Skip to content

Setting up a computer for Flash development

Tuesday, November 20, 2007

There are several tutorials out there on how to do this, but they all differed a little, and figured I might as well note mine.  I’m replicating the setup I have at work onto a home computer, so this is my second time around.

  1. Download and install Eclipse, the java version should be just fine
  2. Pick a directory for your flash projects.  For this guide, I’m using the Eclipse default, “C:\Documents and Settings\Ryan\workspace”
  3. Download the Flex 2 SDK, unzip it into a “Flex 2 SDK” folder in your project directory
  4. Download the Flex Ant tasks, and unzip the file into a directory in your project directory
  5. Install whatever version control tools you prefer
  6. Open Eclipse, get to the workspace view
  7. Make a new “General” project for the Flex 2 SDK
  8. Go to Window->Preferences, select the Ant->Runtime node in the tree
  9. Go to the “Classpath” tab, select “Ant Home Entries (default)”, and then click “Add External JARs”
  10. Select the flexTasks.jar from the flex ant folder.
  11. Click OK
  12. Go to the “Tasks” tab, select “Add Task”
  13. Name it “mxmlc”, and choose the flexTasks.jar from the dropdown
  14. In the tree view, navigate to / -> flex2 -> ant, and then select MxmlcTask.class from the right pane
  15. Click OK
  16. Go to the “Properties” tab, select “Add Property”
  17. Name it “FLEX_HOME”, and make the path to your Flex 2 SDK folder
  18. Click OK
  19. Click OK

Now you’re ready to start the hard part, actually making your flash program.

Filed in flash, open source, windows | | Comments (2)

Bored before work

Tuesday, November 13, 2007

I played around with the new wigflip toy, automotivator:

infinite-recursion.jpg

Filed in bored | | Comments (1)

Graphing my fuel efficiency with lisp and Vecto

Sunday, October 7, 2007

Gonna try to be quick about this, as there’s chicken on the grill. I took a break from Team Fortress 2 to play some more with Vecto, another fine library from Xach. I started another post about last weekend’s lisp playing, but this one got finished first.

I’ve been tracking my fuel efficiency for a few weeks, noting the date, gallons purchased, price per gallon, and miles since last refill. You can’t control what you don’t measure. I had a ruby script keeping up with these as YAML and then giving me some handy stats, but I’m trying to gain some levels in lisp, so I decided to fire up slime and make some graphs.

The graph isn’t pretty, but here’s my miles per gallon:

graph.png

As usual, I pulled up my favorite lisp tutorial and #lisp, and after a few hours, I had a graph. Given my logging fetish, I imagine I’ll be growing the graphing capabilities in the future.

Right now, the implementation is a little weird. I have an class for a fuel entry, and then convert the date to a universal-time using net.telent.date. Then in my graphing function I use the universal time for the x values, and any number of functions for the y values (defaulting to #’mpg-of). In order to get the graph to take up most of the canvas, I then normalize the x and y values, so the minimum is 0 and the maximum is 1, and then scale the number to fit the canvas size before drawing.

I still consider myself a lisp beginner, and there are some bits I’m sure could be more efficient, but it works for now. Those interested in the code can get it here: fuelman.tar.gz, and any feedback in comments is much appreciated.

Update: Played with it a lot more, simplified my normalization crap a lot using loop instead of mapcar, and pulled it into a couple of objects: graph, graph-series, and fuel-graph-series.  Also linked the source above as a proper .tar.gz file, after reading how to do that in wordpress.  The aesthetics are still terrible, but it’s getting there:

graph1.png

Filed in code snippet, lisp, open source, vecto | | Comments Off on Graphing my fuel efficiency with lisp and Vecto

Debugging Shibboleth and “error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad certificate” errors

Friday, July 13, 2007

Mucking about with Shibboleth again, and ran into some errors on the SP, specifically:

2007-07-10 19:49:42 DEBUG SAML.libcurl [79] sessionGet: SSL read: error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad certificate, errno 0

This is the “catch-all” error message for Shibboleth OpenSSL Errors. After much research and testing, it was a problem with the IdP, their server was rejecting my client certificate.

