So I found some code
<cfset x509 = GetPageContext().getRequest().getAttribute("javax.servlet.request.X509Certificate") />
<cfoutput>not before = #x509[1].getNotBefore()#</cfoutput><br/>
<cfoutput>not after = #x509[1].getNotAfter()#<br></cfoutput>
<cfoutput>#ToBase64(x509[1].getEncoded())#<br></cfoutput>
<cfoutput>#x509[1].getIssuerDN()#<br></cfoutput>
<cfoutput>#x509[1].getIssuerX500Principal()#<br></cfoutput>
What I want this code to do is display the information from the CAC, instead I am getting an error Variable X509 is undefined...
Edit
An alternate solution seems to be to use CGI.CERT_SUBJECT however I am not exacly sure how to get this variable to be anything other than an empty string. FWIW I am try to get this to work on a standalone coldfusion server.
The getAttribute() method returns a NULL variable when the attribute is not found, which is what's happening in this case. You have to see if it's defined before you can display it.
<cfif StructKeyExists( variables, "x509" )>
{ Code }
</cfif>
On how to get the attribute you're after, I couldn't tell you, but this will prevent the error from occuring.
Depending on your web server (I know Apache does this if you set SSLOptions +StdEnvVars +ExportCertData), you can get the PEM-encoded cert as an environment variable (i.e., cgi.ssl_client_cert) and you can get other info (DN, issuer's DN, etc) as well. Here's a list of the environment variables.
Related
I have this code working for coldfusion, but when i port it to lucee it fails, i know that macromedia does not work in lucee, how can i make this a possibility in lucee and want to remove the connection string, but the result should be exactly like the how the function is returning me
// open a connection to the database
Class = createObject("java", "java.lang.Class");
Class.forName("macromedia.jdbc.sqlserver.SQLServerDriver");
manager = createObject("java", "java.sql.DriverManager");
connectionURL = "jdbc:macromedia:sqlserver://"& SESSION.USER.dbServer &":"& SESSION.USER.dbPortNumber & ";EncryptionMethod=SSL;ValidateServerCertificate=false;";
connection = manager.getConnection(connectionURL, SESSION.USER.dbUser, SESSION.USER.dbPass);
You might define this data source in the Admin instead of in the application code. One thing that screams "big red flag" in your existing code is that the database server name is defined in a cookie. Makes me wonder what other things are in cookie values that need to be refactored.
Read the documentation for defining a data source:
this.datasources["myds"] = {
class: 'org.gjt.mm.mysql.Driver'
, connectionString: 'jdbc:mysql://localhost:3306/test?useUnicode=true&characterEncoding=UTF-8&useLegacyDatetimeCode=true'
, username: 'root'
, password: "encrypted:5120611ea34c6123fd85120a0c27ab23fd81ea34cb854"
};
The example is for MySQL, but you need to find the correct driver name for SQL Server used by Lucee. Go to the admin and create the DSN there to find the driver name.
I am trying to get the path of a cookie
I have several cookies with the same name but with different paths.
The following example return null using the getpath() method
var request = facesContext.getExternalContext().getRequest();
var cookies = request.getCookies();
print(cookies[1].getName()))
print(cookies[1].getPath()))
I also tried the global object "cookie" in xpages but how do I get the path from that?
How can I get the path of all the cookies using ssjs?
You can't. Googled a bit. Seems to be a common problem beyond Domino and XPages. Both getDomain and getPath return null, because browser does not send it to the server. Explained here getDomain() of javax.servlet.http.Cookie is returning null
Also a short thought here https://coderanch.com/t/283519/java/Cookie-getDomain-returns-null that it may be security feature.
Both ways of getting a cookie return a java.servlet.http.Cookie, which does have the getPath() method, which you're using. Are you sure the path is getting set? Looking at an POST request from an XPage (both via the servlet it's calling and FireBug), the DomAuthSessId and SessionID cookies don't have a path set, so getPath() returns null.
