Cautionary tale regarding cloud security

My work with FolderGrid has included quite a few very interesting technical problems that have resulted in material for this blog. I just posted an interesting read for anyone using cloud services to store or transport sensitive data. 

Share Comments

Compiling Maven project with JNLP API 1.6+ on Mac OS X

To compile a project using JNLP API with Maven you'll need javaws.jar in the compile-time classpath. You'll find the jar under the lib folder of your JDK installation. Mine was here:

/System/Library/Java/JavaVirtualMachines/1.6.0.jdk/Contents/Home/lib/javaws.jar

 

Share Comments

Resolving Spring Security ACL deadlock in MySQL

The default JDBCTemplate based implementation of Spring Security ACLs removes and recreates the entire ACL for each update. That requires both deletes and inserts into the same table within the same JPA transaction and is a recipe for deadlock when using the default MySQL transaction isolation level of REPEATABLE_READ. 

Setting your transaction isolation level to READ_COMMITTED is a viable alternative to MySQL's default but be certain you are not using the default bin-log format of Statement as this is not compatible with READ_COMMITTED isolation. You'll need to use Mixed or Row level bin-log format instead. 

Share Comments

Great explanation of the 'The Infamous Loop Problem' in javascript

Thanks Robert Nyman for your apparently timeless explanation of the Infamous Loop Problem that caught me when declaring my callbacks to an asynchronous request tonight.

Share Comments

By popular demand ... my git-aware bash prompt

Pirated from a long forgotten place...apologies to the respective copyright holders. Just paste this in your .bashrc for git-aware goodness:
Loading ....
Share Comments

Configure my Amazon EC2 instances to only accept traffic from the Elastic Load Balancer

The AWS Elastic Load Balancing FAQ has this very relevant question:

Can I configure my Amazon EC2 instances to only accept traffic from the Elastic Load Balancer?

followed by an ever so helpful response:

Yes.

Seriously - no links, no reference to documentation, nothing. With such a tremendous investment in infrastructure you'd think Amazon might spend a day or two on documentation...alas.

Insult to injury it's also not at all obvious what you need to do to configure your Security Group to support this very commonly desired configuration. I'm here to help.

Use the not-so-documented 'amazon-elb/amazon-elb-sg' Security Group name as the Inbound Source for your Security Group rule to filter on traffic coming from your AWS ELB. Enjoy!

Share Comments

Resolving git-gc error on Mac

During today's maintenance run of git-gc on our Mac hosted repo I encountered screenfulls of nasty fatal error messages - but the last two were a clue to the root cause:

fatal: Unable to create temporary file: Too many open files
error: failed to run repack

This related post helped me find a quick cure which involved simply bumping the ulimit up temporarily.

# ulimit -n 10024
> git gc

Easy fix for a potentially bad day.

Share Comments

Play framework on AWS

Steps I took to get a Play framework app up and running on a micro AWS instance running Ubuntu 11.10

  1. sudo add-apt-repository "deb http://archive.canonical.com/ lucid partner"
  2. sudo apt-get update
  3. sudo apt-get install sun-java6-jdk unzip
  4. wget http://download.playframework.org/releases/play-1.2.4.zip
  5. sudo unzip play-1.2.4.zip -d /usr/local/share/
  6. install Dominik Dorn's startup script
    1. wget https://raw.github.com/gist/1290012/a31b1d079705ea7ccf6d1fdc866027b674e62841/...
    2. sudo mv playframework /etc/init/
    3. update the script with proper paths 
  7. useradd username -g www-data -m -d /home/username -s /bin/bash
  8. install your app
  9. initctl start playframework
Share Comments

Install APC on CentOS 5.6

The following resolved a few gotchas I encountered installing APC on an old instance of CentOS 5.6

  1. mount -o remount,exec /tmp
  2. yum install pcre-devel
  3. pecl install apc
  4. mount -o remount,noexec /tmp

Share Comments

Loading Fixtures for FunctionalTest in Play Framework

There are three possible gotchas with FunctionalTest on Play Framework 1.2.4:

  1. Ensure your db is configured for READ_UNCOMMITED transactions. See the release notes for more...
  2. Make certain that you import junit's @Before and **NOT** play.mvc.Before
  3. Load your Fixtures in a Job. See the example below.

 

Loading ....
Share Comments