***HttpSerlvetRequest.isSecure()*** is the answer. The ServletContainer is responsible for returning true in the following cases:

 - If the ServletContainer can itself accept requests on https.
 - If there is a LoadBalancer in front of ServletContainer. And , the LoadBlancer has got the request on **https** and has dispatched the same to the ServletContainer on **plain http**. In this case, the LoadBalancer sends ***X-SSL-Secure : true*** header to the ServletContainer, which should be honored. 

The Container should also make this request attributes available when the request is received on **https**:

 - javax.servlet.http.sslsessionid
 - javax.servlet.request.key_size
 - javax.servlet.request.X509Certificate

You can&#39;t reliably depend on port numbers.  
But you can depend on the scheme:  

Use: [request.getScheme()][1] to see if it is `https`.  

If it is then it is secure connection.  

I believe this should work regardless of Tomcat version


  [1]: http://download.oracle.com/javaee/1.2.1/api/javax/servlet/ServletRequest.html#getScheme%28%29

[isSecure][1].  Be sure to check the inherited methods.


  [1]: http://tomcat.apache.org/tomcat-7.0-doc/servletapi/javax/servlet/ServletRequest.html#isSecure%28%29

Java 7 introduced [java.nio.file.Path][1] as a [possible replacement][2] for java.io.File.

With File, when I access a file under a specific, I would do:

    File parent = new File(&quot;c:\\tmp&quot;);
    File child = new File(parent, &quot;child&quot;); // this accesses c:\tmp\child

What&#39;s the way to do this with Path?

I supposed this will work:

    Path parent = Paths.get(&quot;c:\\tmp&quot;);
    Path child = Paths.get(parent.toString(), &quot;child&quot;);

But calling `parent.toString()` seems ugly. Is there a better way?

  [1]: http://docs.oracle.com/javase/7/docs/api/java/nio/file/Path.html
  [2]: https://stackoverflow.com/questions/6903335/java-7-path-vs-file

How to access a sub-file/folder in Java 7 java.nio.file.Path?

I found this neat command to merge multiple PDF into one, using Ghostscript:

    gs -dBATCH -dNOPAUSE -q -sDEVICE=pdfwrite -sOutputFile=out.pdf in1.pdf in2.pdf

The resulting size is smaller than the combined size of the 2 PDFs.

Running the command with a single file as input still results to a smaller size output file.

Is there an option on Ghostscript to just copy the pages as they appear on merging without doing any compression?

If not, is it possible that the Ghostscript compression is so good that it will result in absolutely no loss in quality? 



Ghostscript to merge PDFs compresses the result

I wrote a servlet in Java and I would like to know if the request to that servlet was executed using HTTP or HTTPS.

I thought I can use `request.getProtocol()` but it returns HTTP/1.1 on both methods.

Any ideas?

How can I know if the request to the servlet was executed using HTTP or HTTPS?

I wrote a servlet in Java and I would like to know if the request to that servlet was executed using HTTP or HTTPS.
I thought I can use <code>request.getProtocol()</code> but it returns HTTP/1.1 on both methods.
Any ideas?

My thread pool has a fixed number of threads. These threads need to **write** and **read** from a shared list frequently. 

So, which data structure (it better be a List, must be monitor-free) in `java.util.concurrent` package is best in this case?



Choosing the best concurrency list in Java

First of all, I know that using regex for email is not recommended but I gotta test this out.

I have this regex:

    \b[A-Z0-9._%-]+@[A-Z0-9.-]+\.[A-Z]{2,4}\b

In Java, I did this:

    Pattern p = Pattern.compile(&quot;\\b[A-Z0-9._%-]+@[A-Z0-9.-]+\\.[A-Z]{2,4}\\b&quot;);
    Matcher m = p.matcher(&quot;foobar@gmail.com&quot;);
		
    if (m.find())
        System.out.println(&quot;Correct!&quot;);

However, the regex fails regardless of whether the email is wel-formed or not. A &quot;find and replace&quot; inside Eclipse works fine with the same regex.

Any idea?

Thanks,


Java regex email

The following method only writes out the latest item I have added, it does not append to previous entries. What am I doing wrong?

    public void addNew() {
        try {
            PrintWriter pw = new PrintWriter(new File(&quot;persons.txt&quot;));
            int id = Integer.parseInt(jTextField.getText());
            String name = jTextField1.getText();
            String surname = jTextField2.getText();
            Person p = new Person(id,name,surname);
            pw.append(p.toString());
            pw.append(&quot;sdf&quot;);
            pw.close();
        } catch (FileNotFoundException e) {...}
    }

PrintWriter append method not appending

This is related to a previous question that I asked here earlier

https://stackoverflow.com/questions/8207274/json-parsing-using-gson/8207343#8207343

I am trying to parse the same JSON, but now I have changed my classes a little bit.

