I encounter this issue after apt-get upgrade / dist-upgrade in Debian. It is solved now.
The cause was a change in samba between versions 3.3.2 and 3.4.0.
Tuesday, November 6, 2012
Monday, June 25, 2012
SQL Import problems with Sample Data Package for Magento 1.6.1.0
If you download the Sample Data Package for Magento 1.6.1.0 and use a MySQL server is less than 5.1, it can be when importing the SQL script come to the following SQL error:
To go beyond this, you have 2 options - to manually fix the error in SQL file, OR to download patched file.
niskia:/xxx1# mysql -u magento1 -pXXXXX --database=magento1 < magento_sample_data_for_1.6.1.0.sql
ERROR 1064 (42000) at line 8354: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'USING BTREE,
KEY `FK_TAG_FIRST_CUSTOMER_ID_CUSTOMER_ENTITY_ENTITY_ID` (`first_' at line 7
To go beyond this, you have 2 options - to manually fix the error in SQL file, OR to download patched file.
Thursday, June 21, 2012
Error "failed to get a socket for (null)" after upgrading apache httpd
The symptom: After an regular Debian update, when I tried to start apache, it show me this error:
The line was
(22)Invalid argument: alloc_listener: failed to get a socket for (null)
...
Syntax error on line xx of /etc/apache2/ports.conf:
The line was
Listen 80
Wednesday, June 20, 2012
Status on verification of signed file
Digital Signature Status Values
| Status | Description |
|---|---|
| Valid | The signed data and the attached signature data have not been changed since the data was signed. The signature verification operation was successful. |
| Invalid | The signed data or the attached signature data has been tampered with. |
| Error | The data contained in the Signature element or the signature template itself is malformed, or some other error occurred during verification. In other words, the signature is cryptographically valid, but either it does not conform to the XML Signature standard, or it contains data in a format that InfoPath does not support. |
| Revoked | The digital certificate used to sign the data has been revoked. |
| Not Trusted | The digital certificate used to sign the data is not trusted, because no chain of trust can be identified. |
| Expired | The digital certificate used to sign the data is expired. |
Counter-signatures and signing a file with multiple certificates
Counter-signing is the action of signing data that includes another signature. Counter-signing requires that signatures have a precise sequence in which they can be deletedwithout invalidating the other signatures. Adding the first signature to a set of data signs the data itself. Adding a second signature does not sign the data in the form, but instead signs the first signature. Each additional counter-signature signs the previous signature. If the signed data itself is tampered with, only the first signature in the list becomes invalid; the status of the rest of the counter-signatures remains unchanged. If the data stored with a particular signature (in the Signature element) is tampered with, such as the comments or nonrepudiation information for that signature, then that signature and the following signature become invalid. For a specific set of signable data, only the last signature in the list can be deleted without affecting any of the others. For a set of signable data configured for counter-signatures, no other signatures can be added after a signature with the status other thanValid. That signature must be deleted before additional counter-signatures can be added.
When you enable digital signatures for an entire form, the form users must enter all the data they require before they sign the form. After the first signature is added, all controls in the form and the form's XML Document Object Model (DOM) become read-only, and the text [Signed] appears in the title bar. Other users who open the form cannot enter data; they can only add, remove, or verify counter-signatures.
When you enable digital signatures for an entire form, the form users must enter all the data they require before they sign the form. After the first signature is added, all controls in the form and the form's XML Document Object Model (DOM) become read-only, and the text [Signed] appears in the title bar. Other users who open the form cannot enter data; they can only add, remove, or verify counter-signatures.
Tuesday, June 19, 2012
Searching in default maven repository
http://repo1.maven.org/maven2/ is the default repository for Maven 2 & 3, but many times it is hard to find the project artifactId, groupId and version in it.
In this case I recommend to manually search for it in http://search.maven.org/
In this case I recommend to manually search for it in http://search.maven.org/
Monday, June 11, 2012
log4j in maven project
Adding support for log4j is realized via maven dependency. You have to edit pom.xml file, and add these lines:
Thursday, May 3, 2012
Catching database resources leaks with Tomcat - howto
This it a solution of "Cannot get a connection, pool error Timeout waiting for idle object" error message. It guides how to find your resource leak.
