Elegant MicroWeb designed, developed, integrated and implemented a system for a renowned Saudi Arabian software solution provider to satisfy all business, technical and functional requirements for a hotel and apartment owner management system. The centralized system allows managers to understand and verify business transactions at branches and across all locations. Customers can search for rooms, research facilities and make reservations online. The system also allows corporate account managers to monitor and manage employee travel and accounts.###Details >
In software programming, the use of frameworks makes things easy and saves a great deal of time for developers. In the Java world, Spring Security is one such framework that is worth consideration by developers. Spring Security is part of the larger Spring Projects Umbrella, and the framework can be used to implement security aspects in Java web applications. Spring Security makes a developer's job easier and ensures that an application is secure by configuring the appropriate elements in the xml file. It also provides support classes and various filters, as well as support for custom requirements. It is worth nothing that Spring Security sometimes requires a bit more work to achieve specific, complex requirements, but the tool is, nevertheless, a worthwhile addition to any developer's toolkit.One of the common requirements in web development is to gracefully exit from the application when a user session expires. In this article, we will look at how Spring Security can help a developer to easily configure and handle a session timeout, and explore the issues and workarounds that you'll need to understand in order to successfully utilize the tool. Configuration The following explanation assumes that the reader understands the required configuration xml file needed to implement Spring Security, is the xml element where we need to make changes. To tell Spring to show a separate page when the user session has expired, you can simply specify the URL value in the invalid-session-url attribute - and then, you are done! When the user tries to make a request after being idle for some time, and session has already timed out, Spring will direct the user to the specified page. Problem This configuration is very simple. But, it will create one problem. Even when a user logs out properly from the system, he or she will get the session expiration page instead of the login page (we'll assume here that you have setup the login the URL as a logout-success-url in element). This problem occurs because, when user logs out, Spring invalidates the user session. On the next request to show the login page, the browser will send the cached session ID to the server. But, since the session associated with the given ID is invalidated, Spring will redirect the user to the session expiration page as configured. Workaround 1 One workaround to this problem is to tell Spring not to invalidate the session on logout event. This can be done by setting the value of invalidate-session attribute to “false” in element. This configuration will keep the user session alive on the logout event, so the user will be redirected to the login page, rather than to the session expiration page. But you may not always be able to keep the session alive when the user logs out from the application. In that case, use Workaround 2. Workaround 2 The other workaround is to delete the session cookie on the logout event. You can do so by using delete-cookies attribute of element. As you can see, we asked Spring to delete the cookie named “JSESSIONID” on the logout event. Because the browser will not send any session ID on the next request, Spring will direct the user to the login page, and thereby solve the problem. This approach may work for some containers but not for others. For instance, if you are using Apache Tomcat version 7, this workaround will not succeed. In this case, Spring won't remove the cookie in spite of the delete-cookies attribute value that is specified, because it can’t find the matched cookie path. When Tomcat sends the cookie to the browser, it appends the extra slash (“/”) to the end of the context path, e.g., path = “/foo/”. Tomcat has a good reason to do this because IE gets confused in sending cookies to the server for matching domains. For example, it will send the cookie meant for “/foo” to the domain “/foobar” as well. Please note that this behavior has been noted by other developers, but we have not personally verified this. To solve this problem, Tomcat appends a slash at the end of the context path. Now, when you set the delete-cookie attribute, Spring tries to find the cookie for the path without a slash at the end. Because it doesn’t find it, the cookie will not be removed, resulting in the display of session expiration page instead of login page. Luckily, Spring provides the flexibility to make custom changes in the default behavior. To solve the above problem, you need to write your own logout handler to remove the desired cookies. For that, we will need to use a “logout filter” instead of “” element (i.e. remove the entirely from the configuration file).###Details >
We all know that Java is more than a cup of 'Joe'. In the technology world, Java is, of course, an object–oriented programming language with a built–in application programming interface (API), and a rich set of APIs and its platform independence, Java can stand alone as a platform in and of itself. Java provides a wide range of ready–to–use technologies and frameworks. If your enterprise wants to build an application or a software product in Java, it is important to use a professional team of Java experts. These experts can ensure business success and customer satisfaction with skilled technical feasibility services,a thorough command of architecture, product design, development, maintenance and support and even, (for those nightmarish redesign projects) software re-engineering and Ux design services.###Details >
In a previous article, entitled, "Continuous Integration: How to Avoid 'Integration Hell', we discussed the general issues and considerations of the continuous integration environment and projects. In this article, we will discuss Jenkins (previously known as Hudson), which is one of the most popular continuous integration (CI) tools, and how you can achieve Continuous Integration using this tool. The Jenkins tool is an open source Continuous Integration tool which is written in Java, and runs in a servlet container like Apache Tomcat. It can be used to build software written in various languages such as Java, .Net, PHP, C++ etc. This open-source, free software is available under MIT License.###Details >
If you have worked on a software development team, you will recognize these scenarios:###Details >
- You have a large team of engineers developing a software application. While committing the code in the repository, one of the developers forgets to commit one or two files. When other team members take the repository updates, they find problems in the code due to the missing file changes, and they have to spend a long time debugging the problems.
- Your engineering team is developing a software product. Your Business Analysis team needs frequent updates of the code to validate the changes or demonstrate new features to the customers. Preparing a new build and deploying it on the staging server for a BA team takes a significant amount of a developer’s valuable time.