Steve Souders of Yahoo Performance Group has an excellent write up on improving the performance of web sites.
You can get it here:
Exceptional Performance : Best Practices for Speeding Up Your Web Site
Friday, December 28, 2007
Best Practices for Speeding Up Web Sites
Saturday, December 08, 2007
Disable rtvscan.exe on Windows?
If you have symantec anti-virus installed on your windows box, invariably the "rtvscan.exe" process will be running all the time. You may see that your applications run slower and this rtvscan process is hogging a lot of the memory.
I want to disable rtvscan.exe, how do I do it?
Unfortunately, the answer lies in uninstalling Symantec and (maybe) get another anti-virus software. But do not despair. You can disable it temporarily and repeat the process often.
To disable this service, do this disable rtvscan.exe. This will allow you to perform your normal operations on your windows box, when resources become difficult.
Now that you have learnt to disable the process that takes a lot of resources on your windows laptop, I do suggest reading Top ten security menaces of 2008.
If you have wmplayer.exe in your task manager, then do check this.
I want to disable rtvscan.exe, how do I do it?
Unfortunately, the answer lies in uninstalling Symantec and (maybe) get another anti-virus software. But do not despair. You can disable it temporarily and repeat the process often.
To disable this service, do this disable rtvscan.exe. This will allow you to perform your normal operations on your windows box, when resources become difficult.
Now that you have learnt to disable the process that takes a lot of resources on your windows laptop, I do suggest reading Top ten security menaces of 2008.
If you have wmplayer.exe in your task manager, then do check this.
Monday, December 03, 2007
Thursday, November 29, 2007
Wednesday, November 21, 2007
SVN undo a change
Assume that revision 92 contains the changes we are undoing.
In order to undo a commit that has been made to the repository we just tell SVN to apply the reverse of the changeset to our working copy in the current directory.
svn merge --revision 92:91 .
The output will show files being updated or deleted, we can now check those changes.
svn diff
And if all looks good we can commit our repaired files.
svn commit -m "removing changes from revision 92"
Good to go!
References:
http://seamlesstrust.org/trustwiki/index.php/SVN_Undo_Operation
http://www.jamescooke.info/blog_archive/how-to-undo-a-subversion-commit/
In order to undo a commit that has been made to the repository we just tell SVN to apply the reverse of the changeset to our working copy in the current directory.
svn merge --revision 92:91 .
The output will show files being updated or deleted, we can now check those changes.
svn diff
And if all looks good we can commit our repaired files.
svn commit -m "removing changes from revision 92"
Good to go!
References:
http://seamlesstrust.org/trustwiki/index.php/SVN_Undo_Operation
http://www.jamescooke.info/blog_archive/how-to-undo-a-subversion-commit/
Wednesday, October 31, 2007
Java Class Loaders
Be sure to check out this decent article on JCL on the commons-logging page:
JCL Information
Another article on Classloaders is on Java World: Find a way out of the ClassLoader maze
The JNDI Tutorial talks about Classloaders.
JCL Information
Another article on Classloaders is on Java World: Find a way out of the ClassLoader maze
* JNDI uses context classloaders
* Class.getResource() and Class.forName() use the current classloader
* JAXP uses context classloaders (as of J2SE 1.4)
* java.util.ResourceBundle uses the caller's current classloader
* URL protocol handlers specified via java.protocol.handler.pkgs system property are looked up in the bootstrap and system classloaders only
* Java Serialization API uses the caller's current classloader by default
The JNDI Tutorial talks about Classloaders.
Sunday, October 28, 2007
CheatSheet
Ignore the following as it is just a personal notepad:
Copy to tomcat lib:
f-tomcat.jar
openws-1.0-alpha1.jar
opensaml2-2.0-alpha1.jar
xmltooling-1.0-alpha1.jar
log4j.jar
joda
xmlsec
commons-logging
velocity-dep
javolution
endorse tomcat. (copy endorsed directory under tomcat dir)
Copy to tomcat lib:
f-tomcat.jar
openws-1.0-alpha1.jar
opensaml2-2.0-alpha1.jar
xmltooling-1.0-alpha1.jar
log4j.jar
joda
xmlsec
commons-logging
velocity-dep
javolution
endorse tomcat. (copy endorsed directory under tomcat dir)
Friday, October 26, 2007
Should I do JAXRPC or JAXWS?
You may be plagued by this question often when you are starting to evaluate web service technologies in the Java EE space.
