Running a task on a different thread in Java 8

Occasionally it can be worth putting a task on a different thread so that it doesn’t block the main thread. Examples include a task that analyses heavy files, a task that sends out emails etc. If we put these tasks on a different thread and don’t wait for it to return a result then it’s called the fire-and-forget pattern. We start a new thread and let it run in the background. The task on the different thread is expected to carry out its functions independently of the main thread.

Let’s imagine that the following greetCustomer method is something we want to run on separate thread so that the main thread is not blocked:

Read more of this post

How to calculate the message digest in Java

A message digest is an important concept in cryptography. A digest is an array of bytes created by a hashing formula. It is used to make sure that some digital information has not been tampered with. In a sense it is a footprint of an object, such as a file. If someone modifies the file then the footprint also changes. Then we know that the file has been changed. Another word for a message digest is checksum. There are various hashing algorithms to perform the calculation. SHA-256 and MD5 are the most common ones.

For an example you can check out the Apacha log4j2 download page here. You’ll see a column called “checksum” for various files. If you click on one of those you’ll see the MD5 hash of the file in a relatively human readable form, such as “31826c19fff94790957d798cb1caf29a”.

Java and other popular programming languages have built-in classes to construct a message digest. Let’s see an example from Java.

Say we have a file called data.txt in the C:\Tmp folder. Data.txt contains a single line “Hello world”. The following code snippet will build the message digest of the file:

try
{
    FileInputStream inputStream = new FileInputStream(new File("c:\\Tmp\\data.txt"));
    MessageDigest sha256 = MessageDigest.getInstance("SHA-256");
    try (DigestInputStream digestInputStream = new DigestInputStream(inputStream, sha256))
    {
        while (digestInputStream.read() != -1)
        {
            //do nothing, let the digest stream go through the file input stream
        }
    }
    byte[] checksum = sha256.digest();

    System.out.println(DatatypeConverter.printBase64Binary(checksum));
    System.out.println(DatatypeConverter.printHexBinary(checksum));

}
catch (NoSuchAlgorithmException | IOException exception)
{
    System.err.println(exception.getMessage());
}

We ask the SHA-256 hashing algorithm to hash the file using DigestInputStream. We let the digest input stream read in the byte content of the file. We finally print the digest in two different forms: a base 64 and a hexadecimal string. My data.txt file gives the following checksums:

ZOyIygCyaOW6GjVnihtTFtIS9PNmskdyMlNKiuyjfzw=
64EC88CA00B268E5BA1A35678A1B5316D212F4F366B2477232534A8AECA37F3C

We can also look at the MD5 checksum like on the references Apache download page. Just replace the “SHA-256” string with “MD5”. The same sample file yields the following values:

PiWWCnnbxptnTNTsZ6csYg==
3E25960A79DBC69B674CD4EC67A72C62

View all posts related to Java here.

Using client certificates in .NET part 9: working with client certificates in OWIN/Katana III

Introduction

In the previous post we added a couple of components necessary to add client certificate authentication into the OWIN middleware chain. We haven’t yet put the elements to work though. That is the main topic of this post which will finish this series. We’ll also run a couple of tests.

Have the demo application open in Visual Studio in administrator mode.

Read more of this post

Using client certificates in .NET part 8: working with client certificates in OWIN/Katana II

Introduction

In the previous post we started adding the necessary OWIN-related libraries to our Web API project: a couple of NuGet libraries and the Startup class. We publish our application to the local IIS and it doesn’t allow us to break the code within Startup.cs. We’ll soon see that we can still debug the OWIN components further down the call stack.

In this post we’ll add the necessary elements to a client certificate based authentication in .NET MVC with OWIN.

Read more of this post

Using client certificates in .NET part 7: working with client certificates in OWIN/Katana

Introduction

In the previous post we accomplished a couple of things. First we secured our demo Web API website with a client certificate. Second we enabled client certificates for it so that IIS doesn’t just ignore them. Finally we saw that the client certificate is also picked up in the customers controller when sent in code in a web request.

In this post we’ll start discussing how to add client certificate handling as an OWIN middleware component.

Make sure you open the demo Web API project in Visual Studio as an administrator.

Read more of this post

Using client certificates in .NET part 6: setting up client certificates for local test usage

Introduction

In the previous post we investigated how to attach a client certificate to the web request and how to extract it in a controller. We faced an issue that by default client certificates are ignored by IIS so we couldn’t actually read the certificate.

We’ll solve that problem in this post.

Read more of this post

Using client certificates in .NET part 5: working with client certificates in a web project

Introduction

In the previous post we looked at a couple pf examples on how to work with digital certificates in C# code. In particular we saw how to load certificates from a certificate store, how to search for and how to validate one.

In this post we’ll go through how to attach a client certificate to a web request and how to extract it in a .NET Web API 2 project.

Read more of this post

Using client certificates in .NET part 4: working with client certificates in code

Introduction

In the previous post we discussed how to install certificates into the certificate store. We looked at the tool mmc.exe and its certificate handler snap-in. We also inspected the imported certificates visually and verified that the client certificate is valid.

In this post we’ll see a couple of examples how to work with client certificates in code.

Read more of this post

Using client certificates in .NET part 3: installing the client certificate

Introduction

In the previous post we looked at two tools that help you create self-signed certificates: makecert.exe and pvk2pfx. Makecert performs the bulk of the certificate creation process and pvk2pfx is a packaging tool to build pfx files. Pfx files are easy to import into the certificate store. We also created a root certificate and derived a client certificated from that root. We therefore applied the idea of the chain of trust: if we trust the root then we also trust all its derived certificates.

In this post we’ll import the client certificate into the certificate store.

This process is very similar to importing the server side (SSL) certificate. We saw that process in this post.

certmgr and MMC snap in

The c:\windows\system32 folder includes two GUI tools for certificate management: certmgr.msc and mmc.exe. MMC.exe is a more general tool where you can import so-called snap-ins. Certificates have their own snap-in.

Run mmc.exe as an administrator. The following empty window will open:

Read more of this post

Using client certificates in .NET part 2: creating self signed client certificates

Introduction

In the previous post we went through a short introduction on client side certificates. We said that client certificates are used by web clients to strongly authenticate themselves. Client certificates can provide an extra step in the authentication process to tighten security.

In this post we’ll see how to create self-signed client certificates for testing using a tool called makecert.exe.

The process of creating client certificates on your local machine is almost identical to how we generated server side certificates in the series in this series.

Read more of this post

Elliot Balynn's Blog

A directory of wonderful thoughts

Software Engineering

Web development

Disparate Opinions

Various tidbits

chsakell's Blog

WEB APPLICATION DEVELOPMENT TUTORIALS WITH OPEN-SOURCE PROJECTS

Once Upon a Camayoc

Bite-size insight on Cyber Security for the not too technical.

%d bloggers like this: