jueves, 10 de mayo de 2012

Vb.Net Zip and Email

Useful for you?

In this post I will show you how I did this zip and email library that helps me to email a file after zip it. There are methods for zipping files and for attaching files to an email and send it through smtp, but, do we really need to save the zipped file before sending it? In this post I will show you how I used the memoryStream to temporarily persist the zipped file and then use this memory to attach the file in an email.

The Projects

First, we will create the required projects and their references in our working area, we will create our vb.Net solution with 2 projects:
  • mailSender: Is a windows forms application that will help us to configure and provide the details for the email that will be sent. This will be the startup project for our solution.
  •  Mailer: Is a class library project that will provide the methods to zip and email our attachments. I've set the default package of this class library to dtorres.Mailer

mailSender Windows Forms

In the mailSender project, we will create a form that might look like this one:

In the configuration tab we will include the email configuration fields, and will default their values to our email configuration:

Finally, a control not seen in this screenshots is a OpenFileDialog that will assist us to browse the file sytem contents in order to create our attachment when clicking the browse button. I've named this form FormMailSender.
We can start programming our browse button to explore and set the attachment path in our text box assigned for that purpose, I've included the following behavior in the browse button:

Private Sub ButtonBrowse_Click(sender As System.Object, e As System.EventArgs) Handles ButtonBrowse.Click

  OpenFileDialogAttachment.FileName = ""
  Dim dr As DialogResult = OpenFileDialogAttachment.ShowDialog()

  If (dr = Windows.Forms.DialogResult.OK) Then
    TextBoxAttachmentPath.Text = OpenFileDialogAttachment.FileName
  End If

End Sub


We will also provide some validation for the data that we are sending to our api for attachment zipping and email:

A validation for email patterns:

Private Function Is_Email(ByVal value As String) As Boolean
  Dim pattern As String = "^[a-zA-Z][\w.-][a-zA-Z0-9]@[a-zA-Z0-9][\w.-][a-zA-Z0-9].[a-zA-Z][a-zA-Z.]*[a-zA-Z]$"
  Dim patternMatch As Match = Regex.Match(value, pattern)

  Is_Email = patternMatch.Success
End Function



A validation for the provided configuration:

Private Function Validate_Configuration() As Boolean

  Validate_Configuration = True

  If Not Is_Email(TextBoxEmail.Text) Then
    Return False
  End If
  If TextBoxUserName.Text = "" Then
    Return False
  End If

  If TextBoxPassword.Text = "" Then
    Return False
  End If

  If TextBoxHost.Text = "" Then
    Return False
  End If

  If TextBoxPort.Text = "" Or Not IsNumeric(TextBoxPort.Text) Then
    Return False
  End If

End Function



A validation for the email content:

Private Function Validate_Email() As Boolean
  Validate_Email = True
  If Not Is_Email(TextBoxTo.Text) Or TextBoxSubject.Text = "" Then
    Validate_Email = False
  End If
  If TextBoxCc.Text <> "" And Not Is_Email(TextBoxCc.Text) Then
    Validate_Email = False
  End If
End Function


Mailer

Mailer is the class library project that we will use to build the email and its zipped attachment. In order to have the ability to zip attachments, we will need the reference to WindowsBase library. Is a .NET library that you can find also in your equivalent path to my library path, depending on your installed version and OS: C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\.NETFramework\v4.0\WindowsBase.dll. First thing: add the WindowsBase library to your Mailer project and add the Mailer project reference to the mailSender windows forms project.
Next, we will create some utility elements that will be used to communicate between the mailSender and the Mailer:
An exception type (MailerException).- This exception type will be thrown each time we want to communicate an exception to the client, in this case, the mailSender project.

Public Class MailerException
  Inherits Exception

  Sub New(ByVal ErrMsg As String)
    MyBase.New(ErrMsg)
  End Sub

  Sub New(ByVal ErrMsg As String, ByVal innerException As Exception)
    MyBase.New(ErrMsg, innerException)
  End Sub

End Class



A configuration type (MailerConfig).- This class will state the contract that should be filled in order to configure the smtp server properties that will help us to send the email. The configuration for now, includes the following properties:
  • From_Email
  • User_name
  • Password
  • Host
  • Port
  • SSL

Public Class MailerConfig

  Dim _from_email As String
  Dim _user_name As String
  Dim _password As String
  Dim _host As String
  Dim _port As Long
  Dim _ssl As Boolean = False

  Public Property From_Email As String
    Get
      Return _from_email
    End Get
    Set(value As String)
      _from_email = value
    End Set
  End Property

  Public Property User_Name As String
    Get
      Return _user_name
    End Get
    Set(value As String)
      _user_name = value
    End Set
  End Property

  Public Property Password As String
    Get
      Return _password
    End Get
    Set(value As String)
      _password = value
    End Set
  End Property

