Testing a local web application with multiple operatings systems using VirtualBox

I develop on Mac OS X and frequently need to test my local build using Internet Explorer on a flavor of MS Windows. VirtualBox has supported an easy method of doing so since version 2.2 

Add a new Network Adapter to each of your VirtualBox Guests (I run Windows XP and Windows 7 as Guests) and choose "Host-only Adapter" for the "Attached to:" option. This will result in the creation of a new loopback interface on your Host and a private network interface on each Guest.

On Windows use the command line "ipconfig" to determine the new interface settings. On Mac run "ifconfig" to do the same.  

With my setup the host (my mac) was assigned the vboxnet0 interface with private IP address so I punched a hole in my host's firewall to allow each Guest to access ports 80,443,8080,8443 on that subnet. Now I can simply open a browser on any guest and access the webserver running my local build on my host like -


Share Comments

MacPorts: MySQL upgrade from 5.0.x to 5.1.x error Column count of mysql.proc is wrong

sudo  /opt/local/lib/mysql5/bin/mysql_upgrade -uroot -p –basedir=/opt/local/lib/mysql5/bin/mysql

Command above resolved my "Column count of mysql.proc is wrong" error after a macports upgrade to 5.1.x

Share Comments

Publish OpenLaszlo swf using swfobject2 for better progress indicator with IE

Default "Loading..." progress indicator for OpenLaszlo swfs leaves much to be desired in IE and the embed scripts that come bundled with OpenLaszlo are kludgy when compared with a SWFObject2 solution. Here's how I publish OpenLaszlo apps using SWFObject2. This technique includes a x-platform compatible javascript driven percentage loaded indicator.

Note that this solution does not currently support calls to lz.BrowserService.callJS()

<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/swfobject/2.2/swfobject.js"></script><script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js"></script><script type="text/javascript">function callbackFn() {    try{        swfobject.addDomLoadEvent(pageloaded);    }catch(error){        setTimeout("swfloaded()",1500);    }            }function pageloaded() {        try{                var percentLoaded = swfobject.getObjectById("ObjId").PercentLoaded();                $('#lzsplashtext').html("Percent Loaded: "+percentLoaded+"% ...");                if(percentLoaded < 100){                        setTimeout("pageloaded()",150);                }else{                        swfloaded();                }                                       }catch(error){                setTimeout("swfloaded()",1500);        }    }function swfloaded() {    $('#lzsplash').hide();      }    swfobject.registerObject("ObjId", "10.3.0", "/expressInstall.swf",callbackFn);</script>...<div id="lzsplash" style="z-index: 10000000; top: 0; left: 0; width: 100%; height: 100%; position: fixed; display: table"><p style="display: table-cell; vertical-align: middle; align: center;"><div id="lzsplashtext" style="display: block; margin: 20% auto; font-size:24px; font-family:Helvetica,sans-serif;" align="center">Loading, please wait...</div></p></div>    <div style="height:100%;">              <!--<![endif]-->      </object>    </div>

Share Comments

MindTouch SSO using HttpClient 4.1 with Java

Most of the MindTouch sample code available in the wild is in PHP or C# so integrating with a Java stack can be painful. Here's a snip of the code we used to support SSO with our Java-based SaaS platform. The HttpClient framework is version 4.1 of Apache's HttpClient

Update: Modified to skip Cookie parsing based upon bjorg's comment

private boolean parseAndSetMindtouchCookie(final HttpServletResponse response,final DefaultHttpClient client,final User user) {        StringBuffer buf = new StringBuffer("http://");        buf.append(this.MINDTOUCH_HOST).append(this.MINDTOUCH_BASEURI).append("users/authenticate?authprovider=1&apikey=").append(MINDTOUCH_APIKEY);        HttpGet get = new HttpGet(buf.toString());        try {            ResponseHandler<String> responseHandler = new BasicResponseHandler();            String responseBody = client.execute(get, responseHandler);            javax.servlet.http.Cookie cookie = new javax.servlet.http.Cookie("authtoken", responseBody);            cookie.setDomain(".example.com");            cookie.setSecure(false);            cookie.setPath("/");            cookie.setMaxAge(3600); // 1 hour            response.addCookie(cookie);                                    log.debug("Successfully set mindtouch auth cookie");            response.sendRedirect("http://"+MINDTOUCH_HOST);            return true;                                                }catch(HttpResponseException hre){            if(hre.getStatusCode() == HttpStatus.SC_UNAUTHORIZED ){                log.debug("User has no Mindtouch account.");            }else{                log.error("Unable to auth user.",hre);            }                    } catch (Exception e) {            log.error("Unable to authenticate user",e);        }                return false;    }

