Performance settings for production weblogic deployments

Put this in the weblogic.xml under WEB-INF folder: 

<!DOCTYPE weblogic-web-app PUBLIC "-//BEA Systems, Inc.//DTD Web Application 8.1//EN" "http://www.oracle.com/technology/weblogic/servers/wls810/dtd/weblogic810-web-jar.dtd">

<weblogic-web-app>

<container-descriptor>
<servlet-reload-check-secs>-1</servlet-reload-check-secs>
</container-descriptor>

</weblogic-web-app>

For JSPs you can also set this in weblogic.xml:

<jsp-descriptor>
<jsp-param>
<param-name>pageCheckSeconds</param-name>
<param-value>-1</param-value>
</jsp-param>
</jsp-descriptor>

Unless you are altering servlet code and JSPs on the fly in production (bad idea), there is no need to ever check for changes. These two settings can help with performance because without them, Weblogic will have periodic threads blocking
requests to poll the filesystem for Servlet or JSP changes.

So by default in thread dumps you will see one or more of this sort of thing:

waiting for monitor entry [c4f7f000..c4f7fc28]
     at weblogic.servlet.internal.ServletStubImpl.checkForReload(ServletStubImpl.java:771)

unless you disable that like shown above.

8 reasons why your browser does NOT send the cookie as part of the request

There are several reasons why a cookie you attempted to set on a remote client browser as part of a HTTP response is NOT sent back on the next request:

1. The domain of the request does not match the cookie's domain attribute
2. The path of the request does not match the cookie's path attribute
3. The cookie has expired
4. The cookie was set the secure attribute and the client's request was plain text HTTP.
5. The cookie was set with the httpOnly attribute and the client's request was not HTTP/HTTPS (e.g. you used FTP).
6. The client has disabled cookies globally or specifically for your domain.
7. The client deleted or cleared the cookie that was set before the next request was made.
8. The client's browser does not trust the SSL certificate used to sign your site and you are trying to use HTTPS communication.

Your domain of the request does not match the cookie's domain attribute

This one appears to be the most obvious of them all but does have a small gotcha. A cookie set for domain www.google.com will not be sent for a request to www.yahoo.com. We can understand that, but it will also not be sent for mail.google.com! The domain mail.google.com does not match www.google.com, so cookies set on one do not affect requests for the other. So when setting cookies that should be sent for all sub-domains: use .domain.com as the cookie's domain attribute, i.e. leave off the sub-domain (www) and just lead with the . prefix.

Your path of the request does not match the cookie's path attribute

If you set the path to /, all paths on the domain are going to send the cookie with the request, even if the request is for an image.. So use path wisely to avoid unnecessary overhead in your requests, especially if you are a heavy user of cookies. you only get one cookie path, make it count. You will be ding'd on Yslow if you don't avoid sending cookie info for images.

Your cookie has expired

Duh. Don't expect old cookies to join your request party. Be careful of short expiration on cookies, they may go stale before they are even set.

Your client has disabled cookies globally or for your specific domain

This is why it is important to document the requirements for your application. If you need cookies enabled (or even better detect that cookies are not enabled), tell the user to enable them (and how to enabled them) in a big red alert box with a flashing siren.

This is my list, do you have other reasons to add?

Java little endian IO gotcha

Java's goal has been to provide developers with a language that is cross platform, write once run everywhere. To do this Java handles many platform details for you. But sometimes those details are important. Here is an example, I needed to output a TIFF using little-endian byte ordering regardless of what platform the Java code was running on.

import java.io.FileOutputStream;

byte[] imgData = //create the image data using JAI;

String filename = "platform-endian.tiff";

FileOutputStream fos = new FileOutputStream(filename);

fos.write(imgData);

fos.close();

My code would work fine on platforms with Intel or x86 architecture which is little-endian byte order, but when I moved my code to a Solaris system running a SPARC processor, my code started outputting in big-endian TIFFs. This is due to the fact that FileOutputStream hides some of the complexity involved with writing data out to disk. Hiding this complexity is fantastic if all you care about are outputting TIFFs that are byte-order-compatible with the environment your Java code is running in; which is what you would want in 99% of the use cases for creating TIFFs programmatically. But this feature of Java is very bad when you always need little-endian TIFFs at all times. I need little-endian because it is a Federal Reserve regulations are that the TIFFs I make be little-endian.

