Archive

Archive for February, 2012

Running HTTPS – Tomcat – Ubuntu 11.04

February 22, 2012 Leave a comment

Installing Tomcat on Ubuntu 11.04
ahmed@ubuntu:~$ sudo apt-get install tomcat6
ahmed@ubuntu:~$ sudo apt-get install tomcat6-admin
Here is complete information on howto install tomcat on Ubuntu 11.04.
https://help.ubuntu.com/11.04/serverguide/C/tomcat.html
Next once we have tomcat installed here is what we need to do.



Creating KeyStore File
ahmed@ubuntu:~$ keytool -genkeypair -alias tomcat -keyalg RSA -keysize 1024 -dname “CN=localhost, OU=Organization, O=Company Name, L=City, S=State, C=US” -validity 365 -keystore keystore

Enter keystore password: <enter a new password here>
Enter key password for <tomcat>
        (RETURN if same as keystore password): <just hit enter here>
The password you enter in the first password prompt will be the password for the “keystore” file where your server certificate is stored. File will be create in the current directory where you executed the above command. Then you can copy it to your tomcat directory as requried.

Next Updating server.xml file
Next, edit your Tomcat’s conf/server.xml to enable the HTTPS connector (Add last line with your information).
Look for a connector that looks like this and uncomment these lines:
<Connector port=”8443″ protocol=”HTTP/1.1″ SSLEnabled=”true”
    maxThreads=”150″ scheme=”https” secure=”true”
    clientAuth=”false” sslProtocol=”TLS”
    keystoreFile=”/etc/tomcat6/keystore” keystorePass=”ahmed”/>
Comment the below information in the servel.xml file,
if you want the server to accept on SSL connections only.
<!–
    <Connector port=”8080″ protocol=”HTTP/1.1″
     connectionTimeout=”20000″
     URIEncoding=”UTF-8″
     redirectPort=”8443″ />
–>
Once this is done lets restart.
ahmed@ubuntu:~$ sudo service tomcat6 restart

Then we can hit https://localhost:8443 on the browser.
Your web browser will warn you about the self-signed certificate,
this is fine if your not running any critical application.

You will get the below warning on the browser as this is a self-signed certificate.

10

Add the site to exception.

25

Then access the site, all the data between the browser and server is secured over SSL.

34
Categories: How To

Code Jam @ Saggezza, Bangalore

February 19, 2012 Leave a comment

Passionate about Java Coding? Join the day long fun on 25th Feb 2012 at Saggezza, Bangalore Office. For details:http://www.saggezza.com/codejam.

Categories: Others, Personal

SVN Migration – one Server to Another

February 15, 2012 Leave a comment

Today we were migrating our Repos from One server to Another.So though to share the information. If some might need it.
Attached is the document which will help you migrate SVN. Taking SVN Dump etc.

Creating_and_Migrating_SVN_Repository.pdf Download this file
Categories: How To

Proxy Transaction – Proxy Server Handshake

February 15, 2012 Leave a comment
Categories: How To, Internet

MAC for specific Adapter on Linux

February 13, 2012 Leave a comment

Today was working on getting a unique information for a system. And MAC would be enough for my requirement. (Need not go for a UID). Below is the code to find MAC for a specific Adapter. “eth0” for my case.
Only different thing here is the structure ifreq which I used for the first time.



Here is the struct information.

struct ifreq {

    char    ifr_name[IFNAMSIZ];/* Interface name */
    union {
            struct sockaddr ifr_addr;
            struct sockaddr ifr_dstaddr;
            struct sockaddr ifr_broadaddr;
            struct sockaddr ifr_netmask;
            struct sockaddr ifr_hwaddr;
            short   ifr_flags;
            int     ifr_ifindex;
            int     ifr_metric;
            int     ifr_mtu;
            struct ifmapifr_map;
            char    ifr_slave[IFNAMSIZ];
            char    ifr_newname[IFNAMSIZ];
            char *  ifr_data;
    };
};
struct ifconf { 
    int ifc_len;    /* size of buffer */
    union {            
            char *  ifc_buf; /* buffer address */ 
            struct ifreq *ifc_req; /* array of structures */
    };  
};

You can more information about this structure here below. 




#include <stdio.h>
#include <string.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <sys/ioctl.h>
#include <netinet/in.h>
#include <net/if.h>
int main()
{
    int socketDescriptor;
    struct ifreq mac_info;
    /*UDP Socket created here*/
    socketDescriptor = socket(AF_INET, SOCK_DGRAM, 0);
    mac_info.ifr_addr.sa_family = AF_INET;

    /*Information for eth0*/
    strncpy(mac_info.ifr_name, “eth0”, IFNAMSIZ-1);
    ioctl(socketDescriptor, SIOCGIFHWADDR, &mac_info);

    /*Closing Socket*/
    close(socketDescriptor);

    /*Lets Print this information*/
    printf(“%.2x:%.2x:%.2x:%.2x:%.2x:%.2x\n”,
         (unsigned char)mac_info.ifr_hwaddr.sa_data[0],
         (unsigned char)mac_info.ifr_hwaddr.sa_data[1],
         (unsigned char)mac_info.ifr_hwaddr.sa_data[2],
         (unsigned char)mac_info.ifr_hwaddr.sa_data[3],
         (unsigned char)mac_info.ifr_hwaddr.sa_data[4],
         (unsigned char)mac_info.ifr_hwaddr.sa_data[5]);
    return 0;
}

