• Welcome to KonaKart Community Forum. Please login or sign up.
 
February 20, 2019, 08:23:28 am

News:

KonaKart v8.9 - Released Aug-2018 - see KonaKart website for details


Recent posts

Pages1 2 3 ... 10
1
Mobile Access to KonaKart / Re: KonaKart Mobile eCommerce ...
Last post by Brian - February 14, 2019, 02:15:12 pm
To see the responsive storefront in action you can view KonaKart Storefront Demo - if on a desktop machine watch what happens when the browser width is reduced.
2
Reporting / Re: Is there any documentation...
Last post by Brian - February 14, 2019, 02:12:36 pm
For those starting out - this is a good place to start to get to know BIRT:  http://www.eclipse.org/birt/getting-started/
3
Programming of KonaKart / Re: Slow java api
Last post by Brian - January 28, 2019, 01:15:23 pm
Simply replace KKWSEng with com.konakart.app.KKEng (for POJO), com.konakart.json.KKJSONEng (for JSON), com.konakart.jws.KKJAXWSEng (for JAXWS) or com.konakart.rmi.KKRMIEng (for RMI) .

Code Select
EngineConfigIf engConfig = new EngineConfig();
engConfig.setMode(EngineConfig.MODE_SINGLE_STORE);
           
KKEngIf engine = new com.konakart.app.KKEng(engConfig);


You can also instantiate them by name if you wish:

Code Select
/*
* Instantiate a java JSON Engine by name
* KKEngIf jsonEng = new KKJSONEng(engConfig);
*/
KKEngIf jsonEng = new KKEngineUtils().getKKEngByName("com.konakart.json.KKJSONEng", engConfig);
4
Programming of KonaKart / Re: Slow java api
Last post by giacomokk - January 25, 2019, 06:33:35 pm
Hi Brian,

and what is the code if i want to swap to pojos or json?

Thanks.
G
5
Programming of KonaKart / Re: Slow java api
Last post by Brian - January 25, 2019, 04:00:27 pm
I don't know why you say the APIs are slow.  If used correctly the KonaKart APIs are efficient and fast.

SOAP, being a relatively heavy protocol, is always going to be a little slower than using POJOs or JSON, but still perfectly fast enough for most purposes.

You shouldn't instantiate your engines in the way you have described.

It's better to instantiate your engines like this:

Code Select
EngineConfigIf engConfig = new EngineConfig();
engConfig.setMode(EngineConfig.MODE_SINGLE_STORE);
           
KKEngIf engine = new KKWSEng(engConfig);


If you do this you simply code against the KKEngIf which allows you to swap the engine at any time (including at runtime if required).  The implementation details are hidden from you by simply instantiating the engine for the required protocol (in the above case, SOAP).

(The equivalent is true for the KKAdminIf engines).


6
Programming of KonaKart / Slow java api
Last post by giacomokk - January 25, 2019, 03:41:10 pm
Hi, konakart java api calls are really slow.
I instantiate kkAdminEng and kkEng in this way:

KKWSEngIf eng = new KKWSEngIfServiceLocator().getKKWebServiceEng();
KKWSAdminIf adminEng = new KKWSAdminIfServiceLocator().getKKWSAdmin();

Is that correct? If not, can it affect the response speed?
Thanks.
Giacomo
7
Programming of KonaKart / Re: Struts vulnerability CVE-2...
Last post by Andreas - August 28, 2018, 02:02:10 pm
Thanks for the fast reply. That was my guess, but i wanted to go for sure.
8
Programming of KonaKart / OOM when hot redeploy
Last post by rdoila.a - August 27, 2018, 06:12:07 pm
I'm doing some redeployment while developing the front end and after some redeployment I get out of memory, most probably caused by the following:


KonaKart V8.8.1.0-C0 () built 11:04AM 31-Jan-2018 GMT [DB: 8.8.1.0 MySQL]

