0 > >|

Updated website

Posted on: 25-05-2018 by sid

I’ve just updated the website. Basically I just did a little bit theme styling / refactoring and I’ve added some data privacy notes as today the EU General Data Protection Regulation (GDPR) have gone into effect. I think as a private person this doesn’t affect me to much here. But just for the case. Anyway this website is basically text, so I don’t collect any data if you visit side. That beeing saied…​ Have a nice weekend!

From wordpress to maven-site

Posted on: 23-05-2018 by sid

The last weeks I worked on swtiching my website away from wordpress and now it’s finally there. Basically I use know the maven site plugin to generate the site out of asciidoc files. To be able to do this I’ve created a small plugin which is able to read a YML definition which includes all blog posts and create some asciidoc with it which is then later generated to HTML via maven site plugin. More details to come soon (maybe) ;)

My basic requirements were:

  • support easy markup without the need to write HTML directly

  • source code support (with highlightning)

  • easy way to publish new posts

  • paging

How-to create your own Certificate Authority (or the better way to get working snake oil certificates for internal use).

Posted on: 21-12-2017 by sid

As I have a local owncloud installation I was searching how to create certificates which work well in Iron, Thunderbird and the owncloud client. Therefore basically I used: the how to which I found on https://niklas-rother.de/artikel/die-eigene-certificate-authority-ca/.

When I was finished I found out that Iron was still complaining about the certificate. The issue was the missing SubjectAltName in the certificate. Therefore I searched and I found the following how to explaining how to add it http://apetec.com/support/GenerateSAN-CSR.htm.

And here’s now my solution:

  1. I’ve create a folder 'ca-cert' in my root home directory and changed the owner flags with chmod 700. To prevent everyone except root from reading that folder.</li>

  2. I changed into that directory and created a secrete key with 4096 bit for my CA

$ openssl genrsa -des3 -out ca.key 4096
  1. Afterwards I’ve created the certificate for the CA which should be valid for 5 years:

$ openssl req -new -x509 -days 1825 -key ca.key -out ca.crt

The following steps now need to be repeated (e.g. if you want to create a new certificate for a new server or if you want to renew a certificate when the validity date was reached).

Before we start with the certificate request and so on we need to take care about a few configurations to be made in /etc/ssl/openssl.cnf:

  1. Search for req_extensions if it’s not in you should create it. If it’s commented remove the comment. The Line must look like:

req_extensions = v3_req # The extensions to add to a certificate request
  1. Afterwards search for 'v3_req'. The section should look like (Note: That the DNS.1 and IP.1 entry will be used for every certificate you create with this openssl.cnf. If you want to create multiple it makes sense to put those properties into a single file per server. I did not try how to do this.):

[ v3_req ]

# Extensions to add to a certificate request

basicConstraints = CA:FALSE
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
subjectAltName = @alt_names

[ alt_names ]
  1. Save your editor and close the file.

Now we can create our certificate:

  1. First we need a key for the new certificate (also with 4096 bit)

$ openssl genrsa -des3 -out sid-owncloud.key 4096
  1. Now we create the signing request:

$ openssl req -new -out sid-owncloud.csr -key sid-owncloud.key -config /etc/ssl/openssl.cnf
  1. This signing request can now be signed by the CA and the certificate will be created

$ openssl x509 -req -days 730 -in sid-owncloud.csr -CA ../ca.crt -CAkey ../ca.key -set_serial 04 -out sid-owncloud.crt -extensions v3_req -extfile /etc/ssl/openssl.cnf
  1. At the end you might want to remove the password for the servers key files (e.g. to use it in an apache2 config):

$ openssl rsa -in sid-owncloud.key -out sid-owncloud.insecure.key
  1. Now you just need to configure your servers (to use the new certificate) and clients (to trust the root CAs certificate as trusted CA).

[Unsolved] Trying to create a akka-http server consuming multi-part messages

Posted on: 13-03-2017 by sid

I’m currently working on a akka-http server which should consume multi-part messages and send back on of those parts to the client. Currently I struggle a bit with the framework itself and especially lambdas as they’re pretty new to me. Here is my current code:

package de.steffenrumpf.akka.http.webserver;

import java.util.concurrent.CompletionStage;

import akka.NotUsed;
import akka.actor.ActorSystem;
import akka.http.javadsl.ConnectHttp;
import akka.http.javadsl.Http;
import akka.http.javadsl.ServerBinding;
import akka.http.javadsl.model.HttpEntities;
import akka.http.javadsl.model.HttpEntity.Strict;
import akka.http.javadsl.model.HttpRequest;
import akka.http.javadsl.model.HttpResponse;
import akka.http.javadsl.server.AllDirectives;
import akka.http.javadsl.server.Route;
import akka.http.javadsl.unmarshalling.Unmarshaller;
import akka.stream.ActorMaterializer;
import akka.stream.javadsl.Flow;

