Comments by jar8695 - CodeProject

jar8695 12-Mar-24 15:59pm View

Thanks - this gave me something to go on. See solution

jar8695 5-Oct-21 15:13pm View

Thanks Richard - I discovered one problem and resolved it and it was a permissions issue. However, I am still getting the 404 error but now it is passed the first permissions issue the Failed Request Tracing has created files and what it is failing on is - url="http://the webappname_test.co.uk:80/Scripts/modernizr-custom.js". In Scripts folder there is a JS framework file modernizr-2.6.2 and in the Modernizr site this was released in 2013. I suspect modernizr-2.6.2 is not compatible with windows server 2019. However, I cannot seem to find a straight download of latest version!!!

jar8695 5-Oct-21 15:12pm View

Deleted

Thanks Richard - I discovered one problem and resolve it and it was a permissions issue. However, I am still getting the 404 error but not it is passed the first permissions issue the Failed Request Tracing has created files and what it is failing on is - url="http://the webappname_test.co.uk:80/Scripts/modernizr-custom.js". In Scripts folder there is a JS framework file modernizr-2.6.2 and in the Modernizr site this was release in 2013. I suspect modernizr-2.6.2 is not compatible with windows server 2019. However, I cannot seem to find a straight download of latest version!!!

jar8695 24-Jun-21 17:37pm View

Okay. I found this script for checking Public role

USE [Databasename] -- Specify database name
GO

WITH [PublicRoleDBPermissions]
AS (
SELECT p.[state_desc] AS [PermissionType]
,p.[permission_name] AS [PermissionName]
,USER_NAME(p.[grantee_principal_id]) AS [DatabaseRole]
,CASE p.[class]
WHEN 0
THEN 'Database::' + DB_NAME()
WHEN 1
THEN OBJECT_NAME(major_id)
WHEN 3
THEN 'Schema::' + SCHEMA_NAME(p.[major_id])
END AS [ObjectName]
FROM [sys].[database_permissions] p
WHERE p.[class] IN (0, 1, 3)
AND p.[minor_id] = 0
)
SELECT [PermissionType]
,[PermissionName]
,[DatabaseRole]
,SCHEMA_NAME(o.[schema_id]) AS [ObjectSchema]
,[ObjectName]
,o.[type_desc] AS [ObjectType]
,[PermissionType] + ' ' + [PermissionName] + ' ON ' + QUOTENAME(SCHEMA_NAME(o.[schema_id])) + '.' + QUOTENAME([ObjectName]) + ' TO ' + QUOTENAME([DatabaseRole]) AS [GrantPermissionTSQL]
,'REVOKE' + ' ' + [PermissionName] + ' ON ' + QUOTENAME(SCHEMA_NAME(o.[schema_id])) + '.' + QUOTENAME([ObjectName]) + ' TO ' + QUOTENAME([DatabaseRole]) AS [RevokePermissionTSQL]
FROM [PublicRoleDBPermissions] p
INNER JOIN [sys].[objects] o
ON o.[name] = p.[ObjectName]
AND OBJECTPROPERTY(o.object_id, 'IsMSShipped') = 0
WHERE [DatabaseRole] = 'Public'
ORDER BY [DatabaseRole]
,[ObjectName]
,[ObjectType]

jar8695 24-Jun-21 17:11pm View

Thanks Wendelius. So, if I check the public role has NO privileges then a CREATE USER statement will mean that user has no privileges until granted to them - correct?
Then if I create a role, add the new user to the role and grant SELECT on the specific view to the role then this will limit the user to only have SELECT on that view and provide better control of granting and revoking additional privileges - is that correct?

jar8695 2-Jun-21 5:38am View

Thanks again Richard. Great feedback

jar8695 2-Jun-21 4:59am View

Thanks for response Richard. So, a name prefixed to root IS A SUBDOMAIN and really a website on its own which requires its own DNS mapping and CANNOT be mapped within the root DNS - is that correct? Concerning a suffixed name - this can be a "path" to a subdirectory which is simply a component WITHIN THE ROOT, is that correct? Then what is an "application "within" a website root?

jar8695 31-Jan-19 4:44am View

Well! I suppose. Probably best to think of something else. Thanks anyway

jar8695 30-Jan-19 12:36pm View

Okay. Thanks. Is it possible to format a popup message then. I know I can create one of those with a warning exclamation triangle but can I increase the size of the pop up and text please?

