logzio / guice-jersey Goto Github PK
View Code? Open in Web Editor NEWGuice module for starting Jetty based rest server with Jersey
License: Apache License 2.0
Guice module for starting Jetty based rest server with Jersey
License: Apache License 2.0
Hi,
I am trying to use this project to start an embedded jetty server with TLS support using keystore and SSLContextFactory (https://www.eclipse.org/jetty/documentation/9.4.x/embedded-examples.html#embedded-many-connectors), but could not find a way to add an additional connector to the JerseyConfigurationBuilder object. Is this supported? If yes, then can you point me to an example or changes that I would need to do to implement this.
Guava is a suite of core and expanded libraries that include utility classes, google's collections, io classes, and much much more.
Guava has only one code dependency - javax.annotation,
per the JSR-305 spec.</p>
path: /root/.m2/repository/com/google/guava/guava/19.0/guava-19.0.jar
Library home page: https://github.com/google/guava/guava
Dependency Hierarchy:
Unbounded memory allocation in Google Guava 11.0 through 24.x before 24.1.1 allows remote attackers to conduct denial of service attacks against servers that depend on this library and deserialize attacker-provided data, because the AtomicDoubleArray class (when serialized with Java serialization) and the CompoundOrdering class (when serialized with GWT serialization) perform eager allocation without appropriate checks on what a client has sent and whether the data size is reasonable.
Publish Date: 2018-04-26
URL: CVE-2018-10237
Base Score Metrics:
Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2018-10237
Release Date: 2018-04-26
Fix Resolution: 24.1.1
Step up your Open Source Security Game with WhiteSource here
Are you guys looking into eclipse-ee4j/jersey#3692 and will this project enable all of us jersey fans to once again be able to build war files without having to go through all the trouble of maintaining web.xml-files?
There doesn't seem to be a way to access the jetty server instance so that I can enable jetty request logging. Typically you would just do server.setRequestLog(new Slf4jRequestLog())
It would also be nice to also be able to control the thread pool, etc.
Hi,
I wonder if there's plan to upgrade the jetty dependency to version 10 or 11? The latest guice-jersey 1.0.16 depends on jetty version 9.4.28.v20200408 which has some vulnerability issues https://mvnrepository.com/artifact/io.logz/guice-jersey/1.0.16.
Thanks,
Zhenfei
Hi! I'm not sure, that is bug, but by default JacksonJsonProvider.class
not registrated in JerseyConfiguration module.
I have situation:
Simple controller:
@Path("/version")
public class VersionController {
private ApplicationInfo applicationInfo;
@Inject
public VersionController(ApplicationInfo applicationInfo) {
this.applicationInfo = applicationInfo;
}
@GET
@Produces(MediaType.APPLICATION_JSON)
public ApplicationInfo getInfo() {
return applicationInfo;
}
}
where ApplicationInfo is POJO binded as singleton with @singleton annotation.
I run in IDE, go to /version endpoint โ all goes good.
I build package with maven, run it and get error MessageBodyWriter not found for media type=application/json, type=class com.my.package.ApplicationInfo, genericType=class com.my.package.ApplicationInfo.
Other mime-types work fine.
I found solution. It's necessary to manual register JacksonJsonProvider.class in JerseyConfiguration:
JerseyConfiguration configuration = JerseyConfiguration.builder()
.addPackage("com.my.package")
.registerClasses(JacksonJsonProvider.class) // <-- this
.addPort(1234)
.build();
Correct me if i'm wrong
PS: Thanks a lot for your lib. I have same troubles, you solution made my life easier :)
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.