tag:blogger.com,1999:blog-33793086172211539822010-08-20T12:49:31.278-07:00Red Militante's BlogCode samples and other things I want to remember.Redhttp://www.blogger.com/profile/14259406941405804079red@redmilitante.comBlogger15125tag:blogger.com,1999:blog-3379308617221153982.post-6182675019946706582010-06-04T15:37:00.001-07:002010-06-04T15:43:39.043-07:00Shibboleth script attribute definitionShibboleth script attribute definition - this example adds the member value to a scripted version of eduPersonAffiliation attribute for a principal with affiliation staff or student while keeping any affiliation values retrieved from the directory. The IdP will remove any duplicates.<br /><br /><pre name="code" class="java"><resolver:AttributeDefinition xsi:type="Script" xmlns="urn:macehibboleth:2.0:resolver:ad"<br />id="scripteduPersonAffiliation"<br />sourceAttributeID="eduPersonAffiliation"><br /><br /><!-- Dependency that provides the source attribute. --><br /><resolverependency ref="directory" /><br /><resolverependency ref="eduPersonAffiliation" /><br /><br /><!-- The script, wrapped in a CDATA section so that special XML characters don't need to be removed --><br /><Script><![CDATA[<br />importPackage(Pactkages.edu.internet2.middleware.shibboleth.common.attribute.provider);<br /><br />// Create attribute to be returned from definition<br />scripteduPersonAffiliation = new BasicAttribute("scripteduPersonAffiliation");<br /><br />if (eduPersonAffiliation.getValues().contains("staff")) {<br />scripteduPersonAffiliation.getValues().add("staff");<br />scripteduPersonAffiliation.getValues().add("member");<br />}<br />if (eduPersonAffiliation.getValues().contains("student")) {<br />scripteduPersonAffiliation.getValues().add("student");<br />scripteduPersonAffiliation.getValues().add("member");<br />}<br />if (eduPersonAffiliation.getValues().contains("faculty")) {<br />scripteduPersonAffiliation.getValues().add("faculty");<br />scripteduPersonAffiliation.getValues().add("member");<br />}<br />]]></Script><br /><br /></resolver:AttributeDefinition><br /></pre><div class="blogger-post-footer"><img width='1' height='1' src='https://blogger.googleusercontent.com/tracker/3379308617221153982-618267501994670658?l=blog.redmilitante.com' alt='' /></div>Redhttp://www.blogger.com/profile/14259406941405804079red@redmilitante.com0tag:blogger.com,1999:blog-3379308617221153982.post-59115034295688441832010-04-14T11:32:00.001-07:002010-06-04T22:56:17.097-07:00Get entityId of referring SP via LoginContext in Shibboleth IdP login.jsp<pre name="code" class="xml"><%@ page import="edu.internet2.middleware.shibboleth.idp.authn.LoginContext" %><br /><%@ page import="edu.internet2.middleware.shibboleth.idp.session.*" %><br /><%@ page import="edu.internet2.middleware.shibboleth.idp.util.HttpServletHelper" %><br /><%@ page import="org.opensaml.saml2.metadata.*" %><br /><br /><%<br /> LoginContext loginContext = HttpServletHelper.getLoginContext(HttpServletHelper.getStorageService(application), application, request);<br /> EntityDescriptor entityDescriptor = HttpServletHelper.getRelyingPartyMetadata(loginContext.getRelyingPartyId(), HttpServletHelper.getRelyingPartyConfirmationManager(application));<br /> String entityID = entityDescriptor.getEntityID();<br /> Session userSession = HttpServletHelper.getUserSession(request);<br />%><br /> <% if(("https://x.com".equals(entityID)) || ("https://x2.com".equals(entityID))){ %></pre><div class="blogger-post-footer"><img width='1' height='1' src='https://blogger.googleusercontent.com/tracker/3379308617221153982-5911503429568844183?l=blog.redmilitante.com' alt='' /></div>Redhttp://www.blogger.com/profile/14259406941405804079red@redmilitante.com0tag:blogger.com,1999:blog-3379308617221153982.post-26340961044293290792010-03-05T13:30:00.000-08:002010-03-05T13:34:41.046-08:00Fast way to get IMAP folder size informationCode that connects to an IMAP store over SSL, and obtains folder/subfolder information such as folder size by adding up the RFC822.size of all the messages in the folder. This is normally a very slow operation, but some pre-fetch code has been added to speed up this operation. Also a Map comparator implementation to sort folders in order of size.