See the output from MockMvc.peform()

Lets say you have a unit test on a Spring MVC controller like this:

/**
 * Tests RESTController.getPostcode() with a false postcode and building number
 */
@Test
public void PostcodeAndBuilding_FalsePostcodeIsNotGot_Passes() throws Exception {

    mockMvc.perform(get("/postcode/" + test3PostcodeRequest + "/" + test3BuildingNumberRequest))
            .andExpect(status().isOk())
            .andExpect(content().contentType(contentType))
            .andExpect(jsonPath("$.status", is(404)));

}

The test is failing, so you want to grab the response for whatever reason.  The simply way of doing this is to return the response of the MockMvc.perform into an MvcResult and run getResponse and getContentAsString on it to turn it into a String:

/**
 * Tests RESTController.getPostcode() with a false postcode and building number
 */
@Test
public void PostcodeAndBuilding_FalsePostcodeIsNotGot_Passes() throws Exception {

    MvcResult result = mockMvc.perform(get("/postcode/" + test3PostcodeRequest + "/" + test3BuildingNumberRequest));
            //.andExpect(status().isOk())
            //.andExpect(content().contentType(contentType))
            //.andExpect(jsonPath("$.status", is(404)));

    String content = result.getResponse().getContentAsString();

}

You now have the content stored as String to do with what you wish.

Facebooktwittergoogle_plusredditmail

A Zero Byte SSL Key, is Never a Good Thing…

I’ve been working on a side project that exposes the Post Offices PAF data via a REST API.  While securing the site I was getting problems loading the Apache config, after a few seconds of investigation I spot a major problem…

A zero byte SSL key, is never a good thing:

root@jupiter:~/api.postcode.software_ssl# ls -la
total 12
drwxr-xr-x  2 root root 4096 Jan 21 17:23 .
drwx------ 10 root root 4096 Jan 22 11:18 ..
-rw-r--r--  1 root root 1119 Jan 21 17:23 api.postcode.software.csr
-rw-r--r--  1 root root    0 Jan 21 17:27 api.postcode.software.key

Time for a re-issue…

I wouldn’t be so annoyed if the key hadn’t only just been issued after a 12 hour wait.

I’ll post more on the project when its complete (as complete as a side project ever gets!) on this blog.

Facebooktwittergoogle_plusredditmail

Creating a Root CA and Signing a Certificate for Development

I’ve recently been writing some services in Java using Spring where the service will be accessed over HTTP when live.  I obviously want to use this configuration in development but I don’t want to pay for a certificate.

I could write a null implementation of TrustManager, but this will be very different to live and is something that could possibly make its way through to live.

Instead, I’ll create a self-signed root CA and sign the SSL certificate for the service myself using the new root CA.

Install OpenSSL

Firstly you will need OpenSSL installed. I used the installation of OpenSSL on my MacBook Pro that comes with OS X.  On Ubuntu you install it using:

sudo apt-get install openssl

Windows users can grab OpenSSL from here.

Create the Root Key

Next you need to create the root key.

openssl genrsa -out rootCA.key 2048

If you would like to add a password to the root key, which is highly recommended, do the following:

openssl genrsa -des3 -out rootCA.key 2048

Using the above command will ask for a password to secure the key.  You will need to enter the password each time you use the key if you secure it.

Create a Root Certificate

The next step is to create a root certificate and self-sign the certificate using the root key generated earlier.

openssql req -x509 -new -nodes -key rootCA.key -sha256 -days 712 -out rootCA.pem

You will need to answer a few questions about the root CA.  Here’s how I answered the questions:

You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:GB
State or Province Name (full name) [Some-State]:Lancashire
Locality Name (eg, city) []:Blackpool
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Andy McCall Ltd
Organizational Unit Name (eg, section) []:Development
Common Name (eg, YOUR name) []:Andy McCall
Email Address []:certificates@andymccall.co.uk

We now have a root CA that we can use to sign things with.  If you are using Windows, install this CA into the local machine’s root certificate store using the Microsoft Management Console (MMC).  There’s a guide at SQLServerMart that is easy enough to follow for servers, there’s also a guide here for the desktop.  For other operating systems or platforms Google is your friend.

Create a Certificate

The next step is to create the certificate that will be used to secure the service over HTTPS.  There are a number of steps to do this

Create the key

The first step is to create a private key.

openssl genrsa -out service.key 2048

Generate a Certificate Signing Request

Using the key create a certificate signing request for your service:

openssl req -new -key service.key -out service.csr

You’ll be asked a host of questions again, the important bit of information here is the common name.  This will be how you will access your service.  In this example the service is called service.local and I’ve added service.local to my hosts file.  This would also work if you used a corporate DNS and you where securing myservice.mycorporation.myinternaldns.com or if you used an IP address.  It basically has to match the address you will access the service on.

You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:GB
State or Province Name (full name) [Some-State]:Lancashire
Locality Name (eg, city) []:Blackpool
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Andy McCall Ltd
Organizational Unit Name (eg, section) []:Development
Common Name (eg, YOUR name) []:service.local
Email Address []:certificates@andymccall.co.uk

Do not use a challenge password with this certificate.

