unlimited EMail account

In https://yopmail.com, you can choose any email account like 'test123', if not conflict with others, you will get a email account test123@yopmail.com without personal information registered.

Replace ldap-utils with cURL

• docker run -d --name openldap -p 1389:1389 bitnami/openldap:2.6.8
• docker ps
• openldap up and running
• docker exec -it openldap ldapsearch -H ldap://localhost:1389 -x -b dc=example,dc=org
• numEntries: 5
• ldapsearch -H ldap://localhost:1389 -x -b dc=example,dc=org
• ldapsearch: No such file or directory
• curl ldap://localhost:1389/dc=example,dc=org??sub
• numEntries: 5

curl: (56) Failure when receiving data from the peer

 Maybe add User-Agent header can solve it.

Jenkins Agent Connect Fail: Did not receive X-Remoting-Capability header

 Jenkins node name is case-sensitive.

Spring HTTP Strict Transport Security Guide

 1. demo site

    1.

    2. generate, download, unzip, cd

    3. docker run -it --rm --name my-maven-project -v "$(pwd)":/usr/src/mymaven -w /usr/src/mymaven maven:3.9.0-eclipse-temurin-17 mvn clean install

    4. java -jar target/demo-0.0.1-SNAPSHOT.jar

    5. get generated security password

    6. visit http://localhost:8080 with username user and generated password

    7. 

2. index page

    1. create src/main/java/com/example/demo/controller/WebController.java

package com.example.demo.controller;

import org.springframework.stereotype.Controller;

import org.springframework.web.bind.annotation.RequestMapping;

@Controller

public class WebController {

    @RequestMapping(value = "/index")

    public String index() {

        return "index";

    }

}

    2. create src/main/resources/templates/index.html

<!DOCTYPE html>

<html>

    <head>

        <meta charset = "ISO-8859-1" />

        <title>Spring Boot Application</title>

    </head>

    <body>

        <h4>Welcome to Thymeleaf Spring Boot web application</h4>

    </body>

</html>

    3. repeat 1.3 ~ 1.6

    4. 

3. https

    1. create self-signed keystore: demo.keystore

keytool -genkeypair -alias demo -keyalg RSA -keystore demo.keystore -storetype JKS -dname "CN=localhost" -keypass keyPass -storepass storePass

    2. create spring config: demo.yml

server:

  port: 8443

  ssl:

    enabled: true

    key-alias: demo

    key-store: "/your/path/to/demo.keystore"

    key-store-type: jks

    key-store-password: storePass

    key-password: keyPass

    3. java -jar demo-0.0.1-SNAPSHOT.jar --spring.config.location=demo.yml

    4. repeat 1.5

    5. visit https://localhost:8443 with username user and generated password, ignore self-signed certificate warning.

    6. 

Docker CAS 6.6.x with AD (just like LDAP)

• cas.authn.ldap[0].ldap-url=ldaps://azuread.abc.com.tw
• cas.authn.ldap[0].base-dn=ou=AADDC\ Users,dc=abc,dc=com,dc=tw
• cas.authn.ldap[0].type=AUTHENTICATED
• cas.authn.ldap[0].bind-dn=your_account@abc.com.tw
• cas.authn.ldap[0].bind-credential=yourPassword
• cas.authn.ldap[0].search-filter=(&(objectClass=user)(sAMAccountName={user}))
• cas.authn.ldap[0].principal-attribute-list=cn,displayName,sAMAccountName

Docker CAS 6.6.x with LDAP, not Anonymous

change

• cas.authn.ldap[0].type=ANONYMOUS

to

• cas.authn.ldap[0].type=AUTHENTICATED
• cas.authn.ldap[0].bind-dn=CN=user01,ou=users,dc=example,dc=org
• cas.authn.ldap[0].bind-credential=bitnami1