<br /><br /><pre name="code" class="java"> <br /><br /><br /> public static String getMailboxInfo(String mail, String mailHost)<br /> throws javax.mail.NoSuchProviderException, MessagingException, IOException, GeneralSecurityException, Exception {<br /> String html = "<table cellpadding=\"5\" cellspacing=\"0\"><tr><th style=\"border-bottom: 1px solid #D5D5CC;\">Mailbox/Folder</th><th style=\"border-bottom: 1px solid #D5D5CC;\">Message Count</th><th style=\"border-bottom: 1px solid #D5D5CC;\">Size/Usage</th></tr>";<br /> String pattern = "%";<br /> Config conf = nsit.Config.getInstance();<br /> String mpUser = conf.getOption("mp_user");<br /> String mpPassword = conf.getOption("mp_password");<br /> // setup mail server<br /> MailSSLSocketFactory sf = new MailSSLSocketFactory();<br /> sf.setTrustAllHosts(true);<br /><br /> // set system properties<br /> Properties mailProps = System.getProperties();<br /> mailProps.put("mail.imaps.ssl.socketFactory", sf);<br /> mailProps.put("mail.store.protocol", "imaps");<br /> mailProps.put("mail.imaps.host", mailHost);<br /> mailProps.put("mail.imaps.port", "993");<br /> // get session<br /> //Session session = Session.getDefaultInstance(mailProps);<br /> mailProps.setProperty("mail.imaps.sasl.authorizationid", mail);<br /> Session session = Session.getInstance(mailProps, new SASLMasqueradeAuthenticator(mpUser, mpPassword));<br /> session.setDebug(false);<br /><br /> // Get a Store object<br /> Store store = null;<br /> Folder rf = null;<br /><br /> store = session.getStore();<br /> store.connect();<br /><br /> rf = store.getDefaultFolder();<br /> //dumpFolder(rf, false, "");<br /><br /> map.clear();<br /><br /> if ((rf.getType() & Folder.HOLDS_FOLDERS) != 0) {<br /> Folder[] f = rf.list(pattern);<br /> for (int i = 0; i < f.length; i++) {<br /> dumpFolder(f[i], true, " ");<br /> }<br /> store.close();<br /> }<br /><br /> ValueComparator bvc = new ValueComparator(map);<br /> TreeMap<String, FolderInfo> sorted_map = new TreeMap(bvc);<br /> sorted_map.putAll(map);<br /><br /> Set set = sorted_map.entrySet();<br /> Iterator i = set.iterator();<br /> while (i.hasNext()) {<br /> Map.Entry me = (Map.Entry) i.next();<br /> FolderInfo fi = (FolderInfo) me.getValue();<br /> int fn = fi.folderNmsgs;<br /> Long fs = fi.folderSize;<br /> System.out.println(me.getKey() + " : " + fn + " : " + fs);<br /> html += "<tr><td style=\"border-bottom: 1px solid #D5D5CC;\">" + me.getKey() + "</td><td align=\"right\" style=\"border-bottom: 1px solid #D5D5CC;\">" + fn + "</td><td align=\"right\" style=\"border-bottom: 1px solid #D5D5CC;\">" + fs + " MB</td></tr>";<br /><br /> }<br /> html += "</table>";<br /> return html;<br /> }<br /><br /> private static class SASLMasqueradeAuthenticator extends Authenticator {<br /><br /> String authcid, authcpass;<br /><br /> public SASLMasqueradeAuthenticator(String adminusername, String adminpassword) {<br /> authcid = adminusername;<br /> authcpass = adminpassword;<br /> }<br /><br /> protected PasswordAuthentication getPasswordAuthentication() {<br /> return new PasswordAuthentication(authcid, authcpass);<br /> }<br /> }<br /><br /> static void dumpFolder(Folder folder, boolean recurse, String tab)<br /> throws Exception, MessagingException {<br /><br /> if (folder.getType() == 2) {<br /> if ((folder.getType() & Folder.HOLDS_FOLDERS) != 0) {<br /> if (recurse) {<br /> Folder[] f = folder.list();<br /> for (int i = 0; i < f.length; i++) {<br /> dumpFolder(f[i], recurse, tab + " ");<br /> }<br /> }<br /> }<br /> return;<br /> }<br /> folder.open(Folder.READ_ONLY);<br /> Message messages[] = folder.getMessages();<br /><br /> // Tell JavaMail to do some pre-fetching of the usual cruft.<br /> FetchProfile fp = new FetchProfile();<br /> fp.add(FetchProfile.Item.ENVELOPE);<br /> folder.fetch(messages, fp);<br /><br /> System.out.println(tab + "Name: " + folder.getName());<br /> System.out.println(tab + "Full Name: " + folder.getFullName());<br /> System.out.println(tab + "URL: " + folder.getURLName());<br /> boolean verbose = true;<br /><br /> if (verbose) {<br /> if (!folder.isSubscribed()) {<br /> System.out.println(tab + "Not Subscribed");<br /> }<br /><br /> if ((folder.getType() & Folder.HOLDS_MESSAGES) != 0) {<br /> if (folder.hasNewMessages()) {<br /> System.out.println(tab + "Has New Messages");<br /> }<br /> System.out.println(tab + "Total Messages: " +<br /> folder.getMessageCount());<br /> System.out.println(tab + "New Messages: " +<br /> folder.getNewMessageCount());<br /> System.out.println(tab + "Unread Messages: " +<br /> folder.getUnreadMessageCount());<br /> }<br /> if ((folder.getType() & Folder.HOLDS_FOLDERS) != 0) {<br /> System.out.println(tab + "Is Directory");<br /> }<br /><br /><br /> long folderSize = 0;<br /> for (Message message : messages) {<br /> folderSize += message.getSize();<br /> }<br /><br /> long folderSizeMB = (folderSize / (1024L * 1024L));<br /> System.out.printf("Folder Size in MB: %d\n", folderSizeMB);<br /> FolderInfo fi = new FolderInfo(folder.getMessageCount(), folderSizeMB);<br /> map.put(folder.getFullName(), fi);<br /><br /> /*<br /> * Demonstrate use of IMAP folder attributes<br /> * returned by the IMAP LIST response.