For above error update SVN client to SVN 1.2 or above.
Wednesday, May 28, 2008
Wednesday, May 14, 2008
Apache Installation with SSL: no OpenSSL headers found
If you get above error that means apache was not able to find the opensssl C header files for compiling withs SSL. First of all make sure you have OpenSSL installed on your machine, if not please install it. If you openssl installation is not at standard location then use --with-ssl=/path/to/your/openssl option with apache configuration.
My openssl was in /usr/local/ssl, which seemed to be standard location, but it Apache did not recognize it, I guess because it expects it in /usr/local/openssl. Anyways following worked for
./Configure --enable-ssl --with-ssl=/usr/local/ssl/
Open SSL installion issue on Solaris
I was installing openssl-0.9.7 on solaris when I got following error:
cc1: error: invalid option `arch=ultrasparc'
This was very strange, I googled but could not find the answer. Then I checked the operating system details, and here are the details:
uname -m --> sun4u
uname -r --> 5.9
uname -s --> SunOS
uname -v --> Generic_118558-28
gcc -v --> 3.4.6
I was using default ./config for installtion, which was selecting solaris-sparcv9-gcc as os/compiler flag. It assumed since i am using gcc version > 3.0 it would recognize -march=ultrasparc option. But since my compiler didn't understand that, I used following command.
bash# ./Configure solaris-sparcv9-gcc27
This forces it the config to not use the -march... option. So the above error disappeared, but resulted in one more error: 'ar command not found'
This time solution was easy, I just added /usr/ccs/bin to the path and it worked.
Monday, May 05, 2008
HTTP Redirect : Do it the right way !
There are two ways to redirect a user to a different page:
A) Server redirect : This is where server notifies the client in HTTP Response header that the page has been moved somewhere else. This is done by sending one of following response status code in response Header
- Permanent Redirect (301)
- Temporary Redirect (307)
- Undefined redirect (302)
JSP/Servlet: response.sendRedirect("PATH_TO_NEW_RESOURCE");
Perl:
print "Status: 301 Moved Permanantly\n";
print "Location: PATH_TO_NEW_RESOURCE\n\n";
Apache mod_rewrite:
rewriteEngine on
rewriteRule OLD_PATH PATH_TO_NEW_RESOURCE [R=permanent,L]
B) Client redirect : This is done in HTTP response body as opposed to the HTTP response header. This can be done either by HTTP META Header tag:
<META HTTP-EQUIV=REFRESH CONTENT="1; URL=PATH_TO_NEW_RESOURCE">
Or using JavaScript:
<script type="text/javascript"> window.location.href='PATH_TO_NEW_RESOURCE'; </script>
Here the client need to download the full body of the response, look for refresh instruction or Javascript code block and then proceed for new address.
Clearly you should use Method A (Server Redirection), Disadvantages of using Method B are:
1) It causes Browsers to flickr and refresh as the old page is loading.
2) The Meta tag could really break the Back button, You would have faced this problem with many pages, after clicking the back button and it keeps coming to the same page. Braking the back button is really a sin from UI design perspective, it is the second most used browser feature and you don't want to break it. User can get really annoyed with this, close the window, and may not visit your site.
3)The HTTP status code of the page will remain 200, most search engines will continue to think the location is valid. Any page rank of the old location will not be transferred to the new location.
Moreover in Method A the server also gives some information about the purpose and type of redirection, which allows the Client to behave differently depending on the type of redirect (302, 307 or 301).
Friday, May 02, 2008
Android Vs. OpenMoko
While microsoft is continuing to annoy users with enforcing new Vista OS for PC, which sucks big time. Other players are clearly seeing future in Mobile phone. While Apple iPhone is clearly the winner currently, Google has launched Android and has got a lot of media attention, even though the first working phone is not available yet. Though Trolltech's Qtopia GreenPhone and Openmoko could not get such the media attention, but they are worth mentioning.
Future of GreenPhone doesn't look so green to me, but Openmoko will go a long way. They have recently open sourced the CAD files for NEO handset. So with Openmoko you can pretty much create your own cell phone. While this sound good for geeks, it might not be so attractive for end users. A normal consumer would want a well finish product, and some branding too. Here Android has a unfair advantage over Openmoko.
With $10 million prize tag, Android is bound to get lot of innovation from developer community. So innovation, Google Brand, backing of Open Handset Alliance may well get Android platform way ahead of competition. But it will be interesting to see how Apple reacts to Android challenge. I don't have much expectations form Windows Mobile and Symbian.
