Saturday, November 22, 2014

How to view the request of Apache HttpClient before send the request

Many occations, we are using Apache HttpClinet to send requests in applications. So sometimes we needs to observe the request of the http client. It's simple. Set below System properties before send the request.
System.setProperty("org.apache.commons.logging.Log","org.apache.commons.logging.impl.SimpleLog");
System.setProperty("org.apache.commons.logging.simplelog.showdatetime", "true");
System.setProperty("org.apache.commons.logging.simplelog.log.org.apache.http.wire", "DEBUG");
There are more additional logs which can enabled too.
System.setProperty("org.apache.commons.logging.simplelog.log.org.apache.http.impl.conn", "DEBUG");
System.setProperty("org.apache.commons.logging.simplelog.log.org.apache.http.impl.client", "DEBUG");
System.setProperty("org.apache.commons.logging.simplelog.log.org.apache.http.client", "DEBUG");
System.setProperty("org.apache.commons.logging.simplelog.log.org.apache.http", "DEBUG");

Tuesday, November 18, 2014

How to change Session ID after a successful login

In many web application it required to change the sessionid after user is successfully login to the system. In this case, the session ID exists in two different contexts which is vulnerable for attackes. Those contexts are authenticated state and a non-authenticated one. An attacker could start a session, continued through login by a legitimate user, and then re-use the same session to access the user’s account. So using that session id, attacker can obtain the access users' resources as a legitimate user.
In java appplication, JSESSIONID use as the session id. JSESSIONID is a cookie generated by Servlet container like Tomcat or Jetty and used for session management in J2EE web application for http protocol. So below code segment shows how to generate a new session out of old session.
private void regenrateSession(HttpServletRequest request) {
  
  HttpSession oldSession = request.getSession();
  
  Enumeration attrNames = oldSession.getAttributeNames();
  Properties props = new Properties();
  
  while (attrNames != null && attrNames.hasMoreElements()) {
   String key = (String) attrNames.nextElement();
   props.put(key, oldSession.getAttribute(key));
  }
  
  oldSession.invalidate();
  HttpSession newSession = request.getSession(true);
  attrNames = props.keys();
  
  while (attrNames != null && attrNames.hasMoreElements()) {
   String key = (String) attrNames.nextElement();
   newSession.setAttribute(key, props.get(key));
  }
 }


References
http://javarevisited.blogspot.com/2012/08/what-is-jsessionid-in-j2ee-web.html#ixzz3JRxDttxm
http://blog.credera.com/technology-insights/java/broken-authentication-session-management/

Sunday, November 9, 2014

How to install OpenMRS 2.x (Reference Application)

As everyone know, OpenMRS created OpenMRS 2.0 to provide much more friendly UX for users by navigating from the legeacy interface. So now it's time release the 2.2 version of the OpenMRS. During this blogpost, I will guide you on how to setup OpenMRS 2.2 in your local environment. There are two ways which you can setup OpenMRS 2.x in your  local machine. I will guide through the both the ways.

First I will add a description on the core modules of the OpenMRS 2.x.

There are several module that are included in  the openmrs reference application and the following might be the major modules of the reference application. 
  • uicommons - Contains the general CSS and Javascript files that are used in the reference application
  • referencemetadata - Adds required metadata, sets required global properties and any necessary configurations that are required for the application to be functional.
  • referencedemodata - Adds demodata that is uses in the dev and test environments.
  • referenceapplication - This is the one that glues everything together to form the reference application.
And the reference application distro is a utility module that contains the scripts that build and packages the archive that contains all the modules, it also contains the UI tests for the reference application.
Below modules also subjected to extensive development. 
App framework module
This module provide the functionality of set of lightweight guidelines that help us build different parts of the OpenMRS system in a decoupled way, avoiding a monolithic design that become unwieldy as it grows. The App Framework is agnostic to how you actually implement functionality, and very intentionally allows you to write "server-side apps" using the UI Framework, or "client-side apps" using HTML5 + JavaScript + REST.
UI framework module

The UI Framework module introduces a custom user interface framework built on top of Spring MVC that will be the basis of the OpenMRS 2.x web application.
Distro reference application.