<br /> */<br /> if (folder instanceof IMAPFolder) {<br /> IMAPFolder f = (IMAPFolder) folder;<br /> String[] attrs = f.getAttributes();<br /> if (attrs != null && attrs.length > 0) {<br /> System.out.println(tab + "IMAP Attributes:");<br /> for (int i = 0; i < attrs.length; i++) {<br /> System.out.println(tab + " " + attrs[i]);<br /> }<br /> }<br /> }<br /> }<br /><br /> System.out.println();<br /><br /> if ((folder.getType() & Folder.HOLDS_FOLDERS) != 0) {<br /> if (recurse) {<br /> Folder[] f = folder.list();<br /> for (int i = 0; i < f.length; i++) {<br /> dumpFolder(f[i], recurse, tab + " ");<br /> }<br /> }<br /> }<br /> }<br /><br /> public static void main(String[] args) {<br /> }<br />}<br /><br />class ValueComparator implements Comparator {<br /><br /> Map base;<br /><br /> public ValueComparator(Map base) {<br /> this.base = base;<br /> }<br /><br /> public int compare(Object a, Object b) {<br /><br /> FolderInfo fa = (FolderInfo) base.get(a);<br /> FolderInfo fb = (FolderInfo) base.get(b);<br /> Long fsa = fa.folderSize;<br /> Long fsb = fb.folderSize;<br /><br /> if ((Long) fsa < (Long) fsb) {<br /> return 1;<br /> } else if ((Long) fsa == (Long) fsb) {<br /> return 1;<br /> } else {<br /> return -1;<br /> }<br /> }<br />}<br /><br />class FolderInfo {<br /><br /> int folderNmsgs;<br /> Long folderSize;<br /><br /> public FolderInfo(int i, Long l) {<br /> this.folderNmsgs = i;<br /> this.folderSize = l;<br /> }<br />}<br /><br /><br /></pre><div class="blogger-post-footer"><img width='1' height='1' src='https://blogger.googleusercontent.com/tracker/3379308617221153982-2634096104429329079?l=blog.redmilitante.com' alt='' /></div>Redhttp://www.blogger.com/profile/14259406941405804079red@redmilitante.com0tag:blogger.com,1999:blog-3379308617221153982.post-27711947747836674962010-02-22T09:46:00.001-08:002010-03-03T13:36:22.733-08:00Using QuotaAwareStoreUsing the QuotaAwareStore interface to obtain quota information for an IMAP folder<br /><pre name="code" class="java"> <br /> Store store = null;<br /> Folder rf = null;<br /> store = session.getStore();<br /> store.connect();<br /> <br /> rf = store.getDefaultFolder();<br /> <br /> if ((rf.getType() & Folder.HOLDS_FOLDERS) != 0) {<br /> Folder[] f = rf.list(pattern);<br /> for (int i = 0; i < f.length; i++) {<br /> log.info(f[i].getName());<br /> <br /> IMAPSSLStore store3 = (IMAPSSLStore) f[i].getStore();<br /> QuotaAwareStore qas = (QuotaAwareStore) store3;<br /> Quota[] test = qas.getQuota(f[i].getName());<br /> log.info("test.length " + test.length);<br /> log.info("test[0] " + test[0]);<br /> log.info("quota root " + test[0].quotaRoot);<br /> Quota.Resource[] resources = test[0].resources;<br /> log.info("resources.length " + resources.length);<br /> log.info("resources[0].name " + resources[0].name);<br /> log.info("resources[0].limit " + resources[0].limit);<br /> log.info("resources[0].usage " + resources[0].usage);<br /> }<br /> store.close();<br /></pre><div class="blogger-post-footer"><img width='1' height='1' src='https://blogger.googleusercontent.com/tracker/3379308617221153982-2771194774783667496?l=blog.redmilitante.com' alt='' /></div>Redhttp://www.blogger.com/profile/14259406941405804079red@redmilitante.com0tag:blogger.com,1999:blog-3379308617221153982.post-15226853335664467222010-02-22T09:42:00.000-08:002010-03-03T13:36:49.155-08:00Get size of IMAP folder using JavaMailObtaining size of IMAP folder by totalling RFC822 message sizes of msgs in a folder.