Saturday, December 15, 2018

Azure AD authentication methods to be used

Hello everyone,

Microsoft Azure AD and on-premise provide a solution to create a common user identity for authentication and authorization to all resources, regardless of location. We call this hybrid identity.

To achieve a hybrid identity, one of three authentication methods can be used, depending on your scenarios. The three methods are:


Password hash synchronization (PHS)

Password hash synchronization is one of the sign-in techniques used to accomplish a hybrid identity.
 Azure AD Connect synchronizes a hash, of the hash, of a user's password from an on-premises Active Directory instance to a cloud-based Azure AD instance.



Password hash synchronization is an extension to the directory synchronization feature implemented by Azure AD Connect sync. You can use this feature to sign in to Azure AD services like Office 365.
 You sign in to the service by using the same password you use to sign in to your on-premises Active Directory instance.

What is Azure AD Connect

Password hash synchronization helps by reducing the number of passwords; your users need to maintain to just one. Password hash synchronization can:

Improve the productivity of your users.
Reduce your helpdesk costs.
Optionally, you can set up password hash synchronization as a backup if you decide to use Federation with Active Directory Federation Services (AD FS) as your sign-in method.

To use password hash synchronization in your environment, you need to:

Install Azure AD Connect.
Configure directory synchronization between your on-premises Active Directory instance and your Azure Active Directory instance.
Enable password hash synchronization.

Pass-through authentication (PTA)

What is Azure Active Directory Pass-through Authentication?
Azure Active Directory (Azure AD) Pass-through Authentication allows your users to sign in to both on-premises and cloud-based applications using the same passwords.
This feature provides your users with a better experience - one less password to remember and reduces IT helpdesk costs because your users are less likely to forget how to sign in.
 When users sign in using Azure AD, this feature validates users' passwords directly against your on-premises Active Directory.

This feature is an alternative to Azure AD Password Hash Synchronization, which provides the same benefit of cloud authentication to organizations. However, specific organizations wanting to enforce their on-premises Active Directory security and password policies can choose to use Pass-through Authentication instead.
Review this guide for a comparison of the various Azure AD sign-in methods and how to choose the right sign-in method for your organization.



Federation

Federation is a collection of domains that have established trust. The level of trust may vary, but typically includes authentication and almost always includes authorization. A typical federation might consist of some organizations that have established the trust for shared access to a set of resources.

You can federate your on-premises environment with Azure AD and use this federation for authentication and authorization.
This sign-in method ensures that all user authentication occurs on-premises. This method allows administrators to implement more rigorous levels of access control.
 Federation with AD FS and PingFederate is available.



Happy coding,
Thiago Leoncio.
Posted by at No comments:

Friday, September 28, 2018

nested exception is java.lang.IllegalArgumentException: Failed to create query for method public abstract java.util.List com.thiagoleoncio.thiagoG.entity.ProcessedRepository.findByACCOUNT_NUMBER(java.lang.String)! No property aCCOUNT found for type Processed!

Have gotten this error today:

SDSX-108-L:recordreprocessing tguimaraes$ ./gradlew bootRun

> Task :bootRun
2018-09-28 15:14:40.511  INFO 8214 --- [           main] s.c.a.AnnotationConfigApplicationContext : Refreshing org.springframework.context.annotation.AnnotationConfigApplicationContext@6c80d78a: startup date [Fri Sep 28 15:14:40 EDT 2018]; root of context hierarchy
2018-09-28 15:14:40.988  INFO 8214 --- [           main] trationDelegate$BeanPostProcessorChecker : Bean 'configurationPropertiesRebinderAutoConfiguration' of type [org.springframework.cloud.autoconfigure.ConfigurationPropertiesRebinderAutoConfiguration$$EnhancerBySpringCGLIB$$1a26ce66] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying)

  .   ____          _            __ _ _
 /\\ / ___'_ __ _ _(_)_ __  __ _ \ \ \ \
( ( )\___ | '_ | '_| | '_ \/ _` | \ \ \ \
 \\/  ___)| |_)| | | | | || (_| |  ) ) ) )
  '  |____| .__|_| |_|_| |_\__, | / / / /
 =========|_|==============|___/=/_/_/_/
 :: Spring Boot ::        (v2.0.1.RELEASE)

