Posts by jwenting

you do NOT want to do this.
NEVER store passwords in a way that can be decrypted, it's a massive security risk.
Rather store a salted, hashed, password, and compare the password the user enters on logging in with that after salting and hashing it using the same machanism.
That way nobody, especially not an intruder, will ever be able to retrieve your passwords.
And no, don't store password hints. If someone forgets their password they're either out of luck or (more userfriendly) you will need a multi stage system for password resets.
So not sending them a new password, or even sending them a password reset link.
Require them to submit several ways to contact them, then send a link to a password regeneration page on one of those channels, and a time limited (to say an hour) password for that place on another, maybe a username to use to access that place on a third.
And only send those in case neither of the contact addresses has been changed recently (say within the last month).

Sounds like overkill? It isn't. It's not fully secure but the most secure you can get without requiring the user to create a new account when they forget their password.
And it's still only as secure as the strength of your salting and hashing mechanisms (hint, don't use MD5 or something like that for the hashing), and of course the security of your database (if …

make sure there's an index on the field combination you're searching on and that the index isn't corrupt. If you don't have such an index you're in trouble as you're going to be doing a full table scan for every possible combination of the fields you're searching on, which may indeed take a long time.

2K records IS very small. You're forcing a full table scan while it's iterating over every record, for every record. That's never going to work.

Ensure you have proper indices and foreign keys.

indeed. Got the first taste of that years ago working in an office where people sitting in the same room would not speak to each other all day, communicating exclusively via email.

And it's got worse since. Peak of it I've seen so far is seeing an entire tour group in a major art museum standing around with their faces lit up by their iPhones and the glow of whatsapp, rather than appreciating the Rembrandts and van Goghs they paid to see.

it's called radio, and it's great :)
Or I just plug one of the 1000+ CDs I have in my car CD player.

I came from a world without internet, and could go back to it. I'd need to find another job though, as mine depends heavily on creating software that runs through or uses in some other way the internet :)

sigh... READ and COMPREHEND, the bridge driver is gone, history, finito, and good riddance.
Use another database engine instead, and the driver associated with that. Which means you have to change your code.

as to your code, it works as one would expect, IF you're connecting the client to the correct IP address.
In other words, if you're running the server on a computer with a different IP address from the one you used in the client you'll indeed not get any output.
If there's a firewall in between blocking that port you won't get any output.
If there's a firewall in between blocking the protocol you're using (and you are, even if it's not explicitly defined), you won't get any output.

Run both on the same machine and use 127.0.0.1 as the IP address and it works just fine.

yup, your mail archive has exceeded the maximum size.
You MIGHT be able to open it with a later version of Outlook or Exchange.

A quick Google search for "recover outlook archive" yielded several tools that might help (mind, I've not tried any of them).

if you can't open it with powerpoint 10 or later, the file is corrupt and quite possibly impossible to recover.
You can open it in a text editor and see if you can make sense of it (pptx files are XML, but hardly human readable).

It ONLY catches IO errors, which probably means it only catches problems opening the file that starts the process.
It can't possibly catch problems happening at runtime, process crashes, process failing to run because the executable is corrupt, security problems, etc. etc.
For those you'll need to do other things.
Things like monitoring the process's output and error streams of the Process returned by the ProcessBuilder.

There's more information in the javadoc for Process and ProcessBuilder.

and what's stopping you?

oh, DLL files can make for nice padding to make your application appear larger to the customer because it takes up more disk space.
And we all know larger applications are better applications :)

you really tried for 3 hours and couldn't find a single bit of documentation on how to deploy something to Tomcat?
Did you not ever come to the conclusion that maybe the product documentation for Tomcat would be a good place to start?
That maybe you are going to have to think beyond clicking some button in Eclipse to make it work?

A quick Google search on "eclipse app engine tomcat deploy" yielded over 400.000 results.
There should be something in there that helps you along...
For example: <br/>
https://developers.google.com/eclipse/docs/appengine_deploy or <br/>
http://stackoverflow.com/questions/27790309/how-to-deploy-web-application-onto-google-app-engine <br/>
<br/>
Really, you could have been up and running in under a minute if you'd actually put in any effort whatsoever rather than twiddling your thumbs for hours and then coming here to ask someone to do it for you.

PPS. Two members of the team refuse to use either Google or Microsoft/OneDrive (because they say that those organisations are spying on us all, massively violating our privacy!).

well, so do all the others... It's an insanely silly thing to say. If you aren't paying for a product, you ARE the product. Those companies have to make money in some way, and selling your profile data to advertisers is one way for them to do that.
Now, AFAIK Microsoft doesn't do that at all. They're providing some things for free as a way to advertise their own products (hence the advertising for Microsoft products and services in hotmail and other MS related websites).
Google uses your data mainly to finetune their search results and targeted advertising. And of course those family memmbers of yours will happily browse the web, visiting reams of websites that all run Google analytics, Google ads, Google maps, Youtube, Google search options, Blogspot, Blogger, communicate with people using Gmail, all of which are run by Google.

