Programmer’s testimony

This summer, I wrote some useful java classes for generating random passwords.

Creating random password can be useful in situations such as the following:

• A user forgot his password for our application. Our application sends an email with a new temporary password.
• We want to verify, if a mobile phone number submitted by user is correct. Our application sends an SMS with the new temporary password.
• A user of our application creates a new account for his colleague or family member. Our application creates a temporary password for that account.
• For our own purposes. We want to create a good password for our personal usage.

Creating a random password is not so easy as might by thought. There are two commons errors with this:

1. The password generated is an inelegant word, for example: “1something2″. We doesn’t want to send such a password to our potential clients.
2. The password generated contains problematic characters, for example: “1″ and “l” or “O” and “0″. There is a problem, when the user rewrites the password from one device to another, e.g.: from a mobile phone to a web application running on a laptop.

That’s why in my application I create password in the form: 2 letters followed by 1 digit followed by 2 letters followed by 1 digit and so on. For example: ab2cd3ef4. Of course, the randomly – generated password contains only safe characters.

I decided to publish this classes to the open source community. You can use my library in your application on LGPL terms. Here is an example of usage:

// create a new one time password for sending via sms or email
// (4 chars - about 1e5 unique combination)
String password = new PasswordGenerator().generate();

// create a new strong password
// (8 chars - about 1e10 combination)
String strongPassword = new StrongPasswordGenerator().generate()

Using this library is simply for maven2 fans. If you are not already a fan of maven2, I advise you to become one. In your maven2 application in pom.xml file add a dependency:

<dependency>
  <groupId>eu.jakubiak</groupId>
  <artifactId>jakubiak-generators</artifactId>
  <version>1.0-SNAPSHOT</version>
</dependency>

You have to download and build the source by typing:

svn checkout http://jakubiak-generators.googlecode.com/svn/trunk/ jakubiak-generators-read-only
cd jakubiak-generators-read-only/jakubiak-generators/
mvn clean install

You should see the success message. Now the installation is completed and you can use this library.

By the way, I also wrote classes for creating a random MD5 number and for creating a random key. MD5 is obvious. The random MD5 numbers are commonly used in web applications, for example as a session cookie. In such a scenario a KeyGenerator class is an improved replacement for the random MD5. The KeyGenerator class create a huge random number bigger than the MD5. (“Bigger” in this case means a potentially larger number is possible). This number is encoded using 62 safe for URLs chars: a-z, A-Z, 0-9. Thanks to that its string representation is shorter and more safe than a hexadecimal encoded MD5.

// create a statistically unique key
// (22 chars safely for URLS - about 2e39 unique combination)
String key = new KeyGenerator().generate();

// create a random MD5 and encode it hexadecimal
// (32chars - 2^128 combination)
String md5 = new Md5HexGenerator().generate();

You can also write your own generator, by implementing IGenerator interface.

This article tells you how to build an application for Red5 server with Maven2. We are going to use Spring, JPA, Hibernate and PostgreSQL database. We aren’t going to use any IDE, instead we are going to use only Bash commands. I will run it on the FreeBSD server. The task of the application is not important. It’s very simple. It’s going to be a Hello World program. The application is going to check if a user has a permission to publish a video on Red5 server. The permission is granted based on sender’s IP address. Accepted IPs are stored in a PostgreSQL database. And, the best thing is that I have already written and published the app, so I’m going to write about a ready product. Let’s get started. My server has already installed:

• Java 1.6 (Diablo JDK)
• Maven 2.0.9
• PostgreSQL 8.3

You have to get the application sources from SVN:  

svn checkout http://jakubiak-red5.googlecode.com/svn/trunk/ jakubiak-red5-read-only

    This way, you get sources of jakubiak-red5 project, which include our example application. jakubiak-red5 project is linked to Red5 sources using svn:externals. This mean, Red5 sources are downloaded together with my project. Now it’s time for the first compilation. Thanks to a Marcello Teodorii’s contribution the application is built without any problems.  

cd jakubiak-red5-read-only/jakubiak-red5-pom/
mvn clean install

    Now, maven starts getting dependencies for the application from the Internet. It can take some time. After downloading, we have to wait for compilation of about 700 Java classes. At the end, we will see a success message. (As you can see, I have been waiting 16 minutes, however it’s built much faster for second time.) Now, you have to create PostgreSQL a database and a user. As a password type demojpa.  

