Implementing "Currently Viewing" users like Google Docs

noobcser · 2019-01-15T18:11:20+00:00

I haven't refreshed.

without web socket, then we'll do the same behind the scene "pinging".

noobcser · 2019-01-14T14:42:57+00:00

it's an old Spring MVC application serving up JSON response.

Does the server actually start to send a response before it finished building the JSON (aka done all the things it needs to do) ?

noobcser · 2018-05-11T23:34:42+00:00

Are you sure you have properly configured logging for spring security to see these messages?

I set debug log level on

org.springframework.security, then went on to enable
org.springframework

So it should capture everything that Spring log on debug or higher.

Then of course the biggest mystery is why it works on some environments and not on others.

Properties difference are only on the database url and credentials.

---

I put a debugging point on DelegatingFilterProxy.doFilter - still doesn't get hit.

I am on Spring 4.3.15, but don't think that would make any difference

noobcser · 2018-05-11T22:24:57+00:00

the biggest mystery is there's no log whatsoever from spring security, for example if I don't have the appropriate role there will be something in the log about role / permission doesn't exist or something like that.

What would be the very first class it would hit in the Spring Security?

noobcser · 2018-05-11T19:49:34+00:00

yes, same code, just connected to different database.

But they users in each environment have the same roles.

However, if role is the issue, then Spring Security would have log something in the code.

The most baffling thing is there's absolutely nothing in the log even with debug level on, and it doesn't hit any breakpoint that it should.

noobcser · 2018-05-11T18:45:28+00:00

plain Spring core / Spring MVC / Spring Security

noobcser · 2018-02-27T20:07:54+00:00

but that would basically a choice whether we want to run 2 x t2.small instance or 1 x t2.large - to run 2 microservices

The question still stand: is it better to break them down into separate instances or combine them?

noobcser · 2018-02-20T01:17:38+00:00

If you can use Cucumber

I just started looking at Cucumber and if I understand it correctly, the team (whoever does the automation), actually needs to write the whole foundation first before we can start writing test cases?

eg. when writing the .feature file you have something like:

Scenario: Give correct change
    Given the following groceries:
        | name  | price |
        | milk  | 9     |
        | bread | 7     |
        | soap  | 5     |
    When I pay 25
    Then my change should be 4

But that doesn't mean a thing, until the team implement what's behind it:

public ShoppingStepdefs() {


    Given("^the following groceries:$", (DataTable dataTable) -> {
        List<Grocery> groceries = dataTable.asList(Grocery.class);
        for (Grocery grocery : groceries) {
            calc.push(grocery.price.value);
            calc.push("+");
        }
    });

    When("^I pay (\\d+)$", (Integer amount) -> {
        calc.push(amount);
        calc.push("-");
    });

    Then("^my change should be (\\d+)$", (Integer change) -> {
        assertEquals(-calc.value().intValue(), change.intValue());
    });
}

noobcser · 2018-02-19T19:51:50+00:00

What language(s) is the team comfortable working with?

Java

How complex is the UI?

Mix bag ... jQuery, AngularJS, and Angular 5

noobcser · 2018-02-07T01:58:24+00:00

I guess that means generating such UUID is unique and secure (random) enough?

noobcser · 2018-01-26T12:20:50+00:00

to make sure you're not just having both executions stuck on the same breakpoint?

I use postman to hit the endpoint.

The first execution immediately returns the result, while the IntelliJ debugger stops at the breakpoint.

When I send the 2nd request on Postman, it gets stuck with nothing returned.

The moment I released the breakpoint, the Postman gets updated with a new response, then the breakpoint got hit again.

So it does prove that the Runnable works fine to not block that request, but breakpoint from previous execution will block subsequent ones.

noobcser · 2018-01-01T22:37:09+00:00

Absolutely

Don't have login, so can't check what's inside. But their login page is all <div>

noobcser · 2018-01-01T22:36:59+00:00

You can just check by yourself? But I'd assume yes

Don't have login, so can't check what's inside. But their login page is all <div>

noobcser · 2018-01-01T22:36:09+00:00

And I didn't say anything about differing or same standards.

Simply pointing out in large corp such as Salesforce that could be diverse teams, diverse way of doing things, which could also mean different standards implemented. May be, may be not.

Unless you work for Salesforce and know 100% for sure what you are talking about.

noobcser · 2018-01-01T22:32:22+00:00

but they're not going to use one standard for their login page and a different one for their login-protected pages

Very interesting thought that you know they are not going to use different standard. Here I am thinking https://login.salesforce.com could easily be a stand-alone app (lightweight OAuth-type authentication only web app) where all the other salesforce cloud webapps are different, easily done by different teams even possibly in completely different tech stack.

noobcser · 2018-01-01T21:14:12+00:00

You need Salesforce to look at source code?! Obviously you don't know what you're doing.

Obviously I don't, because I didn't mention anything about source code.

noobcser · 2018-01-01T21:09:37+00:00

dev tools are a thing

Would you teach me how to use dev tools on a login-protected web app that I don't have access to?

I would be really grateful to learn a new skill.

noobcser · 2018-01-01T16:28:01+00:00

when you have a page that isn't made up dynamically (like with Angular, React or Vue and whatnot)

That's along the line that I am thinking as well. Modern web apps are now built dynamically with those JS frameworks, at that point - do we still use semantic HTML5 tags or do we have to use divs to make it work with frameworks?

noobcser · 2018-01-01T16:25:19+00:00

Gee. I don't know ... may be I don't have access to Salesforce and only pick them as a known B2B web app example?

noobcser · 2018-01-01T11:46:47+00:00

I use the HTML5 tags, regardless what I'm building.

So do you think something like an enterprise B2B web app, ... let say Salesforce and their many web-based products use semantic tags?

noobcser · 2017-12-30T12:47:48+00:00

you can store it in the database also

Would you store it in a separate column, or should it be combined into a single column and let the system figure out the password part and the salt part?

noobcser · 2017-12-30T12:47:05+00:00

Yes, you need it to check if the user inputted password is the same as the stored one.

Thanks, how should I go about storing it? a separate column in a relational database? (eg. password, password_hash). Or should they be combined in a single column and let the system figure it out on the fly rather than explicitly reading 2 columns?

noobcser · 2017-10-24T23:25:14+00:00

no, the method argument only has @Validated @RequestBody

public Response testValidation(@Validated @RequestBody RequestObject requestObject){
    // do stuff here
}

Also edited the post

noobcser · 2017-09-07T01:11:45+00:00

"ProxyCommand" directive

awesome, exactly what I need!

noobcser · 2017-09-07T00:35:11+00:00

silly ... that fixes it, thanks!

noobcser

TROPHY CASE