Skip to main content

Home/ SoftwareEngineering/ Group items matching "hosting" in title, tags, annotations or url

Group items matching
in title, tags, annotations or url

Sort By: Relevance | Date Filter: All | Bookmarks | Topics Simple Middle
kuni katsuya

MySQL :: MySQL 5.1 Reference Manual :: 21.3.5.1 Driver/Datasource Class Names, URL Syntax and Configuration Properties for Connector/J - 0 views

dev.mysql.com/...-configuration-properties.html

mysql jdbc configuration

shared by kuni katsuya on 17 Jul 12 - Cached
  • The name of the class that implements java.sql.Driver in MySQL Connector/J is com.mysql.jdbc.Driver
  • JDBC URL Format The JDBC URL format for MySQL Connector/J is as follows, with items in square brackets ([, ]) being optional: jdbc:mysql://[host][,failoverhost...][:port]/[database] » [?propertyName1][=propertyValue1][&propertyName2][=propertyValue2]... If the host name is not specified, it defaults to 127.0.0.1. If the port is not specified, it defaults to 3306, the default port number for MySQL servers. jdbc:mysql://[host:port],[host:port].../[database] » [?propertyName1][=propertyValue1][&propertyName2][=propertyValue2]... Here is a sample connection URL: jdbc:mysql://localhost:3306/sakila?profileSQL=true
  • Initial Database for Connection If the database is not specified, the connection is made with no default database
  • ...2 more annotations...
  • fully specify table names using the database name (that is, SELECT dbname.tablename.colname FROM dbname.tablename...) in your SQL
  • work with multiple databases
    • kuni katsuya
      kuni katsuya on 17 Jul 12
       
      including cross database joins
kuni katsuya

Fetching Client IP Address and Header information in JBoss AS7 access log « JBoss - 0 views

middlewaremagic.com/jboss

jbossas7 AccessLog

shared by kuni katsuya on 11 Oct 12 - No Cached
  • Fetching Client IP Address and Header information in JBoss AS7 access log
  • “org.apache.catalina.valves.AccessLogValve”
  • More informations about this Valve can be found in the following link: http://tomcat.apache.org/tomcat-5.5-doc/config/valve.html#Access_Log_Valve
  • ...10 more annotations...
  • Some of the useful patterns
  • %h - Remote host name (or IP address if resolveHosts is false)
  • %a - Remote IP address
  • %u - Remote user that was authenticated (if any), else '-'
  • %r - First line of the request (method and request URI)
  • %s - HTTP status code of the response
  • %b - Bytes sent, excluding HTTP headers, or '-' if zero
  • %S - User session ID
  • %t - Date and time, in Common Log Format
  • %m - Request method (GET, POST, etc.)
  • kuni katsuya on 11 Oct 12
     
    "/subsystem=web/virtual-server=default-host/access-log=configuration:add(pattern="%h %l %u %t "%r" %s %b %{User-Agent}i %{JSESSIONID}c")"
kuni katsuya

Session Management | Apache Shiro - 0 views

shiro.apache.org/session-management.html

java security authentication authorization ApacheShiro SessionManagement session

shared by kuni katsuya on 04 Oct 12 - No Cached
  • available in any application,
  • regardless of container.
  • even if you deploy your application in a Servlet or EJB container, there are still compelling reasons to use Shiro's Session support instead of the container's
  • ...40 more annotations...
  • Easy Custom Session Storage
  • POJO/J2SE based (IoC friendly)
  • Container-Independent Clustering!
  • Heterogeneous Client Access
  • Event Listeners
  • listen to lifecycle events during a session's lifetime
  • Host Address Retention
  • retain the IP address or host name of the host from where the session was initiated
  • Inactivity/Expiration Support
  • can be prolonged via a touch() method to keep them 'alive' if desired
  • Transparent Web Use
  • can use Shiro sessions in existing web applications and you
  • don't need to change any of your existing web cod
  • Can be used for SSO
  • easily stored in any data source
  • can be
  • 'shared'
  • across applications if needed
  • 'poor man's SSO'
  • simple sign-on experience since the shared session can retain authentication state
  • interface-based and implemented with POJOs
  • allows you to easily configure all session components with any JavaBeans-compatible configuration format, like JSON, YAML
  • easily extend
  • customize session management functionality
  • session data can be easily stored in any number of data sources
  • easily clustered using any of the readily-available networked caching products
  • no matter what container you deploy to, your sessions will be clustered the same way
  • No need for container-specific configuration!
  • Shiro sessions can be 'shared' across various client technologies
  • listen for these events and react to them for custom application behavior
  • SecurityUtils.getSubject()
  • currentUser.getSession()
  • If the Subject already has a Session, the boolean argument is ignored and the Session is returned immediately
  • If the Subject does not yet have a Session and the create boolean argument is true,
  • a new session will be created
  • and returned.
  • If the Subject does not yet have a Session and the create boolean argument is false, a new session will not be created and null is returned.
  • Suject.getSession(boolean create)
  • method functions the same way as the
  • HttpServletRequest.getSession(boolean create) method:
    • kuni katsuya
      kuni katsuya on 04 Oct 12
kuni katsuya

