Using Eclipse EGit Plugin to Push Changes to Remote

Introduction

This guide was intended towards my ILP group working on adding features to an old java game made previously.

Assumptions

This guide assumes you have already cloned and made changes to indexed files in the project.

I am also assuming that there is only one branch, namely the master branch.

Step 1

Right Click on your project in the package explorer > Team > Commit…

Step 1

Step 2

Add the files you would like to apply to the remote repository to the staged changes section, shown below.

Right Click on the File > Add to Index

egit-2

Step 3

Enter a commit message.

Enter your author (if necessary).

Click “Commit”

egit-3

Step 4

At this point, if you have other members working on the same branch, you will want to retrieve updates that happened between the time you started making changes in the project and the time you committed those changes.

egit-4

Step 5

You may or may not have to deal with conflicts from other commits. I have not come across this situation yet so I can’t show an example here at this time.

Step 6

After handling conflicts. You want to push your changes to the remote Git repository.

Right Cick on Project > Team > Remote > Push…

NOTE: This is NOT the same as Team > Push Branch ‘master’ or Push to Upstream

egit-5

 

Glassfish Error – java.lang.ClassCastException: org.glassfish.grizzly.config.ContextRootInfo cannot be cast to org.apache.catalina.Context

This error appeared for me because I set a default web module previously to a different enterprise application archive (ear) project while trying to run a new one in the development environment.

The solution for me was to empty the Default Web Module field shown below and restart the server. After you do that you can deploy your application successfully.

Glassfish Configuration

Create New MySQL User and set Privileges

Introduction

This guide will show you how to make a new user and assign them all privileges to a specified database.

This is not a unique tutorial but is mainly intended as a quick reference for the author. Hope you find it useful though!

Steps

Create new database user along with their password. This will apply to all databases they access.

CREATE USER 'newuser'@'localhost' IDENTIFIED BY 'password';

Give user all privileges to a particular database

GRANT ALL PRIVILEGES ON * . * TO 'newuser'@'localhost';

Necessary to apply the changes.

FLUSH PRIVILEGES;

References

https://www.digitalocean.com/community/tutorials/how-to-create-a-new-user-and-grant-permissions-in-mysql

Redirect from HTTP to HTTPS on Glassfish

Introduction
This tutorial is intended to show you how you can force various url patterns to use HTTPS if a user tries to use HTTP.

Build

  • Glassfish 4.1
  • Netbeans 8.1 (Not necessary, will have instruction for both)
  • JavaEE 7 (Don’t think its necessary)

Instructions
Navigate to your Web Application Archive’s (WAR’s) web.xml file.

Method 1: Netbeans

NB Step 1

NB Step 2

Method 2: Good ol’ Copy n’ Paste

The above steps would have created the following code which you would add into your file. I apologize it would not save the spaces.

<web-app>

<security-constraint>
<display-name>Constraint1</display-name>
<web-resource-collection>
<web-resource-name>Anything</web-resource-name>
<description>This will make the constraint affect all pages of the application</description>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<user-data-constraint>
<description/>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>

</web-app>

References

Set context-root of Application running on Glassfish as the Domain Base

Introduction

Whether you want to set your ear, war or whatever type of application up on Glassfish, we typically want to get rid of the default landing page and replace it with one of the apps. This guide will show you how, with one image. This method is the easiest but has a caveat which I will mention later. It should work in Glassfish 3 and beyond, at the least.

Build

  • Glassfish 4.1
  • Using an Enterprise Application Archive (EAR)

Assumptions

  • Name of configuration and virtual server are default

Instructions

  1. Deploy your application
  2. Navigate to Configurations > server-config > Virtual Servers > server
  3. Select desired application on Default Web Module
  4. Save

Instruction Image

Caveat
If you specified in the configurations of your file a different context root (file depends on what type of application) then you will be able to access the application from the Domain Base as well as the context root defined in the application’s configuration file.

Setup Glassfish JDBC Resource using Admin Console for Oracle Database

Introduction
This is meant to be a reference for me anytime I use oracle with a JavaEE project. I hope it benefits you as well. This is pretty much remade from the reference at the end, so its easy for me to find at a later time.

