Using Mozilla's Certificate Authority List for Java SSL

java Every so often you run into an issue where you need to import a certificate signing authority's certificate into Java's cacerts certificate authority file. Oracle does a update the cacerts file every so often, but they never seam to be as up to date as a browser like FireFox.


This entry was:

Getting Size of Heap and Non Heap Memory in CFML

coldfusion java I was helping out a member of my CFUG with some questions about the JVM, and I wanted to point him to a way to see how big his PermGen is at runtime.


This entry was:

Upgrading to Java 7 on Linux

java Today I upgraded Java from 1.6 to 1.7 on a CentOS (RHEL) 6 Linux server, and ran into a small issue. Typically when I install java on linux I use the RPM packages, this allows you to run multiple versions of Java incase you need to roll back to a prior version.


This entry was:

Adobe Says Go Ahead and Upgrade your ColdFusion JVM

coldfusion java This probably flew under the radar to many but Adobe has recently updated one of their support docs on upgrading JVM in ColdFusion, they now clearly state that you can upgrade to the latest minor release of a supported jvm version in ColdFusion:


This entry was:

Enabling Unlimited Strength Cryptography in ColdFusion

coldfusion java If you want to use very strong encryption in ColdFusion you may need to install the Unlimited Strength Jurisdiction Policy Files in the JVM running ColdFusion.


This entry was:

HashDOS and ColdFusion

coldfusion java Earlier this week at the 28C3 security conference in Berlin researchers presented on a denial of service (DOS) technique that several web application platforms (PHP, ASP.NET, Node.js, Tomcat, Java's HashMap/Hashtable etc) are vulnerable to, known as hashdos.


This entry was:

Java 1.6.0_24 Released Patches DOS Vulnerability

java As mentioned last week, a pretty serious Denial Of Service vulnerability in the Java Virtual Machine was disclosed. It is important that you look into resolving this issue if you run any java based server side applications (including ColdFusion).

Yesterday Oracle released Java 1.6.


This entry was:

Important Java Security Patch Released

coldfusion java Oracle has just released a patch for a critical denial of service vulnerability (CVE-2010-4476) in the Java Runtime.

I have confirmed that this is easily exploited on a ColdFusion server running an unpatched JVM. It's very very probable that you have code that could be exploited.


This entry was:

What's New in Java 7?

java Last week JDK 7 reached its Feature Complete milestone, and Oracle is confident they will ship the General Availability release in the summer of 2011. So what's new in Java 7?

JSR 203: More New I/O APIs (Asynchronous I/O) for the Java Platform ("NIO.


This entry was:

Using AntiSamy with ColdFusion

coldfusion How do you protect your code from Cross Site Scripting (XSS) when your business requirements state that the user must be able to input HTML? This can be a difficult problem to solve and XSS is very difficult to filter against because there are hundreds of attack vectors.


This entry was:

OutOfMemoryError - GC overhead limit exceeded

java Someone asked me recently about the following exception on their ColdFusion server:



java.lang.


This entry was:

What Version of Java is ColdFusion Using?

coldfusion java Here's a one liner CFML script to show what version of Java your ColdFusion server is running:

<cfoutput>#CreateObject("java", "java.lang.System").getProperty("java.


This entry was:

CFCatch Java Exceptions

coldfusion java Did you know that you can catch java exceptions by class name with cfcatch? It's not documented on the cfcatch tag documentation (as of CF8), but it works... Here's an example:

<cftry>

  <cfset list = CreateObject("java", "java.util.


This entry was:

CFML on Google App Engine for Java

coldfusion java Yesterday I gained access to the Google App Engine for Java, early release program, and as any CFML developer would do, I tried getting a CFML server (both Railo and OpenBD) to run on it. I posted some of my experiences on twitter, unfortunately I was unsuccessful.


This entry was:

Web Services Problems with ColdFusion 8 on a Mac

apple coldfusion java I just got a brand new Mac Pro yesterday - I spent most of yesterday installing stuff, but today I was trying to get a little work done... I ran into a problem when trying to invoke web services on CF8 - it threw the following error:

coldfusion.jsp.


This entry was:

Serializing CFC's in ColdFusion 8

coldfusion java One of the handy new features in ColdFusion 8 is that CFC's are now serializable. There isn't a whole lot of information about this new feature in the docs, but I did some playing around and it does appear that they have used Java's serialization API. This means that you can use java's java.io.


