Author Archive
Java, Axis2, Eclipse, Fiddler and SSL
Sometime in a project you end-up using a constellation of applications not many peoples are using at the same time. This is my case in the project I am actually working on. My project is a Java client that consumes a SOAP web service (CISCO AXL) through the Axis2 toolkit. I am developing in the Eclipse (Juno) Java IDE. The service is hosted on a server that can only be accessed using an SSL (https) connection. To add to the challenge, for most of our customers, the server certificate is issued by a non trusted CA.
When you say SOAP web service, you think Fiddler. It is almost impossible to get it done without seeing what is sent and received over the wire. This is where the fun begins. Having all these pieces working together took me several hours to figure out so, here is the solution I came with, hoping this will help someone crying in the dark out there.
WARNING: This is serious stuff. We are playing with certificate authorities and screwing up the chain of trust. DON’T DO THIS ON A PRODUCTION COMPUTER. This is intended for development environment only.
Ok … the disclaimer stuff being done, the first step is to make it work with your browser. You want to get rid of the warning messages blocking you from accessing the web service port because of the bad server certificate. To do this, you must add the server certificate CA to your Trusted Root Certificate Authorities. When you hit the web page, the browser allows you to view ans save the server certificate. Save it in the .cer format and start your Certificate Manager. In Windows this is an mmc plugin. From there you can import the CA certificate to your computer Trusted Rood Certificate Authorities store. You should now be able to navigate to the web service port using your browser. This allows you to access the service WSDL and generate your proxy using WSDL2Java.
Your next problem will show up when running your app using that brand new proxy. Even if the server certificate is now trusted by your computer, the Java JRE have it’s own trusted certificates key store and will block access to this server. You will have to add this server certificate to the JRE certificate store by following these instructions …
- Go to the JRE’s security folder at $JAVA_HOME/jre/lib/security
- To list the trusted certificates issue following command: keytool -list -keystore cacerts
- To add a certificate in this list: keytool -import -keystore cacerts -file C:\certnew.cer
- Enter “Y” to confirm …
- The default password for cacerts is changeit
At this point you should be able to run your Java client using the proxy code generated by the Axis2/WSDL2Java generator.
Ok … that was fairly common stuff. Now, let’s say you want to see what your application is sending to the server over the wire. This is not that easy since everything is encrypted when using an SSL connection (https). I used Fiddler to do the work. Out of the box, Fiddler will catch most of the traffic coming from and to your browsers. To display the content of the messages sent and received by your Java app while debugging in Eclipse, you will need to make a few more tweaks to your project environment.
Fiddler acts as a web proxy so the idea is to configure Fiddler as your proxy when debugging stuff in Eclipse. This is done by adding the following VM arguments to your debug configuration:
-Dhttp.proxyHost=127.0.0.1
-Dhttp.proxyPort=8888
-Dhttps.proxyHost=127.0.0.1
-Dhttps.proxyPort=8888
These arguments will forward all the standard and SSL http traffic to the Fiddler proxy, Fiddler proxy default port is 8888. You can change in the program options.
Once the traffic is forwarded to the Fiddler proxy, you need a way to see what’s in the message. You can do this by activating the “Decrypt HTTPS traffic” option in the “Tools->Fiddler Options->HTTPS” configuration page. This action will generate a dummy certificate and add it to your trusted root CA. Remember not to do this on a production computer!
In some cases, this will be enough to see the content of the https messages but, in our case, there is one more step to do. Remember the Java trusted CAs store? That’s it, you have to export the new Fiddler certificate and install it in the JRE certificate store.
You can find the Fiddler certificate in your computer certificate store under the name “DO_NOT_TRUST_FiddlerRoot”. Save the certificate in a .cer file and import it to the Java certificate store by following the same instructions as for the server certificate. One last thing. The Fiddler certificate default alias is “mykey” which already exist in the Java certificate store. Use the -alias option of the keytool app to change to a unique name: keytool -import -keystore cacerts -alias myalias123 -file C:\fiddlercert.cer.
You are done. You should now be able to debug your Java/Axis2 client in Eclipse and see, in Fiddler, the content of the SOAP messages sent and received from the server.
No Comments »
Open APOD v1.0 Release
I published my first Android application, “Open APOD”, on the Google Play Store. I have developed this application to learn Android programming. You can get all the sources on my github or download it from Google Play. The application is Open Source and free of all charges. Get it, comment it, rate it …
Astronomy Picture Of the Day on your Android
I spent the last week or so learning Android programming. I find it important, in the learning of a new programming tool, to write something with clear specifications. This forces you to work on the best solution instead of using easy to code work-arounds.
