Identity Management (IdM) needs change as an organization grows in size. For an example, I’ll describe a fictional company, and take it from the smallest to largest stages. While, to some degree, the industry of this firm really doesn’t matter, I am going to use a small import business started by a single individual and scale it up to a multinational corporation. As the organization grows in size, the technical needs will drive the scope and scale of the identity management solutions required.
(This is my writing Cross posted from the FreeIPA wiki)
I gave a presentation to some of the other teams at Red Hat about our approach on the WebUI. Here are a couple of the graphics from the presentation.
This is the “class” diagram for our UI toolkit. It doesn’t show everything. Instead it is intended to orient you to the most important aspects of the toolkit.
The second is an old-school flow chart. The Angled boxes indicate IO, the square boxes are browser side operations.
The bottom of the diagram is pretty much an endless loop. The yellow box represents the waiting state of the application: from there you can see the four types of events that change the state of the application.
(reposted from the mailing list)
The FreeIPA project team is pleased to announce the availability of the Beta 1 release of freeIPA 2.0 server .
Here is the current list of technologies on my horizon, not all of which I am completely clueless:
- Struts and Tiles…did this before but it has been a few years.
Of course, there are also my completely unrelated side projects cpp-resolver and the bproc work, both of which go in completely differnt directions. My brain hurts…but it is a good kind of hurt. And yet, strangely, in my brain these all fit together into a single consistent whole.
Certain portions of an application function as a registration point, whether they are in the native language of the project or a configuration file read in. These files provide a valuable resource to the code spelunker. For instance, when starting to understand a Java web archive, the standard directory structure with WEB-INF/web.xml provides a very valuable starting point. Just as reading C Code you can start with main. The dependency Collections often are an xml file, like struts-config.xml, or the Startup portion of a Servlet.
The concept in Inversion of Control is that you separate the creation policy of the object from from the object itself, such that the two can be varied independently. Often, a project that otherwise does a decent job of cutting dependencies via IofC will build a dependency collector as a way to register all of the factories for the components. The xml files that Spring uses to define all of the control functions are dependency collectors just as surely as a C++ file with an endless Init function that calls “registerFactory” for each component in the inventory.
As you might be able to tell from my tone, I respect the usefulness of the dependency collector, but still feel that there is a mistake in design here. In C++, you can specify a chunk of code guaranteed to run before main that will initialize your factories, so the language provides support for IofC. In Java, classes can have static blocks, but this code only get executed if the class file is somehow referenced, which means this is not a suitable mechanism for registering factories. The common approach of using XML and Introspection for factory registration violates the principle of not postponing until runtime that which should be done at compile/link time.
So I give myself two goals. 1) To find a suitable Java based mechanism for registering factories and 2) to provide a method to compensate for the lack of orientation that a dependency collector provides.
Having torqued my back last year at the climbing gym, I have been pursuing a regime of physical therapy in an attempt to get back into climbing shape. I’ve done a lot of damage to my body climbing and wrestling over the years. My injury from last year was cumulative on top of a right shoulder injured three times: twice in High School Wrestling and then again in 2002, weeks before my wedding. I did minor PT for it then, and got a cortisone shot. It seemed to have healed, but the right shoulder blade sticks out further than the left, so it can’t be in factory condition. The damage done last year was in the middle of my back, manifested just below the left shoulder blade. It feels like a perpetual knot. My back sounds a lot like a rice breakfast cereal upon application of milk. The worst is that my lower back was seizing up.
It seems that when the shoulder healed, it applied a lot of pressure on the spine in the vicinity of the shoulder blades, along the muscles called the rhomboids. Climbing in general causes you to hyper-extend your back while reaching for holds, and the rhomids take a beating they are not really designed to take. In myu case, there appears to be a related tear along the serratus muscle, that lies along the rib and attaches to the spine about three inches below the shoulder blade. Nothing is completely conclusive, as we haven’t seen the actual damage in an MRI yet (thanks to my HMO) but we’ll get there.
While not all is well yet, I feel I am on my way. I’ve gathered a bunch of exercises that, if I had been doing all along, would have helped prevent the injury. Here’s the complete list. I will attempt to post pictures of the various stretches as I get them taken.
Lat stretch (pray to Allah)
Shoulder Stretch Arm Cross Body, Shoulder Blade immobilized
Cross Cable Flys
Pec Stretch in Doorframe
Standing Quad Stretch
Arch over Roller
Towel along Spine
Cable Row and Twist
Surgical tube in the doorframe: abduct
Surgical tube in the doorframe: adduct
Surgical tube pull down
Arm Wrestle Stretch.
Here’s the first picture: This is a great rotator cuff stretch. Note that the shoulder blade is immobilized against the floor. This is a good one to let go for a long time: I did it for over a minute, and watched my arm get closer and closer to the floor.
I needed to initialize a file as part of a unit test. The file conatined binary data. My first thought was UUEncoding, which quickly got upgraded to Base64 encoding. To get it into a format that would then work in Java or C code I used the following line of BASH.
base64 < rui.pfx | sed -e ‘s!\\!\\\\!g’ -e ‘s!\”!\\\”!g’ -e ‘s!$!\\n\”!’ -e ‘s!^!+\”!’
It was for testing a decrypter from using a key generated by SSL.
It is important to double the slashes already existing in the file before you add your own.
Note, I added this as a way to remeber how to put binary Data into code, not as a recommendation for how to mock up for unit test. The correct solution was to use:
InputStream inputStream = this.getClass().getResourceAsStream(
No, we are not entering the time of Atlas Shrugged. No, Obama’s plan to deal with the economic melt down is not the same thing as the various acts passed during Atlas Shrugged. No, we are no about to enter a world dominated by socialism.
If you feel the need to drop out of society and move to a valley in Colorado, please feel free to do so. I will be understandably jealous.
After the dot com bubble burst, I worked as an independent contractor in software for a few years. This is extremely common in the field. Some companies will hire independents outright, where as many others make you go through contracting firms to mitigate risk. (There was a lawsuit regarding compensation and stock options at Microsoft that caused this, worth googling and reading about). I set up an LLC that I used for a couple of the projects. I want to record a few of the lessons that I learned.
I leanred that when figuring negotiating price, I needed to remember to factor in Health Insurance, which is much higher for a single payer than for a member of a large organization. I had to pay both sides of payroll tax (roughly 15%) but you then could deduct half of that as a business expense. The math gets a little tricky, but I would say that I was paying about 5% more in taxes than I would have as a salaried employee. There are tax benefits: you can expense much more than you can as a full time employee. Many of these additional costs to me would have been norne by the comapny that issued me a W2 if I had been a Full Time Employee.
Regardless of the setup between me and the company, I treated it just like I was a company, and separated out the money I earned as an LLC from the money I paid to myself as an employee. Except for the times I had to work through a body shop that issued a W2, I had to deal with paying both state and federal taxes. I didn’t pay income tax directly out of your monthly pay, so I held on to the tax money for an average of 1 month an a half longer, which I could invest. There is a final accounting done at the end of the year. There are books on this. I had a good accountant.
One thing I learned to watch is the length of the contracts. Once a contract ends, if I didn’t have another lined up, I went without work, but was still paying the mortgage. It was up to me to fill in my own schedule. I spent a good deal of the time working on my own software, and a lot of time cleaning the apartment.