How it should work (I think)

  1. User requests protected content on the SP
  2. SP redirects to the IdP for authentication
  3. IdP authenticates user, sends an SSL (with client certificae) SOAP request to the SP with some info, and then redirects the user back
  4. SP validates SOAP request by comparing client certifacte with a white-list in the shibboleth metadata
  5. SP sends an SSL (with client certificate) SOAP request to IdP to get more information about the user (in my case, a username so I can identify them in my database)
  6. IdP validates SSL cert of SP with a white-list in their shibboleth metadata, responds with whatever information was requested
  7. SP uses that information to serve or deny access to the user from step 1

SSL cert problems can happen at steps 4 and 6. You can test these somewhat by using openssl on the command line. Openssl has about a brazillion options, but the one useful here is s_client(1).

Be sure the SP recognizes the IdP’s certs

First up, check that the SP has the IdP’s certs in order:

openssl s_client -connect HOST:443 -showcerts

That will give you back the certificate chain:

Certificate chain
0 s: SUBJECT FOR THE IDP
i:/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at https://www.verisign.com/rpa (c)05/CN=VeriSign Class 3 Secure Server CA
—–BEGIN CERTIFICATE—–
ASCII JUMBLE
—–END CERTIFICATE—–
1 s:/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at https://www.verisign.com/rpa (c)05/CN=VeriSign Class 3 Secure Server CA
i:/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority
—–BEGIN CERTIFICATE—–
ASCII JUMBLE
—–END CERTIFICATE—–

Server certificate
subject=SUBJECT FOR THE IDP
issuer=/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at https://www.verisign.com/rpa (c)05/CN=VeriSign Class 3 Secure Server CA

some other stuff…

The issuing certificate (in the example, cert 1) should be in your shibboleth metadata. All you need is the top-most issuer, and shibboleth will look down the certificat chain until it finds a certificate it trusts, and all will be well.

If that doesn’t solve it, then we see if the IdP has the SP cert straight.

Be sure the IdP recognizes the SP’s certs

This is harder to debug from the SP’s side, but you can try make an SSL connection using the SP cert and key:

openssl s_client -connect HOST:443 -showcerts -cert SP.crt -key SP.key

If that connects, then you know the server isn’t rejecting you outright, but it’s possible that Apache config is rejecting you elsewhere. The best way to check is to just ask your IdP if your config is still in their shibboleth white-list.

If that doesn’t solve it, check the apache config.

Be sure everyone’s apache config is OK

The possible failure here is that the certificate is being rejected before making it to shibboleth. You don’t want to tell your whole server to accept any client certificate, you want to just pass those through to shibboleth and let shibboleth decide. You’ll want to have SSLVerifyClient optional_no_ca in your Apache location blocks for shibboleth URLs.

Conclusion

Certificates are a good idea, but a pain in the ass. The shibboleth-users mailing list is a good source of information, and you can get prompt replies from there. And next time I have this problem, I’ll know where to look for debugging tips.

Filed in annoying, open source, security, shibboleth | | Comments (3)

reading passwords from the console in C#

Thursday, July 5, 2007

I’m working on a simple command-line app, and have the need to collect a username and password. I don’t want the password to be printed on the screen as they type, but System.Console.ReadLine doesn’t seem to have any option to mask the input before it’s echoed back to the console.
There are a couple ways I found to resolve this, the easy way, and the harder way with better UI.

Easy way:
[csharp]
ConsoleColor oldFore = Console.ForegroundColor;
Console.ForegroundColor = Console.BackgroundColor;
string password = Console.ReadLine();
Console.ForegroundColor = oldFore;
[/csharp]

This basically hides the echoed input by setting the text color to be the same as the background color. This is a little weird because your users can’t see any indication that they’ve entered any information.