public class Server extends AllDirectives {

private ActorMaterializer materializer;
private Http http;
private Flow<HttpRequest, HttpResponse, NotUsed> routeFlow;
private CompletionStage<ServerBinding> binding;
private ActorSystem system;

public Server(ActorSystem system) {
ActorMaterializer materializer = ActorMaterializer.create(system);
http = Http.get(system);

routeFlow = createRoute().flow(system, materializer);
binding = http.bindAndHandle(routeFlow, ConnectHttp.toHost("localhost", 8080), materializer);

public static void main(String[] args) throws Exception {
// boot up server using the route as defined below
ActorSystem system = ActorSystem.create("routes");

// In order to access all directives we need an instance where the routes are define.
Server server = new Server(system);

System.out.println("Server online at http://localhost:8080/\nPress RETURN to stop...");
System.in.read(); // let it run until user presses return


public void unbind() {
binding.thenCompose(ServerBinding::unbind) // trigger unbinding from the port
.thenAccept(unbound -> system.terminate()); // and shutdown when done

private Route createRoute() {

return route(path("test", () -> post(() -> entity(Unmarshaller.entityToMultipartFormData(), formData -> {

final CompletionStage<Strict> response = formData.getParts()
.filter(part -> part.getName()
.mapAsync(1, requestPart -> {

return requestPart.getEntity()
.map(bs -> HttpEntities.create(bs))
.runFold(HttpEntities.create("Empty Response"), (emptyResponse, obj) -> obj, materializer);
.runFold(HttpEntities.create("Empty Response 2"), (emptyResponse2, obj) -> obj, materializer);

return onComplete(() -> response, extraction -> complete(extraction.get()));

Currently I’m getting an NullPointerException in runFold Method but I don’t know why…​ I’ll update this posts when I know how to solve it.

Unfortunatley till now I don’t have a solution!
— 13.04.2018 by Sid

Photoshop CC Keyboard Shortcuts

Posted on: 12-02-2017 by sid

I was just searching for a list of all keyboard shortcuts in Photoshop CC. I found a few links which where either to old or I was not able to print them in a nice way in chrome/iron. So I searched further and found something pretty nice:

In Photoshop CC itself you could just go to the edit/bearbeiten menu and there is an entry called shortcuts/Tastaturbefehle (Alt+Umschalt+STRG+k). From there you can export all currently defined shortcuts into a .htm file.

Curves Presets for Lightroom

Posted on: 31-12-2016 by sid

Today I created a few curves presets to be used in lightroom: Curves.zip

To use them you just need to unzip the file into C:\Users&lt;YOUR USERNAME> \AppData\Roaming\Adobe\CameraRaw\Curves and restart Lightroom.

Most of them can be used to give your pictures a special toning: The first 8 are S curves (or inverted S curves) based on the color chanels. The naming pattern means that the color in upper case letters is boosted in the highlights and reduced in the shadows. Here are some samples:

The base Image is:












And there are a few other "creative" presets:










At least there is one preset which is special. It’s called FindErrors and can be used to find errors like dust on the sensor or the lens:


Groovy, XML and Namespaces

Posted on: 10-12-2016 by sid

I just had to work with Groovy (creating a Pipeline in Jenkins V2) where we needed to handle XML documents. In fact we were reading the documents from disk but just to keep that little example easy I skip this and just create a text variable which includes the XML fracment. What I want to show is how to use the XMLParser together with a XML document which uses namespaces. The sample I’m using is from http://groovy-lang.org/processing-xml.html. I’ve just added some namespaces. Just node the difference regarding the namespace definitions in line 9 + 10 and take a look on the different style of the GPath statements in line 15.

def text = '''<!?xml version="1.0" encoding="UTF-8"?>
<rootElement xmlns:n1="http://steffen-rumpf.de/groovy/ns1"

def n1 = new groovy.xml.Namespace("http://steffen-rumpf.de/groovy/ns1", 'n1')
def n2 = new groovy.xml.Namespace("http://steffen-rumpf.de/groovy/ns2", 'n2')

def list = new XmlParser().parseText(text)

assert list instanceof groovy.util.Node
assert list[n1.technology][n2.name].text() == 'Groovy'

println 'Content of name is: '+list[n1.technology][n2.name].text()

What I really don’t like @ Adobe Lightroom

Posted on: 30-10-2016 by sid

When managing my photos I’m using Adobe Lightroom since three years now. To publish my pictures on 500px I’ve one publishing service where all pictures are added when I mark them with a color label. That works pretty nice. But what I don’t like is that I wanted to export the pictures in a ordered way and that doesn’t seem to work.<!--more-→ As the in camera name is to short because it’s IMG_<4 digits>.jpg and the 4 digits are easily reached and then start from the beginning again I wanted to add a prefix which has 5 digits (which would at least allow 99999 pictures). Therefore I created a custom preset which should just add this prefix to the original filename.