This module will assemble required modules in one places. OpenMRS 2.x use set of code modules to built applications on top of it. If  you build the distro application you will see set of modules which needs to be there in the OpenMRS 2.x to function. Inside the package folder, required modules are listed as follow screenshot. But always you can download latest version of modules from the build in [4] and [5]
where [4] gives the openmrs war distribution and [5] gives the set of modules. 



Using tomcat distribution

One way of intalling OpenMRS reference application is in the pure tomcat servelet container.

Please follow installation guide in [6]. You can use  [4] war distribution to install OpenMRS. After or before completing installation setup, OpenMRS 2.x needs some more heap spaces to run. So you will needs to add CATALINA_OPTS and JAVA_OPTS in catalina.sh startup script.

export CATALINA_OPTS="-Xms4096M -Xmx5120M"

export JAVA_OPTS="-Dfile.encoding=UTF-8 -XX:PermSize=64m -XX:MaxPermSize=256m"
Note that you will needs to set appropriate memory depend on your memory availability. Then download the modules available in the [5] to start with reference application. Copy the all the modules in the downloaded archive to (.omod files) to applcation data directory. You can install them where the place which locate the openmrs-runtime.properties file location. There you will see a .OpenMRS/modules folder which you can drop the module files and restart the tomcat. Details on application data directory can be found in [7].

That's it you now log into openmrs(localhost:8080/openmrs or localhost:8080/{webappname})  to experience with OpenMRS 2.x.

Using OpenMRS standalone version

It's very easy to install the OpenMRS 2.x with standalone version where you can download latest release which is OpenMRS 2.1 in standalone in [8]. See instructions to run OpenMRS standalone version in [9]. If you already running standalone version 2.0, please see [10] for upgrade it to the OpenMRS 2.1.

Hope you will enjoy with the OpenMRS 2.x.

Also you can find live server in here.

[1] -https://wiki.openmrs.org/display/projects/Epic+-+Reference+Application
[2] - https://wiki.openmrs.org/display/docs/App+Framework+Developer+Documentation
[3] - https://wiki.openmrs.org/display/docs/UI+Framework+Step+By+Step+Tutorial
[4]-http://sourceforge.net/projects/openmrs/files/releases/OpenMRS_Platform_1.10.0/openmrs.war/download
[5]-https://ci.openmrs.org/browse/REFAPP-OMODDISTRO/latestSuccessful
[6]-https://wiki.openmrs.org/display/docs/Installing+OpenMRS
[7]-https://wiki.openmrs.org/display/docs/Application+Data+Directory
[8]-http://openmrs.org/download/
[9]-https://wiki.openmrs.org/display/docs/OpenMRS+Standalone
[10]-https://wiki.openmrs.org/display/docs/Upgrade+Standalone+OpenMRS+2.0+to+OpenMRS+2.1?flashId=1231697239

Saturday, November 8, 2014

How to make you own code formatting style with Intellij IDEA

With the newest version of Intellij IDEA, it's allow you to import existing code style settings from Eclipse code formatter xml. Below screenshot shows how you can import existing Eclipse Code formatter to Intellij. You can navigate to File > Settings>Code Style > Manage where you popup a window to import code style. There you can import eclipse code formatter style to Intellij. Here after you may needs to get the actual code style xml which create by Intellij IDEA, it will be reside in  IDEA's meta resource holding configuration directory in home directory where ".IntelliJIdea13/config/codestyles". In there you will notice that there will be a configuration file is create for newly added code style. You can use it to share with the others. For reuse the Intellij IDEA code style xml, you can drop configuration xml in  ".IntelliJIdea13/config/codestyles". Then newly added code style will show in the  File > Settings>Code Style > Manage  tab. Then you can select it to use in the project. In linux systems, shortcut "Ctrl+Alt+L" will do the code formatting for your class. But same shortcut is use to lock the account. So you may change either system or intellij IDEA shortcut to dealt with this.

