Thursday, November 29, 2018

Nexus repo validates Docker images on

In Nexus logs I find a lot of calls to

2018-11-05 14:13:43,416+0100 DEBUG [qtp72695066-56] ADV - > GET /registry-v2/docker/registry/v2/blobs/sha256/4f/4fe2ade4980c2dda4fc95858ebb981489baec8c1e4bd282ab1c3560be8ff9bde/data?verify=1541426623-n%2BHbbRXN3Rr4k6Bxofrsv6tRVFw%3D HTTP/1.1
2018-11-05 14:13:43,416+0100 DEBUG [qtp72695066-56] ADV - Connection request: [route: {tls}->http://ourproxy:8080->][total kept alive: 1; route allocated: 0 of 20; total allocated: 3 of 200]
2018-11-05 14:13:43,417+0100 DEBUG [qtp72695066-56] ADV - Connection leased: [id: 18][route: {tls}->http://ourproxy:8080->][total kept alive: 1; route allocated: 1 of 20; total allocated: 4 of 200]
2018-11-05 14:13:43,475+0100 DEBUG [qtp72695066-4467] ADV - < HTTP/1.1 200 OK @ 129.8 ms 2018-11-05 14:13:43,475+0100 DEBUG [qtp72695066-4467] ADV - Response: HttpResponseProxy{HTTP/1.1 200 OK [Content-Type: application/json, Date: Mon, 05 Nov 2018 13:13:43 GMT, Transfer-Encoding: chunked, Strict-Transport-Security: max-age=31536000, Connection: Keep-Alive] ResponseEntityProxy{[Content-Type: application/json,Chunked: true]}}

we access internet via a Proxy Server ourproxy, which doesn't whitelist

each of them creates a file in $NEXUS_DATA/tmp/docker-content-validation-failures with an "access denied" message from ourproxy

Here they say we should also whitelist

I have no idea if the "docker pull" will fail, or if this "validation" can be disabled...

See also

Nexus repository location of license

If you move your Nexus repository to a new machine, it's quite annoying to have to reinstall the license file.

The trick is to clone the folder ~/.java/.userPrefs, specifically the license is embedded in


and it's common for Nexus2 and Nexus3

I had searched everywhere for a .lic file, to no avail of course.

This is also documented here

java showSettings

This is a priceless feature to display all the settings of the JVM, together with -XX:+PrintCommandLineFlags it can show a world of hidden stuff.

java -XX:+PrintCommandLineFlags -version
-XX:InitialHeapSize=261069952 -XX:MaxHeapSize=4177119232 -XX:+PrintCommandLineFlags -XX:+UseCompressedClassPointers -XX:+UseCompressedOops -XX:+UseParallelGC 
openjdk version "1.8.0_191"
OpenJDK Runtime Environment (build 1.8.0_191-b12)
OpenJDK 64-Bit Server VM (build 25.191-b12, mixed mode)

java -XshowSettings:all -version

VM settings:
    Max. Heap Size (Estimated): 3.46G
    Ergonomics Machine Class: server
    Using VM: OpenJDK 64-Bit Server VM

Property settings:
    awt.toolkit = sun.awt.X11.XToolkit
    file.encoding = UTF-8
    file.encoding.pkg =
    file.separator = /
    java.awt.graphicsenv = sun.awt.X11GraphicsEnvironment
    java.awt.printerjob = sun.print.PSPrinterJob
    java.class.path = .
    java.class.version = 52.0
    java.endorsed.dirs = /usr/lib/jvm/java-1.8.0-openjdk-
    java.ext.dirs = /usr/lib/jvm/java-1.8.0-openjdk-
    java.home = /usr/lib/jvm/java-1.8.0-openjdk- = /tmp
    java.library.path = /usr/java/packages/lib/amd64
        /usr/lib = OpenJDK Runtime Environment
    java.runtime.version = 1.8.0_191-b12 = Java Platform API Specification
    java.specification.vendor = Oracle Corporation
    java.specification.version = 1.8
    java.vendor = Oracle Corporation
    java.vendor.url =
    java.vendor.url.bug =
    java.version = 1.8.0_191 = mixed mode = OpenJDK 64-Bit Server VM = Java Virtual Machine Specification
    java.vm.specification.vendor = Oracle Corporation
    java.vm.specification.version = 1.8
    java.vm.vendor = Oracle Corporation
    java.vm.version = 25.191-b12
    line.separator = \n 
    os.arch = amd64 = Linux
    os.version = 2.6.32-754.el6.x86_64
    path.separator = : = 64
    sun.boot.class.path = /usr/lib/jvm/java-1.8.0-openjdk-
    sun.boot.library.path = /usr/lib/jvm/java-1.8.0-openjdk-
    sun.cpu.endian = little
    sun.cpu.isalist = = UnicodeLittle = SUN_STANDARD
    sun.jnu.encoding = UTF-8 = HotSpot 64-Bit Tiered Compilers
    sun.os.patch.level = unknown = US
    user.dir = /root
    user.home = /root
    user.language = en = root
    user.timezone = 

