Welcome to my website. I am always posting links to photo albums, art, technology and other creations. Everything that you will see on my numerous personal sites is powered by the formVistaTM Website Management Engine.

icon.linkedin.jpgicon.twitter.jpg

  • Subscribe to this RSS Feed
  • Creating a MD5 Hash in Java From Either a String or the Byte Value of a Long
    02/07/2012 11:53AM

    Following is a quick example of how to generate an MD5 Hash (SHA-256, SHA-512 or any other supported hash algorithm) of either a String or the byte value of a long.  You should be able to adapt for your particular application:

    package com.ryanchapin.util;

    import java.io.ByteArrayOutputStream;
    import java.io.DataOutputStream;
    import java.io.IOException;
    import java.io.UnsupportedEncodingException;
    import java.security.MessageDigest;
    import java.security.NoSuchAlgorithmException;

    public class HashGenerator {

        public static String createHash(long input, String hashAlgorithm) {
            // Generate a byte array from the long
            // Extract the byte value of the long
            ByteArrayOutputStream bos = new ByteArrayOutputStream();
            DataOutputStream dos = new DataOutputStream(bos);

            try {
                dos.writeLong(input);
            } catch (IOException e) {
                e.printStackTrace();
            }
            try {
                dos.flush();
            } catch (IOException e) {
                e.printStackTrace();
            }

            byte[] byteArray = bos.toByteArray();
            return bytesToHex(computeHashBytes(byteArray, hashAlgorithm));
        }

        public static String createHash(String input, String hashAlgorithm) {
            // Generate a byte array from the input String.
            byte[] inByteArray = null;
            try {
                inByteArray = input.getBytes("UTF-8");
            } catch (UnsupportedEncodingException e) {
                e.printStackTrace();
            }

            return bytesToHex(computeHashBytes(inByteArray, hashAlgorithm));
        }

        private static byte[] computeHashBytes(byte[] inputBytes, String hashAlgorithm) {
            // Instantiate a MessageDigest instance configured with the desired
            // algorithm.
            MessageDigest md = null;
            try {
                md = MessageDigest.getInstance(hashAlgorithm);
            } catch(NoSuchAlgorithmException e) {
                e.printStackTrace();
            }

            // This isn't necessary in this context, but should this
            // be refactored to use the MessageDigest as a member this
            // enables the reuse of the same MessageDigest instance.
            md.reset();
            md.update(inputBytes);
            return md.digest();
        }

        private static String bytesToHex(byte[] hashBytes) {

            // Convert the hashBytes to a String of hex values
            StringBuilder retVal   = new StringBuilder();
            StringBuilder hexValue = new StringBuilder();

            for (byte hashByte : hashBytes) {
                // Flush our StringBuilder to be used as a container for the
                // hex value for each byte as it is read.
                hexValue.delete(0, hexValue.length());
                hexValue.append(Integer.toHexString(0xFF & hashByte));

                // Add a trailing '0' if our hexValue is only 1 char long
                if (hexValue.length() == 1) {
                    hexValue.insert(0, '0');
                }
                retVal.append(hexValue);
            }
            return retVal.toString();
        }

        public static void main(String[] args) {

            // Hash using MD5
            System.out.println(createHash("12345", "MD5"));
            System.out.println(createHash(12345L, "MD5"));

            // Hash using SHA-256
            System.out.println(createHash("12345", "SHA-256"));
            System.out.println(createHash(12345L, "SHA-256"));
        }
    }

  • Great PL/SQL Overview and Tutorial
    02/01/2012 1:37PM
  • List All Active Sessions in Oracle 11g
    02/01/2012 12:26PM

    Here is a query with which you can see all of the active sessions on an Oracle database:

    SELECT SID, Serial#, UserName, Status, SchemaName, Logon_Time
    FROM V$Session
    WHERE
    Status='ACTIVE' AND
    UserName IS NOT NULL;

  • Adding MultipartConfig Configuration to web.xml in JBoss 6.x for a Servlet 3.0 File Upload Servlet
    01/12/2012 11:45AM

    If you do not want to hard-code your file upload servlet with the @MultipartConfig annotation but would rather add it to your <servlet> configuration element in web.xml, following is the syntax (add this as a child element of <servlet>):

    <multipart-config>
          <location>/tmp</location>
          <max-file-size>20848820</max-file-size>
          <max-request-size>418018841</max-request-size>
          <file-size-threshold>1048576</file-size-threshold>
    </multipart-config>

  • Invocation of request.getParts() in a Servlet 3.0 doPost Method Will Not Throw IllegalStateException
    01/12/2012 11:34AM

    This one requires a bit of explaination.

    When writing a Servlet that will enable users to upload files from a form you need to be able to limit both the size of the file(s) and the entire multipart/form-data request.  The Servlet 3.0 spec now includes a @MultipartConfig annotation (which can also be specified in web.xml, see other post in this blog).

    Based on the Servlet 3.0 spec here is what is supposed to happen.

    1. The user submits a multi-part form that exceeds any of upload limitation parameters in the @MultipartConfig annotation.
    2. An attempt in the doPost method of the Servlet to invoke a  Collection<Part> parts = request.getParts(); should throw an IllegalStateException enabling the Servlet to respond to the client and somehow communicate that the multi-part message was too large.

    However, if within the doPost method a request.getParameter([param_name]) is invoked on the request object BEFORE attempting to invoke request.getParts(), the Servlet will not throw an IllegalStateException if any of the parameters in the MultipartConfig have been exceeded.  Instead, .getParts() returns a Collection of 0 parts, and without the Exception you have no idea why the multipart POST failed.

     If request.getParameter([param_name]) is invoked on the request object AFTER the first attempt to invoke request.getParts(), .getParts() will throw an IllegalStateException with the details about why the POST failed if any any of the parameters in the MultipartConfig have been exceeded.

    This took me quite a while to track down.

    The long and the short of it is that if you want to be able to check to make sure that any of the @MultipartConfig limitations are exceeded on the server-side (which you should) you MUST invoke request.getParts()before attempting to read any query string values.

    Certainly, there will be those that will say 'why not just check all of this on the client-side in JavaScript?'.  To which I would say, that is absolutely what you should do.  However, you should always double-check on the server-side to prevent someone who has managed to circumvent your client-side form validation.  Furthermore, there are a number of very slick and easy JavaScript implementations to do this that do not work in various versions of IE.

    Attachment: multipartconfig_bug_1.zip 1389 bytes
Advanced Search

Categories

Archives