Spring web security

in web.xml:

Define the filter and filter-mapping for Spring Security (single proxy filter):
<filter>
           <filter-name>springSecurityFilterChain</filter-name>
           <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
          <filter-name>springSecurityFilterChain</filter-name>
          <url-pattern>/*</url-pattern>
 </filter-mapping>

in the Application Context:

- using security namespace

<security:http access-denied-page="/denied.jsp" use-expressions="true">

<security:form-login login-page="/login.jsp"

authentication-failure-url="/login.jsp?login_error=true" />

<security:intercept-url pattern="/accounts/edit*" access="hasRole('ROLE_EDITOR')" />

<security:intercept-url pattern="/accounts/account*" access="hasAnyRole('ROLE_VIEWER','ROLE_EDITOR')" />

<security:intercept-url pattern="/accounts/**" access="isAuthenticated()" />

<security:logout/>

</security:http>

intercept-url are evaluated in the order listed (the first match will be used; specific matches should be put on top).

access-denied-page - user is logged in but it does not have appropriate role.

security:logout - Incorporates a logout processing filter.

<security:authentication-manager>  --configure authentication

<security:authentication-provider>

<security:password-encoder hash="md5" >

<security:salt-source system-wide="MySalt" or user-property=“id“ />

</security:password-encoder>

<security:user-service properties="/WEB-INF/users.properties" />

or use jdbc or ldap -user-service

<security:jdbc-user-service data-source-ref="dataSource"/>

</security:authentication-provider>

</security:authentication-manager>

http://static.springsource.org/spring-security/site/docs/3.1.x/reference/springsecurity.html
No bean named ‘springSecurityFilterChain’ is defined

Spring best practices

• DO NOT use version numbers with the Spring schema namespaces
• Always use classpath:/ prefix for consist resource referencing
• Always use a single XML config file to bootstrap the application or tests
• Use the XML “id” attribute to identify a bean
• Use Constructor injection to promote thread safety
• Use Properties for configurable resources

https://github.com/gordonad/enterprise-spring-best-practices

Oracle functions

System functions

SYS_GUID()

SYS_GUID generates and returns a globally unique identifier (RAW value) made up of 16 bytes. On most platforms, the generated identifier consists of a host identifier, a process or thread identifier of the process or thread invoking the function, and a nonrepeating value (sequence of bytes) for that process or thread.

Ref: http://www.stanford.edu/dept/itss/docs/oracle/10g/server.101/b10759/functions153.htm

SYSDATE

SYSDATE returns the current date and time set for the operating system on which the database resides.

Ref: http://docs.oracle.com/cd/B19306_01/server.102/b14200/functions172.htm

Example:

insert into TABLE2 (oid, created) VALUES(sys_guid(), sysdate)

To_Date function

In Oracle/PLSQL, the to_date function converts a string to a date.
The syntax for the to_date function is:

to_date( string1, [ format_mask ], [ nls_language ] )

string1 is the string that will be converted to a date.
format_mask is optional. This is the format that will be used to convert string1 to a date.
nls_language is optional. This is the nls language used to convert string1 to a date.

Example:
to_date('1.9.2012','dd.mm.yyyy')
to_date('1.9.2012 23:59:59','dd.mm.yyyy HH24:mi:ss')

Between condition

The BETWEEN operator selects a range of data between two values. The values can be numbers, text, or dates

SELECT *

FROM orders

WHERE order_date between to_date ('2003/01/01', 'yyyy/mm/dd')

AND to_date ('2003/12/31', 'yyyy/mm/dd');

is equal to 

WHERE order_date >= to_date('2003/01/01', 'yyyy/mm/dd')

AND order_date <= to_date('2003/12/31','yyyy/mm/dd');

Decode function

In Oracle/PLSQL, the decode function has the functionality of an IF-THEN-ELSE statement.
The syntax for the decode function is:

decode( expression , search , result [, search , result]... [, default] )

expression is the value to compare.
search is the value that is compared against expression.
result is the value returned, if expression is equal to search.
default is optional. If no matches are found, the decode will return default. If default is omitted, then the decode statement will return null (if no matches are found).

For Example:
You could use the decode function in an SQL statement as follows:

SELECT supplier_name,
decode(supplier_id, 10000, 'IBM',
10001, 'Microsoft',
10002, 'Hewlett Packard',
'Gateway') result
FROM suppliers;

The above decode statement is equivalent to the following IF-THEN-ELSE statement:

IF supplier_id = 10000 THEN
     result := 'IBM';
ELSIF supplier_id = 10001 THEN
    result := 'Microsoft';
ELSIF supplier_id = 10002 THEN
    result := 'Hewlett Packard';
ELSE
    result := 'Gateway';
END IF;

The decode function will compare each supplier_id value, one by one.
http://www.techonthenet.com/oracle/functions/decode.php

NVL Function

In Oracle/PLSQL, the NVL function lets you substitute a value when a null value is encountered.

The syntax for the NVL function is:

nvl( string1, replace_with )

string1 is the string to test for a null value.

replace_with is the value returned if string1 is null.

Example:

select nvl(commission, 0)

from sales;

This SQL statement would return 0 if the commission field contained a null value. Otherwise, it would return the commission field.

http://www.techonthenet.com/oracle/functions/nvl.php

Pseudocolumns (sequence)

A sequence is a schema object that can generate unique sequential values. These values are often used for primary and unique keys. You can refer to sequence values in SQL statements with these pseudocolumns:

CURRVAL	returns the current value of a sequence.
NEXTVAL	increments the sequence and returns the next value.

Insert into table that has not-null sequence:

INSERT into terminal (terminal_id, terminal_sequence_number)

VALUES('someId', terminal_seq.NEXTVAL);

Get sequence current value:
SELECT empseq.currval FROM DUAL;

Ref

Basic Elements of Oracle SQL, 6 of 10

Limiting result

MySQL supports the LIMIT clause to select a limited number of records, while Oracle uses ROWNUM.

E.g. Return 2 results:

SELECT * FROM table_name WHERE ROWNUM <= 2;

Adding ORDER BY clause will not return proper data!
Solution is to use

SELECT * FROM ( your_query_here ) WHERE ROWNUM <= N.

Ref

https://www.w3schools.com/sql/sql_top.asp
Ask Tom: On ROWNUM and Limiting Results

JavaScript - onkey events

When ENTER is pressed - it's like the user clicked Continue button.
When ESC is pressed popup form is closed, like Close button is pressed.


<ice:inputText id="licensePlate" value="#{activeBackingBean.selectedEntity.licensePlate}" required="true" maxlength="20" autocomplete="off"
onkeypress="if((event.which == 13)){document.getElementById('licencePlateForm:continueButton').focus();}"
onkeydown="if((event.which == 27)){document.getElementById('licencePlateForm:closeButton').click();}" onkeyup="checkChar('licencePlateForm:licensePlate', 'an');">
<f:validateLength minimum="3" maximum="20" />
</ice:inputText>

ESC is not picked up by onkeypress!






//Provjerava uneseni znak, moguce postaviti uvijet: n - broj, an - broj ili slovo, a - slovo, lwr - mala slova, upr - velika slova
//dodatni znakovi ako su postavljeni onda se uz uvjet jos omogucuju
//(ako je postavljen uvijet ne dopusta unos drugih znakova)
//Koristiti s onkeyup
function checkChar(elem, uvijet, dodatni){

var numb = '0123456789';
var lwr = 'abcdefghijklmnopqrstuvwxyzšđčćž';
var upr = 'ABCDEFGHIJKLMNOPQRSTUVWXYZŠĐČĆŽ';

var obj = document.getElementById(elem);
var znak = obj.value.substring(obj.value.length-1);

if(uvijet != null){
if(uvijet == 'n' && numb.indexOf(znak) == -1){
if(dodatni != null){
if(dodatni.indexOf(znak) == -1){
deleteLastChar(obj);
}
}
else{
deleteLastChar(obj);
}
}
else if(uvijet == 'an' && numb.indexOf(znak) == -1 && lwr.indexOf(znak) == -1 && upr.indexOf(znak) == -1){
if(dodatni != null){
if(dodatni.indexOf(znak) == -1){
deleteLastChar(obj);
}
}
else{
deleteLastChar(obj);
}
}
else if(uvijet == 'a' && lwr.indexOf(znak) == -1 && upr.indexOf(znak) == -1){
if(dodatni != null){
if(dodatni.indexOf(znak) == -1){
deleteLastChar(obj);
}
}
else{
deleteLastChar(obj);
}
}
else if(uvijet == 'lwr' && lwr.indexOf(znak) == -1){
if(dodatni != null){
if(dodatni.indexOf(znak) == -1){
deleteLastChar(obj);
}
}
else{
deleteLastChar(obj);
}
}
else if(uvijet == 'upr' && upr.indexOf(znak) == -1){
if(dodatni != null){
if(dodatni.indexOf(znak) == -1){
deleteLastChar(obj);
}
}
else{
deleteLastChar(obj);
}
}
}
}

//Brise zadnji znak zadanog document.element objekta
function deleteLastChar(obj){
if(obj.value != null){
obj.value = obj.value.substring(0,obj.value.length-1);
}
}