The following function catches the input, and then echoes “*” instead. There’s some rudimentary handling of backspace, but no other special keys (end, delete, arrow keys, etc) are handled properly. For now it’s good enough for my use:
[csharp]
public static string ReadPassword() {
Stack passbits = new Stack();
//keep reading
for (ConsoleKeyInfo cki = Console.ReadKey(true); cki.Key != ConsoleKey.Enter; cki = Console.ReadKey(true)) {
if (cki.Key == ConsoleKey.Backspace) {
//rollback the cursor and write a space so it looks backspaced to the user
Console.SetCursorPosition(Console.CursorLeft – 1, Console.CursorTop);
Console.Write(” “);
Console.SetCursorPosition(Console.CursorLeft – 1, Console.CursorTop);
passbits.Pop();
}
else {
Console.Write(“*”);
passbits.Push(cki.KeyChar.ToString());
}
}
string[] pass = passbits.ToArray();
Array.Reverse(pass);
return string.Join(string.Empty, pass);
}
[/csharp]
A bit messy and bug-ridden, but for now it’s good enough for my purposes. When C# 3 comes out, I might be able to add things like this to the Console class using extension methods. Maybe a community-driven FrameworkPlus library will get some momentum, and we can all ditch our home-grown Utils libraries and reap the benefits of each other’s work.

Filed in C#, code snippet | | Comments (14)

CAS Authentication in C#

Tuesday, June 19, 2007

For a recent project I wanted to authenticate using Central Authentication Service (CAS), a single-sign on server deployed world-wide. My project is in ASP.NET, so I hunted down CASP, a C# class produced by John Tantalo at Case Western Reserve University. Coincidentally, John was also responsible for Planarity, a flash game which has only stolen mere days of my life.

I had a few nits to pick with it, so at the risk of calling his baby ugly:

  1. Doesn’t handle the latest CAS protocol, CAS2
  2. Dumps the authenticated username into Session, which isn’t what I wanted
  3. Doesn’t use “using” statements when dealing with IDisposable objects
  4. Doesn’t use XML comments, which .NET tools prefer
  5. Some minor duplication in specifying the login URL and the validation URL.

So, all in all nothing really big. I ended up going a little nuts with it resolving all my complaints. It can now speak CAS1 or CAS2, and has a bunch of options that I added in to solve my specific needs. It seems a little overcomplicated now, but I always get that feeling when I’m thinking in C#.

Installation

Pretty simple:

  1. Download the source: CASP.cs (BSD license)
  2. Add it to your project

Example usage

Like Tantalo’s CASP, mine is designed to be used from a System.Web.UI.Page, and will redirect the browser about as needed.

Simplest example, uses CAS2 by default
[csharp]
protected void Page_Load(object sender, EventArgs e) {
string username = CASP.Authenticate(“https://login.case.edu/cas/”, this.Page);
//do whatever with username
}
[/csharp]

Slightly more complex, using CAS1 and always renewing the authentication ticket
[csharp]
protected void Page_Load(object sender, EventArgs e) {
string username = CASP.Authenticate(“https://login.case.edu/cas/”, this.Page, true, false);
//do whatever with username
}
[/csharp]

Most complex example, giving you flexibility to decide what to do about errors, etc
[csharp]
protected void Page_Load(object sender, EventArgs e) {
CASP casp = new CASP(“https://login.case.edu/cas/”, this.Page, true); //re-login every time
if (casp.Login()) {
try {
string username = casp.ServerValidate(); //or casp.Validate() for CAS1
//do whatever with username
}catch (CASP.ValidateException ex) {
//try again, something was messed up
casp.Login(true);
}
}
}
[/csharp]

This code is certified:
works on my machine

Filed in ASP.NET, C#, CAS, open source | | Comments (3)

