Wednesday, January 23, 2008

Joining the Airforce

I never finished anything after my high school diploma. I went to University for two years, but decided to take a brake, mostly because of the (almost non-existing) progress I was making. In that time I met my current wife, and by now we have three children.
However, without a proper education, it is quiet hard to find a job that is both satisfying and well-payed.
Last spring I applied as a pilot in our Airforce (again, second time I tried). This time I went trough the selection pretty quickly. Right now, all I have to pass is a physical test and a piloting test.
Who knows, perhaps I will have to stop doing what I'm doing, and start a new career as a military pilot...

Wednesday, January 9, 2008

Password protect Apache2 server

I have been running an Apache2 server (with MySQL and PHP) since forever, mainly to run MythWeb (a great plugin for MythTV), and the occasional  CMS like Joomla! or Mambo.

Now I am also experimenting with Java, JavaScript, PHP and MySQL, and I would like to be able to do some from my work as well. So I opened port 80 on my connection. However, without any kind of protection, this means that anybody who knows my IP, can just use MythWeb to delete all my recording. 

There are two option in securing your webserver:

1. Use PHP (or equivalent language) to create a login system

2. Put security parameters in the Apache2 configuration.

Since I am still beginning with PHP etc, I opted for the second option. My server is running Ubuntu 7.04. It is possible to use .htaccess files in the root of your webserver to set passwords etc. But I read that it is better to set passwords in httpd.conf. Ubuntu puts this file in /etc/apache2/. Note that by default httpd.conf is not used anymore, right now Apache uses the /etc/apache2/apache2.conf file. But anything that you put in the httpd.conf will be applied by Apache2. And doing so, has the benefit that your apache2.conf stays nice and clean.

Create a password with the htpasswd command:

htpasswd -c <username> /some/location/for/passwordfile

It will ask to give a password, and will then put it in the specified location.

This is what I added to the httpd.conf file:

<Directory>

AuthType Basic

AuthName "Please enter username and password"

AuthUserFile /some/location/for/passwordfile

Require valid-user

</Directory>

The first line sets this policy for /var/www/ and lower directories. The third line is the message shown to users, the fourth line specifies where the created password file is set.

Wednesday, January 2, 2008

Java + XML

I have a certain text, which is basically an template for our CMS at work. This text needs to be edited and written in notepad or any other texteditor. What I would like to do, is have an nice GUI, where I just select the specifics, and it generates the requiered text from that. So for instance, just fill in the partnumber, after which the program would generate the complete text which I can then just copy/paste in our CMS.

So I would use JTextFields, and maybe Combobox etc. But what to do with those values? The most flexibel option would be to have each change of each value updated seperately in the "template". But I have not found a way to edit a certain text in an JTextArea.

The way to go? Write each value to an XML file, and use that XML file to create the "template" in an JTextArea/Pane/whatever.

So now I have to get into XML, and I am going to start here: http://developerlife.com/tutorials/?p=26 and http://www.cafeconleche.org/books/xmljava/.

And some more links: http://www.onjava.com/pub/a/onjava/excerpt/netbeans_2/index2.html and http://www.netbeans.org/kb/55/xmltools-openingsample.html

Remote access

I have set up a SSH server on my Ubuntu mediacenter, and forwarded the proper port. I'm using password authentication, with maximum 3 attempts, en 20 seconds maximum before disconnect. And guess what? It works! I can now access my mediacenter from work through Putty for commandline access, or WinSCP for some easy file browsing.

What I need to fix now, is a remote desktop solution. Within my LAN at home I am using the Vino VNC server of Ubuntu, but I haven't figured out yet how to tunnel this over SSH with putty. There are tutorials, but they presume the use of TightVNC.

And I would like to access my webserver, but without making access public. This also I haven't got working through tunneling over SSH. I guess I could just open up another port for my webserver, but then I'd have to protect access to it. This can be done by using an PHP login system, or by configuring either the .htaccess or httpd.conf file properly. Some usefull links on this subject:

http://php.codenewbie.com/articles/php/1482/Login_With_Sessions-Page_1.html
http://ubuntuforums.org/showthread.php?t=379752&highlight=apache+password+protect