Thursday 23 February 2017

A Natural Progression Towards Lambda

At my work, in order to deal with a grid1 in the frontend and a list at the backend, we use a DataModel at the backend.

It seems simple enough, and used to work as follows:
private List<Person> list = Arrays.asList(new Person("Jim"), new Person("Jack"));

private ListDataModel<Person> dataModel = new ListDataModel<>(list);
This had some shortcomings when for example the user decided to select a different department, executing this code:
list = findPersonsByDepartment(department);
This seems to work just fine. A person selects a different department, and the employees data model updates itself. Or so one would think.
What happens is that the ListDataModel retains the old list. So, the frontend is never updated.

Reusing the same list

Because of this little problem, our code retains a lot of the following statements, to make sure the same list is used over and over again:
list.clear();
list.addAll(findPersonsByDepartment(department));
It seems a slightly convoluted way to doing things.

Anonymous inner classes

We soon found out that anonymous inner classes would solve this problem better, and in fact there are more anonymous inner classes than there are named DataModels in our current code base.

It looks like the following:
private ListDataModel<Person> dataModel = new ListDataModel<Person>() 
{
   @Override
   public List<Person> getList() 
   {
     return findPersonsByDepartment(department);
   }
};
There now, any time the contents of the ListDataModel is requested in the frontend, a new and accurate List containing the department employees is returned.

Passing code

Instead of creating an entire new anonymous inner subclass of a ListDataModel, it might be more elegant to create an interface especially for this purpose, call it the ListProvider interface.

As follows:
public interface ListProvider<T> 
{
  List<T> getList();
}

private ListDataModel<Person> dataModel = new ListDataModel<Person>(new ListProvider<>() 
{
   @Override
   public List<Person> getList() 
   {
     return findPersonsByDepartment(department);
   }
});

Using lambdas


The good part is that now with Java 8 we can start using Lambdas.

And in this case, we have an interface containing just one method. This is in essence the definition of a lambda.

So now the proper way to write this would be the following:
public interface ListProvider<T> 
{
  List<T> getList();
}

private ListDataModel<Person> dataModel = 
    new ListDataModel<Person>(() -> findPersonsByDepartment(department));
Convenient, isn't it?
In this case, the lambda is called a Supplier2 .

References

[1] Welcome to the SlickGrid! (outdated sadly)
https://github.com/mleibman/SlickGrid/wiki
[2] Supplier (Java Platform SE 8)
https://docs.oracle.com/javase/8/docs/api/java/util/function/Supplier.html

Thursday 16 February 2017

Angular - Semantic Versioning

Angular1 has switched to Semantic Versioning2

So, the brand new thing that is totally hot right now is Angular 4.0.

The versions released, and to be released are available here3.

Contrary to the image in the blog, the word for referring to all this is "Angular".

Looks like version 5 of Angular will be released later in the year.

I hope I can keep up.

References

[1] Ok... let me explain: it's going to be Angular 4.0, or just Angular
http://angularjs.blogspot.nl/2016/12/ok-let-me-explain-its-going-to-be.html?inf_contact_key=8b9c809bd7a11da8e78370dff6483f15f2782c6760b6b1b77f6b008bc3804655&m=1
[2] Semantic Versioning 2.0.0
http://semver.org/
[3] Versioning and Releasing Angular
http://angularjs.blogspot.nl/2016/10/versioning-and-releasing-angular.html#Timebased_release_cycles_18

Thursday 9 February 2017

Group by problem with Hibernate

Recently had a small problem that the group by function didn't work, if I added a subtable to the query. The GROUP BY expression did not match any longer.

Seems a long standing problem with Hibernate.

References

Java Persistence with Hibernate, page 392
Christian Bauer, Gavin King, Gary Gregoy
HH-1615 - GROUP BY entity does not work
https://hibernate.atlassian.net/browse/HHH-1615
HH2436 - Allow grouping by entity reference (per JPA spec)
https://hibernate.atlassian.net/browse/HHH-2436

Wednesday 1 February 2017

Extending SSL Certificate in Glassfish

This is a followup of the blog post SSL Certificates in Glassfish.

The reason for this followup, is that signing of websites and code seems to be a very error prone and manual process, that is done infrequently enough for all of us to forget afterwards.

It basically follows the same path as the previous blog post, but I find it convenient to write stuff down, in case I forget.

Now my certificate on my website had expired, and it took me a while, before I found the time and the motivation to extend the certificate.

I'm still with GoDaddy.com4. Thankfully, the CSR was already transmitted last year, and I can just reuse that one.