A bigger concern I have with cloud services is guaranteed continuous access to my data. If I store it locally I have that under my own control. If I leave it to some 3rd party I have to trust them to not go out of business and for everyone else in the supply chain (from internet providers to people running core routers) to also remain in business and continue to provide me their services.
Again, …

well, you're creating a connection to the database and then doing nothing with that connection.
Small wonder then that nothing is getting stored...

btw, why are you coding this this way? That's how things were done 15 years ago, the world has moved on since then.

good luck :)

sql files ARE text files. The only way to prevent people from reading them is to make sure they don't have access to whereever they're stored.

Idiotic assertion, that a hacker can get into your car electronics and play with them as you're driving.
Those car electronics don't have a (long range) wireless interface, you need a physical connection using a cable to interface with them.
And even if they had something like Bluetooth the range of that is so short it's useless for said hacker as he'd have to be sitting in the car with you in order to make the car crash. Maybe nice for Ahmed al Jihadi, but not for your average hacker who wants to survive to hack another day.

It's the same fallacy as people claiming modern airliners can be hacked and brought down over a wireless connection. Not only are those connections usually not available in flight, even if they are they're so short ranged you'd have to be in the cockpit to use them and if you are there are far easier ways, like strangling the pilots who'll be trying to stop you anyway.

And the correct reaction for survival is to when encountered with a dark cave where you've an exit nearby you can see and potential danger ahead in a hidden passage to go to the exit you can see.
That's ingrained in the adult mind, don't want to face that cave bear in the dark. The young will press on and get eaten by the cave bear hiding in the darkness. Those that are smart enough to turn back survive and become adults...

Browsers won't send things like the connection speed of the system they run on to servers, period.
You're stuck guessing by analysing the browser type sent by the browser, which may or may not be specific to a type of device that's limited to a certain maximum speed (but of course you could always have a slower speed than the highest your device supports).

Just find someone willing to die for mankind, and you're golden.

easier to find someone willing to kill for mankind...
Of course with a religion like that you'd have to join the queue, right behind IS, AQ, Greenpeace, PETA, etc. etc.

I'm not sure either. Intuitively I would agree with you but it would be nice if the statistics were more cut and dried. There are probably multiple other factors involved.

They'd just use other things. Last year a guy in China went on a rampage and killed something like 30 people before he was stopped. With a kitchen knife...
Street gangs in the UK commit horrific crimes using crowbars, hammers, axes, screwdrivers.
A guy in the Netherlands famously killed someone using a ballpoint pen he had converted with stronger springs and a pointed steel spike. He rammed it into someone's eye socket and launched the spike into the victim's brain.

Banning ownership of guns would be a start. Another tradegy in USA. How many more?

when guns are banned, only criminals will have guns...
Guns are banned here. Still there are more people killed by guns here per year than in a similar sized area of the US where guns are fully legal.

And oh, most gun crime in the US is already committed by guns that the shooter wasn't supposed to have (iow, had stolen) so banning them wouldn't do anything.

The only thing that banning guns (or any weapons) does is turn law abiding citizens into helpless victims. Not just of crime but government oppression as well.
Which is exemplified by both the USSR and Nazi Germany. In both countries among the first things the regime did when taking power was to ban and confiscate guns.

most likely he's trying to run the applet in a browser but not hosted by a webserver.
That way lies madness.

do bring a knife, but bring a gun as well. Gives you a backup to use when the other guy runs out of ammo :)

https://www.google.nl/search?q=java+ocr+library&ie=utf-8&oe=utf-8&gws_rd=cr&ei=gFGjVZy4NuaCygODgrrQDw

good luck

you underestimate severely the capacity of bureaucrats to burn money for no return on investment.

In industry there's always the idea in peoples' heads that they should be efficient because their personal success in the company depends on the financial result of the company, which is increased if you get the same result at a lower cost.
In government, your personal success is guaranteed by making your own job indispensible, which comes down to increasing your personal power inside the department which in turn depends on making as many people as possible think they need you to get something done.
Creating more "procedures", more forms and authorisations you have to sign for, does that. It also bloats the cost (in time, and money, because people have to be paid who waste their time on those things, for one thing) of doing business. But nobody in government cares about that because it's other peoples' (iow taxpayers') money. And of course the ultimate measure of your success as a bureaucrat is how much budget you control, and if you at the end of the fiscal year have a surplus your budget is likely to get slashed.

The worst example of that I've seen is a department that was on the verge of running a surplus 2 months before the end of the fiscal year.
In business they'd have been lauded, people get promoted and get bonuses.
But this was a government department, so they did the logical (for …

do a query on which records in either table have the same keys... something like "select t1.id from t1, t2 where t1.id in (select t2.id from t2)" (mind that this isn't the most efficient of queries, you really want a join there, or an exists).

moving money from gov'ts to private companies & individuals.

best thing about war... The business of government should be to enable and encourage private enterprise, not to punish it.
Of course I prefer other ways than war to do that, but if war does it, it's a good if unintentional side effect of said war.