Thankfully there is a way to force Java to use a specific byte ordering. Use ByteBuffer.

import java.nio.ByteBuffer;

import java.nio.ByteOrder;

import java.nio.channels.FileChannel;

import java.io.FileOutputStream;

byte[] imgData = //create the image data using JAI;

String filename = "little-endian.tiff";

ByteBuffer buffer = ByteBuffer.allocate(imgData.length);

buffer.order(ByteOrder.LITTLE_ENDIAN);

buffer.put(imgData);

out = new FileOutputStream(filename).getChannel();

out.write(buffer);

This code will output directly in little-endian regardless of the architecture of the system running the code.

Java static initialization gotcha

If you have a class which has a singleton instance of itself as a static member, and also use a static inititialization block, then you can run into an issue with initialization like I did where static final members are null.

01 import java.util.*;
02
03 class MySingletonClass {
04 private static final instance = new MySingletonClass();
05 private static final List MY_STRINGS;
06 static {
07 MY_STRINGS = new ArrayList();
08 }
09 public MySingletonClass() {
10 System.out.println("MY_STRINGS: "+MYSTRINGS);
11 }
12 }

The above will throw a NullPointer Exception on line 10 because the MySingletonClass constructor is called BEFORE the static initialization block is executed. So change it to this:

01 import java.util.*;
02
03 class MySingletonClass {
04 private static final instance;
05 private static final List MY_STRINGS;
06 static {
07 MY_STRINGS = new ArrayList();
08 instance = new MySingletonClass();
09 }
10 public MySingletonClass() {
11 System.out.println("MY_STRINGS: "+MYSTRINGS);
12 }
13 }

Now the instance static member variable is not created until AFTER the other static member is initialized. So the constructor can correctly execute the print statement.

Use package-info.java for all your package level annotation needs

I had a problem, I needed to annotate all the occurrences of java.sql.Timestamp with an XmlJavaTypeAdapter for all classes in a Java package. For example I needed this done in dozens of generated source files:

@XmlJavaTypeAdapter(com.fourgablesguy.dao.hibernate.util.TimestampAdapter.class)
public Timestamp getCreateTs() {
return this.createTs;
}

The TimestampAdapter class is the following:

package com.fourgablesguy.dao.hibernate.util;

import java.sql.Timestamp;
import java.util.Date;

import javax.xml.bind.annotation.adapters.XmlAdapter;

public class TimestampAdapter extends XmlAdapter {

@Override
public Date marshal(Timestamp v) throws Exception {
return new Date(v.getTime());
}

@Override
public Timestamp unmarshal(Date v) throws Exception {
return new Timestamp(v.getTime());
}

}

The reason I needed this done is because Timestamp does not have a public no-arg constructor and XStream could not marshall objects containing Timestamp objects. The nice solution to annotating these is to use package-info.java, you place this file in the same folder as the source java files, but it is not a typical source file. Here is the contents of my package-info.java:

@javax.xml.bind.annotation.adapters.XmlJavaTypeAdapters
({
@javax.xml.bind.annotation.adapters.XmlJavaTypeAdapter(value=com.fourgablesguy.dao.hibernate.util.TimestampAdapter.class,type=java.sql.Timestamp.class)
})
package com.myama.dao.hibernate;

This package-info file is used by Java to annotate all classes in a package, with this single file my problem was resolved. My TimestampAdapter allowed me to marshall Timestamp objects with XStream. I used fully qualified names of classes in the package-info since I was not clear if you could import packages or if you had package access to the enclosing namespace.

Keep your browser updated

Financial and Health industries are notorious for being slow to adopt better technology and instead cling to inferior hardware/software beyond the logical pain point, web browsers included. As a general philosophy I recommend it would be healthy for these industries to adopt the policy that web browsers be kept updated and applications used by the company be maintained to work correctly with modern browsers.

Here are three good reasons to keep browsers updated:

First, old browsers (and the OS they run on) are vulnerable to attacks.

Second, the web evolves quickly. Old browsers will miss out.

Third, old browsers slow down innovation on the web.

I worked with a previous client who insisted on a dynamic Web 2.0 look to the complex web application I was designing but also demanded compatibility with IE7. Delivering on both of these requirements (latest Internet bells and whistles, like mobile browser compatibility and AJAX, as well as backward compatibility with older browser versions) increases the difficulty level and cost of the site development considerably for a number of reasons:

• First you have to test on these older browser versions in addition to testing on the common browsers, which increases the development time. It is not just twice the work, because you have to worry about supporting all browsers with a single application, making a single change requires testing all browsers to make sure fixing an issue in one browser does not break something in another.
• Next you have to pare down features and functionality so that it works consistently everywhere, so you might have had a nice dynamic form element or navigation control working in IE9 and FireFox 4, but it all gets tossed out when it cannot work in IE7 (see holding up innovation reason given above).
• Also, for some "must have" site features or functionality: developers will usually have to code around older browser version quirks, so instead of writing code in one place to perform a task, it is written one place or one way for modern browsers and another place or another way for older browsers (see slowing down the web). This causes a code maintenance issue as you now have multiple places to check to fix problems or update code for a single feature or site behavior. This is a problem for HTML, CSS, and Javascript as all three can behave differently on different browsers.
• Yet another problem that can arise is your Javascript/CSS performance can vary widely in different browser flavors and versions, for example IE7 Javascript benchmarks are miserably slow when compared with more recent versions of IE and other browsers like FireFox or Chrome. This can cause problems where failing to test on the required browser versions can really bite you.
• If a performance issue (or any browser version issue) is found late in the development cycle, either because the testing was not done along side development in that version or because developers only used modern browsers for their self verification and validation of the application, then the time needed to fix the entire problem is much larger and more difficult than if it had been caught earlier because much more code is in place to review and repair and test.

99% of businesses do not have the resources to provide application support on dozens of browsers versions, it is less expensive to support the current browsers than to support historical ones. Developers are much happier working with current tech than outdated tech as well. Your clients may not want to upgrade their browsers, they may ‘need’ the old browser to access a neglected internal application which only works with a specific legacy browser, but clients refusing to update their software and maintain their web applications are hurting themselves (and you) in several ways:

1. old software makes their business less competitive (faster browsers/computers make a more efficient workforce);
2. old/inferior software has high hidden costs (performance issues, functional issues, security vulnerabilities, feature limitations, and incompatibilities with emerging technologies);
3. outsourced development vendors always find doing business with clients clinging to old software is more expensive and they increase their bids accordingly (I saw this first hand many times working as a consultant);
4. some development vendors even flat out refuse business which requires older browser compatibility as a policy / business strategy. This allows their developers freedom to ignore issues only present in older browsers and they can therefore innovate more efficiently.

Newer IE browsers can run in a legacy mode, emulating the previous versions, for those rare cases where a legacy browser mode is needed to use a web site. You can even set preferences for specific sites such that certain sites always use a compatibility mode. The barrier to upgrading to a new browser is mostly self-inflicted because browser creators do everything possible to encourage adoption of the newer version.

How do I test my web application against IE6 and IE7 in Windows 7?

How do I test my web application against IE6 and IE7 and IE8 and IE9 in Windows 7?

Problem: Windows 7 comes with IE8 or IE9 or IE10 (and does not have a path back to use IE6 or IE7, (and don't patronize me with browser emulation solutions, they all suck.) Microsoft has sunsetted support for IE6 and IE7 is getting closer to being out of support as well.

Solution:

Go here http://www.microsoft.com/windows/virtual-pc/download.aspx

1. Download the 500 MB Windows XP Mode VHD installer.
2. Run the installer.
3. Download Virtual PC if you lack this.
4. Test with IE6 bundled in the vhd.
5. Make a second vhd and upgrade to IE7 within the Virtual PC VM.*
6. Rinse and repeat for IE8, IE9
7. If you are doing local web development, install the Microsoft Loopback adapter on your host OS.
8. You now have the ability to test your site in native IE6 and IE7 and IE8, IE9, and IE10.
   
   

Other tools exist to emulate or simulate IE6 and IE7 web rendering, but they will always fall short of the mark and open you to risks if they fail to display your site *exactly* the way it displays in the native browser and I recommend that they should not be used for any project where you can use a VM instead.

*For this step there are some special tricks to it. After making a copy of your IE6 vhd file, you need to change it's hardware signature to avoid conflicts with running it in parallel with your IE6 VM.

Windows 7 comes with a command line utility called diskpart that can let you view and change the disk signature.

Open a command prompt as administrator. To do this in Windows 7, click the Windows start menu (the round Windows icon on the left bottom corner), type "cmd" (without the quotes), right click the "cmd.exe" item that appears at the top of your menu, and click the line "Run as administrator". Do this even if you are already logged in as administrator, since on Windows 7, administrators run with reduced rights by default.

A black command prompt window will open. In Windows 7, the title bar of the window will tell you that you are running it as Administrator. If it does not, it means you did not do what I just said above. Return and follow the first step, or you will not be able to successfully carry out the rest of this tutorial.

Type "diskpart" (without the quotes) into the window. (Note: for this and the other commands described here, you'll have to hit the ENTER key after you finish typing your commands for them to take effect.)

Microsoft DiskPart will start. When it is ready, it will issue a "DISKPART>" prompt, allowing you to enter your commands.

Type "list disk" (without the quotes). This will list all the disks that are currently mounted (connected to the system). The disk will not have the usual names and labels that you're accustomed to from the Windows Explorer interface, so you will have to recognize them by their sizes.

Note that "list disk" actually lists the physical disks, and not the partitions that you may have assigned drive letters. This means that if you have 2 physical disks, with 3 partitions on each, so that you have drives C:, D:, E:, F:, G: and H:, "list disk" will only show "Disk 0" and "Disk 1".

To view the signature of a disk, you must first select it. To select a disk, type "select disk x" (without the quotes) where x is the number of the disk from your "list disk" display. When you type (say) "select disk 1", DiskPart will respond by telling you "Disk 1 is now the selected disk".

Now type "uniqueid disk" (again, without the quotes). DiskPart will respond with the disk's signature, a series of hexadecimal digits (or at least I think it's hexadecimal).

To change the signature to some other number, type "uniqueid disk ID=[NEW SIGNATURE]" (without the quotes) where "[NEW SIGNATURE]" stands for the new identifier you want for the disk (without the square brackets and without the quotes). However, before you do that, you may want to type "help uniqueid disk", which will give you more information on how the command works. You may also want to find out the disk signatures of your other disks on your system before you modify your current one so that you don't cause a new signature collision in trying to solve your current problem. In addition, if you're really not sure how many digits you should give your disk, perhaps try changing only one digit of the current signature (eg, increasing or decreasing it by 1). Remember my disclaimer above: I really don't know what I'm talking about here: do it at your own risk.

To quit DiskPart, type "exit". Incidentally, in case you get lost while running DiskPart, when you are at the "DISKPART>" prompt, you can type "help" to get a list of commands. Typing "help" followed by the command typically gives you more info about that command.

Once you've quit DiskPart, type "exit" again to quit the Administrator Command Prompt

(source: http://www.howtohaven.com/system/change-disk-signature.shtml)

Setting up command line Apache Xalan XSLT processor

You need to put the Xalan jars in the System classpath, create or edit the environment variable called CLASSPATH, set it with a value like this

CLASSPATH=C:\Projects\Java\Runtime\lib\xalan.jar;C:\Projects\Java\Runtime\lib\xml-apis.jar;C:\Projects\Java\Runtime\lib\serializer-2.7.0.jar;

Ultimately you need three JARs on the classpath:

• xalan.jar
• xml-apis.jar
• serializer-#.#.#.jar

You cannot take a shortcut and just specify a folder containing these jars, you must give java the full path to them. For a permanent solution put the three jars in the \lib\endorsed directory, then the classpath will always have them.

You should already have a JRE or JDK in the system PATH as well:

set PATH=C:\SDKs\jdk1.6.0_18\bin;%PATH%

With that in place you can transform XML using XSLT on the command line with the Xalan parser like this:

java org.apache.xalan.xslt.Process -out output.out -in input.xml -xsl transform.xslt

Where

output.out is the file to create,

input.xml is the input xml file to transform, and

transform.xslt is the XSLT XML file to transform the input xml file with.

This is handy because you can also give the JVM 2GB of heap memory like this to process large input files:

java -Xms2g -Xmx2g org.apache.xalan.xslt.Process -out output.out -in input.xml -xsl transform.xslt

If you are runnng into out of memory heap space errors parsing XML with XSLT, this is a good way to get past that problem. If you cannot get further beyond your out of memory errors, then look at breaking apart the XML with Java or Perl somehow before transforming it with XSLT. You might even be able to use 64-bit JVM to address a huge amount of memory much larger than you probably have available in the physical machine.

How to change the Java heap size for WebSphere Application Server 6.1 profiles

How to change the Java heap size for WebSphere Application Server 6.1 profiles

Open the integrated solutions console
https://:9044/ibm/console/
Default login is
system:manager

Navigate to the JVM for the server profile you want to change

Application servers > server1 > Process Definition > Java Virtual Machine
Change these values
Initial Heap Size=512
Maximum Heap Size=512
These correspond to the Xms and Xmx params of the JVM. So make sure you do not set Max lower than Initial, nor set Max higher than available OS RAM. I am not sure if adding a K,M,or G to the number will work, it seems by default the numbers are considered MB. Be aware that your JVM is 32 bit so there is a mathematical limit (and practical limit) to how much memory it can address. 3800 MB is where you will likely top out for max heap space unless your OS limits you to 2GB, which puts your heap max down to 1600MB.