The specifications are:
- The application should allow the user to read the Astrophotography Picture Of the Day published by NASA at http://apod.nasa.gov/apod on it’s Android device
- The application needs to be compatible with Android 1.5 (SDK #3)
- The user should be able to access the APOD for any date since june 16th 1995
- The user should be able to directly access the APOD of the current day
- The user should be able to navigate to the previous and next APODs
- The user should be able to navigate to the previous and next APODs with fling gestures
- The user should be able to view the picture in full size by clicking the preview picture
- The user should be redirected to the APOD website when clicking on the full size picture
These were the initial requirements … I will add some more stuff in the upcoming days:
- Change the full size picture activity from a WebView to an ImageView. This will allow the implementation of the OnClickListener callback and the re-use of the image bitmap in memory.
- Caching of the APODs on the SD card. This will save bandwidth, an important issue when using mobile networks.
- Adding a splash screen while loading the first APOD. Since loading the images can take a while on mobile networks, a splash screen with a spinner would look more professional.
The actual version of the project is published on my Github at the following address:
https://github.com/pchretien/APOD Feel free to fork, copying is not stealing!
Android Mini PC
Last month I read an article on ArsTechnica about a small Android PC at 74$ and decided to give it a try. I received it yesterday and I am very impressed by the device. The small computer ships with a transformer, a mini-2-standard USB adapter, an HDMI cable and a mini-2-standard USB cable. You can connect the computer into any TV or monitor with an HDMI input port. I plugged mine into an old TV I had in my junk and connected a wireless keyboard and mouse into it.
The device is built on top of a 1.5GHz ARM processor with 1Gb of flash storage and a built-in 802.11 wireless adapter. You can extend the storage with a microSD memory card. It comes pre-installed with Android 4.0 and a couple of standard Android applications like Youtube, GMail and, of course, a web browser.
Once connected to my home WiFi network I started playing around with the device. All the user interfaces are the same as a standard Android 4.0 phone or tablet. The web browser is the default Android browser. I configured my GMail, Facebook, Twitter and Hotmail accounts with no problems. For some reason I have not been able to connect to my YouTube account. I’ll give it an other try later.
I then went to the Google Play store to download more apps. It seems that the store recognize the Android Mini PC s a tablet PC so not all phone applications are available for download. I started by downloading the TED and Netflix applications so I can convert my old TV into a modern “intelligent” TV. Both applications worked like a charm. Since “intelligent” TVs are usually sold an extra 700$, at 74$ the device was already paying for itself.
In conclusion, if you want to add web capabilities to your actual TV, the Android Mini PC combined to a wireless keyboard and mouse is a good candidate! You want one? You can now find it under 70$ on AliExpress by searching for “Android Mini PC” with the Free Shipping option selected.
2012 Venus Transit
We had a perfect weather all day long and 15 minutes before the transit started, dark clouds rolled in and ruined the show! I got these two shots before the sun completely disappeared behind the clouds …
I also uploaded some pictures of my camera and binoculars with the solar filters. I built the binoculars filters using old plastic bags and BAADER solar filter sheets. Adding a plastic rim to the filters helps fixing it to the binoculars or camera.
My camera rig if composed of an old and cheap 60mm refraction scope and my trusty Canon 20Da. I used a standard T-Ring to connect both together.
We made it a family event … good thing we had a soccer ball with us!
1 Comment »
2012 Venus Transit
A quick reminder … Don’t miss the last Venus Transit until 2117! It starts today (june 5th) at 22:09UTC. Venus will be visible against the solar disk for about 6 hours. The transit ends at 04:49UTC.
More of my pictures of the 2004 Venus transit on my astrophoto website at astrophoto.ca.
2004 Venus Transit
1 Comment »
This is not a bike …
I can hear you thinking “Oh, Phil bought a new Fixie!” … whell, you’r kind of right but, if you look closer, what you’ll see is a development platform for electronic gadgets and 3D printed devices! :)
Quiz Buzzer System
Last Christmas I built a Quiz Buzzer System for my mother. She is a big fan of television quizzes and love to organize some with her friends and family. The particularity of this project is that you can choose your team buzzer sound from a list of more than 30 digital sounds.
The system is composed of a main console, 8 buttons, a power supply and a set of telephone cables. The core of the console, built in a plastic project box, is made of an Arduino Duemilanueve micro-controller coupled with an Adafruit wave shield. The 8 buttons are made out of small project boxes and arcade buttons, again from Adafruit. The buttons are connected to the main console using telephone jack and cables.