Fiddler Web Debugger - Configuring clients - 0 views

www.fiddler2.com/...hookup.asp

https debug SSL ManInTheMiddle Fiddler proxy

shared by kuni katsuya on 20 Feb 13 - No Cached
  • Debug traffic from another machine (even a device or Unix box)
  • Allow remote clients to connect
  • kuni katsuya on 20 Feb 13
     
    "HTTP application to use Fiddler? You can either directly configure the WinHTTP application to point to Fiddler, in code, or you can use the following command at the command prompt to tell WinHTTP to use Fiddler: On XP or below: proxycfg -p http=127.0.0.1:8888;https=127.0.0.1:8888 ...or this one to force WinHTTP to use WinINET's proxy settings: proxycfg -u On Vista or above, use an Elevated (admin) command prompt: netsh winhttp set proxy 127.0.0.1:8888 Note: On Windows 7 and earlier, netsh is bitness specific, so you may want to run the above command twice: first using the 32bit NETSH and then using the 64bit NETSH. This blog has more information. This issue was fixed in Windows 8; you can call either NetSh just once to set the proxy for both 32bit and 64bit WinHTTP hosts. Capture traffic from a different account, like ASP.NET on IIS or from a Windows Service? Trying to capture SOAP calls coming from ASP.NET or some background service process?  By default, Fiddler registers as the proxy only for the current user account (ASP.NET runs in a different user account). To get a background process (like the ASP.NET or IIS process) to use Fiddler, you must configure that process to use Fiddler. Typically, this is done by editing web.config or machine.config for the ASP.NET installation, or the configuration for the code running within the Windows Service. Please see http://msdn.microsoft.com/en-us/magazine/cc300743.aspx#S4 or the section on .NET or WinHTTP, depending on which network stack the service is using. Configure Windows Phone 7 to use Fiddler? Please see http://blogs.msdn.com/b/fiddler/archive/2011/01/09/debugging-windows-phone-7-device-traffic-with-fiddler.aspx for actual device hardware, or http://blogs.msdn.com/b/fiddler/archive/2010/10/15/fiddler-and-the-windows-phone-emulator.aspx for the emulator. Configure Google Nexus 7 (Andoid 4.1 Jellybean) to use Fiddler? Please see this page. Configure Android Emulator to use Fiddler? Please see http://au
kuni katsuya

Session Management Cheat Sheet - OWASP - 0 views

www.owasp.org/...Session_Management_Cheat_Sheet

OWASP BestPractices CheatSheet SessionManagement

shared by kuni katsuya on 21 Sep 12 - No Cached
  • Session Management Cheat Sheet
  • should not be extremely descriptive nor offer unnecessary details
  • change the default session ID name of the web development framework to a generic name
  • ...50 more annotations...
  • length must be at least 128 bits (16 bytes)
  • Session ID Length
  • Session ID Name Fingerprinting
  • Session ID Properties
  • Session ID Entropy
  • must be unpredictable (random enough) to prevent guessing attacks
  • good PRNG (Pseudo Random Number Generator) must be used
  • must provide at least 64 bits of entropy
  • Session ID Content (or Value)
  • content (or value) must be meaningless
  • identifier on the client side
  • meaning and business or application logic associated to the session ID must be stored on the server side
  • session objects or in a session management database or repository
  • create cryptographically strong session IDs through the usage of cryptographic hash functions such as SHA1 (160 bits).
  • Session Management Implementation
  • defines the exchange mechanism that will be used between the user and the web application to share and continuously exchange the session ID
  • token expiration date and time
  • This is one of the reasons why cookies (RFCs 2109 & 2965 & 6265 [1]) are one of the most extensively used session ID exchange mechanisms, offering advanced capabilities not available in other methods
  • Transport Layer Security
  • use an encrypted HTTPS (SSL/TLS) connection for the entire web session
  • not only for the authentication
  • process where the user credentials are exchanged.
  • “Secure” cookie attribute
  • must be used to ensure the session ID is only exchanged through an encrypted channel
  • never switch a given session from HTTP to HTTPS, or viceversa
  • should not mix encrypted and unencrypted contents (HTML pages, images, CSS, Javascript files, etc) on the same host (or even domain - see the “domain” cookie attribute)
  • should not offer public unencrypted contents and private encrypted contents from the same host
  • www.example.com over HTTP (unencrypted) for the public contents
  • secure.example.com over HTTPS (encrypted) for the private and sensitive contents (where sessions exist)
  • only has port TCP/80 open
  • only has port TCP/443 open
  • “HTTP Strict Transport Security (HSTS)” (previously called STS) to enforce HTTPS connections.
  • Secure Attribute
  • instructs web browsers to only send the cookie through an encrypted HTTPS (SSL/TLS) connection
  • HttpOnly Attribute
  • instructs web browsers not to allow scripts (e.g. JavaScript or VBscript) an ability to access the cookies via the DOM document.cookie object
  • Domain and Path Attributes
  • instructs web browsers to only send the cookie to the specified domain and all subdomains
  • “Domain” cookie attribute
  • “Path” cookie attribute
  • instructs web browsers to only send the cookie to the specified directory or subdirectories (or paths or resources) within the web application
  • vulnerabilities in www.example.com might allow an attacker to get access to the session IDs from secure.example.com
  • Expire and Max-Age Attributes
  • “Max-Age”
  • “Expires” attributes
  • it will be considered a
  • persistent cookie
  • and will be stored on disk by the web browser based until the expiration time
  • use non-persistent cookies for session management purposes, so that the session ID does not remain on the web client cache for long periods of time, from where an attacker can obtain it.
  • Session ID Life Cycle
kuni katsuya