You will have to restart the WAS server profile instance to have this change take effect on the JVM.

Increase the memory for MyEclipse Blue IDE

1. Open this file:
C:\Program Files\Genuitec\MyEclipse Blue Edition 8.0 GA\myeclipse-blue.ini

2. Edit lines so it looks like this at the bottom:

-Xms1024m
-Xmx1024m

This will give you 1GB ram for MyEclipse Blue.

My complete ini file looks like this:

-install
C:/Program Files/Genuitec/MyEclipse Blue Edition 8.0 GA
-vm
C:/Program Files/Genuitec/Common/binary/com.sun.java.jdk.win32.x86_1.6.0.013/jre/bin/client/jvm.dll
-startup
../Common/plugins/org.eclipse.equinox.launcher_1.0.201.R35x_v20090715.jar
--launcher.library
../Common/plugins/org.eclipse.equinox.launcher.win32.win32.x86_1.0.200.v20090519
-vmargs
-Xms1024m
-Xmx1024m
-XX:MaxPermSize=256m
-XX:ReservedCodeCacheSize=64m

Adding a datasource to the maven jetty plugin

In your pom.xml

           <plugin>
               <groupId>org.mortbay.jetty</groupId>
               <artifactId>maven-jetty-plugin</artifactId>
               <version>6.1.21</version>
               <configuration>
                    <!-- <jettyConfig>src/main/resources/devJetty.xml</jettyConfig>  -->
                    <webXml>${basedir}/src/main/resources/jetty-web.xml</webXml>
                    <jettyEnvXml>${basedir}/src/main/resources/jetty-env.xml</jettyEnvXml>
                   <contextPath>/OCM</contextPath>
                   <scanIntervalSeconds>3</scanIntervalSeconds>
                   <scanTargetPatterns>
                       <scanTargetPattern>
                           <directory>src/main/webapp/WEB-INF</directory>
                           <excludes>
                               <exclude>**/*.jsp</exclude>
                           </excludes>
                           <includes>
                               <include>**/*.properties</include>
                               <include>**/*.xml</include>
                           </includes>
                       </scanTargetPattern>
                   </scanTargetPatterns>
                   <stopKey>foo</stopKey>
                   <stopPort>9966</stopPort>
               </configuration>
           </plugin>
Key lines are
                    <webXml>${basedir}/src/main/resources/jetty-web.xml</webXml>
                    <jettyEnvXml>${basedir}/src/main/resources/jetty-env.xml</jettyEnvXml>

Define your jetty-env.xml like this:

<?xml version="1.0"?>
<!DOCTYPE Configure PUBLIC -//Mort Bay Consulting//DTD Configure//EN http://jetty.mortbay.org/configure.dtd>

<Configure class="org.mortbay.jetty.webapp.WebAppContext">

 <!-- an XADataSource                                                -->
 <New id="MAVENJETTYDS" class="org.mortbay.jetty.plus.naming.Resource">
   <Arg></Arg>
   <Arg>jdbc/datasource</Arg>
   <Arg>
         <New class="org.apache.commons.dbcp.BasicDataSource">
                     <Set name="driverClassName">[[jdbc driver class]]</Set> <!-- for example, com.ibm.db2.jcc.DB2Driver -->
                     <Set name="url">[[jdbc url]]</Set> <!-- for example, jdbc:db2://yourdbhostnameorip:[port]/yourdb -->
                     <Set name="username">[[username]]</Set><!-- for example, yourmom -->
                      <Set name="password">[[password]]</Set><!-- for example, correcthorsebatterystaple -->
                     <Set name="defaultCatalog">[[schema, if needed]]</Set>
         </New>
   </Arg>
  </New>
</Configure>

Then add the ref to your web.xml

<web-app version="2.4" xmlns="http://java.sun.com/xml/ns/j2ee"
   xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
   xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd" id="WebApp_1270163143862">
<pre>
   <!-- SNIP -->

<!-- Bug fix for editing locked CSS and JS running in Jetty -->
<servlet>
   <servlet-name>default</servlet-name>
   <servlet-class>org.mortbay.jetty.servlet.DefaultServlet</servlet-class>
   <init-param>
     <param-name>useFileMappedBuffer</param-name>
     <param-value>false</param-value>
   </init-param>
   <load-on-startup>0</load-on-startup>
</servlet>

       <resource-ref>
         <res-ref-name>jdbc/datasource</res-ref-name>
         <res-type>javax.sql.DataSource</res-type>
         <res-auth>Container</res-auth>
    </resource-ref>