2018-09-28 15:14:41.208  INFO 8214 --- [           main] c.c.c.ConfigServicePropertySourceLocator : Fetching config from server at: http://docker-dev-01.mic.thiagoleoncio.com:8888/
2018-09-28 15:14:41.486  INFO 8214 --- [           main] c.c.c.ConfigServicePropertySourceLocator : Located environment: name=claim-reprocess-service,file-fetcher-library, profiles=[default], label=null, version=edfb09bdf68547e4fd217c32fe831d3372158a19, state=null
2018-09-28 15:14:41.486  INFO 8214 --- [           main] b.c.PropertySourceBootstrapConfiguration : Located property source: CompositePropertySource {name='configService', propertySources=[MapPropertySource {name='configClient'}, MapPropertySource {name='https://bitbucket.thiagoleoncio.com/scm/thiagoG/servicesconfiguration.git/thiagoG/file-fetcher-library.properties'}]}
2018-09-28 15:14:41.508  INFO 8214 --- [           main] c.s.d.ClaimReprocessServiceApplication   : No active profile set, falling back to default profiles: default
2018-09-28 15:14:41.524  INFO 8214 --- [           main] ConfigServletWebServerApplicationContext : Refreshing org.springframework.boot.web.servlet.context.AnnotationConfigServletWebServerApplicationContext@6e15fe2: startup date [Fri Sep 28 15:14:41 EDT 2018]; parent: org.springframework.context.annotation.AnnotationConfigApplicationContext@6c80d78a
2018-09-28 15:14:42.508  INFO 8214 --- [           main] o.s.b.f.s.DefaultListableBeanFactory     : Overriding bean definition for bean 'dataSource' with a different definition: replacing [Root bean: class [null]; scope=refresh; abstract=false; lazyInit=false; autowireMode=3; dependencyCheck=0; autowireCandidate=false; primary=false; factoryBeanName=org.springframework.boot.autoconfigure.jdbc.DataSourceConfiguration$Hikari; factoryMethodName=dataSource; initMethodName=null; destroyMethodName=(inferred); defined in class path resource [org/springframework/boot/autoconfigure/jdbc/DataSourceConfiguration$Hikari.class]] with [Root bean: class [org.springframework.aop.scope.ScopedProxyFactoryBean]; scope=; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null; factoryMethodName=null; initMethodName=null; destroyMethodName=null; defined in BeanDefinition defined in class path resource [org/springframework/boot/autoconfigure/jdbc/DataSourceConfiguration$Hikari.class]]
2018-09-28 15:14:42.685  INFO 8214 --- [           main] o.s.cloud.context.scope.GenericScope     : BeanFactory id=4d3c6ad7-210c-3d69-b466-1beae216a57e
2018-09-28 15:14:42.845  INFO 8214 --- [           main] trationDelegate$BeanPostProcessorChecker : Bean 'org.springframework.transaction.annotation.ProxyTransactionManagementConfiguration' of type [org.springframework.transaction.annotation.ProxyTransactionManagementConfiguration$$EnhancerBySpringCGLIB$$fe0ccb69] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying)
2018-09-28 15:14:42.902  INFO 8214 --- [           main] trationDelegate$BeanPostProcessorChecker : Bean 'org.springframework.cloud.autoconfigure.ConfigurationPropertiesRebinderAutoConfiguration' of type [org.springframework.cloud.autoconfigure.ConfigurationPropertiesRebinderAutoConfiguration$$EnhancerBySpringCGLIB$$1a26ce66] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying)
2018-09-28 15:14:43.330  INFO 8214 --- [           main] o.s.b.w.embedded.tomcat.TomcatWebServer  : Tomcat initialized with port(s): 8080 (http)
2018-09-28 15:14:43.365  INFO 8214 --- [           main] o.apache.catalina.core.StandardService   : Starting service [Tomcat]
2018-09-28 15:14:43.365  INFO 8214 --- [           main] org.apache.catalina.core.StandardEngine  : Starting Servlet Engine: Apache Tomcat/8.5.29
2018-09-28 15:14:43.377  INFO 8214 --- [ost-startStop-1] o.a.catalina.core.AprLifecycleListener   : The APR based Apache Tomcat Native library which allows optimal performance in production environments was not found on the java.library.path: [/Users/tguimaraes/Library/Java/Extensions:/Library/Java/Extensions:/Network/Library/Java/Extensions:/System/Library/Java/Extensions:/usr/lib/java:.]
2018-09-28 15:14:43.537  INFO 8214 --- [ost-startStop-1] o.a.c.c.C.[Tomcat].[localhost].[/]       : Initializing Spring embedded WebApplicationContext
2018-09-28 15:14:43.537  INFO 8214 --- [ost-startStop-1] o.s.web.context.ContextLoader            : Root WebApplicationContext: initialization completed in 2013 ms
2018-09-28 15:14:43.711  INFO 8214 --- [ost-startStop-1] o.s.b.w.servlet.FilterRegistrationBean   : Mapping filter: 'characterEncodingFilter' to: [/*]
2018-09-28 15:14:43.712  INFO 8214 --- [ost-startStop-1] o.s.b.w.servlet.FilterRegistrationBean   : Mapping filter: 'hiddenHttpMethodFilter' to: [/*]
2018-09-28 15:14:43.712  INFO 8214 --- [ost-startStop-1] o.s.b.w.servlet.FilterRegistrationBean   : Mapping filter: 'httpPutFormContentFilter' to: [/*]
2018-09-28 15:14:43.712  INFO 8214 --- [ost-startStop-1] o.s.b.w.servlet.FilterRegistrationBean   : Mapping filter: 'requestContextFilter' to: [/*]
2018-09-28 15:14:43.713  INFO 8214 --- [ost-startStop-1] .s.DelegatingFilterProxyRegistrationBean : Mapping filter: 'springSecurityFilterChain' to: [/*]
