Re: Migrating to google cloud

2017-07-21 Thread Paul Hoadley 
Hi Mark,

On 22 Jul 2017, at 2:35 am, Mark Wardle  wrote:

> I am used to a simple single server with PostgreSQL, Monitor and wotaskd  so 
> this is a bit of a leap. I’d like to take advantage of Cloud SQL 
> (https://cloud.google.com/sql/ ) running 
> PostgreSQL, and probably use nginx as a front-end for future load-balancing 
> with WO instances run from a command-line. 
> 
> Has anyone done something similar?

Similar, but using AWS. We do:

> Cloud SQL (https://cloud.google.com/sql/) running PostgreSQL

RDS running PostgreSQL. https://aws.amazon.com/rds/

> nginx as a front-end for future load-balancing

ELB. https://aws.amazon.com/elasticloadbalancing/

> WO instances run from a command-line. 

We still use JavaMonitor and have Apache on board the appservers.

> Does this sound sensible?

Completely.

> Are there any gotchas that are going to catch me out? Am I better running 
> monitor / wotaskd?

JavaMonitor provides a few conveniences, but I am sure you could rig up a solid 
system the way you describe, and I’d love to hear about it when you do.


-- 
Paul Hoadley
https://logicsquad.net/
https://www.linkedin.com/company/logic-squad/




 ___
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list  (Webobjects-dev@lists.apple.com)
Help/Unsubscribe/Update your Subscription:
https://lists.apple.com/mailman/options/webobjects-dev/archive%40mail-archive.com

This email sent to arch...@mail-archive.com

Re: Active Directory, JNDI, EOModel

2017-07-21 Thread Chuck Hill 
Try going through a proxy like Charles.  Comparing what is sent from WO and 
from Directory Studio might highlight what is wrong.  I am sure that I did this 
many years ago, but the details escape me.  Microsoft’s standard is just a 
little…different.

Chuck

On 2017-07-21, 12:56 PM, "Webobjects-dev on behalf of Tim Worman" 
 wrote:

Yeah, I’m not using the model for authentication to AD, I’m intending to 
use simply to return EO's from AD. I’m encountering the error below when I 
simply try:

ADUser.fetchAllADUsers(pageEditingContext());

The WARN log seems to indicate that I can’t search objectClass “user.” But 
it is modeled and was reverse engineered. I’m unsure why that would be 
considering I haven’t had that issue before with other ldap services.

Tim

> On Jul 21, 2017, at 12:50 PM, Theodore Petrosky  wrote:
> 
> did you see this:
> 
> https://www.slideshare.net/wocommunity/third-party-auth-in-webobjects
> 
> I was looking to see if there was a video to go along with the slides but 
didn’t find one.
> 
> 
>> On Jul 21, 2017, at 3:10 PM, Tim Worman  wrote:
>> 
>> Has anyone used the JNDI plugin to model Active Directory? I’ve used it 
with a lot of success with other ldap directories but I’m running into a 
problem with a pretty simple model (which I’m sure has to do with AD’s 
implementation).
>> 
>> I reverse engineered our AD (Server 2016) instance with no problem - and 
only included Person and User in my model. However, when I try to do a simple 
fetch of all User (or Person) I get sth like:
>> 
>> Jul 21 11:11:23 GSEISNetTestApplication[54777] DEBUG NSLog  - Waiting 
for requests...
>> Jul 21 11:11:24 GSEISNetTestApplication[54777] WARN  
er.extensions.eof.ERXModelGroup  - Clearing previous class descriptions
>> Jul 21 11:11:24 GSEISNetTestApplication[54777] DEBUG NSLog  - Context 
factory cache is already clear
>> Jul 21 11:11:24 GSEISNetTestApplication[54777] DEBUG NSLog  - 
Connecting: {plugInClassName = "com.webobjects.jndiadaptor.LDAPPlugIn"; timeout 
= "3600"; scope = "Subtree"; username = "CN="Application Server",OU="Service 
Accounts",OU=ETU,DC=gseisnet,DC=ucla,DC=edu"; authenticationMethod = "Simple"; 
password = ""; serverUrl = "ldap://gseisnet.ucla.edu:389";; 
initialContextFactory = "com.sun.jndi.ldap.LdapCtxFactory"; }
>> Jul 21 11:11:24 GSEISNetTestApplication[54777] DEBUG NSLog  - Creating 
plug-in com.webobjects.jndiadaptor.LDAPPlugIn for JNDIAdaptor@1084219182
>> Jul 21 11:11:24 GSEISNetTestApplication[54777] WARN  NSLog  - Cannot 
search (&(objectClass=user))
>> [2017-7-21 11:11:24 PDT]  
javax.naming.NameNotFoundException: [LDAP: error code 32 - 208D: NameErr: 
DSID-0310021B, problem 2001 (NO_OBJECT), data 0, best match of:
>>  ''
>> ]; remaining name ''
>> 
>> When I use Directory Studio to perform what appears to be the same 
search, filtering on objectClass user, I get the results I would expect. I’m 
using the same bind credentials in both as well. One guess I have is the search 
base, which I have set to the base DN in Directory Studio. Is there a way to 
get a handle on the JNDI adaptor and set the search base globally in case it 
isn’t right?
>> 
>> Any other ideas? I know I’m probably off the reservation here.
>> 
>> Tim
>> UCLA GSE&IS
>> ___
>> Do not post admin requests to the list. They will be ignored.
>> Webobjects-dev mailing list  (Webobjects-dev@lists.apple.com)
>> Help/Unsubscribe/Update your Subscription:
>> 
https://lists.apple.com/mailman/options/webobjects-dev/tedpet5%40yahoo.com
>> 
>> This email sent to tedp...@yahoo.com
> 

 ___
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list  (Webobjects-dev@lists.apple.com)
Help/Unsubscribe/Update your Subscription:
https://lists.apple.com/mailman/options/webobjects-dev/chill%40gevityinc.com

This email sent to ch...@gevityinc.com


 ___
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list  (Webobjects-dev@lists.apple.com)
Help/Unsubscribe/Update your Subscription:
https://lists.apple.com/mailman/options/webobjects-dev/archive%40mail-archive.com

This email sent to arch...@mail-archive.com

Re: Active Directory, JNDI, EOModel

2017-07-21 Thread Tim Worman 
Yeah, I’m not using the model for authentication to AD, I’m intending to use 
simply to return EO's from AD. I’m encountering the error below when I simply 
try:

ADUser.fetchAllADUsers(pageEditingContext());

The WARN log seems to indicate that I can’t search objectClass “user.” But it 
is modeled and was reverse engineered. I’m unsure why that would be considering 
I haven’t had that issue before with other ldap services.

Tim

> On Jul 21, 2017, at 12:50 PM, Theodore Petrosky  wrote:
> 
> did you see this:
> 
> https://www.slideshare.net/wocommunity/third-party-auth-in-webobjects
> 
> I was looking to see if there was a video to go along with the slides but 
> didn’t find one.
> 
> 
>> On Jul 21, 2017, at 3:10 PM, Tim Worman  wrote:
>> 
>> Has anyone used the JNDI plugin to model Active Directory? I’ve used it with 
>> a lot of success with other ldap directories but I’m running into a problem 
>> with a pretty simple model (which I’m sure has to do with AD’s 
>> implementation).
>> 
>> I reverse engineered our AD (Server 2016) instance with no problem - and 
>> only included Person and User in my model. However, when I try to do a 
>> simple fetch of all User (or Person) I get sth like:
>> 
>> Jul 21 11:11:23 GSEISNetTestApplication[54777] DEBUG NSLog  - Waiting for 
>> requests...
>> Jul 21 11:11:24 GSEISNetTestApplication[54777] WARN  
>> er.extensions.eof.ERXModelGroup  - Clearing previous class descriptions
>> Jul 21 11:11:24 GSEISNetTestApplication[54777] DEBUG NSLog  - Context 
>> factory cache is already clear
>> Jul 21 11:11:24 GSEISNetTestApplication[54777] DEBUG NSLog  - Connecting: 
>> {plugInClassName = "com.webobjects.jndiadaptor.LDAPPlugIn"; timeout = 
>> "3600"; scope = "Subtree"; username = "CN="Application Server",OU="Service 
>> Accounts",OU=ETU,DC=gseisnet,DC=ucla,DC=edu"; authenticationMethod = 
>> "Simple"; password = ""; serverUrl = 
>> "ldap://gseisnet.ucla.edu:389";; initialContextFactory = 
>> "com.sun.jndi.ldap.LdapCtxFactory"; }
>> Jul 21 11:11:24 GSEISNetTestApplication[54777] DEBUG NSLog  - Creating 
>> plug-in com.webobjects.jndiadaptor.LDAPPlugIn for JNDIAdaptor@1084219182
>> Jul 21 11:11:24 GSEISNetTestApplication[54777] WARN  NSLog  - Cannot search 
>> (&(objectClass=user))
>> [2017-7-21 11:11:24 PDT]  javax.naming.NameNotFoundException: 
>> [LDAP: error code 32 - 208D: NameErr: DSID-0310021B, problem 2001 
>> (NO_OBJECT), data 0, best match of:
>>  ''
>> ]; remaining name ''
>> 
>> When I use Directory Studio to perform what appears to be the same search, 
>> filtering on objectClass user, I get the results I would expect. I’m using 
>> the same bind credentials in both as well. One guess I have is the search 
>> base, which I have set to the base DN in Directory Studio. Is there a way to 
>> get a handle on the JNDI adaptor and set the search base globally in case it 
>> isn’t right?
>> 
>> Any other ideas? I know I’m probably off the reservation here.
>> 
>> Tim
>> UCLA GSE&IS
>> ___
>> Do not post admin requests to the list. They will be ignored.
>> Webobjects-dev mailing list  (Webobjects-dev@lists.apple.com)
>> Help/Unsubscribe/Update your Subscription:
>> https://lists.apple.com/mailman/options/webobjects-dev/tedpet5%40yahoo.com
>> 
>> This email sent to tedp...@yahoo.com
> 