</web-app>

Understanding Maven dependency scope

You can specify the scope for a dependency in the maven pom file, here are the scope values you can choose and what effect they have:

• compile: This dependency is needed for compilation of the main source
• test: This dependency is needed for compiling and running tests. It is not needed for compiling the main source or running the final artifact.
• runtime: This dependency is needed for running the final artifact. It is not needed for compiling the main source or compiling or running the tests.
• provided: This dependency is needed for compiling and/or running the artifact but is not necessary to include in the package, because it is provided by the runtime environment - for example, jsp-api.jar is provided by your web application container, so you don't include it in your WEB-INF/lib (for the example of a webapp); or a plugin or optional package that is a prerequisite for your application, but is not bundled with your application.
• system: don't use this one

source: http://docs.codehaus.org/display/MAVENUSER/Dependency+Scopes

JSP debug code

The following can be pasted into a JSP and then used to display (either in HTML source or in the browser window), the JSP Request, Session, Page, and Application settings for the environment and container the JSP is running within.

I have found this to be a quick useful way to get the lay of the land, when joining a project already in development.

<!-- 
 <%@ page import="java.util.*"%>
 <%
  Object eobj = request.getParameter("error");
  if (eobj != null) {
   Exception exception = null;
   Object obj = request.getAttribute("exception");
   if (obj != null && obj instanceof Exception) {
    exception = (Exception) obj;
   }
   if (exception == null) {
    obj = request.getAttribute("javax.servlet.error.exception");
    if (obj != null && obj instanceof Exception) {
     exception = (Exception) obj;
    }
   }
   if (exception != null) {
 %><pre>
  <%
   exception.printStackTrace(new java.io.PrintWriter(out));
  %>
 </pre>
 <%
  }
  }
  out.println("<h3>Request:</h3><ul>");
  Enumeration names = request.getHeaderNames();
  while (names.hasMoreElements()) {
   String name = (String) names.nextElement();
   out.println("<li>HEADER " + name + ": "
     + request.getHeader(name));
  }

  for (Enumeration e = request.getParameterNames(); e
    .hasMoreElements();) {
   String name = (String) e.nextElement();
   out.println("<li>PARAM " + name + "="
     + request.getParameter(name) + "</li>");
  }

  for (Enumeration e = request.getAttributeNames(); e
    .hasMoreElements();) {
   String name = (String) e.nextElement();
   out.println("<li>ATTRIB " + name + "="
     + request.getAttribute(name) + "</li>");
  }
  out.println("</ul><h3>Session:</h3><ul>");
  for (Enumeration e = session.getAttributeNames(); e
    .hasMoreElements();) {
   String name = (String) e.nextElement();
   out.println("<li>ATTRIB " + name + "="
     + session.getAttribute(name) + "</li>");
  }
  out.println("</ul><h3>Page Scope Attributes:</h3><ul>");
  for (Enumeration e = pageContext
    .getAttributeNamesInScope(pageContext.PAGE_SCOPE); e
    .hasMoreElements();) {
   String name = (String) e.nextElement();
   out.println("<li>ATTRIB "
     + name
     + "="
     + pageContext
       .getAttribute(name, pageContext.PAGE_SCOPE)
     + "</li>");
  }
  out.println("</ul><h3>Application Scope Attributes:</h3><ul>");
  for (Enumeration e = pageContext
    .getAttributeNamesInScope(pageContext.APPLICATION_SCOPE); e
    .hasMoreElements();) {
   String name = (String) e.nextElement();
   if (name.equals("com.sun.jsp.taglibraryCache")) {
    out.print("<li>ATTRIB " + name
      + "= <b>NULL POINTER!</b></li>");
    continue;
   }
   out.print("<li>ATTRIB " + name + "=");
   out.println(pageContext.getAttribute(name,
     pageContext.APPLICATION_SCOPE)
     + "</li>");
  }
  out.println("</ul>");
 %>
 -->

Database test SQL for each vendor

When I setup a connection pool or database tool with a new database profile I like to test that it works, here are some vendor specific SQL you can use to test your db connection.

