WebSocket upgrade in jetty-7.6 - jetty

I am using CometD server and deploying it in jetty. I am using CometDv2.5.1 and Jettyv7.6. I just want to know how does websocket upgrade happens.
Does jetty have any upgrade filter ? If yes than when it is doing the upgrade ?
Thanks,
John

Upgrade on Jetty 7 is typically done within a Servlet, not a filter. There also exists a Handler version.
Upgrade on Jetty 8 is the same.
Upgrade on Jetty 9:
if using JSR-356 (aka javax.websocket), then it is done internally, before all servlet processing.
if using the Jetty WebSocket API, then you can use a Servlet, Filter, or Handler.
The Jetty 9 WebSocket API's filter is the most capable (from a path mapping perspective)

Related

I m getting 'Stripe doesn't support HTTPS connections with TLS 1.0' error when calling stripe API

I am getting below error when accessing the stripe API using ColdFusion.
Stripe no longer supports API requests made with TLS 1.0. Please initiate HTTPS connections with TLS 1.2 or later.'
This is related JRE issue in coldfusion. Most of the payment gateways doesn't support TLS 1.0. So, we need to update the Java JRE in our coldfusion server.
How to fix:
Upgrade to Java 8.
Login to ColdFusion Administrator > Java JVM
Change the path of the JVM to the new installed path (defaults to: C:\Program Files\Java\jre1.8.0_102 in windows. )
Restart ColdFusion Server - Service.
Re-Test.. it should work now..

How to add TLS 1.2 in cfhttp tag in ColdFusion 10

I am using ColdFusion 10. How can I specify my connection is TLS 1.1, TLS 1.0, etc. Can I use the cfhttp tag?
How to add TLS 1.2 in cfhttp tag using ColdFusion?
ColdFusion 10 will handle the TLS 1.2 protocol using CFHTTP without any issues as long as you are running Coldfusion on Java 1.8.0_nn. You need to upgrade your Java version. Also see this article I wrote on which SSL/TLS protocols are usable for each ColdFusion/Java version combinations.
https://www.trunkful.com/index.cfm/2014/12/8/Preventing-SSLv3-Fallback-in-ColdFusion
To install a new Java version I always install the JDK in a non-default location that is only used for ColdFusion. ie C:\java\jdk1.8.0_nn\ This way you know it's for ColdFusion and not for the OS. Of course if you're on Linux then the location would be different, but you'd know that already.
Regards,
Wil
The easiest way that I've found so far to use native CF 10 tags and TLS 1.2 is to upgrade the JDK/JRE to 1.8 on the CF server.
I've been using ColdFusion 10 with Server JRE 1.8 u151 for a while now.
You can download the Server JRE here:
http://www.oracle.com/technetwork/java/javase/downloads/server-jre8-downloads-2133154.html
For my Windows Server, I just unzip/tar the server-jre-8u151-windows-x64.tar.gz file to "C:\Program Files\Java". This creates a folder named jdk1.8.0_151.
Log into your CF Administrator
Server Settings > Java and JVM
Set [Java Virtual Machine Path] to C:/Program Files/Java/jdk1.8.0_151/jre
Add this phrase to [JVM Arguments]: -Dhttps.protocols=TLSv1.2
Submit Changes
After you restart ColdFusion, it will now be using Server JRE 1.8u151 and force SSL to use TLS 1.2.
I've been performing TLS 1.2 connections using ColdFusion 4.5, 5.0, 6MX, 7, 8, 9, 10, 11 & 2016 using CFX_HTTP5, a C/C++ tag (0% Java; 0% COM; 0% MFC).
http://www.adiabata.com/cfx_http5.cfm
PayPal is in the process of upgrading their API endpoints to allow only TLS 1.2 and HTTP/1.1 connections.
https://www.paypal-knowledge.com/infocenter/index?page=content&widgetview=true&id=FAQ1914&viewlocale=en_US
The only way I could connect to https://tlstest.paypal.com/ was to use CFX_HTTP5 w/CF9 & 10 was to set SSL="5". CFX_HTTP5 also enables you to specify which protocol version to use per-request. It's not a setting that is enabled and forced on all connections... no guessing, interfering w/other website requirements hosted on same server or need to restart the server when changing protocols.
SSL =
0 - SSL3 and TLS1;
1 - SSL2;
2 - SSL3;
3 - TLS1;
4 - TLS1.1;
5 - TLS1.2;
I've also encountered situations where SSL certificates are temporarily invalid due to accidental expiration. In those cases, CFX_HTTP5's SSLERRORS="OK" flag enabled me to consume the API while ignoring the temporary certificate error. (I don't believe that ColdFusion can do this.)

Asynchronous processing not supported on Servlet 2.x container jersy

I am doing an example on Asynchronous processing using jersy restful web services and getting the following
Asynchronous processing not supported on Servlet 2.x container
I am running on Tomcat 7 server.I kept servlet-api-3.0 jar file in tomcat/lib file .But still i am getting the error.What might be the reason for the exception.
Thanks in advance...

Application server with servlet 3.0 support..?

I need an Application server with Servlet 3.0 support..
Currently I am working on Tomcat but I need to know some other application servers which support Servlet 3.0..
Please help me if known
Tomcat is not an application server, just merely a servlet container. You can try GlassFish.
Jboss Application Server 7 have support for Servlet 3.0. and Few more are there

Service works in Tomcat doesn´t work on Servicemix

I´ve deployed a service into Tomcat 6 and into Servicemix 4.3
I´ve used soapUI 4 to send a request to the servers, from tomcat i get an answer, from servicemix i don´t. Both requests are differente Tomcat port 8080, servicemix port 8181.
The service is SOAP web-service in a .war file.
Has anyone done this type of migration? Do i need libraries in servicemix from tomcat?
the issue is likely your packaging/installation of your war and/or missing OSGi bundles...
see this blog post for info on using Servicemix as a web server...
essentially something like this...
osgi:install -s war:file:/tmp/sample.war?Webapp-Context=sample
then you should be able to go to http://localhost:8080/sample
also, this guide should help explain the OSGi war commands a bit...
Sorry, I'm confused.
Tomcat is a servlet/JSP engine, built to deploy servlets, JSPs and web services (given the proper library support).
ServiceMix is an ESB that can do routing to servlets, transforming of messages, guarantee delivery, workflow, and other services. It's supposed to decouple producers of messages from consumers.
I don't see ServiceMix as an alternative deployment platform for servlets and JSPs. I see them as complementary, not one replacing the other.