SSH key Exchange for password-less login

Setting up ssh key exchange is not only just for making accessing remote machines more convenient. Its also useful as it will allow scripts to call remote ssh commands without interactively typing your password in.

Here are the steps.







1. Generate SSH Key pair 
the following command will generate your private and public key

ssh-keygen -t rsa

the -t options specifies which encryption algorithm to use , in this example I use RSA but something else can be used instead. the keys will be located in the ~/.ssh directory.

2. Copy public key to remote server
The following command will copy the public key to the remote server

ssh-copy-id -i  ~/.ssh/identity.pub user@remoteServer

identity.pub : the name of the public key file you generated in the step above, example id_rsa.pub
user@remoteServer: the remote server you are trying to enable password-less login for and the user account you use to access that server.

alternatively you can manually append the contents of the id_rsa.pub file to the

~/.ssh/authorized_keys file on the remoteserver.

3. Try SSH!
try ssh user@remoteServer it should not ask you for a password and should launch directly into the session

Troubleshooting
You may hit some issues one way to figure out whats going on is to try to get more info.

On your machine try running ssh -v user@remoteServer. As that prints more debug information.

Similarly you can start sshd on debug on your remote server as well , this way it will report errors of why it may not authenticate your key.

One Common problem is that your directory permissions may be to permissive , especially the .ssh directory and the files in the directory. This will cause password less ssh to fail. if you don't want to change the directory permissions you can turn off Strict Mode in the sshd configuration located at /etc/ssh/sshd_config

Java Dynamic Proxies for Testing

I've recently been exposed to the use of Proxies in Java. The Reflection library is actually quite powerful and knowing it will open solutions to things not normally possible.

the java.lang.reflect.Proxy can be  used to interpose between caller and the object being called. The Proxied object has an associated handler and every call to any method goes through the handler. The handler can then do ... anything.





It could:

• Simply Log information about parameters been passed in and which methods are been called
• Do Complex argument analysis i.e. Test invariants not in code such as are the arguments actually suitable for the method
• Modify the arguments or even replace them before passing them onto the real method

All this without modifying the any of the classes you are examining!.

With an Invocation handler all method calls are routed through the handler

Here is an example of how it can be used.

/**
*Processable.class
*/
public interface Processable {

 public boolean process(Object obj);
}
/**
*Processor.class
*/
public class Processor implements Processable {

 @Override
 public boolean process(Object obj) {
  boolean ret = false;
  /**
   * Does Processing Here
   */
  return ret;
 }
}
/**
*Engine.class
*/
public class Engine {

 public static void doStuff(Processable p) {

  p.process("Heres a String");
  // do a lot of stuff with Processor Object maybe even pass it through to
  // other classes
 }
}

I have Processor object which implements Processable and this Processor object is passed to an Engine which does many things with the object.

To Create a Proxy Object I need to make a InvocationHandler which will handle all calls to the proxied object this is done by implementing the InvocationHandler Interface.

import java.lang.reflect.InvocationHandler;
import java.lang.reflect.Method;

public class ProcessorInvocationHandler implements InvocationHandler {

 private Processor m_processor;
 private int count_calls = 0;

 public ProcessorInvocationHandler(Processor p_processor) {
  m_processor = p_processor;
 }

 @Override
 public Object invoke(Object proxy_object, Method method, Object[] params)
   throws Throwable {

  System.out.println(params);
  if (method.getName().equals("process"))
   count_calls++;
  return method.invoke(m_processor, params);
 }

 public int getCount() {
  return count_calls;
 }

}

To Actually Use it you can make a call to Proxy.newInstance , all you need is an interface which represents your class. This is because the object returned will be of type Processable , it will NOT be of type Processor. This important to remember as if the object has no interfaces this won't work.

Processable p = new Processor();
Engine.doStuff(p);

// With Proxy
ProcessorInvocationHandler handler = new ProcessorInvocationHandler(
  new Processor());
Processable p2 = (Processable) Proxy.newProxyInstance(Processor.class
  .getClassLoader(), Processor.class.getInterfaces(), handler);
Engine.doStuff(p2);
System.out.println(handler.getCount());

This can be useful in certain situations. Notice that to add the proxy and reveal information I did not have to change the actual objects both Processor and Engine were unchanged. This is very useful where changing code is difficult on not possible.

Since the InvocationHandler can hold a reference to the real object its possible to call the real method and the Proxy can be used to just trace the code.

With Simple programs this may seem unnecessary but with large code bases  managed by many people its often hard to see bigger pictures this is a very useful tool to see what your object life cycle is in your system.

Limitations
There are however some limitations:

• To Proxy an interface to the object is needed
• Proxy is not an instanceOf the object it is proxying. For example in the given scenario Proxy is not instanceof Processor. However Proxy instanceOf Processable will be true.
• Without interfaces no static methods as well as the Proxied object will only have the interface methods.
• Proxied Object is for a specific instance of the class you are proxying this means you need to create a new proxy instance for every instance of the object. 

Also here is a link to a java tech article also explaining this Java Developer Article Interposing Java

Spring 3.0 - Where to Start?

Last time I touched spring it was much more cumbersome and I remember following a decent step by step guide ( Spring 2.5 step by Step) to get through starting my first project. Surprised to find that this guide is apparently not updated and is now inconsistent with Spring 3.0 :/.
I searched in vain to find an updated guide but most out there didn't seem right and often felt hackish in some parts as well. I ended up finding a much better way to get started with Spring - the Spring Tool Suite.

If you are new to spring I would highly recommend  Spring Tool Suite . It is an eclipse based IDE with many plugins and includes tc Server (tomcat server with some spring stuff on top). What was mostly helpful was the Spring Template Wizard (New->Project->Spring->Spring Template Project) Which gives you a working Spring app following some sort of template.

I had a Working Spring MVC within seconds and did not have to configure anything the web.xml and various servlet-context xml were configured with a simple view and a Controller giving me a great starting point for an MVC application.In addition with the bundled tomcat no application server configuration needed either it just works!

STS - Spring Template Project creates a working spring program in of the following templates

However it still not all smooth , not going to blame spring here but learning the basics of frameworks can be tough when you need a bit to just get started here's a couple I've come across so far that actually have had obvious answers.

Using Spring and can't access Cascading Style Sheets (CSS) or JavaScript(.js) files from JSP or URL.

I have found this is related to the servlet mapping configured in your web.xml. If your appServlet has a url pattern like "/" or "/*" then it will match all URLs in your application including calls to css files and your public files will not be visible.

As you can see from my folder structure I have a resources folder in my webapp directory which is outside of WEB-INF and should be accessible. but the url mapping prevents the requests going through.

There are different ways to solve this issue but the one I used I found on StackOverflow. Which was basically to add some URL patterns to the default Servlet this way i could make sure images/js/css files properly served as files/resources.

Blog Created

Over time I have found myself experimenting with various technologies that come up over time. One of the issues is that once those projects aren't touched for a while I will often forget what exactly I did and will surely enough have to figure out it again leaving me perpetually at the beginning of the learning curve.

By writing this I hope to get better understanding by putting my thoughts into writing and hopefully share insight with others.

First will be an attempt to write an app using Spring 3.0 and build up to a web application with a hibernate based back end and jquery front end.