Thursday, July 28, 2011

CAS (Centralized Authentication Service) Introduction


CAS is a Java based open source SSO (Single Sign On) solution originally developed by the Yale University. You can just have a Google search to find more on CAS and SSO. The official CAS web page is http://www.jasig.org/cas and you can download the CAS server from there.  Today I am going to give a brief description about how to deploy the CAS server application in your web server.
CAS is built on Spring Web Flow framework and Apache Maven has been used as the building tool. Therefore if you are going to re build/modify the CAS distribution, it is required to install Apache Maven and Spring web flow in your development environment. In addition, I am going to deploy the CAS sever application in the apache Tomcat server. Therefore it is good if you have installed following software prior to download and deploy CAS server.
  • Java
  • Apache Tomcat
  • Apache Maven
  • Spring Web Flow


CAS Server is available to download at http://www.jasig.org/cas/download . It is good if you download the latest version of the CAS server distribution. In my case, I have downloaded the cas-server-3.4.10 version. Once the download is completed, extract the CAS server zip file and you will get the CAS server directory with all available modules. Those modules are included in the CAs server directory as follows.





In order to deploy the CAS server application in your tomcat server, we need to work with the cas-server-webapp module.  That module should be built to get the deployable CAS server web application module (known as war file). You can follow the below steps to build the CAS server web application.( Use command prompt (in wndows) or terminal/vi editor (in linux) to build the cas-server-webapp module.)

1. go to the cas-server-webapp directory using your command prompt.

 In my case, C\cas-server-3.4.10\cas-server-webapp\

2. You can see the standard directory structure of the maven module and you are required to build the module using  Apache maven. In order to build the module, use the following command.

C\cas-server-3.4.10\cas-server-webapp\ mvn clean install
It will take few times to build the application module because; the required dependencies (as declared in the pom.xml file) should be downloaded from the maven repositories. Once the module is built, you can see a newly built directory called target. Inside the target directory, you will find the cas.war file. This file should be deployed in the webapps ($CATALINA_HOME/webapps) directory of the tomcat installation. After deploying the cas.war file, make sure to restart the tomcat server for reflecting the newly deployed web applications. (Even you can use the touch command also)


3. Now you can access the CAS server application as a web application hosted in your tomcat server.

http://localhost:4287/cas (i have changed the tomcat port from 8080 to 4287. This is because my 8080 port is used by some other application installed in my pc. You are not required to change it and you can use your default port that is 8080)

4. Then you will see the CAS login screen and it requests for your username and password. The CAS in built version authenticates the user credentials using through a simple authentication handler implemented by them. Therefore you have to type the same value for both username and password.

The class definition is available at : org.jasig.cas.authentication.handler.support.SimpleTestUsernamePasswordAuthenticationHandler

5. Once you are successfully authenticated, you will be displayed a login success page. Then open  a new tab and try to login again.

You will again see the login screen even if you have successfully logged in using previous tab. In order to avoid this situation, it is required to make the below configuration to the cas-server-webapp/src/main/webapp/WEB-INF/spring-configuration/TicketGrantingTicketCookieGenerator.xml file. Change the p:cookieSecure="true" property value to the p:cookieSecure="false". Then re-build the application and deploy it in tomcat server. Try to login again using two tabs. The problem may not occur anymore.


The next post will be how to integrate facebook login Authentication system with CAS server to make use of the facebook login for your website login.

Regards 
Chathuranga Tennkoon 

Wednesday, July 20, 2011

JAR Signing and Verification


In order to make your J2ME mobile application trusted, it has to be digitally signed. I have realized that the most of the J2ME developers do not know how to digitally sign a MIDlet suite to add it to the trusted domain. Today I am going to discuss a lengthy article on how to sign jar file. 

It is possible to use jarsigner utility for signing the JAR file digitally. Jarsigner is a utility that comes by default with the installation of the JDK (Java Development Kit). First open the command prompt and enter the command called jarsigner to check whether the jarsigner utility is available and ready to be used. Sometimes you will get the following error that says that jarsigner cannot be recognized as a command. If you do not get this error, you will be ended up by showing a list of commands available under the jarsigner utility.





