I'm planning to develop a Winsock Layered Service Provider. Given that the provider DLL will end up being loaded into system processes as well as user ones, are there any restrictions on the uses of the C++ runtime and/or MFC inside these processes?
Am I going to have to develop it in straight C? (I hope not.)
When I say system processes, I mean user mode system processes. The LSP is not a kernel mode component.
The difficult we do right away... ...the impossible takes slightly longer.
I'm currently in the process of investigating how to best implement a common login system for all our applications. The logins can have different types of users: some are system users or even crowd sourcing members, others are used for determining user settings for an application and others are subscribed to newsletters or alerts of some type.
The idea is to have one common database of users or contact information which all applications can use, similar to an SSO system.
apart from the usual advice: password rules, encryption methods (using salts), SQL injection, using secure transport etc... I don't find that many tools that allow this (preferably for free, like an open source thing) and honestly, perhaps I'm overly suspicious, one is never sure they tackle security right and whether they are flexible enough to handle 100% of the requirements. And finally if they are easy in maintenance and usage (installing, configuring or compiling, ...) ?
Secondly you have the openid, oauth, ... systems that allow social media login. Looks nice, but I have the feeling that you never get all the information you want and this is also on provider's goodwill (IOW they can stop the service at any time, not that they will, but they could?) and the technology could change, forcing you to evolve on a regular basis. Lastly, though I'm not 100% sure, I seem to remember reading somewhere that more institutes/companies are stepping away from openid (I think in favor of another technology). Can't remember the source.
question 1: Any recommendations on a system? Free or paying.
question 2: Why would or wouldn't I adopt a social media SSO?
question 3: apart from the logical things to watch out for: any additional advice?
This system goes wider than the domain. Some stranger can register and subscribe for any of the services we provide. I'm guessing yahoo, twitter, facebook, ... don't use ldap to register their user, right?
Well that's the crux of the issue. You could introduce a guest OU that has groups and user slots for the psudo-anonymous users off the network, but generally that's more overhead than should really be required.
The reason that I mention this is that you said you're looking for a single login mechanism, but handling LOB accounts and unverified accounts should be inherently different (an unverified account should never be granted admin access, but if you use a semi-trusted authentication system how do you handle fully trusted authorization?).
So there's a few approaches. One is to add all users to the domain as mentioned and use a Guest container. Another is to use a mechanism like OAuth2 (and provide an OAuth provider from the domain for LOB accounts) and move administration to a separate application that is only available to domain accounts. That doesn't meet your single AAA criteria, though. Or you could setup an authoritative database, but that would place your LOB accounts at the exact same security context as your unverified accounts without a bunch of code overhead, which is not something I could suggest.
Ultimately I'd say that the requirements need to be reviewed. I'd personally suggest using domain authentication for applications that provide administrative access, and using OAuth2 for public endpoints, but I'm not familiar with your system and overall requirements. This has the benefit of having a single authentication mechanism per application purpose, without co-locating AAA information.
"There are three kinds of lies: lies, damned lies and statistics."
- Benjamin Disraeli
It's not an easy task (we have lot's and lot's of history which resulted in a mess I'm now trying to clean up, ... a little) and the requirements will be more definitive when I talk to the necessary people concerning budgets and timing. I'm just gathering information for now on what's possible and what would be the best approach in which situation. Your answer is definitely helpful in that regard.
Best of luck. The real problem you're going to face is to convince management to get behind a system that's designed to be security-minded from the ground floor. Fortunately(ish) 2016 was a hack-heavy year, so you'll likely get less push-back about "intangibles". Silver linings.
"There are three kinds of lies: lies, damned lies and statistics."
- Benjamin Disraeli
there is the saying "one picture describes more than thousand words".
I also find myself in a situation, where an image inside the source code would describe the situation so much faster and easier, than text. Especially for non-technical domain code.
Therefore, I think enabling images inside source code would be a really awesome, helpfull extension. But as a matter of fact, this feature does not exitst. Am I maybe missing something here? What's your opinion on that topic?
I think, New Year party left you in a hangover or something like that. But, a programmer leaves billions of errors in just a few hundred lines of codes. What do you expect him to do in thousand words, moreover in the form of image.
Of course, there are some source codes where you can embed images, they are called HTML codes.
You can still provide this sort of detail, though, by providing good technical documentation and referring to it in code comments. This example uses an HTML documentation so that you can couple the image with some textual context:
Premise: "typing the same code twice is work for robots. Each time you do that, humanity ceases to evolve - and you mainly".
