Due to an Eclipse Bug, JavaScript errors of external JavaScript libraries are marked as erroronous showing the red failure marker even if JavaScript errors are excluded from the contents Markers view, see https://bugs.eclipse.org/bugs/show_bug.cgi?id=349020
Workaround as spooted in the bug history:
I have found that I can leave the JavaScript Validator enable and ignore
specific files by adding a suitable exclusion pattern e.g. */jquery.js to
the JavaScript/Include Path/Source/Excluded group (Project->Properties->JavaScript->Include Path->Source).
Java Keytool is a key and certificate tool for managing cryptographic keys, X.509 certificate chains,
and trusted certificates.
Keytool Functions
Administration of public/private key pairs and associated certificates.
Administration of secret keys used in symmetric encryption/decryption (e.g. DES)
Storing keys and certificates in a keystore
In this post, I focus on the last aspect.
SSL Basics
File types
We distinguish between certificates and keystores:
Certificate: A digitally signed statement from one entity (person, company, etc.),
saying that the public key (and some other information) of some other entity has a
particular value. When data is digitally signed, the signature can be verified to check
the data integrity and authenticity. Integrity means that the data has not been modified or
tampered with, and authenticity means the data indeed comes from whoever claims to have
created and signed it.
Keystore: Archive file (database) for storing many cryptography objects such as
certificates as a single file.
Certificate encodings and extensions
.DER: Binary DER encoded certificates. Not routinely used by anything in common usage.
.PEM: ASCII (Base64) encoded DER certificates used for different types of
X.509v3 files which contain data surrounded with -----BEGIN CERTIFICATE-----
and -----END CERTIFICATE-----. PEM stands for Privacy-enhanced Electronic Mail.
.CRT: Used for certificates in DER or PEM format. Most common in *nix systems.
.CER: Alternate extension of .CRT. Microsoft convention.
Keystore formats and extensions
.JKS: Keystore in Java format, e.g. $JAVA_HOME/jre/lib/security/cacerts
.P12, .PKCS12, .PFX: PKCS12 certificate keystore file format. It is commonly used to
bundle a private key with its X.509 certificate or to bundle all the members of a chain of trust.
Keytool Commands for Storing Keys and Certificates in a Keystore
If the destination keystore does not already exists it will be built. So the importing process
becomes a format change process. If you do not enter the source or destination store passwords,
you will be prompted for it. You may skip the type information if you are lazy and trust the
keytool that it will recognize the correct type for you.
Find below a guide to setup up Basic Authentication for a Restful service running in a JBoss FUSE ESB 6.0 / Apache ServiceMix OSGI runtime. The service itself is not special. The notable configuration is found in blueprint.xml and in pom.xml.
Important note: this setup only works for JBoss FUSE ESB 6.0 or newer but not for FUSE ESB 7.1.0 or older!
The Restful service implementation CustomerService.java:
<blueprintxmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0"xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"xmlns:jaxrs="http://cxf.apache.org/blueprint/jaxrs"xmlns:jaas="http://karaf.apache.org/xmlns/jaas/v1.0.0"xmlns:ext="http://aries.apache.org/blueprint/xmlns/blueprint-ext/v1.0.0"xsi:schemaLocation="http://www.osgi.org/xmlns/blueprint/v1.0.0http://www.osgi.org/xmlns/blueprint/v1.0.0/blueprint.xsdhttp://cxf.apache.org/blueprint/jaxrshttp://cxf.apache.org/schemas/blueprint/jaxrs.xsdhttp://karaf.apache.org/xmlns/jaas/v1.0.0http://karaf.apache.org/xmlns/jaas/v1.0.0http://aries.apache.org/blueprint/xmlns/blueprint-ext/v1.0.0http://aries.apache.org/schemas/blueprint-ext/blueprint-ext.xsd"><!-- Bean to allow the $[karaf.base] property to be correctly resolved --><ext:property-placeholderplaceholder-prefix="$["placeholder-suffix="]"/><jaxrs:serverid="customerService"address="/crm"><jaxrs:serviceBeans><refcomponent-id="customerSvc"/></jaxrs:serviceBeans><jaxrs:providers><refcomponent-id="authenticationFilter"/></jaxrs:providers></jaxrs:server><beanid="customerSvc"class="ch.keller.restws.server.CustomerService"/><beanid="authenticationFilter"class="org.apache.cxf.jaxrs.security.JAASAuthenticationFilter"><propertyname="contextName"value="karaf"/></bean><jaas:configname="karaf"><jaas:moduleflags="required"className="org.apache.karaf.jaas.modules.properties.PropertiesLoginModule">
users = $[karaf.base]/etc/users.properties
</jaas:module></jaas:config><br/><!-- Don't forget to expose the BackingEngine as an OSGi service. --><serviceinterface="org.apache.karaf.jaas.modules.BackingEngineFactory"><beanclass="org.apache.karaf.jaas.modules.properties.PropertiesBackingEngineFactory"/></service></blueprint>
The format of the properties in users.properties is as follows, with each line defining a user, its password and associated roles:
Trying to determine the code coverage of my JUnit 4 tests with EclEmma an java.lang.NoClassDefFoundError was thrown. As we all love Java stack traces, here a short excerpt:
java.lang.NoClassDefFoundError: oracle/security/pki/OracleWallet
at java.lang.Class.forName0(Native Method)
at java.lang.Class.forName(Class.java:169)
at org.hibernate.connection.DriverManagerConnectionProvider.configure(DriverManagerConnectionProvider.java:57)
at org.hibernate.connection.ConnectionProviderFactory.newConnectionProvider(ConnectionProviderFactory.java:124)
at
...
What does my JUnit Test wants from the OracleWallet? The application uses JDBC for the access of the
Oracle DB, but OracleWallet is never directly used in my application. Without Eclemma the tests
are running successfully. Not nice.
If you don't want (or are not allowed...) to update, then the workaround is to exclude oracle.*
from the coverage agent in the Code Coverage preferences,
see http://www.eclemma.org/userdoc/preferences.html.