Aug 27, 2018 2:03:11 PM org.apache.catalina.startup.HostConfig deployWAR
INFO: Deployment of web application archive [/opt/konakart/webapps/store.war] has finished in [3,358] ms
Aug 27, 2018 2:51:48 PM org.apache.catalina.startup.HostConfig undeploy
INFO: Undeploying context [/store]
KKEngInitialization destroyed
Aug 27, 2018 2:51:48 PM org.apache.catalina.loader.WebappClassLoaderBase clearReferencesJdbc
WARNING: The web application [store] registered the JDBC driver [com.mysql.jdbc.Driver] but failed to unregister it when the web application was stopped. To prevent a memory leak, the JDBC Driver has been forcibly unregistered.
Aug 27, 2018 2:51:48 PM org.apache.catalina.loader.WebappClassLoaderBase clearReferencesThreads
WARNING: The web application [store] appears to have started a thread named [Log4j2-TF-4-Scheduled-2] but has failed to stop it. This is very likely to create a memory leak. Stack trace of thread:
sun.misc.Unsafe.park(Native Method)
java.util.concurrent.locks.LockSupport.parkNanos(LockSupport.java:215)
java.util.concurrent.locks.AbstractQueuedSynchronizer$ConditionObject.awaitNanos(AbstractQueuedSynchronizer.java:2078)
java.util.concurrent.ScheduledThreadPoolExecutor$DelayedWorkQueue.take(ScheduledThreadPoolExecutor.java:1093)
java.util.concurrent.ScheduledThreadPoolExecutor$DelayedWorkQueue.take(ScheduledThreadPoolExecutor.java:809)
java.util.concurrent.ThreadPoolExecutor.getTask(ThreadPoolExecutor.java:1074)
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1134)
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
java.lang.Thread.run(Thread.java:748)


9
Installation of KonaKart / Re: Running KonaKart as Servic...
Last post by Brian - August 27, 2018, 04:19:42 pm
Thanks for reporting this. 

The tomcat bundle used for the v8800 and v8900 releases was the base package and not the Windows-specific packages.  It is in these Windows-specific tomcat bundles where you'll find tomcat8.exe etc..

We've made a patch that contains the files that you'll need to install KonaKart as a service in Windows.

Please see https://www.konakart.com/downloads/patch-releases/

You have to download the zip file, unzip the files into the bin directory of your KonaKart installation and then you should be able to install KonaKart as it describes in the User Guide.
10
Programming of KonaKart / Re: Struts vulnerability CVE-2...
Last post by Brian - August 25, 2018, 12:00:49 pm
As far as we are aware KonaKart is not vulnerable to this.

Some background:

CVE-2018-11776 was announced on 22/08/2018. Details were published ( https://semmle.com/news/apache-struts-CVE-2018-11776 ) by Semmle who found the vulnerability. It's a critical vulnerability because it involves remote code execution.

To determine whether you are vulnerable, here's a snippet from the above link:

For your application to be vulnerable to the attack vectors described below, both of the following conditions should hold:

  • The alwaysSelectFullNamespace flag is set to true in the Struts configuration. Note that this is automatically the case if your application uses the popular Struts Convention plugin.
  • Your application's Struts configuration file contains an <action ...> tag that does not specify the optional namespace attribute, or specifies a wildcard namespace (e.g. "/*")
    If your application's configuration does not meet these two conditions, you are likely not vulnerable to the two attack vectors described below.



In the standard KonaKart Struts storefront,  "alwaysSelectFullNamespace" is set to false because it hasn't been set to true in struts.xml and  the Convention plugin isn't used by KonaKart. Therefore, as far as we are aware the "out of the box" implementation should not be vulnerable. It may be wise to check your struts.xml file to determine whether the following line has been added, which would make you vulnerable:

<constant name="struts.mapper.alwaysSelectFullNamespace" value="true" />

Pages1 2 3 ... 10