Tuesday, June 30, 2009

Moving Offscreen App Back to Primary Workspace

Note: This trick applies to Windows OS only.

Most people using a notebook PC with two monitors will often move some applications off to the external monitor for various reasons. And just as often, when they detach their notebooks, they will forget to move the applications back to the primary monitor as I do.

If not written smartly, those applications will continue to reside in the now illusory monitor when the notebook is re-awaken without the external monitor attached. Rebooting does not always help, thus making those applications inaccessible for use. (Smart applications will detect that the previous location on screen is untenable and will pop back into the main monitor.)

To bring an errant application back to the primary monitor, following these steps:

  1. Alt-tab to the errant application.
  2. Alt-space to bring up the errant application's Windows menu and select Move.
  3. Use left or right cursor as appropriate repeatedly to move the application back to where you can see it.

Monday, June 29, 2009

Remote Debugging with JPDA

For developing Java applications, JPDA (Java Platform Debugger Architecture) is an important toolkit for debugging applications that is failing in a deployment environment. This is particularly useful in situations where the deployment environment does not have a development environment and can only be debugged remotely.
To enable remote debugging, the Java application must be compiled with debugging enabled (-g) and must not be obfuscated or optimized. When launching the Java application, include the following argument:
This says that the JVM should listen on the socket transport. Another possibility is to use shared memory as transport (dt_shmem). By default, JVM suspends before the main class loads unless otherwise indicated (suspend=n). In this example, the JVM listens on the specified port (8777) for a debugger to connect before resuming execution. To make the JVM initiate the connection, specify server=n.


Make a duplicate of your application launcher (Launcher). Double-click on the duplicate launcher to modify it. Select Java Invocation to configure it. In the VM Parameters text field, add the JPDA arguments show above.
Make a duplicate of your media file (Media) and include the debuggable launcher.
Run the installer. When the debuggable application launch, it will wait for the debugger to connect. If you launch the debuggable application from the command line, you will see a message indicating that it's waiting on the socket transport at port 8777.


Tomcat startup script (startup.sh or startup.bat) has JPDA built in. All you need to do is specify "jpda" when starting Tomcat. By default, it waits on the socket port 8000 until a debugger connects.


In the start WebLogic script, look for JAVA_ARGS and append the JPDA argument shown above. WebLogic will wait for a debugger to connect before proceeding.

Debugging from Eclipse

On the computer where your source code resides and where Eclipse is installed, create a Debugging Configuration. Select the Connection Type and provide the host address and port (e.g., Standard (Socket Attach), localhost and 8777). Click [Debug] to start debugging. The application being debugged will resume. Set a breakpoint somewhere in your source code and watch the remote application stops at your breakpoint.
Other debuggers can be set up similarly.


  1. Peter V. Mikhalenko, Debug Your Java Code with Ease Using JPDA, TechRepublic, 11/30/2006.
  2. Java Platform Debugger Architecture, Sun.

Sunday, June 28, 2009

Clustering J2EE Web Applications

Clustering refers to the grouping of two or machines (hardware) that externally presents itself as a single unit in order to achieve performance (scalability) and reliability (high availability) goals. For web applications, clustering refers to the grouping of two or more application servers or its components (software), whether running on a single machine or on multiple machines. Clustering is important in a RMI-based architecture to ensure that the failure of one component will not bring down the entire web application.

In designing a cluster, avoid or at least identify single points of failure. A single point of failure has an impact on reliability, which clustering is supposed to achieve. It also translates into varying levels of undesirable end-user experience. An example of a common single point of failure is the application's database. That is because many web applications may have a distributed application tier, but shares a single database.

There are many ways to cluster application servers. The following are some common strategies. Note that a distributed database or SAN (Storage Area Networking) storage can be used on all topologies for better availability.

Saturday, June 27, 2009

Callback vs Listener

The Callback pattern is variation of the Command pattern [Gamma], where the Receiver itself is a concrete expression of the Command (Callback) class and is registered with the Subject. When an event of interest occurred, the Subject "calls back" the Receiver via the registered concrete Callback subclass.

The Listener implements the Observer pattern [Gamma], where the Listener is the Observer and is also registered with the Subject.

A Subject may have multiple Listeners, while it can only have one Callback Receiver. However, multiple Listeners may be implemented as a "callback list".

Java implements Listeners as a callback list. It implements a "push" model of the Observer pattern where additional information is supplied as an Event argument tailored to the Listener.


Friday, June 26, 2009

Signing Java Applet - Allowing Applet Full Access to the Local System

There are two ways to grant an applet full access to the local system:
  1. On the receiving side, grant access to the incoming applet by modifying Java's security policy.
  2. On the sending side, have the applet seek access permission from the receiver via signed certificates.
Granting Applet Access by Modifying Java Security Policy

Method 1 requires modifying the java.policy file in jre/lib/security by adding the following lines:
grant codeBase "http://your.url.here" {
permission java.security.AllPermission;

As a word of caution, dropping the "codeBase" qualifier grants all applets all permission and is not advisable.