A good article that has take a decent stab at addressing this issue is:
http://www.ibm.com/developerworks/webservices/library/ws-tip-jaxwsrpc.html
In my honest opinion, you should choose JAX-WS because it brings you simplicity. EJB3 with JSR-181 type web services is the ultimate choice.
A good article that has take a decent stab at addressing this issue is:
http://www.ibm.com/developerworks/webservices/library/ws-tip-jaxwsrpc.html
In my honest opinion, you should choose JAX-WS because it brings you simplicity. EJB3 with JSR-181 type web services is the ultimate choice.
Thursday, October 25, 2007
Local DNS Modifications on Windows
Original Location: http://blog.kowalczyk.info/kb/local-dns-modifications-on-windows---etc-hosts-equivalent-.html
On Unix, /etc/hosts file contains mappings between an IP address and a name of the host. It overrides mappings from DNS. Windows has an equivalent of this file: c:\WINDOWS\system32\drivers\etc\hosts (at least that's the name on Windows XP).
Here's the simplest mapping from 127.0.0.1 to localhost and a.test.cc names:
127.0.0.1 localhost a.test.cc
On Unix, /etc/hosts file contains mappings between an IP address and a name of the host. It overrides mappings from DNS. Windows has an equivalent of this file: c:\WINDOWS\system32\drivers\etc\hosts (at least that's the name on Windows XP).
Here's the simplest mapping from 127.0.0.1 to localhost and a.test.cc names:
127.0.0.1 localhost a.test.cc
Friday, August 24, 2007
Dump:GSSAPI with kerberos/spnego
1. Look in the HttpServletRequest for an "Authorization: Negotiate (lots of Base64)" header.
2. If there isn't one, send an HTTP 401 response with a "WWW-Authenticate: Negotiate" challenge, and return.
3. Create a GSSAPI acceptor context for SPNEGO/GSSAPI/Kerberos, Base64 decode the token, and pass it to GSSContext.acceptSecContext().
4. If GSSContext.acceptSecContext() returns an output token (for mutual authentication), Base64 encode it, generate a "WWW-Authenticate: Negotiate (a little Base64)" HTTP header, and add it to the HTTP 200 response.
5. If GSSContext.isEstablished() isn't true, complain bitterly and abort.
6. Otherwise, use GSSContext.getPeerName() to discover who the (now authenticated) client is, use that information to populate the Subject, throw away the GSSContext, and declare victory for validateRequest()
2. If there isn't one, send an HTTP 401 response with a "WWW-Authenticate: Negotiate" challenge, and return.
3. Create a GSSAPI acceptor context for SPNEGO/GSSAPI/Kerberos, Base64 decode the token, and pass it to GSSContext.acceptSecContext().
4. If GSSContext.acceptSecContext() returns an output token (for mutual authentication), Base64 encode it, generate a "WWW-Authenticate: Negotiate (a little Base64)" HTTP header, and add it to the HTTP 200 response.
5. If GSSContext.isEstablished() isn't true, complain bitterly and abort.
6. Otherwise, use GSSContext.getPeerName() to discover who the (now authenticated) client is, use that information to populate the Subject, throw away the GSSContext, and declare victory for validateRequest()
Friday, March 16, 2007
Programmatic Web Login in JBoss
Sometime ago there was a question on whether there was support for Programmatic Web Login in JBoss. We did not have it.
Security Forum Question
Starting JBoss 4.2.0.GA, this feature is available:
http://wiki.jboss.org/wiki/Wiki.jsp?page=WebAuthentication
Security Forum Question
Starting JBoss 4.2.0.GA, this feature is available:
http://wiki.jboss.org/wiki/Wiki.jsp?page=WebAuthentication
Java PKI Management Tools
The command line tool "keytool" as part of the JDK is not the best tool from an usability perspective. There is the issue of various signature algorithms (DSA,RSA etc), various keystore types(JKS,pkcs12 etc), generation of CSRs etc.
I did play around with the "keyman" tool available from IBM for free. Quite decent.
I came across the following OSS tool "CSRTool". I have not yet played around with it.
CSRTool
I did play around with the "keyman" tool available from IBM for free. Quite decent.
I came across the following OSS tool "CSRTool". I have not yet played around with it.
CSRTool
Fine Tune JBoss
Ever wondered how you can fine the JBoss Application Server?
