Tuesday, August 28, 2012

Java/JDBC connect to Amazon RDS (MySQL) with SSL

First you need to set your JDBC url to something like the following:

Notice the useSSL and requireSSL as connection parameters
Then you need to import the following SSL certificate into your Java cacerts trusted store:
sudo keytool -import -keystore /PathToYourJDK_OR_JRE_lib/security/cacerts -file path_to_downloaded_from_above_file/mysql-ssl-ca-cert.pem

Set the correct JDBC username/password when connecting and all should be fine.

Thursday, August 23, 2012

Spring security expressions not working with OAUTH2

When using spring security OAUTH2 in a client app, you will normally define an access decision manager like this:

That is needed to add the OAUTH2 scope voter to the auth decision process. Well, that is going to mess with the element if you're using it and have use-expressions="true". 

So even if you have:

your expressions will not work. You will get a stack trace like the following:

java.lang.IllegalArgumentException: Unsupported configuration attributes: [hasRole('ROLE_USER'), permitAll]...

That's because of the above custom definition of the accessDecisionManager bean. You need to switch the RoleVoter definition in the accessDecisionManager for a WebExpressionVoter in order for the web expressions to become available, just like this:

Here you go,
Enjoy Spring Security (with OAUTH2) as before.

Thursday, May 17, 2012

Spitalul Brancovenesc

In 1986, intr-o vineri, Ceausescu a hotarat sa demoleze Spitalul Brancovenesc si luni a inceput demolarea. Era un spital proaspat renovat, monument istoric, salile de operatie erau de marmura, dar n-a contat. Spitalul fusese fondat de Safta Brancoveanu si era o pisanie in hol care spunea ca “Se face acest spital pentru saraci si de moarte napraznica in zi de Craciun sa moara cel care se va atinge de acest spital”. Va spune ceva asta?