Seeking Applet Access Via Signed Certificate

Method 2 requires creating a trusted certificate and signing the applet.
  1. Write, compile and jar your applet as you normally does.
  2. Use keytool to generate private/public key pairs. This also creates a self-signed certificate.
keytool -genkey -alias alias -keystore keystore -keypass keypass -dname cn=xxxx -storepass storepass
This generates a private/public key pair stored in the keystore protected by storepass. Use the alias and the keypass to access the private key of this generated pair.
  1. This step is optional if you are signing your applet with a self-signed certificate. If you are publishing your applet to the Internet, generate a certificate request (CSR), submit it to a certificate authority (CA) and get a CA-signed trusted certificate back. Replace the self-signed certificate with this trusted certificate.
keytool -certreq -alias alias -keystore keystore -keypass keypass -storepass storepass

keytool -import -alias
alias -file trustedCert.cer -keystore keystore -storepass storepass
  1. Sign your applet: jarsigner
jarsigner -keystore keystore -storepass storepass -keypass keypass -signedjar YourSignedApplet.jar
  1. keytool - Key and Certificate Management Tool, Sun.
  2. Larry Siden, Signed Applet Tutorial.
  3. Chapter 10: Signed Applets, SDN tutorials, 1994-2009.
  4. How to Create a Self-signed SSL Certificate.
  5. Thawte Code Signing Certificates Enrollment Page.
  6. Verisign Certificate Center Purchase Page.
  7. Java SE Security, Sun.
  8. Lesson: API and Tools Use for Secure Code and File Exchanges, The Java Tutorials, Sun.
  9. Certificate, Java Glossary.
  10. Chris W. Johnson, Java Certificate Parsing, 5/18/2004.
  11. EJBCA User Guide.
  12. CertificateFactory, Java 6 Javadoc, Sun.

Thursday, June 25, 2009

Associations in UML

In UML, an association represents a relationship between classes. The representation varies depending on the specifics.

Represents a simple relationship between classes.

Representation: Solid line (bi-direcitonal); Solid line with arrow (unidirectional).
Implementation: Via member variables.

Also known as weak aggregation. Represents a whole-part relationship.

Representation: Solid line with open diamond (bi-directional); Solid line with open diamond on one end and arrow on the other (unidirectional). Open diamond's side is the whole.
Implementation: Via member variables.

Also known as strong aggregation. Represents a whole-part relationship where the part's existence is dependent on the whole.

Representation: Solid line with solid diamond (bi-directional); Solid line with solid diamond and arrow (unidirectional). Solid diamond's side is the whole.
Implementation: Via member variable.

Weak Association
Representation: Dash line (bi-directional); Dash line with arrow (unidirectional).
Implementation: Via method arguments.

Wednesday, June 24, 2009


First and foremost, they have to be 128 bit long.

There are apparently 5 versions. By versions, they mean algorithms with variants.

Version 1 uses a combination of monotonic time, a random number and nodeID, which is either the IP or the MAC address. This guarantees that the UUID is unique across time (from 1582 till around 3400AD) and space. And in case of unforseen reason, it generated the same time and have the same nodeID, the random number decreases the possibility of collision further. The main complain against this is that you can trace the source based on the nodeID.

Version 2 is the OSF Desktop Computing Environment Security version with embedded POSIX UID. Not sure exactly what this means, but apparently not implemented by Apache.

Version 3/5 uses the URL and either MD5 or SHA1 hashing for spatial but not temporal uniqueness.

Version 4 is the same as version 1 but with the nodeID computed using a cryptographically strong random number generator such as Java's SecureRandom and a hashed name (such as that of Version 3/5). This also guarantees spatial and temporal uniqueness. A cryptographically strong random number must produce a non-determinstic output. Apache implements some variation of this. And Sun uses the Leach-Salz variation.


  1. P. Leach, M. Nealling, R. Salz, A UUID URN Namespace, Internet Engineering Task Force, 12/2004.
  2. Universal Unique Identifier, The Open Group, 1997.
  3. Java 5 UUID Class Javadoc, Sun Microsystems, Inc., 2004.
  4. Universally Unique Identifier, Wikipedia, 2005.
  5. Commons: Id, The Jakarta Project, Apache Software Foundation, 4/2/2005.

About Computing Notes

I intend this blog to be an emulation of the old-school lab notebooks. Each note contains concise, practical information on computing subjects of varying interests to myself and hopefully to other computing hobbyists and professionals.