Signed java applet

Posted in Programming with tags , , , on May 15, 2007 by wsjoung

Applet Security Basics

Below are the basic facts regarding applet security and Java Plug-in. More detail can be found in the next chapter, How RSA Signed Applet Verification Works in Java Plug-in.

  • All unsigned applets are run under the standard applet security model.
  • If usePolicy IS NOT DEFINED in the java.policy file, then a signed applet has the AllPermission permission if:
    Java Plug-in can verify the signers, and the user, when prompted, agrees to granting the AllPermission permission.
  • If usePolicy IS DEFINED, then a signed applet has only the permissions defined in java.policy and no prompting occurs.

Moreover, note that Java Plug-in now handles certificate management; i.e., the certificate verification task is no longer passed off to the browser.

keytool -genkey -keyalg rsa -alias MyCert
keytool -certreq -alias MyCert
keytool -import -alias MyCert -file VSSStanleyNew.cer

or

keytool -selfcert

and

jarsigner AppletName.jar MyCert
jarsigner -verify -verbose -certs AppletName.jar

Leave A Comment »

Eclipse web.xml validation problem

Posted in Software with tags , , , on February 7, 2007 by wsjoung

The problem is because of “http://java.sun.com/xml/ns/j2ee/j2ee_1_4.xsd” fil, it points ibm’s schema instead of Sun’s

Window -> Preferences… -> Web and XML -> XML Catalog

URI : http://java.sun.com/xml/ns/j2ee/j2ee_web_services_client_1_1.xsd
Key Type : Schema Location
Key : http://www.ibm.com/webservices/xsd/j2ee_web_services_client_1_1.xsd

Thanks Carey Evans

Leave A Comment »

mod_rewrite: Apache URL Rewriting

Posted in Server with tags , , , on January 24, 2007 by wsjoung

People loves to apply MVC model pretty much on their web application project. They likely put a controller which takes user input from the request and figures out what it means to the model. In this case, URL may looks like this, “index.php?category=sub”. It’s not pretty at all. If we can make this “category/sub”. it would be much better for search engine and users; security reason as well.

Module mod_rewrite URL Rewriting Engine
mod_rewrite, a beginner’s guide (with examples)
mod_rewrite: A Beginner’s Guide to URL Rewriting
mod_rewrite Cheat Sheet

1 Comment »

Personal and Team Software Process (PSP,TSP)

Posted in Software Eng with tags on January 22, 2007 by wsjoung

In software engineering area, there are many software development methods. Waterfall, spiral model which are very traditional methods and many of Agile methods including XP. But all those methods are focused on the project itself. what if there are couple of teams which work independently in the same project. or what if there are couple of people who work independently.

PSP, TSP are good to try to measuring time and quality and team-based work planning and tracking.

In anycase, it also have a good fit to small size of projects.

The Team Software Process (TSP) and the Personal Software Process (PSP)
Pathways to Process Maturity

1 Comment »

What is the most popular programming language?

Posted in Programming with tags , on December 28, 2006 by wsjoung

According to TIOBE, currently Java is the most popular language and C/ C++ are second, third placed.

They update top 20 languages every month, based on their rating method. And they use couple of webs searching engines to count on its resources like availability of skilled engineers, courses and third party vendors.

I think accuracy of this result is not important. It should be just for fun especially if you are the programmer who is using one of top 5. And personally I would like to suggest them that those programming languages should be categorized, because to compare Java with SAS or PL/SQL is not make sense. It’s just like comparing orange with apple.

Leave A Comment »

Java SE 6 Key Features

Posted in Java with tags , on December 13, 2006 by wsjoung

New Security Features and Enhancements

  • Native platform Security (GSS/Kerberos) integration.
  • Java Authentication and Authorization Service (JAAS) login module that employs LDAP authentication
  • New Smart Card I/O API
    » Find out more


Integrated Web Services

  • New API for XML digital signature services for secure web services
  • New Client and Core Java Architecture for XML-Web Services (JAX-WS) 2.0 APIs
  • New support for Java Architecture for XML Binding (JAXB) 2.0
    » Find out more


Scripting Language Support (JSR 223)

  • New framework and API for scripting languages
  • Mozilla Rhino engine for JavaScript built into the platform
    » Find out more


Enhanced Management and Serviceability

  • Improved JMX Monitoring API
  • Runtime Support for dTrace (Solaris 10 and future Solaris OS releases only)
  • Improved memory usage analysis and leak detection
    » Find out more


