After few weeks, into launch of a global application, I received word that a couple of employees have been unable to gain access to their internal networks in Europe, and are outside the realm of the global corporate intranet. A system is also in place to allow members to gain access to the corporate intranet, which was put in place by an external company called Scalable Networks.

This all works fine; however, there is a proxy in place that rewrites all URLs, which we were not involved with or any aspects of security. We did not know of a proxy’s existence until a week before launch. As such, the Proxy rewrites every URL using CGI, and JavaScript; the problem being is aspects such as Flash with the source of the data files loaded into Flash being embedded into Flash itself, and other areas that are dependant on JavaScript. Whilst the public site for the corporate intranet uses very limited amounts of flash and JavaScript, the admin section relies on a couple aspects of JavaScript to pull in data via AJAX, and utilises JavaScript to create a virtual FileSystem. All of which, the real path to the data is masqueraded by the proxy itself, and all paths that are referenced despite being relative result in a 404 error.

Now many aspects of the admin now appear to have to be rewritten or hacked to compliment the proxy in place.

An example is…

https://www.example.com/,host=intranet.domain.com,port=80,proto=http/https://www.example.com/,host=intranet.domain.com,port=80,proto=http/Style/Screen.css

A lesson learned is to always reference the data source of a flash file externally rather than embedding the location…

./Flash.swf?DataSource=/,host=intranet.domain.com,port=80,proto=http/DataSource.php&Debug=1&DebugFile=trace.php

As you can see even referencing files as relative will not work correctly, if the proxy cannot parse the URL.

Whilst developing with Apache, and IIS over a number of years, I have always found it frustrating to have to type and use a seperate port for the different web servers as you cannot bind to an IP Address with a single port, such as port 80. If you have tried to add multiple IPs, and bind to them, you may hav noticed this fail. This is due to a very simple configuration in IIS.

To Add multiple IP address’s, right click on your network adapter and click properties.

Enter the DNS information from your ISP, the default gateway, subnet, and your IP address.

Add an IP address, higher IP address than is required by DHCP such as 100+.

Open the command line, and run the following.

cd C:InetpubAdminScripts
CSCRIPT ADSUTIL.VBS SET W3SVC/DisableSocketPooling TRUE

This disables IIS from listening to the default IP address and run .

%SystemRoot%system32inetsrviis.msc

Select the Default Web Site, and right click opening properties.
Set the IP Address to an IP that is free and does not already have a server listening on port 80. Clicking Advanced you can bind IIS to a number of IPs or Host headers (Domains [www.ajohnstone.com], leaving the host header blank sets it as the default address).>

Now open httpd.conf

Modify the line.
“Listen 80″ to “Listen 192.168.0.100:80″ with the IP address you wish to bind it to.
Also update the “NameVirtualHost *:80″ in the same fashion to “NameVirtualHost 192.168.0.100:80″

Now open the hosts file. (C:\WINDOWS\system32\drivers\etc\hosts)

127.0.0.1          localhost
192.168.0.99       IIS
192.168.0.100      Apache

now restart apache and your set.

http://apache/
http://IIS/

For more configurations on Apache on windows…

When adding an application mapping for aspnet_isapi.dll, I noticed when invoking an webservice IIS would throw a 404. This is due to a flag being set to 5, which is the default. Either by editing the MetaBases XML in IIS6 or modifying the MetaBase in IIS5 with MetaEdit. You can alleviate this by setting the flags to 1 rather than 5…