The reason for this error is you have not set the class path for the java in your command prompt (This can be verified by invoking the javac command in the command prompt). Therefore it is required to set the class path for the JDK as follows.




 Once the class path is set, the availability of the jarsigner utility should be verified again. Type jarsigner and press enter in the command prompt. You will see a list of commands available under the jar signer utility as follows.




Now it is possible to use the jarsigner utility to digitally sign your selected JAR file. Before signing the digitally signing process you may require to check whether the JAR file has already been signed or not. In oder to do this fist go into the directory where the relevant jar file is stored (In my case it is stored inside E:\J2ME>).then the verification can be done with the following command.
jarsigner -verify YourjarFieName.jar

 If the verification is successful and the JAR file is already signed, the following message will be displayed.
jar verified.
 
Otherwise it will display the following error message to indicate the JAR file verification process is failed and JAR  file is unsigned.



If it is unsigned, then you can start the signing process as below.

First it is required to create a set of keys that will be used for both JAR file signing process and the JAR file verification process.  The following command can be used to create a keystore with key entries.

keytool -genkey -alias your-alias-name -keystore your-keystore-name

In my case, I used the following command to create a keystore with key entries.

keytool -genkey -alias chathurangaAlias -keystore chathurangaKeyStore


Then it prompted set of questions and those were answered as below.


 
Note: I have used 123456 as the password for both keystore and alias. 

    What is your first and last name?
      [Unknown]:  Chathuranga tennakoon
    What is the name of your organizational unit?
      [Unknown]:  IT Department 
    What is the name of your organization?
      [Unknown]:  Chathuranga (pvt) Ltd 
    What is the name of your City or Locality?
      [Unknown]:  colombo
    What is the name of your State or Province?
      [Unknown]:  western province
    What is the two-letter country code for this unit?
      [Unknown]:  sl 
    Is <CN=Chathuranga tennakoon, OU=IT Department, O=Chathuranga (pvt) Ltd,
        L=colombo, ST=colombo, C=sl > correct?
      [no]:  yes


If you successfully answer all the questions then it will create the keystore file in your current working directory with the given keystore name. In my case, the keystore file has been created in my current working directory as chathurangaKeyStrore.


After successfully creating the keystore file, it is the time to sign the JAR file using jarsigner utility. It can be done by using the following command.

jarsigner -keystore keystore-name -storepass keystore-password 
-keypass key-password jar-file alias-name




Once the jar file is digitally signed, it will display the validity period of the certificate as displayed above. If you need to verify whether the JAR file has been successfully signed, you can use the following command as mentioned at the starting of this article.

    jarsigner -verify YourjarFieName.jar 




Then you can see that the message that says jar verified. That means the JAR file has been successfully signed.

Monday, July 18, 2011

Touch Screen Devices programming with J2ME


There is no specific way to code for j2ME application that should run on touch screen devices. The touch screen behavior is almost determined by the implementation of the device. That means it is the responsibility of the device to recognize the touch events (touch screen events) and response for them appropriately. However there are set of things that might be useful for you when developing applications for touch screen devices.
  

  You might be using Sun Java Wireless Tool kit as the mobile emulator/simulator for testing the application in the development environment. You may have noticed that the emulators available under the Sun Java Wireless Toolkit are no touch supported emulators. Therefore you can follow the steps given below to make them touch enable emulators.


Steps

  •      Go to the installation directory  of the Sun Java Wireless Toolkit installation. Under that directory go to wtklib ---> devices directories.  In my case, C:\WTK2.5.2_01\wtklib\devices. Then you will see a set of directories as below with the names of the mobile emulators available






  •         Then open one of the directory (Mobile Simulator) and open the properties file available for that simulator.

In my case, I have selected DefaultColorPhone Simulator and opened the DefaultColorPhone.properties file under that. The property file contains the properties of the Mobile Simulator. In order to enable the touch screen event of the selected simulator, change the touch_screen=true as the properties file. Otherwise make it as false. Once it is done, the emulator/simulator will be touch screen enabled.