 ___
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list  (Webobjects-dev@lists.apple.com)
Help/Unsubscribe/Update your Subscription:
https://lists.apple.com/mailman/options/webobjects-dev/archive%40mail-archive.com

This email sent to arch...@mail-archive.com

Active Directory, JNDI, EOModel

2017-07-21 Thread Tim Worman 
Has anyone used the JNDI plugin to model Active Directory? I’ve used it with a 
lot of success with other ldap directories but I’m running into a problem with 
a pretty simple model (which I’m sure has to do with AD’s implementation).

I reverse engineered our AD (Server 2016) instance with no problem - and only 
included Person and User in my model. However, when I try to do a simple fetch 
of all User (or Person) I get sth like:

Jul 21 11:11:23 GSEISNetTestApplication[54777] DEBUG NSLog  - Waiting for 
requests...
Jul 21 11:11:24 GSEISNetTestApplication[54777] WARN  
er.extensions.eof.ERXModelGroup  - Clearing previous class descriptions
Jul 21 11:11:24 GSEISNetTestApplication[54777] DEBUG NSLog  - Context factory 
cache is already clear
Jul 21 11:11:24 GSEISNetTestApplication[54777] DEBUG NSLog  - Connecting: 
{plugInClassName = "com.webobjects.jndiadaptor.LDAPPlugIn"; timeout = "3600"; 
scope = "Subtree"; username = "CN="Application Server",OU="Service 
Accounts",OU=ETU,DC=gseisnet,DC=ucla,DC=edu"; authenticationMethod = "Simple"; 
password = ""; serverUrl = "ldap://gseisnet.ucla.edu:389";; 
initialContextFactory = "com.sun.jndi.ldap.LdapCtxFactory"; }
Jul 21 11:11:24 GSEISNetTestApplication[54777] DEBUG NSLog  - Creating plug-in 
com.webobjects.jndiadaptor.LDAPPlugIn for JNDIAdaptor@1084219182
Jul 21 11:11:24 GSEISNetTestApplication[54777] WARN  NSLog  - Cannot search 
(&(objectClass=user))
[2017-7-21 11:11:24 PDT]  javax.naming.NameNotFoundException: 
[LDAP: error code 32 - 208D: NameErr: DSID-0310021B, problem 2001 
(NO_OBJECT), data 0, best match of:
''
]; remaining name ''

When I use Directory Studio to perform what appears to be the same search, 
filtering on objectClass user, I get the results I would expect. I’m using the 
same bind credentials in both as well. One guess I have is the search base, 
which I have set to the base DN in Directory Studio. Is there a way to get a 
handle on the JNDI adaptor and set the search base globally in case it isn’t 
right?

Any other ideas? I know I’m probably off the reservation here.

Tim
UCLA GSE&IS ___
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list  (Webobjects-dev@lists.apple.com)
Help/Unsubscribe/Update your Subscription:
https://lists.apple.com/mailman/options/webobjects-dev/archive%40mail-archive.com

This email sent to arch...@mail-archive.com

ERXFileUtilities rendering file name's type extension unusable

2017-07-21 Thread Fabian Peters 
Hi all,

This is a bit of a quiz question. The method pasted below replaces any two dots 
("..") in a file name with a single underscore ("_"). If the user uploads a 
file named "Test..doc", it ends up as "Test_doc". Which is less than ideal 
because often one wants to get some idea about the file type by looking at the 
extension. 

