The kid was asleep, the wife had gone to bed early, so I did what any other sane person would do on a Saturday night – cracked open a beer and decided to brush up on my Java skills.

I’ve never done Java full-time, and while I know the basics of the language – I even got a “Sun Certified Java Programmer 1.4” certification back in the day, just for kicks – I hadn’t explored the newer features like Generics, Annotations and whatever else. So with that in mind I fired up IDEA and started playing around.

I soon ran into some troubles though!

I tweeted about these slides but didn’t actually post them to the blog. I presented at SydJS for the first time this month, about Koa – a generator based web server framework for Node.js.

The slides by themselves probably aren’t the most useful, and if you want to learn about Koa you might just be better off reading the docs!

Koa presentation slides

Happy New Year!

I’ve been putting in a bit of time during the holiday break, in between baby wrangling and Christmas duties, and have managed to add a bunch of useful features to the CFML CI template.

I recently took on the task of trying to make the FW/1 test suite run on Travis CI. With a bit of experimentation and hacking it now works! This might be the first open source CFML project with Continous Integration tests, and as a resource for the community I thought it would be good to release the relevant parts as a template of sorts. Presenting the CFML CI project:

https://github.com/marcins/cfml-ci

The README contains instructions for integrating with your CFML project.

FW/1, the awesome and lightweight CFML application framework, has version 2.2 just around the corner (in RC as I write this, may be out by the time you read it). Version 2.2 is mostly a bugfix release, however there are two new features that were of particular interest to me: resource routes, and renderData.

Last week I had the opportunity to speak at the CFCamp 2013 conference in Munich. Rather than a CFML topic I proposed a talk on CoffeeScript, as I had been doing a few CoffeeScript projects at work and found the language interesting. Although funnily enough in between proposing the talk and actually giving it I have actually gone off the idea of using CoffeeScript heavily in production.

After attending JSConf EU in September I just feel that there’s too much new stuff coming in JavaScript that clashes with what’s already in CoffeeScript that it might be better to stick to pure JS. Of course CoffeeScript generated JS won’t stop working, but it just sometimes feels like the little bit of nicer syntax isn’t worth the overheads to the process.

So my presentation was very wary in trying to advocate / evangelise CoffeeScript, it was more a case of “Hey, this is what CoffeeScript is and what it looks like. You might want to give it a go, but really be aware of the downsides”!

I’ve put the Introduction to CoffeeScript presentation online – there’s a live CoffeeScript code editor and compiler built into the slides, which was a bit of fun to write.

As for the conference itself, it was a lot of fun! Michael Hnat and the rest of the organising team did a great job, and the venue was excellent. Also loved the drinks on every table in the presentation rooms, and the copious amounts of pretzels for snacks. I met some interesting people, and saw some interesting presentations. It was only good timing with my family holiday that I could make it there this year, which is a shame as I’d happily come back next year if it wasn’t half way around the world.

I use the Google Authenticator app as an additional security measure for my Google account. When Dropbox added support I realised it wasn’t just a Google thing. I finally thought I’d look at what it takes to implement a Google Authenticator “compliant” service. Turns out it’s not too hard, and it’s all standards based.

For the impatient, here’s the CF Google Authenticator Github repo.

So for the details: These 2 standards are involved in the Google Authenticator implementation:

• RFC-6238 TOTP: Time-Based One-Time Password Algorithm
• RFC-4226 HOTP: An HMAC-Based One-Time Password Algorithm

The first is actually a specific implementation of the second, and what Google Authenticator tokens are based on.

HOTP is conceptually simple – you take the HMAC-SHA-1 of a shared secret key, and a counter. You then do some bit twiddling with the resulting 160-bit (20 byte) hash to get it down to a 4-byte number, from which you then extract a 6-digit number which is your token.

TOTP is a particular implementation of HOTP, where the counter is based on the number of seconds since the UNIX Epoch. Specifically it’s how many X second periods have there been since the epoch, where X is 30 seconds in Google’s case. This is why the number changes every 30 seconds.

So anyway, the actual derivation of the current token value from the secret is only a few lines of code, but there was some additional complexity to implementing this in ColdFusion.

Continuing on with yesterday’s theme of posts about Amazon Elastic Beanstalk bits and pieces I’ve discovered I’m going to talk about how to setup the simple monitoring tool Monit on your EC2 instance(s). In my case I’m using Monit to monitor the delayed_job service I mentioned in my last post, and restart it if it dies.

Some of this is extracted from an answer I posted to a Stack Overflow question.

Recently I’ve been helping out a friend with a website and we are deploying it to AWS via their Elastic Beanstalk service. I’ve learned a few quirks of the platform in my, albeit brief, time working with it. One of these is that there’s no official way to run a “post deploy” script. You can run “Container Commands”), which are executed in your application directory BEFORE it is deployed (ie. made live), but no way to run a script AFTER your application is deployed (ie. when your application is in /var/app/current and the web server has been restarted).

Why would you need to do this?

Hello! Let’s try this blogging thing again. Decided to give Octopress a whirl. Gone are the days of writing your own blogging engine every time you want to start writing a blog again (well, maybe).