-------------------------------------------------------------------------
WeberŃRlNVv[̐ݒ͂łȂ̂ł傤H
it@CAI[̐ݒŁARlNVv[̐ڑ؂čĂ܂j 
-------------------------------------------------------------------------
ɂB
PWeber̃RlNVv[𖳌ɂ邾łA
web.xml&quot;transactionFilter&quot;`Ăfiltervffilter-mapping
vfRgAEgĂOKłB
ȀꍇDBւ̐ڑʓrlKv܂B
DaoNXWeber̃RlNVv[ԐړIɌĂяoĂ܂̂ŁA
Ȃ炩̑ΉKvɂȂĂ܂B

Ƃ΂̊DataSource𗘗p邱Ƃ͉\ł傤H
Weberł́AsrctH_zɂdi-config.xmlDataSourcew肷邱Ƃł
(ăRpCKvł)B

idi-config ConnectionMangervfDataSourceݒj
&lt;bean id=&quot;ConnectionManager&quot; 
    type=&quot;org.itscool.commons.connection.DataSourceConnectionManager&quot; singleton=&quot;true&quot;&gt;
    &lt;property name=&quot;dsName&quot; value=&quot;java:comp/env/o^ς݂̃f[^\[X&quot;/&gt;
&lt;/bean&gt;

̏ꍇAX`Ă&quot;JdbcConnectionManager&quot;̕
RgAEgĂĂB
ȉ񓚂ł낵ł傤HwE₲܂܂A


-------------------------------------------------------------------------
di-config̐ݒŁÃOt@Cւ̏o͐ݒĂł܂ł傤H
weber.log̑ɁAtrace.logo͂ƂB
Weber̃o[W3.1.2łB 
-------------------------------------------------------------------------
cOȂAWeber̂ɂ͕̃Ot@C̏o͂𐧌䂷邱Ƃ͏o܂񂪁A
Ⴆ΁Aorg.itscool.commons.logging.SimpleLogpg[Xp̃O
di-config.xmlɓo^邱ƂɂAWebAvP[VŕOt@C
ւ̃Oo͂sƂł܂B

菇Pj SimpleLogOpTraceLog쐬܂iVOgłKv܂j
<pre>
package org.itscool.commons_ex.logging;

import org.itscool.commons.logging.AbstractLog;
import org.itscool.commons.logging.SimpleLog;

public class TraceLog extends SimpleLog{
    private static TraceLog log = new TraceLog();
    
    /**
     * SimpleLoggetInstance()I[o[ChāA
     * g[Xp̃CX^XԂĂ܂B
    */
    public static AbstractLog getInstance(){
        return log;
    } 
    
}
</pre>

菇QjTraceLogp̐ݒdi-config.xmlɓo^܂

&lt;!-- MO[eBeBig[Xpj --&gt;
&lt;bean id="TraceLog" type="org.itscool.commons_ex.logging.TraceLog" singleton="true"&gt;
    &lt;property name="level" value="trace"/&gt;
    &lt;property name="maxSize" value="3000"/&gt;
    &lt;property name="logPath" value="C:/trace.log"/&gt;
    &lt;property name="mode" value="all"/&gt;
    &lt;property name="encode" value="Shift_JIS"/&gt;
&lt;/bean&gt;

&lt;!-- MO[eBeBij --&gt;
&lt;bean id="Log" type="org.itscool.commons.logging.SimpleLog" singleton="true"&gt;
    &lt;property name="maxSize" value="3000"/&gt;
    &lt;property name="logPath" value="C:/weber.log"/&gt;
    &lt;property name="level" value="info"/&gt;
    &lt;property name="mode" value="all"/&gt;
    &lt;property name="encode" value="Shift_JIS"/&gt;
&lt;/bean&gt;

菇Rjo^TraceLogWebAvP[VŌĂяo܂B
    BeanFactory factory = BeanFactory.getInstance();
    //TraceLogCX^X擾܂
    AbstractLog traceLog = (AbstractLog)factory.getInstance("TraceLog");
    if(!traceLog.isInit()){ //TraceLogĂȂꍇ
        //TraceLog܂iʏWebAvP[VNɂPŝ݂OKłj
        traceLog = (AbstractLog)factory.createInstance("TraceLog");
    }
    //TraceLoggO̐
    traceLog.trace("trace sample ProjectSwitchAction doExecute");

