CEO Mark Zuckerberg’s Facebook Wall hacked

Facebook CEO Mark Zuckerberg 

 Khalil, a Palestinian white hat hacker, submitted bug reports to Facebook about a vulnerability that allowed him to post on anyone's wall. But Facebook's security team didn't do anything. So Khalil wrote on Mark Zuckerberg's wall about it and was generally a badass. Khalil explains on his blog that he submitted a full description of the bug, plus follow-up proof of its existence to the Facebook security feedback page, where researchers can win rewards of at least $500 for finding significant vulnerabilities. Then he submitted again. The second time he got an e-mail back that said, "I am sorry this is not a bug." When he posted on Zuckerberg's wall, Khalil said, "First sorry for breaking your privacy and post to your wall , i has no other choice to make after all the reports i sent to Facebook team ." He then detailed the situation and provided links. Within minutes, a Facebook engineer contacted Khalil for more information and then blocked his account "as a precaution" while a security team fixed the bug. Later his account was re-enabled. But Facebook says that he cannot claim a reward for the find because in hacking Zuck's wall he violated Facebook's terms of service. They commented that, "exploiting bugs to impact real users is not acceptable behavior for a white hat. In this case, the researcher used the bug he discovered to post on the timelines of multiple users without their consent." Facebook admits, though, that its team should have been more diligent in following up on Khalil's submission. So. Cool. Problem solved. This is khalil blog http://khalil-sh.blogspot.ru/p/facebook_16.html

How to create a JavaEE 6 web application in Eclipse Indigo 3.7.1 using JSF 2.0, EJB 3.1, JPA 2.0, MySQL Server 5.1, and EclipseLink 2.3

This tutorial demonstrates all the steps to create and design a dynamic web application using latest version of eclipse, i.e. Eclipse Indigo 3.7.1. There are lot of articles, which teach Java EE 6 Applications with Netbeans, but there is no such article, which demostrates all the steps together using Eclipse, so, I decided to write this tutorial to describe all the steps necessary to create a Java EE 6 web application using Eclipse. I have also sorted out the best books on java EE 6. You can buy these books if you want to see a complete reference. This tutorial uses following technologies:

• Java EE 6 as a platform
• GlassFish 3.1.1 Server as a deploying server for our web application
• JSF 2.0 for our web module
• JPA 2.0 to manage our persistence classes
• EJB 3.1 to write our enterprise java beans for business logic
• EclipseLink 2.3 for ORM (Object Relational Mapping) to map our relations(tables) to entity classes
• MySQL Server 5.1 as DBMS (Database Management Server)

The turorial is divided into the following steps. If you are a beginner just follow all the steps from the beginning. This tutorial will guide you from the very basic steps till the end. If you are familiar with basic steps just skip and jump to your level of step. So, lets go to the first step.

1. How to Download and install jdk1.7.01 and setting path for java home directory in 'Environment Variables'
2. How to Download and install Eclipse Indigo 3.7.1 and sett and configure jdk as run time environment for Eclipse
3. How to download, install and configure GlassFish 3.1 Server for Eclipse Indigo 3.7.1
4. How to create your first web application in Java EE 6 using JSF 2.0
5. How to create templates in JSF 2.0 to manage facelets
6. How to Download and install MySQl Server 5.1
7. How to connect to MySQl Server database using Eclipse
8. How to create entity classes using JPA 2.0 and EclipseLink in Eclipse Indigo 3.7
9. How to create and configure JNDI DataSource for MySQL in GlassFish 3.1 Server
10. How to access java beans using JSF 2.0 web page

Part 10: Displaying values from database table in JSF 2.0 web page

In previous part we have created our enterprise java bean and managed bean. Now we'll create a our facelet customer_list.xhtml, and display the list of customers by accessing our managed bean. Right-click on WebContent folder and create a composition page customer_list.xhtml , and make the code look like following. For detailed information on how to create composition pages see part 5 of this tutorial.

customer_list.xml

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" 
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml"
 xmlns:ui="http://java.sun.com/jsf/facelets"
 xmlns:h="http://java.sun.com/jsf/html"
 xmlns:f="http://java.sun.com/jsf/core">

<ui:composition template="/WEB-INF/template/template.xhtml">
 
<ui:define name="content">
   <h:form>
  
 <h:dataTable id="dt1" value="#{customerBean.customerList}" 
 var="item" bgcolor="#F1F1F1" border="10"  cellspacing="2"
  width="60%"  rules="all" >    
 
 <f:facet name="header">
   <h:outputText value="Customer List Data Table" />
 </f:facet> 
 
 <h:column>
   <f:facet name="header">
   <h:outputText value="CustomerId" />
   </f:facet> 
    <h:outputText value="#{item.customerId}"></h:outputText>
 </h:column>
 