<br /><br /><pre name="code" class="java"> if (verbose) {<br /> if (!folder.isSubscribed()) {<br /> System.out.println(tab + "Not Subscribed");<br /> }<br /><br /> if ((folder.getType() & Folder.HOLDS_MESSAGES) != 0) {<br /> if (folder.hasNewMessages()) {<br /> System.out.println(tab + "Has New Messages");<br /> }<br /> System.out.println(tab + "Total Messages: " +<br /> folder.getMessageCount());<br /> System.out.println(tab + "New Messages: " +<br /> folder.getNewMessageCount());<br /> System.out.println(tab + "Unread Messages: " +<br /> folder.getUnreadMessageCount());<br /> }<br /> if ((folder.getType() & Folder.HOLDS_FOLDERS) != 0) {<br /> System.out.println(tab + "Is Directory");<br /> }<br /><br /> if (folder.getName().length() != 0) { //root folder<br /> if (folder.getMessageCount() != 0) {<br /> long msgs_size = 0;<br /> log.info("folder.getMessageCount() " + folder.getMessageCount());<br /> folder.open(Folder.READ_ONLY);<br /> Message[] messages = folder.getMessages();<br /> log.info("messages.length " + messages.length);<br /> log.info("msgs_size " + msgs_size);<br /> //rjm 010810:scp scp slowness due to something in here? set debugging statements<br /> //if (folder.getName().equals("Sent Messages")) {<br /> for (int x = 0; x < messages.length; x++) {<br /> IMAPMessage tmp = (IMAPMessage) messages[x];<br /> if (tmp.getSize() != -1) {<br /> log.info("tmp.getSize() " + tmp.getSize());<br /> msgs_size = msgs_size + tmp.getSize();<br /> log.info("msgs_size " + msgs_size);//size in bytes<br /> log.info(msgs_size / (1024L * 1024L)); //converted to MB<br /> }<br /> }<br /> //}<br /> }<br /> }</pre><div class="blogger-post-footer"><img width='1' height='1' src='https://blogger.googleusercontent.com/tracker/3379308617221153982-1522685333566446722?l=blog.redmilitante.com' alt='' /></div>Redhttp://www.blogger.com/profile/14259406941405804079red@redmilitante.com0tag:blogger.com,1999:blog-3379308617221153982.post-33541824431097268142010-02-01T08:12:00.000-08:002010-02-02T07:24:53.157-08:00Multiple hop tunnel to chain port forwardingI was trying to set up a db connection to from a vm on my laptop to a db server that was configured to only accept connections from machines behind its own subnet. I had trouble setting up a multiple hop tunnel for chaining port forwarding through my firewall machine on the same subnet as the db. My first attempt involved two port forwards, on localhost and on the firewall machine, which didn't work for me. This approach I found at <a href="http://www.derkeiler.com/Newsgroups/comp.security.ssh/2006-03/msg00267.html">http://www.derkeiler.com/Newsgroups/comp.security.ssh/2006-03/msg00267.html</a> involved constructing an end to end connection to the db via the firewall machine<br /><br /><blockquote><br />When you have to go through multiple hops, it's usually better to get an<br />end-to-end connection. In this case:<br /><br />ssh -oproxycommand="ssh -qaxT firewall nc %h %p" -L 5432:localhost:5432 dbserver<br /><br />If you have a copy of the snail book, section 11.4 (p444) has a discussion<br />of these two approaches.<br /><br />The annoyance with the second approach is that it requires having netcat<br />("nc") or something equivalent on the intermediate host. I hope that<br />someday OpenSSH will have this feature built in, i.e. connecting an exec<br />channel to a remote TCP connection.<br /></blockquote><br /><br />Edit: I found some documentation on 'ProxyCommand' <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh_config&sektion=5&arch=&apropos=0&manpath=OpenBSD+Current">here</a> that seems relevant<br /><blockquote><br /> ProxyCommand<br /> Specifies the command to use to connect to the server. The com-<br /> mand string extends to the end of the line, and is executed with<br /> the user's shell. In the command string, `%h' will be substitut-<br /> ed by the host name to connect and `%p' by the port. The command<br /> can be basically anything, and should read from its standard in-<br /> put and write to its standard output. It should eventually con-<br /> nect an sshd(8) server running on some machine, or execute sshd<br /> -i somewhere. Host key management will be done using the Host-<br /> Name of the host being connected (defaulting to the name typed by<br /> the user). Setting the command to ``none'' disables this option<br /> entirely. Note that CheckHostIP is not available for connects<br /> with a proxy command.<br /><br /> This directive is useful in conjunction with nc(1) and its proxy<br /> support. For example, the following directive would connect via<br /> an HTTP proxy at 192.0.2.0:<br /><br /> ProxyCommand /usr/bin/nc -X connect -x 192.0.2.0:8080 %h %p<br /></blockquote><div class="blogger-post-footer"><img width='1' height='1' src='https://blogger.googleusercontent.com/tracker/3379308617221153982-3354182443109726814?l=blog.redmilitante.com' alt='' /></div>Redhttp://www.blogger.com/profile/14259406941405804079red@redmilitante.com0tag:blogger.com,1999:blog-3379308617221153982.post-85001574455805273852010-01-11T19:10:00.000-08:002010-03-03T13:37:11.344-08:00Connect to IMAP using JavaMail over SSLConnect to and get mailbox information from an imaps server using JavaMail. I'm using a custom SASLMasqueradeAuthenticator method, configuring JavaMail's Socket Fetcher class to use "MailSSLSocketFactory".