Last day of Hasbro: The Sequel

I started as a temp at Hasbro back in 2006. When they moved my department to a Dedham office in 2010 I left, only to return to Hasbro in 2011 once they moved my department back. At that time I thought I’d never leave Hasbro again. But things change. Today was my last day at Hasbro for the second time. I’m off to start a new adventure. Leaving Hasbro again was twice as hard as it was the first time I said goodbye. To all my Hasbro friends, I look forward to meeting up for a drink once Covid is over.

Me on my first day as a temp at Hasbro in 2006
Me at Hasbro’s Diwali festival in 2019
Saying goodbye to Mr. Potato Head, October 2020

First Hop Harvest

The Cascade hops I planted in the backyard haven’t done much since 2015. There were a handful of cones each year, but it wasn’t until this year that there were enough to harvest.

I collected 3.3 ounces of hops. They smelled amazing. Sweet and delicious.

But how to best use them? I decided to use them as a late add to a one gallon lager beer kit I had.

My track record with beer brewing is not the best. Out of the five or so kits I’ve made only about two have been drinkable. But I won’t get better unless I keep practicing.

Brew day went smoothly and the wort looks great. I’ll find out in a few weeks if it’s drinkable.

How to Turn on Basic Server-side Authentication for Lucee

Here’s the instructions I use whenever I need to remember how to set up basic server-side authentication on a Lucee server. These are really instructions for Apache Tomcat, which Lucee uses as its web server.

This is something I often do for development sites, but not production. It will allow your Lucee website to authenticate against a static file of users.
(If you are looking for a way to do this dynamically one option is to connect your website to Active Directory. This is how our production sites are configured and I’ve documented the process here.)

If you’re like me and migrating from Apache Webserver this process is similar to adding users to a password file using the htpasswd command.

First we will create an xml file with our user data. Store this outside of your web root! The format looks like this:

<?xml version="1.0" encoding="UTF-8"?>
<tomcat-users xmlns="http://tomcat.apache.org/xml"
              xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
              xsi:schemaLocation="http://tomcat.apache.org/xml tomcat-users.xsd"
              version="1.0">
	<role rolename="canaccessMYAPP"/>
	<user username="gaspard" password="abcd1234" roles="canaccessMYAPP"/>
</tomcat-users>

The userstore ends up being global within Tomcat, so I’ve made the security role specific to MYAPP. Later on you’ll see how I use this in the web.xml to control access to only MYAPP.

In our server.xml file, now we will tell Tomcat about our file with the user data by making an entry inside the <GlobalNamingResources> tag.

  <GlobalNamingResources>
    <Resource name="UserDatabase" auth="Container"
              type="org.apache.catalina.UserDatabase"
              description="User database that can be updated and saved"
              factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
              pathname="conf/tomcat-users.xml" />
			  
	<Resource name="MY_APP_UserDatabase" auth="Container"
              type="org.apache.catalina.UserDatabase"            
               factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
              pathname="C:\MY_APP-users.xml" />
  </GlobalNamingResources>

(you can remove the default user store on lines 2-6)

Now that we’ve told Tomcat about our XML file with user data, let’s tell Tomcat that this file is available within the engine.

<Engine name="Catalina" defaultHost="127.0.0.1">
      <!-- Use the LockOutRealm to prevent attempts to guess user passwords
           via a brute-force attack -->
      <Realm className="org.apache.catalina.realm.LockOutRealm">
        <Realm className="org.apache.catalina.realm.UserDatabaseRealm" resourceName="UserDatabase"/>
		<Realm className="org.apache.catalina.realm.UserDatabaseRealm" resourceName="MY_APP_UserDatabase"/>
      </Realm>
<Host name="MY_APP.test" appBase="webapps" unpackWARs="true" autoDeploy="true" >
		<Context path="" docBase="C:\wwwroot\MY_APP\public_html\" />
		<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs" prefix="access_log" suffix=".txt" pattern="%h %l %u %t "%r" %s %b" />
		</Host>

    </Engine>

We’ve also defined our host within the <engine> area. You can read more about that here.

Now lets tell our website to authenticate against our list of users. In our web.xml we will add the following:

<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
xmlns="http://xmlns.jcp.org/xml/ns/javaee" 
xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd" 
id="WebApp_ID" version="3.1">
	<display-name>test</display-name>
	<welcome-file-list>
		<welcome-file>index.html</welcome-file>
		<welcome-file>index.htm</welcome-file>
		<welcome-file>index.cfm</welcome-file>
		<welcome-file>default.html</welcome-file>
		<welcome-file>default.htm</welcome-file>
		<welcome-file>default.cfm</welcome-file>
	</welcome-file-list>
	<security-constraint>
		<web-resource-collection>
			<web-resource-name></web-resource-name>
			<url-pattern>/*</url-pattern>
		</web-resource-collection>
		<auth-constraint>
			<role-name>canaccessMYAPP</role-name>
		</auth-constraint>
	</security-constraint>
	<security-role>
    <role-name>canaccessMYAPP</role-name>
  </security-role>
	<login-config>
		<auth-method>BASIC</auth-method>
	</login-config>
</web-app>

As I said at the start, I usually only use this for dev environments. But if you have multiple user files for multiple web apps on one server the user accounts are global. We don’t want the users from MYAPP #1 getting access to MYAPP #2. In the above example I am controlling access by stating that this website only allows users with “canaccessMYAPP”. If I had a second user database I would make a role for those users called “canaccessOTHERAPP” and configure that web.xml to only allow the users with that role to access.

Hope some of you find this useful!

