Almost the end of the week.
Tonight nessquik received it’s UI to handle adding/modifying authentication mechanisms. It involved changing the way my Multiple Authentication adapter works, but it was a change for the better. You can now change the priority of authentication mechanisms.
For example.
Let’s say you have a multiple ways of authenticating for each authentication type. This isn’t that uncommon; we do this at work.
In the old code, those methods would be grouped into their associated types, and checked one right after the other.
It’s obvious though that this may not be intended behavior. What if you want the Database 2 type to be last; or the LDAP 1 type to be first? You couldn’t previously do that because all the LDAPs would be checked at once, and all the Database would be checked at once. That sucks.
The new code allows you to move the methods around in any way that you want though. So you can do the first example above, or order them in whatever way you want.
So the title of this post refers to the fact that I didn’t accomplish today what I said I would accomplish. Instead, I found myself working on the authentication UI. Perhaps tomorrow though.
And to answer Faz; no later than October.
Today and tonight I finished up the UI functionality for the policy modifications page. I’ll start work on the actual form handling code tomorrow. Also, I will finish the code to handle cleanup of drafts of policies that you choose not to create.
There is some odd-ness with the roles and policies UI. It all revolves around updating the list that you see when you delete items. What I’ll do is add a timeout that will refresh the list upon a delete action. I need to remember to reset the timeout in-case another delete action occurs, so point noted.
Tula has been hanging out at my place these last couple of days. She’s found a spot underneath my couch where she likes to lay for most of the day. At nights she likes to jump at the bugs that cling to the screen door that leads to the patio. She hasn’t been nearly as hungry and my sister made it seem like she would be, but she’s curious about whatever you’re cooking.
Boy today was filled with tedious programming tasks. I added roughly all 150 or so nessus settings to nessquik. It’s a more complex task that first thought. My UI is complex; only showing you what you need to see when configuring a policy. The number of configurable settings though is vast; every type of form field is used (including some I made from scratch). So it’s not a simple task.
On a good note though, it’s almost finished (need to add the rest of the advanced field values). After that, adding and modifying policy files will be complete; check that one big piece off the list.
Functionally, it’s more-or-less almost ready to go, which is the good news. I expect that I’ll have a beta version that I will distribute to any interested private parties soon. If you’re interested, contact me.
I’ve been much more productive recently in regard to nessquik 2.6. I’ve finished the roles administration completely, as well as finished the policy creation and administration. I also spent these last couple nights clearing out old code.
Overall I’m happy with the state that it’s currently in. Nothing is superbly broken, there are just little bits and pieces that need to be tied together.
Postgres has been mighty helpful as well and I’ve been able to use functionality, like triggers, that I’ve never had the opportunity to use before. I think 2.6 will be the best release so far. I’m miles beyond where I began with 1.0 and have learned so much in the process.
My sister’s cat Tula turned 1 year old a couple days ago. I get to babysit her for a whole 3 months starting in August.
Tonight I wrapped up the code needed to switch roles between two different list boxes. It doesn’t sound like a very hard thing to do, but it wasn’t as easy as I had initially thought. Thankfully this piece of nessquik didn’t leave me scratching my head with nothing to show for it. Well, I keep knicking away at the UI bit by bit.
Surprisingly I’ve made quite a bit of progress with nessquik recently. I actually just finished the UI for the roles and permissions. The last week or so I finished the UI for creating new policies and editing existing ones. So things are percolating along nicely.
Greg came over a couple days ago and brought his mini amp with him to play guitar while he was hanging out. He left it here along with his beginner guitar that I’ve been meaning to make more use of.
Anyways, I took the opportunity to use the amp and make more use of the guitar, so with quite a bit of material I found on the net, I slowly began to bring myself into the guitar fold. I was playing the verse of Everlong tonight! I love that song!
Today I took a look again at what it would take to leverage the Zend_Config classes to work with dot nessus files.
I looked at this briefly in the past but was turned off by it because of a couple things. One, the nessus files can have tags which have an arbitrary number of fields in them. This caused problems because the Zend_Config objects that would be created would have arrays of Config objects in them and I wasn’t sure of how to access those objects.
For example, the following code will read a value from my Config object
1 | $config->Policy->Preference->uuid |
That’s great, but what happens when you have an array? Say Preference was an array of items and you want the 5th one. This won’t work
1 | $config->Policy->Preference[5] |
Because those values are objects, not arrays. Likewise, this won’t work
1 | $config->Policy->Preference->5 |
5, after all, isn’t an object. Well, as I came to find out, there are two ways to get it; the odd way, and the method way. First, the odd way
1 | $config->Policy->Preference->{5} |
That’s odd to me. I guess the curly braces are an operator of some kind. Now, the method way
1 | $config->Policy->Preference->get(5) |
That’s makes more sense to my brain but it took some time reading the documentation to find that functionality. The other quirk that I was spending way too much time working around is re-use of my authentication adapters in nessquik.
See, Zend_Auth only provides singleton access to the Auth class. This is a problem in my application because I use a bit of functionality that I cooked up to proxy credentials around. You log in to nessquik with your credentials, and then the underlying API account will authenticate to the system and basically become you to perform it’s duties.
Using a singleton pattern in this case though really sucks because that second authentication (api as you) steps on your initial authentication (you to the system) and all sorts of things go wrong. It turns out that I was just not using the correct classes.
The Zend_Auth class ultimately just wraps around the adapters which themselves do the authentication. The obvious solution was to just call the authenticate method of my adapter. This prevents any credentials from ever being stored; definitely a “hand to head” moment *bonk*
There was a report of computer security badness today that I handled before I had a chance to even eat breakfast. I’m curiously hungry these days though. I don’t eat a big breakfast, so that might be the first problem, and I do a round of exercise in the morning, so that might be the second problem. Either that or I just love to eat; which I do