Welcome to my encyclopedia of shitty code!
-
Java + SAML: Illegal Key Size
PROBLEM When attempting to decrypt the SAML response from IdP, the following exception occurs:- SOLUTION When inspecting the SAML response payload below, the data is encrypted with AES-256:- By default, Java’s keysize is limited to 128-bit key due to US export laws and a few countries’ import laws. To fix this… Read More…
-
Spring Security SAML: Configuring Binding for Sending SAML Messages to IdP
PROBLEM Depending on each institution’s Identity Provider (IdP) configuration, the Service Provider (Sp) may need to configure the correct binding for sending SAML messages to IdP. SOLUTION Using Spring Security SAML, the binding configuration is highlighted below:- HTTP-POST Binding Configuration:- Using HTTP-POST binding, the SAML message to IdP will contain the signature information:- HTTP-Redirect Binding… Read More…
-
There are no Limits…
Bruce had me up to three miles a day, really at a good pace. We’d run the three miles in twenty-one or twenty-two minutes. Just under eight minutes a mile [Note: when running on his own in 1968, Lee would get his time down to six-and-a-half minutes per mile]. So this morning he said to… Read More…
-
Java + HTTPS: Unable to Find Valid Certification Path to Requested Target
PROBLEM When invoking a HTTPS URL from Java, for example… …the following exception is thrown… SOLUTION 1: Disable SSL Validation – NOT RECOMMENDED One way is to simply disable the SSL validation by configuring SSLContext to trust all X.509 certificates before invoking the intended HTTPS URL. Unless you are writing test cases or implementing non-production… Read More…
-
Java + HTTPS: Handling ERR_SSL_WEAK_SERVER_EPHEMERAL_DH_KEY
PROBLEM When accessing HTTPS links from a local application server, the modern browser throws the following error message(s):- SOLUTIONS There are multiple solutions to this problem. SOLUTION 1: Disable browser check One way is to completely disable this check on the browser. For example, in Firefox, go to about:config and set security.ssl3.dhe_rsa_aes_128_sha and security.ssl3.dhe_rsa_aes_256_sha to… Read More…
-
Maven: Bundling and Unpacking Native Libraries
Introduction Steps to bundle the native libraries to be pushed to Nexus, and to unpack the native libraries on mvn package. Bundling Native Libraries into a JAR File Let’s assume we have the following native libraries for multiple platforms:- Create a jar that contains these native libraries. The -C options prevents the native folder from… Read More…
-
IntelliJ IDEA: Configuring Default Project Settings
PROBLEM When creating or checking out a project for the first time in IntelliJ IDEA, we may need to reconfigure the project settings. My biggest pain is IntelliJ IDEA will always use the wrong Maven version when I check out the project from the source control. SOLUTION The good news is there is a way… Read More…
-
Rest Template: Could Not Extract Response – No Suitable HttpMessageConverter Found for Response Type [X] and Content Type [application/json;charset=UTF-8]
PROBLEM When invoking a web service using RestTemplate:- … the following exception occurs:- SOLUTION If the content type is JSON, add the following dependency:- Read More…
-
Spring Data JPA: Requested bean is currently in creation: Is there an unresolvable circular reference?
PROBLEM Let’s assume we have the following Spring Data JPA repository… … this repository has some custom implementation… … this custom implementation depends on the original repository to reuse existing APIs… When we run the code, we get the following exception:- SOLUTION To fix the circular reference problem, instead of auto-wiring ProjectRepository using the constructor,… Read More…
About Author
This author has 20+ years of experience in software engineering and cloud engineering. In an industry where knowledge becomes obsolete in the next three months, he learns anything that crosses his path indiscriminately. He floats from one technology to another like a moth and stings the problem sets like a mosquito. This author codes Java while drinking Espresso and writes Spock specifications while listening to Groovy beats. He masters Google Cloud Platform just like how he masters the art of predicting the movement of dark clouds over his backyard, where 60% of the time, he is right every time.
This author suffers from the Dunning-Kruger effect, where he overestimates his competence and underestimates his ignorance. Technology buzzwords never faze him, for he does not know enough to be afraid of in the first place. GCP, GCS, GCR, GKE, GWT… everything sounds the same to him. He never fears acronyms, synonyms, or antonyms, for he has ChatGPT in his back pocket. This author is a jack of all trades but a master of none. He writes like he knows all the answers, yet he googles for better solutions from elsewhere. He fakes it until he makes it; if he doesn’t, that’s okay because he has the attention span of a squirrel. The blog posts are his buried walnuts, in case he needs them one day.
In conclusion, this author is full of something. He apologizes in advance if you are trying to solve your company’s real problems with his shitty solutions. There, he has successfully written paragraphs of nonsense because every professional blogging website needs a section about the author, with a too-cool-to-smile portrait staring sideways into the abyss.