    {
        &quot;lower&quot;: 20,
        &quot;upper&quot;: 40,
        &quot;delimiter&quot;: &quot; &quot;,
        &quot;scope&quot;: [&quot;${title}&quot;]
    }

My class now looks like:

    public class TruncateElement {

       private int lower;
       private int upper;
       private String delimiter;
       private List&lt;AttributeScope&gt; scope;

       // getters and setters
    }


    public enum AttributeScope {

	    TITLE(&quot;${title}&quot;),
	    DESCRIPTION(&quot;${description}&quot;),

	    private String scope;

	    AttributeScope(String scope) {
			this.scope = scope;
		}

		public String getScope() {
			return this.scope;
		}
    }


This code throws an exception, 

    com.google.gson.JsonParseException: The JsonDeserializer EnumTypeAdapter failed to deserialized json object &quot;${title}&quot; given the type class com.amazon.seo.attribute.template.parse.data.AttributeScope
	at 

The exception is understandable, because as per the solution to my previous question, GSON is expecting the Enum objects to be actually be created as  

    ${title}(&quot;${title}&quot;),
    ${description}(&quot;${description}&quot;);

But since this is syntactically impossible, what are the recommended solutions, workarounds?





Using Enums while parsing JSON with GSON

How can I get the context in a fragment?

I need to use my database whose constructor takes in the context, but `getApplicationContext()` and `FragmentClass.this` don&#39;t work so what can I do?

Database constructor

    public Database(Context ctx)
    {
        this.context = ctx;
        DBHelper = new DatabaseHelper(context);
    }


Using context in a fragment

I&#39;ve created a filter to in my java webserver (appengine actually) that logs the parameters of an incoming request. I&#39;d also like to log the resulting response that my webserver writes. Although I have access to the response object, I&#39;m not sure how to get the actual string/content response out of it.

Any ideas?

How to read and copy the HTTP servlet response output stream content for logging

A standard spring web application (created by Roo or &quot;Spring MVC Project&quot; Template) create a web.xml with `ContextLoaderListener` and `DispatcherServlet`. **Why do they not only use the `DispatcherServlet` and make it to load the complete configuration?**

I understand that the ContextLoaderListener should be used to load the stuff that is not web relevant and the DispatcherServlet is used to load the web relevant stuff (Controllers,...). And this result in two contexts: a parent and a child context.

Background:

I was doing it this standard way for several years.

&lt;!-- language: xml --&gt;

    &lt;context-param&gt;
        &lt;param-name&gt;contextConfigLocation&lt;/param-name&gt;
        &lt;param-value&gt;classpath*:META-INF/spring/applicationContext*.xml&lt;/param-value&gt;
    &lt;/context-param&gt;

    &lt;!-- Creates the Spring Container shared by all Servlets and Filters --&gt;
    &lt;listener&gt;
        &lt;listener-class&gt;org.springframework.web.context.ContextLoaderListener&lt;/listener-class&gt;
    &lt;/listener&gt;

    &lt;!-- Handles Spring requests --&gt;
    &lt;servlet&gt;
        &lt;servlet-name&gt;roo&lt;/servlet-name&gt;
        &lt;servlet-class&gt;org.springframework.web.servlet.DispatcherServlet&lt;/servlet-class&gt;
        &lt;init-param&gt;
            &lt;param-name&gt;contextConfigLocation&lt;/param-name&gt;
            &lt;param-value&gt;WEB-INF/spring/webmvc-config.xml&lt;/param-value&gt;
        &lt;/init-param&gt;
        &lt;load-on-startup&gt;1&lt;/load-on-startup&gt;
    &lt;/servlet&gt;

This often caused problems with the two contexts and the dependencies between them. In the past I was always able to find a solution, and I have the strong feeling that this makes the software structure/architecture always better. But now I am facing a [problem with the events of the both contexts][1]. 

-- However this makes my rethink this two context pattern, and I am asking myself: why should I bring myself into this trouble, why not loading all spring configuration files with one `DispatcherServlet` and removing the `ContextLoaderListener` completely. (I still will to have different configuration files, but only one context.)

Is there any reason not to remove the `ContextLoaderListener`?


  [1]: https://stackoverflow.com/questions/8534222/how-to-bridge-spring-application-context-events-to-an-other-context

ContextLoaderListener or not?

