Monday, October 29, 2007

Sahi Web Application Testing Tool

An interesting testing tool for web application is Sahi . Key feature is that it is very simple, and is entirely JavaScript and Java driven. A proxy injects JavaScript in your pages, allowing you to replay recorded scripts.

Only limitation so far is that it seems to conflict with Dojo; there are precious few bits of input on why that might be and what workarounds might be available. I guess we'll have to figure this one out ourselves.

Wednesday, October 24, 2007

Ant tasks for SSH/SCP/SFTP

The documented way to copy files securely using SCP or SFTP is to use the scp task added in Ant 1.6. This task requires a library (jsch), which appears to work fine with SCP, but seems to mangle Windows file names under FTP (backslashes get removed).

I have since stumbled on another library called Maverick Ant, which is free but obfuscated. Maverick is said to be faster, have not tried it yet. See the Maverick Ant page

I use these files with freesshd as a task running on Windows computer for home use (we use Bitvise winsshd at work)

Tuesday, June 5, 2007

VMWare: slow .host Shared Folders

For slow shared folders in VMWare, see the following article that explains how to make sure that the shared folder file system is processed before LAN Manager.

Thursday, May 31, 2007

Resetting VMWare date

Should you need to have VMWare always start at a given date (useful for regression testing of date-related problems), you should have a look at the following article by Chris Wolf.

In short, the .vmx file settings are

tools.syncTime = "FALSE"
time.synchronize.continue = "FALSE"
time.synchronize.restore = "FALSE"
time.synchronize.resume.disk = "FALSE"
time.synchronize.shrink = "FALSE"

The time itself is set using

rtc.startTime = 1167773040

The value can be computed using a timestamp calculator

CVSNT: combining Windows domain authentication and password authentication.

A client wished to have his employees authenticate to CVSNT using its domain server, using sspi. This works out of the box. But we also needed to allow occasional consultants, logging in over a tunnel, to get access without joining the domain.

After much perusing, the solution turned out to be quite simple. You want your passwd files entries to look like this


where MYLOCALMACHINE is the name of the server where CVS is running.
realcvsuser is a local account on MYLOCALMACHINE. You can use Windows ACL to control what realcvsuser sees and doesn't see.

This works as follows:
1. if the user is not in the passwd file, sspi authentication takes place
2. if the user is in the passwd file, as "consultant" is in our example, then the passwd is matched against the crypted version, and the redirection is to the local user "realcvsuser".

cvs passwd -a -r "MYLOCALMACHINE\realcvsuser" consultant

is the command line required to do the deed.

Wednesday, April 18, 2007

OpenOffice as service while allowing editing

In order to run OpenOffice as a service, it must be listening on port 8100. It is straightforward to run open office as a service using srvany from Microsoft. But when doing development, this is inconvenient, as OpenOffice runs in invisible mode, and it is therefore impossible to edit documents interactively.

One way around this is to edit the Setup.xcu file (easiest way to find it is to search in the OpenOffice install directory, as the typical location is C:\Program Files\ 2.1\share\registry\data\org\openoffice), and modify it as follows:

<node name="Office">
<prop oor:name="ooSetupConnectionURL" oor:type="xs:string">

Once that is done, locate the quickstart.exe program in your openoffice installation. Drag that to your Startup folder. VoilĂ , you have an OpenOffice running in the backgroung, AND you can edit your files.

So you can keep the true service installation for your production servers.

Wednesday, April 11, 2007

Reverse tunnelling using SSH under Windows

I needed to create a secure tunnel to remotely administer a system located behind a firewall. Simplest solution I found was to use Bitvise Tunnelier S2C (server-to-client) mapping feature, which works nicely together with the Bitvise Winsshd server.

The idea is for the remote machine to open a tunnel to the server. Depending on the context, this can be done manually by a person with access to the machine, or Tunnelier can be configured to run as a service, using Microsoft's srvany so that things fire up at boot time.

By mapping port 3389 (remote desktop) to a port on the server (say 5555) using the S2C mapping, remote administration becomes easy. As soon as the client connects, the server opens port 5555. Using remote desktop to connect to 5555 (by giving localhost:5555 as the address on the server) opens a connection to the remote desktop at the other end of the tunnel.

Bitvise Winsshd is hard to beat, for the price, and much much simpler to administer than the Cygwin versions. For home use, freesshd is ok, but lacks the features like automatic S2C that make Winsshd stand out.

https not working for dynamically-generated files

We generate Excel and other Microsoft Office files on the fly using Java Servlets and JSPs. After moving a site to https things stopped working. Excel complained it could not open the file. Looking at headers returned showed no clear difference between http and https. Things worked just fine in Firefox.

As it turned out, the answer lies in the directives to turn off caching. Ever since Internet Explorer 4.0, there is a flaw in the way caching is handled under https. The answer is to modify the code to set the following headers (setHeader() in the servlet API).

Pragma: public
Cache-Control: max-age=0

For more details, see

Monday, April 9, 2007

Silent Install for 2.x

After much searching, I found the following method for installing as part of a bigger install:
  1. unpack the installation files by starting the standard installer and hitting cancel once the files are unpacked
  2. cd to the directory where the files were unpacked
  3. run
    msiexec /i openoffice2.2.msi /qb INSTALLLOCATION=pathWhereYouWantToInstall
It appears that INSTALLOCATION is used instead of the standard TARGETDIR or fairly common INSTALLDIR.

Note that this will not suffice if your intent is to run OpenOffice as a document processing server. You will need to override the Setup.xcu file as explained here.

Sunday, April 8, 2007

Here we go!

I intend to use this blog as a chronicle of useful information I find while running a software company.