Archive for the 'kerberos' Category
Today: 05-Nov-2008: Kerberos and Joomla! 1.6’s Backup system
Today had a lackadaisical start with me working on getting Dawn of War:Winter Assault to work on my Mac (once it was fully patched seems to have started working, yay for no copy protection!) after doing a whole heap of disk swapping last night to get the base installed only to see it complain it couldn’t find a CD/DVD drive. After I installed the 1.50 patch it asked me if I wanted to start and for the first time it actually started the game without issues. I managed to load it up and play a quick game and fielded a call from my Mum before heading to work. I also added some projects to my list and categorised items, now on the todo list: an automated login key generator for Joomla! and a component to compliment the ban IP/address plugin. Now all I need is time!
The Kerberos keys that I had asked to be remade were ready for me by the time I got there. It took a bit of time to rebuild the different keytab files to support the vhost environment (need to merge the respective keytab files) but once that was done everything was working. Well, mostly working. Firefox on my Mac worked fine, Firefox on the Windows desktops I tried worked when they were configured (see http://grolmsnet.de/kerbtut/firefox.html for information on what you need to do to get Firefox to do negotiate), IE on most of the desktops worked fine however some installations weren’t getting SSO, all of the Citrix servers seem not to pass through authentication (they end up going in a weird loop where IE appears to keep loading the page) and Safari on my Mac doesn’t seem to want to play the game either. Perhaps I’ll sort that out over the next week or so but that consumed a reasonable amount of time going through and checking different IE versions and if they worked. The only machine not to play the game seems to be Firefox on my Linux desktop (it should be working) so I’ll have a look at the ones that don’t work and why they don’t want to work. For the Windows boxes I have the feeling that the Netware client is causing issues (which would explain Citrix) so hopefully when our network eradicates Novell we’ll be fine.
And that leads us to the afternoon’s fun of building Joomla! 1.6’s backup system. I’ve managed to get the system to export the sample database, reimport it and then delete the files afterwards so I’ve moved onto much larger goals. I’ve taken one of our internal websites and I’m trying to get it to important. Suffice to say that it has enough data to cause an issue with the system. For data loading I’m using a heavily modified version of Alexey Ozerov’s “BigDump” script, which has been used in the past in a less modified form for the Joomla! 1.5 migrator. It is slowly being converted to use the new Tasks system in 1.6 which is another concept borrowed from the 1.0 migrator. The Tasks system in 1.6 has two items: a task set which is a container for individual tasks. So considering backups, one task set might be a full backup run of the site with individual tasks being an SQL backup, a file backup (tar archive perhaps?) and maybe copying that to a remote FTP site or similar. So the one task set would have an “SQL backup” task and a “file backup” task. Extension package installation may do a similar item as well splitting the install into different parts.
A new part of this is the data load system that provides functionality to read and load data files, at the moment only supporting SQL but I’m hoping I’ll be able to create a CSV one as well some luck, again probably reusing Alexey’s code in part here as well. I’m mostly through building parts of this system though I’m experiencing a strange issue with my sample data (hence why the updates haven’t been committed to J!’s SVN repository today) where it loads the file up through to almost 2000 queries and seems to stop suddenly. I’m not quite sure whats going on but I’m happy enough that the task system is picking up and storing values for it to progress as far as it does.
Another successful day spent on my Mac as well, NetBeans doesn’t seem to want to look at my project any more crashing instead of loading it which is disappointing but I’ll work that out another day. And now its time to enjoy some Dawn of War.
No commentsToday: 04-Nov-2008: Fun with Kerberos
Today was a mostly ordinary day, though the day started with me buying Red Alert 3, so that wasn’t too bad – yay! Australia! A week behind the rest of the world! I could have pirated the game and had it faster and cheaper, perhaps even finished! But I digress, it was an ordinary day.
Today is Melbourne Cup day, being the first Tuesday of November, so we had a luncheon of sorts and a drawing for the horses. Didn’t win, the food was good, I’m $10 poorer and such is life.
I’ve been spending more time at work using my Mac as a primary machine. Since I’ve moved to Exchange from Domino (or Outlook from Notes), I’ve gotten Evolution on Linux mostly working (with the exception that it doesn’t automatically look up names for emails which is tedious) and Apple’s Mail and Address Book both playing nicely with Exchange. I do miss the fact that I had Notes on my Linux desktop and things mostly worked albeit slowly and consuming large amounts of memory, but it worked with all of the features available normally. Mail’s ability to due autocompletion is what is drawing me back to it as a client, which when you start writing emails is actually more useful than you would think. Its still not up to par with the Notes autocomplete which was quite cool and a lot more advanced than either Mail’s or Outlook’s (I get Outlook via Citrix).
I’ve also been trying out NetBean’s PHP Early Access through a nightly build (has the ability to create PHP projects from existing sources) and I’m impressed with it. I tried it out because I wanted to try out debugging with my PHP instance and the dated version of Eclipse I had (3.2) seems to have issues – more than likely my fault – and I don’t want to waste time on trying to fix something. NetBean’s installed and worked almost instantly, however it took me a while to find where I could change the params to get J! to route items properly. I managed to work out the bug that I was having without too much issue. I knew what it was but not where it was: turned out to be exactly what I thought, an assignment operator used instead of the append operator. The Subversion support seems to be a bit off and doesn’t work yet, so I’m not quite ready to ditch Eclipse yet – but I’ll try with later versions to see what I get.
I had a chat with the principal (we have principal, manager, director, CEO as our chain of command) about the projects that I’m doing and the ones I’m interested in so I’ll have to do some paperwork and business cases for the new projects and justify items. We’ve recently got a new manager who is trying to find where everything is so part of this is explaining everything so that he can get a grasp of the way the system works.
Then I spent the majority of the afternoon with one of the ITS guys working through how our Citrix boxes work with Flex profiles and the mandatory profiles filling in the gaps in his knowledge and how different parts of the system and why items might break or behave in a particular way. I think he’s worked out how it works and he’s even figured out why a few issues are happening. So nothing exciting but useful.
And finally I had fun with Kerberos. I built the Kerberos module on the SLES10 server, installed it, restarted Apache and tried to get it to work. On my Mac both Safari and Firefox requested a username and password instead of using a Kerberos token and IE6 in my Citrix session seemed to just go in a weird infinite loop. I slowly worked through my entire Kerberos configuration on the server until I got to looking at the keys. It turns out that the keys were created with the wrong virtual host name for the server which is causing the issues. The keys for the real server name actually worked fine when I got around to testing them which proves that everything will work once I get the keys. The last part is a fix to the Citrix system which for some reason think that the intranet site is actually on the internet, but I’m assured that this should be easy to achieve. Getting Kerberos up and running was pretty easy ignoring the faulty keys compared with some of the nightmares I’ve had getting items to play nicely together. I’ll probably add something to my guide (http://sammoffatt.com.au/jauthtools/Kerberos) on it, to help with items.
Who knows, I may have even figured this Kerberos thing out!
No comments