    //̃OCX^XgO̐
    AbstractLog weberLog = (AbstractLog)factory.getInstance("Log");
    weberLog.trace("weber sample ProjectSwitchAction doExecute");
        
-------------------------------------------------------------------------
PDJavaÍg@\iJCEjɂÍ
-------------------------------------------------------------------------
PDP@Tv
@JavaɂÍ̉s܂B
@JDK5.0ɂ́AJCEiJava Íg@\j܂܂ĂA̋@\𗘗pƁA
ʌɂÍJɂÍ@\ł܂B 

PDQ@ʌi閧jł̈Í
@Javał́AʌƂAu閧viSecret KeyjƂ܂B
{ł́A̕\ɂĐ܂B

܂A̕\ɏ]܂ƁAJ̎Lɑ閧̕\ƍ
܂̂ŁAuJvƁuLvƂ\ɓꂵABɂȂȂ悤ɂ܂B

閧ɂÍł́ApX[hx[XÍT|[gĂ܂̂
ꂼ̕@܂B 

PDQDP@Íƕ@iɂj
@Í閧ŐĈÍR[hȉɎ܂BÍƕł́A
KeyGeneratorNXgĔ閧𐶐ACipherNXgĈÍƕs܂B
@Ő@ŗpł̈Í̃ASÝAȉ̂ƂłB

`dr 
ARCFOUR/RC4 
Blowfish 
DES 
DESede 
RC2 
̈ÍASÝACipher̐̍ۂɎw肵܂B
ȉɈÍƕ̃R[hL܂B
 
/*
 * Íƕ
 */
import java.security.*;
import javax.crypto.*;
import javax.crypto.spec.IvParameterSpec;


public class Encrypt01 {

    public static void main(String[] args) {

        try {

            // Í
            KeyGenerator kg = KeyGenerator.getInstance("DES");
            Key key = kg.generateKey();
            Cipher c = Cipher.getInstance("DES/CBC/PKCS5Padding");
            c.init(Cipher.ENCRYPT_MODE, key);
            byte input[] = "To be encrypted data.".getBytes();
            byte encrypted[] = c.doFinal(input); // ňÍ

            // 畜
            byte iv[] = c.getIV();

            IvParameterSpec dps = new IvParameterSpec(iv);
            c.init(Cipher.DECRYPT_MODE, key, dps);
            byte output[] = c.doFinal(encrypted);

            // \
            System.out.println("The string was \"");
            System.out.println(new String(output) + "\"");

        } catch (Exception e) {

            e.printStackTrace();

        }
    }
}
 
Íł́A𐶐Ǎgăf[^iNAeLXgƂ܂jÍ܂B
̍ۂ́AgĈÍꂽf[^𕜍܂B

̐
KeyGeneratorNXgiKeyNXj𐶐܂BKeyGenaratorNX̃CX^X́A
R[ĥ悤getInstance( )𗘗p܂B
̍ۂɐɎASYw肵܂BASY͑召ʂ܂B
w肵ASYp̌́AgenerateKey( )Ő܂B̃\bhR[邲
ɐVȌi_Ɂj܂B

Í
Íł́ACipherNXg܂̂ŁA܂CX^X𐶐܂BR[hɂ悤
getInstance( )\bh𗘗p܂B̂ƂAɂ͈Í̃ASYialgorithmj
ƂƂɃ[himodejƃpfBOipaddingjȉ̌`Ŏw肵܂B
@@@algorithm/mode/padding
[hуpfBO͏ȗł܂̂
@@@algorithm
Ǝw肵Ă܂܂Bȗꂽꍇ́A̒lKp܂BSunJCȄꍇ́A
DESADES-EDEABlowfishÍ̃ftHg[h ECBŁApfBO PKCS5PaddingłB
̂߁AgDES/ECB/PKCS5PaddinghƁgDESh͓łB

