[SVN] HowTo: Configure SVN+SSH with Subclipse on Windows

HowTo: Configure SVN+SSH with Subclipse on Windows

Problem:

Use ssh tunnelling to access a Subversion repository using SSH tunneling (i.e. with a subversion repository url of svn+ssh://myservername/myrepo) using the Subclipse subversion integration with Eclipse. I tried various things and used each of the three interfaces for configuring Subclipse (Window, Preferences..., Team, SVN).
When I used JavaHL (JNI) I got the following error, "svn: Can't create tunnel: The system cannot find the file specified." SVN Command Line gave me a similar error. Finally the JavaSVN interface (1.0) just did not want to authenticate with my server at all. Did various searches on Google and couldn't find an answer that worked, just lots of people with a similar problem. Anyway, the following works for me...
Solution:
You need to create an environment variable called "SVN_SSH" that points to an executable file that accepts the same command line arguments as ssh on unix. I did this by doing the following:-

1. Set up ssh keys. Not going to cover that here as you can easily Google for that. You need to end up with your public key on the SVN server and your private key loaded into Paegent locally.


2. Download and installed the excellent TortoiseSVN client for Windows.


3. Set the following environment variable (by right-clicking on My Computer, Properties, Advanced, Environment Variables, New):-
   Variable name: SVN_SSH
   Variable value: C:\\Program Files\\TortoiseSVN\\bin\\TortoisePlink.exe
   (The "\\" is very important, otherwise it won't work. Equally, you cannot use the plink.exe that comes with putty as that fires up a command shell window which is really annoying. The TortoisePlink.exe is a windows implementation of plink that doesn't bring up any UI)


4. Configure the Subclipse plugin to use JavaHL (JNI)


5. Restart Eclipse


6. Do a little victory jig (optional)

[mysql] 如何找到MySQL 5.7的root密碼

Centos/Red Hat - RPM安裝, 在安裝過程中不顯示密碼,它是在錯誤日誌 /var/log/mysqld.log

例如:

2016-07-07T15:13:08.220153Z 1 [Note] A temporary password is generated for root@localhost: ljeUBr3s,dT;

[Java] XSS – Java Secure Coding Using Security Encoding Library

Using Security Encoding Library

1. Download ESAPI.jar from the ESAPI Project page, and add it to library of the project.
2. Import the package in jsp page: <%@ page language=”java” import=”org.owasp.esapi.*” %>
3. Add code according to the different cases:

Case #1

HTML escape before inserting untrusted data into HTML element content.

1 2 3 4

<% String safe = ESAPI.encoder().encodeForHTML( request.getParameter( "input" ) ); %> <%= safe %>

Case #2

Attribute escape before inserting untrusted data into HTML common attributes.

1 2 3 4

<% String safe = ESAPI.encoder().encodeForHTMLAttribute( request.getParameter( "input" ) ); %> '<%= safe %>'>

Case #3

JavaScript escape before inserting untrusted data into JavaScript data values.

1 2 3 4 5

<% String safe = ESAPI.encoder().encodeForJavaScript( request.getParameter( "input" ) ); %> '<%= safe %>')”>

Case #4
URL escape before inserting untrusted data into HTML URL parameter values.

1 2 3 4

<% String safe = ESAPI.encoder().encodeForURL( request.getParameter( "input" ) ); %> 'http://www.victim-site.com?test=<%= safe %>'>link

References 
http://owasp-esapi-java.googlecode.com/svn/trunk_doc/latest/org/owasp/es…
http://code.google.com/p/owasp-esapi-java/downloads/list

[Java] 淺談 PO BO VO Entity DTO POJO DAO

PO(Persistant Object)
一個 PO 即資料庫裡的一筆記錄。
好處是可以把一筆記錄當作一個物件處理，可以方便的轉換成其他物件。

BO(Business Object)
主要作用是把業務邏輯封裝為一個物件。這個物件可以包括一個或多個其他的物件。
比如一個簡歷，有教育經歷、工作經歷等等
我們可以把教育經歷對應一個PO，工作經歷對應一個PO。
建立一個對應簡歷的BO物件處理簡歷，每個BO包含這些PO。
這樣處理業務邏輯時，我們就可以針對BO去處理。 

VO(Value Object)
ViewObject表現層物件
主要對應介面顯示的資料物件。對於一個WEB頁面，或者SWT、SWING的一個介面，用一個VO物件對應整個介面的值。

Entity 與 VO：
Entity 帶有 Identity，VO 沒有帶 Identity，也就是說 Entity 只有異動了 Identity 才算是不同物件，但 VO 只要有屬性被變更了，就視為是不同物件

DTO(Data Transfer Object)
主要用於遠端調用等需要大量傳輸物件的地方。
比如我們一張表有100個欄位，那麼對應的PO就有100個屬性。
但是我們介面上只要顯示10個欄位，用戶端用WEB service來獲取資料，不需要將整個PO物件傳遞到用戶端，
此時即可以用只有10個屬性的DTO來傳遞結果到用戶端，如此亦不會暴露服務端表結構。到達用戶端以後，如果用這個物件來對應介面顯示，那此時它的身份就轉為VO

POJO(Plain Old Java Object or Plain Ordinary Java Object)
只有屬性及getter、setter 的 Java Object
一個POJO持久化以後就是PO
直接用它傳遞、傳遞過程中就是DTO
直接用來對應表示層就是VO

DAO(Data Access Object)
主要用來封裝對資料庫的訪問。通過它可以把POJO持久化為PO，用PO組裝出來VO、DTO

出自來源:

http://blog.db.idv.tw/2010/12/java-po-bo-vo-entity-dto-pojo-dao.html

[Java] Parse JavaScript with jsoup

In a HTML page, i want to pick the value of a javascript variable. Below is the snippet of HTML page.

<input id="hidval" value="" type="hidden"> 
<form method="post" style="padding: 0px;margin: 0px;" name="profile" autocomplete="off">
<input name="pqRjnA" id="pqRjnA" value="" type="hidden">
<script type="text/javascript">
    key="pqRjnA";
</script>

Use Jsoup + manual parsing


Here's an example how to get the key with jsoupand some "manual" code:
Document doc = ...
Element script = doc.select("script").first(); // Get the script part


Pattern p = Pattern.compile("(?is)key=\"(.+?)\""); // Regex for the value of the key
Matcher m = p.matcher(script.html()); // you have to use html here and NOT text! Text will drop the 'key' part


while( m.find() )
{
    System.out.println(m.group()); // the whole key ('key = value')
    System.out.println(m.group(1)); // value only
}

Output (using your html part):
key="pqRjnA"
pqRjnA