Transfer Encoding and Content Length

Chunked transfer encoding is a data transfer mechanism which enables the response from the server will be sent as a series of chunks to the client. The servlet container will decide whether to use Content Length or Chunked based on the response content size. If the response content size is  more than the actual buffer size, then it will use Chunked Encoding otherwise it will calculate the content length and add it in the response header. Usually if the response content is large data, then it will use Chunked transfer encoding and you would not see the content-length header

Advertisements

TCP dump and Wireshark

TCPDump is a tool for network monitoring and data acquisition. It can be used for debugging network/server related problems. Tcpdump prints out a description of the contents of packets on a network interface that match the Boolean expression and move the contents to a file as well. We can also listen on a particular port number to monitor the data flow

Run the below command to install TCPDump in Ubuntu
sudo apt-get install tcpdump

Assume that you want to capture the traffic coming from and to port number 80 run the below command to take the Dump
sudo tcpdump -i any -w dump-file.pcap port 80

You should exit by entering Ctrl + C, otherwise it will be running continuously
The above command listens for the incoming and outgoing connections and capture it and move the data to dump-file.pcap file.

Once you have the file, then you can use Wireshark to view the data

Run the below command to install Wireshark in Ubuntu
sudo apt-get install wireshark

Then view the output by running the below command
wireshark dump-file.pcap

It will open up the Wireshark UI where you can view all the traffic. Just right click on any one the link and give “Follow TCP stream” and you can view all the streaming content.

Productivity Technique

While reading through the post in Quora, I found the below technique and its very useful for everyone to improve the productivity at the work place. We can also combine this technique with the podomoro technique to get the maximum result

The steps are given below,

1. Take a paper and draw rectangles which represents 25 minutes block as much as you want
2. Write down what do you want to achieve in that rectangle. Prioritize the tasks accordingly
3. Tick them once it is completed.

How to follow this,

1. Take the first rectangle and take the set of tasks one by one
2. Then Run the timer and work on those tasks and have a mind set to finish those task within 25 mins.
3. Once the time is over, then tick all the tasks that are completed and move the unfinished tasks to the next rectangle
4. Take a break for 5 or 10 mins
5. Continue to work on [Steps 2 to 5] until you finish all the tasks

PingAccess vs Ping Federate

PingAccess is a policy server so it handles the authorization requests in which we can implement all kinds of business logic to validate and authorize the requests

Ping Federate is a federated server so it knows how to authenticate the user and provides an access to a particular resource.

PingAccess provides a way to manage our web application and API in a secure manner. It can be used along with Ping Federate, otherwise we have to implement our own logic to implement the authentication and authorization logic. You can refer the diagram available in this link https://www.pingidentity.com/en/products/pingaccess.html

We have three protocols under the Identity management category.

SAML – Security Assertion Markup Language
OpenID
OAuth (Open Authorization)

SAML facilitates both authentication and authorization and OpenID is used mainly for Authentication and OAuth is for Authorization alone.

So PingAccess internally uses OpenID for authentication and also leverage Ping
Federate Server which internally uses OAuth or SAML for authentication

I have used CA SAML siteminder federation and also PingAccess in the past. I assume this using PingAccess is somewhat easy compared to Siteminder

Please feel free to add your comments if i misstated anything.

Excel – PingAccess hyerlink redirect issue

I hope that most of you got an error If you embedded an authentication enabled hyperlink in excel file(https://support.microsoft.com/en-us/kb/218153)

I have also got the same issue in my Rest application. My rest application generates a report in excel format which contains a hyperlink to view other information which is dynamically updated multiple times in a day and it’s an another Rest service. So the user has to click on that link to view more content. the user has to authenticate himself before proceeding. We use Ping Access to authenticate the user. So once the user clicks on that link, the user will be shown with a login page and upon entering the valid login credentials, he/she will be landed on the more information service.

The flow will be like.
Excel == > Login Page == > Target Service

As we know that the excel does not follow the browser redirect hence it’s not allowing me to open the target page

We have followed the below approach to resolving this issue. I hope that this will also help others.

1. I have created a redirect Rest service which will take the service URI information. If you look carefully you can come to know that the below service takes the serviceUri and replace that URL in the REDIRECT_CONTENT string and return that whole HTML to the browser.

For example


import javax.ws.rs.GET;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.Response;

@Path("redirect")
public class RedirectService {

        private static final String REDIRECT_CONTENT = "<html><head> <title>%s</title> <meta http-equiv=\"refresh\" content=\"0;URL='%s'\" /></head> <body> <p>Redirecting</p></body></html>";

        @GET
        @Produces("text/html")
        public Response redirect(@QueryParam("serviceUri") String serviceUri) {
            return Response.status(200).entity(String.format(REDIRECT_CONTENT, serviceUri)).build();
        }
}


2. The next step is to embed the redirect service URL in the excel report instead of the actual target service URL and make sure that you pass the actual service URL as a query parameter. Assume that the hyperlink will be like below,
http://localhost:8080/service/redirect?serviceUri=/service/content/1234234

Assume that 1234234 is a unique id, in this case, it a content id

3. Make some changes in Ping access to disable the authentication for this service(/service/redirect)

That’s it. We are done. So when the user clicks on the link from the excel, it will just open up a browser window and don’t show anything but on the back end, the META refresh will work and will redirect the user to /service/content/1234234 as this service is authentication enabled, so it just shows up the login page and upon entering the login credentials it will take you to the target page

Go – Simple web application on Docker

A simple web application running on 8080 and prints “Hello” and the name you pass

1. Create a hello.go file and copy the below code
hello.go:


package main

import (
    "fmt"
    "net/http"
)

func helloHandler(w http.ResponseWriter, r *http.Request) {
    fmt.Fprintf(w, "Hello %s", r.URL.Path[1:])    
    
}

func queryHandler(w http.ResponseWriter, r *http.Request) {
    name := r.URL.Query().Get("name")
    if name == "" {
        fmt.Fprintf(w, "Hello")
    }else{
       fmt.Fprintf(w, "Hello %s", name)
   }
}

func main() {
    http.HandleFunc("/", helloHandler)
    http.HandleFunc("/query", queryHandler)
    http.ListenAndServe(":8080", nil)
}


2. Then create a Dockerfile and copy the below code
Dockerfile:


   FROM golang:1.6-onbuild
   EXPOSE 8080

3. Then type “docker build -t hello-go-lang . ” to build the images
4. Finally run by typing “docker run -p 8080:8080 hello-go-lang”

Then in the browser type the below urls and check the output
http://localhost:8080/ – Hello
http://localhost:8080/test – Hello test
http://localhost:8080/query?name=test – Hello test

DockerFile for Apache2


FROM ubuntu:16.04

RUN apt-get update && apt-get install -y apache2 && rm -rf /var/www/html/*

ENV APACHE_RUN_USER www-data && APACHE_RUN_GROUP www-data && APACHE_LOG_DIR 
/var/log/apache2

EXPOSE 80

CMD ["/usr/sbin/apachectl", "-D", "FOREGROUND"]