ÍASYƂāiŁjwł̂́Aȉ̂ƂłAASYɂ
̓IȎ@قȂꍇ܂̂ŒӂĂB

AES: Advanced Encryption Standard ƂāANIST ɂ FIPS htgɎw肳ꂽB 
ARCFOUR/RC4: Ron Rivest JXg[ÍB 
Blowfish: Bruce Schneier ̐݌vɂubNÍ 
DES: f[^ÍKi (FIPS PUB 46-2 Œ`) 
DESede: gv DES Í (DES-EDE) 
ECIES (Elliptic Curve Integrated Encryption Scheme) 
PBEWith<digest>And<encryption> ܂ PBEWith<prf>And<encryption>: pX[hx[X
̈ÍASY (PKCS #5) ŁAw肳ꂽbZ[W_CWFXg (<digest>) ܂
[Í֐ (<prf>)AÍASY (<encryption>) gpBقǗp
܂B 
RC2ARC4A RC5: RSA Data Security, Inc  Ron Rivest ɂJꂽ
L[TCYÍASY 
RSA: PKCS #1 Œ`Ă RSA ÍASY 
ȂA[hуpfBO͈ȉ̂悤Ȓlwł܂B
[h́A 
NONE: [hȂ 
CBC: FIPS PUB 81 Œ`ꂽ Cipher Block Chaining Mode 
CFB: FIPS PUB 81 Œ`ꂽ Cipher Feedback Mode 
ECB: č National Institute of Standards and Technology (NIST)  Federal 
Information Processing Standard (FIPS) PUB 81uDES Modes of Operationv
Œ`ꂽ Electronic Codebook Mode (1980 N 12 ) 
OFB: FIPS PUB 81 Œ`ꂽ Output Feedback Mode 
PCBC: Kerberos o[W 4 Œ`ꂽ Propagating Cipher Block Chaining 
pfBÓA 
ISO10126Padding: ̃ubNÍppfBÓAW3C ́uXML Encryption Syntax 
and ProcessingvhLgɋLڂĂB 
NoPadding: pfBOȂ 
OAEPWith<digest>And<mgf>Padding: PKCS #1 ɒ`Ă Optimal Asymmetric
 Encryption Padding XL[}B 
PKCS5Padding: uPKCS #5: Password-Based Encryption Standardvo[W 
1.5 (RSA LaboratoriesA1993 N 11 ) ŋK肳ꂽpfBO 
SSL3Padding: SSL Protocol o[W 3.0 ̃ZNV 5.2.3.2 (CBC ubN
Í) ŋK肳ꂽpfBO 
ȂARʂň͂܂ꂽڂ́Ȃ̖OŒuv[Xz_łB

CX^X𐶐́A܂Binit( )\bhgA
ÍiENCRYPT_MODEj́AiDECRYPT_MODEj̎wƂƂɐ
^܂B

Í̎{
ꂽ Cipher gĈÍ{܂B
oCgf[^Ƃ Cipher  doFinal( )\bhɗ^ƁA
Íꂽf[^󂯎邱Ƃł܂B

̏
Íꂽf[^𕜍Ƃ́AÍf[^Ƃ̈ÍɗpKv
ɂȂ܂B́AÍ̍ۂɐ̂̂܂ܗp܂B
܂AÍASY DESADES-EDEABlowfishiA[hCBCACFBAOFBA
PCBĈƂj̏ꍇ́AASYp[^w肵Ȃ΂Ȃ܂B
ASYp[^́ACipher擾܂B
܂AꂽCipher珉xNggetIV( )\bhŎoA
̒lɂăASYp[^擾܂BiȉQƁj

    byte iv[] = c.getIV();
    IvParameterSpec dps = new IvParameterSpec(iv);
̃CX^Xg Cipher ܂BiȉQƁj

    c.init(Cipher.DECRYPT_MODE, key, dps);
 Cipher  doFinal( )\bhgĕꂽf[^擾܂B

̕@ł́AÍꂽf[^̂قÍ̌f[^𕜍鑤ɓn
΂Ȃ܂B
Í̌pX[ĥ悤Ɏwł΁ApӂɈÍƕ{
Ƃł܂Bł́A̕@L܂B 

------------------------------------------------------------------------------
IEŃZbVϐvԂŕێȂ
------------------------------------------------------------------------------

