Sunday, June 2, 2013

SSL and certificates

Terms:

  • SSL (Secure Socket Layer) - a security protocol that ensures secure transaction/connection between a server and a client
  • https - beginning of an SSL-secured website/URL
  • SSL Certificate - a small data file that establishes encrypted connection. It contains a key pair, a public and private key, and the subject identifying the certificate. Typically an SSL Certificate will contain your domain name, your company name, your address, your city, your state and your country. It will also contain the expiration date of the Certificate and details of the Certification Authority responsible for the issuance of the Certificate.
  • Certificate Authority or CA - the SSL Certificate issuer. It researches companies, checks references, assures identity and encrypts data to and from servers. 
  • certificate chain - a series of intermediate certificates
  • public, private, and session keys - anything encrypted with the public key can only be decrypted with the private key, and vice versa. After the secure connection is made, the session key is used to encrypt all transmitted data. 

Server Setup: (http://www.lwithers.me.uk/articles/cacert.html)

  1. In order for a server to handle SSL connections, it must activate SSL.
  2. Server will be prompted several question about identity of website or organization.
  3. Server generates the CSR (Certificate Signing Request). It contains the private key and a CSR data file.
  4. The CA uses the CSR data file to create a public key to match the private key.
  5. CA sends the SSL certificate.
  6. Server installs the SSL certificate. (http://www.digicert.com/ssl-certificate-installation.htm)

How it works:
  1. Browser connects to a web server secured with SSL (https). Browser requests that the server identify itself.
  2. Server sends a copy of its SSL Certificate (including the server’s public key), to assure the client that it can be trusted. The SSL Certficate was purchased from CA.
  3. Browser checks the certificate root against a list of trusted CAs and that the certificate is unexpired, unrevoked, and that its common name is valid for the website that it is connecting to. If the browser trusts the certificate, it creates, encrypts, and sends back a symmetric session key using the server’s public key. --- "SSL handshake"  
  4. Server decrypts the symmetric session key using its private key and sends back an acknowledgement encrypted with the session key to start the encrypted session.
  5. Server and Browser now encrypt all transmitted data with the session key.

Commands:

  • the default password is changeit
  • list certificates
    keytool -list -v -keystore [cacert location], ex. keytool -list -v -keystore cacerts.jks
  • list certificates to a text file
    keytool -list -v -keystore [cacert location] > [text file path]
    keytool -list -v -keystore "C:/Program Files (x86)/Java/jre6/lib/security/cacerts" > java_cacerts.txt
  • delete certificate (used when certificate is expired)
    keytool -delete -v -alias [alias] -keystore [cacert location], ex. keytool -delete -v -alias [alias] -keystore cacerts.jks
  • add certificate to cacert
    keytool -import -alias [alias name] -keystore  [cacert location] -file [cert to add path]
    keytool -import -alias Verisign -keystore  "C:/Program Files (x86)/Java/jre6/lib/security/cacerts" -file C:/bel/docs/certs/Verisign.cer


Source:
http://www.digicert.com/ssl.htm

Tuesday, April 23, 2013

Custom JSP tags

1) Make sure that the library for tags is in your classpath. servlet-api-2.3.jar supports it.
2) Create the tag class
   Ex.
   public class MyTag extends TagSupport
   public class HelloTag extends SimpleTagSupport
3) Create the tag libray descripto file and put anywhere inside WEB-INF directory
   Ex. WEB-INF/tld/myApp.tld
<taglib>
  <tlib-version>1.0</tlib-version>
  <jsp-version>2.0</jsp-version>
  <short-name>Example TLD</short-name>
  <tag>
    <name>Hello</name>
    <tag-class>com.tutorialspoint.HelloTag</tag-class>
    <body-content>empty</body-content>
  </tag>
</taglib>
4) Use the tag. You can also set uri in tld and use it as your uri in JSP page.
<%@ taglib prefix="ex" uri="WEB-INF/tld/myApp.tld"%>
<html>
  <head>
    <title>A sample custom tag</title>
  </head>
  <body>
    <ex:Hello message="This is custom tag" />
  </body>
</html>

