RSS
 

Archive for the ‘Beginner’ Category

How do I fix a “NoClassDefFoundError” while attempting to start Cassandra?

03 Jul

When I first tried to run “cassandra-cli” from the “bin” directory after unpacking the cassandra 0.6.3 package on my Windows system, I got a “NoClassDefFoundError” error.  The exact command, context and error are shown below.

C:\Work\apache-cassandra-0.6.3\bin>cassandra-cli -host localhost -port 9160
Starting Cassandra Client
Exception in thread "main" java.lang.NoClassDefFoundError: org/apache/cassandra/
cli/CliMain
Caused by: java.lang.ClassNotFoundException: org.apache.cassandra.cli.CliMain
at java.net.URLClassLoader$1.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at sun.misc.Launcher$AppClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
Could not find the main class: org.apache.cassandra.cli.CliMain. Program will e
xit.

Java veterans would immediately suspect a problem with the class library search path with this type of error. I did too, so I added some environment variable echo statements to the “cassandra_cli.bat” file and found that the batch file was not pointing to the “lib” directory where Cassandra’s “*.jar” files were kept.

Normally, I’d be tempted to fix this by changing:

for %%i in (%CASSANDRA_HOME%\lib\*.jar) do call :append %%~fi

…in line #28 of my default “cassandra_cli.bat” file to:

for %%i in (%CASSANDRA_HOME%\..\lib\*.jar) do call :append %%~fi

…so my batch file could go back far enough to find the appropriate Cassandra class paths.

However, please don’t do that. Instead, Cassandra assumes that you’ll be running all your command-line utilities from the root Cassandra directory (e.g., “C:\Work\apache-cassandra-0.6.3″ instead of “C:\Work\apache-cassandra-0.6.3\bin”).

Instead, please just “cd ..” back to your root Cassandra folder and prepend “bin\” before your commands. Better results are shown below.

C:\Work\apache-cassandra-0.6.3>bin\cassandra-cli  -host localhost -port 9160
Starting Cassandra Client
Connected to: "Test Cluster" on localhost/9160
Welcome to cassandra CLI.
Type ‘help’ or ‘?’ for help. Type ‘quit’ or ‘exit’ to quit.
cassandra>
Share
 
Comments Off

Posted in Beginner, Cassandra, Troubleshooting

 

Simple, Secure and Speedy – Part One

03 Jul

Securing a web server may sound like a daunting task.  It may be tempting to think that complex solutions will provide the most security. This is not always the case, sometimes a simple solution can provide a lot of protection.

A web server is one of the most visible targets for attackers for three reasons:

  1. The sure popularity of HTTP
  2. The bevy of vulnerabilities found in misconfigured web servers
  3. The sometimes poor quality of ‘CGI, etc’ software running on the server

So naturally great care should be taken to secure the web server. But what if the web server should become compromised? Have you increased your attackers surface? Consider this diagram:

Once compromised the web server now provides the attacker multiple new targets such as LDAP, MySQL, and SysLog. A very simple addition to the diagram, the reverse proxy, will put the attacker back to square one – again battling to break into a web server with little else gained.

So your attacker can do one of two things:

1) Deface your web site or otherwise abuse that single server. While this is certainly not an attractive proposition, it definitely beats the news that sensitive data or systems are under attack.

2) Resume the attack and attempt to hack into the next web server – the one in the internal network. To further frustrate the attacker, choose a different web server for the internal network. Whatever vulnerabilities they used to compromise the first web server will likely be useless against this new web server.

Example Configuration

Reverse Proxy Server: consider Nginx a widely used but very light weight web server. The base install includes reverse proxy features. Minimally add a ‘proxy_pass’ setting to the location in the Nginx configuration.

server {
  listen   80;
  server_name  localhost;
  location / {
    proxy_pass http://[private server address]:8000;
   }
}

Private web server: consider lighttpd a light weight HTTP server well suited to running with PHP through the FPM module in PHP (as of PHP 5.3).

Any web server in the private network would work, of course. And the Nginx configuration would be more complex if you need to support SSL, or if you want static files to cache in the DMZ zone. But overall this is a very simple way to get considerably more security for your sensitive systems and data. And, as it turns out, it also scales well – more about that in future posts.

Next Post: The same reverse proxy techniques can be used in in Amazon’s cloud.  (Read now.)

Share
 
Comments Off

Posted in Beginner, Elastic Architecture, Gateway, lighttpd, Nginx, Reverse Proxy

 
Newer Entries »