.asmx,C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll,1,GET,HEAD,POST,DEBUG
		ScriptMaps=".asa,C:\WINDOWS\system32\inetsrv\asp.dll,5,GET,HEAD,POST,TRACE
			.asax,C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll,5,GET,HEAD,POST,DEBUG
			.ascx,C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll,5,GET,HEAD,POST,DEBUG
			.ashx,C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll,1,GET,HEAD,POST,DEBUG
			.asmx,C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll,1,GET,HEAD,POST,DEBUG
			.asp,C:\WINDOWS\system32\inetsrv\asp.dll,5,GET,HEAD,POST,TRACE
			.aspx,C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll,1,GET,HEAD,POST,DEBUG
			.axd,C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll,1,GET,HEAD,POST,DEBUG
			.cdx,C:\WINDOWS\system32\inetsrv\asp.dll,5,GET,HEAD,POST,TRACE
			.cer,C:\WINDOWS\system32\inetsrv\asp.dll,5,GET,HEAD,POST,TRACE
			.config,C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll,5,GET,HEAD,POST,DEBUG
			.cs,C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll,5,GET,HEAD,POST,DEBUG
			.csproj,C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll,5,GET,HEAD,POST,DEBUG
			.idc,C:\WINDOWS\system32\inetsrv\httpodbc.dll,5,GET,POST
			.licx,C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll,5,GET,HEAD,POST,DEBUG
			.rem,C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll,1,GET,HEAD,POST,DEBUG
			.resources,C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll,5,GET,HEAD,POST,DEBUG
			.resx,C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll,5,GET,HEAD,POST,DEBUG
			.shtm,C:\WINDOWS\system32\inetsrv\ssinc.dll,5,GET,POST
			.shtml,C:\WINDOWS\system32\inetsrv\ssinc.dll,5,GET,POST
			.soap,C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll,1,GET,HEAD,POST,DEBUG
			.stm,C:\WINDOWS\system32\inetsrv\ssinc.dll,5,GET,POST
			.vb,C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll,5,GET,HEAD,POST,DEBUG
			.vbproj,C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll,5,GET,HEAD,POST,DEBUG
			.vsdisco,C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll,1,GET,HEAD,POST,DEBUG
			.webinfo,C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll,5,GET,HEAD,POST,DEBUG"
		WAMUserName="IWAM_DESTINATION"
		WAMUserPass="4963446270000000220000004000000068e601bbb4cd522a30c1ca97ae55868624ec7c6aec49da59aac18be039b5b0fc195649004e0044003efa28484ba3debde850c532c04d1fd358ac8a336aa43edd350be4a651de10b0012adadff0af6f380669ca5a86da004d61ed65ac4c2d8bfda776313e37d30109"
		WebSvcExtRestrictionList="1,*.dll
			1,*.exe
			1,C:\WINDOWS\system32\inetsrv\ssinc.dll,0,SSINC,Server Side Includes
			1,C:\WINDOWS\system32\bitssrv.dll,0,BITSEXTS,BITS Server Extensions
			1,C:\WINDOWS\system32\inetsrv\asp.dll,0,ASP,Active Server Pages
			1,C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll,0,ASP.NET v1.1.4322,ASP.NET v1.1.4322
			1,C:\WINDOWS\system32\inetsrv\httpodbc.dll,0,HTTPODBC,Internet Data Connector
			1,C:\PHP\Distributions\php-5.0.4-Win32\php5isapi.dll,1,,PHP
			0,C:\WINDOWS\system32\inetsrv\httpext.dll,0,WEBDAV,WebDAV
			1,C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\60\isapi\_vti_aut\author.dll,0,Windows SharePoint Services,Windows SharePoint Services
			1,C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\60\isapi\_vti_adm\admin.dll,0,Windows SharePoint Services,Windows SharePoint Services
			1,C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\60\isapi\shtml.dll,0,Windows SharePoint Services,Windows SharePoint Services
			1,C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\60\isapi\owssvr.dll,0,Windows SharePoint Services,Windows SharePoint Services
			1,C:\Program Files\Common Files\microsoft shared\web server extensions\50\isapi\fpcount.exe,0,FPSE,FrontPage Server Extensions
			1,C:\Program Files\Common Files\microsoft shared\web server extensions\50\isapi\shtml.dll,0,FPSE,FrontPage Server Extensions
			1,C:\Program Files\Common Files\microsoft shared\web server extensions\50\isapi\_vti_adm\admin.dll,0,FPSE,FrontPage Server Extensions
			1,C:\Program Files\Common Files\microsoft shared\web server extensions\50\isapi\_vti_aut\author.dll,0,FPSE,FrontPage Server Extensions
			1,C:\Program Files\Common Files\microsoft shared\web server extensions\50\isapi\_vti_adm\fpadmdll.dll,0,FPSE,FrontPage Server Extensions"
	>