Locale settings:
    default locale = English
    default display locale = English (United States)
    default format locale = English (United States)
    available locales = , ar, ar_AE, ar_BH, ar_DZ, ar_EG, ar_IQ, ar_JO, 
        ar_KW, ar_LB, ar_LY, ar_MA, ar_OM, ar_QA, ar_SA, ar_SD, 
        ar_SY, ar_TN, ar_YE, be, be_BY, bg, bg_BG, ca, 
        ca_ES, cs, cs_CZ, da, da_DK, de, de_AT, de_CH, 
        de_DE, de_GR, de_LU, el, el_CY, el_GR, en, en_AU, 
        en_CA, en_GB, en_IE, en_IN, en_MT, en_NZ, en_PH, en_SG, 
        en_US, en_ZA, es, es_AR, es_BO, es_CL, es_CO, es_CR, 
        es_CU, es_DO, es_EC, es_ES, es_GT, es_HN, es_MX, es_NI, 
        es_PA, es_PE, es_PR, es_PY, es_SV, es_US, es_UY, es_VE, 
        et, et_EE, fi, fi_FI, fr, fr_BE, fr_CA, fr_CH, 
        fr_FR, fr_LU, ga, ga_IE, hi, hi_IN, hr, hr_HR, 
        hu, hu_HU, in, in_ID, is, is_IS, it, it_CH, 
        it_IT, iw, iw_IL, ja, ja_JP, ja_JP_JP_#u-ca-japanese, ko, ko_KR, 
        lt, lt_LT, lv, lv_LV, mk, mk_MK, ms, ms_MY, 
        mt, mt_MT, nl, nl_BE, nl_NL, no, no_NO, no_NO_NY, 
        pl, pl_PL, pt, pt_BR, pt_PT, ro, ro_RO, ru, 
        ru_RU, sk, sk_SK, sl, sl_SI, sq, sq_AL, sr, 
        sr_BA, sr_BA_#Latn, sr_CS, sr_ME, sr_ME_#Latn, sr_RS, sr_RS_#Latn, sr__#Latn, 
        sv, sv_SE, th, th_TH, th_TH_TH_#u-nu-thai, tr, tr_TR, uk, 
        uk_UA, vi, vi_VN, zh, zh_CN, zh_HK, zh_SG, zh_TW
openjdk version "1.8.0_191"
OpenJDK Runtime Environment (build 1.8.0_191-b12)
OpenJDK 64-Bit Server VM (build 25.191-b12, mixed mode)

Monday, November 26, 2018

Java and JGit

The Jgit library makes it REALLY easy to work with Git repositories.

Here a log of examples

Just create a basic Spring boot application, add dependency


and use this code

package com.example.jgittest;


import org.eclipse.jgit.api.AddCommand;
import org.eclipse.jgit.api.CommitCommand;
import org.eclipse.jgit.api.Git;
import org.eclipse.jgit.lib.Repository;
import org.springframework.boot.CommandLineRunner;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;

public class JgittestApplication  implements CommandLineRunner {

 public static void main(String[] args) {, args);
 public void run(String... args) throws Exception {
  File directory1 = new File("c:\\temp\\one");
  Git git1 = Git.init().setDirectory(directory1).call();
  File newFile = new File(directory1, "pippo.txt");
  PrintWriter out = new PrintWriter(newFile);
  out.println("hello pippo");
  Repository rep1 = git1.getRepository();
  AddCommand add = git1.add();
  System.out.println("adding pippo.txt");;
  CommitCommand commit = git1.commit();
  System.out.println("committing pippo.txt");
  commit.setMessage("initial commit").call();
  File directory2 = new File("c:\\temp\\two");
  if (!directory2.exists()) {
   Git git2 = Git.cloneRepository().setURI("").setDirectory(directory2).call();

Saturday, November 24, 2018

Velocity and rendering JSONObjects or Java Beans

You can use a Velocity template to render either a JsonNode or its corresponding Java bean,
without changing the velocity template.