2018-09-28 15:14:43.714  INFO 8214 --- [ost-startStop-1] o.s.b.w.servlet.ServletRegistrationBean  : Servlet dispatcherServlet mapped to [/]
2018-09-28 15:14:43.956  INFO 8214 --- [           main] com.zaxxer.hikari.HikariDataSource       : HikariPool-1 - Starting...
2018-09-28 15:14:44.148  INFO 8214 --- [           main] com.zaxxer.hikari.HikariDataSource       : HikariPool-1 - Start completed.
2018-09-28 15:14:44.228  INFO 8214 --- [           main] j.LocalContainerEntityManagerFactoryBean : Building JPA container EntityManagerFactory for persistence unit 'default'
2018-09-28 15:14:44.262  INFO 8214 --- [           main] o.hibernate.jpa.internal.util.LogHelper  : HHH000204: Processing PersistenceUnitInfo [
        name: default
        ...]
2018-09-28 15:14:44.387  INFO 8214 --- [           main] org.hibernate.Version                    : HHH000412: Hibernate Core {5.2.16.Final}
2018-09-28 15:14:44.389  INFO 8214 --- [           main] org.hibernate.cfg.Environment            : HHH000206: hibernate.properties not found
2018-09-28 15:14:44.430  INFO 8214 --- [           main] o.hibernate.annotations.common.Version   : HCANN000001: Hibernate Commons Annotations {5.0.1.Final}
2018-09-28 15:14:44.564  INFO 8214 --- [           main] org.hibernate.dialect.Dialect            : HHH000400: Using dialect: org.hibernate.dialect.H2Dialect
2018-09-28 15:14:45.093  INFO 8214 --- [           main] o.h.t.schema.internal.SchemaCreatorImpl  : HHH000476: Executing import script 'org.hibernate.tool.schema.internal.exec.ScriptSourceInputNonExistentImpl@19fbc594'
2018-09-28 15:14:45.096  INFO 8214 --- [           main] j.LocalContainerEntityManagerFactoryBean : Initialized JPA EntityManagerFactory for persistence unit 'default'
2018-09-28 15:14:45.608  WARN 8214 --- [           main] aWebConfiguration$JpaWebMvcConfiguration : spring.jpa.open-in-view is enabled by default. Therefore, database queries may be performed during view rendering. Explicitly configure spring.jpa.open-in-view to disable this warning
2018-09-28 15:14:45.948  WARN 8214 --- [           main] ConfigServletWebServerApplicationContext : Exception encountered during context initialization - cancelling refresh attempt: org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'documentationPluginsBootstrapper' defined in URL [jar:file:/Users/tguimaraes/.gradle/caches/modules-2/files-2.1/io.springfox/springfox-spring-web/2.9.2/ed2ed714a6cba8804d00f80f0534901e4c7a3211/springfox-spring-web-2.9.2.jar!/springfox/documentation/spring/web/plugins/DocumentationPluginsBootstrapper.class]: Unsatisfied dependency expressed through constructor parameter 1; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'webMvcRequestHandlerProvider' defined in URL [jar:file:/Users/tguimaraes/.gradle/caches/modules-2/files-2.1/io.springfox/springfox-spring-web/2.9.2/ed2ed714a6cba8804d00f80f0534901e4c7a3211/springfox-spring-web-2.9.2.jar!/springfox/documentation/spring/web/plugins/WebMvcRequestHandlerProvider.class]: Unsatisfied dependency expressed through constructor parameter 1; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'requestMappingHandlerMapping' defined in class path resource [org/springframework/boot/autoconfigure/web/servlet/WebMvcAutoConfiguration$EnableWebMvcConfiguration.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping]: Factory method 'requestMappingHandlerMapping' threw exception; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'mvcConversionService' defined in class path resource [org/springframework/boot/autoconfigure/web/servlet/WebMvcAutoConfiguration$EnableWebMvcConfiguration.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.springframework.format.support.FormattingConversionService]: Factory method 'mvcConversionService' threw exception; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'processedRepository': Invocation of init method failed; nested exception is java.lang.IllegalArgumentException: Failed to create query for method public abstract java.util.List com.thiagoleoncio.thiagoG.entity.ProcessedRepository.findByACCOUNT_NUMBER(java.lang.String)! No property aCCOUNT found for type Processed!
2018-09-28 15:14:45.949  INFO 8214 --- [           main] j.LocalContainerEntityManagerFactoryBean : Closing JPA EntityManagerFactory for persistence unit 'default'
2018-09-28 15:14:45.949  INFO 8214 --- [           main] .SchemaDropperImpl$DelayedDropActionImpl : HHH000477: Starting delayed drop of schema as part of SessionFactory shut-down'
2018-09-28 15:14:45.955  INFO 8214 --- [           main] com.zaxxer.hikari.HikariDataSource       : HikariPool-1 - Shutdown initiated...
2018-09-28 15:14:45.959  INFO 8214 --- [           main] com.zaxxer.hikari.HikariDataSource       : HikariPool-1 - Shutdown completed.
2018-09-28 15:14:45.960  INFO 8214 --- [           main] o.apache.catalina.core.StandardService   : Stopping service [Tomcat]
2018-09-28 15:14:45.974  INFO 8214 --- [           main] ConditionEvaluationReportLoggingListener :