<br /><br /><br /><pre name="code" class="java"> public static void getMailboxInfo(String mail, String mailHost)<br /> throws javax.mail.NoSuchProviderException, MessagingException, IOException, GeneralSecurityException {<br /> Config conf = nsit.Config.getInstance();<br /> String mpUser = "";<br /> String mpPassword = "";<br /> // setup mail server<br /> MailSSLSocketFactory sf = new MailSSLSocketFactory();<br /> sf.setTrustAllHosts(true);<br /><br /> // set system properties<br /> Properties mailProps = System.getProperties();<br /> mailProps.put("mail.imaps.ssl.socketFactory", sf);<br /> mailProps.put("mail.store.protocol", "imaps");<br /> mailProps.put("mail.imaps.host", mailHost);<br /> mailProps.put("mail.imaps.port", "993");<br /><br /> // get session<br /> //Session session = Session.getDefaultInstance(mailProps);<br /> mailProps.setProperty("mail.imaps.sasl.authorizationid", mail);<br /> Session session = Session.getInstance(mailProps, new SASLMasqueradeAuthenticator(mpUser, mpPassword));<br /> session.setDebug(false);<br /> Store srcStore;<br /> srcStore = session.getStore();<br /> srcStore.connect();<br /> Folder src = srcStore.getDefaultFolder();<br /> //log.info("src.getName() " + src.getName());<br /> //log.info("src.getType() " + src.getType());<br /> //log.info("src.HOLDS_FOLDERS " + src.HOLDS_FOLDERS);<br /><br /> if ((src.getType() & Folder.HOLDS_FOLDERS) != 0) {<br /> Folder[] subfolders = src.list();<br /> log.info("subfolders.length " + subfolders.length);<br /> for (int i = 0; i < subfolders.length; i++) {<br /> long msgs_size = 0;<br /><br /> if (subfolders[i].getMessageCount() != 0) {<br /> log.info("subfolders[i].getMessageCount() " + subfolders[i].getMessageCount());<br /> subfolders[i].open(Folder.READ_ONLY);<br /> Message[] messages = subfolders[i].getMessages();<br /><br /> for (int x = 0; x < messages.length; x++) {<br /> //log.info("msg_size " + messages[i].getSize() + " bytes long.");<br /> if (messages[i].getSize() != -1) {<br /> msgs_size += messages[i].getSize();<br /> }<br /> }<br /> log.info("msgs_size " + (msgs_size));<br /> log.info("msgs_size " + (msgs_size / (1024L * 1024L)));<br /><br /> subfolders[i].close(false); <br /> }<br /> } else {<br /> System.out.println("Not default folder");<br /> }<br /> }<br /><br /> private static class SASLMasqueradeAuthenticator extends Authenticator {<br /><br /> String authcid, authcpass;<br /><br /> public SASLMasqueradeAuthenticator(String adminusername, String adminpassword) {<br /> authcid = adminusername;<br /> authcpass = adminpassword;<br /> }<br /><br /> protected PasswordAuthentication getPasswordAuthentication() {<br /> return new PasswordAuthentication(authcid, authcpass);<br /> }<br /> }<br /></pre><div class="blogger-post-footer"><img width='1' height='1' src='https://blogger.googleusercontent.com/tracker/3379308617221153982-8500157445580527385?l=blog.redmilitante.com' alt='' /></div>Redhttp://www.blogger.com/profile/14259406941405804079red@redmilitante.com0tag:blogger.com,1999:blog-3379308617221153982.post-73119926870664795542009-08-26T08:55:00.000-07:002009-08-26T08:56:22.856-07:00Stored functions to BASE64 ENCODE and DECODE in MySQL-- base64.sql - MySQL base64 encoding/decoding functions<br />-- Copyright (C) 2006 Ian Gulliver<br />-- <br />-- This program is free software; you can redistribute it and/or modify<br />-- it under the terms of version 2 of the GNU General Public License as<br />-- published by the Free Software Foundation.<br />-- <br />-- This program is distributed in the hope that it will be useful,<br />-- but WITHOUT ANY WARRANTY; without even the implied warranty of<br />-- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the<br />-- GNU General Public License for more details.