For this project I am using all the IO available on a standard Arduino board. I even have to use the pins #0 and #1 to achieve my goal. To drive the buttons LEDs I am using a 74HC595 shift register chip. To drive the control panel LEDs without using additional IO pins I am using two 74LS32 OR gate chips. Finally, to drive the cluster of LEDs I am using a L293 driver chip.
To change your team buzzer sound you maintain the main console button pressed and push any button of the team who wants to change it’s buzzer sound. Every tie you push the team button, the next sound in the list is played. When you find the perfect sound for your team you release the main console button and voilà …
You can find the Arduino source code on my Github at https://github.com/pchretien/quiz.
Next I will …
- Publish the schematics on github
- Post more details about the code (wave shield, 74hc595, …)
- Make a short video to demonstrate how the machine works
16 Comments »
First custom PCB
This is my first working printed circuit board. I used the toner transfer method to draw the traces on the copper board. The purpose of this circuit board is to drive a stepper motor. This is a proof of concept for the final board version that will complete my equatorial mount project. The equatorial mount will be my first project in my new “Projects” section. I will begin with the conception and the making of this board.
Arduino Stepper Motor Controller PCB
I have designed the PCB using Fritzing, an open source circuit designer. You can find the project and the PDF of the circuit on my github. More details to come in the Projects section … hopefully in a few days.
PCP Details
I had a bit of troubles soldering the power connector because I drilled the holes too large. I’ll have to renew my stocks of small drill bits … I broke two 1/32″ bits while doing this board!
No Comments »
Keypad & LCD Display
While I was still trying to figure out what to do these 10 keypads, I received an LCD Display I ordered on eBay. It’s friday, I have no better idea than plug them both on an Arduino and code something.
Keypad & LCD Display
I started from the circuit of the Keypad article and moved the wires connected to pins 7 & 8 to analog pins 0 & 1. There is no good reason to that shift except that it makes it easier to have the LCD wires all connected to the same side of the Arduino.
I will not go in details with the wiring since Limor Fried, founder of Adafruit Industries published an excellent demo on how to connect the display to an Arduino. This will require an additional 6 pins on your Arduino. I used the same pins as in the Lady Ada demo, 7, 8, 9, 10, 11 and 12.
Now let’s jump into the code. This is a very simple demo and you will not find anything mind blowing. The hard part has been coded for you in the LiquidCrystal library, included with the Arduino IDE.
Thanks for reading …
#include <Keypad.h>
#include <LiquidCrystal.h>
#include <Wire.h>
#define REDLITE 3
#define GREENLITE 5
#define BLUELITE 6
#define TITLE "KeyPad & LCD __"
#define READY "Ready ... "
#define EMPTY " "
// initialize the library with the numbers of the interface pins
LiquidCrystal lcd(7, 8, 9, 10, 11, 12);
// you can change the overall brightness by range 0 -> 255
int brightness = 255;
const byte ROWS = 4; //four rows
const byte COLS = 3; //three columns
char keys[ROWS][COLS] = {
{'1','2','3'},
{'4','5','6'},
{'7','8','9'},
{'*','0','#'}
};
//connect to the row pinouts of the keypad
byte rowPins[ROWS] = {2, 3, 4, 5};
//connect to the column pinouts of the keypad
byte colPins[COLS] = {6, 14, 15};
Keypad keypad = Keypad( makeKeymap(keys), rowPins, colPins, ROWS, COLS );
void setup()
{
// set up the LCD's number of rows and columns:
lcd.begin(16, 2);
// Print a message to the LCD.
lcd.print(TITLE);
lcd.setCursor(0,1);
lcd.print(READY);
brightness = 100;
Serial.begin(9600);
}
int index = 1;
char digits[2] = {' ',' '};
void loop(){
char key = keypad.getKey();
if (key != NO_KEY)
{
index = !index;
if(key == '*')
{
index = 1;
digits[0] = ' ';
digits[1] = ' ';
lcd.setCursor(0,0);
lcd.print(TITLE);
lcd.setCursor(0,1);
lcd.print(READY);
}
else if(key == '#')
{
// Animation
for(int i=0; i<15;i++)
{
lcd.setCursor(0,1);
lcd.print(EMPTY);
lcd.setCursor(i,1);
lcd.print(digits);
delay(100);
}
lcd.setCursor(0,1);
lcd.print(EMPTY);
lcd.setCursor(14,0);
lcd.print(digits);
index = 1;
digits[0] = ' ';
digits[1] = ' ';
lcd.setCursor(0,1);
lcd.print(READY);
}
else
{
digits[index] = key;
lcd.setCursor(0,1);
lcd.print(digits);
lcd.print(EMPTY);
}
Serial.println(key);
}
}
3 Comments »