Error starting ApplicationContext. To display the conditions report re-run your application with 'debug' enabled.
2018-09-28 15:14:45.987 ERROR 8214 --- [           main] o.s.boot.SpringApplication               : Application run failed

org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'documentationPluginsBootstrapper' defined in URL [jar:file:/Users/tguimaraes/.gradle/caches/modules-2/files-2.1/io.springfox/springfox-spring-web/2.9.2/ed2ed714a6cba8804d00f80f0534901e4c7a3211/springfox-spring-web-2.9.2.jar!/springfox/documentation/spring/web/plugins/DocumentationPluginsBootstrapper.class]: Unsatisfied dependency expressed through constructor parameter 1; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'webMvcRequestHandlerProvider' defined in URL [jar:file:/Users/tguimaraes/.gradle/caches/modules-2/files-2.1/io.springfox/springfox-spring-web/2.9.2/ed2ed714a6cba8804d00f80f0534901e4c7a3211/springfox-spring-web-2.9.2.jar!/springfox/documentation/spring/web/plugins/WebMvcRequestHandlerProvider.class]: Unsatisfied dependency expressed through constructor parameter 1; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'requestMappingHandlerMapping' defined in class path resource [org/springframework/boot/autoconfigure/web/servlet/WebMvcAutoConfiguration$EnableWebMvcConfiguration.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping]: Factory method 'requestMappingHandlerMapping' threw exception; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'mvcConversionService' defined in class path resource [org/springframework/boot/autoconfigure/web/servlet/WebMvcAutoConfiguration$EnableWebMvcConfiguration.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.springframework.format.support.FormattingConversionService]: Factory method 'mvcConversionService' threw exception; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'processedRepository': Invocation of init method failed; nested exception is java.lang.IllegalArgumentException: Failed to create query for method public abstract java.util.List com.thiagoleoncio.thiagoG.entity.ProcessedRepository.findByACCOUNT_NUMBER(java.lang.String)! No property aCCOUNT found for type Processed!
        at org.springframework.beans.factory.support.ConstructorResolver.createArgumentArray(ConstructorResolver.java:729) ~[spring-beans-5.0.5.RELEASE.jar:5.0.5.RELEASE]
        at org.springframework.beans.factory.support.ConstructorResolver.autowireConstructor(ConstructorResolver.java:192) ~[spring-beans-5.0.5.RELEASE.jar:5.0.5.RELEASE]
        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.autowireConstructor(AbstractAutowireCapableBeanFactory.java:1270) ~[spring-beans-5.0.5.RELEASE.jar:5.0.5.RELEASE]
        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:1127) ~[spring-beans-5.0.5.RELEASE.jar:5.0.5.RELEASE]
        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:541) ~[spring-beans-5.0.5.RELEASE.jar:5.0.5.RELEASE]
        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:501) ~[spring-beans-5.0.5.RELEASE.jar:5.0.5.RELEASE]
        at org.springframework.beans.factory.support.AbstractBeanFactory.lambda$doGetBean$0(AbstractBeanFactory.java:317) ~[spring-beans-5.0.5.RELEASE.jar:5.0.5.RELEASE]
        at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:228) ~[spring-beans-5.0.5.RELEASE.jar:5.0.5.RELEASE]
        at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:315) ~[spring-beans-5.0.5.RELEASE.jar:5.0.5.RELEASE]
        at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:199) ~[spring-beans-5.0.5.RELEASE.jar:5.0.5.RELEASE]
        at org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:760) ~[spring-beans-5.0.5.RELEASE.jar:5.0.5.RELEASE]
        at org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:869) ~[spring-context-5.0.5.RELEASE.jar:5.0.5.RELEASE]
        at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:550) ~[spring-context-5.0.5.RELEASE.jar:5.0.5.RELEASE]
        at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.refresh(ServletWebServerApplicationContext.java:140) ~[spring-boot-2.0.1.RELEASE.jar:2.0.1.RELEASE]
        at org.springframework.boot.SpringApplication.refresh(SpringApplication.java:759) [spring-boot-2.0.1.RELEASE.jar:2.0.1.RELEASE]
        at org.springframework.boot.SpringApplication.refreshContext(SpringApplication.java:395) [spring-boot-2.0.1.RELEASE.jar:2.0.1.RELEASE]
        at org.springframework.boot.SpringApplication.run(SpringApplication.java:327) [spring-boot-2.0.1.RELEASE.jar:2.0.1.RELEASE]
        at org.springframework.boot.SpringApplication.run(SpringApplication.java:1255) [spring-boot-2.0.1.RELEASE.jar:2.0.1.RELEASE]
        at org.springframework.boot.SpringApplication.run(SpringApplication.java:1243) [spring-boot-2.0.1.RELEASE.jar:2.0.1.RELEASE]
        at com.thiagoleoncio.thiagoG.ClaimReprocessServiceApplication.main(ClaimReprocessServiceApplication.java:25) [main/:na]