EventHandlerList, key equality, and auto-boxing in C#

Friday, May 25, 2007

I was recently implementing some custom events, and found a couple of good (if old) articles describing how to do this efficiently using EventHandlerList:

Those articles go into why it’s nicer to deal with one EventHandlerList instead of many seperate EventHandlers, so read those for more information. For the lazy, here’s some code showing how you’re supposed to use these things:
[csharp]
public class MyClass {
private EventHandlerList Events = new EventHandlerList();

public event EventHandler MyEvent {
add { Events.AddHandler(“MyEvent”, value); }
remove { Events.RemoveHandler(“MyEvent”, value); }
}

public event EventHandler MyOtherEvent {
add { Events.AddHandler(“MyOtherEvent”, value); }
remove { Events.RemoveHandler(“MyOtherEvent”, value); }
}

protected void OnMyEvent(object sender, EventArgs e) {
EventHandler handler = (EventHandler) Events[“MyEvent”];
if (handler != null) {
handler(sender, e);
}
}

protected void OnMyOtherEvent(object sender, EventArgs e) {
EventHandler handler = (EventHandler) Events[“MyOtherEvent”];
if (handler != null) {
handler(sender, e);
}
}
}
[/csharp]

Pretty straightforward stuff. When you add an event handler to the list, you associate it with a key, and then when its time to trigger the events, you look for any handlers under the same key. The other day I was putting together something similar, and ran into some unexpected behavior with the keys. I had started by refactoring the magic strings into an enum:
[csharp]
protected enum MyEvents {
MyEvent,
MyOtherEvent
}
[/csharp]
and replaced all the strings with members of that enum. I figured this would work just fine, but the change caused my unit test to fail. Upon debugging, the EventHandlerList was always returning null in my On*Event calls. After some more testing, the pattern became apparent: value types don’t work as keys. This was somewhat unexpected, as I’ve used enums like this in Hashtables all over the place before. After doing a little Reflectoring, the actual search for the key comes down to traversing a linked list with a simple equality test, something like this:
[csharp]
while (head != null)
{
if (head.key == key)
{
return head;
}
head = head.next;
}
[/csharp]
The culprit ends up being C#’s auto-boxing. The key is stored as an object, so my value types are being boxed on the way in, and therefore == is comparing object identity, not the object values. If EventHandlerList used head.key.Equals(key), everything would have worked how I expected. The solution to rid myself of magic strings now becomes using static objects as my keys, so the object identities will match:
[csharp]
private static readonly object MyEventKey = new object();
private static readonly object MyOtherEventKey = new object();
[/csharp]
That pattern reminds me a lot of enums in Java before it got a enum keyword, which came on the heels of C#’s nice solution to the enumerated type problem. It’d be nice if I could use enums for their intended purpose, but cases like this make me a bit wary. Where else in the .NET framework am I going to find object identity equality where I expect to find object value equality? Is there some rational explanation for this, or is this just a bug?

Filed in annoying, C#, code snippet | | Comments Off on EventHandlerList, key equality, and auto-boxing in C#

Pretty icons using CSS and Mark James’ Silk Icons

Friday, May 18, 2007

I recently saw a post via reddit on Rediscovering the button element about making nice buttons with little icons, and was introduced to the Silk Icons available from Mark James. Mark has released these under a Creative Commons Attribution license, any my UIs will be better for it.

I went through last night and gave a little face-lift to one of my intranet projects, and it looks a lot nicer now. I added icons to buttons and links using CSS.

Here’s the css I used:
[css]
.icon
{
background-repeat:no-repeat;
padding-left:20px;
}

.delete-icon
{
background-image:url(‘icons/cross.png’);
}

.edit-icon
{
background-image:url(‘icons/pencil.png’);
}

[/css]
and so forth, with a *-icon for the different icons I wanted. Then, I decorated my buttons, links, and what-have-you by adding a class="icon foo-icon" attribute. There are other ways accomplish that with CSS, but I liked this scheme the best. In the end, I have added nothing significant to the markup, but made everything else look a lot nicer:

Silk icon example 3Silk icon example 2Silk icon example

Thanks a lot, Mark!