Warning
In the default Glassfish 4.1.1 shipped with Netbeans 8.1 there is a problem with the admin console when trying to do certain things. Amongst them is adding JDBC Resource. I decided I would use Glassfish 4.1 to solve that problem but you are welcome to find a guide on how to setup a JDBC Resource in command line instead as an alternative. It’s a problem with that Glassfish version, not Netbeans.

My Build

  • Glassfish 4.1
  • Oracle Database 11g XE

Instructions

First off, we need to make a connection pool. I already made mine, its called Oracle11g so don’t be startled if it doesn’t appear.

Navigate to Resources > JDBC > JDBC Connection Pools

Step 1

 

Set the values as below, to use oracle.jdbc.pool.OracleDataSource ensure you have ojdbc_6.jar (or whatever version is appropriate for you).

Step 2

 

Then set the additional properties values. I cut out my password and username in the diagram, fill it with your own values. Click save after completing. 1521 is the default port for oracle db 11g, if yours differs change it accordingly.

Step 3

 

Next we need to create a JDBC Resource.

Navigate to Resources > JDBC > JDBC Resources

Step 4

 

Fill in the values as below. The pool name should be that which you set when you made a new Connection Pool a few steps ago.ora-jdbc-con-pool-5

The following step ONLY applies if you are using JavaEE. This is to ensure that your jdbc driver behaves in a way which is compliant with JavaEE.

IF YOU DO NOT NEED THIS STEP then you need to restart the domain on glassfish to apply. With the default domain this can be done as

/path_to_glassfish/bin/asadmin restart-domain domain1

Navigate to Configurations > server-config > JVM Settings

Step 6

In the JVM Options tab, add a new option then save.
-Doracle.jdbc.J2EE13Compliant=true

Step 7

Don’t forget to restart your domain.

/path_to_glassfish/bin/asadmin restart-domain domain1

References

  • https://blogs.oracle.com/dana/entry/jdbc_connection_pools_in_glassfish

Using iptables to Configure HTTP and HTTPS to redirect to Glassfish 4.1 Defaults

This guide can also be used if you are not using Glassfish 4.1 . In that situation you may want to know Glassfish’s default ports and what they are used for.

  • Port 8080 is for HTTP protocol
  • Port 8181 is for HTTPS protocol
  • Port 4848 is for the Admin Console

Now obviously you can see the problem here. By default when I user accesses a website using HTTP they are using port 80, 443 for HTTPS.

Also, you may potentially not want the admin console to be available at all, or at certain times. In that case you would want to have two version of this file. Ensure you use chmod so that it is executable by the right person/people and not by everyone.

Warning:
This does not allow you to, for example, redirect from ports using HTTP protocol to ones using HTTPS protocols. So in this situation for example, I cannot configure port 80 to redirect to 443 or 8181 because HTTP and HTTPS protocols are different.

This example file from Nabisoft illustrates what you would do.

#!/bin/bash

# ATTENTION: flush/delete all existing rules
iptables -F

################################################################
# set the default policy for each of the pre-defined chains
################################################################
iptables -P INPUT ACCEPT
iptables -P OUTPUT ACCEPT
iptables -P FORWARD DROP

# allow establishment of connections initialised by my outgoing packets
iptables -A INPUT -m state –state RELATED,ESTABLISHED -j ACCEPT

# accept anything on localhost
iptables -A INPUT -i lo -j ACCEPT

################################################################
#individual ports tcp
################################################################
iptables -A INPUT -p tcp –dport 80 -j ACCEPT
iptables -A INPUT -p tcp –dport 22 -j ACCEPT
iptables -A INPUT -p tcp –dport 8080 -j ACCEPT
iptables -A INPUT -p tcp –dport 8181 -j ACCEPT
iptables -A INPUT -p tcp –dport 443 -j ACCEPT
#uncomment next line to enable AdminGUI on port 4848:
iptables -A INPUT -p tcp –dport 4848 -j ACCEPT

################################################################
#slow down the amount of ssh connections by the same ip address:
#wait 60 seconds if 3 times failed to connect
################################################################
iptables -I INPUT -p tcp -i eth0 –dport 22 -m state –state NEW -m recent –name sshprobe –set -j ACCEPT
iptables -I INPUT -p tcp -i eth0 –dport 22 -m state –state NEW -m recent –name sshprobe –update –seconds 60 –hitcount 3 –rttl -j DROP