  Public Property Host As String
    Get
      Return _host
    End Get
    Set(value As String)
      _host = value
    End Set
  End Property

  Public Property Port As Long
    Get
      Return _port
    End Get
    Set(value As Long)
      _port = value
    End Set
  End Property

  Public Property SSL As Boolean
    Get
      Return _ssl
    End Get
    Set(value As Boolean)
      _ssl = value
    End Set
  End Property

End Class



An email details type (EmailDetails).- This class will state the details of the email that we will construct and send. The details that we will specify, include the following properties:
  • Email_to
  • Email_cc
  • Email_subject
  • Email_body
  • Attachment_path

Public Class EmailDetails

  Dim _to As String
  Dim _cc As String
  Dim _subject As String
  Dim _body As String
  Dim _attachment_path As String

  Public Property Email_to As String
    Get
      Return _to
    End Get
    Set(value As String)
      _to = value
    End Set
  End Property

  Public Property Email_cc As String
    Get
      Return _cc
    End Get
    Set(value As String)
      _cc = value
    End Set
  End Property

  Public Property Email_subject As String
    Get
      Return _subject
    End Get
    Set(value As String)
      _subject = value
    End Set
  End Property

  Public Property Email_body As String
    Get
      Return _body
    End Get
    Set(value As String)
      _body = value
    End Set
  End Property

  Public Property Attachment_path As String
    Get
      Return _attachment_path
    End Get
    Set(value As String)
      _attachment_path = value
    End Set
  End Property

End Class



Now we will define the methods to zip and email, those methods will be defined in a class that I will call CMailer. The CMailer class will be our library that will publish a method to handle the email sending and will contain the methods required to read the attachment file, zip it and email it. The method that we will define to send the email will be: Public Sub Send_Email(ByVal config As MailerConfig, ByVal details As EmailDetails). You can add this class with this sole method in the library to begin the integration in this way:
First we will add the class to our Mailer project:

Public Class CMailer
  Public Sub Send_Email(ByVal config As MailerConfig, _
      ByVal details As EmailDetails)
    Throw New MailerException("Not implemented yet!")
  End Sub
End Class


Now we will define the action for the send button at the mailSender project, first we will need a few more private helper methods, one to define the configuration object and one to define the email object. In the FormMailSender code add the following private methods:
Get_Mailer_Config(): Defines the configuration object using the provided values in the config tab controls of the form:

Private Function Get_Mailer_Config() As MailerConfig
  Dim config As New MailerConfig()

  config.From_Email = TextBoxEmail.Text
  config.Host = TextBoxHost.Text
  config.Password = TextBoxPassword.Text
  config.Port = Long.Parse(TextBoxPort.Text)
  config.SSL = CheckBoxSSL.Checked
  config.User_Name = TextBoxUserName.Text

  Return config
End Function



Get_Email_Details(): Defines the email content details using the provided values in the email tab controls of the form:

Private Function Get_Email_Details() As EmailDetails
  Dim details As New EmailDetails()

  details.Attachment_path = TextBoxAttachmentPath.Text
  details.Email_body = TextBoxBody.Text
  details.Email_cc = TextBoxCc.Text
  details.Email_subject = TextBoxSubject.Text
  details.Email_to = TextBoxTo.Text

  Return details
End Function



Clean_Details(): Resets the values of the email content:

Private Sub Clean_Details()
  TextBoxAttachmentPath.Text = ""
  TextBoxTo.Text = ""
  TextBoxCc.Text = ""
  TextBoxSubject.Text = ""
  TextBoxBody.Text = ""
End Sub



Now, we will integrate our code in the CMailer class by adding the behavior of the send button click:

Private Sub ButtonSend_Click(sender As System.Object, e As System.EventArgs) Handles ButtonSend.Click

  If Not Validate_Configuration() Then
    MessageBox.Show("Email configuration is not well formed", "Email Configuration Error", MessageBoxButtons.OK, MessageBoxIcon.Warning)
    Return
  End If
  If Not Validate_Email() Then
    MessageBox.Show("Email details are not well formed", "Email Details Error", MessageBoxButtons.OK, MessageBoxIcon.Warning)
    Return
  End If

  Cursor = Cursors.WaitCursor
  Try
    Dim mailer As New CMailer()
    mailer.Send_Email(Get_Mailer_Config(), Get_Email_Details())
    MessageBox.Show("Email successfully sent", "Fine", MessageBoxButtons.OK, MessageBoxIcon.Information)
    Clean_Details()
  Catch ex As Exception
    MessageBox.Show("Unable to send the email due to the following exception:" & _
      vbCr & ex.Message, "Error Sending Email", MessageBoxButtons.OK, MessageBoxIcon.Error)
  Finally
    Cursor = Cursors.Default
  End Try

End Sub



For now, this program will always throw for you the error message that the Send_Email method hasn't be implemented yet. Next we will implement the zip and email methods.