Filed in code snippet, design, open source | | Comments Off on Pretty icons using CSS and Mark James’ Silk Icons

Codeplex wastes six months reinventing wheels

Tuesday, March 27, 2007

I saw an announcement today that CodePlex, Microsoft’s version of Sourceforge, has released a source control client. From the release:

A common theme we’ve heard from our users is the desire to be able to work offline (in the “edit-merge-commit” style) when working on their CodePlex projects. Six months ago, we started working to write such a client that would integrate with our existing TFS server infrastructure, and today we’ve released our first beta of the client.

The CodePlex Client is a command line client for Windows, and requires .NET 2.0.

This infuriates me. This cool thing they spent six months (six!) writing is called Subversion, and it had a 1.0.0 release three years ago. Subversion had its first beta in late 2003, so the Codeplex folks are waaay behind the state of the art on this one.

As a whole, I think the state of software is abysmal. The only way to make it better is to stop writing new code. New code is always full of bugs, and its an expensive path to get from blank screen to stable program. We need to treat programming more like math, we need to build on our results. Development tools is a special market, as our needs are all very similar, and when we need a tool, we have the skills to make it.

The Codeplex staff stated they needed to write their own client in order to integrate with the TFS server infrastructure. According to an msdn article (Get All Your Devs In A Row With Visual Studio 2005 Team System), TFS seems to be a complicated tool to help manage your developers. Reading the description, TFS seems to be an issue tracker, unit tester, continuous integration, source control system, and visual studio plugin. So, basically a combination of Trac, NUnit, CruiseControl.NET, Subversion, and a visual studio plugin. Why not just write the visual studio plugin, and hook into the tools people are already using? All those tools have rich plugin-architectures that would probably support any sensible addition you’d want to make.

This problem is ingrained at Microsoft, which feels the need to brand everything, but it is in no way limited to them. A search on Sourceforge for “issue tracker” gives 585 results. Sifting through those to pick a winner is difficult.

It’s more fun to write new code than read old code, but this fun wears off. After a certain initial momentum creating your new tool, you will inevitably come to a realization “this is going to take me for-fucking-ever”. Unless your itch is particularly strong, you’ll probably quit, and the world will be cursed with a 586th buggy issue tracker. By writing a plugin, you can ride the new-code high usually from start to finish, since its a much smaller task.

Reading code seems more difficult, but I think that’s largely perception. Its just another puzzle to solve. Once you get over the idea that reading code is more difficult, it’s really not that bad. For most mature projects, it’s probably easier for you to read through someone else’s mound of debugged code than it is to write and debug your own mud-ball.

I think we need find and evolve extensible tools, and stop trying to write them over again. We can get the custom behavior we all need by writing and debugging plugins, which are going to be orders of magnitude faster and cheaper than writing the whole system from scratch. I see this happening already, with communities forming around different tools to share plugins.

Next time you need a development tool, don’t open a new code file. Do us all a favor, open up a browser, and just re-use previous results.

Filed in annoying, open source | | Comments (60)

Migrate PuTTY saved sessions

Thursday, February 22, 2007

PuTTY stores its session information in the registry, and there’s no function in PuTTY itself to import/export sessions. This makes moving to a new computer a little sticky. I did some googling and whittled down the documentation for storing configuration in a file into a few steps:

  1. On the old computer, open up a command prompt (not cygwin), and run:

    regedit /ea new.reg HKEY_CURRENT_USER\Software\SimonTatham\PuTTY

  2. Copy new.reg onto the new computer
  3. On the new computer, open up a command prompt (not cygwin), and run:
    regedit /s new.reg

Done!

Filed in open source, windows | | Comments (38)