AWS getSessionToken using IAM

AWSSecurityTokenServiceClient provides a getSessionToken() method with the following description:

The GetSessionToken action returns a set of temporary credentials for an AWS account or IAM user. The credentials consist of an Access Key ID, a Secret Access Key, and a security token. These credentials are valid for the specified duration only. The session duration for IAM users can be between 15 minutes and 36 hours, with a default of 12 hours. The session duration for AWS account owners is restricted to a maximum of one hour. Providing the AWS Multi-Factor Authentication (MFA) device serial number and the token code is optional.

For more information about using GetSessionToken to create temporary credentials, go to Creating Temporary Credentials to Enable Access for IAM Users in Using IAM .

I wanted to get a token valid for two hours. It took me quite a while to figure out how to get a session using IAM credentials instead of AWS credentials.  I spent some time searching and checking out the com.amazonaws.services.identitymanagement package to see if it could provide a way to connect with IAM credentials. However it turned out to be much simpler. You need to create a BasicAWSCredentials object with your IAM access and secret key passed to the constructor. Then pass this object when instantiating AWSSecurityTokenServiceClient

public Credentials getS3Token() {

try {

        BasicAWSCredentials creds = new BasicAWSCredentials("XXXXXXX", "XXXXXXXXX");

        AWSSecurityTokenServiceClient awsSecurityTokenServiceClient = new AWSSecurityTokenServiceClient(creds);

        GetSessionTokenRequest getSessionTokenRequest = new GetSessionTokenRequest();

        getSessionTokenRequest.setDurationSeconds(7200);   // 2 hours

        GetSessionTokenResult gstr = awsSecurityTokenServiceClient.getSessionToken(getSessionTokenRequest);

        log.info(gstr.getCredentials().toString());

        return gstr.getCredentials();

} catch (AmazonServiceException ase) {

        log.error("Caught Exception: " + ase.getMessage());

        log.debug("Reponse Status Code: " + ase.getStatusCode());

        log.debug("Error Code: " + ase.getErrorCode());

        log.debug("Request ID: " + ase.getRequestId());

    } catch (Exception e) {

        log.error("IOException");

        e.printStackTrace();

    }

    return null;

}

Java NullPointerException: Uncaught error fetching image

These days I'm working with Java, Swing & AWT. An interesting move from web development. Now I can catch many errors at runtime and Java usually points to where the problem is, except for this exception I came across recently:


Uncaught error fetching image:
java.lang.NullPointerException
at sun.awt.image.URLImageSource.getConnection(URLImageSource.java:97)
at sun.awt.image.URLImageSource.getDecoder(URLImageSource.java:106)
at sun.awt.image.InputStreamImageSource.doFetch(InputStreamImageSource.java:240)
at sun.awt.image.ImageFetcher.fetchloop(ImageFetcher.java:172)
at sun.awt.image.ImageFetcher.run(ImageFetcher.java:136)


None of my classes are mentioned there!

I was trying to add some new icons to the application as part of an animation. For this purpose I have a class called AnimatedIcon which implements Icon.
One of the parameters in the contructor is the path to the image file. An AnimatedIcon object is created for each icon in the animation so I have something like this:


for(int i1 = 0; i1 < frames; i1++) {
    String filename=fileset+(i1+1)+".gif";
    Image tmp=java.awt.Toolkit.getDefaultToolkit().getImage(getClass().getResource(filename));
    images[i1]=new ImageBuffer(tmp);
}



I added a debug output to the loop to try and see what was going on and I saw this in the console;