Code is available here (the .wm file location is hardcoded with a Widows machine, sorry!)

and the full code is visible here

BEWARE the velocity template is stored under the resources folder

The only funny thing is that in the JsonNode the values retain the ""

Wednesday, November 14, 2018

Jboss CLI, change individual attributes of a security domain without having to remove and add the domain from scratch

Jboss CLI, change individual attributes of a security domain without having to remove and add the domain from scratch

If you need for instance to update the baseFilter of the AdvancedAdLdap module:

In the custom cli, execute this command:


and the baseFilter is updated:

<security-domain name="SPNEGO" cache-type="default">
  <login-module code="SPNEGO" flag="requisite">
   <module-option name="password-stacking" value="useFirstPass"/>
   <module-option name="serverSecurityDomain" value="host"/>
  <login-module code="AdvancedAdLdap" flag="required">
   <module-option name="password-stacking" value="useFirstPass"/>
   <module-option name="bindDN" value="BLA"/>
   <module-option name="bindCredential" value="BLA"/>
   <module-option name="java.naming.provider.url" value="BLA"/>
   <module-option name="baseCtxDN" value="BLA"/>
   <module-option name="baseFilter" value="(sAMAccountName={0})"/>
   <module-option name="roleAttributeID" value="memberOf"/>
   <module-option name="rolesCtxDN" value="BLA"/>
   <module-option name="roleAttributeIsDN" value="true"/>
   <module-option name="roleNameAttributeID" value="cn"/>
   <module-option name="searchScope" value="SUBTREE_SCOPE"/>
   <module-option name="recurseRoles" value="true"/>
  <login-module code="" flag="optional">
   <module-option name="rolesProperties" value="${jboss.server.config.dir}/bla-war/"/>
   <module-option name="replaceRole" value="false"/>

Tuesday, November 6, 2018

Centos 7 gnome-shell high CPU on VirtualBox

top shows very high CPU usage. and UI is very very slow.

googling around, they say it's probably doing "software" rendering. it makes sense because CPU goes higher when I move something on the screen

in /var/log/Xorg.0.log I find this:

(EE) Failed to load module "vboxvideo" (module does not exist, 0)
(II) AIGLX: Screen 0 is not DRI2 capable
(EE) AIGLX: reverting to software rendering

To investigate, I run
sudo glxinfo
sudo lshw -C video
sudo yum list | grep libnvidia
sudo yum list | grep libegl