<br />-- <br />-- You should have received a copy of the GNU General Public License<br />-- along with this program; if not, write to the Free Software<br />-- Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA<br /><br />delimiter |<br /><br />DROP TABLE IF EXISTS base64_data |<br />CREATE TABLE base64_data (c CHAR(1) BINARY, val TINYINT) |<br />INSERT INTO base64_data VALUES <br /> ('A',0), ('B',1), ('C',2), ('D',3), ('E',4), ('F',5), ('G',6), ('H',7), ('I',8), ('J',9),<br /> ('K',10), ('L',11), ('M',12), ('N',13), ('O',14), ('P',15), ('Q',16), ('R',17), ('S',18), ('T',19),<br /> ('U',20), ('V',21), ('W',22), ('X',23), ('Y',24), ('Z',25), ('a',26), ('b',27), ('c',28), ('d',29),<br /> ('e',30), ('f',31), ('g',32), ('h',33), ('i',34), ('j',35), ('k',36), ('l',37), ('m',38), ('n',39),<br /> ('o',40), ('p',41), ('q',42), ('r',43), ('s',44), ('t',45), ('u',46), ('v',47), ('w',48), ('x',49),<br /> ('y',50), ('z',51), ('0',52), ('1',53), ('2',54), ('3',55), ('4',56), ('5',57), ('6',58), ('7',59),<br /> ('8',60), ('9',61), ('+',62), ('/',63), ('=',0) |<br /><br /><br />DROP FUNCTION IF EXISTS BASE64_DECODE |<br />CREATE FUNCTION BASE64_DECODE (input BLOB)<br /> RETURNS BLOB<br /> CONTAINS SQL<br /> DETERMINISTIC<br /> SQL SECURITY INVOKER<br />BEGIN<br /> DECLARE ret BLOB DEFAULT '';<br /> DECLARE done TINYINT DEFAULT 0;<br /><br /> IF input IS NULL THEN<br /> RETURN NULL;<br /> END IF;<br /><br />each_block:<br /> WHILE NOT done DO BEGIN<br /> DECLARE accum_value BIGINT UNSIGNED DEFAULT 0;<br /> DECLARE in_count TINYINT DEFAULT 0;<br /> DECLARE out_count TINYINT DEFAULT 3;<br /><br />each_input_char:<br /> WHILE in_count < 4 DO BEGIN<br /> DECLARE first_char CHAR(1);<br /> <br /> IF LENGTH(input) = 0 THEN<br /> RETURN ret;<br /> END IF;<br /> <br /> SET first_char = SUBSTRING(input,1,1);<br /> SET input = SUBSTRING(input,2);<br /> <br /> BEGIN<br /> DECLARE tempval TINYINT UNSIGNED;<br /> DECLARE error TINYINT DEFAULT 0;<br /> DECLARE base64_getval CURSOR FOR SELECT val FROM base64_data WHERE c = first_char;<br /> DECLARE CONTINUE HANDLER FOR SQLSTATE '02000' SET error = 1;<br /> <br /> OPEN base64_getval;<br /> FETCH base64_getval INTO tempval;<br /> CLOSE base64_getval;<br /><br /> IF error THEN<br /> ITERATE each_input_char;<br /> END IF;<br /><br /> SET accum_value = (accum_value << 6) + tempval;<br /> END;<br /><br /> SET in_count = in_count + 1;<br /><br /> IF first_char = '=' THEN<br /> SET done = 1;<br /> SET out_count = out_count - 1;<br /> END IF;<br /> END; END WHILE;<br /><br /> -- We've now accumulated 24 bits; deaccumulate into bytes<br /><br /> -- We have to work from the left, so use the third byte position and shift left<br /> WHILE out_count > 0 DO BEGIN<br /> SET ret = CONCAT(ret,CHAR((accum_value & 0xff0000) >> 16));<br /> SET out_count = out_count - 1;<br /> SET accum_value = (accum_value << 8) & 0xffffff;<br /> END; END WHILE;<br /> <br /> END; END WHILE;<br /><br /> RETURN ret;<br />END |<br /><br />DROP FUNCTION IF EXISTS BASE64_ENCODE |<br />CREATE FUNCTION BASE64_ENCODE (input BLOB)<br /> RETURNS BLOB<br /> CONTAINS SQL<br /> DETERMINISTIC<br /> SQL SECURITY INVOKER<br />BEGIN<br /> DECLARE ret BLOB DEFAULT '';<br /> DECLARE done TINYINT DEFAULT 0;<br /><br /> IF input IS NULL THEN<br /> RETURN NULL;<br /> END IF;<br /><br />each_block:<br /> WHILE NOT done DO BEGIN<br /> DECLARE accum_value BIGINT UNSIGNED DEFAULT 0;<br /> DECLARE in_count TINYINT DEFAULT 0;<br /> DECLARE out_count TINYINT;<br /><br />each_input_char:<br /> WHILE in_count < 3 DO BEGIN<br /> DECLARE first_char CHAR(1);<br /> <br /> IF LENGTH(input) = 0 THEN<br /> SET done = 1;<br /> SET accum_value = accum_value << (8 * (3 - in_count));<br /> LEAVE each_input_char;<br /> END IF;<br /> <br /> SET first_char = SUBSTRING(input,1,1);<br /> SET input = SUBSTRING(input,2);<br /> <br /> SET accum_value = (accum_value << 8) + ASCII(first_char);<br /><br /> SET in_count = in_count + 1;<br /> END; END WHILE;<br /><br /> -- We've now accumulated 24 bits; deaccumulate into base64 characters<br /><br /> -- We have to work from the left, so use the third byte position and shift left<br /> CASE<br /> WHEN in_count = 3 THEN SET out_count = 4;<br /> WHEN in_count = 2 THEN SET out_count = 3;<br /> WHEN in_count = 1 THEN SET out_count = 2;<br /> ELSE RETURN ret;<br /> END CASE;<br /><br /> WHILE out_count > 0 DO BEGIN<br /> BEGIN<br /> DECLARE out_char CHAR(1);<br /> DECLARE base64_getval CURSOR FOR SELECT c FROM base64_data WHERE val = (accum_value >> 18);<br /><br /> OPEN base64_getval;<br /> FETCH base64_getval INTO out_char;<br /> CLOSE base64_getval;<br /><br /> SET ret = CONCAT(ret,out_char);<br /> SET out_count = out_count - 1;<br /> SET accum_value = accum_value << 6 & 0xffffff;<br /> END;<br /> END; END WHILE;<br /><br /> CASE<br /> WHEN in_count = 2 THEN SET ret = CONCAT(ret,'=');<br /> WHEN in_count = 1 THEN SET ret = CONCAT(ret,'==');<br /> ELSE BEGIN END;<br /> END CASE;<br /> <br /> END; END WHILE;<br /><br /> RETURN ret;<br />END |<div class="blogger-post-footer"><img width='1' height='1' src='https://blogger.googleusercontent.com/tracker/3379308617221153982-7311992687066479554?l=blog.redmilitante.com' alt='' /></div>Redhttp://www.blogger.com/profile/14259406941405804079red@redmilitante.com0tag:blogger.com,1999:blog-3379308617221153982.post-1485491691449823512009-07-02T08:39:00.000-07:002009-07-02T11:11:19.778-07:00Shibboleth Relational Database DataConnectorExample <a href="https://spaces.internet2.edu/display/SHIB2/ResolverRDBMSDataConnector">Shibboleth Relational Database DataConnector</a> configuration for MySQL with column mapping of AES encrypted attribute.