1970's).
The error I get when attempting to deploy the war generated by following the guide above to Sun App Server 8.1 is:
Unknown deployable object type specified: "Cannot determine the J2EE
component type"
The generated war has no web.xml and there may be other expected artifacts.
Configuring a spring-boot application using web.xml seems to suggest that a web.xml can be packaged with a Spring Boot application but doesn't explain how.
Is Spring Boot compatible with older servlet specs? How can Spring Boot and Gradle be used to generate a war that works on older web containers?
Thanks.
The answer to the question you linked to didn't actually go as far as saying that you could easily create a fully-leaded Boot application with Servlet 2.4. I consider that quite a hard, but probably achievable, target if you are prepared to do some legwork, and accept some compromises. You might find this stuff useful: https://github.com/scratches/spring-boot-legacy (I managed to use it to push an app to GAE). But there are some limits to what can be supported for such old technology, and we aren't officially supporting anything other than Servlet 3.0.1 right now.
I seem to be really struggling here. What I want to do (in this order) is:
1) Build a RESTful resource using a Jersey application and resource w/annotations (this is not the issue).
2) Package, install, and start that bundle into the Felix OSGi container, as an HTTP service, including dependencies.
3) Package, install, and start a WAR in the OSGi container that may incorporate #2 as a dependency.
And I would like to be able to do all of this using Maven.
I cannot seem to find a working example of even the individual steps, especially involving Maven, that work let alone the combination of those steps. I have tried cobbling together various q&a from across the web with varying levels of success but not an end-to-end working example yet.
Any pointers would be appreciated...
I do not have an example for Jersey but I have a tutorial for CXF with Apache Karaf (which uses Felix). It shows how to create a Rest service and build it with maven. Using Apache Karaf you can then deploy the bundle directly from the maven repo. Moving this to Jersey probably just means to exchange the lib and use another blueprint config to initialize the rest service.
Apache Karaf also allows to deploy wars and wabs but I have not yet tested them.
Apache Stanbol does most or all of this (not sure if the war packaging is included out of the box) to implement its RESTful services.
You'll have to dig through its codebase but searching for Jax-RS annotations in there should point you to the right places.
I also am really struggling with exactly what you are attempting to do. So far, I seem to be really close but alas not quite there, here's what I've been doing:
creating a War with Maven that defines my Jersey Resource's
bundling it with maven bundle plugin ( see section Adding OSGi metadata to existing projects without changing the packaging type ). Which allows me to run the restlets in Tomcat and test.
define a target in Eclipse that includes resources from my locally defined p2 site which I create with the p2-maven-plugin plugin. In this way I can gather up any of the dependencies from the WAR project into a p2 site, which I can deploy to an Eclipse defined target
Where I am stuck is trying to register the Jersey Resource's as services, for which I've tried:
using the JAX-RS OSGI connector, for which I eventually gave up on because it uses glassfish jersey which seems to export a version 2 API of Jersey when Jersey hasn't even defined a version 2 API yet. This caused package resolution problems when I wanted to use version 1.17 of Jersey libs.
registering the Resources using a Whiteboard a la Apache Felix HTTP Service, my current approach which doesn't seem to work yet.
And, finally, if the preceding doesn't work I'll try Amdatu
Another route I might try is from the Jersey project OSGI chapter
I tried this combination and made it up and running -
1- Modularity Specification-->OSGi specification
2- OSGi implementation-->Apache Felix 4.4.0
3- OSGi Runtime-->Apache Karaf 3.0.3
4- Software Architecture Specification of REST – JAX-RS
5- JAX-RX implementation-->Apache CXF – 2.7.5
You can refer this nice tutorial - http://java.dzone.com/articles/building-cxf-rest-service-osgi
Now, I am also planning to move to Jersey from CXF as the Jersey is the light wait reference implementation of JAX-RS. Now I am planning to use Jersey with Apache Felix/Apache Karaf. You can install Jersey in Karaf and deploy your Jersey Rest Web Services as Bundle. You can refer this tutorial - https://vzurczak.wordpress.com/2014/09/30/web-applications-with-osgi-working-with-jersey/
Here's a good example on github : https://github.com/ddragosd/jax-rs-on-karaf
I am building a RCP application , where I need to monitor http traffic and show it to user. For that I require use of Embeded Jetty as transparent proxy.
I tried everything , followed this Tutorial But things just don't work. I get build exception.
I tried adding Jetty jar as external dependency , but still no use.
Would appreciate any help. Also please let me know if there are any other ways of achieving this without use of jetty. (I tried Socks but it conflicts with RCP UI thread)
Thank You.
In broad terms you need to look into making eclipse plugins and how to declare dependencies in eclipse plugin projects. What you are basically looking to do is write a bit of code based on our jetty embedded examples only in a plugin context, so when your plugin loads it would trigger the starting of the jetty server. You will load the jetty dependencies as osgi bundles. Note that in juno much of jetty 8.1.3 will be available by default.
Its not the best example in the world, but you can look at our crusty wtp plugin for some ideas, at least on how you could configure things using tycho and maybe some organizational bits.
http://git.eclipse.org/c/jetty/org.eclipse.jetty.wtp.git/