DEBUG 2010-04-08 13:01:16,615 [AWT-EventQueue-0] ImageManager: /test/app/images/eventenvelope DEBUG 2010-04-08 13:01:16,615 [AWT-EventQueue-0] AnimatedIcon: /test/app/images/eventenvelope1.gif Uncaught error fetching image: java.lang.NullPointerException at sun.awt.image.URLImageSource.getConnection(URLImageSource.java:97) at sun.awt.image.URLImageSource.getDecoder(URLImageSource.java:106) at sun.awt.image.InputStreamImageSource.doFetch(InputStreamImageSource.java:240) at sun.awt.image.ImageFetcher.fetchloop(ImageFetcher.java:17) at sun.awt.image.ImageFetcher.run(ImageFetcher.java:136)
DEBUG 2010-04-08 13:01:16,616 [AWT-EventQueue-0] AnimatedIcon: /test/app/images/eventenvelope2.gif DEBUG 2010-04-08 13:01:16,616 [AWT-EventQueue-0] AnimatedIcon: /test/app/images/eventenvelope3.gif DEBUG 2010-04-08 13:01:16,616 [AWT-EventQueue-0] AnimatedIcon: /test/app/images/eventenvelope4.gif DEBUG 2010-04-08 13:01:16,618 [AWT-EventQueue-0] AnimatedIcon: /test/app/images/eventenvelope5.gif DEBUG 2010-04-08 13:01:16,618 [AWT-EventQueue-0] AnimatedIcon: /test/app/images/eventenvelope6.gif DEBUG 2010-04-08 13:01:16,618 [AWT-EventQueue-0] AnimatedIcon: /test/app/images/eventenvelope7.gif

From this I assumed that there was something wrong with eventenvelope1.gif so I tried replacing it and even renaming evenlope2.gif to envelope1.gif however it always threw the exception on the first image. It turned out that Eclipse just couldn't find the file. I needed to refresh the images folder in Eclipse. After doing this the error went away!

I was debugging this for ages so I hope this post will save time for someone. It's quite simple to re-produce the error, just delete one of the images. It is a shame the error isn't a bit more descriptive.

Bash Scripting

I had some bash scripts to write a little while ago and I thought I'd share them here.

Let's start with a simple task. Say we have a load of files in a directory, e.g. null121231.xml, null3049432.xml etc. and we want to remove null from the start of the files' names:

for f in null*; do mv "$f" "${f#null}"; done

Moving onto a little more complex. I wanted to write a script that would backup these files to another machine. I felt it was more logical to trigger this script from the remote machine so I did it this way:

Remote machine: telex
Local machine (where backup is being stored): hossbox

#!/bin/bash
# Off site backup script for live database
#
#
# DATE: 27/08/2009

#################################
# Assign Date variables     #
#################################
startTime=`date`
LOGFILE=/home/java/blog_backup_jobs.txt

echo $startTime ": Starting blog backup" >> $LOGFILE

# Ping interval in seconds
PINGINTERVAL=600
numErrors=0
HOST=telex

#### functions ####
function pinghost()
{
    ping -c 1 $1 &> /dev/null
    if [ $? = 0 ]; then
        return 0
    else
        return 111
    fi
}

function notifyAdmin()
{
    # email subject
    SUBJECT="Blog backup failed, mecca failed to respond for 1 hour"
    # Email to?
    EMAIL="patrick@localhost"
    # Email text/message
    EMAILMESSAGE="/home/java/cron/emailmessage.txt"
    echo "$HOST has failed to respond for 1 hour. The blog backup script has failed" > $EMAILMESSAGE
    # Send email using /bin/mail
    /bin/mail -s "$SUBJECT" "$EMAIL" < $EMAILMESSAGE
}


#### Script starts here ####

pinghost $HOST
errorCode=$?

while [ $errorCode -eq 111 ]
do
    numErrors=$(( $numErrors + 1 ))
    echo "`date +%r`: Ping error $numErrors to $HOST" >> $LOGFILE

    if [ $numErrors -eq 6 ]; then
        echo "`date +%r`: Couldn't ping $HOST for 1 hour, emailing admin.." >> $LOGFILE
        # calling a function to email someone here
        notifyAdmin
        echo "`date +%r`: mail sent....exiting." >> $LOGFILE
        exit 1
    else
        sleep $PINGINTERVAL
        pinghost $HOST
        errorCode=$?
    fi
done