<br /><br /><pre name="code" class="xml"><br /> <resolver:DataConnector xsi:type="dc:RelationalDatabase"<br /> xmlns="urn:mace:shibboleth:2.0:resolver:dc"<br /> id="MyDatabase"><br /> <resolver:Dependency ref="directory" /><br /> <ApplicationManagedConnection jdbcDriver="com.mysql.jdbc.Driver"<br /> jdbcURL="jdbc:mysql://localhost:3306/handle"<br /> jdbcUserName="test"<br /> jdbcPassword="test" /><br /><br /> <QueryTemplate><br /> <![CDATA[<br /> SELECT AES_DECRYPT(password, 'key') FROM handle WHERE username='$requestContext.principalName'<br /> ]]><br /> </QueryTemplate><br /> <Column columnName="AES_DECRYPT(password, 'key')" attributeID="handle" /><br /><br /><br /> </resolver:DataConnector><br /></pre><div class="blogger-post-footer"><img width='1' height='1' src='https://blogger.googleusercontent.com/tracker/3379308617221153982-148549169144982351?l=blog.redmilitante.com' alt='' /></div>Redhttp://www.blogger.com/profile/14259406941405804079red@redmilitante.com0tag:blogger.com,1999:blog-3379308617221153982.post-27355662222411132232009-07-01T10:53:00.000-07:002009-07-02T11:10:51.609-07:00Jsp Insert into MySQL database, AES encryptionJsp code that inserts into a MySQL database, using <a href="http://dev.mysql.com/doc/refman/5.1/en/encryption-functions.html#function_aes-decrypt">AES_ENCRYPTION for 128 bit AES encryption of one of the database columns</a> with ON DUPLICATE KEY UPDATE syntax.<br /><br /><br /><pre name="code" class="Java"><br /><%@page import="java.sql.*"%><br /><%@page import="java.io.*"%><br /><br /><%<br />String username = request.getParameter("username");<br />String password = request.getParameter("password");<br />String connectionURL = "jdbc:mysql://localhost:3306/handle";<br />Connection connection = null;<br />PreparedStatement pstatement = null;<br />Class.forName("com.mysql.jdbc.Driver").newInstance();<br />int updateQuery = 0;<br />if(username!=null && password!=null){<br /> try {<br /> connection = DriverManager.getConnection (connectionURL, "test", "test");<br /> String queryString = "INSERT INTO handle(username, password, last_login) VALUES (?, AES_ENCRYPT(?, 'key'), now()) ON DUPLICATE KEY UPDATE last_login=now()";<br /> /* createStatement() is used for create statement<br /> object that is used for sending sql statements to <br /> the specified database. */<br /> pstatement = connection.prepareStatement(queryString);<br /> pstatement.setString(1, username);<br /> pstatement.setString(2, password);<br /> pstatement.setString(3, password);<br /> updateQuery = pstatement.executeUpdate();<br /> if (updateQuery != 0) { %><br /> <!-- <br> --><br /> <!-- <TABLE WIDTH="30%" border="1"> --><br /> <!-- <tr>Data is inserted successfully in database.</tr> --><br /> <!-- </table> --><br /> <%<br /><br /> }<br /> } <br /> catch (Exception ex) { %><br /> <!-- <br> --><br /> <!-- <TABLE WIDTH="30%" border="1"> --><br /> <!-- <tr>Unable to connect to the database.</tr> --><br /> <!-- </table> --><br /> <%<br /><br /> }<br /><br /> finally {<br /> // close all the connections.<br /> pstatement.close();<br /> connection.close();<br /> }<br />}<br />%><br /><br /></pre><div class="blogger-post-footer"><img width='1' height='1' src='https://blogger.googleusercontent.com/tracker/3379308617221153982-2735566222241113223?l=blog.redmilitante.com' alt='' /></div>Redhttp://www.blogger.com/profile/14259406941405804079red@redmilitante.com0tag:blogger.com,1999:blog-3379308617221153982.post-70835646371923809392009-06-30T13:48:00.000-07:002009-06-30T16:42:16.483-07:00Javascript form autosubmitAutosubmit form with Javascript. Place
<br />
<br /><pre name="code" class="xml">
<br /> onload="document.forms[0].submit()"
<br /></pre>
<br />
<br />in your form's body tag then something like
<br />
<br /><pre name="code" class="xml">
<br /> <noscript>
<br /> <p>
<br /> <strong>Note:</strong> Since your browser does not support JavaScript,
<br /> you must press the Continue button once to proceed.