We are trying to create a cookie in the PeopleSoft Peoplecode by using the %Response object.
However, the code we tried is failing.
&YourCookie = %Response.AddCookie("YourCookieName", "LR");
Another snippet we tried to create the cookie
Local object &Response = %Response;
Local object &YourCookie;
&YourCookie = &Response.CreateCookie("YourCookieName");
&YourCookie.Domain = %Request.AuthTokenDomain;
&YourCookie.MaxAge = -1; /* Makes this a session cookie (default) */
&YourCookie.Path = "/";
&YourCookie.Secure = True; /* Set to true if using https (will still work with http) */
&YourCookie.Value = "Set the cookie value here. Encrypt sensitive information.";
The document reference points to IScript functions called CreateCookie methods etc.
http://docs.oracle.com/cd/E15645_01/pt850pbr0/eng/psbooks/tpcr/chapter.htm?File=tpcr/htm/tpcr21.htm
However, these don't work in Peoplecode. We don't have the knowledge to create IScript or use it. Any insight with the People code API for cookies or IScript is much appreciated.
I just tested on PeopleTools 8.54.11 and was able to create a cookie using the snippet you provided above.
I did find I had an issue if I set
&YourCookie.Secure = True;
in an environment where I was using HTTP.
If you set Secure to False the cookie will be available in both HTTP and HTTPS
if you set Secure to True the cookie is only available in HTTPS
PeopleTools 8.54 Documentation showing the CreateCookie method
I have been trying to do this (same code snippet) from within signon peoplecode, tools release is 8.54.09. I can execute the first two lines of code, but as soon as the line of code executing the CreateCookie() method executes, I get tossed out / end up on the signon error page.
This seems to support the previous answer saying that the API has removed the method, but the answer before that says it has been successful on tools 8.54.11 -- does that mean they removed it, then put it back, and I happen to be stuck with a release where it was removed? :-/
My question seems to be related to this one:
Coldfusion memcached connections
however, i have been unable to solve it.
if i put this code in application.cfm:
<cfif not IsDefined("application.memcached")>
<cfset application.memcachedFactory = createObject("component","memcachedFactory").init("192.168.2.91:11211")>
<cfset application.memcached = application.memcachedFactory.getmemcached()>
</cfif>
the page will work for maybe 270 calls. then it will start to fail with an error "Object Instantiation Exception " The code is properly talking to memcached. I can send and receive data. it seems like java is running out of something .. threads, sockets, handles of some sort. I know little about java, and am stuck.
This seems wrong to me Don. Why would this code run again after the very first call? It should be running 1 time after which you have a reference to your object. What does the rest of your application.cfm look like? Have you added a cfapplication tag with a "name"?
If you fail to set an application "name" (via the cfapplication tag or "this.name" in application.cfc), the an "application.x" variable is treated just like a regular variable. After the page request ends it will "go away" and require the next request to reinstantiate the object over again.
The purpose of the "isDefined()" in this case is to insure it runs only once - providing you with a singleton (single reference) you can use again and again without reinstantiating it. It sounds like you are not "inside" an application.