A colleague recently asked me, how he could Change the Drive Letter of a Mounted Device, when he removed a Device. I’m not sure of a reason to do this, however for future reference, i’ll leave a note here…

HKEY_LOCAL_MACHINE\SYSTEM\MountedDevices\DosDevices\C:
HKEY_LOCAL_MACHINE\SYSTEM\MountedDevices\DosDevices\D:
HKEY_LOCAL_MACHINE\SYSTEM\MountedDevices\DosDevices\E:
HKEY_LOCAL_MACHINE\SYSTEM\MountedDevices\DosDevices\F:
HKEY_LOCAL_MACHINE\SYSTEM\MountedDevices\DosDevices\G:

Simply rename the Value Name of each Key in the registry using regedit.

Lately, I have been having a few problems with a very strange quirk, and have not been able to find the source of the problem as of yet. Currently I am authenticating over Netilla and also through Swivel implementation . All of this works correctly, however when NT Auth is enabled IE either hangs or throws a DNS error. I’m not sure exactly, how hosting & operations have implemented NT Auth, so i’ll have to look it up when i’m able to access the VPN and update this accordingly. Although this seems like a possibility.

“You can produce a problem by pressing reload fast and often. The connection is forced into reset each time, and sometimes Internet Explorer is sending a msg3 to an apache process that didn’t send the msg1 yet. I’m not sure weather this is an apache or Linux or IE problem. It could be resolved by caching credentials, which is unsafe and involves neat things like file locking and mmap(). “

using mod_ntlm_winbind

    AuthName "NTLM Authentication thingy"
    NTLMAuth on
    NTLMAuthHelper "/usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp"
    NTLMBasicAuthoritative on
    AuthType NTLM
    require valid-user
    require user

PHP-5.1.0RC3 Released

In: PHP

17 Oct 2005

PHP-5.1.0RC3 just released 20 minutes ago:)

http://downloads.php.net/ilia/php-5.1.0RC3.tar.bz2
6f48ee0b43f54dff8f9e683d337885c1

http://downloads.php.net/ilia/php-5.1.0RC3.tar.gz
7091baf5ebb8b93d715ac5e9dd4b7ce3

“I anticipate
a final RC candidate to be released no later then October 31st, 2005.
This will then be followed by 5.1.0 stable within 1-2 weeks.”
, Ilia Alshanetsky

  • Share/Bookmark

With the recent release of PHP 5.1.0 RC1, I have noticed a release of Zends Session Clustering that their marketing team had mentioned was due for a release (I assume this to have been delayed). Whilst I have been using standard file based session’s for an on going project, I hit an unusual stumbling block with a very expensive operation to create sessions in a clustered enviroment. Unfortunately I never did find the cause as to why session start caused such overhead, however this was ironed out. It will be interesting to see how Zends Session Clustering would work inline with this project.

Reading through some documentation i’m a little apprehensive as to Zends solution for Session Clustering.

In this module sessions “reside” on the server where they were first created. These sessions are subsequently delivered to other servers in the cluster, by having the alternate server request the session data from the original server. This means a fully distributed solution – delivering high performance, linearly scalable solution utilize existing hardware investment, while ensuring the ability to continue growing.

Zends Session Clustering utilizes a daemon to allow clustering of sessions, currently our in our enviroment sessions are persisted to one dedicated server, the master.

