Cisco AnyConnect with Ubuntu server

Cisco has a VPN client called AnyConnect which is used with its SSL VPN products. I don’t know that much about the details of their product line, but I happened to be attempting to use it in a weird situation and ran into some trouble. I’m running an Ubuntu server AMI on Amazon EC2, so it’s a quite minimal install. It seems that pretty much every error with the program comes up as the following:

>> error: Connection attempt has failed due to server certificate problem.

In my case, there were several issues. First of all, it requires several shared libraries. If you run the following, it should take care of all of the shared library requirements missing in the default install:

$ sudo apt-get install libnss3-1d

Next, it actually expects Firefox to be installed, because it apparently messes around with the firefox config store. I installed Firefox to no avail (which downloaded about 300 MB of packages), so I will save you the time and let you know that that was both unnecessary and useless to solve the problem. All you need is a Firefox profile for it to stick some new cert info in. This command (executed from the user’s home dir) should do the trick:

$ mkdir -p .mozilla/firefox/anything.default

And one more thing to mention, various forum posts I saw mentioned not to run the “vpn” program (used to manage the VPN state) as root. So, I ran it as my normal user.

Once I did all of that, everything worked great. Cool.


JDBC connections under an oppressive regime

If you are using tomcat in an environment where you are not allowed to view the data source configurations, it can be frustrating.  Fortunately, when you need to debug, there’s a programmatic way to get the configuration.  Here’s a sample:

<%@page import="javax.naming.InitialContext" %>
<%@page import="javax.naming.Context" %>
<%@page import="javax.naming.NamingEnumeration" %>
<%@page import="javax.naming.NameClassPair" %>
<%@page import="org.apache.tomcat.dbcp.dbcp.BasicDataSource" %>

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"

      if ("alwold".equals(request.getRemoteUser())) {
        InitialContext ic = new InitialContext();
        NamingEnumeration<NameClassPair> ne = ic.list("java:comp/env/jdbc");
        while (ne.hasMore()) {
          NameClassPair ncp =;
          Object o = ic.lookup("java:comp/env/jdbc/"+ncp.getName());
          if (o instanceof BasicDataSource) {
            BasicDataSource ds = (BasicDataSource) o;
          } else {
            out.println("<li>found odd object "+ncp.getName()+" of type "+o.getClass().getName());


It’s particularly important to have the part that checks for remote user, because this thing is printing out passwords to the screen. You’ll have to put some sort of filter to set the remote user and then replace my username with yours (or come up with some entirely different protection mechanism).

Apache Commons

If you are a Java developer, and you don’t know about Apache Commons, you should take a minute to check it out.  A lot of times when you need to write some mundane code to do something, and you are thinking to yourself, “I’m sure a million other people have had to write this code”, you should take a quick look at commons to see if they did it.  A lot of times they have it packaged up in a nice library.  One of my favorites is the IOUtils class in commons-io, which can pull an InputStream into a String object in one line of code, but they have a bunch of other stuff that is useful as well.

Deleting SQLite database in android

If you are in the process of developing an android app that uses SQLite, you probably have found yourself in the situation where you wanted to restructure the database.  Instead of bumping the version on the helper class and putting in upgrade logic, it is best to just start over with a fresh database when you haven’t yet released your new version of the app.  Here’s how you zap your database in the emulator’s file system.

First, find out the serial number of the emulator as it is running:

$ adb devices
List of devices attached
emulator-5554    device

Now, connect a shell and delete the file from the filesystem:

$ adb emulator-5554 shell
# rm /data/data/<yourpackage>/databases/<databaseName>
# exit

After that, your database should be gone and will be recreated next time you run the helper to get a connection.

Maven is like apt-get for Java

When I first learned Linux, I used Slackware 3.0.  In those days, if you wanted to install extra software, you pretty much had to compile it yourself.  And they didn’t even have configure scripts back then, if I recall correctly.  Eventually, Redhat took over, and software was easier to install via RPM packages.  At first, RPMs weren’t available for everything, so you still had to compile some stuff, but eventually they became pretty ubiquitous.  Dependencies could be a big pain though.  You download one RPM you want, and you find out you need to download five more that it depends on.  And those five each depend on five others.  Remember  Then came yum and apt-get, and those trouble were alleviated.

Now, building Java apps is almost like managing a Linux system.  There are so many great third party libraries available, you can find ones to do almost any common task you need, saving lots of time when coding stuff.  But, the people that write those libraries also use other libraries.  Things like Hibernate have a lot of dependencies.  Getting all of the jars for the libraries you need can be somewhat like the old RPM hunt.  This is where Maven comes in.  Just tell it you need Hibernate and it will make sure you have everything else you need.  It’s pretty awesome, and it can completely eliminate those sessions where you waste a lot of time looking for jar files.

Spring JDBC is awesome

I would like to just take a moment to express my love for Spring JDBC. I just deleted giant swaths of database connection handling code from an app I’m maintaining by replacing a DAO with a Spring JDBC version. If you haven’t taken the time to learn about it, check it out here.