Ron McLeod

Marshal
+ Follow
since Feb 12, 2013
Ron likes ...
Android Eclipse IDE TypeScript Redhat MicroProfile Quarkus Java Linux
Richmond, BC, Canada
Cows and Likes
Cows
Total received
516
In last 30 days
0
Total given
288
Likes
Total received
982
Received in last 30 days
3
Total given
1948
Given in last 30 days
21
Forums and Threads
Scavenger Hunt
expand Rancher Scavenger Hunt
expand Ranch Hand Scavenger Hunt Green check
expand Greenhorn Scavenger Hunt

Recent posts by Ron McLeod

Jesse Silverman wrote:unless something fits on one line and ends with a ;


If the code ever gets touched by a formatter, there is a good chance that the one line will become two lines.
4 days ago
I got a bit further with the console launcher so that the Platform Suite Engine is being used now, but my test suite class is still not being discovered.
6 days ago
I found that adding configuration for surefire for my test suite class name pattern allowed it to get discovered, and then declarations were used to run the test cases.  I also included configuration to show the DisplayName for the test cases.
6 days ago
I am trying to use the Test Suite capability recently introduced into JUnit5, but I can't figure-out how to get Junit to discover the test cases declared in the test suite and execute them when using the Console Launcher or Maven.  It is probably due to missing/incorrect command line options and/or parameters, but I can't seem to find any references or examples of how to launch a suite of tests from the command line (I can however execute the tests from the VSCode IDE).

Test Suite
Test Case
Using VSCode (launched clicking on ES9PlusSuite |> icon)



Attempt using the Console Launcher
Attempt using Maven
Project POM
1 week ago

Ravi Napit wrote:bp.getRequestContext().put(BindingProvider.ENDPOINT_ADDRESS_PROPERTY, "https://" + hostname + ":portnumber/service?wsdl");


I'm guessing that portnumber is a variable, and that you probably want something like this:
2 weeks ago
Thanks for the response - really appreciated.
1 month ago
I have a service which generates cellular network SIM profiles, and persistently stores related provisioning data for the profiles on the customer's behalf for later retrieval.  The data is confidential and must be protected.  After generating the data, the service must not be able to access the data in an unprotected form.  When requested, the service provides the data in an encrypted form, which can only be decrypted by the customer.  The transport between the customer and the service uses TLS 1.3 mutual authentication.

When placing an order, the customer provides a RSA public key, for which they have a corresponding private key.  For each set of data, the service generates a new AES secret key, encrypts the data using the secret key, encrypts the secret key using provided public key, creates a bundle consisting of the encrypted secret key and the encrypted data, and then stores the bundle is a database.

When the customer requests the provisioning data, the bundle is pulled from the database and provided as-is.  The customer then reverses the process using their private key to obtain the secret key, and then uses that key to decrypt the provisioning data.

This is an example of what is included in the provisioning data.  Almost all item values are either sequential or randomly generated, so the likelihood of two sets of data being identical are effectively zero.
Question 1: Since no two sets of provisioning data will ever be the same, does an IV with a random/non-repeating value actually provide any value?  I am currently sizing it to the smallest permitted and leaving it with the value of 0.

Question 2: SonarLint is flagging the use of RSA/ECB/PKCS1Padding as a potential vulnerability.  Is it something that I should be concerned with for this type of application?

Usage Example
1 month ago

A Tham wrote:


Is debug a valid attribute for Context?
1 month ago

Jesse Silverman wrote:To steal Campbell's catchphrase, as I haven't come up with my own yet:

It's a pleasure!


Suggestion #4 in Lucy's 12 ways to response to thank-you ...

I am currently using grpcurl for command-line testing and troubleshooting gRPC server implementations.  It works well for my needs, but I am wondering if there are any suggestions/recommendations for other tools which could used in a Linux environment.
1 month ago
This post in the tomcat-users mailing list might answer your question: Why does Tomcat open connections on localhost?
1 month ago

AhFai Chan wrote:Is there a reason why Tomcat start multiple copies with same Process-ID but 4 different ports?


The image is showing 1 instance of Tomcat with 4 connections.
1 month ago

Norm Radder wrote:How do you get that display shown in the image you posted?


Looks like a netstat-like view using CurrPorts.
1 month ago