log4jdbc - JDBC proxy driver for logging SQL and other interesting information. - Google Project Hosting - 0 views

code.google.com/log4jdbc

database jdbc logging log4jdbc java

shared by kuni katsuya on 06 Oct 12 - No Cached
  • for prepared statements, the bind arguments are automatically inserted into the SQL output
  • SQL timing information can be generated to help identify how long SQL statements take to run
  • included tool to produce profiling report data for quickly identifying slow SQL in your application
  • ...16 more annotations...
  • SQL connection number information is generated
  • change the driver class name to net.sf.log4jdbc.DriverSpy
  • "jdbc:log4"
  • jdbc.sqlonly
  • jdbc.sqltiming
  • jdbc.audit
  • jdbc.resultset
  • jdbc.connection
  • only SQL
  • the SQL
  • timing statistics
  • ALL JDBC calls
  • very voluminous output
  • all calls to ResultSet objects
  • connection open and close events
  • useful for hunting down connection leak problems
kuni katsuya

The WebSocket API - 0 views

dev.w3.org/websockets

HTML5 WebSockets WebSocketsAPI specification

shared by kuni katsuya on 16 Mar 13 - No Cached
  • two-way communication with a remote host.
kuni katsuya

EP1 - DMM - US9 - DMS application (shell) similar to ECM - Projects - Confluence - 0 views

confluence.visualfrenzy.com/...ion+%28shell%29+similar+to+ECM

work vfml FacebookCMS

shared by kuni katsuya on 09 Jan 13 - No Cached
  • full-screen
    • kuni katsuya
      kuni katsuya on 09 Jan 13
       
      why full screen?
    • kuni katsuya
      kuni katsuya on 09 Jan 13
       
      should at least consider displaying something sensible if either/both dimensions of browser window used is too small ideally, use responsive design approach to ux
  • path + "DMM_APPLICATION.html"
    • kuni katsuya
      kuni katsuya on 09 Jan 13
       
      need to establish sensible (ie. short, but meaningful) conventions used for externally facing urls
    • kuni katsuya
      kuni katsuya on 09 Jan 13
       
      also including my long-standing desire to keep internal things opaque to the outside world (eg. minimize exposure of directory structure, internal oids, host names, port numbers, etc)
kuni katsuya

Joyent Cloud - 0 views

www.joyentcloud.com

cloud hosting

shared by kuni katsuya on 09 May 12 - No Cached
kuni katsuya

dphibernate - Flex / BlazeDS Hibernate Adapter, with full lazy loading support - Google Project Hosting - 0 views

code.google.com/dphibernate

flex blazeds hibernate

shared by kuni katsuya on 15 May 12 - Cached
  • dphibernate Flex / BlazeDS Hibernate Adapter, with full lazy loading support
kuni katsuya

wrenched - externalization and lazy-loading framework for flex/java projects - Google Project Hosting - 0 views

code.google.com/wrenched

flex blazeds lazy-loading

shared by kuni katsuya on 15 May 12 - No Cached
  • wrenched externalization and lazy-loading framework for flex/java projects
kuni katsuya

entity-pruner - prune JPA entities so they can be serialized for client service calls - Google Project Hosting - 1 views

code.google.com/entity-pruner

flex blazeds jpa entity prune

shared by kuni katsuya on 15 May 12 - No Cached
  • entity-pruner prune JPA entities so they can be serialized for client service calls
kuni katsuya

equalsverifier - EqualsVerifier can be used in Java unit tests to verify whether the contract for the equals and hashCode methods is met. - Google Project Hosting - 0 views

code.google.com/equalsverifier

java EqualsVerifier UnitTest equals hashCode

shared by kuni katsuya on 12 Jul 12 - No Cached
  • EqualsVerifierEqualsVerifier can be used in Java unit tests to verify whether the contract for the equals and hashCode methods in a class is met. The contracts are described in the Javadoc comments for the java.lang.Object class.
1 - 20 of 38 Next ›
Showing 20 items per page