Microsoft Active Scripting

Internet Explorer prompted a message telling me to turn on ActiveScripting that it defines as:

Active scripting is a Microsoft technology that allows different software components to interact with one another in a networked environment (in this case, the Internet), regardless of the language in which the components were created. Active scripting is what allows Web pages to use animation and to change their content dynamically.

But really, I think the explanation should be this:

Active scripting is a Microsoft technology that allows different vulnerable components to interact with hackers in a networked environment (in this case, the Internet), regardless of safety precautions you take to stop the components from being installed.  Active scripting allows Web pages to install malicious software and infect your system dynamically.

After 15 years of trojans, viruses, and other malware infecting Windows systems through this feature in Internet Explorer, the same type of tricks used to hack peoples' systems as they browse the Internet still work.

Domain Modeling

In researching for how to model a rather complex project for a course (ISYS 350 Building Business Applications).  I came across something quite by accident when pursuing the book titled Pro ASP.NET MVC Framework by Steven Sanderson.  He introduced Domain Modeling.

From what I discerned, I noted the following:

There are these components: entities, value objects, and aggregates.

The entity has an ongoing identity throughout its life time and has a unique (primary) key, while value objects are defined purely by value of attributes, are logically immutable, and have no key.

An aggregate is an arrangement of entities into a group that share some related function.  An aggregate has a root entity that can be related to entities outside of the aggregate.

What I was thinking was that this is a good model to design business applications and it can provide a common language for both engineers and business professionals, much in the same way E-R (Entity-Relationship) modeling works for relational databases and SQL. 

These types of modeling methodologies can help align technology pursuits to the business needs, something that is perfectly align to roles of business analysts, an area of my interest lately.

The author also mentions Domain Driven Design (DDD) who he credits to another author, Eric Evans.  Eric Evans published a book titled Domain-driven design: tackling complexity in the heart of software.  At some point, I would like to thumb through this book...

Citing UNIX Man Pages in MLA format

My professor for CS 260A Linux System Administration at CCSF wanted me to cite my sources that I used for my presentation.  I did a small Single Sign On presentation covering mainly PAM (Pluggable Authentication Modules) and NSS (Name Service Switch).

As a lot of research in UNIX or Linux requires references help files within operating system (man pages), I was wondering, just how does one cite man pages?

I think the man pages as sources of information are just as legitimate as any other source.  But unfortunately, I could not find any reference online to how to do this.  Thus, I invented a standard, using pieces from citing Encyclopedias and from referencing web pages. 

So far I came up with this:

• "Man Page Title." Operating System Version Name, Name Version. Man Page Tomb, Date: Man Page Reference. Shell. Date Accessed <command-to-get-man-page>

These would be some examples:

• "Pluggable Authentication Modules for Linux." Karmic Koala, Ubuntu 9.10. Linux-Pam Manual, August 2008: pam 7. Shell. 8 May 2010 <man pam>.
• "System Databaes and Name Service Switch configuration file." Karmic Koala, Ubuntu 9.10. Linux Programmer's Manaual, January 1999: nsswitch.conf 5. Shell. 8 May 2010 <man nsswitch.conf>.
• "System wide and per-user daemon/agent manager." Snow Leopard, Mac OS X 10.6.3. BSD System Manager's Manual, May 1999: launchd 8. Shell. 20 May 2010 <man launchd>.

Single Sign On

I was a guest presenter at CCSF (City College of San Francisco) for a CNIT 270 Linux Network Administration course.  My topic was Single Sign On.  I found that this topic is immense and felt challenged to organize the material as well as relate it to the students.  

Many were overwhelmed and some seemed bored at points, while a few were familiar with the topics and had some good questions.  I organized the sections as:

• Business Case
• System Admin. Configuration
• Network Admin. Configuration
• Final Notes

Here's the presentation I did:

The students asked some great questions (answers and links indented):

• Writing scripts and leveraging off of Kerberos authentication?
• Perl has modules that support SASL
• http://search.cpan.org/~gbarr/Authen-SASL-2.1401/lib/Authen/SASL.pod
• SASL supports Kerberos authentication
• http://asg.web.cmu.edu/sasl/
• http://www.sendmail.org/~ca/email/cyrus/sysadmin.html
• http://wiki.dovecot.org/Sasl
  
• Policies and Automation like Active Directory's Group Policy Objects?
• Change Configuration area has two popular tools: 
• cfengine - http://www.cfengine.org/
• puppet - http://www.puppetlabs.com/
  
• How Kerberos is configured to setup file permissions?
• This is area under authorization
• File permissions can use POSIX ACLs
• Reference:  
• NFSv4  - http://www.nfsv4.org/
• Andrew File System (OpenAFS) - http://www.openafs.org/
• CIFS (SAMBA) - http://www.samba.org/ and http://www.snia.org/tech_activities/CIFS/
• Postgres support?
• Authentication section in Postgres documentation has details 
• http://developer.postgresql.org/pgdocs/postgres/auth-methods.html
• Apache support?
• module referenced in presentation has support 
• http://modauthkerb.sourceforge.net/
• Scalability/Performance?
• needs to be tested to find trade-offs
• commercial solutions scale better, but small setup should be fine
• http://vintela.inside.quest.com/index.jspa
• http://www.centrify.com/directcontrol/overview.asp
• http://www.likewise.com/index.php
• http://www.novell.com/products/edirectory/

Dabbling with Web Style Sheets

Today I just kicked off one of my projects for a class (ISYS 350 Building Business Applications) at SFSU to do form processing through JSP (Java Server Pages) and JavaScript.  It's a really basic assignment where I have to calculate monthly payments.  As I was doing this assignment, I recalled cool web tricks I learned from a Japanese book on the topic.  I wondered if I could recreate some of these effects.  So I searched for rounded corners and color schemes on the Internet.

I found two sites that drew my attention.  One was this awesome tutorial on the new exciting CSS3 (Cascading Style Sheets version 3), which allow you to create awesome special effects without resorting to images or Flash.  Only text is downloaded and the browser handles the special effects.  All the browsers, except Internet Explorer support these new features.  Check the tutorial out at: http://www.zenelements.com/blog/css3-introduction.

Another place was this German site (http://crosstec.de/) that had some inexpensive kits to create very attractive form user interfaces.  I will probably use these in the future, but until then I was able to gather enough information to dress up my project:

After adding this, the assignment was more exciting to complete.