Wednesday, March 24, 2021

Docker commands and Dockerfile examples

To install docker on fedora

$ sudo dnf config-manager --add-repo

$ sudo dnf install docker-ce docker-ce-cli 

$ sudo systemctl start docker

$ sudo docker run hello-world

To build and run an image

First, create a Dockerfile under the current directory (see below).

$ sudo docker build -t myimagename:myimageversion .

$ sudo docker  run -p 8888:8080 myimagename:myimageversion


$ sudo docker run --net=host myimagename:myimageversion

Other commands

$ sudo docker image ls

$ sudo docker rmi image-hash

$ sudo docker ps -as

$ sudo docker rm container-hash

$ sudo docker run -it myimagename:myimageversion bash

Dockerfile of adding self CA and Bouncy Castle jar

FROM tomcat:9.0.44-jdk8

# Add myCA certificate

ADD myCA.crt /usr/local/share/ca-certificates/

RUN chmod 644 /usr/local/share/ca-certificates/myCA.crt && update-ca-certificates

# Add Bouncy Castle provider

RUN echo '' >> "/usr/local/openjdk-8/jre/lib/security/"

RUN echo 'security.provider.10=org.bouncycastle.jce.provider.BouncyCastleProvider' >> "/usr/local/openjdk-8/jre/lib/security/"

ADD bcprov-jdk15on.jar /usr/local/openjdk-8/jre/lib/ext/

# Add web app

ADD myapp.war  /usr/local/tomcat/webapps/


CMD ["", "run"]

Tuesday, March 16, 2021

Eclipse cannot connect to a server due to certification error

If "Install New Software" fails in Eclipse and it complains that the server's certificate is not trusted, that may be because the Java instance that Eclipse uses does not have the needed CA in its keystore.

Another symptom is that when you try to access Eclipse Marketplace in Eclipse (Help|Eclipse Marketplace...), exceptions are thrown complaining about the server certificate.

Usually Eclipse uses the Java in the system, and you can simple add the CA into the keystore following this post.

Sometimes Eclipse uses a different Java instance and to find out which one it is, you need to go to the installation of Eclipse and find this file eclipse.ini. Use a text editor to open it. Find the line -vm. Under it is the Java instance that Elipse uses.

Go to where the Java instance locates, and enter its lib/security/ directory. Follow this post to add the new CA to cacerts, e.g.:

$ keytool -import -alias CloudService -keystore cacerts -file "/path/to/CloudServiceRootCA.cer"

Tuesday, February 23, 2021

ASP.NET/C#: OleDb example, reading from DB

public void example()

    string sql = string.Concat("SELECT f1, f2 FROM table1",
                                               " WHERE id=?");

    using (OleDbConnection connection = new OleDbConnection(AppSettings.getConnectionString()))
        // The insertSQL string contains a SQL statement that
        // inserts a new row in the source table.
        OleDbCommand command = new OleDbCommand(sql, connection);

        command.Parameters.AddWithValue("@id", 10);

        // Open the connection and execute the command.

            OleDbDataReader reader = command.ExecuteReader();

            while (reader.Read())


                string str1 = reader.GetString(0);

                string str2 = reader.GetString(1); 


        catch (Exception ex)
        // The connection is automatically closed when the
        // code exits the using block.

ASP.NET/C#: Link a config file to web.config for an extra app-Settings section

Multiple appSettings sections are not allowed in web.config. However, we can add config sections by using <configSections>.

In web.config, add <configSections> at the very beginning of <configuration> element.

        <section name="appSettingsExtra" type="System.Configuration.NameValueFileSectionHandler, System, Version=, Culture=neutral, PublicKeyToken=b77a5c561934e089"/>
appSettingsExtra configSource="webextra.config">

Create a new file webextra.config with the following content:

     <add key="TheKey" value="TheValue"/>

In the code, to read the parameter from webextra.config:

System.Collections.Specialized.NameValueCollection extraSettings = (System.Collections.Specialized.NameValueCollection)ConfigurationManager.GetSection("appSettingsExtra");
string value = extraSettings["TheKey"];

Sunday, February 14, 2021

Blogger: Tweeking the Contempo template

With the Contempo template, the homepage of the blog will show snippets of the most recent posts. To show the whole posts instead we can edit the HTML of the template as below.