Apparently Mike's (it's his code) intent was security-related. Can anyone come 
up with a potential vulnerability beyond the case of a file named ".."? (Which 
could theoretically lead to a file being written to the parent directory of the 
destination, though I haven't been able to actually do this.)

cheers, Fabian

/**
* Returns the file name portion of a browser submitted path.
* 
* @param path the full path from the browser
* @return the file name portion
*/
public static String fileNameFromBrowserSubmittedPath(String path) {
String fileName = path;
if (path != null) {
// Windows
int separatorIndex = path.lastIndexOf("\\");
   // Unix
if (separatorIndex == -1) {
   separatorIndex = path.lastIndexOf("/");
   }
// MacOS 9
   if (separatorIndex == -1) {
separatorIndex = path.lastIndexOf(":");
   }
   if (separatorIndex != -1) {
fileName = path.substring(separatorIndex + 1);
   }
   // ... A tiny security check here ... Just in case.
   fileName = fileName.replaceAll("\\.\\.", "_");
}
return fileName;
}

 ___
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list  (Webobjects-dev@lists.apple.com)
Help/Unsubscribe/Update your Subscription:
https://lists.apple.com/mailman/options/webobjects-dev/archive%40mail-archive.com

This email sent to arch...@mail-archive.com

Re: Migrating to google cloud

2017-07-21 Thread Theodore Petrosky 
I have a similar need. I have been moving to AWS. It was easy to set up a 
centos (or any other flavor linux) instance. In my case, I set up separate 
instances. One for the database and one for the apps. Although you could use a 
single box (instance) for both the database and app server.

I have never used nginx so I can not comment. 

I would be happy to tell you how I went about my many experiments setting 
things up. I have only used wotaskd and womonitor. They have always worked well 
for me.

Ted

> On Jul 21, 2017, at 1:05 PM, Mark Wardle  wrote:
> 
> Dear all,
> 
> I am migrating some services to google cloud. I now have a mixture of micro 
> services (Apache Cayenne / Bootique) and older (but working well and still 
> very much alive and in development) WO applications. These have traditionally 
> been hosted on the NHS or more recently on linode, but I’ve take the decision 
> to make these applications more widely available.
> 
> I am used to a simple single server with PostgreSQL, Monitor and wotaskd  so 
> this is a bit of a leap. I’d like to take advantage of Cloud SQL 
> (https://cloud.google.com/sql/ ) running 
> PostgreSQL, and probably use nginx as a front-end for future load-balancing 
> with WO instances run from a command-line. 
> 
> Has anyone done something similar? Does this sound sensible? Are there any 
> gotchas that are going to catch me out? Am I better running monitor / wotaskd?
> 
> All advice appreciated,
> 
> Best wishes,
> 
> Mark
> 
> -- 
> Dr. Mark Wardle
> Consultant Neurologist, University Hospital Wales, Cardiff, UK
> Email: mark.war...@wales.nhs.uk  or 
> m...@wardle.org   Twitter: @mwardle
> Telephone: 02920745274 (secretary) or facsimile: 02920744166
> 
> 
> 
> 
> 
> ___
> Do not post admin requests to the list. They will be ignored.
> Webobjects-dev mailing list  (Webobjects-dev@lists.apple.com)
> Help/Unsubscribe/Update your Subscription:
> https://lists.apple.com/mailman/options/webobjects-dev/tedpet5%40yahoo.com
> 
> This email sent to tedp...@yahoo.com

 ___
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list  (Webobjects-dev@lists.apple.com)
Help/Unsubscribe/Update your Subscription:
https://lists.apple.com/mailman/options/webobjects-dev/archive%40mail-archive.com

This email sent to arch...@mail-archive.com

Migrating to google cloud

2017-07-21 Thread Mark Wardle 
Dear all,

I am migrating some services to google cloud. I now have a mixture of micro 
services (Apache Cayenne / Bootique) and older (but working well and still very 
much alive and in development) WO applications. These have traditionally been 
hosted on the NHS or more recently on linode, but I’ve take the decision to 
make these applications more widely available.

I am used to a simple single server with PostgreSQL, Monitor and wotaskd  so 
this is a bit of a leap. I’d like to take advantage of Cloud SQL 
(https://cloud.google.com/sql/ ) running 
PostgreSQL, and probably use nginx as a front-end for future load-balancing 
with WO instances run from a command-line. 

Has anyone done something similar? Does this sound sensible? Are there any 
gotchas that are going to catch me out? Am I better running monitor / wotaskd?

All advice appreciated,

Best wishes,

Mark

-- 
Dr. Mark Wardle
Consultant Neurologist, University Hospital Wales, Cardiff, UK
Email: mark.war...@wales.nhs.uk or m...@wardle.org  Twitter: @mwardle
Telephone: 02920745274 (secretary) or facsimile: 02920744166





 ___
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list  (Webobjects-dev@lists.apple.com)
Help/Unsubscribe/Update your Subscription:
https://lists.apple.com/mailman/options/webobjects-dev/archive%40mail-archive.com

This email sent to arch...@mail-archive.com