Cloudscape	#SQL SELECT 1
#DB2	#SQL SELECT COUNT(*) FROM SYSIBM.SYSTABLES
#Informix	#SQL SELECT COUNT(*) FROM SYSTABLES
#Microsoft SQL Server	#SQL SELECT COUNT(*) FROM SYSOBJECTS
#MySQL	#SQL SELECT 1
#Oracle	#SQL SELECT 1 FROM DUAL
#PointBase	#SQL SELECT COUNT(*) FROM SYSTABLES
#PostgreSQL	#SQL SELECT 1
#Progress	#SQL SELECT COUNT(*) FROM SYSTABLES
#Sybase	#SQL SELECT COUNT(*) FROM SYSOBJECTS

This is useful because you don't often know what tables exist in a database to test a query with, you can't assume select * from person would work if no person table was created. These queries are for the builtin system database resource in the specific vendor database types, they should exist even on a freshly installed or blank database server.

How do I insert CR LF in string column of a DB2 insert statement?

The insert syntax for adding new lines or line terminators in varchar columns in DB2 is not straightforward:

INSERT INTO EXAMPLE_TABLE ("ID","LEVEL_ID","VERSION","CONTENT","TYPE","FRAGMENT_ID") VALUES (158781,317339,20110701, 'your line of text' || x'0D' || x'0A' || 'your next line of text','HTML',0); 

The key to the query is to use || operator to concatenate the strings for the content column. The syntax for adding CR LF is :

'your line of text' || x'0D' || x'0A' 'your next line of text' 

DB2 will take the above and combine the strings into a single value for the database. The x'0D' x'0A' is to say hex value OD (carriage return) and hex value 0A (line feed). Windows expects both, for Linux/Unix OS only the 0A character is expected. For some versions of Mac OS you use only 0D, the newest ones use only 0A to end a line. For browsers, 0A is also the only needed character which is often ignored unless surrounded by pre or code tags however having both 0D and 0A will not cause display issues. The newest Windows OS may have support for just 0A as well in some cases.

How do I setup SSL for my apache web server?

Here is what I did to setup SSL for an apache web server on my local 64 bit Windows 7 box.

Download Apache2 with SSL module.

Install it here C:\Program Files (x86)\Apache Software Foundation\Apache2.2

Create an APACHE_HOME environment variable, from now on this is APACHE_HOME=C:\Program Files (x86)\Apache Software Foundation\Apache2.2

Add %APACHE_HOME%\bin to the path

Make a link to fix a bug with 64-bit Windows:

mklink /D %USERPROFILE%\apache "C:\Program Files (x86)\Apache Software Foundation\Apache2.2\"

Next I did the following:

cd %APACHE_HOME%\bin   openssl req -config "%APACHE_HOME%\conf\openssl.cnf" -new -out "%USERPROFILE%\cg.csr" -keyout "%USERPROFILE%\cg.pem" 

Loading 'screen' into random state - done  Generating a 1024 bit RSA private key .. ++++++ ...................++++++ writing new private key to  'C:\Documents and Settings\Administrator\cg.pem'  Enter PEM pass phrase:  Verifying - Enter PEM pass phrase:  -----  You are about to be asked to enter information that will be  incorporated into your certificate request. What you are about to  enter is what is called a Distinguished Name or a DN. There are  quite a few fields but you can leave some blank For some fields  there will be a default value, If you enter '.', the field will be  left blank.  -----  Country Name (2 letter code) [AU]:US  State or Province Name (full name) [Some-State]:Utah  Locality Name (eg, city) []:Orem  Organization Name (eg, company) [Internet Widgits Pty Ltd]:CG, LLC  Organizational Unit Name (eg, section) []:Engineering  Common Name (eg, YOUR name) []:   Email Address []:   Please enter the following 'extra' attributes to be sent with your  certificate request A challenge password []:  An optional company name []: 

for the "YOUR" name parameter openssl asks for (domain name) I used my machine's network name. (this is important because your HTTPS urls will check for the domain name in the browser request.

Next I did this to create a key file:

openssl rsa -in "%USERPROFILE%\cg.pem" -out "%USERPROFILE%\cg.key" 

Enter pass phrase for C:\Documents and Settings\Administrator\cg.pem: writing RSA key 

Next I ran this to create a certificate file:

openssl x509 -in "%USERPROFILE%\cg.csr" -out "%USERPROFILE%\cg.cert" -req -signkey "%USERPROFILE%\cg.key" -days 365 

Loading 'screen' into random state - done  Signature ok subject=/C=US/ST=Utah/L=Orem/O=CG, LLC/OU=Engineering/CN=cg.com Getting Private key 

The %USERPROFILE%\cg.key and %USERPROFILE%\cg.cert are used by apache for encrypting data over HTTPS. I copied them into %APACHE_HOME%\conf:

copy "%USERPROFILE%\cg.key" "%APACHE_HOME%\conf"  copy "%USERPROFILE%\cg.cert" "%APACHE_HOME%\conf" 

*The excessive use of quotations(") is to account for pesky directory names with spaces fouling up the command line.