Zip And Email

Lets get back to our CMailer class and provide some private methods that will help us with the zip and email activities. The first method that we will create is the Read_File(ByVal fileName As String) As Byte(). The Read_File(ByVal fileName As String) As Byte() method will read a file from the system storage and keep its bytes in an array:

Private Function Read_File(ByVal fileName As String) As Byte()
  If Not File.Exists(fileName) Then
    Throw New MailerException("File Not Found: [" & fileName & "]")
  End If

  Try
    Using fs As FileStream = New FileStream(fileName, FileMode.Open, FileAccess.Read)
      Read_File = New Byte((fs.Length) - 1) {}
      Dim bytesToRead As Integer = CType(fs.Length, Integer)
      Dim bytesRead As Integer = 0

      While (bytesToRead > 0)
        Dim n As Integer = fs.Read(Read_File, bytesRead, bytesToRead)
        ' Check EOF To break the look
        If n = 0 Then
          Exit While
        End If

        bytesRead = bytesRead + n
        bytesToRead = bytesToRead - n
      End While

    End Using
  Catch ex As Exception
    Throw New MailerException("Exception while reading the file [" & _
      fileName & "]: [" & ex.Message & "]", ex)
  End Try

End Function




The Sub zipFile(ByRef zip As Package, ByVal fBytes As Byte(), ByVal fileName As String) method will zip a provided byte array into a zip file:

Private Sub zipFile(ByRef zip As Package, ByVal fBytes As Byte(), ByVal fileName As String)
  Dim zipUri As String = String.Concat("/", fileName)
  Dim partUri As New Uri(zipUri, UriKind.Relative)
  Dim contentType As String = Net.Mime.MediaTypeNames.Application.Zip

  Dim pkgPart As PackagePart = zip.CreatePart(partUri, contentType, CompressionOption.Normal)
  pkgPart.GetStream().Write(fBytes, 0, fBytes.Length)
End Sub


Please note the usage of the fileName, you will need to provide a uri that specifies a relative path inside the zip where the file will be placed.

Now we will provide the behavior to the Public Sub Send_Email(ByVal config As MailerConfig, ByVal details As EmailDetails) previously defined in our CMailer class:

Public Sub Send_Email(ByVal config As MailerConfig, _
      ByVal details As EmailDetails)
  ' Read File
  Dim b As Byte() = Read_File(details.Attachment_path)
  Dim fileName As String = Path.GetFileName(details.Attachment_path).Replace(" ", "_")

  ' Zip File
  Dim ms As New MemoryStream()
  Dim zip As Package = ZipPackage.Open(ms, IO.FileMode.Create)
  zipFile(zip, b, fileName)
  zip.Close()

  ' Create Email
  Dim msg As MailMessage = Create_Email(details)
  msg.From = New MailAddress(config.From_Email)

  ' Create Attachment with zip memory stream
  Dim ct As New ContentType()
  ct.MediaType = MediaTypeNames.Application.Zip
  ct.Name = Path.GetFileNameWithoutExtension(fileName) & ".zip"

  ms.Seek(0, SeekOrigin.Begin)
  Dim att As New Attachment(ms, ct)

  msg.Attachments.Add(att)

  ' Connect and send through smtp
  Dim SmtpServer As New SmtpClient()
  SmtpServer.Credentials = New Net.NetworkCredential(config.User_Name, config.Password)
  SmtpServer.Host = config.Host
  SmtpServer.Port = config.Port
  SmtpServer.EnableSsl = config.SSL

  SmtpServer.Send(msg)

  ms.Close()
  ms.Dispose()
End Sub



Note how I'm using the MemoryStream object (ms) to create the zip package in the line: Dim zip As Package = ZipPackage.Open(ms, IO.FileMode.Create), this memory stream is fully written when closing the zip object. Then we use the same object to create the attachment in the line: Dim att As New Attachment(ms, ct). Please note that we have to position the cursor at the begin of the stream before using it to provide the attachment.
In the comments I will provide the link to the source code once I upload it to a public repository.
Cheers.

viernes, 27 de abril de 2012

Postgres chkpass on hibernate (3)

In previous posts we've created a database with a table that includes a chkpass field and created the web service interface that will invoke the CRUD operations for this table. In this post we will connect our web service with the database using hibernate, therefore, we will have to map our chkpass field with its corresponding hibernate entity field.
First we will define the DTO that will be mapped to the postgres table, in order to accomplish that, we will:

  1. Create a pacage for DTOs: The package that will hold the DTOs in my project is com.dtorres.dto
  2. Create the DTO class: We will create a simple class: User that will handle the properties in the database, this is where the mapping to the chkpass will take action.

The User class will handle the User ID, User Name and Password fields to be created, read, updated and deleted from the database, therefore, it will have to handle getters and setters for those fields. Even though some of that fields are not for editing as the others:

  • User ID: In our database definition, this field is auto generated by a postgres sequence, therefore it will be not inserted, and as it is the Id of the record, it will be not updateable.
  • User Name: This field is handled as a unique index of the user record, they are intended to identify the user.
  • Password: This field is the one encrypted by the chkpass field type, it can be updated, but when retrieved, it is retrieved as encrypted password, so it has no direct update as the hibernate defines the field, we will create an special update method for it.

The code for now will be simple:

package com.dtorres.dto;

public class User {
  private long userId;
  private String userName;
  private String password;
  public long getUserId() {
    return userId;
  }
  public void setUserId(long userId) {
    this.userId = userId;
  }
  public String getUserName() {
    return userName;
  }
  public void setUserName(String userName) {
    this.userName = userName;
  }
  public String getPassword() {
    return password;
  }
  public void setPassword(String password) {
    this.password = password;
  }
}

Next, we will map this component using the persistence.xml file under the META-INF folder, we will change it's contents to something like this:

<?xml version="1.0" encoding="UTF-8"?>
<persistence version="2.0" xmlns="http://java.sun.com/xml/ns/persistence" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/persistence
http://java.sun.com/xml/ns/persistence/persistence_2_0.xsd">
  <persistence-unit name="pgIdentityManager">
    <provider>org.hibernate.ejb.HibernatePersistence</provider>
    <jta-data-source>java:/identity-manager</jta-data-source>
    <class>com.dtorres.dto.User</class>
    <exclude-unlisted-classes>true</exclude-unlisted-classes>
    <properties>
      <property name="hibernate.dialect" value="org.hibernate.dialect.PostgreSQLDialect" />
      <property name="hibernate.connection.driver_class" value="org.postgresql.Driver" />
      <property name="hibernate.hbm2ddl.auto" value="validate" />
      <property name="hibernate.connection.autocommit" value="true" />
      <property name="show.sql" value="true" />
      <property name="hibernate.use_sql_comments" value="true" />
      <property name="hibernate.format_sql" value="true" />
    </properties>
  </persistence-unit>
</persistence>

Now our GUI might be complaining about the mapping of the com.dtorres.dto.User class, we will start annotating this class to stop this complaint. A simple mapping of the class and it's fields would be enough to have it mapped to a regular table with standard field types, but in this case, we are using a special field type, the chkpass field type, therefore, we must use the @TypeDef and @Type annotations to make hibernate know how this "special" field should be handled.

The UserType

UserType will be the superclass that we will use to make hibernate know the way that should be used to handle the chkpass. We will create a class that extends from this org.hibernate.usertype.UserType class. In my case, I'm creating the com.dtorres.customTypes.Chkpass class with this content:

package com.dtorres.customTypes;
import java.io.Serializable;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import org.hibernate.HibernateException;
import org.hibernate.usertype.UserType;
import org.hsqldb.Types;
public class Chkpass implements UserType {
  @Override
  public Object nullSafeGet(ResultSet inResultSet, String[] names, Object o)
      throws HibernateException, SQLException {
    Object tmp = inResultSet.getObject(names[0]);
    return inResultSet.wasNull() ? null : tmp.toString();
  }
  @Override
  public void nullSafeSet(PreparedStatement inPreparedStatement, Object o,
      int i) throws HibernateException, SQLException {
    if (o == null)
      inPreparedStatement.setNull(i, Types.VARCHAR);
    else
      inPreparedStatement.setObject(i, o, Types.OTHER);
  }
  @Override
  public Object assemble(Serializable cached, Object owner)
      throws HibernateException {
    return cached;
  }
  @Override
  public Object deepCopy(Object o) throws HibernateException {
    if (o == null) {
      return null;
    }
    return new String(((String) o));
  }
  @Override
  public Serializable disassemble(Object value) throws HibernateException {
    return (Serializable) value;
  }
  @Override
  public boolean equals(Object x, Object y) throws HibernateException {
    return (x == y) || (x != null && y != null && (x.equals(y)));
  }
  @Override
  public int hashCode(Object x) throws HibernateException {
    return x.hashCode();
  }
  @Override
  public boolean isMutable() {
    return false;
  }
  @Override
  public Object replace(Object original, Object target, Object object)
      throws HibernateException {
    return original;
  }
  @Override
  public Class returnedClass() {
    return String.class;
  }
  @Override
  public int[] sqlTypes() {
    return new int[] { Types.OTHER };
  }
}

The important methods to note are the Object nullSafeGet(ResultSet inResultSet, String[] names, Object o) and the void nullSafeSet(PreparedStatement inPreparedStatement, Object o, int i). As you can see, the nullSafeGet method handles the result as a string result. In the nullSafeSet method we will use the inPreparedStatement.setObject(i, o, Types.OTHER); to specify that the input data must be handled as an object.
Once we have this type handler, we can continue with our mapping in the DTO.

Mapping the DTO

We will use the following annotation to map our new field type at the top of our class declaration: @TypeDefs({ @TypeDef(name="chkpass", typeClass=com.dtorres.customTypes.Chkpass.class) }). This @TypeDefs annotation will register our field type to be used by hibernate. Then, in our password column, we will use the @Type annotation to map the password column to the chkpass field type. the annotated entity class will be left as follows:

package com.dtorres.dto;
import javax.persistence.Column;
import javax.persistence.Entity;
import javax.persistence.GeneratedValue;
import javax.persistence.GenerationType;
import javax.persistence.Id;
import javax.persistence.SequenceGenerator;
import org.hibernate.annotations.Type;
import org.hibernate.annotations.TypeDef;
import org.hibernate.annotations.TypeDefs;
@TypeDefs({ @TypeDef(name="chkpass", typeClass=com.dtorres.customTypes.Chkpass.class) })
@Entity
@Table(name="idm_user", uniqueConstraints = @UniqueConstraint(columnNames = { "user_name" }))
public class User {
  @Id
  @Column(name="user_id", insertable=false, updatable=false)
  @SequenceGenerator(name = "user_id_seq", sequenceName = "idm_user_user_id_seq")
  @GeneratedValue(strategy = GenerationType.SEQUENCE, generator = "user_id_seq")
  private long userId;
  @Column(name="user_name")
  private String userName;
  @Column(name="password", columnDefinition="chkpass", updatable=false, nullable=false)
  @Type(type = "chkpass")
  private String password;
  public long getUserId() {
  return userId;
  }
  public void setUserId(long userId) {
    this.userId = userId;
  }
  public String getUserName() {
    return userName;
  }
  public void setUserName(String userName) {
    this.userName = userName;
  }
  public String getPassword() {
    return password;
  }
  public void setPassword(String password) {
    this.password = password;
  }
}

Once our DTO is mapped with the field types, we will proceed to integrate our EntityManager in the Web Services and connect to the database.

Integrating with the Web Services

Figure 1: Current project structure in eclipse.

In our previous post we have created a session bean and annotated as web service in order to test the CRUD operations for our entity. In this section we will integrate this web service with the EntityManager and our just created entity DTO. At this point, if you have follow the steps from previous posts you should have a project like the one in the Figure 1. If you don't have the code to this point, please refer to comments, where I will publish the gitHub repo with the source code for this posts. Basically, the contents of the web service class are as follows:

package com.dtorres.ejb;

import javax.ejb.Stateless;
import javax.jws.WebMethod;
import javax.jws.WebParam;
import javax.jws.WebService;

import com.dtorres.ejb.exceptions.PgIdentityException;

/**
 * Session Bean implementation class PgIdentityManager
 */
@Stateless(mappedName = "pgIdentityManager")
@WebService
public class PgIdentityManager implements PgIdentityManagerRemote {

@Override
@WebMethod
public String createUser(@WebParam(name="userName") String userName, @WebParam(name="password") String password)
throws PgIdentityException {
throw new PgIdentityException("Unimplemented method in service");
}

@Override
@WebMethod
public String getUser(@WebParam(name="userName") String userName) throws PgIdentityException {
throw new PgIdentityException("Unimplemented method in service");
}

@Override
@WebMethod
public String getAllUsers() throws PgIdentityException {
throw new PgIdentityException("Unimplemented method in service");
}

@Override
@WebMethod
public String deleteUser(@WebParam(name="userId") Long userId) throws PgIdentityException {
throw new PgIdentityException("Unimplemented method in service");
}

@Override
@WebMethod
public String resetPassword(@WebParam(name="userName") String userName, @WebParam(name="newPassword") String newPassword)
throws PgIdentityException {
throw new PgIdentityException("Unimplemented method in service");
}
}

We will change each method to implement the desired functionality for our project.
We will start by having an EntityManager. The EntityManager will handle the connections and requests for the database, we will not be worried about openning transactions or connections at this point, and when performance comes to the game we will be able to configure our EntityManager provider to fit with our requirements, as well as the transaction management. In order to include the EntityManager in our project we will add the following code to our web service class:

public class PgIdentityManager implements PgIdentityManagerRemote {
  @PersistenceContext
EntityManager entityManager;
...

Now we will preppare our first method, the createUser(String userName, String password) to validate the input and persist the required information into the database. In order to do that we will add the following code to our method:

@Override
@WebMethod
public String createUser(@WebParam(name="userName") String userName, @WebParam(name="password") String password)
    throws PgIdentityException {
    if (password.startsWith(":"))
      throw new PgIdentityException("Passwords are not allowed to begin with a colon symbol.");

    if (userName == null || "".equals(userName.trim()))
      throw new PgIdentityException("User Name is a required field");

    if (password == null || "".equals(password.trim()))
      throw new PgIdentityException("Password is a required field");

    if (userName.length() > 50)
      throw new PgIdentityException("User Name is too long [" + userName + "][" + userName.length() + "]");

    if (getUser(userName) != null)
      throw new PgIdentityException("The user [" + userName + "] already exists, try with another user name.");

    User user = new User();
    user.setUserName(userName);
    user.setPassword(password);

    entityManager.persist(user);
    return "Success";
}

I have to admit that the EntityManager will validate that the data fits the requirements of the database before commiting a transaction on it, my point for this validation before the entityManager.persist invokation is that I'd like to handle my exception description results, and if I leave the exception to the ejbContainer, I will lose some descriptive and pretty print exception description. If you have a finer way to accomplish this exception handling, please leave a comment in the blog, I will apreciate it. The real magic here is the entityManager.persist(user); instruction that will invoke the database using our database configuration, handle the transaction to it and commit the required INSERT for our record.
Also, we will implement the getUser(String userName) method by coding like this:

@Override
@WebMethod
public User getUser(@WebParam(name = "userName") String userName)
    throws PgIdentityException {
  String sQuery = "SELECT u FROM User u WHERE u.userName = '" + userName + "'";
  Query query = entityManager.createQuery(sQuery);
  return (User) query.getSingleResult();
}

The getAllUsers() method will be coded in a similar way:

@Override
@WebMethod
public List getAllUsers() throws PgIdentityException {
  String hquery = "select u from User u";
  Query query = entityManager.createQuery(hquery);
  return (List) query.getResultList();
}

Please note that when changing the result type of these methods, the compiler will complaint because the interface contract with the PgIdentityManagerRemote interface have been broken. Please change the return type and imports for the PgIdentityManagerRemote interface to fix the problem, our PgIdentityManagerRemote interface will be changed to:

package com.dtorres.ejb;

import java.util.List;
import javax.ejb.Remote;
import com.dtorres.dto.User;
import com.dtorres.ejb.exceptions.PgIdentityException;

@Remote
public interface PgIdentityManagerRemote {
  String createUser(String userName, String password) throws PgIdentityException;
  User getUser(String userName) throws PgIdentityException;
  List getAllUsers() throws PgIdentityException;
  String deleteUser(Long userId) throws PgIdentityException;
  String resetPassword(String userName, String newPassword) throws PgIdentityException;
}

The deleteUser(Long userId) implementation will implement its functionality in this way:

@Override
@WebMethod
public String deleteUser(@WebParam(name = "userId") Long userId)
    throws PgIdentityException {
  entityManager.remove(entityManager.merge(entityManager.find(User.class, userId)));
  return "Success";
}

Check the usage of the find method of the entityManager, which will use the @Id annotated property to create the SELECT statement.
Finally, our resetPassword method will be implemented with a more common UPDATE SQL statement that will handle the password change:

@Override
@WebMethod
public String resetPassword(@WebParam(name = "userName") String userName, @WebParam(name = "newPassword") String newPassword)
    throws PgIdentityException {

  if (newPassword.startsWith(":")) {
    throw new PgIdentityException("Password must not start with a colon.");
  }

  String updateNativeQueryString = "UPDATE idm_user SET password = '"
      + newPassword + "' WHERE user_name = '" + userName + "'";
  Query updateNativeQuery = entityManager.createNativeQuery(updateNativeQueryString);
  updateNativeQuery.executeUpdate();
  return "Success";
}

The final step to test that our code is working, will be to connect our server to the database and deploy the ejb Jar component on it.

Connect to the Database

I'm using Jboss server, and in this section, I will configure the datasource that will provide hibernate with the database connection. For that, we will create a pgIdentity-ds.xml file with the connection details and save that file in the $JBOSS_HOME/server/instance/deploy/ folder:

<?xml version="1.0" encoding="UTF-8"?>
<datasources xmlns:javaee="http://java.sun.com/xml/ns/javaee" xmlns:jboss="http://www.jboss.com/xml/ns/javaee" xmlns:xml="http://www.w3.org/XML/1998/namespace" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.jboss.com/xml/ns/javaee http://www.jboss.com/xml/ns/javaee">
  <local-tx-datasource>
    <jndi-name>identity-manager</jndi-name>
    <connection-url>jdbc:postgresql://localhost:5432/identity_manager</connection-url>
    <driver-class>org.postgresql.Driver</driver-class>
    <user-name>postgres</user-name>
    <password>secret</password>

    <prepared-statement-cache-size>10</prepared-statement-cache-size>
    <min-pool-size>10</min-pool-size>
    <max-pool-size>50</max-pool-size>
    <blocking-timeout-millis>5000</blocking-timeout-millis>
    <idle-timeout-minutes>15</idle-timeout-minutes>

  </local-tx-datasource>
  <!-- sql to call when connection is created. Can be anything, select 1 is valid for PostgreSQL -->
  <new-connection-sql>select 1</new-connection-sql>
  <!-- sql to call on an existing pooled connection when it is obtained from pool. Can be anything, select 1 is valid for PostgreSQL-->
  <check-valid-connection-sql>select 1</check-valid-connection-sql>
</datasources>

Once I publish my pgIdentity-ds.xml in the deploy folder, I will publish my ejb Jar in the same deploy folder, that will give me access to the new web services. I will use the SOAP-UI to test my web services, you can use any client you want. Have fun in changing the password and querying the database to retrieve the users with their encrypted password.

Feel free to ask any question, I will be happy to answer any concern that you might have.

jueves, 26 de abril de 2012

postgres chkpass on hibernate (2)

In my last post, I've created a database with a chkpass field, in this post, we will create the hibernate project that will be connected to it.
In this project I'm using eclipse v 3.7.1 and the first step will be to create an EJB Project.
Also, you will need to add the jpa project facet to the project. These configurations can be found in the same eclipse documentation site, or you might have different preferences for your GUI and a different method to setup the project needs, basically, as you can see we need an EJB project with capabilities for Java Persistence Api.

The Web Service Session Bean

Figure 1: Creating a Session Bean as external interface.

First component that we will add is the interface that will be published as a web service to the world and give us the options to test that we are doing a good job. We will create a new Session Bean in our project with the following properties:

  • Project: The selected project name, mine is "pgIdentityManager". This will be left as the default values provided by the wizard.
  • Source folder: The ejbModule source code folder in the selected project. This will be left as the default values provided by the wizard.
  • Java package: The package where the components will be grouped, in my case, I'm selecting: com.dtorres.ejb
  • Class name: The name of the class that will manage the requests for our service, I'm selecting: PgIdentityManager

Please select the Remote business interface that will publish our ejb to the container world. Figure 1 shows how these properties looks like in the eclipse wizard. Another property that I will add in this wizard is the mappedName for my sessionBean, it will be "pgIdentityManager". These configuration steps in the eclipse's create session bean wizard, will give you the PgIdentityManager class like this:

package com.dtorres.ejb;
import javax.ejb.Stateless;
/**
  * Session Bean implementation class PgIdentityManager
  */
@Stateless(mappedName = "pgIdentityManager")
public class PgIdentityManager implements PgIdentityManagerRemote {
  /**
   * Default constructor.
   */
  public PgIdentityManager() {
    // TODO Auto-generated constructor stub
  }
}

Also we will see the PgIdentityManagerRemote interface in our destination package. Next, we will create some mock stuff to be sure that we will be able to test our service.

The web service operations

Basically, the operations that we will publish for our interface will be:

  • createUser
  • getUser
  • getAllUsers
  • deleteUser
  • resetPassword

In order to start walking to this goal, first we will create our own exception type that will be used to communicate the unimplemented method message to our clients, later, this exception will communicate any system failure too, in order to create our custom exception, we will create a class PgIdentityException in a new package that we will create as com.dtorres.ejb.exceptions. Make the PgIdentityException class extend from java.lang.Exception and override it's constructors, your code will look like this:

package com.dtorres.ejb.exceptions;
public class PgIdentityException extends Exception {
  private static final long serialVersionUID = 1L;
  public PgIdentityException(String message) {
    super(message);
  }
  public PgIdentityException(Throwable throwable) {
    super(throwable);
  }
  public PgIdentityException(String message, Throwable throwable) {
    super(message, throwable);
  }
}

Next we create some mocks for these operations in our PgIdentityManagerRemote interface:

package com.dtorres.ejb;
import javax.ejb.Remote;
import com.dtorres.ejb.exceptions.PgIdentityException;
@Remote
public interface PgIdentityManagerRemote {
  String createUser(String userName, String password) throws PgIdentityException;
  String getUser(String userName) throws PgIdentityException;
  String getAllUsers() throws PgIdentityException;
  String deleteUser(Long userId) throws PgIdentityException;
  String resetPassword(String userName, String newPassword) throws PgIdentityException;
}

For now, we will work in give some mock functionality with these methods, later we will modify the getUser(String userName) and the getAllUsers() methods to return a more appropriate result type.
After this change, our PgIdentityManager class will complaint about the implementation of the remote interface, we will need to implement each method in there. Implement the remote interface methods in the PgIdentityManager class, throwing in each implemented method the PgIdentityException with the message: "Unimplemented method in service", your code will look like this:

package com.dtorres.ejb;
import javax.ejb.Stateless;
import com.dtorres.ejb.exceptions.PgIdentityException;
/**
 * Session Bean implementation class PgIdentityManager
 */
@Stateless(mappedName = "pgIdentityManager")
public class PgIdentityManager implements PgIdentityManagerRemote {
  @Override
  public String createUser(String userName, String password)
   throws PgIdentityException {
    throw new PgIdentityException("Unimplemented method in service");
  }
  @Override
  public String getUser(String userName) throws PgIdentityException {
    throw new PgIdentityException("Unimplemented method in service");
  }
  @Override
  public String getAllUsers() throws PgIdentityException {
    throw new PgIdentityException("Unimplemented method in service");
  }
  @Override
  public String deleteUser(Long userId) throws PgIdentityException {
    throw new PgIdentityException("Unimplemented method in service");
  }
  @Override
  public String resetPassword(String userName, String newPassword)
   throws PgIdentityException {
    throw new PgIdentityException("Unimplemented method in service");
  }
}

