PostgreSQL 9.3 HA Script

PostgreSQL 9.3 已經內建 Hot Standby 的機制

這時只要在加上 Linux Virtual Host, 就能達到 High Availability DB

寫了一個 shell script 在 git 上
https://github.com/yulinliu/postgres_ha

在加上網路、DB 的基本設定就可正常運作

RESTful Services 幾項重點

1. HTTP Method 對應Server處理方式

HTTP Method	Data operate	Description
POST	Create	Create a resource without id.
GET	Read	Get a resource.
PUT	Update	Update a resource or create a resource with id if not existed.
DELETE	Delete	Delete a resource

2. Server Response Content Type

    JSON or XML or Text

3. 透過 HTTP Authorization 限制使用者存取資源的權限，也可用其它方式(ip、cookie)

4. response status code、error code 直接參考 http status code

5. REST 中的資源 一般是名詞 (podcasts, customers, user, accounts 等) 而不是動詞 (getPodcast, deleteUser 等)

Web Developer Runtime Map

Web Developer Runtime Map （由下往上看）

Cross-origin resource sharing

參考網址：
 http://en.wikipedia.org/wiki/Cross-Origin_Resource_Sharing
 https://developer.mozilla.org/en-    US/docs/Web/HTTP/Access_control_CORS

Cross domain issue

目前遇到無法正常運作的情形

1. Ajax 取回不同domain主機的檔案
2. Canvas.toDataURL()

解決方式

    Server 端增加回傳 Header

1. Access-Control-Allow-Origin "*"
2. Access-Control-Allow-Methods "GET"

    Client 端使用 Image 時

• img.crossOrigin = "anonymous";

Apache Shiro Password Hashing

SHA 512 Hash

Sha512Hash s = new Sha512Hash("password", "salt string", 1024);
UsernamePasswordToken token = new UsernamePasswordToken("milla", s.toString());
Subject subject = SecurityUtils.getSubject();
subject.login(token);

Apache Shiro Cryptography Features

http://shiro.apache.org/cryptography-features.html

Apache Shiro Use Cache Server

Apache Shiro 已經有內建 Cache 機制，http://shiro.apache.org/caching.html

但也能自行 implement，整合其它的 Cache Server (JCache, Ehcache, JCS, OSCache, JBossCache, TerraCotta, Coherence, GigaSpaces)

implement 方式，可以參考這個網址
http://www.java2s.com/Open-Source/Java/Authentication-Authorization/shrio/org/apache/shiro/cache/ehcache/Catalogehcache.htm


使用時，需在 shiro.ini 增加幾行資料

#Use Infinispan HotRod Cache
cacheManager = com.test.cache.SessionCacheManager
securityManager.cacheManager = $cacheManager
sessionDAO = org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO
securityManager.sessionManager.sessionDAO = $sessionDAO

Apache Shiro JdbcRealm and RememberMe

僅需要在 shiro.ini 增加幾行資料

#Setting JdbcRealm
jdbcRealm = org.apache.shiro.realm.jdbc.JdbcRealm

#取得帳號密碼
jdbcRealm.authenticationQuery = select user_pass from users where user_name = ?

#取得Roles資料
jdbcRealm.userRolesQuery = select role_name from user_roles where user_name = ?

#使用JNDI DataSource
dataSource = org.apache.shiro.jndi.JndiObjectFactory
dataSource.resourceName = java:/comp/env/jdbc/EmployeeDB

jdbcRealm.dataSource = $dataSource
securityManager.realms = $jdbcRealm

#-----------------------------------------------------------------------------------------

#Setting RememberMe
rememberMeManager = org.apache.shiro.web.mgt.CookieRememberMeManager
securityManager.rememberMeManager = $rememberMeManager
securityManager.rememberMeManager.cookie.name = remember_me

#設定cookie.maxAge = blah , cookie會無法正常寫入
#securityManager.rememberMeManager.cookie.maxAge = blah

securityManager.rememberMeManager.cookie.domain = testdomain.com