Sign the Certificate Signing Request Using the Root 

Now we sign the request to make to trust it:

openssl x509 -req -in service.csr -CA rootCA.pem -CAkey rootCA.key -CAcreateserial -out service.crt -days 356 -sha256

We now have a signed certificate (service.crt) and a key file (service.key).  Under Linux servers and hardware devices, we can use these two keys together to secure our service.  Under Windows we need to import it into the certificate store first and to do that we need the files to be combined into a single Personal Information Exchange file.

Convert Certificate and Key into a Personal Information Exchange File

To import the certificate and key into the Windows certificate store we need to convert them to a Personal Information Exchange (.pfx) file.

openssl pkcs12 -export -out service.pfx -inkey service.key -in service.crt -certfile rootCA.pem

You don’t need to use an export password, but its obviously more secure if you do.  This will produce a single .pfx file that you can import into your OS.

Once the certificate is installed you can check to see if the certificate is valid:

Clicking on the Certification Path shows the chain of trust:

Finally, set your service to run under HTTPS and use the new certificate to secure the service.  Configure your endpoint within your application as service.local and you now have a correctly configured development environment that is live like.

Facebooktwittergoogle_plusredditmail

Maven – Index Downloads are Disabled

Problem

When trying to add Maven dependencies to your project you encounter the message “Index downloads are disabled, search results may be incomplete.”, as shown in the following screenshot.

Maven Index Downloads are Disabled

SolutionBuild 

To fix this, enable “Download repository index updates on startup” within the Eclipse preferences, as show in the following screenshot. then restart Eclipse.

Fix Maven Index Downloads are DisabledFix

Detailed Steps

  1. Select the menu item Window->Preferences
  2. Select Maven on the left hand side
  3. Place a tick in the Download repository index updates on startup
  4. Select OK
  5. Select the menu item File->Restart
Facebooktwittergoogle_plusredditmail

Darcula for NetBeans IDE

Someone has released a Darcula theme for NetBeans.

Netbeans with the Darcula Theme

Netbeans with the Darcula Theme

I don’t use NetBeans myself, but its one of the IDE’s that I’ve been wanting to take a look at in the future as I’m booked on a Java training course that will use it. When I do get to use it, I’ll be using this theme. Darcula much less stressing on the eye when you are coding all day.

Facebooktwittergoogle_plusredditmail

Next course up is…

Java Programming: Arrays, Lists, and Structured Data from Duke University on Coursera.  I expect to fly through this course.

Along side this I’ve started studying for the OCA Java SE 7 and 8 Programmer exams.  I’m using a combination of the official study guides and Enthuware‘s excellent exam simulators.  I’m hoping to sit the two in the same month.

Facebooktwittergoogle_plusredditmail

Java Programming: Solving Problems with Software

I’ve passed another Java course on Coursera today.  This course was   Java Programming: Solving Problems with Software.  Overall the course was good.

Java Programming: Solving Problems with Software

Java Programming: Solving Problems with Software

One think I didn’t like was the the way the course was run with an expectation that the student would use BlueJ.  While there is a need for IDE’s like BlueJ the course content was at a level that the student should really be using a real IDE such as Eclipse or IntelliJ IDEA.

You can complete the course using Eclipse with no issues though,  just add the apache-csv.jar and courserajava.jar file to your project build path libraries:

Adding Libraries

Then import the packages at the start of your code:

import edu.duke.*;

You can grab the code in an Eclipse project from my GitHub page.

Facebooktwittergoogle_plusredditmail

C#

I’ve worked through Microsoft’s DEV204x Programming in C#  course.   I have to say, its a very good course.  Probably the highest quality course that I’ve sat through on Coursera or EdX.  Equal to any course Microsoft would give at official training centres.

My only complaint is that the labs are peer reviewed.  I think the testing should be automated, sure add a peer review component to include in the overall grade if needed, but automated testing should be what decides if your code is right or wrong.

I’m happy to say that I passed with a high mark.

DEV204x

I’ll be finishing off the Bootstrap course next (the Bootstrap course is nowhere near as high quality as the C# course!) then possibly look at the XAML course Microsoft has on EdX.

 

 

Facebooktwittergoogle_plusredditmail

Java

I’ve had a bit of a poor history with Java.

I first tried programming in Java back when Borland JBuilder 3 was on the cover of nearly every PC magazine, this must have been around 2000.  I thought I’d like the IDE as Borland Delphi was so good, but I couldn’t get on with JBuilder at all.  I suppose one of the real problems was that I didn’t really understand OOP back then.  It was only when I started writing software for BeOS (now Haiku OS) in C++ that I really got to grips with OOP.

EdX had a Java course starting around about the time I’d finished the Scratch course so I enrolled and I’m glad to say that I’ve passed!

Certificate

The course itself was really good.  It covered all the basics right up to object oriented programming using interfaces and abstract classes.  The programming assignments were challenging and enjoyable at the same time.

I’m really looking forward to Part 2, which has been announced but there isn’t a start date yet.  In the mean time I’m working through some C# and Bootstrap courses Microsoft have on EdX.

Facebooktwittergoogle_plusredditmail