Tomcat error page

Java web pages running on a Tomcat server may cast errors like NullPointerExceptions, causing the execution of the web page to fail. Additionally, errors may occur outside of web page execution, eg a File-not-found error caused by the user's URL request not being resolved to any existing part of a web page. The goal is to deliver a specific custom page when an error occurs on a Tomcat server.


This solution only works if your classes contain a property that acts as an ID (i.e. annotated with @XmlID).

One of the classes has to implement the interface CycleRecoverable which provides the sole method Object onCycleDetected(Context ctx).
When overriding this method return an object that only contains the ID of that class e.g.:
class A implements CycleRecoverable {
public Object onCycleDetected(Context ctx) { return new A(; }

Get JAX-B to work with circular dependencies.

When serializing objects that have circular dependencies with JAX-B the framework throws a CyclicDependencyDetected exception. For example there are two classes A and B. Class A has a property x of type B and class B has a list y of As. Using the annotations <code>@XmlElementRef B x</code> in class A and <code>@XmlWrapperElement("ys") @XmlElementRef List&lt;A> y</code> in class B will throw the aforementioned exception. How to serialize object graphs like these?


Add a @XmlType(name="model_order") annotation to the model class. This will generate two distinct XSD types without renaming the XSD element.
public class Order {


Get JAX-WS to work with duplicate xsd:types

When writing a SOAP webservice using JAX-WS using NO explicit namespace declarations on the model and you have the following constellation: a webservice with a method named "order", a model class with the name "Order" the JAX-WS processor (e.g. Apache CXF) will complain because there are two XSD types referring to two different things. The webservice looks like this: <code>@WebService(...) public class WS { @WebMethod public void order(Order o); }</code> And the model like this: <code>@XmlRootElement public class Order { ... }</code> How can you work around this without using explicit namespace declarations and renaming the class or method?

Use KeyEventDispatcher for JApplet

As for the fact that KeyListener does not work for JApplet as it does for Applet you should use the KeyEventDispatcher interface.

public class AppletMain extends JApplet implements java.awt.KeyEventDispatcher

Furthermore you have to set the KeyboardFocusManager to the Panel


Afterwards override the dispatchKeyEvent function of the interface:

public boolean dispatchKeyEvent(KeyEvent e);

This allows you to catch the KeyEvents as it is done with KeyListener.


KeyListener works in Applet but not in JApplet

Following scenario: A simple Applet implementing the KeyListener <code> public class AppletMain extends Applet implements KeyListener{ } </code> Therefore you have to override following methods: <code> public void keyPressed(KeyEvent k) { } public void keyReleased(KeyEvent k) { } public void keyTyped(KeyEvent k) { System.out.println("A key has been typed"); } </code> This works perfectly, unfortunatly if I change it to a JApplet the Keys are not recognized anymore

How to enable Java in Firefox 3.6

Since Firefox 3.6, the option box to enable Java (not javascript) in Preferences->Content is disappeared. Now, the question is: how to enable Java content pages in Firefox 3.6 or later? Because, on one side sometimes there is an important site for us that need Java. And in another side, some of us prefer to use Firefox (than any other internet browsers) and do not want to change our default browser to any other browsers.

Prepared Statements for preventing SQL-Injection in Java

To prevent a SQL-Injection, one should use prepared statements instead of normal statements. Why? Because a variable's SQL-metacharacters, passed as arguments to prepared statements, will automatically be escaped by the JDBC driver.

String selectStatement = "SELECT * FROM User WHERE userId = ? ";
PreparedStatement prepStmt = con.prepareStatement(selectStatement);
prepStmt.setString(1, userId);
ResultSet rs = prepStmt.executeQuery();

Incorrect usage of prepared statements can render their protective aspect inert.

String strUserName = request.getParameter("Txt_UserName");
PreparedStatement prepStmt = con.prepareStatement("SELECT * FROM user WHERE userId = '+strUserName+'");

Preventing SQL-Injection in a Java application

Sql-Injection is a technique to inject (or execute) SQL commands within an application (database). It is mainly used to gain access to a databases content for which one has no authorization. The method injects SQL commands by providing input to a SQL statement which contains SQL meta-characters. Example statement: <strong>select * from user where username='input'</strong> SQL injected input:<strong>user' OR '1'='1</strong> The final statement:<strong>select * from user where username='user' OR '1'='1'</strong> Since 1 always equals 1, this statement would return all the users in the database! Depending on the SQL command, an attacker could insert, modify, extract and delete data in the database.


Subscribe to java