 <h:column>
   <f:facet name="header">
   <h:outputText value="Name"/>
   </f:facet> 
    <h:outputText value="#{item.name}"></h:outputText>
 </h:column>
 
 <h:column>
   <f:facet name="header">
   <h:outputText value="Age"/>
   </f:facet> 
    <h:outputText value="#{item.age}"></h:outputText>
 </h:column>
 
 <h:column>
   <f:facet name="header">
   <h:outputText value="Email"/>
   </f:facet>
    <h:outputText value="#{item.email}"></h:outputText>
 </h:column>
 
 <h:column>
   <f:facet name="header">
   <h:outputText value="Address"/>
   </f:facet>
    <h:outputText value="#{item.address}"></h:outputText>
 </h:column>
    
 </h:dataTable>
 
 </h:form>
</ui:define>
 
</ui:composition>
</html>

Run the page on the server and here we are. We have successfully created and tested our JSF 2.0 dynamic web application. Congratulations!

I'll upload the 2nd part of this tutorial soon when it is finished, which will explain the database operations in detail. So thanks for reading this article, check for more tutorials in future.

Part 9: How to create and configure JNDI DataSource for MySQL in GlassFish 3.1.1 Server

In this part we'll create JNDI data source name to work with our EJBs (Enterprise Java Beans).

First of all, copy mysql-connector-java-5.1.18-bin.jar file, which you have downloaded in the part 7 of this tutorial, in your GlassFish lib folder. The path should look like this: glassfish3\glassfish\lib. Restart your eclipse and do the following:

In the lower corner of your Eclipse window, right-click GlassFish 3.1.1 under Servers tap and click GlassFish -> View Admin Console.

This will open Admin Console in the browser window. Once its open, in the left-hand side panel underResources, click on JDBC and then JDBC Connection Pools. In the right hand-side click on new button.

In New JDBC Connection Pool window, give MYSQL_Pool as Pool Name, selectjavax.sql.DataSource as Resource Type, and MySQL as Database Driver Vendor. On the right upper corner click Next button.

In the log list of additional properties of the next window, find the following properties and fill them with as follows:
Url: jdbc:mysql://:3306/test
URL: jdbc:mysql://:3306/test
Port: 3306
DatabaseName: your database name (in our case test)
ServerName: localhost
User:root
Password: your password, which you have created in part 6
Click finish and you will see your pool in the list now.

Click on ping to test if the pool is created successfully. If not successful, check all the properties again.

Under the JDBC click on JDBC Resources, click new. In New JDBC Resource window, select MySQL_Pool from Pool Name, and give jdbc/testdsn as JNDI name; dont't forget to click Ok on the upper right corner.

Now that we have created our DataSource, we'll configure our persistence.xml file to access this Data Source. Open your persistence.xml, which you will find under JPA Content folder.

In the navigation options of xml file click on Source.

Make the file look like following:

persistence.xml

<?xml version="1.0" encoding="UTF-8"?>
<persistence version="2.0" xmlns="http://java.sun.com/xml/ns/persistence" 
 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
 xsi:schemaLocation="http://java.sun.com/xml/ns/persistence 
 http://java.sun.com/xml/ns/persistence/persistence_2_0.xsd">

 <persistence-unit name="testPU" transaction-type="JTA">
  <jta-data-source>jdbc/testdsn</jta-data-source>
  <class>datamodel.entities.Customer</class>
 </persistence-unit>
</persistence>

In the code above with have specified a persistence unit named testPU. As transaction type we have used JTA (Java Transaction API). as JTA DataSource, we have specified jdbc/testdsn, that we have created above, and finally we have specified our entity class Customer.java, which is to be mapped.

Now we'll create our EJB. In order to create enterprise java bean, right click on src package and click New -> Other. From Wizards' list select Session Bean (EJB 3.x) under EJB and click Next.

Give 'ejb.beans' as package name. Give CustomerEJB as class Name. Select 'State type' as 'Stateless' and click finish.

Delete the default constructor and make the code look like following; in the code import all the necessary packages.

CustomerEJB.java

package ejb.beans;

import java.util.ArrayList;
import java.util.List;

import javax.ejb.LocalBean;
import javax.ejb.Stateless;
import javax.persistence.EntityManager;
import javax.persistence.PersistenceContext;
import javax.persistence.TypedQuery;

import datamodel.entities.Customer;

/**
 * Session Bean implementation class CustomerEJB
 */
@Stateless
@LocalBean
public class CustomerEJB {

    @PersistenceContext(unitName = "testPU")
    EntityManager em;
    
    public List<Customer> customerList = new ArrayList<Customer>();
    
    public List<Customer> findAll() {
     
     TypedQuery<Customer> query = em.createQuery("select c from Customer c", Customer.class);
     customerList = query.getResultList();
     return customerList;
     
    }

}

So simple as that. EJBs has made life easier for us. In the above code, we have created a persistence context, that will take care of our entities, i.e. entity classes, and then we have create our entity manager, that will perform actions on entity classes. You don't need to open and close and commit your transactions anymore. Entity manager will take care of all that.

