GC
Received GC approval notice today. I didn't expected it that soon. Today is just 10th of November. I thought I would get it within this year. Waited 9 years. What a long time!
Posted at 09:21PM Nov 10, 2009 by gc in Personal | Comments[0]
MySQL Error 1064
Seeing following error when adding new records to mysql DB:
ERROR 1064 (42000) at line 3: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'read, ......
[Read More]Posted at 04:41PM Nov 05, 2009 by gc in Personal | Comments[0]
How to Prevent H1N1 - Best Advice So Far
Someone forward this one to me. Don't know where it originated. But it makes sense in my opinion.
How to Prevent H1N1 - Best Advice So Far(如何预防H1N1 - 来自医生的忠告)
N95口罩是用来阻隔95% 的0.3μ微粒,,而H1N1病毒的大小是0.1μ左右。所以,靠N95口罩防H1N1就像用蚊帐来挡雨。
Posted at 04:13PM Nov 05, 2009 by gc in Personal | Comments[0]
US Daylight Saving Time Ends Today
Daylight Saving Time (DST) at US ends today. When checking when the DST ends this year, I read the history of Daylight Time in the US at here. It changed so many times. It is unexpectedly complicated.
[Read More]Posted at 11:40PM Oct 31, 2009 by gc in Personal | Comments[0]
CHP With Multiple Agents Instances
Recently a bug was identified in OpenSSO8.0 code related to Cookie Hijack Prevention (CHP). There are multiple policy agent instances with a Load Balancer (LB) in front. In this case, agent profiles must have LB URL added in the agent root URL list (CDSSO + CHP). However, a strange behavior could be observed. Only one agent works, you could see your browser spinning when accessing other agents. This is OpenSSO issue 5707.
Posted at 04:58PM Oct 29, 2009 by gc in Sun | Comments[0]
Lotus Touts
My kid sent me this circulating email talking about some Lotus Touts. I don't like email chain letters, but the Lotus Touts in this one is nice. I would like to follow this guidance if it is not too late.
ONE. Give people more than they expect and do it cheerfully.
TWO. Marry a man/woman you love to talk to. As you get older, t heir conversational skills will be as important as any other.
THREE. Don't believe all you hear, spend all you have or sleep all you want.
FOUR. When you say, 'I love you,' mean it.
FIVE. When you say, 'I'm sorry,' look the person in the eye..
SIX. Be engaged at least six months before you get married.
SEVEN. Believe in love at first sight.
EIGHT. Never laugh at anyone's dreams. People who don't have dreams don't have much.
NINE. Love deeply and passionately. You might get hurt but it's the only way to live life completely..
TEN. In disagreements, fight fairly.. No name calling.
ELEVEN. Don't judge people by their relatives.
TWELVE. Talk slowly but think quickly.
THIRTEEN. When someone asks you a question you don't want to answer, smile and ask, 'Why do you want to know?'
FOURTEEN.. Remember that great love and great achievements involve great risk.
FIFTEEN. Say 'bless you' when you hear someone sneeze.
SIXTEEN. When you lose, don't lose the lesson.
SEVENTEEN. Remember the three R's: Respect for self; Respect for others; and Responsibility for all your actions.
EIGHTEEN. Don't let a little dispute injure a great friendship.
NINETEEN. When you realize you've made a mistake, take immediate steps to correct it.
TWENTY. Smile when picking up the phone. The caller will hear it in your voice.
TWENTY- ONE. Spend some time alone.
Posted at 12:36PM Oct 09, 2009 by gc in Personal | Comments[0]
Reset Amadmin Password (2)
In my previous post (09/11) on this topic, I asked to have jss4.jar in the classpath and have corresponding library files in the environment. Actually it is not required. Otherwise, one will have a hard time to find and install them on a windows box. All you need to do is to set the value of property com.iplanet.security.encryptor to be "com.iplanet.services.util.JCEEncryption". The default is "com.iplanet.services.util.JSSEncryption" if you don't specify, which requires JSS.
