Category Archives: Uncategorized

Excellent Mac Apps

There are quite a few apps I use regularly that I find really useful.  Here’s a list:

  • 1password – this one is huge.  It’s expensive, but worth it.  It keeps track of all of your passwords and allows you to stop using the same password on a bunch of web sites.
  • Adium – obvious, but worth mentioning
  • Dropbox
  • Evernote – free and great for keeping track of notes from meetings, etc.  Also an iPhone app with very good sync functionality
  • Meerkat – SSH tunneling.  Works great, but is a bit pricey.
  • Mental Case – great flash card app with iPhone support.  The syncing is a little clunky, though.
  • Reeder – RSS reader
  • Wunderlist – To do lists.  Also an iPhone app, but the syncing seems a little buggy right now.
  • DBVisualizer – Database client.  Works on pretty much every database.
Anyway, I would recommend all of the apps in this list.  They are all critical to my productivity.  The ones that are not free are worth the money, in my opinion.

How to trust a certificate in Java on Mac OS X

Yesterday, Apple released an update to Java for OS X.  I had trusted a self-signed cert with my old java installation, and it stopped working with the update, so I had to figure out how to add it again.  It’s not very hard, but kind of tricky to figure out, so here you have it.

First, export the cert using a web browser or whatever.  I used firefox, because it is easy, and I couldn’t figure out how to do it in chrome.  You should end up with a simple PEM encoded file.  Then here’s how you import it:

$ cd /System/Library/Java/Support/CoreDeploy.bundle/Contents/Home/lib/security
$ sudo cp cacerts cacerts.orig
$ sudo keytool -importcert -file your_cert_file_here -keystore cacerts

you’ll be prompted to trust it, then you are done.

In recent versions of OS X (at least 10.9 and 10.10), you can use this command to find your Java home:

$ /usr/libexec/java_home

…then, the cacerts file is located under there, in jre/lib/security.

Also, as Evan T pointed out in the comments, the password is “changeit”. This is pretty much universal for all JVMs I’ve used (including Linux/Windows).

And one more thing. It’s a good idea to specify a -alias parameter when adding the certificate, otherwise it gets added under the alias “mykey”, then if you try to add another one, you get an error, since it’s trying to add another “mykey”.

Nerd bucket list

I’ve been doing pretty much straight Java programming for the last 4 years and it has not escaped my attention that Java seems to be falling out of favor in the programming community.  Anyway, I’m currently spending some time branching out and learning a few other languages/frameworks/etc.  I’ve also been going on a tour of the various nerd meetings in Phoenix, seeing what the user communities are up to and which are most vibrant.  I made a semi-prioritized list of things I want to learn, which is based on stuff I’ve read online, what’s cool locally, and personal preference, so here it is:

  1. ruby/rails
  2. iphone/objective c
  3. scala
  4. javascript (already familiar, but become a master)
  5. node.js
  6. haskell
  7. groovy/grails
  8. python

Java and overcomplication

When I first started working with Java to do real work, the servlet spec was pretty immature, and I was coming from a world of and PHP.  Things were quite simple.  You wrote a class that had a method that received GET and POSTs, called some simple methods to get the decoded query string parameters, and printed out the results.  It was easy to learn, but the code was not pretty or well organized.  Calls to the database were simple, ugly, and prone to connection leaks.  They were easy to write, however.

Fast forward to 10 years later, and in order to write a “clean” Java web app, you need to be using an MVC framework, persistence APIs, etc. This involves pulling in a complicated tree of JAR dependencies, composing complicated XML configuration, and implementing highly abstracted interfaces which require quite a bit of thinking to get your head around.  I can’t help but think if I were just getting into Java right now, I’d be intimidated almost to the point of giving up.

Java is still pretty solidly established in the “enterprise” space, so I don’t see it disappearing anytime soon. If you want to look to the future, however, it is probably wise to take a look at what the smaller companies and startups are doing.  They have the benefit of starting fresh and being able to use the technologies that most effectively support their goals, without having to port existing stuff/retrain staff.  Java is present in those environments, but other technologies seem to be far more well represented.  I wonder how much this has to do with the Java community’s progression over the last several years to the point where it is highly complicated and difficult to learn.

Cool program

I purchased one of the new MacBook Pro’s that were released in April, and I’ve been really liking it.  Mostly it just offers improvements to some things that were getting annoying about my old one.  It has more memory, a higher resolution display, and the unibody case is cool.  In any case, the battery life is nowhere even close to the 8-9 hours they advertise.  As a result, I was curious about how often it was using the high powered discrete NVidia graphics chip, so I started looking with system profiler, and it was pretty much always running.  With some experimenting, I found out it was mostly because of Google Chrome.  It would be cool if Apple released some tools to fine tune the graphics switching, and I imagine they eventually will, but for now there is this cool program, gfxCardStatus, which has really advanced quickly since it was released.  One thing that is really cool now is that it shows a list of programs that are causing the system to use the high powered chip.

JDBC connections under an oppressive regime

If you are using tomcat in an environment where you are not allowed to view the data source configurations, it can be frustrating.  Fortunately, when you need to debug, there’s a programmatic way to get the configuration.  Here’s a sample:

<%@page import="javax.naming.InitialContext" %>
<%@page import="javax.naming.Context" %>
<%@page import="javax.naming.NamingEnumeration" %>
<%@page import="javax.naming.NameClassPair" %>
<%@page import="org.apache.tomcat.dbcp.dbcp.BasicDataSource" %>

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"

      if ("alwold".equals(request.getRemoteUser())) {
        InitialContext ic = new InitialContext();
        NamingEnumeration<NameClassPair> ne = ic.list("java:comp/env/jdbc");
        while (ne.hasMore()) {
          NameClassPair ncp =;
          Object o = ic.lookup("java:comp/env/jdbc/"+ncp.getName());
          if (o instanceof BasicDataSource) {
            BasicDataSource ds = (BasicDataSource) o;
          } else {
            out.println("<li>found odd object "+ncp.getName()+" of type "+o.getClass().getName());


It’s particularly important to have the part that checks for remote user, because this thing is printing out passwords to the screen. You’ll have to put some sort of filter to set the remote user and then replace my username with yours (or come up with some entirely different protection mechanism).