jar8695 22-Apr-16 5:44am View

Hi Sergey. My text of "consume or use the third party application API" I mean basically - to create a java or .Net application that will USE an API that is available in another application?

jar8695 30-Sep-15 12:37pm View

Thanks for response CPallini. So an API can be created in a language like C# as classes etc and compiled as a Dynamic Linked Library and installed on the operating system. Then depending on what the author wants to do they can provide functionality that is part of the operating system or another application by referencing the relevant DLL. Is this correct?

jar8695 26-Aug-15 12:04pm View

Thanks for response. Since posting my question I have just found the project folder on my colleagues old computer but it only contains the .sln file. Can I use that to import the project to my Visual Studio? Bear with me as not used ASP.NET before!!

jar8695 21-Feb-14 11:14am View

Hi David. EUREKA!!! I think it is all sorted and have discovered the problem(s).

I have all encryption working now on both my desktop PC and the intended server it will run on. The problem seems to have been the following;

1. As you suggested, look for conflicting configuration files. This seemed very relevant and I found that in my Eclipse environment there were two context.xml files and these affected the outcomes as I found when I changed one back again.

2. The other is that, and please correct me if I am wrong here, but we found that two instances of the servlet, i.e. Test and Live running in the same Tomcat (and on the same machine then obviously) can run together fine - but NOT when SSL is implemented. When SSL is implemented only one can be running at once. I have created a work around for this though by creating a batch file on the desktop that swaps around the WAR and configuration files and restarts Tomcat

Perhaps you know of a way that both instances can run with SSL implemented.

Otherwise I am very relieved.

Thanks again for all your help

Regards

Alan

jar8695 20-Feb-14 7:21am View

Hi David,

I have actually got this working, although only for one instance on one machine which I think is strange. I had one last attempt at something and what I changed was - in my JNDI connection for the SQL server database in the context.xml I adjusted the "URL" element from "integratedSecurity=true;encrypt=true;trustServerCertificate=true" to "encrypt=true;trustServerCertificate=true". This got the encryption working completely on my TEST instance of the servlet. However, my Live version of the servlet the encryption is NOT working even though they are connecting to the same SQL server database and both are running on the same Tomcat etc.

Any ideas why this might be?

Thanks

AJFarroll

jar8695 18-Feb-14 12:03pm View

I tried amending the classpath to be C:\tomcat\lib\sqljdbc_4.0\enu" but still the same outcome.

Thanks for your assistance. I appreciate your patience, expertise and time. As we say in scotland - "Lang may your lumb reek" ------ Live long and happily.

jar8695 18-Feb-14 11:46am View

Hi David,

I Have just found this URL. It is Eclipse I am working with and did try and add the sqljdbc4.jar into the build path as an external jar but when I tried it it stopped connections to the Oracle database as well, so I reverted back. But URL has something extra. Do you think it would work?

http://thusithamabotuwana.wordpress.com/2012/07/19/connecting-to-sql-server-from-java/

jar8695 18-Feb-14 11:37am View

Hi David.

I also am out of ideas here. I will try and fine grain the logging and see if that provides any more information on the JDBC process.

When I downloaded the latest Microsoft JDBC and unpackaged it it created a folder named "Microsoft JDBC Driver 4.0 for SQL Server" and in this folder was a subfolder named "sqljdbc_4.0". It was this sqljdbc_4.0 folder that I placed in C:\tomcat\lib and made the CLASSPATH set to C:\tomcat\lib. Was this the correct thing to try?

Thanks again so much for all the assistance.

Regards

AJFarroll

jar8695 18-Feb-14 11:23am View

Okay. I took a backup of ctatlina.bat file then amended it where it said set CLASSPATH= to be set "CLASSPATH=C:\tomcat\lib". I also copied entire folder named sqljdbs_4.0 to C:\tomcat\lib.

The out come was the same. I made a web request using SoapUI and in Tomcat console the errors at top were

WARNING: Failed to load the sqljdbc_auth.dll
and
org.hibernate.exception.GenericJDBCException: Cannot open connection

A small point of note is that, I also left the setenv.bat file with the two entries I mentioned previously in place and when I start Tomcat, at the start of the console output it now states

"INFO: Loaded APR based Apache Tomcat Native library 1.1.29 using APR version 1.4.8.
18-Feb-2014 16:13:47 org.apache.catalina.core.AprLifecycleListener init
INFO: APR capabilities: IPv6 [true], sendfile [true], accept filters [false], random [true].".

