Some application service providers and payment systems (such as Global Collect) require you to present a mutually agreed upon SSL certificate to them in order to authenticate and use their services. This is certainly a one-off scenario and that is what the I.T. posts on my blog are all about.
The code below is written in Java and called as a servlet via ColdFusion (which is another API for Java). Anyway, it presents the certificate via a direct call to the path. During my research on this challenge, I also saw that you can use the Java certificate store to present the certificate. However, I could never get ColdFusion to do this. I followed recommendations by Sun documentation and other blogs but after spending days trying to figure it out, I just settled for calling the direct path to the certificate.
There are a couple advantages to the 'direct path' method (aside from the fact that it works 100% of the time). First, you could actually just make the path an argument in the function and keep the key wherever on the box. Secondly, the 'direct path' call relieves the server admininistrator of having to import the SSL key to the java certificate store for every new client or update ones that are there. This would make a shared host scenario hard to manage. This way, users can just FTP their certs up and supply the path to the servlet.
Anyway, enough rambling... here it is.. Hope it helps you.
CODE:
-
/*
-
*
-
* Created on April 05, 2006, 10:10 AM
-
* Author: Phillip B. Holmes
-
*/
-
-
-
import java.net.*;
-
import java.io.*;
-
-
public class ReadHttpsURL {
-
public static String uri;
-
public static String XML;
-
-
public static void main(String args[]){
-
ReadHttpsURL obj = new ReadHttpsURL();
-
obj.readit(uri,XML);
-
}
-
-
public String readit(String uri, String XML) {
-
try{
-
System.setProperty("javax.net.ssl.keyStore", "d:\\cfusion\\runtime\\jre\\lib\\security\\ssmt.pfx");
-
System.setProperty("javax.net.ssl.keyStorePassword", "your_certs_password");
-
System.setProperty("javax.net.ssl.keyStoreType", "pkcs12");
-
System.setProperty("java.protocol.handler.pkgs","com.sun.net.ssl.internal.www.protocol");
-
String message;
-
URL url = new URL(uri);
-
-
URLConnection conn = url.openConnection();
-
conn.setDoOutput(true);
-
conn.setRequestProperty("Content-Type", "text/xml");
-
BufferedWriter out = new BufferedWriter(new OutputStreamWriter(conn.getOutputStream()));
-
-
out.write(XML);
-
out.flush();
-
-
// Get the response
-
BufferedReader in = new BufferedReader(new InputStreamReader(conn.getInputStream()));
-
String line;
-
StringBuffer sb = new StringBuffer();
-
while ((line = in.readLine()) != null) {
-
sb.append(line);
-
}
-
message = sb.toString();
-
-
in.close();
-
out.close();
-
-
return message;
-
-
} catch (Exception e) {
-
String message = "exception: " + e.getMessage();
-
return message;
-
}
-
}
-
}
Whenever I look at my blog's statistics, I always see cf'ers searching for try catch examples within cfscript. So far, the ColdFusion portion of my blog has featured 'one off' code for odd situations and such. I completely forgot that most people that are looking for examples like try catch instead. What I've decided to do here is feature a little more than my stats log has requested by listing a try catch a couple languages so you can see how CF stands up to a full blown programming languages like Java or C#.
-----
A Java or C# try catch would go something like this:
CODE:
-
try {
-
// the code you want to try to run
-
} catch (SomeException e) {
-
// code to run when their is an error
-
}
-
finally {
-
// This is code that runs regardless of the error.
-
}
-----
This is the ColdFusion equivalent:
CODE:
-
try {
-
foo = 1;
-
} catch(any excpt) {
-
foo = 2;
-
}
-----
CODE:
-
function finally() {
-
foo = 3;
-
return foo;
-
}
-
try {
-
foo = 1;
-
} catch(any excpt) {
-
foo = 2;
-
}
-
foo = finally();
-----
So, there it is! I hope that helps those folks out there looking for that example! Thanks for visiting and please come back often as I update frequently.
This little gadget will not only validate the syntax of an email address of a user, but also will use java.net.InetAddress to make sure the domain they are using is valid. This is a handy tool to cut down the number of fake email addresses your application may receive. I have included the source for you to review and change if you like.
You may want to add the ability to actually validate the account as well as the domain. This is possible by using Javamail or other third party classes to instantiate VRFY() function or like functionality on the address, but I do not recommend this because some servers disable this command.
I compiled emailValidator.jar using Netbeans 4.0. I found that the latest version of Netbeans will not create compilations that are compatible with CFMX. I suspect this is due to the latest JVM update. Testing so far has revealed that CFMX will only run under Sun's JVM version 1.4.2_10 and under. So, in other words CFMX does not support J2SE 5.0 as of this post. However, I am sure that will be included in an updater of CFMX 7 or future iteration of CFMX. Here are all the J2SE 1.4.2 downloads and reference docs. That page also has the JRE.
Anyway, enough said.. here it is. You'll need winrar to decompress it.
Sun's Charset class reference
Every so often, you may have to deal with international data that has not been stored properly in an ntext or nvarchar field. Generally, this data will be stored as ascii representations of unicode or NCRs. So, when you need to display this in the browser as a certain language type, you'll need to tell ColdFsuion or Java what charset the data is to be displayed in and what you'll need to store it as when you insert or update.
Here is a scaled down working example of how to do this with ColdFusion using the Java Charset class. This example will loop over your query data and convert it to the Charset you specify. This example is used in the context of a function call and the beginning and ending character sets are passed in as arguments.
CODE:
-
jcharset = CreateObject('java', 'java.nio.charset.Charset');
-
for(i=1;i LTE listLen(qSQL.columnlist); i=i+1 ) {
-
// get column
-
strTemp = ListGetAt(qSQL.columnlist,i);
-
// set variant holder of the data
-
vntText = qSQL[strTemp];
-
// instantiate instance of jcharset with orginal encoding as arg
-
charsetBefore = jcharset.forName(arguments.charsetA);
-
// instantiate instance jcharset with new encoding as arg
-
charsetAfter = jcharset.forName(arguments.charsetB);
-
// convert text to byte array with original encoding
-
charBytes = charsetBefore.encode(vntText);
-
// decode with new encoding assign to struct member
-
'ret.data.#strTemp#' = charsetAfter.decode(charBytes).ToString();
-
}
Keep in mind that you'll need the starting and ending character sets as your arguments. Here are a few charsets as examples
Latin: CP1252:
Chinese Simplified: GB2312
Chinese Traditional: Big5
Chinese Taiwan: Big5
Japanese: Shift_JIS
Korean: EUC-KR
Czech: ISO-8859-2
