Feed on
Posts
Comments

Savernova cards DIY

Oct 14th, 2008 by robert

Easy and short passwords easy to hack. Good passowrds hard to remember. Once written down the password became compromised. One of solutions to this problem is Savernova cards. Basically it is a way how to keep written passwords that only you can read. Choose starting point on the card and pattern for reading. For example, the password you memorise is"Start from G8, read 5 to the right, 2 down, 5 to the left".  Which gives you effective passowrd "jqBS1X8iozF".  Some banks do allow special characters, some not. Sometimes you may not use digits. So you probably need to have several cards in your wallet. I have icluded simple JavaScript snippet that you can use for generating yours Savernova cards.

PLAIN TEXT
JavaScript:
  1. <style>
  2. table.sm tr td,  table.sm tr th{
  3.  font:normal 50% Consolas;
  4.  width:10px;
  5. }
  6. table.bg tr td,  table.bg tr th{
  7.  font:normal 100% Consolas;
  8.  width:20px;
  9. }
  10.  
  11. </style>
  12.  
  13. <script type="text/javascript">
  14.  
  15. var latinUpper = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ';
  16. var latinLower = 'abcdefghijklmnopqrstuvwxyz';
  17. var digits = '0123456789';
  18. var signs = '~!@#$%^&*()_+';
  19.  
  20. var bgcolors = ['black','white','tomato','limegreen','deepskyblue','gold'];
  21. var colors = ['black','white'];
  22.  
  23. var w = 26;
  24. var h = 13;
  25.  
  26. var m=new Array();
  27.  
  28. function Item(c, c1, c2){
  29.     this.ch = c;
  30.     this.color1 = getRandomBgColor();
  31.     do{
  32.         this.color2 = getRandomColor();
  33.     }while(this.color2 == this.color1);
  34.  
  35. }
  36.  
  37. function getRandomColor(){
  38.     return  colors[Math.round(Math.random()*(colors.length-1))]
  39.  
  40. }
  41.  
  42. function getRandomBgColor(){
  43.     return  bgcolors[Math.round(Math.random()*(bgcolors.length-1))]
  44.  
  45. }
  46.  
  47. function shuffle(str){
  48.     o = str.split("");
  49.     for(var j, x, i = o.length; i; j = parseInt(Math.random() * i), x = o[--i], o[i] = o[j], o[j] = x);
  50.     return o.join("");
  51. }
  52.  
  53. function fill(){
  54.     // CHOOSE WHAT YOU WANT TO USE IN PASSWORDS 
  55.     allChars = latinUpper + latinLower + digits + signs;
  56.     allChars = shuffle(allChars);
  57.     for (y=0;y<h;y++){
  58.         m[y] = new Array();
  59.         for (x=0;x<w;x++){
  60.             pos = Math.round(Math.random()*(allChars.length-1));
  61.             ch = allChars.substring(pos,pos+1);
  62.             m[y][x] = new Item(ch);
  63.  
  64.         }
  65.     }
  66. }
  67.  
  68. function print(css){
  69.     document.write("<table class='"+css+"'>");
  70.     document.write(" <tr><td></td>  ");
  71.     for (x=0;x<w;x++)   {
  72.         document.write("<th>"+latinUpper[x]+"</th>");
  73.     }
  74.     document.write("</tr>");
  75.     for (y=0;y<h;y++){
  76.         document.write("\n<tr><th>"+y+"</th>");
  77.         for (x=0;x<w;x++){
  78.             i = m[y][x];
  79.             document.write("<td bgcolor='"+i.color1+"' align='center'><font color='"+i.color2+"'><b>"+i.ch+"</b></font></td>");
  80.  
  81.         }
  82.         document.write("</tr>");
  83.     }
  84.     document.write("</table><br/><br/>");
  85.  
  86. }
  87.  
  88. fill();
  89.  
  90. print("sm");
  91. print("sm");
  92. print("bg");
  93. </script>

Posted in JavaScript, Security | 3 Comments »

Twiddla - free online meeting playground

Apr 18th, 2008 by robert

Twiddla. A free online collaboration tool which has a number of very nice features. One it’s free. Two, it’s got a no-brainer interface which makes it really easy to set up and run a group collaboration. You can set meetings up as private or public, and there are a bunch of useful tools available, including annotation icons and shapes.

Basically it’s a great product for whiteboarding or testing out website designs with teams of remote people, without having to deal with a clunky or complex interface. And three, text chat comes as default, but there’s also a voice chat button which links directly to the Java based Phonefromhere voice conferencing service. Nice feature.