the output of glxinfo is

name of display: :0
display: :0  screen: 0
direct rendering: Yes
server glx vendor string: Chromium
server glx version string: 1.3 Chromium
server glx extensions:
    GLX_ARB_get_proc_address, GLX_ARB_multisample, 
    GLX_EXT_texture_from_pixmap, GLX_SGIX_fbconfig
client glx vendor string: Chromium
client glx version string: 1.3 Chromium
client glx extensions:
    GLX_ARB_get_proc_address, GLX_ARB_multisample, 
    GLX_EXT_texture_from_pixmap, GLX_SGIX_fbconfig
GLX version: 1.3
GLX extensions:
    GLX_ARB_get_proc_address, GLX_ARB_multisample, 
    GLX_EXT_texture_from_pixmap, GLX_SGIX_fbconfig
OpenGL vendor string: Humper
OpenGL renderer string: Chromium
OpenGL version string: 2.1 Chromium 1.9
OpenGL shading language version string: 4.30 - Build
OpenGL extensions:
    GL_ARB_depth_texture, GL_ARB_draw_buffers, GL_ARB_fragment_program, 
    GL_ARB_fragment_shader, GL_ARB_multisample, GL_ARB_multitexture, 
    GL_ARB_occlusion_query, GL_ARB_pixel_buffer_object, 
    GL_ARB_point_parameters, GL_ARB_point_sprite, GL_ARB_shader_objects, 
    GL_ARB_shading_language_100, GL_ARB_shadow, GL_ARB_texture_border_clamp, 
    GL_ARB_texture_compression, GL_ARB_texture_cube_map, 
    GL_ARB_texture_env_add, GL_ARB_texture_env_combine, 
    GL_ARB_texture_env_crossbar, GL_ARB_texture_env_dot3, 
    GL_ARB_texture_float, GL_ARB_texture_mirrored_repeat, 
    GL_ARB_texture_non_power_of_two, GL_ARB_texture_rectangle, 
    GL_ARB_transpose_matrix, GL_ARB_vertex_buffer_object, 
    GL_ARB_vertex_program, GL_ARB_vertex_shader, GL_ARB_window_pos, 
    GL_CR_bounding_box, GL_CR_cursor_position, GL_CR_head_spu_name, 
    GL_CR_performance_info, GL_CR_print_string, GL_CR_readback_barrier_size, 
    GL_CR_saveframe, GL_CR_server_id_sharing, GL_CR_server_matrix, 
    GL_CR_state_parameter, GL_CR_synchronization, GL_CR_tile_info, 
    GL_CR_tilesort_info, GL_CR_window_size, GL_EXT_blend_color, 
    GL_EXT_blend_equation_separate, GL_EXT_blend_func_separate, 
    GL_EXT_blend_minmax, GL_EXT_blend_subtract, GL_EXT_clip_volume_hint, 
    GL_EXT_compiled_vertex_array, GL_EXT_draw_range_elements, 
    GL_EXT_fog_coord, GL_EXT_framebuffer_blit, GL_EXT_framebuffer_object, 
    GL_EXT_multi_draw_arrays, GL_EXT_secondary_color, GL_EXT_shadow_funcs, 
    GL_EXT_stencil_two_side, GL_EXT_stencil_two_side, GL_EXT_stencil_wrap, 
    GL_EXT_texture3D, GL_EXT_texture_compression_s3tc, 
    GL_EXT_texture_edge_clamp, GL_EXT_texture_env_add, 
    GL_EXT_texture_env_combine, GL_EXT_texture_filter_anisotropic, 
    GL_EXT_texture_lod_bias, GL_EXT_texture_rectangle, GL_EXT_texture_sRGB, 
    GL_IBM_texture_mirrored_repeat, GL_NV_texgen_reflection, 
    GL_SGIS_generate_mipmap, GL_SGIS_texture_edge_clamp

1 GLX Visuals
    visual  x   bf lv rg d st  colorbuffer  sr ax dp st accumbuffer  ms  cav
  id dep cl sp  sz l  ci b ro  r  g  b  a F gb bf th cl  r  g  b  a ns b eat
0x021 24 tc  0  32  0 r  y y   8  8  8  8 .  .  0 24  8 16 16 16 16  0 0 None

1 GLXFBConfigs:
    visual  x   bf lv rg d st  colorbuffer  sr ax dp st accumbuffer  ms  cav
  id dep cl sp  sz l  ci b ro  r  g  b  a F gb bf th cl  r  g  b  a ns b eat
0x021 24 tc  0  32  0 r  y .   8  8  8  8 .  .  0 24  8  0  0  0  0  1 1 None

On VirtualBox, 3D acceleration is enabled.

So far no clue... the world of Linux Video drivers is amazingly complex... too complex for a simple human like me...

Monday, November 5, 2018

Message Digest Performance

If I use the dependency groupId=commons-codec artifactId=commons-codec I get a huge performance hit on the method:[], int)

the code is:

import org.apache.commons.codec.digest.DigestUtils;

FileInputStream fis = new FileInputStream(file);
String md5 = DigestUtils.md5Hex(fis);

If I use sha2

Thursday, November 1, 2018

Spring Shell is very cool

If you are fed up with UI-oriented applications (like, say, Messus (a.k.a. Nexus) ) you can always try to embed a Spring-powered shell, so as to have a powerful scripting cli.

Just follow this example

and in a few clicks you have a functional shell.

BEWARE: baeldung has an example, but it's based on the old API. You will search in vain for Bootstrap class under org/springframework/shell