Wednesday, March 24, 2010

Well-known Java System Properties

For security manager:

-Djava.security.manager              //To enable java security manager
-Djava.security.policy=mypolicy      //specify the location of policy file
//This can be replaced by adding a line like policy.url.3=file:/C:/Test/mypolicy into file <Java_home>\jre\lib\security\java.security.

For SSL Connection:
-Djavax.net.debug=ssl                               //Enable ssl debug information
-Djavax.net.ssl.keyStore=/path/to/client.ks     //specify the location of key store
-Djavax.net.ssl.keyStorePassword=password    //password for keystore
-Djavax.net.ssl.trustStore=/path/to/client.ts    //specify the location of trust store

For java.util.logging (See more detail)
-Djava.util.logging.config.class
-Djava.util.logging.config.file        //Location of the configuration file, by default JVM will read <Jre_home>lib/logging.properties 
-Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager
 
 
-Djava.endorsed.dirs=/opt/apache-tomcat-6.0.26/endorsed  //The Java SE runtime environment will use classes in such JAR files 
                                                                                 //to override the corresponding classes provided in the 
                                                                                 //Java platform as shipped by Sun.
 

Use SSL in Java

The default password for the Java default keystore file $JAVA_HOME/lib/security/cacerts is 'changeit'

Setting up the Key and Trust Stores

  1. Using Java keytool, create a certificate for the Server:
    keytool -genkey -alias broker -keyalg RSA -keystore broker.ks
  2. Export the broker's certificate so it can be shared with clients:
    keytool -export -alias broker -keystore broker.ks -file broker_cert
  3. Create a certificate/keystore for the client:
    keytool -genkey -alias client -keyalg RSA -keystore client.ks
  4. Create a truststore for the client, and import the broker's certificate. This establishes that the client "trusts" the broker:
    keytool -import -alias broker -keystore client.ts -file broker_cert

Starting the Server

Using the javax.net.ssl.* System Properties

Before starting the broker's VM set the SSL_OPTS enviorment variable so that it knows to use the broker keystore.

export SSL_OPTS = -Djavax.net.ssl.keyStore=/path/to/broker.ks -Djavax.net.ssl.keyStorePassword=password

Starting the Client

When starting the client's VM, specify the following system properties:

javax.net.ssl.keyStore=/path/to/client.ks
javax.net.ssl.keyStorePassword=password
javax.net.ssl.trustStore=/path/to/client.ts

Monday, March 22, 2010

How to change default sugar report entries per page?

Sugar read variable list_report_max_per_page from config.php, but this variable doesn't exist in that file by default. So simply add 'list_report_max_per_page' => 500, into config.php to change sugar report entries per page.

Google+