Increased Developer Productivity

  • JDBC 4.0 support (JSR 221)
  • Significant library improvements
  • Improvements to the Java Platform Debug Architecture (JPDA) & JVM Tool Interface


Improved User Experience

  • look-and-feel updates to better match underlying operating system
  • Improved desktop performance and integration
  • Enhanced internationalization support

Leave A Comment »

String constant pool

Posted in Programming with tags , , on November 26, 2006 by wsjoung

Everybody knows about String constant pool which is for efficient memory management in java. Basically most of objects are managed on heap area but String object. In most of ordinary application, programmers use String object quite often and this String object quite frequently need to be changed or it occupies large amounts of memory. Therefore instead of managing String object on heap area, they introduced String constant pool.

One of important characteristic of String constant pool is that it doesn’t create same String object if there is already String constant in the pool.

String var1 = “This is String Literal”;
String var2 = “This is String Literal”;

For above two String objects, JVM creates only one object in the String constant pool and for the second string reference variable (var2), it points the string object which is created for var1. In this case, (var1 == var2) is true.

But one thing, people make confused is that. It works only when it encounter on String Literal with double quote.

String var3 = new String(“This is String Literal”);

In this case, a regular object will be created by new keyword on heap area and it will be placed in the String constant pool. Finally it will be assigned to the reference variable, var3. This process is just by passing from String constant pool management. Therefore, (var1 == var3) is false.

10 Comments »

“null”, is this Object or not?

Posted in Java with tags , , on November 26, 2006 by wsjoung

In java, some people say null is Object and they also use “null object” term when they try to explain something related in null like NullPointerException.

And some people simply show “null instanceof Object” result to prove that null is not Object. Of course it returns false for “null instanceof Object”. Because null is technically not Object.

The reason why people keep regarding null as a kind of Object is that they are confused those two terms, Object itself and Reference variable which points an object. Whenever they say “null object”, which means actually reference variable, and that reference variable assigned for a specific bit pattern which is for null.

1 Comment »

Read all files in a directory

Posted in Programming with tags , , , on November 17, 2006 by wsjoung

int fileCount = 0;
File dir = new File(inputDirName);
File[] strFilesDirs = dir.listFiles();

if (strFilesDirs == null) {
System.err.println(inputDirName +” is not valid directory name or there is no pdb file”);
System.exit(1);
}
for (int i=0; i
if (strFilesDirs[i].isDirectory()) {
//System.out.println(”Directory: “+strFilesDirs[i]);
} else if (strFilesDirs[i].isFile()) {
//System.out.println(”File: “+strFilesDirs[i]+”(”+strFilesDirs[i].length()+”)”);
fileCount = fileCount + 1;
}
}

beside, there is no such method which is changing directory.

Leave A Comment »

Linux signal

Posted in System with tags , , , on November 17, 2006 by wsjoung

I was writing a shell scripts to manage my process. basically I have some jobs need to be run for long time at least 2 weeks, but the problem is that the system manager will kill all my processes during the night because it takes too much cpu resource and it increases the temperature.

So, I wanted to write a small scripts which can make all my processes stop during the night and resume next day.

There is SIGNALs

`HUP’ : 1. Hangup.

`INT’ : 2. Terminal interrupt.

`QUIT’ : 3. Terminal quit.

`ABRT’ : 6. Process abort.

`KILL’ : 9. Kill (cannot be caught or ignored).

`ALRM’ : 14. Alarm Clock.

`TERM’ : 15. Termination.

`BUS’ : Access to an undefined portion of a memory object.

`CHLD’ : Child process terminated, stopped, or continued.

`CONT’ : Continue executing, if stopped.

`FPE’ : Erroneous arithmetic operation.

`ILL’ : Illegal Instruction.

`PIPE’ : Write on a pipe with no one to read it.

`SEGV’ : Invalid memory reference.

`STOP’ : Stop executing (cannot be caught or ignored).

`TSTP’ : Terminal stop.

`TTIN’ : Background process attempting read.

`TTOU’ : Background process attempting write.

`URG’ : High bandwidth data is available at a socket.

Especially TSTP and CONT was useful for my job.
for example,

for line in $(cat $hosts)
do
pid=$(rsh $line ps aux|grep “rosetta.gcc”|awk ‘{print $2}’);
if [ $pid ] ; then
rsh $line kill -TSTP $pid
fi
done

Leave A Comment »

« Previous Entries
Next Entries »