I look forward to your feedback.

jar8695 18-Feb-14 10:50am View

I created a setenv.bat file in the tomcat >> bin directory and in there I have created the following entries;

set JAVA_OPTS="-DJavax.net.ssl.trustStore=C:\path\to\keystore"
set JAVA_OPTS="-DJavax.net.ssl.trustStorePassword=*********"

Apparently this is how to set these parameters. The path and password are the same as the keystore set up and configured in the server.xml file. I set up the TrustStore parameters because the help files with the downloaded Microsoft JDBC tells us to in the section "SSL Certificate" in the Index.html. Does this sound correct?

jar8695 18-Feb-14 10:38am View

Thanks again. When you say "in the Tomcat's JAR library (whatever the currently configured CLASSPATH is.", do you mean the CLASSPATH Windows environment variable or the CLASSPATH in the Tomcat catalina.bat file?

I appreciate your patience and time with me on this. Before this role I was in Unix and Oracle. I am enjoying the Java and Tomcat etc but can become quite complicated.

jar8695 17-Feb-14 7:43am View

Hi David. Monday morning again in Scotland. I downloaded the latest Microsoft JDBC driver, which was an exe file but when I attempted to install it, the file simply unpackaged. Although I found the sqljdbc_auth.dll within. I placed this in C:\Windows\system32 and there error is now different - "java.lang.UnsatisfiedLinkError: com.microsoft.sqlserver.jdbc.AuthenticationJNI.SNISecGenClientContext([B[I[BI[B[I[ZLjava/lang/String;Ljava/lang/String;Ljava/lang/String;Ljava/util/logging/Logger;)I at com.microsoft.sqlserver.jdbc.AuthenticationJNI.SNISecGenClientContext
(Native Method)"

It appears that I may have to Set java.library.path to a directory containing this DLL which Java uses to find native libraries!!

How do I do that? Does this sound correct?

Thanks again

AJFarroll

jar8695 14-Feb-14 11:39am View

Thanks David for your assistance so far. I did a search for the dll "sqljdbc_auth.dll" on my machine but it does not appear to be there. Do you think the first thing I should do now after adding in the "integratedSecurity=true;encrypt=true;trustServerCertificate=true" is to provide the sqljdbc_auth.dll and see what happens? Is sqljdbc_auth.dll part of Tomcat or Java?

It is Friday 4.45 PM here in Scotland so I might not be able to get this done until Monday morning now. We are told to be out of building by 5.45 PM!!!

Regards

AJFarroll

jar8695 14-Feb-14 10:57am View

I may have a little progress on this. In the Tomcat context.xml file I amended the relevant JNDI resource tag to have the "URL" parameter to include this integratedSecurity=true;encrypt=true;trustServerCertificate=true.

Now when I attempt a web request using SoapUI I get an empty tag returned in the SoapUI response, but the Tomcat outputs states; com.microsoft.sqlserver.jdbc.AuthenticationJNI <clinit>
WARNING: Failed to load the sqljdbc_auth.dll

and

org.hibernate.exception.GenericJDBCException: Cannot open connection

It is as if it now only needs to find and use the correct SSL certificate. Is this correct and if so what do I do now.

Regards

AJFarroll

jar8695 14-Feb-14 5:50am View

Hi David Days,

Yes you are correct when you say "communicating with a MS SQL Server, and the SQL Server requires communication over SSL". Basically I need to encrypt with SSL the web service requests and responses between the SQL Server and the Java Servlet. The connection is set up using JNDI in the Tomcat context.xml file with the xml resource tag having the following attributes; driverClassName="com.microsoft.sqlserver.jdbc.SQLServerDriver" factory="org.moss.jdj.dbcp.EncryptedDataSourceFactory"

The connection is tested by setting up a database connection in the Eclipse IDE using "sqljdbc-1.2.0.jar" and this pings successfully.

When I inherited the project the Oracle connection was already set up with a keystore to encrypt its communication and an entry in the Tomcat server.xml file, so unsure if I can amend the server.xml file. Also, the SQL Server server is not at my location in the company and someone else manages that server and they have provided me with what I think is a public key SSL certificate but any attempts by myself to apply this certificate has not succeeded.

Thanks for any assistance you provide.

AJFarroll

Comments by jar8695 (Top 24 by date)