On Fri, Nov 1, 2013 at 5:40 AM, Arun Gupta <arun.gupta@gmail.com> wrote:
I tried Servlet samples from:

https://github.com/arun-gupta/javaee7-samples/tree/master/servlet

and encountered the following issues:

1). An HttpOnly cookie is set as:

cookie = new Cookie("myHttpOnlyCookieKey", "myHttpOnlyCookieValue");
cookie.setHttpOnly(true);
cookie.setMaxAge(60);
response.addCookie(cookie);

and

document.write(document.cookie);

displays the cookie and its value.

This is a bug, I have fixed this in undertow upstream.
 

2). event-listeners sample is not getting deployed and throwing the
following exception:

Caused by: java.lang.IllegalArgumentException: UT010012: Listener
class class org.javaee7.servlet.event.listeners.MyHttpSessionBindingListener
must implement at least one listener interface

even though the class is defined as:

@WebListener
public class MyHttpSessionBindingListener implements
HttpSessionBindingListener {
...
}

This is a bug in the sample. You should not put a @WebListener annotation on a HttpSessionBindingListener, it will automatically have its methods invoked if it is bound to the session (see the javadoc for WebListener). HttpSessionBindingListener's don't need to be declared.
 

3). file-upload sample allows to upload a file and writes it to /tmp
directory as:

for (Part part : request.getParts()) {
fileName = part.getSubmittedFileName();
part.write(fileName);
}

part.write() is not throwing any exception but not even writing the file.

Another bug, I have fixed in undertow upstream. 

BTW, you should not really be doing:

try (PrintWriter out = response.getWriter()) 

There is no need for as it as the container will automatically close the response for you, and it breaks error page handling, e.g:

try (PrintWriter out = response.getWriter()) {
  throw new MyException();
}

Will never generate an error page, as the try block will close the writer which commits the response.

Next release of Undertow should be soon, basically straight after the next XNIO beta release.
 

4). In order to try servlet-security sample, I was trying to add a new
user in application realm as:

./bin/add-user.sh -g g1-u u1 -p p1 -r ApplicationRealm

but getting:

* Error *
JBAS015281: The user supplied realm name 'ApplicationRealm' does not
match the realm name discovered from the property file(s)
'ManagementRealm'.

Adding a user in the default realm, as expected, did not pass
authentication for the secure page. How should the user be added such
that the credentials can be used in an application ?

If you just do add-user.sh with no arguments and follow the prompts it will work.

The correct command line is:

./bin/add-user.sh -g g1-u u1 -p p1 -r ApplicationRealm -up application-users.properties -gp application-roles.properties

 Stuart


Thanks,
Arun


--
Blog: http://blog.arungupta.me
Twitter: http://twitter.com/arungupta
_______________________________________________
wildfly-dev mailing list
wildfly-dev@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/wildfly-dev