1. Add the red properties to your context.xml in this way:
<Resource name="jdbc/MyAppDS" auth="Container" type="javax.sql.DataSource"
maxActive="10" maxIdle="10" maxWait="10000" defaultAutoCommit="false"
username="user_dev" password="passssss" driverClassName="com.mysql.jdbc.Driver"
removeAbandoned="true" removeAbandonedTimeout="25" logAbandoned="true"
url="jdbc:mysql://my-mysqlserver.com:3306/databasename_dev?autoReconnect=true&characterEncoding=UTF-8"/>
2. Reproduce your problem to full the active connection. In the above configuration, I have limited them to 10, to reproduce the problem sooner.
3. Watch the stdout output for log of the abandoned connection. It is something like this:
3.1 If you do not have stdout.log file in Windows, check the link.
4. Correct the XXX.java file as you close the resource after its usage. It could not be easier!
1. Add the red properties to your context.xml in this way:
<Resource name="jdbc/MyAppDS" auth="Container" type="javax.sql.DataSource"
maxActive="10" maxIdle="10" maxWait="10000" defaultAutoCommit="false"
username="user_dev" password="passssss" driverClassName="com.mysql.jdbc.Driver"
removeAbandoned="true" removeAbandonedTimeout="25" logAbandoned="true"
url="jdbc:mysql://my-mysqlserver.com:3306/databasename_dev?autoReconnect=true&characterEncoding=UTF-8"/>
2. Reproduce your problem to full the active connection. In the above configuration, I have limited them to 10, to reproduce the problem sooner.
3. Watch the stdout output for log of the abandoned connection. It is something like this:
org.apache.tomcat.dbcp.dbcp.AbandonedTrace$AbandonedObjectException: DBCP object created 2012-05-03 15:51:35 by the following code was never closed:
at org.apache.tomcat.dbcp.dbcp.AbandonedTrace.setStackTrace(AbandonedTrace.java:139)
at org.apache.tomcat.dbcp.dbcp.AbandonedObjectPool.borrowObject(AbandonedObjectPool.java:81)
at org.apache.tomcat.dbcp.dbcp.PoolingDataSource.getConnection(PoolingDataSource.java:106)
at org.apache.tomcat.dbcp.dbcp.BasicDataSource.getConnection(BasicDataSource.java:1044)
at com.yourcompany.getDataSource(XXX.java:55)
...
Caused by: org.apache.tomcat.dbcp.dbcp.SQLNestedException: Cannot get a connection, pool error Timeout waiting for idle object
at org.apache.tomcat.dbcp.dbcp.PoolingDataSource.getConnection(PoolingDataSource.java:104)
at org.apache.tomcat.dbcp.dbcp.BasicDataSource.getConnection(BasicDataSource.java:880) ... 19 more
Caused by: java.util.NoSuchElementException: Timeout waiting for idle object
at org.apache.tomcat.dbcp.pool.impl.GenericObjectPool.borrowObject(GenericObjectPool.java:825)
at org.apache.tomcat.dbcp.dbcp.PoolingDataSource.getConnection(PoolingDataSource.java:96)
... 23 more
3.1 If you do not have stdout.log file in Windows, check the link.
4. Correct the XXX.java file as you close the resource after its usage. It could not be easier!
Get console output in Tomcat
You need stdout.log & stderr.log in Tomcat in Windows? Here is a guide how to get it.
1. If you use Apache as Windows service, the default behavior is the files to be created and filled. It it is not so, rightclick on taskbar service icon -> Configure -> Logging tab and check the values of 2 redirect dropdowns. They must be set to auto. The files are placed in %CATALINA_HOME%/logs folder.
2. If you use Tomcat not as windows service. I could not find the way of doing this. I redirected the output of the calling java in catalina.bat file but with no success. If you find a way of doing this, please post a comment below.
1. If you use Apache as Windows service, the default behavior is the files to be created and filled. It it is not so, rightclick on taskbar service icon -> Configure -> Logging tab and check the values of 2 redirect dropdowns. They must be set to auto. The files are placed in %CATALINA_HOME%/logs folder.
2. If you use Tomcat not as windows service. I could not find the way of doing this. I redirected the output of the calling java in catalina.bat file but with no success. If you find a way of doing this, please post a comment below.