In our function which return a list off our customers, we have created a query of type Customer using em.createQuery. In createQuery we have used JPQL (Java Persistence Query Language). JPQL is standard query language to write queries in JPA. The simplest form is select a from Customer a, and we have used c for our Customer entity instead of a. Keep in mind that this is not the name of customer table rather the name of Customer entity class, which starts with capital C. Then we have executed our query using query.getResultList and have saved results in customerList, and finally we have returned our customerList.

Now that, we have created our business logic, in which we have created our EJB class, we'll now create our web logic in which we'll create our managed bean to access findAll() method defined in our CustomerEJB.java class.

So, right click on src package and create an new class by clicking New -> class. Give the package name as web.beans. Give the class name as CustomerBean, and click finish.

CustomerBean.java

package web.beans;

import java.util.ArrayList;
import java.util.List;

import javax.ejb.EJB;
import javax.faces.bean.ManagedBean;
import javax.faces.bean.SessionScoped;

import datamodel.entities.Customer;

import ejb.beans.CustomerEJB;

@ManagedBean (name = "customerBean")
@SessionScoped
public class CustomerBean {

 @EJB
 CustomerEJB customerEJB; 
 
 private List<Customer> customerList = new ArrayList<Customer>();

 public List<Customer> getCustomerList() {
  customerList = customerEJB.findAll();
  return customerList;
 }

 public void setCustomerList(List<Customer> customerList) {
  this.customerList = customerList;
 }

  
}

In the above code, we have injected our CustomerEJB by using the annotation @EJB. This allows us to access EJBs directly in our ManagedBean class. As you have seen we have called ourfindAll() method directly from CustomerEJB.java class.

In the next step we'll create our web page to display the list of our customers. So, click Next.

Part 8: How to create entity classes using JPA 2.0 and EclipseLink 2.3 in Eclipse Indigo 3.7.1

Previously, we have installed and configured MySQL database with Eclipse. In this step we'll use JPA 2.0 and Eclipselink 2.3 to create entity class for our project. So, lets start.

In order to use JPA capabilities in your project, you have to add JPA Facet to your Project Facets.

Right-click your project in Project Explorer and click Properties. In the Project Facets, on the left-hand side click on Project Facets and from the Project Facets’ list check JPA. This will prompt a linkFurther Configuration required in lower part of the window. Click on Further configuration required.

In the JPA Facet Window select EclipseLink 2.3.x under Platform. In JPA implementation Click onDisable Library Configuration. Glassfish 3.1.1 Server ships with EclipseLink, so you don't have to configure it.

Note: If you are using previous versions of Glassfish; i.e, Glassfish 3.0.1 Server then you would have to download EclipseLink library and copy following jar files to glassfish3/glassfish/lib folder:
javax.persistence_2.0.3.v201010191057.jar
javax.persistence_1.0.0.jar
eclipselink.jar

If you are using Glassfish 3.1.1 Server as in this tutorial than you don't need to do anything accept selecting it from list as described above.

Under Connection Select Test MySQL database which you have previously created in the previous part. Also, check 'Add driver library to build path'. Finally it should look Like following figure; click Ok. Finally in the Project Facets click Ok and you are done.

Next, we'll create data model for our project in which we'll create entity class from table customer, which we had created in the previous part. This is called ORM (Object Relation Mapping). ORM is handled by EclipseLink.

In the project explorer, right-click on scr folder under Java Resources, and click New -> Package. Give the package name datamodel.entites and click Finish.

Right-click on datamodel.entities package and click New -> Other. From the Wizard list under JPA click JPA Entities form Tables

In Select Tables window, click on connect button as highlighted in the figure. Select your table. CheckUpdate class list in persistence.xml and click Next. Click Next again.

In the Key generator field select identity from the list. This is important to select your key generator as Identity, this will cause your entity class to automatically generate primary key. If you do not specify you key generator as identity, your application must initialize your primary key before attempting to persist any entities in database. Leave other fields as default and click finish.

