REST Web Service integration with Embed Tomcat
Closed this issue · 3 comments
Hi John,
I work on an AppSensor integration in my existing software architecture but unfortunately failed.
My app based on the jhipster stack(https://jhipster.github.io) and is running on a Embed Tomcat 8(Spring security, Spring MVC REST +Jackson).
I read the AppSensor getting started tutorial and extend my libs as described in your github examples.
<properties>
<appsensor.version>2.3.0</appsensor.version>
</properties>
<dependency>
<groupId>org.owasp.appsensor</groupId>
<artifactId>appsensor-storage-in-memory</artifactId>
<version>${appsensor.version}</version>
</dependency>
<dependency>
<groupId>org.owasp.appsensor</groupId>
<artifactId>appsensor-analysis-reference</artifactId>
<version>${appsensor.version}</version>
</dependency>
<dependency>
<groupId>org.owasp.appsensor</groupId>
<artifactId>appsensor-reporting-simple-logging</artifactId>
<version>${appsensor.version}</version>
</dependency>
<dependency>
<groupId>org.owasp.appsensor</groupId>
<artifactId>appsensor-access-control-reference</artifactId>
<version>${appsensor.version}</version>
</dependency>
<dependency>
<groupId>org.owasp.appsensor</groupId>
<artifactId>appsensor-integration-cef-syslog</artifactId>
<version>${appsensor.version}</version>
</dependency>
<dependency>
<groupId>org.owasp.appsensor</groupId>
<artifactId>appsensor-configuration-stax</artifactId>
<version>${appsensor.version}</version>
</dependency>
<dependency>
<groupId>org.owasp.appsensor</groupId>
<artifactId>appsensor-geolocation-geoip2</artifactId>
<version>${appsensor.version}</version>
</dependency>
<dependency>
<groupId>org.owasp.appsensor</groupId>
<artifactId>appsensor-ws-rest-server</artifactId>
<version>${appsensor.version}</version>
</dependency>
In your examples you always use „spring-boot-starter-jersey“ but I use „spring-boot-starter-tomcat“.
Each HTTP Request throws following exception:
[INFO] org.glassfish.jersey.internal.ServiceFinder - Running in a non-OSGi environment [INFO] org.glassfish.jersey.server.ApplicationHandler - Initiating Jersey application, version Jersey: 2.8 2014-04-29 01:25:26... [ERROR] org.apache.catalina.core.ContainerBase.[Tomcat].[localhost].[/] - StandardWrapper.Throwable java.lang.NoSuchMethodError: org.glassfish.jersey.server.ResourceConfig$State.configureAutoDiscoverableProviders(Lorg/glassfish/hk2/api/ServiceLocator;Z)V
I locate that you use the JAX-RS-WS Jersey implementation in your appsensor-ws-rest-server-2.3.0.jar.
Does the AppSensor only work with jersey implementation for the „REST Web Service“ deployment model, or am I doing something wrong in my configuration? Do you have any ideas?
Any help would be greatly appreciated
Kindly regards
Hendrik
@HendrikStein Thanks for reaching out! Glad to hear you're trying to integrate, and we'll do our best to help you be successful.
I actually think you may be ok. Really, the part that uses the appsensor-ws-rest-server is the backend. It's really meant to be run as a separate service. Your application (presumably the business app that's built on jhipster, would actually be the rest client.
If you look at this slide ( http://www.slideshare.net/jtmelton/building-selfdefending-applications-with-owasp-appsensor-javaone-2016#48 ), the appsensor sample server would be the circle in the middle labeled "appsensor" and your app based on jhipster would be one of the apps on the left side ("app 1" for example). Then your app would send events to appsensor over REST as a client.
If you're interested in building an instance of the appsensor REST server based on tomcat, we can consider that, but I don't think that's really necessary for this case.
Hope that helps, and let me know if it makes sense.
@jtmelton Thanks for your answer. Yes, your explanation make sense. I will run the appsensor-ws-rest-server as an own service and jersey will be fine. So the appsensor REST server based on tomcat is really not necessary.
Kindly regards
Awesome! Feel free to reach out if you have any further questions.