|
Its a user mode process, system or app, then yes, any MFC code can be used.
Oh, and you can write C++ in the kernel, it does after all just end up as assembler, same as C. The issue with MFC are the libraries it uses. These just arent kernel usable.
|
|
|
|
|
I personally wouldn't recommend using MFC for anything that doesn't involve a GUI. It's relatively large and really buys you minimal help for most things (although it does help a lot with GUI objects).
As to building an LSP (note the "deprecated" part)...
Layered Service Provider - Wikipedia[^]
As to building this type of DLL using C++, sure, you probably just need to export some functions using the 'C' style exports so they could be loaded. It's common practice so you'll find examples everywhere.
|
|
|
|
|
Albert Holguin wrote: As to building an LSP (note the "deprecated" part)...
I know it's deprecated, but I don't have the resources or the time to learn how to write a kernel mode filter driver for the new Windows Filtering Platform.
Plus I don't think it will be removed because LSPs are part of the Winsock spec.
The difficult we do right away...
...the impossible takes slightly longer.
|
|
|
|
|
I'm currently in the process of investigating how to best implement a common login system for all our applications. The logins can have different types of users: some are system users or even crowd sourcing members, others are used for determining user settings for an application and others are subscribed to newsletters or alerts of some type.
The idea is to have one common database of users or contact information which all applications can use, similar to an SSO system.
apart from the usual advice: password rules, encryption methods (using salts), SQL injection, using secure transport etc... I don't find that many tools that allow this (preferably for free, like an open source thing) and honestly, perhaps I'm overly suspicious, one is never sure they tackle security right and whether they are flexible enough to handle 100% of the requirements. And finally if they are easy in maintenance and usage (installing, configuring or compiling, ...) ?
Secondly you have the openid, oauth, ... systems that allow social media login. Looks nice, but I have the feeling that you never get all the information you want and this is also on provider's goodwill (IOW they can stop the service at any time, not that they will, but they could?) and the technology could change, forcing you to evolve on a regular basis. Lastly, though I'm not 100% sure, I seem to remember reading somewhere that more institutes/companies are stepping away from openid (I think in favor of another technology). Can't remember the source.
question 1: Any recommendations on a system? Free or paying.
question 2: Why would or wouldn't I adopt a social media SSO?
question 3: apart from the logical things to watch out for: any additional advice?
Many Thanks.
|
|
|
|
|
So are you guys not already using a domain with an associated LDAP mechanism? That's really the best way that I know of to handle Identity Management in a distributed and diverse system.
"There are three kinds of lies: lies, damned lies and statistics."
- Benjamin Disraeli
|
|
|
|
|
This system goes wider than the domain. Some stranger can register and subscribe for any of the services we provide. I'm guessing yahoo, twitter, facebook, ... don't use ldap to register their user, right?
|
|
|
|
|
Well that's the crux of the issue. You could introduce a guest OU that has groups and user slots for the psudo-anonymous users off the network, but generally that's more overhead than should really be required.
The reason that I mention this is that you said you're looking for a single login mechanism, but handling LOB accounts and unverified accounts should be inherently different (an unverified account should never be granted admin access, but if you use a semi-trusted authentication system how do you handle fully trusted authorization?).
So there's a few approaches. One is to add all users to the domain as mentioned and use a Guest container. Another is to use a mechanism like OAuth2 (and provide an OAuth provider from the domain for LOB accounts) and move administration to a separate application that is only available to domain accounts. That doesn't meet your single AAA criteria, though. Or you could setup an authoritative database, but that would place your LOB accounts at the exact same security context as your unverified accounts without a bunch of code overhead, which is not something I could suggest.
Ultimately I'd say that the requirements need to be reviewed. I'd personally suggest using domain authentication for applications that provide administrative access, and using OAuth2 for public endpoints, but I'm not familiar with your system and overall requirements. This has the benefit of having a single authentication mechanism per application purpose, without co-locating AAA information.
"There are three kinds of lies: lies, damned lies and statistics."
- Benjamin Disraeli
|
|
|
|
|
Thanks for the answer.
