Puakma: Under the hood

I'm Brendon Upson, jack-of-all-trades, master of one or two. I'm talking about life running a small ISV tackling business issues and leaping technology hurdles in a single bound.

webWise Network Consultants is based in Sydney, Australia and develops the groundbreaking Tornado Server technology.

A look into the next release of Vortex

Filed under: by Brendon Upson on 2006-02-24

Our Vortex IDE has officially been forked into a 1.1 release. While we patch the bugs in 1.0, 1.1 is in full swing. The biggest thing in 1.1 will undoubtedly be a GUI database designer. This is a great visual way to see how tables are related and also makes designing tables much faster.

Vortex Database Editor 

Office move

Filed under: by Brendon Upson on 2006-02-19

Last week saw us move to a new office. It's great spot in the Parramatta CBD. On Saturday a couple friends help move the new seven foot 47RU server racks up three flights of fire stairs into their new location. Picked a great day to move them as it was 41 degrees C! Many thanks to Andrew and Bruce for the help - definitely couldn't have done it without you.

Next task was the cabling of the office. It came prewired with cat5 and we also have a wifi network. Unfortunately the cat5 all went to the wrong end of the room and had had its RJ45 connectors cut off, leaving just a spray of UTP cables. Luckily the extra tall Bruce helped rerun the cabling to the new racks through the roof cavity where we added new RJ45 connectors to the ends of the wires.

I don't know how many of you have attempted to wire up a RJ45 connector, but (IMHO) it's deceivingly difficult. You have 8 colour-coded wires that need to fit into a moulded plastic connector. Easy right. Nope. My first attempts at home earlier in the week resulted in 5 incorrectly wired connectors, a cable tester is a must! A quick search located a cabling diagram off the net and I finally got it right.

Of course the office had its own complexities. It seems cat5B is the most common wiring method, so I (wrongly) assumed this was how the wall sockets were wired. After attaching one RJ45 connector cat5B style, I quickly discovered (through the cable tester) that the plugs were cat5A. I cut the connector off and attached a new one. This time I inadvertently put the connector on upside down (easy mistake, trust me) which wired the plug backwards. As the cable tester counted 1 through 8, the remote end ot the tester (at the wall socket) counted 8 backwards to 1. Damn. Third time lucky...

18 RJ45 connectors later and we were networking like a pro ;-) It was fun, just don't ask me to do it again... 

Web Booster and Kerberos/NTLM: It's done!

Filed under: by Brendon Upson on 2006-02-16

Hot off the press the code is finished now. Exciting! We have spent this morning adding an online debugging method so you can see how Booster is configured. This is very useful, especially for debugging Windows SMB issues. Here's some sample output:

--------------- snip
Client authentication method is "WWW-Authenticate: Negotiate" (browsers will select Kerberos OR NTLM)
WARNING: Client credentials will NOT be verified against a Domain Controller
Users will be located in LDAP using their full name and domain (eg "NTDOMjsmith" or "jsmith@YOUR.COM")

Domain controllers for domain: WNC
192.168.0.153
NetBIOS name resolution took: 2ms

Load Balancing is ON. NTLM authentication will be performed against the DCs listed above.

--------------- snip
From this you can see what domain controllers are available for "WNC", whether there are any timeout issues to find the list of DCs, whether clients will will use Kerberos or NTLM etc.

I gotta say, this came out much better than I was hoping :-) IT ROCKS! I was unsure if we'd be able to do NTLM and Kerberos simultaneously and how convoluted the configuration would then become. The good news is all the existing NTLM setup parameters are supported, and we add about 4 more for enabling Kerberos. Now to update the documentation and send it out to the customers. And sleep.

It had to happen

Filed under: by Brendon Upson on 2006-02-14

My blog has been comment spammed by some idiot:

Your site is pretty good! ------------------------------- Visit my resources:Cialis[url=http://cialis123buy.journalspace.com]Cialis[/url] Levitra[url=http://levitra-order.journalspace.com]Levitra[/url] online casino[url=http://lol.to/bbs.php?bbs=onlinegames]online casino[/url] hk915dzr-600428839 Comment posted by Phentermine on 2006-02-14 12:08:29.0

Just who buys this sh!t?? If noone bought the crap, then the ads would be pointless and they would disappear. Instead we all have to work harder to come up with ways to stop these guys ruining the web for everyone, so today I added some simple protection to stop bots posting to this weblog. I know it's a temporary workaround, but should be ok for a while, we'll see. The flip side is there may be now some browser who can't post comments. In my case no big issue ;-)

/sigh.... 

 

Web Booster does Kerberos

Filed under: by Brendon Upson on 2006-02-14

We've been busy here working on a Kerberos solution for our "Web Booster Enterprise Single Sign On" product. This is a very specialised addon for Web Booster that allows a user to simply point their browser at Web Booster and be automatically authenticated to a Domino or WebSphere server using Ltpa tokens. The core product (using NTLM authentication and WebSphere style Ltpa tokens) has been in the making for many months, due ot the lack of documentation on the Ltpa format from IBM. As is always the case, just when you think you;re done a customer comes along and asks for a variation upon the theme - in this case using Kerberos instead of NTLM.