Caused by: org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'webMvcRequestHandlerProvider' defined in URL [jar:file:/Users/tguimaraes/.gradle/caches/modules-2/files-2.1/io.springfox/springfox-spring-web/2.9.2/ed2ed714a6cba8804d00f80f0534901e4c7a3211/springfox-spring-web-2.9.2.jar!/springfox/documentation/spring/web/plugins/WebMvcRequestHandlerProvider.class]: Unsatisfied dependency expressed through constructor parameter 1; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'requestMappingHandlerMapping' defined in class path resource [org/springframework/boot/autoconfigure/web/servlet/WebMvcAutoConfiguration$EnableWebMvcConfiguration.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping]: Factory method 'requestMappingHandlerMapping' threw exception; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'mvcConversionService' defined in class path resource [org/springframework/boot/autoconfigure/web/servlet/WebMvcAutoConfiguration$EnableWebMvcConfiguration.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.springframework.format.support.FormattingConversionService]: Factory method 'mvcConversionService' threw exception; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'processedRepository': Invocation of init method failed; nested exception is java.lang.IllegalArgumentException: Failed to create query for method public abstract java.util.List com.thiagoleoncio.thiagoG.entity.ProcessedRepository.findByACCOUNT_NUMBER(java.lang.String)! No property aCCOUNT found for type Processed!
        at org.springframework.beans.factory.support.ConstructorResolver.createArgumentArray(ConstructorResolver.java:729) ~[spring-beans-5.0.5.RELEASE.jar:5.0.5.RELEASE]
        at org.springframework.beans.factory.support.ConstructorResolver.autowireConstructor(ConstructorResolver.java:192) ~[spring-beans-5.0.5.RELEASE.jar:5.0.5.RELEASE]
        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.autowireConstructor(AbstractAutowireCapableBeanFactory.java:1270) ~[spring-beans-5.0.5.RELEASE.jar:5.0.5.RELEASE]
        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:1127) ~[spring-beans-5.0.5.RELEASE.jar:5.0.5.RELEASE]
        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:541) ~[spring-beans-5.0.5.RELEASE.jar:5.0.5.RELEASE]
        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:501) ~[spring-beans-5.0.5.RELEASE.jar:5.0.5.RELEASE]
        at org.springframework.beans.factory.support.AbstractBeanFactory.lambda$doGetBean$0(AbstractBeanFactory.java:317) ~[spring-beans-5.0.5.RELEASE.jar:5.0.5.RELEASE]
        at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:228) ~[spring-beans-5.0.5.RELEASE.jar:5.0.5.RELEASE]
        at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:315) ~[spring-beans-5.0.5.RELEASE.jar:5.0.5.RELEASE]
        at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:199) ~[spring-beans-5.0.5.RELEASE.jar:5.0.5.RELEASE]
        at org.springframework.beans.factory.config.DependencyDescriptor.resolveCandidate(DependencyDescriptor.java:251) ~[spring-beans-5.0.5.RELEASE.jar:5.0.5.RELEASE]
        at org.springframework.beans.factory.support.DefaultListableBeanFactory.addCandidateEntry(DefaultListableBeanFactory.java:1325) ~[spring-beans-5.0.5.RELEASE.jar:5.0.5.RELEASE]
        at org.springframework.beans.factory.support.DefaultListableBeanFactory.findAutowireCandidates(DefaultListableBeanFactory.java:1291) ~[spring-beans-5.0.5.RELEASE.jar:5.0.5.RELEASE]
        at org.springframework.beans.factory.support.DefaultListableBeanFactory.resolveMultipleBeans(DefaultListableBeanFactory.java:1193) ~[spring-beans-5.0.5.RELEASE.jar:5.0.5.RELEASE]
        at org.springframework.beans.factory.support.DefaultListableBeanFactory.doResolveDependency(DefaultListableBeanFactory.java:1096) ~[spring-beans-5.0.5.RELEASE.jar:5.0.5.RELEASE]
        at org.springframework.beans.factory.support.DefaultListableBeanFactory.resolveDependency(DefaultListableBeanFactory.java:1065) ~[spring-beans-5.0.5.RELEASE.jar:5.0.5.RELEASE]
        at org.springframework.beans.factory.support.ConstructorResolver.resolveAutowiredArgument(ConstructorResolver.java:815) ~[spring-beans-5.0.5.RELEASE.jar:5.0.5.RELEASE]
        at org.springframework.beans.factory.support.ConstructorResolver.createArgumentArray(ConstructorResolver.java:721) ~[spring-beans-5.0.5.RELEASE.jar:5.0.5.RELEASE]
        ... 19 common frames omitted
Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'requestMappingHandlerMapping' defined in class path resource [org/springframework/boot/autoconfigure/web/servlet/WebMvcAutoConfiguration$EnableWebMvcConfiguration.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping]: Factory method 'requestMappingHandlerMapping' threw exception; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'mvcConversionService' defined in class path resource [org/springframework/boot/autoconfigure/web/servlet/WebMvcAutoConfiguration$EnableWebMvcConfiguration.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.springframework.format.support.FormattingConversionService]: Factory method 'mvcConversionService' threw exception; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'processedRepository': Invocation of init method failed; nested exception is java.lang.IllegalArgumentException: Failed to create query for method public abstract java.util.List com.thiagoleoncio.thiagoG.entity.ProcessedRepository.findByACCOUNT_NUMBER(java.lang.String)! No property aCCOUNT found for type Processed!
   
