Salman Ahmed

+ Follow
since Mar 18, 2008
Merit badge: grant badges
For More
Cows and Likes
Total received
In last 30 days
Total given
Total received
Received in last 30 days
Total given
Given in last 30 days
Forums and Threads
Scavenger Hunt
expand Ranch Hand Scavenger Hunt
expand Greenhorn Scavenger Hunt

Recent posts by Salman Ahmed

One more way to check if you're installed JVM is 64-bit is to see if the "java" executable accepts the "-d64" option to specify the 64-bit data model.
If your JVM is 64-bit capable, it will accept either the "-d32" or the "-d64" option to select either the 32-bit or 64-bit data model respectively.

(Sample output taken from a 64-bit Debian install)
ssahmed@debian:[~]$ uname -a
Linux debian 2.6.26-2-amd64 #1 SMP Mon Oct 19 02:34:17 UTC 2009 x86_64 GNU/Linux
ssahmed@debian:[~]$ java
Usage: java [-options] class [args...]
(to execute a class)
or java [-options] -jar jarfile [args...]
(to execute a jar file)

where options include:
-d32 use a 32-bit data model if available

-d64 use a 64-bit data model if available
-server to select the "server" VM
The default VM is server.
<rest of output snipped>

14 years ago
You always have the choice and freedom to implement the signature generation yourself: you decide what part (or parts) of the XML document you want to sign, how and where you want to embed the signature (for subsequent verification) in the same XML document, etc.

The only downside of this approach is that you have to implement both the signing and verification pieces _yourself_.
15 years ago
I didn't look at it carefully enough to see that it was an anonymous sub-class... interesting example and use.
Thanks for pointing this out!

15 years ago

Ernest Friedman-Hill wrote:Then there's this party trick:


Care to explain how this party trick actually works? I've never seen this form before.
15 years ago
It's an old book and not easily available but I have really liked Professional Java Security. I bought it used's marketplace and so far I have really learnt a lot from this book. Another book that I like is the more current Beginning Cryptography with Java which is available brand new.

The Core Security Patterns books also appears to be very good but I haven't gone through it yet.
15 years ago
Carey's code snippet from the other thread works just fine for me using the Sun JDK 1.5 and Sun's own built-in JCE provider.
15 years ago
In a normal non-cryptographic application, whenever I use the java.util.Random PRNG I usually seed it prior to first use with the current time. For cryptographic applications, is it necessary to seed SecureRandom? Put another way, in what circumstances would I need to be concerned about seeding SecureRandom?

Also, is this the correct way to seed SecureRandom:

15 years ago
Just wondering what features/algorithms/etc. are missing from Sun's JCE in Java 1.5 as compared to Bouncy Castle 1.41.
I know that with earlier versions of the JDK/JRE you had to use Bouncy Castle to get support for certain algorithms/ciphers but I am wondering how true this is for Java 1.5 or even Java 1.6.

15 years ago
I am using the URLConnection and HttpURLConnection classes to screen-scrape some information from a webserver, and am wondering what's the best way to determine if HTTP authentication is required to access a specified URL.

When I access the URL and examine the response headers sent back, I can see that there is a response header with a null field name that has the following value:

Out of curiosity, why is there a response header returned with a null field name?

This is the full list of response headers generated by the web server when I try to access the password-protected URL:

Is it sufficient to check the HTTP response code (401 in my case above) to determine if password authentication is required when trying to access such a URL?


Salman Ahmed
I have a Java class that models a business domain object. This business domain object has a number of fields that are represented as String-valued data members in the corresponding class. Some of those String-valued fields are not present in some object instances.

Is it better to model such a non-existent (or non-available) field as having an empty String value ("") or should I set it to null?

I've been thinking of this issue in reference to Item #27 from "Effective Java" where Bloch correctly recommends that empty Collections should be returned instead of returning null.

I am just wondering whether the same recommendation should be applicable for simple object types such a String-valued data member.

Would love to hear the thoughts of the more enlightened and experienced minds on JavaRanch...

15 years ago
OK, so I came up with the following utility method:

but I didn't realize that different collections will return different orderings - thanks for pointing that out. The TreeSet solution works me since in my application I know that I will ALWAYS be comparing collection instances of the same type.

Does this 2nd version of the code look right:

Thanks Rob!
15 years ago
Say I have a class defined as follows:

and I want to implement the Comparable interface for it.

Are there any standard library utilities available for comparing two collection objects and returning a (-1, 0, 1) based on how those two Collections object compare to one another?

Or do I have to write my own helper/utility method to compare two Collection instances:

More generally speaking, what's best practice when dealing with such classes that have to be Comparable and that contain collections member fields?

15 years ago
Thanks for the info guys!
15 years ago
If I implement the equals() and hashCode() methods for class Gadget as:

then I do not have the issue of all Gadgets being equal or of having the same hash code value.

However, is there any problem or issue in using the class type in the equals() method but NOT using it in the hashCode() method?

Canonically speaking, is there any requirement to compute the hashCode based on the same comparisons that are done in the equals() method?

The code as it is above seems to work well for me!

15 years ago
Assuming that I have the following two classes defined:

and also assuming that I have valid (or reasonably implemented) versions of equals() and hashCode() for the super class Widget, how should I implement hashCode() for the Gadget subclass?

Also, is it considered bad "form" (or design) to have a sub-class that doesn't define any data members over and above the super class?

15 years ago