Add, edit or select code style

But if you needs to create a new code formatting style, same way you can first go to File > Settings>Code Style > Manage and select existing code formatter style. Afterr words you can do "Save As"where it saves new copy from the original which you can do the changes.

So what are the available code formatting settings in Intellij IDEA. As the most popular Java IDE, it has several cool properties that you can select to make your own code style formatter.

I will give a brief idea on what each tab do. You can find more details in [1]. I will closely look at Java language specific code formatting.

There is a General tab which contains the general settings for the all the supported languages as in below image. Where you specify maximum length for the line and etc.

General Tab


General tab contains below properties. For more details look at  [1].
  • Right margin, Formatter on/off tags
  • Indentation
  • Indent size
  • Usage of ‘Tab’ character
  • Usage of Tab only for leading indentation (Smart Tabs)
  • Indent ‘case’ branches from ‘switch’
  • Indent class members
  • Keep comment at first column
Spaces tab contains the rules on where the code needs to have spaces on. For example people may prefer space after the class name. Below are the several properties. For more details look at  [1].
  • Before/after comma (as set for Eclipse method declaration parameters)
  • After comma in type arguments
  • Within array initializer braces
  • Within brackets (in array reference)
  • Within parentheses of: annotation, ‘for’, ‘if’, ‘catch’ ’while’, ’switch’, method, empty method, parenthesized expression, method call, type cast, ‘synchronized’
  • Before parentheses of: ‘try’, ‘for’, ’while’, ‘switch’, method, ’if’, ‘catch’, method, method call, ‘synchronized’.
  • After type cast
  • Around unary, assignment operators (if it’s set for ‘before’ and ‘after’ in Eclipse).
  • Before opening brace of: array initializer, ‘switch’
  • Before ‘?’ in conditional expression
  • Space before/after ‘:’ in conditional expression
  • Space around binary operators (a single Eclipse setting is mapped to multiple IntelliJ IDEA’s settings)
Spaces tab

Blank lines tab contains the rules for where to insert blank lines between different sections such as imports licence headers and etc. Below are the several properties. For more details look at  [1].
  • Around fields and methods
  • Before/after package
  • Before/after imports
  • Before method body
  • Keep blank lines in code (number of empty lines to preserve)
Blank Lines

Wrapping and Braces  tab contains the rules for where we needs to wrap lines for example, we may perform line wrap if single line exceed maximum line length. Below are the several properties. For more details look at  [1]
  • New line before: closing brace in array initializer, ‘else’ in ‘if’ statement, ‘finally’ and ‘catch’ in ‘try’ statement, binary operator (if wrapped)
  • New line after: opening brace in array initializer
  • Special ‘else if’ treatment (compact ‘else if’)
  • Keep simple blocks in one line
  • Keep control statements in one line
  • Alignment of: array initializer expressions, arguments in method declarations and calls, field declarations, extends list, assignments, binary expressions, ‘throws’ clause, resources in ‘try’.
  • Brace style for: code blocks, methods and classes
Wrapping and Braces
JavaDoc tab contains rules for format java docs. Below are the several properties. For more details look at  [1]
  • Enable JavaDoc formatting
  • Blank lines in JavaD
Java Doc

Imports tab contains rules on how we format imports in the class. Sometimes you will notice that, Intellij IDEA perform wild card imports. It can be overcome with this tab settings . For more details look at  [1].

Imports
Arrangement This tab lets you define a set of rules that rearranges your code according to your preferences. For more details look at  [1].

Arrangement

After you select the appropriate rules, click apply. Then you can apply the formatting rules and you can take out the current configuration from above mentioned configuration location.

[1] - https://www.jetbrains.com/idea/help/code-style-java.html
[2] - http://blog.jetbrains.com/idea/2014/01/intellij-idea-13-importing-code-formatter-settings-from-eclipse/