OUTPUT:
 
ahmed@ahmed-work-horse:~/rnd$ gcc testMac.c 
ahmed@ahmed-work-horse:~/rnd$ ./a.out 
00:12:64:12:7f:0a
ahmed@ahmed-work-horse:~/rnd$ ifconfig
eth0      Link encap:Ethernet  HWaddr 00:12:64:12:7f:0a  
          inet addr:172.16.2.15  Bcast:172.16.2.255  Mask:255.255.255.0
          inet6 addr: fe80::225:64ff:fe82:7f0a/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:3158057 errors:0 dropped:0 overruns:0 frame:0
          TX packets:2005005 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:2865103780 (2.8 GB)  TX bytes:200486870 (200.4 MB)
          Interrupt:42 Base address:0x4000 
lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:41143 errors:0 dropped:0 overruns:0 frame:0
          TX packets:41143 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:10216832 (10.2 MB)  TX bytes:10216832 (10.2 MB)
vmnet1    Link encap:Ethernet  HWaddr 00:50:12:c0:00:01  
          inet addr:172.16.45.1  Bcast:172.16.45.255  Mask:255.255.255.0
          inet6 addr: fe80::250:56ff:fec0:1/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1028 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)
vmnet8    Link encap:Ethernet  HWaddr 00:50:12:c0:00:08  
          inet addr:172.16.167.1  Bcast:172.16.167.255  Mask:255.255.255.0
          inet6 addr: fe80::250:56ff:fec0:8/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:1377 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1033 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)
ahmed@ahmed-work-horse:~/rnd$
Categories: How To

PostgreSQL Setup – Configuration

February 11, 2012 Leave a comment

My friend wanted to setup PostGreSQL with Replication. (Master / Slave Setup). So I agreed to help him out.
Since I have not done anything on PostgreSQL before, so though to document it as I go.

First in this blog post, I will just cover.

  • Setting up two virtual machines (MASTER / SLAVE).
  • Getting both the VMs to have postgreSQL 9.1 installed and configured.
Information about the VM Machines
Master : 172.16.167.130
Slave : 172.16.167.129
Now Lets Start.

First, Lets setup VMWare setup to.
Installing VMware Player on Ubuntu 11.10.
Install required packages build-essential and linux-headers
sudo apt-get install build-essential linux-headers-$(uname -r)
Download the latest VMware player and execute below command.
$ gksudo bash ~/Downloads/VMware-Player-3.1.4-385536.i386.bundle
This will bring up the installer interface and you can continue after that.
Note: this assumes the location of your Downloads folder is ~/Downloads.


Now lets install PostgreSQL 9.1 on Ubuntu 11.10 (MASTER / SLAVE)
Lets Install PostgreSQL 9.1
ahmed@ahmed-work-horse:~$ sudo apt-get install postgresql-9.1*
This will install all the required components


ahmed@ahmed-work-horse:~$ sudo apt-get install pgadmin3
This is required for admin console.
Once we have done installing lets configure the Server.
ahmed@ubuntu:~$ sudo vim /etc/postgresql/9.1/main/postgresql.conf
In the file change (# is commented)
#listen_addresses = ‘localhost’
to this (uncomment) – for MASTER is ‘172.16.167.130’ SLAVE is ‘172.16.167.129’
listen_addresses = ‘172.16.167.130’
or
listen_addresses = ‘<your_ip_address>’

Next Lets change the pg_hba.conf file.
ahmed@ubuntu:~$ sudo vim /etc/postgresql/9.1/main/pg_hba.conf

Add these as required lines in the IPv4 Section.
This will allow IP 172.16.167.129 to access 172.16.167.130 (on Master)

This will allow IP 172.16.167.130 to access 172.16.167.129 (on Slave)
# IPv4 local connections:
host  all     all     127.0.0.1/32       md5
host  all     all     172.16.167.129/32  md5
host  all     all     172.16.167.130/32  md5
Now lets check our connection.
ahmed@ubuntu:~$ pgadmin3 &

This will bring up the pgadmin interface.
Follow the images below to check connection.

Replication, I will add once I have completed that.(In Progress)

Categories: How To

Open ports on UFW (uncomplicated Firewall – Ubuntu)

February 11, 2012 1 comment

Open ports on UFW (uncomplicated Firewall – Ubuntu).
I wanted to unblock 5432 port for a PostGre SQL setup.
Here is how you do it.
To check status for firewall
ahmed@ahmed-work-horse:~$ sudo service ufw status
ufw start/running
you can also use this command to check status
ahmed@ahmed-work-horse:~$ sudo ufw status
Status: inactive
ahmed@ahmed-work-horse:~$ sudo ufw status
Status: inactive
ahmed@ahmed-work-horse:~$ sudo ufw enable 
Firewall is active and enabled on system startup

If the status is not stopped/waiting, you can enable it using the below command
ahmed@ahmed-work-horse:~$ sudo ufw enable
To open a port say 5432:
ahmed@ahmed-work-horse:~$ sudo ufw allow 5432
To block/close an opened port:
ahmed@ahmed-work-horse:~$ sudo ufw deny 5432
To remove a rule, use delete followed by the rule:
ahmed@ahmed-work-horse:~$ sudo ufw delete deny 5432

It is also possible to allow access from specific hosts or networks to a port. The following example allows ssh access from host 192.168.0.2 to any ip address on this host:
ahmed@ahmed-work-horse:~$ sudo ufw allow proto tcp from 172.16.167.2 to any port 5432
Rules updated
ahmed@ahmed-work-horse:~$ sudo ufw status
Status: active

To                         Action      From
--                         ------      ----
5432/tcp                   ALLOW       172.16.167.2

ahmed@ahmed-work-horse:~$

Replace 172.16.167.2 with 172.16.0.0/24 to allow port 5432 access from the entire subnet.
ufw can be disabled by:
ahmed@ahmed-work-horse:~$ sudo ufw disable
Thats it!!!.
Categories: How To