Jim, I work on a government job now. I can tell you at least part of the extra cost is pure overhead, money wasted on procedures and delays caused by those procedures that are set in stone so firmly nothing can shake them loose.
For example we're 2 months into the project, and we've just received word that our test server has been configured wednessday. That means they've installed Oracle and Weblogic, NOT that it's ready for use. For that we need to shoot in another change, after getting a ream of documents and scripts approved by another department that allows yet a third department to install our software on that server (which we're not allowed to do ourselves, even though technically we're fully capable of doing just that).
Of course the people who have to give that approval and the people who are allowed to run that installation procedure are all swamped in work because it's the start of the summer holidays so 90% of their department is off to their vacations while the developers (who're mostly contractors) continue to pile up the software packages to be installed on their test servers.
We're now preliminarilly scheduled to get our first test version installed on the test server in 3 weeks' time, by which time we'll have gone through another 2 iterations of the software and what they're installing will no longer be worth testing (as we've already tested it ourselves on our development server, and it …

try a for loop, iterating over the list

If the American people are only willing to pay for the military, spy agencies and police forces they will find themselves spending much much more to chase down problems than it would cost them to prevent those problems in the first place.

Those too don't get any money. It all goes towards feel-good programs that buy easy votes for congresscritters.
The US military is at its lowest state of readiness, equipment, and manpower since before the start of WW2 for example.
Foreign intel is even worse off. What does get funded are programs to spy on their own citizens, as those in power are terrified of what those they supposedly serve will do when they've been led by the nose.

Looking at the zoo in the USA of who is running for president, I would say design a computer program that allows people to elect good leadership from a good choice of candidates.

Several problems with that:

1. People don't want good leadership, 51% will end up voting themselves the wealth of the other 49%
2. The people who want to lead countries are rarely the ones you want to have as leaders

I seriously doubt you want to store the List. More likely you want to store the content of the List.
And you want to almost certainly store one record retrieved from the List for each row in the database.

so you added it to the classpath for ANT (why are you still using ANT btw, nobody does so...).
That is NOT the classpath for the application, nor is it the classpath for the JSP compiler (why are you running that from inside the ANT script btw? Utter nonsense).

yes, add it to the WEB-INF/lib folder.
That's the classpath for a web application, everything else is ignored except those classes provided implicitly by the application server (the JEE and standard libraries, and sometimes things in an ext lib directory as defined by the application server (which would be specific to that server).

The system classpath should NEVER be relied upon by anything. And neither should you expect the web application to inherit the classpath settings provided by starting up the application server.

I guess his idea was to have a board of 3x3 groups of 3x3 buttons each, which would be a somewhat logical first attempt at a sudoku board.
A better implementation is to make a 3x3 array of objects, each containing a 3x3 array of cells.

something like

class Cell {private int value;}
class SuperCell {private Cell[3][3] cells;}
class SudokuBoard {private SuperCell[3][3] board;}

That way the board can defer validation of the 3x3 blocks to the SuperCell.
It'd also need to have methods to validate a row and column of the board itself, which'd need to defer to the rows and columns of each SuperCell to get the data about what's contains in those rows and columns.

don't hijack 5 year old threads to hang your own question at the end.

Getting bootstrap to work with JSF is a lot of work. Better to use something like Primefaces which is a JSF implementation that has responsive design capabilities built in.
I'm using it myself on some projects, looks great and works well

http://www.primefaces.org/index

There is only one way to keep sensitive data safe from hacking: Never connect computers containing sensitive data to the Internet.

wrong. Even then it's not secure. Someone with an external harddisk or USB stick and access to the data can easily leech it all.
And it doesn't even have to be intentional. People working with such systems often have to transport blocks of data to other systems by such means.
Those USB sticks can get lost, be stolen, the person himself may be untrustworthy and deliberately hand the data (or copies) to third parties.
The recipient and his systems of course have the same potential holes/flaws.

And that happens all the time.

The only way to keep sensitive data from being exposed to people who have no rights to it is to destroy it in such a way that it can't be recovered. Which means paper records get burnt, electronic records get destroyed by powerful magnets and then the storage media melted down.
And all that under the scrutiny of several rings of armed guards.

read the javadoc for the Arrays and Collections classes, there are standard functions in there for sorting.

hmm, lots of liquers, cider, brandy, out there...
Distilled wine is a popular drink in parts of France and Germany, probably elsewhere.

OP claimed to have used a Comparator and not get a sorted output. Most likely they applied the Comparator BEFORE adding the data to the Collection. Using a SortedSet implementation allows that.

That expert probably was thinking not of juicing but distilling :)

yes, you can use Collections.sort, but that doesn't get you a List that will retain sort order if you add items to it.

(Most likely) the actual implementation is inside the JVM and is platform specific.
http://openjdk.java.net/groups/2d/ is the implementation project of the openjdk variant of Java2D.

given his history he sounds suspiciously like someone who sets up small tech companies to get venture capital, then sucks them dry of funding, closes down, disappears, and starts again under a new name...
Common scam, got to wonder why venture capitalists (and wannabe employees) still fall for it.

ArrayList isn't sorted. You need to not just use a Comparator but also a sorted Collection, like TreeSet.