Security is an important topic in Information Technology. When writing code related to security, you should be conscious and fully understand what are you doing. This topic is not a topic which you can code without knowing exactly what you do. You should be careful and not just blindly copy paste code you don’t understand. The system is relying to your code, to feel safe and secure :)
This article does not teach you to understand Java security. This is just a pointer to kickstart your research. I have some reference to good articles from Oracle which will help you to start figuring out.
- Certificates and Certificate Revocation Lists
- Java Cryptography Architecture
- Java PKI Programmer’s Guide
You can start your research to follow those links above according to its order. Happy learning!
First, we install the mysql connector jar using this command:
osgi:install -s wrap:mvn:mysql/mysql-connector-java/5.1.18
Bundle ID: 384
You can declare dataSource bean in your blueprint / spring configuration like this:
<bean id="dataSource" class="com.mysql.jdbc.jdbc2.optional.MysqlDataSource" >
<property name="serverName" value="localhost" />
<property name="databaseName" value="db_name" />
<property name="port" value="3306" />
<property name="user" value="username" />
<property name="password" value="password" />
This article will show openssl parameters to generate CA certificate keypairs.
This command will generate private certificate “ca.key” under private folder, and public certificate “ca.crt” under certs folder.
In RedHat CentOS server, you can execute below command under
firstname.lastname@example.org [CA]# openssl req -new -x509 -extensions v3_ca -keyout private/ca.key -out certs/ca.crt -days 3650
Generating a 2048 bit RSA private key
writing new private key to 'private/ca.key'
Enter PEM pass phrase:
Verifying - Enter PEM pass phrase:
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
Country Name (2 letter code) [XX]:SG
State or Province Name (full name) :Singapore
Locality Name (eg, city) [Default City]:Singapore
Organization Name (eg, company) [Default Company Ltd]:Example Ltd
Organizational Unit Name (eg, section) :Certificate Authority
Common Name (eg, your name or your server's hostname) :example.com
Email Address :email@example.com
This is command to show remote branches:
$ git remote
$ git remote show origin
* remote origin
Fetch URL: firstname.lastname@example.org:/home/user/git/project.git
Push URL: user@example:/home/user/git/project.git
HEAD branch: master
Local branches configured for 'git pull':
develop merges with remote develop
feature/feature1 merges with remote feature/feature1
master rebases onto remote master
release merges with remote release
Local refs configured for 'git push':
develop pushes to develop (up to date)
feature/feature1 pushes to feature/feature1 (up to date)
master pushes to master (up to date)
release pushes to release (up to date)
This is command to checkout remote branch to local, and set the local branch to track remote branch:
git checkout --track origin/branchname
These are the steps to configure MySQL Data Source in IBM WebSphere:
1. Create JAAS (J2C authentication data) Credential
2. Create MySQL JDBC Provider
3. Create MySQL Data Source
Continue reading →
When default configuration does not exists (logback.groovy, logback-test.xml, logback.xml), LogBack will read system property to get the configuration file location:
java -Dlogback.configurationFile=/path/to/config.xml com.stefanauwyang.ApplicationClass
LogBack can be configured to automatically detect the change in configuration file:
<configuration scan="true" scanPeriod="30 seconds" >
scanPeriod attribute, default period 60 seconds will be set automatically.
LogBack provides a servlet to check the LogBack logging status:
We can also print LogBack status to console by configuring this listener through Java code.
LoggerContext lc = (LoggerContext) LoggerFactory.getILoggerFactory();
StatusManager statusManager = lc.getStatusManager();
OnConsoleStatusListener onConsoleListener = new OnConsoleStatusListener();
… or from config file …
<statusListener class="ch.qos.logback.core.status.OnConsoleStatusListener" />
It is often that we started a project in our local laptop, and we want this project secured in our server. I know, it may not possible to execute
git clone command from server to clone the project from your local computer due to firewall or at that moment your laptop does not have public IP like your server does.
Before pushing the project to server, I assumed that we have created git repository in the server:
$ mkdir projectname.git
$ cd projectname.git
$ git init --bare
$ git init --bare projectname.git
From our local, execute these command to push the git local repository to the server:
$ git remote add origin ssh://email@example.com:port/path/to/projectname.git
$ git push origin master
Now we have our project safe in the server. We can safely continue our work in local laptop, we can clone to other laptop if required, and push the changes to server anytime we want.
When deploying our application in IBM WebSphere application server, sometimes there are some libraries which we are using in our application, get conflicted with the one being used by WebSphere.
Follow this instruction to configure WebSphere to load our application libraries first before it loads the WebSphere libraries.
1. Install the application in WebSphere
2. Once the application installed, go to this path:
Enterprise Applications > [ear application name] > Manage Modules > [war application name]
Class loader order to
Classes loaded with parent class loader first
4. Start the application.
Our application will be started by loading application libraries first, before then it loads WebSphere libraries.
Most of the time, we don’t want to allow direct access to the port from outside our server.
We can configure this through iptables command.
In this example we want to configure port 8080 to be accessible from localhost only. These are the steps:
1. Execute this command to accept connection from localhost.
iptables -A INPUT -p tcp -s localhost --dport 8080 -j ACCEPT
2. Execute this command to drop any connection from other hosts.
iptables -A INPUT -p tcp --dport 8080 -j DROP
If we want to undo this changes, we can execute the same command by replacing
-D. From here we may reverse proxy our 8080 port using our apache http server.
Download nodejs from here:
$ npm install -g cordova
Go to workspace folder:
$ cordova create [project-folder-name] [package-name] [application-name]
Go to project folder (add/list/remove) platform:
$ cordova platform add android
$ cordova platforms ls
$ cordova platform rm android
In the android platform:
$ cordova build
Import the project to eclipse.
Create virtual device.
Run our application in android app.