So the command to generate new password could be looked like
/usr/bin/java -Dcom.iplanet.security.encryptor=com.iplanet.services.util.JCEEncryption -Dam.encryption.pwd=sZ6rTm4Dp1xp6MuXpwyQ3h0RsdcMK5eQ -cp .:/opt/sun/identity/lib/am_sdk.jar:/opt/sun/identity/lib/am_services.jar PasswordHashEncryption password
Posted at 05:30PM Oct 05, 2009 by gc in Sun | Comments[0]
MySQL x86 vs x86_64
Rails and mysql worked just fine for me. However, after updated rails today, I got lots of mysql errors. There are lots of recommendations I found on the net. But this is the one - Installing Rails 2.2 on Mac OS X - MySQL problem - resolved my problem.
Posted at 11:29PM Sep 27, 2009 by gc in Personal | Comments[0]
String as Primary Key
Sometimes, we want to set a primary key of a database table to be a string instead of integer. This is perfectly OK though not best.
However, seems this is not possible when creating tables by using ruby on rails. This post helps a lot.
The following is the sample code:
create_table :employees, {:id => false} do |t|
t.string :emp_id
t.string :first_name
t.string :last_name
end
execute "ALTER TABLE employees ADD PRIMARY KEY (emp_id);"
Posted at 11:29PM Sep 22, 2009 by gc in Personal | Comments[0]
Change Amadmin Password On File Based AM7.1
Last week, I provided the steps to change amadmin password on AM7.1. Someone had question on how to do it on file based AM7.1. The java code PasswordHashEncryption.java is still required to encrypt and hash the new password. Actually you don't need the whole AMConfig.properties, only one property am.encryption.pwd. You can pass the value as jvm option.
[Read More]Posted at 10:16PM Sep 15, 2009 by gc in Sun | Comments[0]
Reset Amadmin Password
It is not straight forward to change amadmin password on an Access Manager 7.1 setup. If you simply change it on subject tab of AM console, you would fail to login once you logout.
This is due to the factor that amadmin's password is saved in a separate entry of Directory Server. You need to save the new password into this entry after changing it on the console. But the password is not saved as is but needs both encrypted and hashed. Unfortunately, the current cli tool ampassword does not help.
[Read More]Posted at 11:57PM Sep 11, 2009 by gc in Sun | Comments[1]
Session Idle Timeout
When using Access Manager, people expects to set different session idle timeout or max session time for different orgs/groups/roles. This can be easily configured with older AM versions, 6.x or even older 5.x. But it is tricky to do so with the newer version 7.x. Lots of people noticed that the changes they made to the role level didn't take any effect even after restarting both AM and DS.
[Read More]Posted at 02:39PM Aug 28, 2009 by gc in Sun | Comments[0]
Using Persistent Cookie on AM/OpenSSO
Haven't used the feature of persistent cookie on AM/OpenSSO for a long time. Today when verifying a code change, I need to check the httponly flag of persistent cookie. Somehow I couldn't find this cookie on the browser. I did enable it in authentication core service though.
[Read More]Posted at 10:44PM Aug 17, 2009 by gc in Sun | Comments[0]
Meteor Shower
With support of my wife, we inspired our body to go with us. We hit the trail around 9PM. The sun had set completely, but it was not dark. Street lights were so bright at night. We didn't need to take out flashlights.
[Read More]Posted at 11:11PM Aug 12, 2009 by gc in Personal | Comments[0]
Change Amadmin Password
Someone might want to change the super user amadmin's password of Access Manager (AM) 7.0 or 7.1 for various reasons. Be careful. It is tricky. If you try to change it directly on Directory Server (DS), you would find that you can not login as amadmin any more.
[Read More]Posted at 12:24PM Jul 23, 2009 by gc in Sun | Comments[1]