Lombok Annotations

Project Lombok is a boilerplate code remover and space saver that generates code in “.class” file instead of in the source code file. Lombok provides a set of annotations and some of them could be used in day-to-day coding. Let’s have a look at few of them.

@Getter and @Setter:- The @Getter and @Setter annotations provide getter and setter methods for a field respectively. These annotations can be used at the field and class level.

@Getter
@Setter
public class Employee {
	private String empId;
	private String employeeName;
}

@ToString Annotation:- This annotation generates the toString() method in the “.class” file at compile time. There is no need to write explicit code for the toString() method in POJO.

@ToString
public class Employee {
	private String empId;
	private String employeeName;
}

@Builder:- This annotation is used to generate the code required to have your class be instantiable using the builder pattern.

@Builder
public class Employee {
	private String empId;
	private String employeeName;
}

@Log4j:- This annotations is used to generate code related to the logger.

@Log4j
public class MyClass{
	public void greetings() {
		log.info("Good Morning");
	}
}
Advertisements

WeakHashMap @ Java

WeakHashMap is a Hash table-based implementation of the Map interface with weak keys. An entry in a WeakHashMap will automatically be removed when its key is no longer in ordinary use. Both null values and the null key are supported. This class has performance characteristics similar to those of the HashMap class and has the same efficiency parameters of initial capacity and load factor. Like most collection classes, this class is not synchronized. A synchronized WeakHashMap may be constructed using the Collections.synchronizedMap method.

Code Snippet:-

import java.util.Map;
import java.util.Map.Entry;
import java.util.WeakHashMap;

public class MyClass {
	public static void main(final String[] args) {
		final Map map = new WeakHashMap();
		Key key1 = new Key("ACTIVE_KEY-1");
		Key key2 = new Key("ACTIVE_KEY-2");
		
		map.put(key1, new Employee(101, "Tom"));
		map.put(key2, new Employee(102, "Jerry"));
		
		key1 = null;
		System.gc();
		
		for (final Entry entry : map.entrySet()) {
			System.out.println(entry.getKey().getKey() + "   " + entry.getValue());
		}
	}
}

class Key {
	private String key;
	
	public Key(final String key) {
		super();
		this.key = key;
	}

	public String getKey() {
		return key;
	}

	public void setKey(final String key) {
		this.key = key;
	}
}

IdentityHashMap @ Java

IdentityHashMap is a HashTable -based implementation of the Map Interface. Normal HashMap compares keys using the .equals method but Identity HashMap compares its keys using the == operator. Hence, ‘Java’ and new String(‘Java’) are considered as two different keys. The initial size of Identity HashMap is 21, while the initial size of a normal HashMap is 16.

Code Snippet:-

import java.util.IdentityHashMap;
public class MyClass {
	public static void main(final String[] args) {
		final IdentityHashMap identityHashMap = new IdentityHashMap();
		identityHashMap.put("Java", "Java-7");
		identityHashMap.put(new String("Java"), "Java-8");

		for (final String str : identityHashMap.keySet()) {
			System.out.println("Key : " + str + " and Value : " + identityHashMap.get(str));
		}

		System.out.println("Size of map is : " + identityHashMap.size());
	}
}

Output:-

Key : Java and Value : Java-7
Key : Java and Value : Java-8
Size of map is : 2

Web-Services Best Practices

Following are the few best secure development guidelines for Web-Services implementation.

SOAP service standards contain requirements for following areas: –
(1) Authentication
(2) Authorization
(3) Data Validation

REST service standards contain requirements for following areas: –
(1) Authentication and Session Management
(2) Authorization
(3) Data Validation
(4) Protection against Cross-Site Request Forgery
(5) Output Encoding
(6) Insecure Direct Object Reference

Test SMTP communication with OpenSSL

We can use the openssl command to have the verification of SMTP sever connectivity over TLS