# If we're here then mecca is up. Now we need to connect and
# check if the blog extraction job is finished
# returns 202 if the pid file exits
# returns 0 if it doesn't
PIDFILE=/home/java/extract_blog.pid
function checkBlogJobFinished()
{
    if ssh $HOST 'ls "'$PIDFILE'" >/dev/null'; then
        return 202;
    else
        return 0;
    fi
}

checkBlogJobFinished
errorCode=$?
numChecks=0
# time to sleep in seconds, 7200seconds = 2 hours
SLEEPTIME=7200
while [ $errorCode -eq 202 ]
do
    numChecks=$(( $numChecks + 1 ))
    echo "`date +%r`: Check $numChecks: job still running, going to sleep for $SLEEPTIME seconds" >> $LOGFILE
    sleep $SLEEPTIME
    checkBlogJobFinished
    errorCode=$?
done

# If we're here then the blog job has finished, time to get the blog xml files

########################################
# Backup Site Directory - files        #
########################################

# remote blog folder is of format: week{currentWeekNo_currentYear}
remoteBlogFolder=/home/java/extractor/blogs/week`date +%V_%Y`
localBlogFolder=/home/java/backup/mecca/blogs

if [ ! -e $localBlogFolder ]
then
    mkdir -p $localBlogFolder
fi

echo "`date +%r`: Starting retreival of $remoteBlogFolder" >> $LOGFILE
rsync -avz -e "ssh -i /home/java/cron/hossbox-rsync-key-java" java@$HOST:$remoteBlogFolder $localBlogFolder
echo "`date +%r`: Ending retreival of $remoteBlogFolder" >> $LOGFILE

currentWeek=`date +%V`
let previousWeek=$currentWeek-1

oldBackupFolder=/home/java/backup/telex/blogs/week$previousWeek

# remove old backup
if [ -e $oldBackupFolder ]
then
    rm -rf $oldBackupFolder
fi

endTime=`date`
echo $endTime ": Ending blog backup" >> $LOGFILE

This script sleeps for 2 hours if a blog extraction job is running on the remote machine. It sleeps for 10 minutes if the remote machine isn't responding.

Accessing Oracle's Web Interface (Oracle Enterprise Manager)

I wanted to access the Oracle Web Interface for administering the database on a Cent OS system. However, I hadn't performed this oracle installation myself so I started by doing:

netstat -a | more

And looking carefully through the list to see if I could spot it but I couldn't!

Eventually I found the answer here. There is a file which contains the Oracle Enterprise Manager URL for each database installed and that file's location is:

$ORACLE_HOME/install/readme.txt

For example:
/home/oracle/app/oracle/product/11.1.0/db_1/install

Here's what mine looked like:

Enterprise Manager Database Control URL - (orcl) :
https://localhost:1158/em

Enterprise Manager Database Control URL - (bbb) :
https://localhost:5501/em

Enterprise Manager Database Control URL - (aaa) :
https://localhost:5500/em

And there you have it! Enjoy!

nmefwmi.exe stopped working and was closed

I installed Oracle 11g last week on my laptop (Windows Vista Business Edition) and had no issues except a reduction in my machine's performance.

However yeseterday windows update wanted to install some updates and one of which was Service Pack 2 which I let it install. Ever since then every 5 minutes I get this error message in a popup:

nmefwmi.exe stopped working and was closed

After doing some searching this is apparently a bug in Oracle 11g that is yet to be resolved by Oracle. I found hearing that strange since the problem only started occuring for me after a windows update.

I found this answer which explains how to fix the issue:

* nmefwimi.exe is Oracle Enterprise Manager process and it is not critical in the sense what when it stops working it will not affect the database.
* nmefwmi.exe process is associated with OracleDBConsoleorcl service.
* Go to Administrative Tools -> Services, stop the service and set the startup type to "Manual".
* When you need to use dbconsole, start the service manually, ignore the error, do what you have to do, and stop it again.