It's not an easy task (we have lot's and lot's of history which resulted in a mess I'm now trying to clean up, ... a little) and the requirements will be more definitive when I talk to the necessary people concerning budgets and timing. I'm just gathering information for now on what's possible and what would be the best approach in which situation. Your answer is definitely helpful in that regard.
|
|
|
|
|
Best of luck. The real problem you're going to face is to convince management to get behind a system that's designed to be security-minded from the ground floor. Fortunately(ish) 2016 was a hack-heavy year, so you'll likely get less push-back about "intangibles". Silver linings.
"There are three kinds of lies: lies, damned lies and statistics."
- Benjamin Disraeli
|
|
|
|
|
Hello,
there is the saying "one picture describes more than thousand words".
I also find myself in a situation, where an image inside the source code would describe the situation so much faster and easier, than text. Especially for non-technical domain code.
Therefore, I think enabling images inside source code would be a really awesome, helpfull extension. But as a matter of fact, this feature does not exitst. Am I maybe missing something here? What's your opinion on that topic?
regards
|
|
|
|
|
My opinion? It's stupid.
What would this picture describe in the code? Absolutely nothing.
Not to mention how you could be possible even "type" that code nor how it would even be saved.
The closest you can get to any kind of usable concept that resembles something like this would be an image in the project resources.
|
|
|
|
|
D4rkTrick wrote: What's your opinion on that topic? There should not be any pictures, animated gifs, advertising-banners or flash in the source-code. It is plain text, editable in any text-editor.
I agree that a picture may explain a lot more and better, but source-code is not the documentation. See this[^] thread.
Bastard Programmer from Hell
If you can't read my code, try converting it here[^]
|
|
|
|
|
I think, New Year party left you in a hangover or something like that. But, a programmer leaves billions of errors in just a few hundred lines of codes. What do you expect him to do in thousand words, moreover in the form of image.
Of course, there are some source codes where you can embed images, they are called HTML codes.
<p>
<img src="~/images/market-chart.png" alt="Description" />
</p>
You get to display a chart instead of a tabular or textual description. However, if you meant to create an image and have objects such as <p> , <img> etc in there. I won't necessarily support it.
Sorry.
The sh*t I complain about
It's like there ain't a cloud in the sky and it's raining out - Eminem
~! Firewall !~
|
|
|
|
|
|
Instead of writing to every single person, I get the idea of a general opinion regarding that.
Therefore I might not put too much more effort in that project.
@Gerry
That was unexpected...and I was kind of laughing hard ... I'm probably easy minded
Regards
Darktrick
|
|
|
|
|
You can still provide this sort of detail, though, by providing good technical documentation and referring to it in code comments. This example uses an HTML documentation so that you can couple the image with some textual context:
namespace MyNamespace {
public class MyClass {...}
}
"There are three kinds of lies: lies, damned lies and statistics."
- Benjamin Disraeli
|
|
|
|
|
Hello. I'm not sure if this is the appropriate topic, but the insights of this subject are valid. What do you think about an code editor like this:
Image 01
Image 02
Image 03
Premise: "typing the same code twice is work for robots. Each time you do that, humanity ceases to evolve - and you mainly".
The idea here is to abolish the organization of files and folders. Files e folders, It is like machine language, does not interest to current programmers. The project organization can be done only inside the Code Editor.
If the files are all exported within a single folder, or hundreds of folders, or the entire file is a single file, this does not matter to the programmer. After exporting the file, what matters is mainly performance. And the performance can not be compromised by our desorganization, habits and addictions when write code.
And to maintain the code, what matters is mainly an organized project and expandable.
Then, more useful is to have a "virtualized image" of the file, composed of the modules that make up this file and the entire program.
A example in HTML5:
Virtualized file inside Code Editor:
(index.html)
(init)
(head)
(body)
(end)
Spaghetti that does not matter:
folder/index.html
<!--
<!DOCTYPE html>
<html lang="en">
<!--
<head>
<meta charset="utf-8">
<title>title</title>
<link rel="stylesheet" href="style.css">
<script src="script.js"></script>
</head>
<!--
<body>
<!--
</body>
<!--
</html>
So you can create a "code block" for index.html, only once. And, if this is already part of the Code Editor library, you just search: index, and drag the block to the project.
You do not need of a dumbsense or keyboard shortcuts that you do not remember or even know exist, nor do you need to be consulted documentation at all times to do simple things. You do not even have to overload your memory with unnecessary information.