</a> In general that works pretty good if you always publish the full publishing service at the same time. It does not work if you only add a few images from time to time and publish those pictures separately. In that case the ordering gets completely messed up. As it will start from the beginning every time. Does someone know if there is a way to fix this? I already tried all the different sequencing options in Lightroom but it seems they’re all doing the same shit.


JMS vs. Kafka

Posted on: 19-07-2016 by sid

Last weekend I create a small Java comparison test (yes it was a bit unfair) between Apache Kafka, Oracle Weblogic and WS02 MessageBroker. What I basically did was to create simple clients for all three products (basically a Kafka client and JMS client which was used for Oracle and WS02) and I installed all products with basic configuration (as they can be downloaded). Ok for Weblogic I extended the heap to 2048Mb and used a G1 GC as it was configured with the lowest amount when shipped out. The testclient was pretty simple basically a thread which send always the same message (String “Hello World” attached with an incremented number) to the messaging product. This thread always run 60s and then stopped the test. As expected Apache Kafka ruled the others with a bit more then 75 Mio messages send and stored in a minute. WS02 scored second with at about 1 Mio messages and Oracle Weblogic at the end with a bit more then 100k messages. That was really interesting to see. Especially the huge difference between those two JMS implementations. Would be quite interesting why this difference is that huge. I may check the different default configurations and try to align them. Maybe I’ll also extend the test and run it on clusters of the products…

OSB threading and local proxies

Posted on: 29-04-2016 by sid

The last days I investigated a lot into the osb 11G (Oracle ESB) threading model during my work. I found a few quite nice articles about that topic but sadly they’re mostly not really covering these topic together with local proxies (proxy with transport local or at least http proxies which are hosted on the same nodes). If you’re not familar with threading in OSB I recomment to read those articles first because I base my assumptions and thoughts on those. My main sources are:

In [5] I found the only information about local proxies and exactly this behaviour we experienced as well. I’ll give my understanding here, therefore no quarantee that it’s realy like that. I’ll only discuss about publish and callouts to local proxies using the coresponding pipeline actions. I’ll not talk about proxy chaining as this is already covered in [2] and [3].

1. Publish

Normally (which means in case of external services) the publish action is completley asynchronous and the calling thread will not block if we use QoS = At least once. If we use QoS = Exactly Once based on [2] the thread will block until a response (I guess e.g. at least HTTP 200) is received. If we use local threads the behaviour is different (see [5] for example). In that case in any scenario even if you use QoS = At least once the thread will "block" until the request pipeline of the called thread is finished (if same transaction for response is false, I’ll follow up on this later). Therefore if you attend to have asynchronous operation for some logging or something like that it’s not asynchronous if you implement it in the request pipeline. You can workaround this by implementing your service only in the response pipeline (as the response pipeline always uses a different thread [2]). I thought a little about that and why it could be like that and in fact I think it’s bug. But why is it like that? In my opinion what happens here is the same what happens if we do proxy chaining (see [2] and [3] for details). This means that OSB knows with its optimization algorithms that the proxy we’re calling is a local one and therefore he tries to execute this local proxy request pipeline with the same thread as the calling proxy. That also basically means that the thread is not blocking but OSB is just first executing everything in the called local proxy request pipeline before executing the following actions in the calling proxy.


What I’ve not tested but I guess that it will work like that: If you set "same transaction for response" to true in the called proxy, the calling thread will completley block until the response pipeline is finished (the same what happens when using callouts).


2. Callouts

For callouts it’s not so much a problem as it’s expected that the calling thread "blocks". In fact I guess that the behaviour here is exactly the same which would mean that the calling thread will also do the work of the request pipeline of the proxy service which was called. That must basically be kept in mind if you create a proxy to handle some specific transformations for example. Because that would always need an additional thread to handle the response pipeline for that proxy. That’s also which in [4] the recommendation is made not to use a proxy for those purposes. Anyway in case of callouts, the calling thread will block until the response is received. For the thread itself it also doesn’t matter which QoS you use or if you have same transaction for response set. In that case both settings are only relevant for the transaction behaviour. [4] discusses in detail how threads block in that case, if you need further information.

That’s my current understanding.