Now it is time to configure apache to enable SSL, and configure apache with your generated SSL key and certificate:

uncommment these lines in %APACHE_HOME%\conf\httpd.conf

..  LoadModule ssl_module modules/mod_ssl.so  ...  Include conf/extra/httpd-ssl.conf  ... 

Replace localhost with your fully qualified domain name or IP address in httpd.conf and extra/http-ssl.conf

ServerName cg.com:80 

Edit the extra/httpd-ssl.conf file and fix the Windows 7 bug using the soft link created earlier:

change this  SSLSessionCache        "shmcb:C:/Program Files (x86)/Apache Software Foundation/Apache2.2/logs/ssl_scache(512000)"   to this  #SSLSessionCache        "shmcb:C:/Program Files (x86)/Apache Software Foundation/Apache2.2/logs/ssl_scache(512000)"  SSLSessionCache        "shmcb:%USERPROFILE%/apache/logs/ssl_scache(512000)" 

because the (x86) in the path confuses apache !

Check that this is set and uncommented:

SSLEngine on 

Also change these values:

SSLCertificateFile "C:/Program Files (x86)/Apache Software Foundation/Apache2.2/conf/cg.cert"  SSLCertificateKeyFile "C:/Program Files (x86)/Apache Software Foundation/Apache2.2/conf/cg.key" 

Restart apache and you should be able to use https urls.

If you don't have mklink, use junction from here http://technet.microsoft.com/en-us/sysinternals/bb896768

junction "%USERPROFILE%\apache" "C:\Program Files (x86)\Apache Software Foundation\Apache2.2\"

Or make sure to change the default folder you install Apache HTTPD to one which does not contain parenthesis, I use a set of folders

C:\Apps\

C:\Tools\ as folders to install most software and avoid Program Files and Program Files (x86) default locations for this reason.

For setting up Request Forwarding (Apache as a Proxy server)

Uncomment this in httpd.conf:

LoadModule rewrite_module modules/mod_rewrite.so 

Turn off ProxyRequests (apparently the Internet will asplode if you leave it on):

ProxyRequests off

For each path you want to proxy with Apache do this:

ProxyPass ProxyPassReverse /          SetOutputFilter  proxy-html          RequestHeader    unset  Accept-Encoding  

For example, if I want to pass all requests made to the Apache web server on /CG root path to a WebSphere J2EE application server running at http://cg.com:9080/CG, then I would create this:

ProxyPass /CG http://cg.com:9080/CG  ProxyPassReverse /CG http://cg.com:9080/CG ProxyPassReverse /          SetOutputFilter  proxy-html          RequestHeader    unset  Accept-Encoding 

You may also need to uncomment these lines in httpd.conf to get some of the proxy configuration to work:

LoadModule proxy_module modules/mod_proxy.so

LoadModule headers_module modules/mod_headers.so

LoadModule proxy_module modules/mod_proxy.so

Use this command to restart apache whenever changing the httpd.conf:

httpd.exe -k restart

Also to force HTTPS for a proxy path using Apache Rewrite:

First turn on mod_rewrite in httpd.conf:

LoadModule rewrite_module modules/mod_rewrite.so 

Change your location that you want to force HTTPS to this

ProxyPassReverse /          SetOutputFilter  proxy-html          RequestHeader    unset  Accept-Encoding       RewriteEngine On      RewriteCond %{HTTPS} off       RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} 

Conditional Request Headers

I need to have a redirected request from a login service which sets a response cookie for successful login, add a special header value to the request:

httpd.conf needed this:

SetEnvIf Cookie "x_ldap_userdata=([^;]+)" USERDATA=$1  SetEnvIf Cookie "x_ldap_userdata=([^;]+)" HAVE_USERDATA=1  RequestHeader append LDAP-Username "%{USERDATA}e" env=HAVE_USERDATA

Now the string

LDAP-Username:username 

will be added to the header of requests when a cookie for a similar domain and path named x_ldap_userdata has been set in the browser by the login service.

The browser is dumb and just follows the redirect but cannot be told to put a header value in the request, you must add these changes to the httpd.conf to modify the request to include a special authentication header value.

Clear as mud?

I used these links to download apache 2 with ssl and also openssl:

http://downloads.sourceforge.net/gnuwin32/openssl-0.9.8h-1-setup.exe

http://apache.osuosl.org//httpd/binaries/win32/httpd-2.2.17-win32-x86-openssl-0.9.8o.msi