TPC’s data transfer is based on stream. If the two sides don’t agree on how to detect the end of self-defined message, the receiver won’t know the boundary of a message. A simple way is to have a special character is the ending flag, such as "2 new lines". The problem is that the message …
How to signify the end of a self-defined message in TCP programming? Read More »
Generate a self-signed https certificate Java’s KeyTool is kind of heavy due to its “keystore” concept. I prefer openssl: openssl req -x509 -nodes -newkey rsa:2048 -keyout cjx_private.key -out cjx_cert.pem -days 36500 #”-nodes” means no password to access the certificate file # You will be prompted set up your information. This one is important: Common Name …
Enable https for your apache-httpd-hosted website with a self-signed certificate Read More »
Visit a valid https site to see if there will be anything wrong public static void tryAuthorizedHttps() throws Exception { URL url = new URL(“https://www.baidu.com/”); HttpsURLConnection conn = (HttpsURLConnection) url.openConnection(); InputStream in = conn.getInputStream(); String page = IOUtils.toString(in, “utf8”); System.out.println(page); // successfully printed System.out.println(“===================”); //get the first X509 cert on the certificate chain X509Certificate x5Cert …
Java code to show case how java client deals with https certificates Read More »
By self-made https certificates, I mean one of the two kinds: 1. A self-signed certificate 2. A certificate issued by an unknown CA, for example, the certificate of https://www.12306.cn is by the CA of China’s Railway Department. Will there be security issues? Yes, there is a big issue, but you can work around it in some cases. …
Will there be security issues of self-made https certificates ? Read More »
An Https Certificate (a.k.a X509 certificate) is used to show others that you are really who you says you are. In a https-based c/s communication, including b/s communication, in most of the cases only the server side has to show a certificate. The client doesn’t need one, otherwise it will be very inconvenient for clients. …
What are the HTTPS Certificates in a C/S Communication and How are they verified? Read More »
$ /usr/libexec/java_home
This is an incomplete list of things you should consider when you want to prevent your users being attacked by others. Note this is about protecting individual consumers with username/password pairs, rather than application clients such as third-party companies, who normally carry AppKey/AppSecret pairs. Authentication There are several options. Sending username/password as http request …
Prevent user attacking in HTTP RESTFul API calls Read More »
How to design "forget password" feature for mobile apps? It is trickier than www websites if you are a very small team. Here are the options. Each of have its limitations. 1. Send the password resetting link to the user’s email box and then let them click to return to your UI interface to …
1. mac + dmg方式: /usr/local/mysql
如果两类功能的用户定位不一样或者产品定位不一样,即使他们相近或者有关联,也没必要做成一个产品;完全可以做成两个不同的产品,这样才能让两个产品分别做到极致。 做到一起,可以形成“一站式综合体”,对用户有利;但有时就是过于迷信这一点,反而让人形成不伦不类的感觉:你会去沃尔码买吉他吗?