Windows Powershell, how to temporarily set Java and Maven varables on the current terminal session

This is a quick tip, in order to configure the Windows Powershell for set the Java and Maven variables when is there another Java installation on the system, but you only want to apply on the current terminal session to avoid change the system configuration.

There are two ways to do that:

1. Replacing current environment variables in session.

$env:JAVA_HOME = "C:\Program Files\Java\jdk-11"
$env:PATH = "$env:JAVA_HOME\bin;" + $env:PATH
$env:M2_HOME = "C:\Program Files\maven\apache-maven-3.5.3"
$env:PATH = "$env:M2_HOME\bin;" + $env:PATH

Execution output:

> java -version
openjdk version "11" 2018-09-25
OpenJDK Runtime Environment 18.9 (build 11+28)
OpenJDK 64-Bit Server VM 18.9 (build 11+28, mixed mode)
> mvn.cmd -version
Apache Maven 3.5.3 (3383c37e1f9e9b3bc3df5050c29c8aff9f295297; 2018-02-24T13:49:05-06:00)
Maven home: C:\Program Files\maven\apache-maven-3.5.3\bin..
Java version: 11, vendor: Oracle Corporation
Java home: C:\Program Files\Java\jdk-11
Default locale: es_419, platform encoding: Cp1252
OS name: "windows 10", version: "10.0", arch: "amd64", family: "windows"

2. Replacing current environment variables and execute with the specific Java home

$env:JAVA_HOME = "C:\Program Files\Java\jdk-11"
$M2_HOME = "C:\Program Files\maven\apache-maven-3.5.3"
$env:Path += ";"+$M2_HOME+"\bin"
$env:Path += ";"+$JAVA_HOME+"\bin"

Execution output:

> java -version
java version "1.8.0_321"
Java(TM) SE Runtime Environment (build 1.8.0_321-b07)
Java HotSpot(TM) 64-Bit Server VM (build 25.321-b07, mixed mode)
> & $env:JAVA_HOME\bin\java.exe -version
openjdk version "11" 2018-09-25
OpenJDK Runtime Environment 18.9 (build 11+28)
OpenJDK 64-Bit Server VM 18.9 (build 11+28, mixed mode)
> mvn.cmd -version
Apache Maven 3.5.3 (3383c37e1f9e9b3bc3df5050c29c8aff9f295297; 2018-02-24T13:49:05-06:00)
Maven home: C:\Program Files\maven\apache-maven-3.5.3\bin..
Java version: 11, vendor: Oracle Corporation
Java home: C:\Program Files\Java\jdk-11
Default locale: es_419, platform encoding: Cp1252
OS name: "windows 10", version: "10.0", arch: "amd64", family: "windows"

This last is very useful when you have installed different Java versions and you don’t need to change your system configuration.

In order to reset the configuration restart the terminal session.

That’s all, bye

How to do a HTTP request from terminal

A quick tip for use in terminal:

# print string auth 
echo -n "dummyuser:MyPassword" | base64

# Unix terminal (basic auth, doing http request with GET method)

curl -X GET \
  -H "Content-Type: text/xml" \
  -H "Authorization: Basic ZHVtbXl1c2VyOk15UGFzc3dvcmQ=" \
  "http://dummyserver:5000/dir/wsdl?p=ic/6e7abd99891231jij123ndb769978566c470"


# Unix terminal (basic auth, doing http request with POST method to send payload from file)

curl -X POST \
  -H "Content-Type: application/soap+xml" \
  -H "Authorization: Basic ZHVtbXl1c2VyOk15UGFzc3dvcmQ=" \
  -d @./request.xml \
  "https://dummyserver:50001/XISOAPAdapter/MessageServlet?senderParty=&senderService=SYS_LEGACY&receiverParty=&receiverService=&interface=BookingFlight_Out&interfaceNamespace=http://LGCY/namespace"


# Unix terminal (basic auth, doing http request with POST method)

curl -X POST \
  -H "Content-Type: text/xml" \
  -H "Authorization: Basic ZHVtbXl1c2VyOk15UGFzc3dvcmQ=" \
  -d "<soapenv:Envelope>....ommited lines </soapenv:Envelope>" \
  "https://dummyserver:50001/XISOAPAdapter/MessageServlet?senderParty=&senderService=SYS_LEGACY&receiverParty=&receiverService=&interface=BookingFlight_Out&interfaceNamespace=http://LGCY/namespace"

# Windows Powershell (basic auth, doing http request with GET method)

$Username = "dummyuser"
$Password = ConvertTo-SecureString "MyPassword" -AsPlainText -Force
$Credential = New-Object System.Management.Automation.PSCredential ($Username, $Password)