WebAvP[VĂۂɁANbL[ǂĂۑłȂƂ
guɑ܂B

ׂĂƁASXNvgʃzXgɐݒuƐɕۑł邱Ƃ
mFł̂ŁAǂzXgɖ肪肻łB

ƂƂŐɃNbL[ۑłzXgƂłȂzXg𒭂߂ĂƁA
ႢɋCÂ܂B

ANbL[ۑłȂzXgɂ"_"iA_[XRAj܂܂ĂłB

A_[XRARFC߂zXg̃KChCɈᔽĂ镶ȂłˁB
΁ÃTCg̃hC擾ہAuhori-uchi.comvɂ悤A
uhori_uchi.comvɂ悤Y񂾂łAuhori_uchi.comv̓hCo^ł
悤ȋL炠܂BB 

bNbL[ɂǂ܂AIE5.01SP1ȍ~łRFCɏȂzXgNbL[
ZLeB̊ϓ_ۑȂ悤ɂȂĂ悤łB 
ɏڂ񂪂܂Ƃ߂Ă܂BɂƁA 

IẼZLeBpb`́AӂWebTCgWebTCgCookie擾ł
Ǝ㐫r邽߂̂̂ŁAIE5.01SP1ȍ~̃[XIE[XASPɊ܂܂܂B

̃pb`KpƁAȉ̂ꂩɊYꍇAcookie̓uEUɕۑ܂B 
URL̃zXgARFC̃hC̃KChCɈᔽĂ镶܂ޏꍇi"_"Ȃ






------------------------------------------------------------------------------
[PRB] Internet Explorer ZLeBCvO MS01-055 ̃CXg[A
ZbVϐvԂŕێȂ
------------------------------------------------------------------------------

Ώېi
ԍ : 316112 
ŏIXV : 2005N711 
rW : 5.2 

Microsoft Internet Explorer 5.5 ܂ 6.0 p̃ZLeBCvO 
MS01-055 ̃CXg[A̖肪邱Ƃ܂B 
? ZbVϐB  
? vԂŃZbVԂێȂB  
? NCAg VXe Cookie ݒ肳ȂB  
 : ZLeBCvO MS01-055 Œ񋟂ꂽC܂ށA
ŐV̏CvÕCXg[A̖肪邱Ƃ܂B 
擪֖߂


ZLeBCvO MS01-055 ł́AsK؂ȍ\gpÕT[o[
 Cookie ݒł܂B
Cookie gphCł́AhCуT[o[ɉp ("-" ܂ 
".") gpȂ΂Ȃ܂B

T[o[ɃA_[XRA ("_") ȂǁȂ̕܂܂ĂꍇA
Internet Explorer  Cookie ubN܂B 

ASP ̃ZbVԂƃZbVϐ̋@\ Cookie ɈˑĂ邽߁A
NCAg Cookie ݒłȂꍇAASP ͗vԂŃZbVԂێ
ł܂B 

̖́AzXg wb_̕sK؂ȖO\̏ꍇ܂B 
擪֖߂

@
̖ɂ́A̕@̂ꂩgp܂B ? hCƃT[o[
Opgp閼OɕύXB  
? hCT[o[ł͂ȂAC^[lbg vgR (IP) AhXgp
ăT[o[QƂB  
 : T[o[̕ύX́AMicrosoft IIS (C^[lbg CtH[V 
T[o[) \̕ύXKvɂȂ邱Ƃ܂Bڍׂ֘͢AQƂĂB 
擪֖߂


͎̓dlłB 
擪֖߂

ڍ
Internet Explorer 5.5  6 ɂ͐Ǝ㐫݂܂B̐Ǝ㐫𗘗pāA
ӂ̂郆[U[ANCAg Rs[^Ɋi[Ă Cookie ɑ΂āA
Web TCgsɃANZX邱Ƃ\ɂ URL 쐬A
 Cookie Ɋ܂܂ĂlύX\܂B

ꕔ Web TCgł́ACookie gpďdvȃf[^NCAg Rs[^
Ɋi[Ă邽߁ÃZLeB̐Ǝ㐫ɂl񂪘Rk\܂B 

ZLeBCvO MS01-055 ́AsK؍\gpÕT[o[ 
Cookie ݒłȂ邱ƂɂAZLeB̐Ǝ㐫C܂B
̏CvOł́AT[o[ RFC (Request for Comments) 833  Appendix 
A"DOMAIN NAMES - IMPLEMENTATION and SPECIFICATION" Œ`Ă閼Ot
Kɏ]Kv܂Bڍׂ֘͢AQƂĂB 
擪֖߂