This will redirect a request with a _temporary_ 302 HTTP status code:

    HttpServletResponse response;
    response.sendRedirect(&quot;http://somewhere&quot;);

But is it possible to redirect it with a _permanent_ 301 HTTP status code?

HttpServletResponse sendRedirect permanent

I have a package in which I import javax.servlet.* and javax.servlet.http.*
When I try to compile it in command prompt I get the error

&gt; package javax.servlet does not exist

I use JDK 1.7.0 and Tomcat 6.0.

Compile error: package javax.servlet does not exist

I&#39;m running a web application on Tomcat. I have a class that handles all DB queries.
This class contains the `Connection` object and methods that returns query results.

This is the connection object:

    private static Connection conn = null;

It has only one instance (singleton).

In addition, I have methods that execute queries, such as search for a user in the db:

    public static ResultSet searchUser(String user, String pass) throws SQLException

This method uses the static `Connection` object. My question is, is my use in static `Connection` object thread safe? Or can it cause problems when a lot of users will call the `searchUser` method?



Is it safe to use a static java.sql.Connection instance in a multithreaded system?

I&#39;m trying to figure out how to properly use the [OpenSSL.Session][1] API in a concurrent context

E.g. assume I want to implement a `stunnel-style ssl-wrapper`, I&#39;d expect to have the following basic skeleton structure, which implements a naive `full-duplex tcp-port-forwarder:`

    runProxy :: PortID -&gt; AddrInfo -&gt; IO ()
    runProxy localPort@(PortNumber lpn) serverAddrInfo = do
      listener &lt;- listenOn localPort

      forever $ do
        (sClient, clientAddr) &lt;- accept listener

        let finalize sServer = do
                sClose sServer
                sClose sClient

        forkIO $ do
            tidToServer &lt;- myThreadId
            bracket (connectToServer serverAddrInfo) finalize $ \sServer -&gt; do
                -- execute one &#39;copySocket&#39; thread for each data direction
                -- and make sure that if one direction dies, the other gets
                -- pulled down as well
                bracket (forkIO (copySocket sServer sClient
                                 `finally` killThread tidToServer))
                        (killThread) $ \_ -&gt; do
                    copySocket sClient sServer -- &quot;controlling&quot; thread

     where
      -- |Copy data from source to dest until EOF occurs on source
      -- Copying may also be aborted due to exceptions
      copySocket :: Socket -&gt; Socket -&gt; IO ()
      copySocket src dst = go
       where
        go = do
            buf &lt;- B.recv src 4096
            unless (B.null buf) $ do
                B.sendAll dst buf
                go

      -- |Create connection to given AddrInfo target and return socket
      connectToServer saddr = do
        sServer &lt;- socket (addrFamily saddr) Stream defaultProtocol
        connect sServer (addrAddress saddr)
        return sServer


How do I transform the above skeleton into a `full-duplex ssl-wrapping tcp-forwarding proxy`? Where are the dangers W.R.T to concurrent/parallel execution (in the context of the above use-case) of the function calls provided by the HsOpenSSL API?

PS: I&#39;m still struggling to fully comprehend how to make the code robust w.r.t. to exceptions and resource-leaks. So, albeit not being the primary focus of this question, if you notice something bad in the code above, please leave a comment.


  [1]: http://hackage.haskell.org/packages/archive/HsOpenSSL/0.10.3.1/doc/html/OpenSSL-Session.html

Proper use of the HsOpenSSL API to implement a TLS Server

I have python/django app on Heroku (Cedar stack) and would like to make it accessible over https only. I have enabled the &quot;ssl piggyback&quot;-option, and can connect to it via https. 

But what is the best way to disable http access, or redirect to https?

How to make python on Heroku https only?

These may be phrased as separate questions for clarity, but they are all related to the same issue.

How are SSL certificate server names resolved?

Why do browsers seem to use the CN field of the certificate, but Java&#39;s mechanism seem to only look at &quot;subject alternative names&quot; only?

Is it possible to add alternative names to a SSL certificate using keytool?
If not, is using openSSL instead a good option??

**Just a little background:** I need to get a main server to communicate with several servers using HTTPS. Obviously, we don&#39;t want to buy SSL certificates for every server (there could be many), so I want to use self-signed certificates (I have been using keytool to generate them). After I add the certificates as trusted in the OS, the browsers (IE and Chrome) happily accept the connection as trusted. However, even after adding the certificates to Java&#39;s cacerts, Java still won&#39;t accept the connection as trusted and throws the following Exception:

&gt; Caused by: java.security.cert.CertificateException: No subject alternative names
 present
        at sun.security.util.HostnameChecker.matchIP(HostnameChecker.java:142)
        at sun.security.util.HostnameChecker.match(HostnameChecker.java:75)
        at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkIdentity(X509T
rustManagerImpl.java:264)
        at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(
X509TrustManagerImpl.java:250)
        at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Clien
tHandshaker.java:1185)
        ... 14 more

I found that I can make Java trust the certificate implementing my own HostNameVerifier, which I copied from here: [com.sun.jbi.internal.security.https.DefaultHostnameVerifier][1] just to test (by the way, the hostname passed as an argument to the HostnameVerifier is correct, so I think it should have been accepted).