createuser -h localhost -U pgsql -S -D -R -P demojpa
createdb -h localhost -U pgsql -O demojpa demojpa

    You have to create the database now, because it’s necessary for compiling and testing the application.  

cd ../jakubiak-red5-demo-jpa/
mvn clean install

    You have to wait few minutes. You have just built the application. The result of maven tasks is a war file. You have to deploy the war file on Apache Tomcat. I prefer 6.0.18 version.  

cd ../..
wget "http://ftp.tpnet.pl/vol/d1/apache/tomcat/tomcat-6/v6.0.18/bin/apache-tomcat-6.0.18.tar.gz"
tar xvfz apache-tomcat-6.0.18.tar.gz
cp jakubiak-red5-read-only/jakubiak-red5-demo-jpa/target/tomcat/webapps/jakubiak-red5-demo-jpa-war.war apache-tomcat-6.0.18/webapps/

    You make Tom cat do it’s job. Mrrrau  

cd apache-tomcat-6.0.18/
./bin/startup.sh
tail -f logs/catalina.out

    In Tomcat log we are looking for a success. It’s time for testing. You have to start a web browser:  

http://ADRES-IP-SERWERA:8080/jakubiak-red5-demo-jpa-war/publisher.swf

    It loads a standard application distributed with Red5 – publisher. In “Location” field type:  

rtmp://ADRES-IP-SERWERA/demojpa

    RTMP is a protocol used by Flash applications. “demojpa” is an accessible name of our application. Press “Connect” button. On the “Settings” tab you have to select a web camera and a microphone. You have to test publishing. It shouldn’t work, because your IP address doesn’t have permission for the application. We can find a warning message in Apache Tomcat logs. You have to put your IP address in the database.  

psql -h localhost -U demojpa
INSERT INTO hostallow VALUES ( '192.168.0.114' );

    Let’s go back to the web browser. Now, you can publish the video and admire the results. Now you have a working application. It’s time for you to learn.  

find . -type f | egrep -v .svn
./src/test/java/eu/jakubiak/red5/demo/jpa/StreamPublishSecurityTest.java
./src/main/java/eu/jakubiak/red5/demo/jpa/entities/HostAllow.java
./src/main/java/eu/jakubiak/red5/demo/jpa/DemojpaApplicationAdapter.java
./src/main/java/eu/jakubiak/red5/demo/jpa/StreamPublishSecurity.java
./src/main/resources/META-INF/persistence.xml
./src/main/resources/red5-services.xml
./src/main/resources/logback.xml
./src/main/resources/red5-core.xml
./src/main/resources/red5-common.xml
./src/main/resources/beanRefContext.xml
./src/main/resources/defaultContext.xml
./src/main/resources/red5-web.xml
./src/main/resources/jdbc.properties
./src/main/webapp/META-INF/MANIFEST.MF
./src/main/webapp/WEB-INF/demojpa-servlet.xml
./src/main/webapp/WEB-INF/web.xml
./src/main/webapp/publisher.swf
./pom.xml

    From the beginning, StreamPublishSecurityTest – is a Java class for testing sensitive code in your application. HostAllow is a JPA entity class defining a table in the database. DemojpaApplicationAdapter defines a starting point for Red5 application, where I have placed a code enabling the security rules. StreamPublishSecurity is a real worker class – it checks the security rules against the database. Next: persistence.xml is a file for JPA, you put entity classes there. red5-services.xml is a very important file, where we you configure Spring beans used by your application. There are also definitions of the database connection. Also, you can put Red5 remote services there. logback.xml is a log system configuration. red5-core.xml, red5-common.xml, beanRefContext.xml and defaultContext.xml are configuration files for Spring beans used by Red5. If you want to improve Red5 this is the place to hack. red5-web.xml is a file where you can change RTMP name of your application – “demojpa”. jdbc.properties is a file with database properties. demojpa-servlet.xml is a file for defining MVC controllers of your web application. web.xml is the most important file for war archive, it defines web application components. We have dealt with publisher.swf earlier. pom.xml is a magic Maven file, which describes how maven has to build the application. Cool, isn’t it?

Recently a new programmer Marcello Teodori has joined to jakubiak-red5 project and he has done very good job. He has split jakubiak-red5 project into new modules. He has extracted tomcat, jetty and scripting from the core module. Thanks to that the core module is lighter and it has less irritating dependencies. It was extremely important to remove to Groovy dependencies from core, because it was a lot of jars.

