Thursday, August 30, 2012

Security vulnerabilities in Nexus Pre-2.1 releases


Sonatype posted security vulnerabilities in Nexus releases prior to 2.1 and recommending upgrade to latest release (i.e. 2.1)
We areusing the nexus version  2.0.6 OSS. Considering this alert, I’m planning to upgrade soon.

Here is the quote from sonatype
Unless you want to risk exposing a secure credential, get hacked via some XML, or suffer a denial of service attack via our Artifactory bridge, you probably want to upgrade to Nexus 2.1 right now.


I hope they are not marketing Sonatype Insight with this alert J

Tuesday, August 7, 2012

How to customize MANIFEST files in WAR using Maven?


A war file contains MANIFEST files which is created by Maven. This post explains how to customize a manifest files to add our own values, which may get reflected while deploying on application servers like websphere.

The post How to create java war (web archive) file using Maven?  explains in detail about building war file for sample application using Maven. Refer it for creating your own simple webapp. This post is the continuation to it.

When you explode the war file created for the sample application code described in my previous post, it contains the below directory structure.
   simple-1.1-SNAPSHOT
       images/springsource.png
       jsp/hello.jsp
       META-INF
           maven/com.rsa.siddesh.simple/simple
              pom.properties
              pom.xml
           MANIFEST.MF
     WEB-INF
          web.xml
          classes
            examples/Hello.class
            images/springsource.png
          lib/servlet-api-2.5.jar
       index.html

The default MANIFEST.MF created by Maven looks like this

MANIFEST.MF
   Manifest-Version: 1.0
   Archiver-Version: Plexus Archiver
   Created-By: Apache Maven
   Built-By: guruss1
   Build-Jdk: 1.6.0_16

We can add many values to it through Maven.
1) 

How to create java war (web archive) file using Maven?

Maven by default creates a JAR package. But we can build package in any other format easily through Maven. This blog explains how to generate a WAR package, customizing the MANIFEST and web.xml files within it, using simple HelloWorld example.

Project structure
<proj-home>
        pom.xml
        src
          main
            java
               App.java
        target
           simple-1.1-SNAPSHOT.jar


First we create a Java file which prints Hello World.
  Maven projects expects Java source files under  src/main/java directory. Hence lets create our Hellow World program App.java under it.

The content of App.java is