Share Comments

Running Tomcat on Ubuntu 10.04.2 Server

1. Install Oracle's JDK using the following commands:

sudo apt-get install python-software-propertiessudo add-apt-repository ppa:sun-java-community-team/sun-java6sudo apt-get updatesudo apt-get install sun-java6-jdk

2. Install APR:

wget http://www.ecoficial.com/apachemirror//apr/apr-1.4.2.tar.gztar -xzf apr-1.4.2.tar.gzrm apr-1.4.2.tar.gzcd apr-1.4.2/sudo apt-get install makesudo ./configuresudo makesudo make install

3. apt-get install libssl-dev

4. Configure and Install the jni/native package that comes with your Tomcat tarball


Share Comments

Stopping a TCP Split Handshake Spoof Attack with SonicWALL

I prefer "howto" articles to videos but this was the first source I found demonstrating how to harden my SonicWall against the TCP/IP Handshake hole making the rounds this week. Skip to 35 seconds in for the useful stuff...

Share Comments

Resolving Firefox 4 issues on Mac OS X Snow Leopard

I encountered all types of strange behavior using Firefox 4 after my recent upgrade. The nastiest bug prevented me from accessing any windows other than the primary Firefox window. So all popups, while listed on the Windows menu, were completely inaccessible. I tried all the typical workarounds like disabling Addons and running in Safemode. But nothing permanently fixed the issue.

Finally - I simply created a new Firefox profile and transferred the bookmarks, passwords, etc... that I wanted to carryover. This resolved my issues completely. So before you throw away FF4 in frustration - try creating a clean profile. Probably not a bad idea anyway - I noticed FF3.0 cruft in my profile that I shed as part of this process.

Share Comments

Enhanced mysqldump to support data cleansing compliance requirements by nullifying specific fields

At Pascal Metrics, my team collects large sets of data including ePHI. That subjects us to HIPAA and federal law dictates how we handle said data. Before I can even consider moving a database export out of our hardened production environment, I need to cleanse the export of any personally identifying information - including but not limited to any ePHI.

There are number of ways to achieve that aim, but once our database crossed the threshold into "large" territory - cleansing the data became a real chore. I decided to roll my own mysqldump binary and add a parameter called "nullify-field" which is based upon the "ignore-table" parameter from the official release.

I've posted my modified source to my GitHub account for any who may be interested.

You'll have to compile your own copy - but that's relatively easy:

  1. Grab the latest mysql 5.0.X source 
  2. Copy my 2 modified source files over the ones that come with your source tarball
  3. Run "./configure --without-server" to build just the mysql clients
  4. Run "make" to generate your custom mysqldump under ./client/

Example Usage:

./client/mysqldump -u backupuser -p --nullify-field=my_db.my_sensitive_table.name --nullify-field=my_db.my_sensitive_table.email my_db

I love open source software.

Share Comments

Minimizing expense when testing webapps on Internet Explorer

Currently - my favorite methods of testing web applications for Internet Explorer compatibility at minimal expenditure of time, money, and pain are:
  • Virtualbox installations
    • PROS: Great performance and virtually zero hassle after initial setup
    • CONS: These are not easily shared, so every developer needs his own virtual machine which needs to be individually licensed
  • GoGrid on-demand servers
    • PROS: Instances can be shared by multiple developers so you only need to configure each virtual machine environment once. MS Windows Licensing is built into the on-demand pricing.
    • CONS: Performance is adequate, but screen refreshes are slow enough to be distracting. It takes about 15 minutes to spin an instance up.
With either method of obtaining a virtual machine, you'll have to decide how to handle testing for all the permutations you need to support. The "brute force" method is to create a virtual machine for each permutation of OS, Browser, Flash Player, etc...  There are some other options though:
    • Microsoft Expression Web SuperPreview for Windows Internet Explorer 
      • can be used to test basic IE6 support on a machine with a more recent version installed - but not a terribly accurate emulator
    • Internet Explorer 8 with Developer Tools installed
      • using "Compatibility" mode to emulate IE7 works well enough to debug javascript
Share Comments

Solution for Firefox 4 installation failure on Mac OS X due to 'libsmime3.dylib is in use' error

If you're attempting to upgrade to Firefox 4 on Mac and encounter this beauty

then you'll need to perform the following terminal commands as an easy workaround.

cd /Library/LaunchDaemons/    sudo launchctl stop com.cisco.anyconnect.vpnagentd    sudo launchctl unload com.cisco.anyconnect.vpnagentd.plist    killall vpnagentd

Now attempt to install FireFox 4 again before issuing the following to reconfigure VPNAgent:

launchctl load com.cisco.anyconnect.vpnagentd.plist

I've seen some other posts online suggesting that the killall command is sufficient, but that didn't work for me because vpnagentd was setup to automatically restart. The process I outlined here prevents that.

Share Comments