Updates from April, 2008 Toggle Comment Threads | Keyboard Shortcuts

  • steve918 4:03 pm on April 30, 2008 Permalink | Reply
    Tags: Delegation, , , Relying Party, , woot   

    SourceForge Ships OpenID!! 


    SourceForge.net shipped support for OpenID this morning followed by an official announcement on their community forums. In just a few seconds I had my OpenID tied to my existing SF account. Their implementation seems very solid and straight forward.

    This certainly makes them one of the largest, most prominent OpenID Relying parties to date.
    I sure hope this leads to all of OSTG websites ( Slashdot, Thinkgeek, Freshmeat, etc…) following suit.

    Their front page now advertises: 1,840,049 Users + 250,000,000 OpenIDs 🙂

    Their OpenID management screen is really hot; It allows you to add additional OpenIDs to your account, decide which one you want to make public (if any) and choose one to delegate your SourceForge.net endpoint to. So developers can use http://sourceforge.net/users/username as their OpenID endpoint.

    Digg It!

     
  • steve918 11:56 am on April 22, 2008 Permalink | Reply
    Tags: javascript, Security   

    Lamest "security" ever. 

    Normally I would abstain from pointing out security issues on other’s websites, but since this bit of code provides absolutely no security at all I can do so with a clear conscience. The bit of code below is from my former banks personal account login. I quickly changed banks after realizing how much they understand/care about security.

    function encryptString(strPlain) {
      // Convert to lower case
      var strCipher;
      // Run the reflection cipher on each letter in the string
      var strCipher = "";
      for (i=0; i<strPlain.length; i++) {
        strCipher = strCipher + flipLetter(strPlain.charAt(i));
          }
      return strCipher;
    }
    function flipLetter(chrLetter) {
      // Executes a reflection cipher,
      // substituting one letter for its alphabetic inverse
      switch(chrLetter) {
        case "a": chrLetter = "z"; break;
        case "b": chrLetter = "y"; break;
        case "c": chrLetter = "x"; break;
        //etc, etc...
        case "X": chrLetter = "C"; break;
        case "Y": chrLetter = "B"; break;
        case "Z": chrLetter = "A"; break;
        default: chrLetter = chrLetter; break;
      }
      return chrLetter;
    }
    

    No, your eyes don’t deceive you. They really did think a letter-substitution cypher written in Javascript was ok.

     
    • Monsanto 8:45 am on April 28, 2008 Permalink | Reply

      LOL…just what I needed this morning!

  • steve918 2:50 pm on April 14, 2008 Permalink | Reply
    Tags: , ,   

    SourceForge OpenID RP in the works. 

    Luke Crouch, one of SourceForge’s developers left a subtle message today in their community forums hinting at what OpenID features they’ve been working on recently.

    It looks like they will be shipping a full on RP implementation along with delegation support for their developer profile pages.

    “dedicated Identity Providers can focus on delivering comprehensive digital online identity services for web users, while we need to focus on those users’ needs as OSS community participants.” — Luke Crouch

    I’m really excited to see SF leading the pack in the OpenID world. Their RP offerings will certainly be a valuable contribution to the community.

     
  • steve918 8:38 am on April 11, 2008 Permalink | Reply
    Tags: , Error pages, , , Goolge App Engine,   

    Custom error pages in GAE/Django 

    To allow for custom error pages (404,500) in Django/Google App Engine all you need is this bit of middle-ware that stubs out the request class for you so that it doesn’t blow up.

    Add your custom templates to your template directory and name them 404.html, 500.html etc.

    Paste the following into middleware/errorpages.py

    class DummyUser(object):
    
        def get_and_delete_messages(self):
            pass
    
    class NeedsUserObject(object):
    
        def process_request(self, request):
            request.user = DummyUser()
    

    In your settings.py add the NeedsUserObject middleware

    MIDDLEWARE_CLASSES = (
      ...
        'middleware.errorpages.NeedsUserObject',
    )
    
     
    • foo 2:53 pm on September 18, 2009 Permalink | Reply

      Thanks:) works great.

  • steve918 11:54 pm on April 10, 2008 Permalink | Reply
    Tags: , , ,   

    Django manage.py wrapper script for Google App Engine 

    I’m used to running mange.py in my Django apps and I kept forgetting the name of the Google App Engine equivalents. My script only knows how to do two things at the moment, “runserver” and “publish” but now I can manage everything the way I’m accustomed to.

    Update: Aprill 11 – Added toggle_debug, automatically switches debug off when publishing and back on for development.