Thursday, May 01, 2008
SVN branches and tags
I always prefer SVN over CVS, because SVN really is improvement over CVS. For detailed comparison you can read this and this. Many CVS old timers don't like the concept of tagging and branching in SVN. There are no tags and branches really in SVN, you just have ability to copy folders with history of changes. Tags and Branches then becomes just concept as to how you would want to implement them. Normap convention is to put branches under branches dir and tags under tag dir, which would make it look like this:
And to restrict check-ins to tags, I would prefer a normal code of conduct between developers, but still if you want to the enforce the policy using SVN, make changes to authz fille and add following
--my-module
|
--tags
|
--branches
|
--trunk
[/tags]
* = r
make sure you edit the svnserve.conf file and set authz-db = authz.
JSON formatter
Here is a JSON formatter on the lines of Javascript formatter. Sometimes these prove to be useful to understand badly formatted useful code.
Configuting SSL with Jetty
This Jetty doc page provides how to configure SSL for Jetty. But this is not enough, you would want do disallow weaker ciphers in Jetty its not, and this article explains how to do it. But remember the name it expects in "ExcludeCipherSuites" are Java Cipher names and not OpenSSL cipher name.
SSL Testing
Here is a very good OWASP wiki page on testing SSL. I would like to add my 2 cents to it:
- You would need nmap for port scan. But on windows you would need windows packet capture library before installing nmap. To run nmap on windows vista, you need to run it with elevated privileges. You open an elevated command prompt by right-clicking on the command prompt
link and using "run as administrator".
-Download nessus and install SSL plugin for nessus, you would need plugin with IDs (21643 and 10863)
SSL setup using Apache
Download stable version of Apache 2.2 from apache download site
Install Apache with ssl,
gzip -d httpd-
.tar.gz | tar xvf
- cd httpd-
- ./configure -prefix
--enable-ssl --enable-setenvif - make
- make install
copy the certificate (server.cert) and private key (server.key) files in this directory.
Secure the private key, by changing the permissions:
> cd
> chmod 400 server.crt server.key
Minimal configuration for SSL in httpd.conf:
# Enable SSL
SSLEngine On
# Path to the server certificate
SSLCertificateFile
# Path to the server private key
SSLCertificateKeyFile
#Change the server binding to listen on 443
Listen myserver.mydomain.com:443
Securing SSL setup : httpd.conf changes
# SSL-V2 is flawed, disallow its use
SSLProtocol All -SSLv2
# Disallows the situation where, though the server supports high-grade encryption, the client negotiates a low-grade (e.g., 40-bit) protocol suite, which offers little protection:
SSLCipherSuite HIGH:MEDIUM:!aNULL:+SHA1:+MD5:+HIGH:+MEDIUM
#Enforce strict SSL access policy
SSLOptions +StrictRequire
#Allow access only through SSL
<virtualhost>
RedirectPermanent / https://my.mchek.com/
</virtualhost>
Additional configuration:
SSLMutex file:
SSLRandomSeed startup file:/dev/urandom 1024
SSLRandomSeed connect file:/dev/urandom 1024
SSLSessionCache shm
SSLSessionCacheTimeout 600
SSLVerifyClient none
SSLProxyEngine off
<Directory />
SSLRequireSSL
</Directory>
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0
For more detailed installation instruction and explanations this is a good article.
Wednesday, April 30, 2008
ClassNotFoundException vs. NoClassDefFoundError
ClassNotFoundException simply means that the class in not available in the CLASSPATH. You can see my previous post for tools to find the proper jar file containing the class. This exception is simpler to solve.
NoClassDefFoundError is little tricky. This means that the class is available in the CLASSPATH and still its definition could not be loaded. The most common reason for this issue is some problem with the static block of the class in question. If you have the source check the static block of the class or if you don't have the source find the jar file in local classpath using jarscan and decompile using JAD and review the static block.
Finding a Jar for Class
Classpath issues are one of the most common issues while developing application using many open source libraries. Finding the right jar file and adding it to classpath could turn out to be nightmare if you don't use the right tools. Many developers end up adding all the jars they know to the CLASSPATH, in order to solve the problem. This is obviously not the right approach, but people still use it because they don't know an easy way to find the Jar file containing the class file.