Wednesday, March 28, 2012
Client authentication with SSL certificates in Jetty in maven
Here is an example pom.xml fragment:
<build>
<plugins>
<plugin>
<groupId>org.mortbay.jetty</groupId>
<artifactId>maven-jetty-plugin</artifactId>
<configuration>
<contextPath>/mycontext</contextPath>
<scanIntervalSeconds>5</scanIntervalSeconds>
<connectors>
<!--connector implementation="org.mortbay.jetty.nio.SelectChannelConnector">
<port>8080</port>
<maxIdleTime>60000</maxIdleTime>
</connector-->
<connector implementation="org.mortbay.jetty.security.SslSocketConnector">
<port>8443</port>
<maxIdleTime>60000</maxIdleTime>
<keystore>${project.basedir}/src/main/certificates/server1.jks</keystore>
<password>pass</password>
<keyPassword>pass</keyPassword>
<wantClientAuth>true</wantClientAuth><!-- deprecated! -->
<needClientAuth>false</needClientAuth><!-- deprecated! -->
<!-- http://stackoverflow.com/questions/8816874/avoid-use-of-deprecated-methods-in-org-eclipse-jetty-server-ssl-sslsocketconnect -->
</connector>
</connectors>
</configuration>
</plugin>
</plugins>
</build>
Client authentication with SSL certificates in Tomcat
Place something like this in server.xml file:
Attention: clientAuth parameter, in Tomcat 6.0 can get value "want", so it accepts connections with and wothout certificates. The application could decide what to do with the two types of clients internally. Take attention Tomcat 6.0 COULD NOT understand option clientAuth="optional". I suppose it was valid sometime, but now it is not.
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
sslProtocol="TLS"
keystorePass="pass"
keystoreFile="/data/miteff/someserver/server1.jks"
truststoreFile="/data/miteff/eshop/MiteffRootCa.jks"
truststorePass="pass"
keyAlias="www.miteff.com"
clientAuth="want"
SSLVerifyClient="optional"
SSLCACertificateFile="/data/miteff/someserver/MiteffRootCA.pem"
/>
Attention: clientAuth parameter, in Tomcat 6.0 can get value "want", so it accepts connections with and wothout certificates. The application could decide what to do with the two types of clients internally. Take attention Tomcat 6.0 COULD NOT understand option clientAuth="optional". I suppose it was valid sometime, but now it is not.
Tuesday, March 27, 2012
Checking certificate validity via CRL with openssl
openssl verify -crl_check -CAfile miteff-root-ca-c.crt -untrusted signer-ca-c3-chain.crt https-miteff.com.chain.crt
Thursday, March 22, 2012
maven webapp archetype
mvn archetype:generate -DgroupId=com.mycompany.app -DartifactId=my-webapp -DarchetypeArtifactId=maven-archetype-webapp
Wednesday, March 21, 2012
Getting HTTPS SSL certificates from HttpRequest in Java
Such an easy solution:
The result is the whole certificate chain.
The client could or could not send its certificate. A client certificate can be send in SSL version 3 and in TLS. You have to set an option to the web application server to want ant to accept client certificates. In jetty, the option is named wantClientAuth. Later I will extend the article with the name for Tomcat.
java.security.cert.X509Certificate cert[] =
(java.security.cert.X509Certificate[]) httpServletRequest.getAttribute
("javax.servlet.request.X509Certificate");
The result is the whole certificate chain.
The client could or could not send its certificate. A client certificate can be send in SSL version 3 and in TLS. You have to set an option to the web application server to want ant to accept client certificates. In jetty, the option is named wantClientAuth. Later I will extend the article with the name for Tomcat.
Monday, March 19, 2012
Adding external jar libraries to maven project
You have to add something like this in your pom.xml:
<dependency>
<groupId>com.xxx.yyy.messages</groupId>
<artifactId>xxxyyyMessages2</artifactId>
<version>2.0-SNAPSHOT</version>
<scope>system</scope>
<systemPath>${project.basedir}/../xxxyyyMessages2/target/xxxyyyMessages2-2.0-SNAPSHOT.jar</systemPath>
</dependency>
Monday, March 12, 2012
Making jar with dependency jars incorporated with maven
I want to start my program from the clear console. Here is the code, which has to be placed in pom.xml:
Redirecting output in MS DOS
I need to redirect the error output to file also. This can be done with
For example:
command > certpath.txt 2>&1
For example:
java -Djava.security.debug=certpath -jar target\xxx-2.0-SNAPSHOT-jar-with-dependencies.jar > certpath.txt 2>&1
Friday, March 9, 2012
Checking certificate validity via OCSP with OpenSSL
The certificate have to had a OCSP definition.
