Wednesday, May 16, 2012

Azzyzt JEE Tools 1.3.2 are available

Fixed a bug where under certain conditions string IDs would break storeMulti(). The cause was, that the check for the possibility of proxy ID translation of an ID field was done on the field’s owning entity instead of the field’s target entity. It broke as soon as an entity with numeric ID had an association to an entity with a string ID. String IDs inside of embedded IDs (like VisitId) were no problem, because embedded IDs are special-cased anyway. This closes issue #29.

Friday, March 2, 2012

Azzyzt JEE Tools 1.3.1 are available

This is a release with neither functional changes nor bug fixes. I just wanted to bring Azzyzt JEE Tools to the current versions of GlassFish and Eclipse.

Built and tested with Eclipse Indigo SR2, GlassFish 3.1.2 and Java 1.6.0_31

Tuesday, January 10, 2012

Azzyzt JEE Tools 1.3.0 are available

After quite a long time I have a new version 1.3.0 available on GitHub. Install it from the update site as usual. The changes are

  • New URLs for SOAP and REST. The new URL schema bundles full services and restricted services. Thus it is possible to allow/disallow one of those categories based on the URL prefix. This breaks current applications and therefore we have bumped the minor version.
  • The default HTTP header expected to contain a pre-authenticated username is now “x-authenticate-userid”.
  • The default HTTP header expected to contain a user’s credentials is now “x-authorize-roles”. See the tutorial for details on credentials.
  • These two HTTP header names and the default anonymous user name can still be changed via JNDI custom string resources, but this is more elaborate now. The old JNDI resource for the username HTTP header was “custom/stringvalues/http/header/username”, but as this is global and would define the header name for all applications, we have recognized that a per-app definition may be useful. From 1.3.0 on the first resource checked is “custom/stringvalues/app_<APPNAME>/http/header/username”, where “<APPNAME>” is the project base name, in the example application it’s “cookbook”. If this name is not defined, the global name “custom/stringvalues/http/header/username” is tried, and if that isn’t defined either, the default value is used.
  • Added lots of JavaDoc to runtime. Still not complete though.
  • Added an AuthorizationInterface. You can add a reference to an instance of a class implementing this interface to the Azzyztant. It’s completely analogous to the username converter and it can be used to check authorization per call, based on the taget class/method and credentials.
  • Eliminated the MAGWIEN feature. Through all the time it has been identical to the GENERIC feature anyway. So far we don’t need any special or secret code and the configuration options suffice.
  • Added a subset of BETWEEN to QuerySpec. You can specify BETWEEN clauses where the result is limited to be between two literals. This covers the most common uses. The general solution, where each limit can be either a literal or a field reference, would have needed a major refactoring or polluted the code to no end.
  • Tested with GlassFish 3.1.1
  • Tested with Indigo SR1
  • Added credential-based authorization
  • Added unit tests for credential-based authorization
Sorry for breaking the URL schema. It's much better now and from lack of feedback I doubt that too many external users (any?) will be affected at the moment.

In any case: enough has changed to warrant going to the tutorial again.