Month: November 2015

Web Application: Don’t send all the stack trace of an exception to client if Apache Httpd is used as reverse proxy

Don’t send all the stack trace of an exception to client if Apache Httpd is used as reverse proxy.  Otherwise, it may return Http 502 to your client.   It may say the following just because the response from your servlet container(tomcat etc.) is too big in size:  502 Bad Gateway The proxy server received …

Web Application: Don’t send all the stack trace of an exception to client if Apache Httpd is used as reverse proxy Read More »

Where to put the environment-specific properties files when using spring framework ?

Where to put the environment-specific properties files when using spring framework ?  1. Put it on classpath?  Not acceptable.  Classpath means the file will be put in git/svn repository and there will only be one newest copy of it. As a result, all environments will have a same property file.  2. Put it on an …

Where to put the environment-specific properties files when using spring framework ? Read More »

Add an SPF DNS record if you don’t want emails sent by your system defined as spam

The problem is,    1. Your web application’s domain name is www.foo.com   2. Your server IP is 123.123.123.123, and it sends emails to users from  support@foo.com    3. When a user  danni@gmail.com gets an email from it,  GMAIL may consider it is spam because it doesn’t know whether 123.123.123.123 really represents support@foo.com .   What you …

Add an SPF DNS record if you don’t want emails sent by your system defined as spam Read More »

Email sending using others’ smtp server should done asynchronously

SMTP access provided by 3rd-party sponsors such as Godaddy can be very unreliable. It may take seconds to setup a TCP connection or read and write data.  As a result, the thread of sending an email may be blocked.  In return, if this thread is a user thread, i.e., created to serve a user’s request, …

Email sending using others’ smtp server should done asynchronously Read More »

How to let MyBatis annotation to set the id and timestamp properties of the JavaBean I passed in ?

If you are with a auto-generated key, when you carry out a method like this public void saveNewUser(User user); what do you expect besides a new record in DB?   You want the user.id also has been set after the execution. That’s what real ORM does With MyBatis, you can do it like the following. …

How to let MyBatis annotation to set the id and timestamp properties of the JavaBean I passed in ? Read More »

Java Time Zone: It’s 9 o’clock here, what’s your time ?

private static void printTimeMain() throws ParseException { // the computer which runs this program is of the time zone of China long someSummerMilis = DateUtils.parseDate(“2015-7-4 16:00:00”, new String[] { “yyyy-MM-dd HH:mm:ss” }).getTime(); long someWinderMilis = DateUtils.parseDate(“2015-11-11 16:00:00”, new String[] { “yyyy-MM-dd HH:mm:ss” }).getTime(); System.out .println(“==============when it is 2015-7-4 16:00:00 in China, the world’s times are==============”); …

Java Time Zone: It’s 9 o’clock here, what’s your time ? Read More »

The best way to deal with CORS issues with Swagger UI

You can set CORS filter on your web.xml or on your tomcat’s web.xml, like this. CorsFilter org.apache.catalina.filters.CorsFilter CorsFilter /*  However, 1. Your system gets insecure because of this, especially on PROD site where you don’t want someone to invoke your RESTFul services with swagger ui.  2. There may still be CORS javascript bugs in Swagger …

The best way to deal with CORS issues with Swagger UI Read More »

How to signify the end of a self-defined message in TCP programming?

TPC’s data transfer is based on stream. If the two sides don’t agree on how to detect the end of self-defined message, the receiver won’t know the boundary of a message.  A simple way is to have a special character is the ending flag, such as "2 new lines". The problem is that the message …

How to signify the end of a self-defined message in TCP programming? Read More »

Enable https for your apache-httpd-hosted website with a self-signed certificate

Generate a self-signed https certificate Java’s KeyTool is kind of heavy due to its “keystore” concept. I prefer openssl: openssl req -x509 -nodes -newkey rsa:2048 -keyout cjx_private.key -out cjx_cert.pem -days 36500 #”-nodes” means no password to access the certificate file # You will be prompted set up your information. This one is important: Common Name …

Enable https for your apache-httpd-hosted website with a self-signed certificate Read More »