<br /> </p>
<br /> </noscript>
<br /> <form method="post" action="action_pg">
<br /> <input type="hidden" name="username" value=<%=request.getParameter("username")%> />
<br /> <input type="hidden" name="password" value=<%=request.getParameter("password")%> />
<br /> <noscript>
<br /> <div>
<br /> <input type="submit" value="Continue"/>
<br /> </div>
<br /> </noscript>
<br /> </form>
<br />
<br />
<br /></pre><div class="blogger-post-footer"><img width='1' height='1' src='https://blogger.googleusercontent.com/tracker/3379308617221153982-7083564637192380939?l=blog.redmilitante.com' alt='' /></div>Redhttp://www.blogger.com/profile/14259406941405804079red@redmilitante.com0tag:blogger.com,1999:blog-3379308617221153982.post-9081692839210001472009-06-30T08:06:00.000-07:002009-06-30T08:08:14.285-07:00POST with HttpClientAn alternative way to do Http POST using <a href="http://hc.apache.org/httpclient-3.x/tutorial.html">Jakarta-HttpClient</a><br /><br /><pre name="code" class="java"><br />PostMethod post = new PostMethod("http://jakarata.apache.org/");<br /> NameValuePair[] data = {<br /> new NameValuePair("user", "joe"),<br /> new NameValuePair("password", "bloggs")<br /> };<br /> post.setRequestBody(data);<br /> // execute method and handle any error responses.<br /> ...<br /> InputStream in = post.getResponseBodyAsStream();<br /> // handle response.<br /></pre><div class="blogger-post-footer"><img width='1' height='1' src='https://blogger.googleusercontent.com/tracker/3379308617221153982-908169283921000147?l=blog.redmilitante.com' alt='' /></div>Redhttp://www.blogger.com/profile/14259406941405804079red@redmilitante.com0tag:blogger.com,1999:blog-3379308617221153982.post-19188970637547118942009-06-29T06:42:00.000-07:002009-06-29T09:24:19.906-07:00Shibboleth UsernamePassword login handlerWe recently switched our IdP installation from using RemoteUser login handler to the <a href="https://spaces.internet2.edu/display/SHIB2/IdPAuthUserPass">UsernamePassword handler</a> for authentication. The UsernamePassword handler uses <a href="http://java.sun.com/j2se/1.5.0/docs/guide/security/jaas/tutorials/index.html">jaas</a> for authentication. We're attempting to customize the default login.jsp page used by the Shibboleth IdP to our own page, this is done by recompiling the IdP with a web.xml file pointing to the new login page<br /><pre name="code" class="xml"><br /><servlet><br /> <servlet-name>UsernamePasswordAuthHandler</servlet-name><br /> <servlet-class>edu.internet2.middleware.shibboleth.idp.authn.provider.UsernamePasswordLoginServlet</servlet-class><br /> <init-param><br /> <param-name>loginPage</param-name><br /> <param-value>specialPages/login.jsp</param-value><br /> </init-param><br /> </servlet><br /></pre><div class="blogger-post-footer"><img width='1' height='1' src='https://blogger.googleusercontent.com/tracker/3379308617221153982-1918897063754711894?l=blog.redmilitante.com' alt='' /></div>Redhttp://www.blogger.com/profile/14259406941405804079red@redmilitante.com0tag:blogger.com,1999:blog-3379308617221153982.post-60174470289648280912009-06-23T12:24:00.000-07:002009-06-29T09:13:30.551-07:00Java HTTP POST Request<pre name="code" class="java"> public void doPost() throws Exception {<br /> try {<br /> // Construct data<br /> String data = URLEncoder.encode("j_username", "UTF-8") + "=" + URLEncoder.encode("test", "UTF-8");<br /> data += "&" + URLEncoder.encode("j_password", "UTF-8") + "=" + URLEncoder.encode("test", "UTF-8");<br /><br /> // Send data<br /> URL url = new URL("/specialpages/script.jsp");<br /> URLConnection conn = url.openConnection();<br /> conn.setDoOutput(true);<br /> OutputStreamWriter wr = new OutputStreamWriter(conn.getOutputStream());<br /> wr.write(data);<br /> wr.flush();<br /><br /> //// Get the response<br /> BufferedReader rd = new BufferedReader(new InputStreamReader(conn.getInputStream()));<br /> String line;<br /> while ((line = rd.readLine()) != null) {<br /> System.out.println(line);<br /> }<br /> wr.close();<br /> rd.close();<br /> } catch (Exception e) {<br /> }<br /><br /> }</pre><div class="blogger-post-footer"><img width='1' height='1' src='https://blogger.googleusercontent.com/tracker/3379308617221153982-6017447028964828091?l=blog.redmilitante.com' alt='' /></div>Redhttp://www.blogger.com/profile/14259406941405804079red@redmilitante.com0tag:blogger.com,1999:blog-3379308617221153982.post-29984136759953642912009-06-22T12:32:00.001-07:002009-06-22T12:32:33.733-07:00testtest<div class="blogger-post-footer"><img width='1' height='1' src='https://blogger.googleusercontent.com/tracker/3379308617221153982-2998413675995364291?l=blog.redmilitante.com' alt='' /></div>Redhttp://www.blogger.com/profile/14259406941405804079red@redmilitante.com0