FAILURE: Build failed with an exception.

* What went wrong:
Execution failed for task ':bootRun'.
> Process 'command '/Library/Java/JavaVirtualMachines/jdk1.8.0_161.jdk/Contents/Home/bin/java'' finished with non-zero exit value 1

* Try:
Run with --stacktrace option to get the stack trace. Run with --info or --debug option to get more log output. Run with --scan to get full insights.

* Get more help at https://help.gradle.org

Deprecated Gradle features were used in this build, making it incompatible with Gradle 5.0.
See https://docs.gradle.org/4.6/userguide/command_line_interface.html#sec:command_line_warnings

BUILD FAILED in 8s
3 actionable tasks: 1 executed, 2 up-to-date




To FIX THIS ISSUE:

To quote the article on DZone:

"When Spring Data creates a new Repository implementation, it analyzes all the methods defined by the interfaces and tries
to automatically generate queries from the method name. While this has limitations, it is a very powerful and elegant way of defining new
custom access methods with very little effort. For example, if the managed entity has a name field (and the Java Bean standard getter and
setter for that field), defining the findByName method in the DAO interface will automatically generate the correct query:"

So, they way I fixed the issue was doing this on the entity class:

@Column(name = "ACCOUNT_NUMBER", nullable = true, updatable = false)
private String accountNumber;

Posted by at No comments:

Sunday, May 20, 2018

Collaborative Defense in Depth



Hurry up; collaboration is losing in Security.

Cybercriminals are sharing zero-day vulnerabilities and credentials, selling corporate infrastructure details, renting out botnets for attacks, and creating easy-to-use, complex, automated tools and armaments — all of which are getting sold on Dark Web. So, how can IT organizations defend against these threats? One possibility is to improve collaboration among good professionals, both within and across organizations.

How?

Dynamic security analytics with AI that combines orchestration beyond the diversity of threats (as well as characters and processes) can help set the foundation for a robust security maneuvering. Collude is the glue that integrates disparate point products in a manner that extends their security capabilities beyond what each technology could afford on its own. Going deeply on each of them helps to control and integrate many different products as well as collect, prevent, and detect the threat.


Here it's the traditional defense in depth framework we have:

Fig1: Traditional Defense in Depth framework

Traditional security practices are unsustainable because there are too many nonintegrated tools for understaffed IT security departments to manage. One primary example of this is the integration that lacks on enabling collaborative defense at the Endpoint level. Today we have many different companies to provide many different solutions(e.g., EndPoint control), Solutions Architects tend to select multiple vendors to provide their solution and implement the workflow.


The uncomfortable situation that organizations face today regarding the collaborative defense is outside of them. For many reasons, they lack trust with other companies.

  • Corporate policies that forbid the communication of threat intelligence outside the company;
  • Lack of resources to define processes or operationalize IT sharing back into the community; and
  • Lacking trust in relationships.
  • Lack of processes to anonymize and share threat intelligence back into the community;
  • Fear of obligation from threat intelligence sharing;


Empowering Collaborative Defense at the Endpoint

Cybercriminals are well organized to devastated companies. Security architects struggle with the speed of changes we are facing today. To make it work, we need to create an ecosystem that enables, collaboration using Defense-in-Depth over multiple vendor integrations that satisfies traditional security practices. 

Posted by at No comments:

Saturday, April 28, 2018

Auth0 - SPA - Single Page application - part 2

Hello all,


As part 2 of Auth0 development, I would like to show today what you need to work on your NodeJS code to make your single page application protected and use the best features of Auth0.


1. Remeber that for single page application we use a grant flow that we call Implicit Grant. In my case, I am using reponse_type=id_token token.
Fig1: Implicit flow using id_token token


2. For SPA, we have 3 basic ways to store our token:
2.1- Using Local Storages
2.2- Using Cookies
2.3-Using Session Storages

Fig2: 3 basic options to store tokens using SPA.


2.4- The fourth option provides more protection - In-memory.


Fig3: In-memory to store a token

3. Another good recommendation is clean up as much as possible using the onbeforeunload trigger.

Fig4: onbeforeunload window script for cleaning.