The Customer.java class is created under the package datamodel.entities. The code look like the following:

Customer.java

package datamodel.entities;

import java.io.Serializable;
import javax.persistence.*;


/**
 * The persistent class for the customer database table.
 * 
 */
@Entity
public class Customer implements Serializable {
 private static final long serialVersionUID = 1L;

 @Id
 @GeneratedValue(strategy=GenerationType.IDENTITY)
 @Column(name="customer_id")
 private int customerId;

 private String address;

 private int age;

 private String email;

 private String name;

    public Customer() {
    }

 public int getCustomerId() {
  return this.customerId;
 }

 public void setCustomerId(int customerId) {
  this.customerId = customerId;
 }

 public String getAddress() {
  return this.address;
 }

 public void setAddress(String address) {
  this.address = address;
 }

 public int getAge() {
  return this.age;
 }

 public void setAge(int age) {
  this.age = age;
 }

 public String getEmail() {
  return this.email;
 }

 public void setEmail(String email) {
  this.email = email;
 }

 public String getName() {
  return this.name;
 }

 public void setName(String name) {
  this.name = name;
 }

}

Now that we have created our entity class. We'll now create our business logic, in which we'll be creating our enterprise java beans called EJBs. Before we create our EJBs, we have to create a JNDI data source name, So click Next to see how we create it.

Part 7: How to connect to MySQl Server database using Eclipse Indigo 3.7.1

In this part we'll create a database named 'test' and then work with this database using eclipse. So, let's start. Before you can connect to MySQL Server through Eclipse, you need to download mysql-connector-java-5.1.18.jar and include it into your project libraries using Build Path. Download the jar file from http://www.mysql.de/downloads/connector/j/ as in the figure:

In your project explorer Eclipse right-click on your project and click on Build Path -> Configure Build Path. In the Libraries tab click on Add External JARs and then browse to your directory where you have downloaded the jar file. Your window would look like the following; click Ok.

Now we'll create our test database. Open MySQL Command Line Client as shown in the previous part and give the command create database test. This will create a database named test as in the figure below:

In the lower panel of eclipse you could find Data Source Explorer as in the figure below:

Drag this tab and drop it in the left panel besides Project Explorer tab as shown in the following figure so that you can have both views on left panel this will make things easy to use in future.

If you don't see Data Source Explorer here, then in eclipse menubar, click on Window -> Open Perspective -> other -> Database Development as in the figure below; this will open Data Source Explorer in left panel. To switch back to your Project Explorer, click on Window -> Open Perspective -> other -> Java EE (default).

In the Data Source Explorer right-click on Database Connections and click New.

In Connection Profile window select MySQL and in the name field write Test MySQL; click Next.

On the upper right corner click on New Driver Definition button.

In New Driver Definition window, select MySQL JDBC Driver MySQL 5.1 and then click JAR Listtab.

In JAR List tab, select the default driver and click on Edit JAR/Zip... button.

Select the jar file which you have downloaded above, click Open and then click Ok.

In the General tab under Properties, change the database name in the Database and URL field to your database name as in the figure. In our case it is test. Give your password which you have created in the previous part. Check Save password, and click on Test Connection and you will see ping successful message. Click Finish.

To create tables in database using eclipse, select your database test, then open the scrapbook by clicking on the button placed in the right corner of Data Source Explorer as in the figure:

In the scrapbook write the following query to create a table customer.

Right-click in the scrapbook and click Execute All.

You will see the see the success message in the SQL Result tab.

You can view your tables in In the Data Source Explorer like this.

Insert some rows in the table by right-clicking on your table and then clicking Data -> Edit

We now move on to real stuff. In the next step we'll use this database and create entity class using JPA 2.0 and Eclipselink. So, click Next.

Part 6: How to Download and install MySQl Server 5.1

Download Mysql Server 5.1 from http://dev.mysql.com/downloads/mysql/ Choose your operating system and click download as in the figure:

Click on No thanks, just take me to the downloads!. Click on the closest mirror to your location and download the installer file. Run the installer and you'll see the following window; click on Next.

Accept license and click on Next. Check on Complete and click Next.

Click on Install.

After installation is complete, you are presented with MySQL Eterprise window click Next twice.

On the next window check Configure the Mysql now and click Finish.

On welcome screen click Next.

Check Detailed Configureation and click Next.

Check Developer Machine and click Next.

Check Multifunctional Database and click Next.

Leave defaults and click Next.

Check Decision Support (DSS)/OLAP and click Next.

In the next window, check all three options and click Next.

Check Best Support For Multilingualism and click Next.

In the next window check all three options and click Next.

In the next window check Modifiy Securiy Settings and give a password and remember it for the later use. Click Next.

In the next window click Execute.

Finally click on Finish.

Go to Windows Start -> All Programs -> MySQL -> MySQL Server 5.1. Click on MySQL Command Line Client as in the figure below:

Enter the password you have given in the configuration above and you will see mysql> prompt as in the figure below:

MySQL Sever is installed on your machine and working. In the next step we'll see how can we create database using MySQL Server and work with this database in Eclipse. So, click on Next.