This entry was:

Finding the Last Modified Date on a File

coldfusion This question came up on my local CFUG mailing list yesterday:

how can I get the time last updated of the two

documents? I know you can do this with uploaded files using

FILE.TimeLastModified.


This entry was:

Reverse IP Address Lookup with ColdFusion + Java

coldfusion java I needed to do a reverse lookup on some IP addresses in a database today. I found that you can do this pretty easily with java, and just as easily with ColdFusion. Here it is:

<cfset inet_address = CreateObject("java", "java.net.


This entry was:

Java GPL'd

java In case you missed it, Java has been open sourced with a GPL2 license. You could actually get Java source code for a while, but the license was restrictive.


This entry was:

Happy Birthday Eclipse - 5!

misc The Eclipse Project Turns 5 years old on Nov 7th. Go over to their birthday site and send a greeting.


This entry was:

How to Design a Good API and Why it Matters

coldfusion java misc Joshua Bloch has a good presentation outline called How to Design a Good API and Why it Matters. Joshua is a Principal Software Engineer for Google, before that an architect in Sun's Core Java Platform Group (he designed several of the standard java API's). Josh also wrote Effective Java.


This entry was:

ColdFusion on the TIOBE index

coldfusion My brother sent me a link to the TIOBE index which has ColdFusion at #13 (up from #26 last year). According to the site:

The TIOBE Programming Community index gives an indication of the popularity of programming languages.


This entry was:

Null Java References in CF 6 vs 7

coldfusion java ColdFusion 7 appears to be much better at passing null values to a java object. ColdFusion 6 however likes to block you from doing it, even when you want to.

I am tring to work with a java API that requires me to pass a null value to a method.


This entry was:

Java Performance Tuning Guide

coldfusion java Sun recently published a new whitepaper called Java Tuning. It should be of interest to anyone doing performance tuning on ColdFusion server and ofcourse any java application.


This entry was:

DNS Query with ColdFusion

coldfusion java It has been a while since I've posted one of these java + cfml tricks, so here's a neat one for ya'.

You can use the Java Naming and Directory Interface (JNDI) to perform a DNS query in ColdFusion.


This entry was:

Cheat Sheet Roundup - Over 30 Cheatsheets for developers

apple coldfusion databases java linux web Lets face it, unless you have a photographic memory, no developer can remember all the different functions, options, tags, etc. that exist. Documentation can be cumbersome at times, thats why I like cheat sheets.


This entry was:

Dynamic Java Class Loading with ColdFusion

coldfusion java Doug Hughes has posted a very clever technique for allowing you to run Java classes without adding them to your classpath. This means that people who build ColdFusion apps that include java classes can make them super easy to install.


This entry was:

Parsing, Modifying, and outputting XML Documents with Java

java I have been doing a lot of XML parsing, and manipulation in java lately because I'm building a super dynamic configuration editor for XMS. Its going to be pretty cool once its done because you can even configure third party modules with it.


This entry was:

Servlet API Call for Features

java Greg Murray, the Servlet specification lead is asking how do you use the Java Servlet API, and where would you like it to go:

As part of Java EE 5.0 servlets will be undergoing a maintenance release.


This entry was:

Tiger (Java 1.5/5) on Tiger (Mac OSX 10.4)

apple java Apple has released Java 1.5 as a manual download with no plans to release J2SE 5.0 for earlier releases of Mac OS X. Which I guess means that its not going to show up in Software Update for quite some time. Additionally applications requiring J2SE 5.0 / JDK 1.5 must explicitly request version 1.5.


This entry was:

Thread Priority, and Yielding

coldfusion java Suppose you have a page that is only run by background processes, or a page that can take a lot of resources, but you don't want it to. Since ColdFusion MX is written in Java, you can access the thread object that your CFML request is running as.


This entry was:

SanOS

coldfusion java SanOS is a minimalistic 32-bit x86 OS kernel for Java based server appliances running on standard PC hardware.

This enables you to run java server applications without the need to install a traditional host operating system like Windows or Linux.


This entry was:

Regular Expressions - Named Capture Groups

java misc I am porting some code from .NET to Java today, and found out about a very cool feature in regular expressions called Named Groups. Most regular expression implementations let you group text (which can then be used for back-references) using parenthesis, for example: my name is (pete).


This entry was:

Prepared Statements with JDBC

java To prevent SQL Injection Hacking with JDBC, you simply just need to use Prepared Statements, this is pretty easy to, just use a PreparedStatement object instead of a Statement Object, in your SQL replace your variables with ?