    #!/usr/bin/env python
    #
    # Simple convience script for common publishing and develop tasks
    # This script expects dev_appserver.py to be in your $PATH
    import os, sys, re
    
    def main(argv):
    
        command = ""
    
        try:
            command = argv[1]
        except:
            usage()
            exit(2)
    
        if command == 'publish':
            publish()
        elif command == 'publish-debug':
            publish(True)
        elif command == 'runserver':
            runserver()
        elif command == "--help" or command == "-h":
            usage()
            exit(0)
    
    def usage():
        print """
        Usage: python manage.py [command] 
    
        Commands:
            publish - 'updates' Google App Engine with your current version
            publish-debug - 'updates' Goolge App Engine with debug turned on
            runserver - launches the development server on port 8080
    
        Options:
            --help, -h - Prints this screen
    
        For more information on a particular command, run [command] --help
        """
    def get_gae_dir():
        """ Locate dev_appserver.py and return the directory is in. """
    
        # There's probably a smarter way to do this...
        script = 'dev_appserver.py'
        stdin, stdout = os.popen2('which %s'%script)
        xpath = stdout.read().strip()
        stdout.close()
        stdin.close()
    
        # If the file is a symlink, find out where the actual file lives.
        try:
            tmpdir = os.readlink(xpath)
        except OSError:
            tmpdir = xpath
    
        return os.path.abspath(os.path.dirname(tmpdir))
    
    def toggle_debug(status):
        st = 'False'
        if status:
            st = 'True'
    
        os.rename('settings.py','settings.py.bak')
        orig = open('settings.py.bak').read()
        p = re.compile('DEBUG\s=\s(True|False)')
        n = p.sub('DEBUG = %s'%st,orig)
        nw = open('settings.py','w')
        nw.write(n)
        nw.close()
    
    def gae_parent(script):
    
        DIR_PATH = get_gae_dir()
        DEV_APPSERVER_PATH = os.path.join(DIR_PATH,'google/appengine/tools/%s'%script)
    
        EXTRA_PATHS = [
          DIR_PATH,
          os.path.join(DIR_PATH, 'lib', 'django'),
          os.path.join(DIR_PATH, 'lib', 'webob'),
          os.path.join(DIR_PATH, 'lib', 'yaml', 'lib'),
        ]
    
        sys.path = EXTRA_PATHS + sys.path
        execfile(DEV_APPSERVER_PATH, globals())
    
    def publish(debug=False):
    
        if(debug):
            toggle_debug(True)
        else:
            toggle_debug(False)
    
        sys.argv[1] = "update"
        try:
            sys.argv[2] = os.path.abspath(os.path.dirname(os.path.realpath(__file__)))
        except IndexError:
            sys.argv.append(os.path.abspath(os.path.dirname(os.path.realpath(__file__))))
    
        gae_parent('appcfg.py')
    
    def runserver():
        toggle_debug(True)
        sys.argv[1] = os.path.abspath(os.path.dirname(os.path.realpath(__file__)))
        gae_parent('dev_appserver_main.py')
    
    if __name__ == '__main__':
        main(sys.argv)
    
     
  • steve918 6:57 pm on April 9, 2008 Permalink | Reply
    Tags: , , ,   

    Google App Engine Limitations 

    I’m really digging the concept that is Google App Engine, but I think they a little bit of work to do before I would be willing to put any effort into porting to their platform. Their marketing points for this include the fact that it allows you to build, deploy and iterate your application quickly, but the fact that I have to now port just about every Python library out there to use BigTable and URL fetcher is a serious productivity loss.

    • Python Only – This doesn’t bother me, but is still a deal breaker for a lot of people.
    • No way to schedule tasks. (cron)
    • No way to dynamically route subdomains. You can’t point *.yourdomain.com at a single script. So your urls have to look like example.com/tulsa and not tulsa.example.com
    • You can’t use any existing libraries that make network fetches. Google forces you to use their URL Fetcher class. Which is broken in several ways:
      • No way to set timeout
      • No HTTP Auth Support
      • Does not follow redirects
    • You have to user BigTable for your Database Layer, so you have to port any existing database code you have. There is also no ORM for Django to use BigTable yet, which means Django Admin interface will not work.

    On the bright side, their publishing and versioning process is outstanding. The administration interface is pretty sexy so I’ve take quite a few screen shots for anyone who didn’t get an invite and would like to see it.

    Picture 1

     
  • steve918 10:32 am on April 8, 2008 Permalink | Reply
    Tags: OpenID identity google   

    Google's OpenID Provider Via Google Web Engine 

    Shortly after Google released Google Web Engine last night, Ryan Barrett of Google released an application for the platform that essentially makes Google an OpenID Provider. Check it out here:

    http://openid-provider.appspot.com/

    (Thanks Sam for the scoop)

    Update: Digg It!

     
  • steve918 12:59 am on April 8, 2008 Permalink | Reply
    Tags: cloud computing, , ,   

    Google App Engine SDK 

    I just learned about Google App Engine a couple of hours ago and I have to say I’m pretty excited about what their doing. I really like the fact that they didn’t go out and try to invent their own IDE and scripting language. I’m still really reluctant to move toward cloud computing services. I still want to cling on to my hardware and OS.

    Some cool points:

     
c
Compose new post
j
Next post/Next comment
k
Previous post/Previous comment
r
Reply
e
Edit
o
Show/Hide comments
t
Go to top
l
Go to login
h
Show/Hide help
shift + esc
Cancel