Find the following location in the HTML code of the template:

    <b:if cond='data:view.isSingleItem'>
      <b:include data='post' name='postBody'/>
      <b:include data='post' name='postBodySnippet'/>
      <b:include data='post' name='postJumpLink'/>

Change it into:

    <b:if cond='data:view.isSingleItem'>
      <b:include data='post' name='postBody'/>
      <b:include data='post' name='postBody'/>
      <b:include data='post' name='postJumpLink'/>

The template also shows post snippets of Featured Posts and Popular Posts on the homepage. To disable that, go to Layout menu and disable them there.

Tuesday, February 9, 2021

IIS Logs

To find out the IIS logs location of a site:

1. Open IIS Manager;

2. Click the Web Site;

3. Find the Logging icon and double click it;

4. Find the location of the logs in the Directory text box.


If you are using IIS Express of the Visual Studio, the logs location of  IIS Express is at %userprofile%\Documents\IISExpress\Logs

In C#, to add infomation to the IIS logs, use:

    Response.AppendToLog("your debug info");


    System.Web.HttpContext.Current.Response.AppendToLog("your debug info");


Friday, January 29, 2021

IIS Configuration: To reject an HTTP request with certain headers

For security, we want to reject HTTP requests with some headers, such as X-HTTP-Method, XHTTP-Method-Override, and X-Method-Override. One trick is to set their size limits to 0 in web.config:

               <add header="X-HTTP-Method" sizeLimit="0" />
               <add header="X-HTTP-METHOD-OVERRIDE" sizeLimit="0" />
               <add header="X-Method-Override" sizeLimit="0" />

IIS will return an default 404 page if a request contains any of these headers.

Sometimes you may not want to handle the 404 error in your application. Then you can add the <httpErrors> element:

               <add header="X-HTTP-Method" sizeLimit="0" />
               <add header="X-HTTP-METHOD-OVERRIDE" sizeLimit="0" />
               <add header="X-Method-Override" sizeLimit="0" />
   <httpErrors existingResponse="PassThrough" />

Tuesday, January 19, 2021

EPUB error: The 'direction' property must not be included in an EPUB Style Sheet.

This is an example on Linux to resolve the following error from an epub book:

The 'direction' property must not be included in an EPUB Style Sheet.

(The steps on Windows system are similar.)

Steps 1: Put the EPUB book in a directory. And enter that directory.

$ mv mybook.epub tempdir

$ cd tempdir

Step 2: Unzip the book with a zipping tool.

$ unzip mybook.epub

Step 3: Use a text editor to modify the problematic stylesheet.css file to remove the line direction: ltr;

$ vi OEBPS/styles/stylesheet.css


Step 4:  Repackaging

$ zip -rX mybook-new.epub mimetype META-INF OEBPS

(Note: use the option -X to create filetype of EPUB for the package; file mimetype must be the first item added into the package.)

mybook-new.epub is the new book after the fix.

Monday, January 18, 2021

Spring application unit tests context refreshing

If Mockito is used to mock a Spring singleton bean in one test class, it may impact the second test class so that test cases in the 2nd test class could fail.

It appears that all test cases are successfuly if the 2 test classes are run independently, but when they are run together, the test cases in the 2nd test class would fail.

In that case, @DirtiesContext annotation can be used on the 1st test class. It indicates that the ApplicationContext associated with a test is dirty. After the test, the ApplicationContext would be closed and removed from the context cache. The test cases from the 2nd test class can be run independently from the 1st test class.

Monday, January 11, 2021

Linux: Mounting TrueCrypt volume with cryptsetup

To mount:

$ sudo cryptsetup --type tcrypt open /path/to/truecrypt-volume mapping-name

$ sudo mount -o uid=1001 /dev/mapper/mapping-name /media/tcv

(Note: [1] if /media/tcv did not exist, create it using command mkdir. [2] check your uid using command id.)

Access the content at /media/tcv.

To unmount:

$ sudo umount /media/tcv

$ sudo cryptsetup close mapping-name

Get This <