Jakubiak-Red5 it’s a project whose aim is standardization of building Red5 server using maven2. By using jakubiak-red5 it’s easier to build enterprise application which use Red5. This project provides maven pom files. Red5 sources remain intact, they are linked with svn:externals.

In future I would really like to make it possible to run a reduced to minimum version of Red5 using Java Web Start. Thanks to that, it would be possible to record a video from a webcam in a high quality. However, as for now, I still can’t do it.

In its beginnings Jakubiak-Red5 was my experimental project, and that’s why it’s called this way. Soon, the prefix “Jakubiak” will have to be removed, because it’s no longer only my project and new programmers contribute a lot to it. Thanks Marcello!!!

 

This time I would like to invite you to my project jakubiak-red5, the purpose of which is the combination of the following technologies : Red5, Xuggle and Maven2. Xuggle is a tool for the conversion of video images in real-time. Red5 is a server of multimedia applications. Maven2 is the most efficient tool for organizing the process of building applications. My goal is to combine them all together.

 

My project is ,in fact it is a building script. It is supposed to be an instruction for Maven2 on how to build server Red5 and a (Java) part of Xuggle library. Let’s have a look on how it works. In SVN repository there is a structure of the Maven project, along with the files pom.xml. The source code of Red5 and Xuggle libraries does not change because it is connected to the source code of the original projects using svn:externals. All you need to do in order to build a project is to write mvn clean install. I assume that each Java programmer is already a fan of Maven or will become such in a future, so there is no need to dwell on it any more.

The results of work are the dependencies that can be used in a new project – a new Red5 based application (or Red5 and Xuggle based).

Welcome to a battle-field!

What we need is Xuggle. The installation of Xuggle Instalacja Xuggle jest prosta seems to be suprisingly simple, compared to the capability of this library (at least for Windows) Setup.exe.

The next installation is Red5. I recommend you to try wersje 0.8RC2 version. Again, follow the procedure setup.exe. For Windows you will need a 32-bit Java.

One more thing – a binary Maven2. Download, unzip and try out.

Finally, you need to download the sources of my project:

svn checkout http://jakubiak-red5.googlecode.com/svn/trunk/ jakubiak-red5-read-only

 

This command is supposed to download the sources of my project as well as the sources of Red5 server, and partly the sources of Xuggle project. Now it’s time for a testing compilation:

cd jakubiak-red5-pom/
mvn clean install
cd ../jakubiak-xuggle-pom/
mvn clean install

 

Yet, before we can finally see this long expected message, we need to use the Internet to download a few dependencies which, for a couple of reasons, might not be found in depositories and they are not downloaded automatically.

It’s a testing time now. You need to publish on the Red5 server the examples build by my script ; in other words, just copy the directories:

cp -r jakubiak-red5-oflaDemo/target/jakubiak-red5-oflaDemo-0.8-SNAPSHOT/ ../../Program Files (x86)/Red5/webapps/
cp -r jakubiak-xuggle-xuggler-red5-videotranscoder/target/jakubiak-xuggle-xuggler-red5-videotranscoder-1.0-SNAPSHOT/ ../../Program Files (x86)/Red5/webapps/
net start Red5

 

Once we start up the internet browser, we can try out a few examples:

• http://localhost:5080/demos/ofla_demo.html
• http://localhost:5080/demos/publisher.html

If we want to see Xuggle “in action”, we need to connect to the application videotranscoder: rtmp://localhost/videotranscoder using the Publisher program. The name of the stream should be preceded by a prefix “xuggle_“.

My library Jakubiak-red5 to some extend replaces the usual building process. Red5 and Xuggle are built by means of Apache Ant and Ivy (I am genuinely thrilled hearing these names). I, on the other hand, prefer building them using Maven2. It is quite a complex and time-consuming process, yet it is definitely worth the shot, because it enables me to create applications combining lots of fascinating technologies, for example: JPA, Spring. I can also create the WAR application including Red5 and Xuggle, which will then be started up on Apache Tomcat 6. Moreover, I can enjoy working with Eclipse IDE. To sum up, it offers lots of opportunities.

However, the most significant fact is that my library does not modify the sources of Xuggle and Red5 projects.

One of the alternatives to my building script would be to add the libraries of JAR, Red5 and Xuggle straight to the Maven repository. But, this method will not be sufficient in building WAR version of Red5 application. WAR version is extremely useful, but I will return to this issue next time.