NTLM (NT Lan Manager) is the pre-Win2K way for clients to authenticate (automagically) with Windows NT servers. It works on a challenge response basis with a final hash supplied by the client being checked against a Windows Domain Controller. NTLM works quite well, although performance could be better (due to the number of challenges/responses and verification against the DC). Kerberos on the other hand is much faster, more secure and is not neccessarily tied to the Win2K platform (although I would estimate almost all customers would use it that way).

As is always the way, the path to glory has not been an easy one. It turns out that Windows uses SPNEGO token which are "wrapped" Kerberos tokens. Fortunately jcifs-ext came to the rescue and once we had set up the test environment correctly and worked out how the API could be ported to Booster, we were away. Now we're just crossing the t's and dotting the i's :-). Customers who have already purchsed the NTLM version will get a free upgrade to the NTLM and Kerberos version.

We've also been thinking about bundling a Tornado web application with Web Booster to enable the configuration and management of it through a web browser interface. We will investigate this over the next few months. 

 

Laptop LCD screen repair

Filed under: by Brendon Upson on 2006-02-08

My old Sony Vaio PCG-GRX3P (hell expensive when I bought it) has for the last few months experienced an intermittently faulty LCD backlight. A couple of weeks ago I decided to get it repaired so sent it in to my local Sony repairer. Nearly fell off my chair when I got the quote for 770 dollars (which I had to pay 99 dollars for) for an entire new LCD panel. At that price it is not feasible to repair - the laptop is about 4 years old and other components will be likely going to the big electronic graveyard in the sky soon. For under 1000 dollars you can now get a pretty good brand new laptop.

So. I decided to do some research on possible problems with the screen. I was fairly sure the screen was OK because only the backlight goes on and off. Research indicated it was most likely a) the backlight b) the inverter c) a connection between. Knowing the backlight does work sometimes, I was sure the backlight was OK. The backlight is essentially a tiny fluoro light, so I reckon if it was dead we'd get nothing - no intermittent blink. That narrowed the field to inverter or connection. My money was on the inverter.

At this point I did what all good nerds do and dismantled the screen into pieces so I could see what I was dealing with. To my surprise when I messed about with the inverter and shorted a couple of bits out the screen came to life (BIG WARNING: DO NOT DO THIS UNLESS YOU HAVE A VAGUE CLUE WHAT YOU ARE DOING. YOU WILL DIE. Inverters have an output to the CCFL (backlight) of between 700-1000 volts. This is enough to kill you until you're dead). So I was now 90% sure the inverter was the issue.

Jumped on to ebay and searched for the part number on the inverter. Presto. A company in Chicago USA was selling one for 25 USD. Ordered. Done. Wait about a week for delivery.

It arrived today and I popped it into the LCD panel. Worked perfectly. Total time to install and reassemble, about 10 minutes. Total cost 38USD. Plus of course the 99 dollars it cost to get a quote for the replacement of a part that was not broken. Think I might write them a nasty letter.

The Model View Controller Model (MVC)

Filed under: by Brendon Upson on 2006-02-08

MVC is the architecture espoused by all and sundry as the epitome of "proper" development. Conceptually it makes sense. The reality falls a little short.

We were discussing the relaitve merits of different application servers here at WNC the other day and discovered that although we strive to separate the visual stuff from the business logic, there is always some overlap. J2EE, as an example, has JSPs and servlets as the main two application design components. The servlet is normally used for logic and heavy lifting (let's not talk about EJBs in this context, as few people actually use them) while the JSP provides the visual layout. Problem is you can poke layout into servlets and (more dangerously) you can poke logic into JSPs.

I've never been a fan of JSPs purely because the ugly mix of html markup and Java code all in the same file. For this reason we went with p-tags in pages in Tornado server. The p-tag simply denotes a field you have no ability to put any kind of server-side logic into Pages. Actions are a little less clear and are most like servlets (or web query open agents in Domino). In Actions there is the ability to blur the line between presentation and logic.

It's all about compromise. I think we strive for perfection but always have to compromise at some point between delivering the solution and coming up with the perfect logical design. The difference between a good and bad system is where that compromise point occurs.

Web 2.0 Hoopla

Filed under: by Brendon Upson on 2006-02-01

Running a company in the IT industry you have to continually look at trends and evaluate new technology as it comes along for fear of becoming a "legacy provider" - yesterday's news. The trick is to look a few years into the future, try to predict where the industry is heading and start to manouvre the company towards the target. Not so easy, roll the dice baby...

Some time ago I started seeing this "Web 2.0" about the place. Immediately thinking "Oh no, a whole new Internet is coming and I completely missed it. We're DOOMED I tell you, DOOMED!".

Breathe in, breathe out. Repeat.

After a little digging, it would appear Web 2.0 is a crock. Seems to be built on another buzzword: AJAX. Web 2.0 is really applications that are a little more interactive. Flickr is (apparently) a Web 2.0 app. Hmmm. A service for uploading and dsplaying photos. Doesn't sound so revolutionary does it?

I have decided we will be skipping Web 2.0 completely and move right on to Web 3.3. See you there.