Frame off restoration of a classic 2012 Radio Flyer All-Terrain Wagon

Oh man. I’m old now but back in the day growing up we all wanted one of these. Old man Smith had one with an extra pair of chrome bumpers and tail fins that scraped the sky. Sure they got 4 gallons to the mile, but gas was a nickle a tank and these wagons were the coolest.

Now that I’m older, I scouted around the collector sites looking for a low mileage wagon. I kicked the tires on a few, but it wasn’t until I saw this one that I knew I had found the perfect restoration project.

It was a barn find. Another tale of a young kid putting his wagon in the back of a barn and forgetting about it.

It was is perfect condition considering its age, 12 long years. The deck had rotted out, the paint was flaking, all the chrome had been stolen, and the gold lug nuts had been been lost at some point in the past, but the soul of the wagon was still there.

I got to work. I started by first sanding down the frame with 5 grit sandpaper and easing slowly into 1000k grit for a smooth finish. Unfortunately there was not much left but sawdust after this. But it was factory original sawdust.

Once I had smoothed out the frame I brought in to the professionals for an acid bath and finally a blessing at a Shinto temple to ward off evil spirits.

After that the difficult work of assembling a numbers-matching frame-off restoration began.

The dealer sheet says the wagon should’ve come from the factory with the XLG21 Sports package, but after further investigation this was most likely installed afterwards by the dealer and was in fact the GXL20 Sportsman’s package which was a mid year replacement for the popular PLX67 package. The “G” stands for gold. You can tell the difference easily if you still have the gold lug nuts as the former package uses a star pattern while the latter package uses a standard 1 lug pattern. As i did not have the gold lug nuts I could not determine the package. Instead I decided to use the VIN as the guide for this restoration. And that meant no gold lug nuts, no chrome. Just the stock wheels. It would be a sleeper.

A similar vintage Radio Flyer ATW with XLG21 Sports package. Note the gold lug nuts

First thing was to replace the deck. The original was 1/4in plywood, but I only had 1/2inch. The wagon will be sturdier than the day it came from the factory.

Now to put the wheels on…

More reassembly…

She’s looking good.

To really finish this project I just need to apply a five coats of paint and 678 coats of polyurethane. But for now I have my summer driver!

Building a Rain Barrel Water Tower for the Chicken Coup

I was given this old barrel that originally stored non-toxic antifreeze. My plan was to build a Whizbang chicken plucker, but buying a small backyard chicken plucker turned out to be nearly the same price as buying all the hardware needed to build my own. (It might be worth it if you already have all the parts on hand)

So what to do with the barrel?

I have automatic feeders and I have automatic waterers for my chickens, but the current waterers leak everywhere and I have a garden hose running across my backyard to the coup. Its time to reengineer the poultry watering system. It would be a good start to have a water source at the coup. A rain barrel is just what I need.

No plans needed!

Just need it up high enough to let gravity do the work.

That should be about right. Now we need to add the spigot

I had to cut off the cover in order to access the inside and install the spigot and give the inside a good washing. Now how to reattach the cover?

Mistakes were made, but its finally back on securely.

Now to place it behind the chicken coup. Its in just the right spot to catch the rain once I install the gutter.

Hmm, that looks a little dangerous. Better add a safety rope to keep it from tipping over and crushing someone.

Lets’ secure the bottom as well…

Ok now let’s do some plumbing.
I have a few scraps of piping left over from a different project, but it will do fine. Maybe I should buy the correct kind of elbow? Nah.

Looking good!

Water was flowing out both sides, so I had to plug up this hole until I get to the hardware store for the correct elbow.

That’s a good start!
Ok, let’s lets connect up the new chicken waterers.

Two buckets hooked up. Each bucket has a float valve and watering cups. The rain barrel is high enough for the water to flow downstream and refill the buckets when the float valves open.

I put a rock inside the bucket as a counter weight to the float.

My goal is to be able to go away for a few days without worrying about the chicken’s water. I’m using Grandfather’s Feeders for automatic feeding which hold 40lbs of food and work great. But water had always been an issue.

Previously I was using the 6 gallon buckets shown in the photo below. There is a float on the bottom that is supposed to slowly let out the water, but they only worked correctly if the buckets were perfectly level and often the water would slowly drip out the side after only a day or two. I tried hanging the buckets, but then the chickens knocked them around and splashed the water out. I also tried modifying the buckets to use a float valve on top connected to the hose, but that just lead to them continually refilling and causing an even bigger mess. The chickens would also poop in the trough causing the water to get completely dirty.

I’m really happy with how this came out. Now I have non-spilling waterers and 50 gallons of reserve water that will automatically refill itself when it rains (or I could fill up from the garden hose if there’s no rain). My next step will be to make covers for the water buckets to keep the leaves and mosquitos out.

Success! The poults like it!

How to Install a Certificate in ColdFusion

I have to do this so infrequently that I always have to look up the instructions again. Putting these here so I can find them easily.

I’m always surprised that there isn’t an easy way to download the cert from the command line. If there was then this could be made into a nice little script. Grabbing the cert via your browser is still the easiest way.

Step 1:
Go to https:\URL and click on lock icon, and download the cert into the C:\ColdFusion11\jre\lib\security\ directory or whatever the jre\lib\security directory is for your CF install

Step 2:
On the command line, go to your jre\bin directory
cd C:\ColdFusion11\jre\bin

Step 3:
Run the following command. (Adjust your paths and cert names as necessary.)
keytool -import -trustcacerts -keystore C:\ColdFusion11\jre\lib\security\cacerts -storepass changeit -noprompt -alias MYCERTNICKNAME -file C:\ColdFusion11\jre\lib\security\MYCERTFILENAME

The MYCERTFILENAME should match the filename, the MYCERTNICKNAME can be anything, but I like to keep it the same as the filename

Step 4:
Restart the Coldfusion Application service