Unfortunately it’s very much an early beta work, and this translates into a very sluggish feel, at least when I used it. It can take ages for a mouse click to translate into action, and some actions take literally more than a minute to manifest. It may be my browser (Firefox) or some peculiarity of my set up (i.e. Firefox plugins clash), but I found it a bit frustrating.

But it’s definitely got great potential as an application, no question, and one that I can see lots of people using once the kinks are ironed out. And the coolest thing about the app is the team behind it, Expat Software. Nice!

Posted in Tools | No Comments »

Test of JavaScript invocation from WP post

Feb 21st, 2008 by robert

Your locatioin:

Posted in Uncategorized | No Comments »

YSlow performance optimisation

Sep 7th, 2007 by robert

One of the key factor for site performance optimization is keeping number of requests low. Each request for css file or image contributes to overall slowness of your site. But it is especially critical to minimize number of JavaScript files because browsers never download them in parallel with any other content. That is if you have JavaScript include and several CSS in the HEAD of the page the browser will download JS file (alone !) first and then skip to css files that probably will be downloading simultaneously.
Nothing to be scared so far but imagine that you have 10 JS files and latency from client to server is 250msec (typical ping from US to Australia). 10 JS files will eat at least 5 seconds! And 10 JS is not too much, believe me. When you developing any Ajax or reach internet application the minimal set of libraries is : Scriptaculous(1-4 files), TrimPath templates, Validator, DHTML callendar, behaviour, etc. And Prototype and jQuery is a MUST for all sites regardless of whether you want to call them ajaxified or not.

Simplest solution for this problem is combining all JS files into one chunk and serving them in one go.

PLAIN TEXT
JAVA:
  1. <%
  2. // Reasonable Expiration time
  3. long now = System.currentTimeMillis();
  4. response.setHeader("Cache-Control", "max-age=600"); // 10 minutes
  5. response.setDateHeader("Expires", now + 600000); // 10 minutes
  6. String type = request.getParameter("t");
  7. String fileParam = request.getParameter("f");
  8.  
  9. String prefix="";
  10. if("js".equals(type)){
  11.     prefix = "/public/js/";
  12. }else if("css".equals(type)){
  13.     prefix = "/public/themes/default/css/";
  14. }else{
  15.     response.sendError(500, "Unsupported type "+t);   
  16. }   
  17. String[] files = fileParam.split(",");
  18. for (String file:files){
  19.         file = file.replace("\\", "").replace("..", ""); // no escapes or parent folders
  20.         request.setAttribute("file", prefix + file);
  21. %><jsp:include page="${file}"/><%           
  22. }
  23. %>

When you include it in the page you need to pass as parameter f all JS files you need comma separated.

PLAIN TEXT
HTML:
  1. <script src="http://localhost:8888/ice-mcc/public/combiner.htm?t=js&f=calendar/calendar.js,blah/blah.js"></script>

Posted in Java, JavaScript | 3 Comments »

Default submit button for HTML form

Aug 21st, 2007 by robert

Recently I faced well forgotten old problem of having default submit button (activated by Enter while located inside form's filed) for web form. When the behavior of browser is not really standardized, it is common that first submit button is used. In wizard-style forms when you have buttons Back, Save, Continue it is never applicable.

One common solution is to have one more submit button hidden by use of CSS and located before of any visible submit buttons. It works fine in FireFox but no IE. Internet Explorer 7 understands that button is not visible and does not send it's value.

Alternative approach is to sprinkle some JavaScript that will listen to keyboard events, stop event propagation when Enter is pressed and emulate click on desired button. Now when you have such beautiful libraries as Prototype and jQuery it became very simple and elegant:

PLAIN TEXT
JavaScript:
  1. function assignDefaultSubmitButtons(){
  2.   $j("form").each(function() { // loop throug all forms on the page
  3.         var _form = this;
  4.         var _defaultSubmit = _form.getElementsByClassName("defaultSubmit"); // search default submit button
  5.         if(_defaultSubmit!=null && _defaultSubmit.length>0){
  6.           $j("input", _form).keypress(function(e){ // attach onkeypress event listener for each input field
  7.             var keycode;
  8.                 if (window.event) {//IE
  9.                     keycode = window.event.keyCode;
  10.                 }else if (e) {  //FF
  11.                     keycode = e.which;
  12.                 }else {
  13.                     return true;
  14.                 }
  15.                 if(keycode==13){
  16.                     _defaultSubmit[0].click()// emulates click on defaultSubmit button
  17.                     return false;   // stops propagating keypress event
  18.                 }
  19.           });
  20.         }
  21.    });
  22. }

Now you need to add CSS class 'defaultSubmit' to any submit button and call assignDefaultSubmitButtons when document is loaded. You can have several forms on one page and each of them can have it's own default submit button.
Since we use both libraries jQuery and Prototype, do not forget to add this row:

PLAIN TEXT
HTML:
  1. <script>var $j = jQuery.noConflict();</script>

Posted in JavaScript | No Comments »

Script for FTP proxy

Feb 6th, 2007 by robert

In one project when I was writing procedure for FTP-uploading I faced a very restrictive FTP proxy. All attempts to use standard libraries from apache did not succeed. Itried to connect with FAR manager and failed as well. Sysadmin confirmed that that none of ftp clients will work non-unanimously through FTP. So the only option was to write shell script that will be called from java code and perform FTP transfer. Here is what I've got:

PLAIN TEXT
CODE:
  1. #!/bin/sh
  2.  
  3. FTP_HOST=$1
  4. FTP_NAME=$2
  5. FTP_PASS=$3
  6.  
  7. SRC_FILE=$4
  8. DST_FILE=$5
  9.  
  10. PROXY_SERVER=192.168.1.1
  11.  
  12. TMPFILE=`mktemp /tmp/ftptrans_remotels.XXXXXXXXXX`
  13.  
  14. if [ "$5" = "" ] ;  then
  15.         echo Ftp File Transfer via MAERSK proxy
  16.         echo
  17.         echo Usage:
  18.         echo ftptrans.sh [FTP_HOST] [FTP_NAME] [FTP_PASS] [SRC_FILE] [DST_FILE]
  19.         echo note that DST_FILE must be a file name without directories
  20.         exit
  21. fi
  22.  
  23. echo "FTP TRANSFER to $FTP_NAME@$FTP_HOST identified by $FTP_PASS"
  24. echo "tmp file is $TMPFILE"
  25.  
  26. ftp -n  $PROXY_SERVER <<EOF
  27. user $FTP_NAME@$FTP_HOST $FTP_PASS
  28. binary
  29. put $SRC_FILE $DST_FILE
  30. ls . $TMPFILE
  31. bye
  32. EOF
  33.  
  34. cat $TMPFILE | if grep $DST_FILE ; then
  35.         echo Done
  36.         exit 0
  37. else
  38.         echo Error
  39.         exit 1
  40. fi

After upload we take list of remote files in temp file and check if our just uploaded file exists there. If not we raise an error that will be logged iin java code.

Posted in Java, Linux | No Comments »

Generic OGNL Controller without Spring WebFlow

Feb 6th, 2007 by robert

While working on various web projects many times I felt guilty for writing controllers that perform one-two rows of the code.
It must be easier way! And when I read and tried Spring WebFlow I really liked their approach for defining how to call methods on any exposed bean.
It is what I was looking for. Simple things made easy inside the xml config:

PLAIN TEXT
XML:
  1. <bean-action bean="cartController" method="changeQuantities">
  2.     <method-arguments><argument expression="flowScope.viewCommand"/></method-arguments>
  3.     <method-result name="viewCommand" scope="flow"/>
  4. </bean-action>

However Spring WebFlow has many aspects that would stop you from using it for entire site. Click-around navigation and SWF do not play well together.
So what I need is ability to define OGNL expression in Spring coonfig without using SWF. What looked scarry on first sight turned to be extremely easy task.
I did some prototyping of idea and here is what I got in spring config file:

PLAIN TEXT
XML:
  1. <bean id="profileView" class="com.cochlear.mcc.web.GenericFormController">
  2.     <property name="formView" value="profileView"/>
  3.     <property name="manager"><ref bean="profileManager"/></property>
  4.     <property name="viewScript"><value>manager.getProfile()</value></property>
  5. </bean>
  6.  
  7. <bean id="profileForm" class="com.cochlear.mcc.web.GenericFormController">
  8.     <property name="formView" value="profileForm"/>
  9.     <property name="manager"><ref bean="profileManager"/></property>
  10.     <property name="modelClass"><value>com.cochlear.mcc.profile.model.ProfileDTO</value></property>
  11.     <property name="viewScript"><value>manager.getProfile()</value></property>
  12.     <property name="postScript"><value>manager.updateProfile(#object)</value></property>
  13.     <property name="successView" value="redirect:profile.view"/>
  14. </bean>

Not as clear as in SWF maybe but enough to prove the idea. It is concise, it does the job. You do not have to write FormActions for trivial things.
Here is what I have in GenericFormController:

PLAIN TEXT
JAVA:
  1. public class GenericFormController extends SimpleFormController{
  2.     protected Object manager;
  3.     protected String viewScript;
  4.     protected String postScript;
  5.  
  6.     protected Object formBackingObject(HttpServletRequest request) throws ServletException, InstantiationException, IllegalAccessException {
  7.         try {
  8.             if(StringUtils.hasText(viewScript)){
  9.                 OgnlContext context= new OgnlContext();
  10.                 populateOgnlContextCommon(context, request);
  11.                 Object expr = Ognl.parseExpression(viewScript);
  12.                 Object res=Ognl.getValue(expr, context, this);
  13.                 return res;
  14.             }else{
  15.                 return getCommandClass().newInstance();
  16.             }
  17.         } catch (OgnlException e) {
  18.             e.printStackTrace();
  19.             throw new ServletException(e);
  20.         }
  21.     }
  22.  
  23.     protected ModelAndView onSubmit(HttpServletRequest request, HttpServletResponse response, Object commandObject, BindException errors) throws Exception {
  24.         Object command = getCommandClass().cast(commandObject);
  25.         try {
  26.             if(StringUtils.hasText(postScript)){
  27.                 OgnlContext context= new OgnlContext();
  28.                 context.put("command", command);
  29.                 populateOgnlContextCommon(context, request);
  30.                 Object expr = Ognl.parseExpression(postScript);
  31.                 Ognl.getValue(expr, context, this);
  32.             }else{
  33.                 throw new ServletException("No postScript specified");
  34.             }
  35.         } catch (Exception e) {
  36.             errors.reject(null, "Error:"+e.getMessage());
  37.             return showForm(request, errors, getFormView());
  38.         }
  39.         return new ModelAndView(getSuccessView());
  40.     }
  41.  
  42.     protected void populateOgnlContextCommon(OgnlContext context, HttpServletRequest request){
  43.         context.put("request", request);
  44.         context.put("session", request.getSession());
  45.         context.put("user", SecurityContextHolder.getContext().getAuthentication().getPrincipal());
  46.     }
  47.  
  48.     // Getters and Setters here ..
  49.     // ...
  50.  
  51. }

When I have time I will do something more production grade. For now I just glad to know that it is achievable and quite simple actualy.

Posted in Java, Spring | 1 Comment »

Runing Tomcat as Linux service

Feb 6th, 2007 by robert

Not big deal but I am bit tired to google for this script each time I setup new box. Now I know where to get it without spending two valuable extra minutes to google. First create /etc/rc.d/init.d/tomcatd :

PLAIN TEXT
CODE:
  1. #!/bin/bash
  2. #
  3. # Startup script for Tomcat
  4. #
  5. # chkconfig: 345 84 16
  6. # description: Tomcat jakarta JSP server
  7. TOMCAT_HOME=/opt/tomcat
  8. TOMCAT_START=$TOMCAT_HOME/bin/startup.sh
  9. TOMCAT_STOP=$TOMCAT_HOME/bin/shutdown.sh
  10. #Necessary environment variables
  11. export JAVA_HOME=/opt/jdk1.5.0_10
  12. export CATALINA_HOME=/opt/tomcat
  13. #export LD_KERNEL_ASSUME="2.2.5"
  14. # Source function library.
  15. ###. /etc/rc.d/init.d/functions
  16. # Source networking configuration.
  17. ###. /etc/sysconfig/network
  18. # Check that networking is up.
  19. ### [ ${NETWORKING} = "no" ] && exit 0
  20. #Check for tomcat script
  21. if [ ! -f $TOMCAT_HOME/bin/catalina.sh ]
  22. then
  23.     echo "Tomcat not availableÁ-³"
  24.     exit
  25. fi
  26. start() {
  27.     echo -n "Starting Tomcat: "
  28.     su tomcat -c $TOMCAT_START
  29.     echo
  30.     touch /var/lock/subsys/tomcatd
  31.     # We may need to sleep here so it will be up for apache
  32.     sleep 3
  33.     #Instead should check to see if apache is up by looking for httpd.pid
  34. }
  35. stop() {
  36.     echo -n $"Shutting down Tomcat: "
  37.     su tomcat -c $TOMCAT_STOP
  38.     rm -f /var/lock/subsys/tomcatd
  39.     echo
  40. }
  41.  
  42. status() {
  43.     ps ax --width=1000 | grep "[o]rg.apache.catalina.startup.Bootstrap start" | awk '{printf $1 " "}' | wc | awk '{print $2}'> /tmp/tomcat_process_count.txt
  44.     read line </tmp/tomcat_process_count.txt
  45.     if [ $line -gt 0 ]; then
  46.         echo -n "tomcatd ( pid "
  47.         ps ax --width=1000 | grep "[o]rg.apache.catalina.startup.Bootstrap start" | awk '{printf $1 " "}'
  48.         echo -n ") is running..."
  49.         echo
  50.     else
  51.         echo "Tomcat is stopped"
  52.     fi
  53. }