Trucs de geek

Mulder ouvre son blog !

Posted on avril 22, 2008

Mulder, aka David Robin, retente l’expérience du blog.

Il y cause Java, Talend, LDAP, que du lourd :)

C’est par là !

Filed under: Divers | Tagged with: java pote talend techno  | 0 comments

CookieStore on Yaws

Posted on avril 10, 2008

I implemented a session cookie store, just like the one in Ruby on Rails 2.0.

Available with the same caveats : Session data is encoded in base64 and sent in the cookie with a SHA MAC of this data. This means that the user can see what’s inside, but will not be able to tamper with it.

Moreover session data should stay in small amount as the encoded and signed data may not exceed 4096 bytes.

This being said, that should give us Yaws clustering for free :) And no more sessions to expire, just set the cookie expiration date.

One small thing, make sure crypto is started.

session1.yaws has been rewritten to make use of this code.

Download here.

Filed under: Erlang | Tagged with: cookie store rails yaws  | 0 comments

Clustering OpenFire with Shoal (Sort of ...)

Posted on avril 09, 2008

As requested there, the code I wrote for clustering OpenFire with Shoal.

It’s not functional. The cluster lifecycle is ok. Getting Synchronous and Asynchronous tasks running on the cluster work within MUC.

There’s still a lot of work.

I don’t plan working on this code any further, but if it can inspire someone in carrying it on …

Here it is.

Filed under: Java XMPP | Tagged with: clustering openfire shoal  | 1 comment

mini Auth CAS on Yaws

Posted on avril 03, 2008

Yaws, c’est le serveur web écrit en erlang, célèbre pour ce graphe qui montre comment Yaws met sa pâté à Apache.

Voici le client minimal permettant de s’authentifier sur un serveur CAS.

A sauver dans un fichier cas.yaws à mettre dans le /var/yaws (document root par défaut).

N’oubliez pas d’adapter CASHOST et SERVICE à votre configuration.

<erl>
-define(CASHOST, "http://localhost:8080/cas/").
-define(SERVICE, "service=http%3A%2F%2Flocalhost%3A5224%2Fcas.yaws").
-include_lib("xmerl/include/xmerl.hrl").

out(A)->
    H = A#arg.headers,
    C = H#headers.cookie,
    inets:start(),
    case yaws_api:find_cookie_val("casuser", C) of
        []->
            check_auth(A);  
        Cookie ->
            {ok, Username} = yaws_api:cookieval_to_opaque(Cookie),
            {html, "Authentified as "++Username}
    end.

check_auth(A)->  
    case queryvar(A,"ticket") of
        {ok, Ticket}->
            case verify_ticket(Ticket) of
                {ok, Username} ->
                    Cookie = yaws_api:new_cookie_session(Username),
                    CO = yaws_api:setcookie("casuser",Cookie,"/"),
                    [{html, "Authentified as "++Username}, CO];
                {error, Reason} ->
                    [{status, 403},{html, "Unauthorized : "++Reason}]
            end;
        undefined ->
            {redirect, ?CASHOST ++ "login?" ++ ?SERVICE }
        end.

verify_ticket(Ticket) ->
    inets:start(),
    Url =?CASHOST++"proxyValidate?"++?SERVICE++"&ticket="++Ticket,
    {ok, {_Status, _Headers, Body}} =
          http:request(Url),
    { Xml, _Rest } = xmerl_scan:string(Body),
    inets:stop(),
    case xmerl_xpath:string("//cas:user/text()",Xml) of
        [ #xmlText{value=Username} ] ->
            {ok, Username};
        [] ->
            {error, "invalid ticket " ++ Url}
        end.
</erl>

Tant qu’on est sur le sujet, il y a un article très intéressant sur le REST dans Yaws chez InfoQ.

Filed under: Erlang | Tagged with: cas erlang yaws  | 0 comments