Invoke-RestMethod -Uri "http://dummyserver:5000/dir/wsdl?p=ic/6e7abd99891231jij123ndb769978566c470" -Method GET -Credential $Credential


# Windows Powershell (basic auth, doing http request with POST method to send payload from file)
 
$base64AuthInfo = [Convert]::ToBase64String([Text.Encoding]::ASCII.GetBytes("dummyuser:MyPassword"))
$headers = @{
    Authorization = "Basic $base64AuthInfo"
    "Content-Type" = "text/xml"
}

Invoke-RestMethod -Uri "https://dummyserver:50001/XISOAPAdapter/MessageServlet?senderParty=&senderService=SYS_LEGACY&receiverParty=&receiverService=&interface=BookingFlight_Out&interfaceNamespace=http://LGCY/namespace" -Method Post -Headers $headers -Body (Get-Content -Path "request.xml" -Raw)

Bye!

How to connect to a SFTP server from terminal using Password and SSH key authentication

Hi! this is a quick tip connect to SFTP server using a SSH key and password authentication.

Recently I’ve received a file created with Putty Key Generator «file.ppk», in order to establish the connection from terminal I had to use the private key and password to comply with the authentication method.

So, I had to extract the private key as shown as follow:

1. Open Putty Key Generator, select menu Conversions > Import key and load the ppk file

2. Select Conversions > Export OpenSSH key, you can save it with or without passphrase

3. Grant the permissions at the created file only for your user:

# Windows
icacls filename /inheritance:r /grant username:F

# Unix
chmod 700 filename 

4. Open the terminal and go to the folder where you saved the key, then execute the next command:

sftp -oHostKeyAlgorithms=+ssh-rsa -i <key> <username>@<server ip>

Complete the pasword prompt (and the passphrase if you setted one) to establish the connection, the output must show something like this:

$ sftp -oHostKeyAlgorithms=+ssh-rsa -i id_dummy_rsa dummyuser@111.222.33.321
(dummyuser@111.222.33.321) Enter password: 
Connected to 111.222.33.321.
sftp>

And thats it!

bye! =D

Sonarqube running in Podman containers

This is a quick entry to show how to run sonarqube using Podman. Please note that I’m using windows powershell.

First, create the next directory structure and add the following SQL script into sql directory:

\SONARQUBE
\---sql
    init-dabase.sql

Script content:

-- Creating db user and database for sonarqube

CREATE USER mysonaruser PASSWORD 'mypassword';
CREATE DATABASE sonarqube OWNER mysonaruser;

Open that directory into the terminal, download the images from docker repository and create the volumes.

# Download images

podman pull postgres:15.4
podman pull sonarqube:9.9.2-community

# Create volumes

podman volume create sonarqube_data
podman volume create sonarqube_logs
podman volume create sonarqube_extensions
podman volume create postgres-data

There are two ways to run the containers, creating a network or run in the same pod, please choose only one of the next.

Seguir leyendo →

OneDrive blocked by registry policy and how to enable it

A quick tip, if the OneDrive client isn’t execute maybe are blocked by your organization, in some cases changing the value from the registry editor could you help to skip this bloking policy.

Open regedit from execute dialog (WIN+R) and go to HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\OneDrive, then set the value to 0 for the entry DisableFileSyncNGSC and try to execute the client again.

Cheers! =)

OpenSSL, create a certificate signing request and sign by a custom Certified Authority

In this entry I’m going to show how to create a certificate signing request (CSR) to be signed by my own Certificate Authority (CA) using OpenSSL, please, note this is different than a self-signed certificate. Use this procedure when you have to get a certificate verified by a CA (custom or online).

1. Create the CA private and public key, complete the required data:

$ openssl genrsa -out rootCA.key 2048
Generating RSA private key, 2048 bit long modulus (2 primes)
...................+++++
................+++++
e is 65537 (0x010001)
client2.crt: OK

$ openssl req -new -x509 -days 9999 -key rootCA.key -out rootCA.pem
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:MX
State or Province Name (full name) [Some-State]:Mexico
Locality Name (eg, city) []:CDMX
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Orbital Zero
Organizational Unit Name (eg, section) []:IT
Common Name (e.g. server FQDN or YOUR name) []:orbitalzero.com
Email Address []:jaehoo@gmail.com

Seguir leyendo →

SAP Router, install as a Windows service on AWS

This is a quick entry, I’ve been helping a friend to review a conectivity problem in their SAP installation on AWS cloud, on every reboot the connectivity is losted.

These are the actions that we’ve taken to solve it.

1. First, automate the saprouter exceution when the EC2 instance is started or stopped, to do this open the CMD terminal and execute this command:

sc create SAPRouter binPath="C:\saprouter\saprouter.exe service -r -R C:\saprouter\saprouttab" start=auto obj="NT AUTHORITY\LocalService"

As you can see the a new service called «SAPRouter» is added as local service and it is managed by Windows.