4. Working with SPA, you basically have only one HTML page that uses all 'div' and 'id' created from your NODEJS code. So, having said that:

Fig5: HTML piece that loads the profileview from app.js code


5. app.js function that calls an API(/userInfo) with access_token to collect a json information about user.
Fig6: app.js function calling API(/userInfo) 



Summary:

A single-page application (SPA) is a web application or website that interacts with the user by dynamically reworking the current page rather than loading entire new pages from a server.  We avoid interruption of the user experience between progressive pages, making the application act more like a desktop application.


Advantages

1. Best responsiveness – Server-side rendering is hard to implement for all the intermediate states – small view states do not map well to URLs. Single page apps are characterized by their ability to redraw any part of the UI without requiring a server roundtrip to retrieve HTML. 

2. Easy to deploy – A single page application is super-simple to deploy if compared to more traditional server-side rendered applications: it’s just one index.htmlfile, with a CSS bundle and a Javascript bundle. 

3. versioning and rollback – Another advantage of deploying our frontend as a single page application is a versioning and rollback. All we have to do is to version our build output (that produces the CSS and JS bundles highlighted in yellow above). 

4. Faster to load – If you have ever used a web application that is regularly reloading everything from the server on almost every user interaction, you will know that that type of application gives a poor user experience due to: the constant full page reloads; also due to the network back and forth trips to the server to fetch all that HTML. 

Disadvantages

Memory leaks – Pages are “long-lived” boosting the risk of memory leak issues. This can deteriorate UX and because of battery drain on mobile devices.


Thank you and happy coding,
Thiago Leoncio.

Download this code here.


Posted by at No comments:

Sunday, April 22, 2018

Auth0 - how to integrate your application with this smart solution - Part 1

Hello everybody,


I would like to show today more about this great identity solution that I've been working on these days.

Auth0 widget gives you a fully customizable, enterprise-ready login/registration box with just a few lines of JavaScript, Java, Swift, or many other languages. The idea behind Auth0 identity as a service solution is to remove from your developers and time wasted with concerns about the authentication and authorization process. That alleviates and help the engineering team to focus on what is more important to the business.

Auth0 has many options for authentication, but by default, it uses OpenID connect to generate what we call IDToken and then, for authorization it uses OAuth protocol that generates and exchanges the AccessToken.

As I presented in my previous article here it's how OAuth flow works:


Here we have the most common grants and flows base on the application need:


What are the different type of apps:

1-Mobile/Native App

 - GRANT: Authorization Code using PKCE - Proof Key for Code Exchange.
 - Flow:
 1.1- Native APP(client) call /authorize endpoint
 1.2-Auth0 redirects with authorization_code in the querystring.
 1.3- Native app sends the authorization_code,code_verifier, redirect_Uri,and clientIDto Auth0.
 Using the /oauth/token endpoint
 1.4-Auth0 validates this information and returns access_token(opt: refresh_token)
 1.5-The native app can use the access_token to call the API on behalf of the user.


2-Single Page App
- GRANT: Implicit
- Flow:
1- The app initiates the flow and redirects the browser to Auth0(using /authorize endpoint),
so the user can authenticate.
2-Auth0 authenticates the user. The first time the user goes through this flow a consent page
will be shown where the permissions, that will be given to the application, are listed. For example:
post_messages, list contacts, and others.

3-Auth0 redirects the user to the app with an access_token(and optionally and id_token) in the hash
fragment of the URI. The app can extract the tokens from the hash fragment.
NOTE: In Single PAge application(SPA) this would be done using javascript and in a mobile application
this is typically handled by interacting with a Web View.

4- The app can use the access_token to call API on behalf of the user.



3-Web App

- GRANT: Authorization Code
- Flow:
1- The Web app initiates the flow and redirects the browser to Auth0(specifically to the /authorize endpoint).
So the user can be authenticated.

2- Auth0 authenticates the user, via the browser. The first time the user goes through this flow a consent the page will be shown where the permissions are listed that will be given to the application.
For example post messages, list contacts and so forth.

3-Auth0 redirects the user to the web app(specifically to redirect_uri, as specified in the
/authorize request) with an authorization code in the query string(code).

4-The web app sends the authorization code to Auth0 and asks to exchange it with an access_token
(and optionally an id_token and a refresh_token). This is done using the Cliend id and Client secret.

5- Auth0 authenticates the web app, validates the authorization code and responds back with the token.

6- The web app can use the access_token to call API on behalf of the user.

 Benefits:
  • Almost any web app you use is going to perform authentication. This is table stakes, and there are a lot of cookie-cutter solutions for various frameworks but can be hard to get it right and secure. One less thing to maintain and worry about when you are building your product. Their starter free plan is sufficient for most startups' needs.
  • Auth0 has got SDKs in various languages and a ton of documentation. It's easy to integrate it with your demand.
  • It provides compliance with various standards(Ex: HIPAA) if that's a key requirement for your outcome.

Summary:

     Learn that you are offloading your whole user data to a 3rd party app in exchange for extensibility. They do offer a way to migrate this data back to your app in case you need it, thus avoiding any vendor lock-in. In my next article, I am going provide code examples that I did integrate this excellent identity solution with my IOS, Java and NodeJS apps. Stay tuned.