  Make sure that you are going to build the application (JAR file and JAD file) targeting the type of the device that is  Generic/AnyPhone. This will make sure that you application will be run on both touch screen and non touch screen devices properly. This can be done by adding the following code segment for the Ant script (build.xml) of your Mobile Application.

<deviceRequirements>
<requirement name="Identifier" value="Generic/AnyPhone"/>
</deviceRequirements>


Sunday, July 17, 2011

Deploying J2ME Applications on Windows Mobile


These days I am working on a J2ME based mobile application development project and that mobile application is required to be deployed in a PDA (Personal Digital Assistant) where the Windows Mobile 6.1 Operating System available. Even if I have developed and deployed mobile application for wide range of java enabled mobile devices that are manufactured by leading mobile manufactures  Nokia, Sony Ericson etc…, I was little bit confused in this case. This is because I have never had experience on deploying J2ME applications for the PDA devices whose operating system is Windows Mobile. However after a lengthy study of internet materials, eBooks and so on.., I was able to run the Mobile Application on the PDA successfully.  Finally I decided to share my experience on this mobile development with others because; this might be useful for some of you at some point of your career. It is important to note that the deploying J2ME application on Windows Mobile Device is only a deployment time/level effort (not a development time effort). Therefore you are free to develop the mobile application in your development environment using one of the mobile emulator/simulator as wish. Once it is developed, it can be deployed in any device where the Windows Mobile OS operates. The following tutorial shows you how to deploy it.
First download the JavaFX mobile (latest version) for the Windows Mobile. It is available to be downloaded at the following site. It will be easy to install if you download this software from your PDA web browser. This is because the JavaFX should be installed in your PDA device.


Once the download is completed, just open the file and browse it.  The file is in the Zip format and you will be able to see a file called SUN_JAVAFX.CAB under that zip file. Please refer the below screenshot.


Once the SUN_JAVAFX.CAB is fond, double click on it to launch the JavaFX application installer. It will ask for your permission to continue with the installation process and click on YES to proceed. Please refer the below screenshot.


 
Once the permission is granted to proceed with the installation process, it will prompt another screen to select the storage location for JavaFx application installation. Please refer the below screenshot.




After selecting the storage location, click on Install to start the installation process. It will display below screen to indicate the carrying out of the installation process.


 
If the installation process is successfully completed, the below screen should be displayed.



Now the JavaFX is successfully installed in your PDA and it is ready to launch. In order to launch it, open the Programs of the PDA. Then you will see an icon called JavaFX. Double click on it. Please refer the below screenshot.



 
Once the JavaFX application is launched, it will display the below screen. You can see that there are set of sample applications are available. (e.g.:- calculator application) You can just double click on one of the sample application and have a look at it. Please refer the below screenshot.

Now we are ready to deploy our application which is build using J2ME on our PDA device. Io order to install your application, it is required to have related JAR and JAD file for that application. In my case, I transferred those two files using my email (GMAIL).  I attached those two files to email. Then I access that email from the web browser available in the PDA. I just click on the JAD file and it launches the application installer. It asks for my permission to continue with the installation. Once the permission is granted, it asks for the installation location of the application (select your decided location for the application).In my case, I selected root as the installation location. This took few minutes to complete the installation. Once the installation is completed, the application can be started by double clicking the JavaFX icon under the programs section. Please refer the below screenshot.





Important:-
If the application is modified, then it will be required to install the newly modified version of the Mobile application on the PDA. In order to o this you have to re-install the install the application in your PDA. When building the JAR file and JAD file for the re-installation, make sure that you have changed the version number of the mobile application. Otherwise the PDA will discard the installation process because, the application version that you are trying to install is already available in the PDA. The application version should be changed in the JAD file. If you are using the Apache Ant ,it may be required to change  the application version in the build.xml file too. Therefore please make sure that the JAD file version is reflected in the build.xml file.