Wednesday, January 27, 2010

Problem with google-checkout-java-sdk and JDK1.6

I was using google-checkout-java-sdk in a custom online shopping solution. When I switched the project's POM from java 1.5 to 1.6, it seems that google checkouts would no longer work. I was getting this error when attempting to send an order to Google Checkout:

The root of this problem was difficult to find, but with some googling it sounds like it has something to do with changes in Sun's rt.jar. I experimented with removing xerces dependencies or using different versions of it (2.0.2, 2.9.1). That didn't work. So then I added xalan-2.7.1 to my POM, and things started to work again!

I haven't really gotten to the root of this yet, but at least I can make my client happy again. Would love to hear from anyone who knows more about this.

Tuesday, January 26, 2010

Blog template updated, includes syntax highlighter

I just updated my blog template to something that was wider, that's why it looks different now. I needed it wider to better display code snippets now that I added SyntaxHighlighter. I installed it by following Carter Cole's howto.

Using Wicket with Shiro for authentication and authorization

In my Wicket application, I'm using Apache Shiro for both authentication and authorization. I needed powerful authorization features that would have taken a lot more work with Wicket alone. Personally, unless you have dead-simple requirements, I'd suggest learning how to do it with shiro and saving yourself some hassles in the future.

To simplify integrating wicket with shiro, I created the wicket-shiro project hosted at wicketstuff. Note that although I created the project, it is pretty much just a port of someone else's wicket-jsecurity implementation. I didn't really write much code for it, I just took the time to port it from jsecurity to shiro 1.0, clean up some things, and add a wicket-shiro-spring-hibernate example. I also wrote up some information about it here:

The wicket-shiro project is currently commented out of the wicketstuff pom because of the lack of shiro being available via maven, but hopefully I'll update the project with real shiro maven resources soon. However, you can still check it out and use it, just mvn install it into your local mvn repo.

So here's a quick tutorial on setting up a user's permissions from data stored in your business objects. I'm using a service layer with a Hibernate data store. A Member contains a username and password and a reference to a Person object. A Person contains a set of ProjectParticipations -- all of the projects that this member works with. I need a member to only be able to perform actions on projects they are participating in, but to see a list of all projects and join those projects if desired. Also, if a member creates a project or a project creator gives them administrative permissions, they should have access to additional management features for that project.

To do this, I extend AuthorizingRealm and injected my MemberService into it. This service is used to build the permissions for a user. Here's a simplified version of mine -- it's certainly not perfect and major improvements are planned, but it should get you started:

Then, in a wicket page, I have this:

If the member manages a project, then he has the "projectmgr" role which has the "project:viewControls" permission. So the above will only show a menu of project management options to members who have that particular permission. If the member doesn't manage any projects, then they won't see that menu option.

You can also dynamically change permissions during runtime. For instance, if a member who doesn't manage a project creates a new project, then they should immediately get the viewControls permission so they can access the management features. You can force this refresh with this:

Hopefully this gets you started using Wicket with Shiro for authorization!