Then just look at the following wiki page on JBoss Wiki:
Fine Tuning JBoss
Then just look at the following wiki page on JBoss Wiki:
Fine Tuning JBoss
Wednesday, March 14, 2007
Using HttpClient to make a FORM based conversation
I found this blog that had some code for doing FORM based authentication conversation.
http://cocoalocker.blogspot.com/2007/01/java-ruby-http-clients.html
===========
So the Java code to access the servlet using form based authentication looks like this:
http://cocoalocker.blogspot.com/2007/01/java-ruby-http-clients.html
===========
So the Java code to access the servlet using form based authentication looks like this:
public static void formAuthDemo()
throws IOException, HttpException {
HttpClient client = new HttpClient();
// make the initial get to get the JSESSION cookie
GetMethod get = new GetMethod(
"http://localhost:8080/MyWebApp/myservlet");
client.executeMethod(get);
get.releaseConnection();
// authorize
PostMethod post = new PostMethod(
"http://localhost:8080/MyWebApp/j_security_check");
NameValuePair[] data = {
new NameValuePair("j_username", "tomcat"),
new NameValuePair("j_password", "tomcat")
};
post.setRequestBody(data);
client.executeMethod(post);
post.releaseConnection();
//resubmit the original request
client.executeMethod(get);
String response = get.getResponseBodyAsString();
get.releaseConnection();
System.out.println(response);
}
==================
Saturday, March 10, 2007
Firefox Tips
Use SHIFT-DELETE (or just DEL) on mistyped auto-completion suggestions.
Saturday, March 03, 2007
Sun's Open Source OpenSSO Project
I am going to take a look at Sun's OSS project OpenSSO.
Some references:
Nightly Builds of OpenSSO
Final Conclusion:
A big project to look at in short time. They make use of JWSDP (Jaxrpc) and JAXB impl which may not work for me.
Some references:
Orhan Alkan's Weblog
Orhan's Installation GuideNightly Builds of OpenSSO
Final Conclusion:
A big project to look at in short time. They make use of JWSDP (Jaxrpc) and JAXB impl which may not work for me.
Friday, March 02, 2007
ApacheCon Europe 2007
I will be presenting a session on "Apache Tomcat Security" on May 4, 2007 at ApacheCon 2007 at Amsterdam. If you are going to be present at the conference, do attend this one-hour presentation.
ApacheCon 2007
Related stories:
Apache Tomcat v6.0 is stable and is released. Apache News.
Additional details on the new IO mechanism in v6 using APR/NIO.
Tomcat AIO
Greg Wilkin's blog entry on Async Servlets
As usual, the Apache Tomcat web page is: Apache Tomcat
ApacheCon 2007
Related stories:
Apache Tomcat v6.0 is stable and is released. Apache News.
Additional details on the new IO mechanism in v6 using APR/NIO.
Tomcat AIO
Greg Wilkin's blog entry on Async Servlets
As usual, the Apache Tomcat web page is: Apache Tomcat
Sunday, February 18, 2007
SSL Cheatsheet
Make OpenSSL as a CA
* I am using openssl that is part of cygwin.
cd openssl
mkdir demoCA/private
Step 1: Generate a key for the CA certificate - this should have a larger keysize as it secures all other certificates
openssl genrsa -des3 -out ./demoCA/private/cakey.pem 2048
----------------------------
Generating RSA private key, 2048 bit long modulus
..+++
................+++
e is 65537 (0x10001)
Enter pass phrase for ./demoCA/private/cakey.pem:
2968:error:28069065:lib(40):UI_set_result:result too small:ui_lib.c:849:You must
type in 4 to 1023 characters
Enter pass phrase for ./demoCA/private/cakey.pem:
Verifying - Enter pass phrase for ./demoCA/private/cakey.pem:
-------------------------------
My pass phrase is "changeme". You can choose anything.
* I am using openssl that is part of cygwin.
cd openssl
mkdir demoCA/private
Step 1: Generate a key for the CA certificate - this should have a larger keysize as it secures all other certificates
openssl genrsa -des3 -out ./demoCA/private/cakey.pem 2048
----------------------------
Generating RSA private key, 2048 bit long modulus
..+++
................+++
e is 65537 (0x10001)
Enter pass phrase for ./demoCA/private/cakey.pem:
2968:error:28069065:lib(40):UI_set_result:result too small:ui_lib.c:849:You must
type in 4 to 1023 characters
Enter pass phrase for ./demoCA/private/cakey.pem:
Verifying - Enter pass phrase for ./demoCA/private/cakey.pem:
-------------------------------
My pass phrase is "changeme". You can choose anything.
Tuesday, February 13, 2007
Wishing Marc Fluery All The Very Best
I would like to wish marcf all the very best in all his future endeavors. At a time when there were no good low-cost Application Servers available to try out J2EE, marcf and others created JBoss, a true open source JavaEE Application Server that was easy to download and use.
Subscribe to:
Posts (Atom)