#drop everything else
iptables -A INPUT -j DROP

################################################################
#Redirection Rules
################################################################
#1. redirection rules (allowing forwarding from localhost)
iptables -t nat -A OUTPUT -o lo -p tcp –dport 80 -j REDIRECT –to-port 8080
iptables -t nat -A OUTPUT -o lo -p tcp –dport 443 -j REDIRECT –to-port 8181

#2. redirection http
iptables -t nat -A PREROUTING -p tcp -m tcp –dport 80 -j REDIRECT –to-ports 8080
iptables -t nat -A PREROUTING -p tcp -m tcp –dport 8080 -j REDIRECT –to-ports 8181

#3. redirection https
iptables -t nat -A PREROUTING -p tcp -m tcp –dport 443 -j REDIRECT –to-ports 8181

################################################################
#save the rules somewhere and make sure
#our rules get loaded if the ubuntu server is restarted
################################################################
iptables-save > /etc/my-iptables.rules
iptables-restore < /etc/my-iptables.rules

#List Rules to see what we have now
iptables -L

How to install SSL/TLS certificate on Glassfish

Introduction
It seems that build isn’t that important, as long as you are using a recent version of Glassfish and Ubuntu it should be fine. I will setup a guide on how to setup glassfish server soon. In the meantime, check the reference for nabisoft at the end of the article, it was my best reference for that part.

This tutorial is mainly directed to StartSSL user’s in the file naming convention but can work for anyone.

My Build

  • Ubuntu 16.04 Server (64 bits)
  • Glassfish 4.1
  • StartSSL certificate

You will have 3 public keys after correctly filing your certificate signing request (.csr) file to your certificate authority (CA). They will be named as such:

  • 1_Intermediate.crt
  • 2_yourdomainname.com.crt
  • root.crt

You would have had a private key which you used when you generated your CSR file. For the sake of this tutorial we will call this yourdomain.com.key .

Move to your glassfish domain’s config directory and store all your files there. I am assuming you are using the default domain, domain1.
cd /path_to_glassfish_directory/glassfish/domains/domain1/config

Step 1
Mash up our three certificated into one file using this command. Remember: don’t forget to change the values!
cat 2_yourdomainname.com.crt 1_Intermediate.crt root.crt > all.crt

Step 2
Now we import these certificates into our cacerts keystore. The keystore names I am going to assume are those shipped by default with glassfish 4.1 . Fill in ‘yourAlias’ with any non-conflicting name you wish but keep note of it for later.
keytool -import -trustcacerts -alias yourAlias -file all.crt -keystore cacerts.jks

Step 3
We are now going to decrypt the (.key) file and make a (.p12) file which will be installed into the server. The default password is ‘changeit’ and I shouldn’t have to mention… you should change it!
openssl pkcs12 -export -in all.crt -inkey yourdomain.com.key -out yourdomain.com.p12 -name yourAlias -CAfile 1_Intermediate.crt -caname immed
keytool -importkeystore -deststorepass changeit -destkeypass changeit -destkeystore keystore.jks -srckeystore yourdomain.com.p12 -srcstoretype PKCS12 -srcstorepass changeit -alias yourAlias

Step 4
Ensure that all the certificates installed correctly. Check both keystores using the following two commands:
keytool -list -keystore keystore.jks
keytool -list -keystore cacerts.jks

You should see a listing of your alias in one of them in both with the text ‘trustedCaCert’ in the cacerts.jks keystore.
In the keystore.jks file you should see your private key the alias you gave it listed in one of the entries.

Step 5
In order to use these keys on the domain you will need to configure domain.xml there are two ways to do this. BACKUP domains.xml before proceeding.

Method 1: terminal / command line
Replace every instance of the default s1asin the domain.xml file with yourAlias.

Method 2: Glassfish Admin Console
(Will be added later with pictures)

Step 5
Restart the domain

asadmin restart-domain domain1

If you haven’t loaded asadmin to your environment path then
/path_to_glassfish_directory/bin/asadmin restart-domain domain

References: