In a previous article, WebSocket and Lock it! we showed how to use basic authentication on websocket calls to an application deployed on TomEE. In this article, we explain how to add SSL/TLS security to the connection between the client and the application server. To demonstrate this, we've created a new wss-secured-websocket project. This work is valid both for Secure Websocket (WSS) and HTTPS. Adding transport layer security is important in order to protect the data exchange. Payloads and headers are sent in clear text when using simple HTTP. This is critical when considering the authentication header. As you can…
Read More          
        Note: This article was originally authored by Romain Manni-Bucau in May of 2015 and has been updated by Bruno Baptista. Tomitribe uses the WebSocket API to add security credentials to REST services in our support services. This article has been updated to the latest versions of WebSocket and other resources and shows how you can easily add authentication to your REST calls.   WebSockets are a good technical solution when there is a requirement for interactive communication. A typical example is a chat system, but it makes more sense for live updates such as the stock market.  For example, being…
Read More          
        Testing enterprise applications that use persistence can be a hassle: A test database has to be configured. The database has to be seeded before the test. After the test the state of the database has to compared with the expected result. This post shows how to write a test for a Java EE application that uses the Java Persistence API using these technologies: Arquillian is a testing platform that allows, among other things, testing Java EE applications in a Java EE application server. The Arquillian Persistence Extension is an extension to Arquillian that takes over seeding the database, matching the…
Read More          
        This is a detailed followup to an Arquillian talk I held at JAX Germany, having had the honour of being asked to do the talk by Aslak Knutsen (the Arquillian project lead). Aslak provided some useful pointers and information to get me up to spec for the talk, so many thanks Aslak. The entire blog source code can be found on GitHub here, so you might want to fork that first before reading on. What is Arquillian Cube? This article assumes that you are already familiar with the Arquillian extensible testing platform; if not, then you should pop over to…
Read More          
        Well, OK, maybe a lot more, but these technologies just work so sweet together that we decided to jump in and give it a go at the Devoxx UK 2015 Hackergarten. Heather VanCura, a leader of the Java Community Process (JCP), clubbed several developers together for some fun key bashing and this is the result. Enjoy! This hack session was brought to you by Bruno Baptista, Paulo Martins and Andy Gumbrecht, with thanks to Heather VanCura and Devoxx UK 2015. JCache API This API allows the use of caching methods in an intuitive and transparent manner. You need two things in your…
Read More          
        Know JAX-RS, but haven't yet dug into Apache TomEE? Way too busy or impatient to read documentation? This repo is for you. https://github.com/tomitribe/tomee-jaxrs-starter-project The only thing better than a Maven archetype is a repo you can fork with everything already setup. Fork this repository on Github and you're good to go! The contents are incredibly small: ./LICENSE ./pom.xml ./README.md ./src/main/java/org/superbiz/Color.java ./src/main/java/org/superbiz/ColorService.java ./src/test/java/org/superbiz/ColorServiceTest.java ./src/test/resources/arquillian.xml The only mandatory actions are the following steps: $ git clone git@github.com:tomitribe/tomee-jaxrs-starter-project.git $ cd tomee-jaxrs-starter-project/ $ mvn clean install tomee:run That's it! With those simple steps above, you get the following: Easy to extend starter project setup…
Read More          
        