This entry was:

Bea JRockit 5 JVM Released

coldfusion java Bea has released JRockit 5.0 JVM. Here is a link to some release notes.

JRockit 5.0 is a J2SE 5.0 compatible Java Runtime Environment. The JRockit JVM main design goal is performance, and the 5.0 version shows a 5-10% performance increase over their previous version on linux.


This entry was:

Java 1.5 for FreeBSD Patchset Released

java The first patchset for Java 1.5 on FreeBSD has been released.

Greg Lewis has released the first patchset (patchlevel 1) for the JDK" 1.5.0 software. This is initial patchset and suitable for early testers and developers.


This entry was:

Converting an unsigned byte array to an integer

java I found myself today needing to deal with unsigned integers, and shorts in java. In Java there is no unsigned keyword like in C, or other languages. All primitives are signed (meaning they can hold negative values).


This entry was:

Robi Sen on Hung Servers, java.lang.OutOfMemory errors and Tuning CF JVM

coldfusion java Robi Sen a while back posted a blog entry with some useful tips on solving java.lang.OutOfMemory exceptions, and tuning the JVM for ColdFusion MX. He has recently posted a follow up to that entry.


This entry was:

Good tutorial on Java 1.5 Generics

java Sun has published a great tutorial on generics in Java 1.5. It covers all the pitfalls, and special cases as well as brings you up to speed on generics.


This entry was:

Visualize Garbage Collection

coldfusion java Sun has released (for free) a very cool program called Visual GC 2.0 in their jvmstat toolkit (via: Moazam Raja). The tool will show you graphically how memory is organized into generation in your JVM.


This entry was:

ColdFusion Garbage

coldfusion Now that you have had a chance to read my outline of garbage collection tuning in java. You should be asking yourself how does this relate to my ColdFusion server. Or maybe you just wondered what Garbage Collection has to do with ColdFusion Servers.


This entry was:

Tuning Garbage Collection

java Every so often I come across the document: Tuning Garbage Collection, and I attempt to read all of it. The document is kind of hard to digest, so this time I created an outline of the Tuning Garbage Collection on the Java 1.4.2 Hotspot JVM document.


This entry was:

Bookmarklets and Search Plugins for javadocs.org

coldfusion java Many people have been posting bookmarklets for searching javadocs.org, and some have asked about a Mozilla/Firefox search plugin. So I though I would create a bookmarklets, and mozilla search plugins page.

This page has bookmarklets that work in IE, Mozilla, FireFox, and Safari.


This entry was:

javadocs.org launched!

java I am launching javadocs.org today! The site is strikingly similar to my cfdocs.org site for CFML, but just as useful.

The site is basically a URL shortcut to java documentation, for example if you want the documentation for the String class, simply type: javadocs.org/string.


This entry was:

Checking your JDBC Driver Version

coldfusion Macromedia recently updated their JDBC driver technote, but I wasn't sure if I already had the 3.3 driver installed (since they may have just updated the text in the technote).


This entry was:

Signing Jar Files (converting pvk to p12)

java We recently renewed our code signing certificate for signing java applets, this is the first year we have had to renew it, and the process is a bit different from when we generated it. When we first received the key we did it with a CSR, and the java keytool.


This entry was:

ColdFusion Memory Usage Stats

coldfusion java Here are some code to find out some info about the memory usage of CFMX or BlueDragon. The Java API provides three methods in the java.lang.Runtime class: freeMemory, totalMemory, and maxMemory.


This entry was:

Determining the size of objects in memory

coldfusion java Someone asked for a method to find out how much memory their cached queries, and components are using on the cf-talk mailing list today. In CFMX and in java there are no build in methods for determining the size of an object.


This entry was:

Making Jar files Run

java I recently had to reinstall my OS, and more recently had to use a Java Application called JEdit. JEdit's installer didn't create any shortcuts for me, so I had to run JEdit from the command line by invoking it's jar file with java -jar jEdit.jar.


This entry was:

How to make ColdFusion MX go to sleep

coldfusion Many people have had the need for a ColdFusion page to sleep, typically between iterations of a loop. There is a tag called CFX_Sleep in the Tag Gallery, but in ColdFusion MX you don't need a CFX tag to make the current processing thread sleep using the static sleep method on the java.lang.


This entry was:

Have you tuned your JVM on ColdFusion MX yet?

coldfusion java ColdFusion's move to java gives developers and system administrators a wealth of performance tuning options.


This entry was:

foundeo


did you hack my cf?