You can use JarFinder or DocJar to search for the Jar files containing a particular class online. You can also JarScan to find the class in locally available Jar files.
Sunday, April 27, 2008
Regular Expression usefuls
If you use regular expression very regularly and you also happen to use eclipse then this plug-in is worth installing. And if you already don't know this is a library of regular expressions. The lib is very useful at times.
Tuesday, April 22, 2008
Automating interective application on UNIX
I was trying to write a shell script which would scp my files to another computer and execute some commands on that machine. My first thought was I won't be able to do this in shell script until I discovered expect. There is another tool called empty, which looked little better at first look, but I haven't tried it.
Command Line XML tool
I was looking for a tool to parse and query XML document from command line in UNIX environment. I needed this to be used in a shell script where I had to parse a XML file generated by another Application. I found XmlStarlet, after some googling, the tool is very useful to be used inside shell script as well as from command-line. Here is a good getting Started tutorial.
Thursday, January 24, 2008
Installation Wiki
InstallationWiki is a lesser known site but I find it very useful to troubleshoots my installation issue.
Accessing remote Linux UI from windows
Sometime you need to access UI of the remote *nix platform from windows machine, I need this quite often for testing my standalone Java swing application.
- Download Xming and install.
- Open ${xming_home}/X0.hosts file, add the IP of your linux box, this works like xhost config on *nix.
- Restart Xming from system tray.
- set the DISPLAY to your PC, e.g. for bash shell use cmd: export DISPLAY=${my_pc_ip}:0.0
- run your GUI command on the shell
My Simple Ajax Util
I have been using a simple Ajax Util, for my Ajax calls for places where I just need simple AJAX calls and don't want to use any of the JS libs. This is how you use the Util
function ajexTest(){
var ajax = new AjaxUtil();
ajax.url= "http://www.google.com";
ajax.formObj=document.searchCustomerForm;
ajax.waitCallback = function(){
//do something while waiting
}
ajax.scucessCallback = function(text){
//do something on success
}
ajax.doPost();
}
And following is AjaxUtil code:
/**
* Author:Anurag Kumar Jain
* Date: July 11, 2007
**/
function AjaxUtil(){
//alert("creating AjaxUtil);
this.req=this.init();
this.url="";
this.parameters="";
this.async=true;
this.formObj;
this.scucessCallback=null;
this.ajaxCallback=null;
this.errorCallback2=null;
this.errorCallback=function(responseText){
//alert(responseText);
document.location.href = "error.jsp";
}
var me = this;
this.req.onreadystatechange = function() {
//alert("in processRequest readyState = " + ajaxRequest.readyState);
// readyState of 4 signifies request is complete
if (me.req.readyState == 4) {
// status of 200 signifies sucessful HTTP call
//alert(ajaxRequest.responseText);
if (me.req.status == 200) {
//alert("ajax Callback Function is: " + ajaxCallback);
//alert(me.req.responseText);
//alert(me.req.status);
if (me.scucessCallback) me.scucessCallback(me.req.responseText);
}else{
//alert(me.req.status);
if(me.errorCallback) me.errorCallback(me.req.responseText);
if(me.errorCallback2) me.errorCallback2(me.req.status, me.req.responseText);
}
}
}
}
AjaxUtil.prototype.init = function() {
//alert("initializting request");
if (window.XMLHttpRequest) {
return new XMLHttpRequest();
} else if (window.ActiveXObject) {
return new ActiveXObject("Microsoft.XMLHTTP");
}
};
AjaxUtil.prototype.doPost = function () {
//alert("in doPost");
//alert(this.url);
this.req.open("POST", this.url, this.async);
this.req.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
//req.setRequestHeader("Content-length", this.parameters.length);
//this.req.setRequestHeader("Connection", "close");
this.parameters+=getFormValues(this.formObj,null);
//alert(this.parameters);
//alert(this.url); alert(this.parameters);
this.req.send(this.parameters);
if(this.waitCallback) this.waitCallback();
};
AjaxUtil.prototype.doGet = function(){
//alert("in doGet");
//alert(this.url);
this.req.open("GET", this.url, this.async);
this.req.send(null);
if(this.waitCallback) this.waitCallback();
};
function getFormValues(fobj,valFunc){
var str = "";
var valueArr = null;
var val = "";
var cmd = "";
for(var i = 0;i < cmd =" valFunc" val =" eval(cmd)" str =" str.substr(0,(str.length">