And the blocks can be organized into categories:
- Search word (index) in the category (canvas)
- Search word (index) in the category (web page)
- Search word (index) in the category (My project XYZ that I made for company XYZ)
- Search word (controls) in the category (My game XYZ)
"This is code reuse truly intelligent".
And all these blocks can be made up of blocks within blocks, like an array or complex module.
Another example:
You have changed the website address of your company. And you need to edit the comments for each code page in 50 projects. Total 500 files.
If your projects have the "block" (header-comments) on all pages, when you change the content of (header-comments), this will change in all projects.
You only open the projects: update, export and you're done.
And the same to correct errors, improve something, make implementations, include new modules, etc.
Some advantages:
Modular programming: a new conception of programming organization: using arrays and modules rather than separate folders and files. Files are generated only at the end.
Lightning maintenance: When correcting a error, or improve a snippet of code, all blocks of the program can be changed simultaneously.
Matrix Blocks: allows you to store 1,000 items in little space. And Matrix Blocks inside Matrix Blocks can store infinite information.
End of spaghetti code: The modules and blocks to organization is more intuitive.
Reuse and share code: Code blocks allows full reuse of code. And you can also share your blocks.
Code lib: The editor becomes a code library. You do not need to be always consulting the documentation and external files. Your notes and code samples are saved in blocks in the editor itself. This is also better than Intellisense and keyboard shortcuts.
Others:
The name Plurality is because the idea is to use the same logic of arrays and blocks to also write music (like music trackers) and texts (like script editors). (Also because I'm an Indie Game Developer)
This idea is inspired by Scratch - MIT Media Lab's, Google Blockly, Stencyl and other similar programs.
And the goal is to find a middle ground between written and visual programming.
P.s: These images are just to demonstrate the concept without having to write too much.
modified 20-Dec-16 22:12pm.
|
|
|
|
|
My honest opinion? One of the ugliest UIs I have seen in years; it looks like something out of MS-DOS 3. The space for the edit windows is far too small, and the rest of the boxes are just clutter. Unfortunately the rest of your "advantages" do not mean anything without further detail, as the images give no clue as to how they are implemented.
|
|
|
|
|
Quote: My honest opinion? One of the ugliest UIs I have seen in years;
Yes, honest opinion. hehe
This draft even resembles MS-DOS. In game development we call this style: pixel art.
But this image is only a drawing PNG.
Aesthetics is my last concern. Because it does not help to be beautiful if it's disorganized and does not work.
As Steve Jobs said: "Design is how things work".
This observation was relevant:
Quote: The space for the edit windows is far too small
A solution: The "text-box" needs to be expandable and the columns self concealable.
Those who have never used Google Blockly maybe not understand the idea. Here there is more information:
https://github.com/Gurigraphics/plurality
However, this is nothing definitive. And I still do not want to develop a useless prototype.
|
|
|
|
|
Gurigraphics wrote: Aesthetics is my last concern. Then I wonder why you showed those images that do not really mean anything. A more detailed description of what this editor is going to offer may have been a better idea.
|
|
|
|
|
Quote: Then I wonder why you showed those images that do not really mean anything. A more detailed description of what this editor is going to offer may have been a better idea.
Because, fonts, colors, lines, image resolutions are not necessary to understand the idea. But, shapes, structures and positions are required. Because, what the program intends to do, can not be separated from how will do. Since, in the case of an editor, it is precisely the "how" that more interests us. Because, if it is not "practical," it is only "a bad experience" and no matter the outcome.
But I understand what you mean. It was better for me to do an article introducing the idea, the problem, and the reason for it all, before showing any image.
I did not do this because when is necessary to read too much, the "haters" also complain that this is at "a bad experience".
|
|
|
|
|
You might want to look at the work @marc-clifton[^] is doing in this space. Check out his latest articles.
This space for rent
modified 20-Dec-16 6:21am.
|
|
|
|
|
About The Clifton Method?
I'll read it. Thanks
|
|
|
|
|
That's the one. It looks like you're both investigating the same space.
This space for rent
|
|
|
|
|
Okay. Thank's. ^ ^
modified 31-Dec-16 12:52pm.
|
|
|
|
|