Once I submit the CSR, I am required to verify that I am the owner of the Domain. This time, thank goodness, it requires nothing more than the clicking of a link sent to the email address that is stored in the WHOIS information.

Nothing like putting a file in the rootmap of the webserver or some such, like the first time.

Once that is done, I need to download the new certificates from godaddy.com. They ask for the type of web server that they need to generate the certificates for. Glassfish is not mentioned anywhere, so I select "Other".

The zip file I then receive, contains the same files as mentioned in my previous blogpost1.

As I already installed all the root certificates, I choose to ignore the gd_bundle-g2-g1.crt file.

The more interesting file is the 2375839yrghfs5e7f.crt file.

Replace the original self-signed certificate with the certificate you obtained from the CA

[glassfish@server config]$ keytool -import -v -trustcacerts -alias s1as -file /home/glassfish/junk/2375839yrghfs5e7f.crt -keystore keystore.jks -storepass changeit
Certificate reply was installed in keystore
[Storing keystore.jks]

Verifying the keystore.jks

You can verify that all is well, by using the above command to check the keystore. You will see something like the following:
Alias name: s1as
Creation date: Feb 1, 2017
Entry type: PrivateKeyEntry
Certificate chain length: 4
Certificate[1]:
Owner: CN=www.server.org, OU=Domain Control Validated
Issuer: CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US
Serial number: 8446c5db57d376ed
Valid from: Wed Feb 01 14:27:00 CET 2017 until: Thu Feb 01 14:27:00 CET 2018
Certificate fingerprints:
         MD5:  75:7a:73:67:72:6a:6b:73:65:72:6e:79:20:62:61:77
         SHA1: 75:7a:73:67:72:6a:6b:73:65:72:6e:79:20:62:61:77:79:20:72:67
         SHA256: 75:7a:73:67:72:6a:6b:73:65:72:6e:79:20:62:61:77:79:20:72:67:68:20:61:77:65:72:3c:6f:3b:20:59:38
         Signature algorithm name: SHA256withRSA
         Version: 3
Which shows that as of today, the keystore has a valid certificate that is exactly valid for one year.

To apply your changes, restart GlassFish Server, according to chapter "To Sign a Certificate by Using
keytool2".

Verifying after reboot

Earlier, when issuing the openssl command:
openssl s_client -connect www.server.org:4848
The result was:
SSL handshake has read 15360 bytes and written 339 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : ECDHE-RSA-AES256-GCM-SHA384
    Session-ID: 5891E20F7C4FA7CBFA6ABF7E0EC6EC2D40C2CB4A148EFCEAE7F3179F5F80763F
    Session-ID-ctx: 
    Master-Key: B8C7BA7AC15244DC581749AC9702609F8EB1BCE03F5B0CD53ECEE382D93877EBF6D5E3FE9F603D6D8253521A29EEB494
    Key-Arg   : None
    Krb5 Principal: None
    PSK identity: None
    PSK identity hint: None
    Start Time: 1485956532
    Timeout   : 300 (sec)
    Verify return code: 10 (certificate has expired)
---
Notice especially that last bit.

Once the glassfish was rebooted, the same command yields:
SSL handshake has read 15370 bytes and written 339 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : ECDHE-RSA-AES256-GCM-SHA384
    Session-ID: 5891E99B097CCC082475F5949A55ABD71C7AED902725AA6E98E77EAA3FC7BF01
    Session-ID-ctx: 
    Master-Key: 9465D76CDC8D4CA19E46B2367ECD35382BA8049707BBF1D4D06E0389E85F724BA646F3C2C9FD45CF256C12ED9A0714F0
    Key-Arg   : None
    Krb5 Principal: None
    PSK identity: None
    PSK identity hint: None
    Start Time: 1485958464
    Timeout   : 300 (sec)
    Verify return code: 0 (ok)
---
Again, I would like to draw your attention to the last line.

And that's it for now!

References

[1] SSL Certificates in Glassfish
http://randomthoughtsonjavaprogramming.blogspot.nl/2015/10/ssl-certificates-in-glassfish.html
[2] GlassFish Server Open Source Edition Security Guide Release 4.0
https://glassfish.java.net/docs/4.0/security-guide.pdf
[3] GlassFish Server Open Source Edition Administration Guide Release 4.0
https://glassfish.java.net/docs/4.0/administration-guide.pdf
[4] GoDaddy: Hosting, domainregistration, websites and more...
http://www.godaddy.com
SSLShopper - most common java keytool keystore commands
https://www.sslshopper.com/article-most-common-java-keytool-keystore-commands.html
SSLShopper - SSL Certificate Verification
https://www.sslshopper.com/ssl-checker.html