$ openssl s_client -connect smtpserver.mailprovider.com:25 -starttls smtp

 
CONNECTED(00000004)
depth=3 C = SE, O = AddTrust AB, OU = AddTrust External TTP Network, CN = AddTrust External CA Root
verify error:num=19:self signed certificate in certificate chain
---
Certificate chain
 0 s:/C=US/postalCode=160030/ST=Chandigarh/L=Chandigarh/street=Chandigarh/O=OrgName, Inc./OU=Messaging/OU=Hosted by OrgName/OU=Multi-Domain SSL/CN=securemail.mailprovider.com
   i:/C=GB/ST=Greater Chandigarh/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Organization Validation Secure Server CA
 1 s:/C=GB/ST=Greater Chandigarh/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Certification Authority
   i:/C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root
 2 s:/C=GB/ST=Greater Chandigarh/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Organization Validation Secure Server CA
   i:/C=GB/ST=Greater Chandigarh/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Certification Authority
 3 s:/C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root
   i:/C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root
---
Server certificate
-----BEGIN CERTIFICATE-----
Wj/FMdFEvIbYGHUVUtPswhcJR5jvJQuiP9h/lFgCYcKG/Fa1QZ9/53Cp0tUrZoTd
UrwYlpZA+2CnAgMBAAGjggRZMIIEVTAfBgNVHSMEGDAWgBSa8yvaz61Pti+7KkhI
KhK3G0LBJDAdBgNVHQ4EFgQUutI6MN0OGTTOt77BXbWvuWY2sZcwDgYDVR0PAQH/
MH0wVQYIKwYBBQUHMAKGSWh0dHA6Ly9jcnQuY29tb2RvY2EuY29tL0NPTU9ET1JT
QU9yZ2FuaXphdGlvblZhbGlkYXRpb25TZWN1cmVTZXJ2ZXJDQS5jcnQwJAYIKwYB
BQUHMAGGGGh0dHA6Ly9vY3NwLmNvbW9kb2NhLmNvbTCCARQGA1UdEQSCAQswggEH
cm92aWRlci5jb22CF214NC5tZXNzYWdlcHJvdmlkZXIuY29tghdteDUubWVzc2Fn
ZXByb3ZpZGVyLmNvbYIXbXg2Lm1lc3NhZ2Vwcm92aWRlci5jb22CF214Ny5tZXNz
-----END CERTIFICATE-----
subject=/C=US/postalCode=160030/ST=Chandigarh/L=Chandigarh/street=Chandigarh/O=OrgName, Inc./OU=Messaging/OU=Hosted by OrgName/OU=Multi-Domain SSL/CN=securemail.mailprovider.com
issuer=/C=GB/ST=Greater Chandigarh/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Organization Validation Secure Server CA
---
No client certificate CA names sent
---
SSL handshake has read 6842 bytes and written 558 bytes
---
New, TLSv1/SSLv3, Cipher is AES256-SHA
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : AES256-SHA
    Session-ID: 87077B0F0737A1FF5FF042D484800DD0C70DD24125E88812C5A4EC37BA8DE607
    Session-ID-ctx:
    Master-Key: 4D538CD6FA48143912C634BE3EE36ADFC8D6CBEECAB3D43A2C45E5F31B7B43422A21C5CDA1DE12B0A9DA33C541B6D530
    Key-Arg   : None
    SRP username: None
    TLS session ticket lifetime hint: 300 (seconds)
    TLS session ticket:
    0000 - 33 d7 ad 86 5d b1 a7 0a-97 36 72 43 cc aa e8 0c   3...]....6rC....
    0010 - f0 3b 17 39 e4 c7 81 1d-f7 36 f4 ff 04 19 f7 9e   .;.9.....6......
    0020 - a6 16 6b 21 33 b7 eb d3-54 50 b8 3a 2f 72 cb bf   ..k!3...TP.:/r..
    0030 - 31 44 7d 53 73 86 df a0-72 a9 90 5c 73 c9 0c 46   1D}Ss...r..\s..F
    0040 - c8 4b 79 be 86 a7 ae a0-23 1c 43 e5 fd ef a0 cc   .Ky.....#.C.....
    0050 - 49 e3 df e8 0f 2b fa 7d-9d 8b 7c de 20 a4 fc 6f   I....+.}..|. ..o
    0060 - 95 7e 37 e0 15 f9 a6 e6-34 3d da 7a 40 5f ba f7   .~7.....4=.z@_..
    0070 - 92 2d 03 89 5d 17 f5 28-85 fa 02 e0 50 cc 01 83   .-..]..(....P...
    0080 - 3d 77 2c 1f ef e8 2c 9b-31 68 d5 6d 9a ff e0 dd   =w,...,.1h.m....
    0090 - cf 43 86 fa 02 07 e0 d8-c8 d7 d3 e0 db 6d f8 ce   .C...........m..

    Start Time: 1545224851
    Timeout   : 300 (sec)
    Verify return code: 19 (self signed certificate in certificate chain)
---
250 STARTTLS

500 5.5.1 Command unrecognized: ""
quit
221 2.0.0 mx4.mailprovider.com Closing connection
closed

Issuing Test Request to an SSL Server

While diagnosing problems between Server and browsers, it is useful to analyze the requests and responses.

When SSL/TLS is not used, for capturing requests and responses between web browser and the server you can use any network capture tool such as ethereal. But when SSL/TLS is used for communication, you can use the OpensSSL’s s_client application for tapping the communication.

Execute the following command (after successful SSL connection) and enter the test HTTP request as desired.

$openssl s_client -host localhost -port 8080 -quiet

By using the same command without the -quiet flag, you can see information about the connection, such as the server DN, Certificate name and negotiated cipher suite.

For testing particular cipher suites, check the -cipher option. For example:

$openssl s_client -host localhost -port 8080 -cipher DES-CBC-SHA

For more information, see the s_client man page at http://www.openssl.org/docs/apps/s_client.html.

com.ibm.mq.MQException: MQJE001: Completion Code ‘2’, Reason ‘2009’

While working with IBM WebSphere, we may have observed MQ Reason Code 2009 (MQRC_CONNECTION_BROKEN | com.ibm.mq.MQException: MQJE001: Completion Code ‘2’, Reason ‘2009’) in application logs. Following are two possible main scenarios that causes this exception:-
1) One is allocating a new Queue Connection Factory (QCF) connection.
2) The other is when the Application Server allocates a free connection from its connection pool, but the connection is no longer active, that is, broken.

There are other most common causes for MQ Reason Code 2009 which are given below:
1) A firewall has terminated the connection.
2) An IOException caused the socket to be closed.
3) An explicit action caused the socket to be closed by one end.
4) The queue manager is offline.
5) The maximum number of channels allowed by the queue manager are already open.
6) A configuration problem in the Queue Connection Factory (QCF).