Finally we will instruct the ejb to be published as a web service, for that we will use the @WebService, @WebMethod and @WebParam annotations.
First, we will annotate the class as @WebService this way:

@Stateless(mappedName = "pgIdentityManager")
@WebService
public class PgIdentityManager implements PgIdentityManagerRemote {
...

Next we will annotate each method as @WebMethod and it's parameters as @WebParam as in this example:

@WebMethod
public String createUser(@WebParam(name="userName") String userName, @WebParam(name="password") String password)
...

Do this with all methods in the PgIdentityManager class, then publish to your web server. In my case, I'm using JBOSS 5.1, I will have to export the project as a EJB Jar file and deploy it inside my $SERVER/deploy folder.

Testing The Web Wervice

Figure 2: Published wsdl in Jboss Server.

We will use SOAP-UI to test our web service, in order to do that, I can see my published wsdl in my JBOSS Server as in figure 2. We will copy the link to our published wsdl and use it to create a SOAP-UI project or your preferred SOAP Services client. When you consume any of the methods of this web service, you will receive the following response:

<env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/">
 <env:Header/>
 <env:Body>
  <env:Fault>
   <faultcode>env:Server</faultcode>
   <faultstring>Unimplemented method in service</faultstring>
   <detail>
    <ns2:PgIdentityException xmlns:ns2="http://ejb.dtorres.com/">
     <message>Unimplemented method in service</message>
    </ns2:PgIdentityException>
   </detail>
  </env:Fault>
 </env:Body>
</env:Envelope>

In our next post we will create and map the persistence entities that will make the chkpass field work and our service take some action. Look again later. Cheers.

lunes, 23 de abril de 2012

Postgres chkpass on hibernate

In this post we will create a identity manager database in postgres and map it to a hibernate ejb on jboss to provide web services that can authenticate and manage its contents.

In the Postgres database

Chkpass is a postgres field type that uses unix crypt() function, therefore we will use a postgres on unix installation. A .dll can be installed and downloaded in windows, will work on that on a later post.
For this exercice we will use a postgres instance installed in a unix based server, I have a linux fedora one. We will use a jboss server to host our EJBs and eclipse to develop the hibernate components.
First thing, we will create the database in the postgres server.
In my fedora server I run this command with the postgres user (su - postgres):

$ createdb identity_manager

Then we will install the chkpass module to our database, for that, we will need to know the location of our postgres contrib folder, in my case, it is on /usr/share/pgsql/contrib, under that directory we have the available modules to be installed in our database, including the chkpass.sql. To install this module we will execute the following command in our terminal as postgres user:

$ psql -d identity_manager -f /usr/share/pgsql/contrib/chkpass.sql

You should see the results of the script running on ice like this:

SET
psql:/usr/share/pgsql/contrib/chkpass.sql:13: NOTICE: type "chkpass" is not yet defined
DETAIL: Creating a shell type definition.
CREATE FUNCTION
psql:/usr/share/pgsql/contrib/chkpass.sql:18: NOTICE: argument type chkpass is only a shell
CREATE FUNCTION
psql:/usr/share/pgsql/contrib/chkpass.sql:25: WARNING: type attribute "externallength" not recognized
CREATE TYPE
CREATE FUNCTION
CREATE FUNCTION
CREATE FUNCTION
CREATE OPERATOR
CREATE OPERATOR
COMMENT

Next we will create the database structure by running the following DDL script:

CREATE TABLE idm_user(
user_id bigserial primary key,
user_name VARCHAR(50) NOT NULL,
password chkpass NOT NULL,
UNIQUE (user_name));

We can test our database by inserting and selecting a record, just as the PostgreSQL documentation states in the Appendix F.3. In our exercise, first we will insert our first record:

INSERT INTO idm_user(user_name, password) VALUES('admin', 'secret');

We can test the encrypted password by running a simple select on the database:

SELECT * FROM idm_user;

You should see the password field encrypted. The method that we can use to test that a user knows the persisted password could be a query like this one:

SELECT password = 'secret' AS authenticated FROM idm_user WHERE user_name='admin';

The recordset will return a boolean indicating if we have a password match.
In the following post we will create the hibernate entity that will be mapped to this table. Be tuned.