The idea here is to abolish the organization of files and folders. Files e folders, It is like machine language, does not interest to current programmers. The project organization can be done only inside the Code Editor.
If the files are all exported within a single folder, or hundreds of folders, or the entire file is a single file, this does not matter to the programmer. After exporting the file, what matters is mainly performance. And the performance can not be compromised by our desorganization, habits and addictions when write code.
And to maintain the code, what matters is mainly an organized project and expandable.
Then, more useful is to have a "virtualized image" of the file, composed of the modules that make up this file and the entire program.
A example in HTML5:
Virtualized file inside Code Editor:
(index.html) (init) (head) (body) (end)
Spaghetti that does not matter:
<!-- Init --><!DOCTYPEhtml><htmllang="en"><!-- head --><head><metacharset="utf-8"><title>title</title><linkrel="stylesheet"href="style.css"><scriptsrc="script.js"></script>
</head><!-- body --><body><!-- page content --></body><!-- end --></html>
So you can create a "code block" for index.html, only once. And, if this is already part of the Code Editor library, you just search: index, and drag the block to the project.
You do not need of a dumbsense or keyboard shortcuts that you do not remember or even know exist, nor do you need to be consulted documentation at all times to do simple things. You do not even have to overload your memory with unnecessary information.
And the blocks can be organized into categories:
- Search word (index) in the category (canvas) - Search word (index) in the category (web page) - Search word (index) in the category (My project XYZ that I made for company XYZ) - Search word (controls) in the category (My game XYZ)
"This is code reuse truly intelligent".
And all these blocks can be made up of blocks within blocks, like an array or complex module.
You have changed the website address of your company. And you need to edit the comments for each code page in 50 projects. Total 500 files.
If your projects have the "block" (header-comments) on all pages, when you change the content of (header-comments), this will change in all projects.
You only open the projects: update, export and you're done.
And the same to correct errors, improve something, make implementations, include new modules, etc.
Modular programming: a new conception of programming organization: using arrays and modules rather than separate folders and files. Files are generated only at the end.
Lightning maintenance: When correcting a error, or improve a snippet of code, all blocks of the program can be changed simultaneously.
Matrix Blocks: allows you to store 1,000 items in little space. And Matrix Blocks inside Matrix Blocks can store infinite information.
End of spaghetti code: The modules and blocks to organization is more intuitive.
Reuse and share code: Code blocks allows full reuse of code. And you can also share your blocks.
Code lib: The editor becomes a code library. You do not need to be always consulting the documentation and external files. Your notes and code samples are saved in blocks in the editor itself. This is also better than Intellisense and keyboard shortcuts.
The name Plurality is because the idea is to use the same logic of arrays and blocks to also write music (like music trackers) and texts (like script editors). (Also because I'm an Indie Game Developer)
This idea is inspired by Scratch - MIT Media Lab's, Google Blockly, Stencyl and other similar programs.
And the goal is to find a middle ground between written and visual programming.
P.s: These images are just to demonstrate the concept without having to write too much.
My honest opinion? One of the ugliest UIs I have seen in years; it looks like something out of MS-DOS 3. The space for the edit windows is far too small, and the rest of the boxes are just clutter. Unfortunately the rest of your "advantages" do not mean anything without further detail, as the images give no clue as to how they are implemented.
Then I wonder why you showed those images that do not really mean anything. A more detailed description of what this editor is going to offer may have been a better idea.
Because, fonts, colors, lines, image resolutions are not necessary to understand the idea. But, shapes, structures and positions are required. Because, what the program intends to do, can not be separated from how will do. Since, in the case of an editor, it is precisely the "how" that more interests us. Because, if it is not "practical," it is only "a bad experience" and no matter the outcome.
But I understand what you mean. It was better for me to do an article introducing the idea, the problem, and the reason for it all, before showing any image.
I did not do this because when is necessary to read too much, the "haters" also complain that this is at "a bad experience".
When one becomes sufficiently adept at the tools that are already available, one transcends any limitations of the IDE and becomes one with the project's mental model.
Truth. In the world, there are those who accept the things as they are. That prefer to be dragged by a horse cart all life, because they are afraid to get off the ground.
Others... "who see things differently. They're not fond of rules. And they have no respect for the status quo. You can quote them, disagree with them, glorify or vilify them. About the only thing you can't do is ignore them. Because they change things".
Last Visit: 31-Dec-99 19:00 Last Update: 16-Jan-17 7:32