Happy coding,
Thiago Leoncio.
Posted by at No comments:

Saturday, March 17, 2018

SAML 2.0 X OAUTH 2.0 differences

Hello security folks,

Today, I am going to show with diagrams how SAML differentiates to OAuth 2.0.





Fig1:. SAML 2.0 Flow.




Fig2:. OAuth 2.0 Flow.


Fig3:. Terms of both




I hope it helps you and happy coding,
Thiago Leoncio.


Posted by at No comments:

Saturday, January 27, 2018

How to Fix an Azure Pass-Through Authentication Failure

Azure Pass-Through Authentication Issue

I recently ran into an issue where we were facing authentication issues with Azure Pass-through Authentication. After ensuring that Pass-Through Authentication was still enabled in the Azure Portal and the hosting server was in an Active state, I went to the logs. In the logs, I found the following error.

Error

“AADSTS80001: No Microsoft Azure AD Connect Authentication Agent was found. Make sure that your environment is configured correctly. If your directory is set for pass-through authentication, make sure that your Microsoft Azure AD Connect Authentication Agent is online.”

Resolution

 The error message was helpful and led me to our Azure Active Directory services. I noticed that the Microsoft AAD Application Proxy Connector was stopped. So even though Azure shows the service and server as healthy, it was finished. A quick start to this service got us back up and running again.

NOTE: I think it’s also worth mentioning that for this error Microsoft states the following, “Ensure that agent servers are members of the same AD forest as the users whose passwords need to be validated and they are able to connect to Active Directory.”


Posted by at No comments:

How to use AlgoTrader APIs and how to develop your own AWS application using algorithmic trading tools

Hello everyone,



Today, I am going to show how to create a trade strategy using AlgoTrader API. How to use AlgoTrader APIs and how to develop your own application using algorithmic trading APIs for broker/customer markets

Using Auto Trader API you can create trading strategies, deploy and generates the back tests to your trade. You can generate Options & Futures as other many features.

Few points before we start:

You need a cloud service account, eg: Amazon AWS account id. That will be the service account to generate the trades, exchanges and back tests and logs.
Once you have this prerequisite setup, you can go thru your Amazon EC2 VM and
start running your development as I show below.



The beauty is these back tests can process 500,000 events per seconds. Once you are happy with back tests results you can start doing tradings.

For Options & Futures you can have SABR calibration and Delta Hedging service
- OptionUtil, OptionService and ch.algotrader.service.OptionService.


Summarizing it - In this article, I am going to show:
1. How to create a new strategy using eclipse and Autotrader API.
2. How to back test it.
3. How to deploy it.

First of all, I would like to show the DataModel of AlgoTrader to clarify how the strategy is connected to the other actions and events.


And also the UML diagram of the strategy:




So, let’s move to the steps to use AlgoTrader Api.
1. How to create a new strategy using eclipse and Autotrader API.
1.1.1. First step: You need to create a new strategy using eclipse. Create a new Maven project as showed below.






1.1.2. The modules(eg: module-box-init.epl) contains the signal generation logic. Such as SEND_ORDER, MOVING_AVERAGE , in case of strategy many others for each as specific case scenario.

1.1.3. Example Service:

1.1.3.1.1. onStart method is called on the strategy starts up.

1.1.3.1.2. sendOrder is called from a signal to create a market order that sends to exchange process.

2. The backtest
2.1.1. The backTest is logged to the console. It can process up to 500.000 process per second.


2.1.2. At the end of the backTest, it generates a concise report with key metrics for you analysis.

NOTE: in excel format

3. Deploy it
3.1.1. You can place order manually
3.1.2. You can see and draw in your chart.
3.1.3. The latest release AlgoTrader is using Docker to build, ship and run this distributed application.
3.1.4. Using Docker, we can easily deploy a trading strategy in AWS - where you can monitor thru the browser anywhere.


4. Benefits of AlgoTrader
4.1. Running multiple strategies simultaneously.
4.2. Customizing the platform.
4.3. Integrating the third party libraries
4.4. Trading multiple accounts.
4.5. Connecting to multiple brokers at same time.
4.6- There are very nice features developing Options(Using the Class OptionUtil). You can run by option price, implied volatility, intrinsic value, delta,vega,theta, forward price, moneyness or even strike by delta.
4.7- SABR Calibration- OptionService class has the SABR calibration that happens for one specific expiration and takes an array of strikes with their corresponding array of volatilities.


I hope it helps all of you that want to create your own trade tool or web application.


Happy coding,
Thiago Leoncio.
               


Reference:
AlgoTrader JAVA API http://doc.algotrader.ch/javadoc/index.html
AlgoTrader UML Model http://doc.algotrader.ch/uml/AlgoTrader-UML-Model.pdf
SABR Stochastic model: http://www.lesniewski.us/papers/published/HedgingUnderSABRModel.pdf






Posted by at No comments:
Subscribe to: Posts (Atom)