I have been using the certificate field CN as the hostname (usually the IP address).

Can anybody please tell me if I am doing something wrong and point me in the right direction? 

  [1]: http://searchcode.com/codesearch/view/43177932/

How are SSL certificate server names resolved/Can I add alternative names using keytool?

**Summary:**&lt;br/&gt;
Is there a way to force the built in SoapClient-class in PHP to connect over HTTPS to a server with an invalid certificate?

**Why would I want to do that?**&lt;br/&gt;
I have deployed a new application on a server that has no DNS entry or certificate yet. I want to try connecting to it with a SoapClient *before* setting up the DNS entry and fixing the certificate, and the most reasonable way to do this seems to be to just make the client ignore the certificate during testing.

**Don&#39;t I realise that this is a huge security risk?**&lt;br/&gt;
This is only for testing. When the service goes into production, there will be a valid certificate in place, and the client will be forced to validate it.

Disable certificate verification in PHP SoapClient

I was recently requesting a SSL cert via GoDaddy and noticed this message:

![Make sure the CSR you generate uses a 2048-bit or greater key length][1]

In the past I have always generated 2048-bit CSR requests, but this time it got me thinking that perhaps I should &quot;step it up,&quot; and it seems like the next step would be a 4096-bit version.

There isn&#39;t much info available on 4096-bit SSL certs - but apparently many people have been using 1024-bit certificates until they absolutely had to upgrade and now some browsers won&#39;t support the 1024-bit certificates anymore.

How is browser support for 4096-bit certificates? If GoDaddy requires &quot;at least&quot; a 2048-bit certificate, is that enough, or should I try and do something more? If so, what are the advantages and disadvantages?

PS: the two links in GoDaddy&#39;s message are [CSR Help][2] and [Learn more][3], neither of which I found very helpful.


  [1]: https://i.stack.imgur.com/aO5Gg.png
  [2]: https://www.godaddy.com/help/generate-a-csr-certificate-signing-request-5343
  [3]: https://www.godaddy.com/help/why-do-you-require-a-2048-bit-key-for-my-csr-5619

Are there any disadvantages to using a 4096-bit encrypted SSL certificate?

Can I create an Express server listening on both HTTP and HTTPS, with the same routes and the same middlewares?

Currently I do this with Express on HTTP, with [stunnel][1] tunneling HTTPS to Express, but I prefer a pure Node solution.

I can do it with this code, but using the `handle` method that is marked as private:

    var express = require( &#39;express&#39; )
        , https = require(&quot;https&quot;)
        , fs = require( &#39;fs&#39; );

    var app = express.createServer();
    // init routes and middlewares
    app.listen( 80 );

    var privateKey = fs.readFileSync( &#39;privatekey.pem&#39; ).toString();
    var certificate = fs.readFileSync( &#39;certificate.pem&#39; ).toString();
    var options = {key: privateKey, cert: certificate};
    https.createServer( options, function(req,res)
    {
        app.handle( req, res );
    } ).listen( 443 );

  [1]: http://www.stunnel.org/

Listen on HTTP and HTTPS for a single express app

What is difference between HTTP and HTTPS header? 

 1. What are benefits of using HTTPS over HTTP? 
 2. What settings  needs to be done for making website HTTPS?
 3. Can we use HTTPS for only login purpose and then onwords HTTP?
 4. Is there any threat present in HTTPS?
 5. Is processing time required for HTTPS is greater than HTTP?
 6. Does HTTPS cost more than HTTP?

Content Type	Original Author	Original Content on Stackoverflow
Question	ufk	View Question on Stackoverflow
Solution 1 - Java	Ramesh PVK	View Answer on Stackoverflow
Solution 2 - Java	Cratylus	View Answer on Stackoverflow
Solution 3 - Java	Matthew Flaschen	View Answer on Stackoverflow

How can I know if the request to the servlet was executed using HTTP or HTTPS?

Java Problem Overview

Java Solutions

Solution 1 - Java

Solution 2 - Java

Solution 3 - Java

Ghostscript to merge PDFs compresses the result

How to access a sub-file/folder in Java 7 java.nio.file.Path?

Attributions