Tuesday, April 2, 2013

Merging in SVN using Eclipse

  1. Do a fresh checkout of the project where you are going to merge into. This is done to ensure that your target branch is up to date.
  2. Right click the project and click Team -> Merge
  3. In URL, browse on the source project
  4. Click Ok
  5. Resolve any conflicts

Thursday, February 7, 2013

JBoss Drools

JBoss/JBoss AS (JavaBeans Open Source Software Application Server)

- now has a new name WildFly
- is a J2EE platform for developing and deploying enterprise Java applications, Web applications and services, and portals

Drools/JBoss Rules

- a rule language
- case sensitive
- single line comments starts with # or //, multi-line comments are enclosed in /* and */

Rule file - file ending with .drl

jBPM

- is a flexible java Business Process Management (BPM) Suite
BPM makes the bridge between business analysts, developers and end users, by offering process management features and tools in a way that both business users and developers like it

Components of jBPM

  • core process engine - the only required component
    • history log
    • human task service
  • graphical editors
    • eclipse plugin
    • web-based designer
  • Guvnor respository - can store all business processes
  • jBPM console - web-based console for managinf business processes

Core

knowledge base
   - used to look up the process definitions whenever necessary
   - uses a knowledge builder to load processes from various resources (for example from the classpath, from file system or process repository), i.e.
KnowledgeBuilder kbuilder = KnowledgeBuilderFactory.newKnowledgeBuilder();
kbuilder.add(ResourceFactory.newClassPathResource("ruleflow.rf"), ResourceType.DRF);
   - can be dynamically changed (so you can add or remove processes at runtime)
session
   - instantiated from knowledge base and are used to execute processes and interact with the engine

Structure of a Rule File:

package package-name - must always be the first element
imports - optional, order does not matter
globals - optional, order does not matter, define global vars
functions - optional, order does not matter
function String hello(String name) {
    return "Hello "+name+"!";
}

queries - optional, order does not matter
rules - optional, order does not matter
rule "name"
    attributes
    when
        LHS
    then
        RHS
end


Common rule attributes: 

salience - priority, higher salience values are given higher priority, default is 0, can be positive or negative
agenda-group - a group name, only rules in the agenda group that has acquired the focus are allowed to fire
activation-group - same as if else, only one will fire

Ref:
http://docs.jboss.org/jbpm/v5.1/userguide/

Monday, January 28, 2013

Ant buildfile

Each buildfile contains one project and at least one (default) target. Targets contain task elements.

Basic components/tags:
1) project - attributes: name, default, and basedir

2) target - attributes: name, depends, if, unless, descriptiondefault, and basedir

3) tasks - can be built-in or user defined
Common tasks: init, sets properties, prepare, creates directories, build, builds the system, package, creates jar file, install, installs an application to Tomcat or other engine, deploy, deploy a WAR engine, reload, update previously installed application engine, redeploy

4) properties - to reference, enclose in "${" and "}"
Some Built-in Properties: basedir, ant.file, ant.version, ant.project.name, ant.java.version


Tags:
                     ...


Ref:
http://ant.apache.org/manual/using.html

Sunday, January 27, 2013

Windows and Unix common commands

WindowsUnixDescription
attrib

change(clear or set) the attribute of the file

cdpwdprint current working directory
cd <dir>cd <dir>change directory
clsclearclear screen
cmdStarts a new instance of the Windows command interpreter
copycpcopy
cp /mySrc .
date, timedateprint current date and/or time
delrmdelete
deltreerm - rrecursively delete entire directory tree
dirlslist files and directories
ls attributes:
-a Include hidden fiels (beginning with .)
-l long format
-s sort by time modified
-r reverse sort 
doskey /hhistoryprint history
editvi etc.create new file, show edit window