2. Modify the Windows firewall, go to Control Panel > System and Security > Windows Firewall > Advanced Settings, select Inbound Rules > Actions > New Rule, and add a new Port rule to allow the TCP traffic with Specific ports: 3299, 3200. Then select Allow conenction into Action and select the profiles to apply it, finally set a name as «SAP Router» and click on Finish.

3. Review the network configuration in AWS, the next image shows the arquitecture, there is a VPC with two subnets (one public and another private), the user access from Internet to connect with the Bastion Host and this one is used to redirect the traffic to the SAP server using the SAP Router:

To keep it simple, this is the checklist to complete the configuration:

1. Verify the main route table on the VPC, it must to have an entry to route the traffic to internet (Internet Gateway) and the local traffic
2. Open the Network ACL and ensure the TCP ports are allowed in Inbound and Outbound rules for TCP ports 3200 and 3299
3. Verify the routing table on each Subnet, the Public Subnet has a Route Table A to route traffic to the Internet, the Private Subnet has a Route Table B to route the traffic to the NATGateway for the Appserver
4. For Bastion host, add the Inbound and Outbound rules into the Security Group to receive the connections from internet with the SAP Router over the Public IP (using an Elastic IP)
5. For the Appserver, add the Inbound and Outbound rules into the Security Group to receive the connections from the Bastion host using only the private IP or the security group from sender

4. An extra tip, to validate the conectivity from the Bastion host to the Appserver a simple test can be executed in AWS, goto VPC > Network Analize > Reachability Analizer > Create and analize path, in source type select the Bastion instance and the target the Appserver with the port 3299, when the analize is finished the path is showed with all network components in AWS.

This is a simplification of the Network configuration for this entry but I consider this is enough for now.

See you next time, bye =)

References

• https://support.sap.com/en/tools/connectivity-tools/saprouter.html
• https://wiki.scn.sap.com/wiki/display/SI/Installing+the+saprouter+as+a+Windows+service+-+ntscmgr+command+not+available
• https://help.sap.com/doc/saphelp_nw73ehp1/7.31.19/en-US/48/6ca6236c0707dce10000000a42189d/content.htm?no_cache=true
• https://help.sap.com/doc/saphelp_snc700_ehp01/7.0.1/en-US/48/6caa3d6c0707dce10000000a42189d/content.htm?no_cache=true
• https://help.sap.com/doc/saphelp_nw73ehp1/7.31.19/en-US/48/6caa3d6c0707dce10000000a42189d/content.htm?no_cache=true

AWS EC2, How to decrypt the password from Windows instance

It’s possible get the password in clear text from an instance and decrypt using the Key Pair, I’ve found two ways to do this:

• Online mode, using AWS CLI and execute the get-password-data
• Offline mode, using openssl

In this entry I’m going to show both.

Seguir leyendo →

AWS EC2 Getting password from Windows instance that was launched from a custom AMI

The AWS documentation describe this problem:

I’m receiving the error «Password is not available yet. Please wait at least 4 minutes after launching an instance before trying to retrieve the auto-generated password» when connecting to my newly launched Amazon Elastic Compute Cloud (Amazon EC2) Windows instance. I’ve waited longer than 4 minutes and still can’t connect.

According to AWS:

«Resetting the password allows you to recover access to the new instance. However, you get the same error when you launch any other instance from that custom AMI.To avoid this issue, configure the initialization tasks from EC2Launch or EC2Config to enable auto-generated passwords.«

«Instances launched from custom AMIs take the Administrator password from the source instance. If the default password for the Administrator account was changed in the source instance used to create the AMI, then the new instance takes the same password. Decrypting the password using a key pair file isn’t possible, unless you configure EC2Launch or EC2Config to generate a new password on the next instance boot.»

Unfortunately, I’ve the same problem but my instance is not new, that was launched from custom AMI and I don’t have the key neither the password to get access… well in this entry I’m going to show how I’ve solved this problem.

Seguir leyendo →

AWS, Reset the Windows administrator password on EC2 instance

Is important mention that this method has been tested on AWS with a Windows Server 2022 image, but if you have a previous version you can read some important details from AWS documentation here.

The AWS documentation indicates there are three different ways to reset the password:

• Reset the Windows administrator password using EC2Launch v2
• Reset the Windows administrator password using EC2Config
• Reset the Windows administrator password using EC2Launch

But the steps can be different if the instance use some characteristics, for example, the Windows version, the installed agent version, the associated key pair, and some others. So, in this entry I’m going to show how to use the EC2Launch v2 in online and offline method.

Seguir leyendo →