I'm running CF 9.0.1 Developer and Coldbox 3.0.0 on my local machine (64-bit Windows Vista running 32-bit CF9 on Apache). I'm working on an application that I've checked out from SVN and deployed locally. Everything seems to be working correctly, but my application log is filling up with entries like this:
Apr 18, 2011 12:41 PM Error jrpp-7
exception.log has an extremely long stack trace for each exception, maybe 150 lines or so. It starts with this:
"Error","jrpp-4","04/18/11","11:07:30",,""
java.lang.NullPointerException
at coldfusion.util.Utils.getServletPath(Utils.java:86)
at coldfusion.util.Utils.getServletPath(Utils.java:76)
at coldfusion.util.Utils.getBaseTemplatePath(Utils.java:405)
at coldfusion.runtime.TemplateProxyFactory.getTemplateFileHelper
(TemplateProxyFactory.java:1522)
at coldfusion.runtime.MetadataUtils.getComponentMetadata
(MetadataUtils.java:112)
at coldfusion.runtime.CfJspPage.GetComponentMetaData(CfJspPage.java:2667)
at coldfusion.runtime.TemplateProxy.getRuntimeComponentMetadata
(TemplateProxy.java:1756)
at coldfusion.runtime.TemplateProxy.getRuntimeMetadata
(TemplateProxy.java:1617)
at coldfusion.runtime.MetadataUtils.getMetaData(MetadataUtils.java:54)
at coldfusion.runtime.CfJspPage.GetMetaData(CfJspPage.java:2640)
at cfEventHandler2ecfc862260423$funcPOSTLOAD.runFunction
(C:\ColdFusion9\wwwroot\ybocv5\coldbox\system\orm\hibernate
\EventHandler.cfc:30)
This is a version of an app that has been running in production, and what makes me think this is just on my local version is the appearance of this in the stack trace:
at cfdump2ecfm471394032$funcRENDEROUTPUT.runFunction
(E:\cf9_updates_rc\cfusion\wwwroot\WEB-INF\cftags\dump.cfm:704)
...
at cfCollectionPanel2ecfm961210602.runPage
(C:\ColdFusion9\wwwroot\ybocv5\coldbox\system\includes
\panels\CollectionPanel.cfm:40)
We don't use cfdump in production; this looks like ColdBox is trying to display a complex object in a debugger panel and failing.
The only thing I found online so far was this thread in Google's transfer-dev group ... someone who saw a bunch of similar errors and thought maybe it was a CF9 bug. The only reply with any sort of solution was this one, suggesting a fix that seems to be Transfer-specific.
Does anyone know what might be causing these errors? It's not as important to me to fix them as it would be on a production app, but if I'm spamming my logs with these errors, it's hard to find legitimate errors when they do occur.
Update: I've been working with the CollectionPanel.cfm template to identify the root cause, and the exception is consistently thrown here:
<cfelseif isObject(varVal)>
<!--- this cfdump is the guilty party ... --->
<cfdump var="#varVal#" expand="false" top="2">
<cfelse>
I've tried wrapping the cfdump in a try-catch, but the exception is thrown anyway, always from that same line of code. This makes sense, I guess, given that these errors don't have any visible effect on the pages on which they occur.
It appears to not be caused from a <cfdump> instead from a GetMetaData() call.
Specifically when you get the meta data of a cfc, which extends another cfc which has been modified after the current has been compiled (and where GetMetaData has been run) where it needs to update the extends struct in the GetMetaData() return. Cf only generates the meta data struct once, most likely for performance reasons.
I think it might be a bug in cf...
Inside the TemplateProxyFactory.getTemplateFileHelper() it's calling runtime.resolveTemplatePath(compName + ".cfc") where compName is name.replace('.', '/')
All good and well until you use a mapping. If you straight out replace dots with slashes, you'll need to add a leading slash, just like they do in TemplateProxy.getMetaData()
Without the leading slash, resolveTemplatePath() returns null, which triggers the VFSFileFactory.getFileObject() call which tries to get a File object from the parent cfc name.
Before it even gets to the VFSFileFactory, it calls Util.getBaseTemplatePath() with the pageContext. Inside it gets the ServletContext from the pageContext and tries to call getServletPath() so that it can get its real path. Utils.getServletPath() tries to get the attribute "javax.servlet.include.servlet_path" which on my machine (and probably yours) doesn't exist and returns null.
You can check by calling this: isNull(getPageContext().getRequest().getRequest().getAttribute("javax.servlet.include.servlet_path")); - yes, there is supposed to be two .getRequest() calls in there.
So it seems Cf is trying to refresh it's extends struct in a cfc getMetaData() call when the extended file is modified and does it a different way then when it first generated the struct.
In you cf admin, what are you settings under Server Settings > Caching?
Trusted cache? Cache template in request? Component cache? Save class files? Cache web server paths?