common vi commands:
/<text> - search forward
n - next occurrence
?<text> - search backward
n - previous occurrence
:set number - show line number
:q | :quit | :q! - quit
exitexit
Ctrl-D
exit
findfinds files/folders or string in files
Ex.
dir c:\ /s /b | find "CPU" - display the file names on drive C that contain the string "CPU"
find . -name "foo*"
findgrepsearch
grep -n 'UnknownServiceException' */*/*/server.log
grep -rni "string" * .*
grep -E "a|b"
  r = recursive i.e, search subdirectories within the current directory
  n = to print the line numbers to stdout
  i = case insensitive search
  .* = hidden files/directory
  -E = extended regex (i.e., may use | for or) 
helpmanhelp/manual
displays all available commands & how to use them
ipconfig /allipconfig -aprint network details
mkdirmkdircreate new folder/directory
movemvmove file or folder
rmdirrmdirremove folder/directory
setenvset environment variable
set Pathecho $PATHprint value of environment var PATH
startstarting/opening a command/program
List of commands for Windows XP, Vista and Windows 7: http://ss64.com/nt/run.html
Ex.
subst notepad
start /d "C:\Program Files (x86)\Notepad++" notepad++.exe -> start the executable and close the command prompt that called it
substsubstituting path
subst R: D:\temp\temp
typecatdisplay contents of a file, concatenate files or create a new file
Ex.
cat > 1.txt
This is the first line.
- creates a simple text file. ^D mrks the end of file.
cat 1.txt - display contents of 1.txt
cat 1.txt 2.txt > 3.txt - concatenate 1.txt and 2.txt ans save it in 3.txt
treefind .,
ls -R
print directory structure
lessdisplay the contents of a text file on console
lnmake link
Types:
1. Hard link (default) - Points to a file through inode number. If the original file's name is changed, hard link still points to same file.
2. Symbolic link (ln -s) - Points to a file through name. If the original file's name is changed, symbolic link still points to the original name and does not point anymore to the original file. If the original file's content is changed, symbolic link still points to the same file.
ln -s myFolder myShortcut - create
ln -sfn myFolder2 myShortcut - update
   -f = force
   -n = treat LINK_NAME as a normal file if it is a symbolic link to a directory, else LINK_NAME  will be treated as symbolic link and will not effectively remove link to previous target and point to new target
printenvprint environment variables
tararchive/extract
tar -xvf sample.tar.gz

PATH
WindowsUnixDescription
\/Directory separator, e.g. C:\user\docs\sample.txt
/-Switch, e.g. dir /w
[drive letter:]\ or
\\[server name]\[volume]\
/Root directory
..Current directory
....Parent directory
~Home directory - $HOME var in UNIX, which usually is /home/username
C:\user\docs\sample.txt
docs\sample.txt
A:pic.jpg \\server01\user\docs\sample.txt
//home/user/docs/Letter.txt .
/inthisdir
../../greatgrandparent ~/.rcinfotd>
Sample paths


Source:
https://en.wikipedia.org/wiki/Path_(computing)

Sunday, January 13, 2013

Software Testing

Testing Levels
  • Unit testing
    • done in local/DEV
    • testing fixes individually
  • Integration testing
    • done in SIT
    • testing integrated modules
    • deals with integration of a process in the system, not the integration of the whole system
  • System testing
    • done in SIT
    • testing the system as a whole
    • Types of system testing:
      • Usability testing – this is how well the user can access the different features in the system and how easy it is to use.
      • GUI software testing – this is to check if graphically that the program looks how was intended and the GUI works as intended.
      • Security testing – this would be to check if important information is secure and if there are certain access restriction that they work.
      • Accessibility – how easy is it for various users including users with disability to use the system.
      • Reliability testing – to check that the system works for long period of time and does not constantly crash.
  • User acceptance testing
    • done in UAT
    • obtain confirmation that a system meets mutually agreed-upon requirements