Note: add full path to the files
openssl
OpenSSL>
OpenSSL> ocsp -issuer G:\temp\1\XXXRootCA.pem -cert G:\temp\1\XXXRootCA.pem -CAfile G:\temp\1\XXXRootCA.pem -url http://ocsp.myserver.com:80 -text
Note: add full path to the files
Debugging classes without sources
I have to debug some classes, which are not provided with source code in NetBeans.
I have to choose from these options:
1. Switch to Eclipse and use JD-Eclipse. Many people indicates that they use it without problems.
2. Decompile the sources and add them to IDE. In this case we have to an another problem - line numbers. From Java bytecode, IDE knows the lines, where the operations are placed in source code. If lines mismatch, the debugger jumps to wrong numbers - fail.
I have to choose from these options:
1. Switch to Eclipse and use JD-Eclipse. Many people indicates that they use it without problems.
2. Decompile the sources and add them to IDE. In this case we have to an another problem - line numbers. From Java bytecode, IDE knows the lines, where the operations are placed in source code. If lines mismatch, the debugger jumps to wrong numbers - fail.
Sunday, March 4, 2012
Multiple vhosts with apache httpd
There are two major questions about that:
1. May an apache site has multiple https virtual hosts?
2. May an apache site has different certificates for different virtual hosts.
Answers:
1. May an apache site has multiple https virtual hosts?
2. May an apache site has different certificates for different virtual hosts.
Answers:
Tuesday, January 31, 2012
java.lang.OutOfMemoryError: PermGen space - Cause and Solution
The error was (in maven):
java.lang.OutOfMemoryError: PermGen space
Solution:
If you build with maven:
MAVEN_OPTS="-Xms512m -Xmx768m -XX:PermSize=256m -XX:MaxPermSize=512m"
AND
JAVA_OPTS="-Xms512m -Xmx768m"
If you use other tools, check their OPTS configuration - may be there is analogue.
java.lang.OutOfMemoryError: PermGen space
Solution:
If you build with maven:
MAVEN_OPTS="-Xms512m -Xmx768m -XX:PermSize=256m -XX:MaxPermSize=512m"
AND
JAVA_OPTS="-Xms512m -Xmx768m"
If you use other tools, check their OPTS configuration - may be there is analogue.
linux: Searching in command history
This is a great trick for everyone who uses linux console a lot.
1. Ctrl+R in console
2. Enter search string
3. OS suggests you a line from command history
4. If you want an older command with same search string, just hit Ctrl+R.
5. that's all folks
1. Ctrl+R in console
2. Enter search string
3. OS suggests you a line from command history
4. If you want an older command with same search string, just hit Ctrl+R.
5. that's all folks
Monday, January 23, 2012
EJBCA with jboss
EJBCA 4.07 supports jBoss version 5.1 but not jboss 6.0 or jboss 7.0. I checked with jboss web profile and with full version too.
The error message is in ant command
The error was:
So how i resolved it? I returned to jboss 5.1. :(
The error message is in ant command
ant bootstrap
The error was:
"package javax.ejb does not exist"
So how i resolved it? I returned to jboss 5.1. :(
Thursday, January 5, 2012
Optimizing queries with EXPLAIN
The explain command gives information about indexes which are used for the query, so you could check, whether it is optimized as you expected.
Tuesday, January 3, 2012
Problem with WebDAV folders in debian linux
Here is my problem:
When I try to copy some files / folders to webdav folder, I get an error in Windows XP and this log in my Linux box:
When I try to copy some files / folders to webdav folder, I get an error in Windows XP and this log in my Linux box:
[Tue Jan 03 13:49:35 2012] [error] [client 123.123.123.123] File does not exist: /the/webdav/folder/some-file.JPG
[Tue Jan 03 13:49:35 2012] [error] [client 123.123.123.123] The locks could not be queried for verification against a possible "If:" header. [500, #0]
[Tue Jan 03 13:49:35 2012] [error] [client 123.123.123.123] Could not open the lock database. [500, #400]
[Tue Jan 03 13:49:35 2012] [error] [client 123.123.123.123] (2)No such file or directory: Could not open property database. [500, #1]
Subscribe to:
Posts (Atom)