Zend Session Cluster

Streetmap

In: General

17 Aug 2005

After reviewing MultiMap, I decided to demo StreetMap and in conclusion they both have fantastically appalling interfaces. Whilst MultiMap’s implementation appears to be more flexible allowing information to flexible, these interfaces demonstrate the extreme basics of their services. The only information required to implement a store location facility is a PostCode, Longitude and Latitude and the only information worth while is currently the information I found from the royal mail for PAF data. The only value I have found in these services are the use of the mapping functionality and is the only reason I am using there trialing there services.

Login

List or Modify Entries by Sequence

Add entry

Add entry Section Two

Edit entry

Multimap

In: General

11 Aug 2005

I recently started playing with a couple trial accounts from multi-map for a client of ours. I was quite surprised it is actually running Coldfusion and MySQL. Whilst I have heard of MySQL supporting GIS and Spatial data, I have never seen an implementation or known of one until now.

Whilst playing with Multimap I found a couple bugs within 5 minutes, the first being a problem with some calculations on tabular data types with CF complaining about LEFT(MID etc…
The other was a rather poor implementation of their user interface. I generally do things backwards and as a result rather than clicking through step 1 – ~6 I started at 6. This resulted in CF having trouble with creating a table in MySQL and obviously thowing an error. From what I can gather it is a very simple implementation, of which lat and lon coordinates are populated from their data.

Index

Multimap Index Page

Data
Bug One (MySQL Table Creation)
As you can tell this is a really poor interface, apparently they were reviewing the current interface according to one of their technical guys… If you skip a step you will most likely thow an cold fusion error:(

Table
Bug Two (CF Error)

Stats

Templates

I implemented my own version, however the data I acquired was inaccurate and varied within roughly 1-2 miles as well as being a very limited on the amount of information it contained. I also received the sample RAW PAF (Postcode Address File) data from the Royal Mail, and having a look through seems very detailed, although not quite what I was looking for…

All credit due to the Multimap staff, as they managed to fix both bugs within the hour.

Some Costs for Multimaps services, the two I was interested in were Inline and StoreFinder. There are two seperate costs the first being per usage. Of which the costs are as follows:

Fee Schedule
No set up costs or annual license fee for this service. Buy deliveries in advance.
Advance purchase of map deliveries:

20,000 deliveries : £500
50,000 deliveries : £1000
100,000 deliveries : £1800
200,000 deliveries : £3000
500,000 deliveries : £5000

And Annual Fees…

“Annual fees for services are charged per template set required. Use of maps in multiple countries carries an extra annual fee of £1,000 per country (a cap can be discussed).
HTML Storefinder £3,500
XML Storefinder £4,000

Adding filtered search from £500 for HTML versions”

The never ending list of functions… Some more for me to learn and play with, many are part of the Zend Platform….

accelerator_get_blacklist()  array
accelerator_get_blacklisted_paths()  array
accelerator_get_configuration()  array
accelerator_get_scripts()  array
accelerator_get_server_start_time()  long
accelerator_get_statistics()  array
accelerator_get_uris()  array
accelerator_get_version_info()  array
accelerator_reset()  void
accelerator_set_status(boolean $status)  boolean
accelerator_unlock_functions(string $password)  boolean

confirm_extname_compiled(string $arg)  string

leak(int[optional] $num_bytes = 3)  void

output_add_rewrite_var(string $name, string $value)  bool
output_cache_check_file(string $filename)  array
output_cache_disable()  void
output_cache_disable_compression()  void
output_cache_exists(string $key, int $lifetime)  mixed
output_cache_fetch(string $key, string $function, int $lifetime)  string
output_cache_get(string $key, int $lifetime)  mixed
output_cache_get_statistics()  array
output_cache_output(string $key, string $function, int $lifetime)  string
output_cache_put(string $key, mixed $data)  bool
output_cache_remove(string $filename)  string
output_cache_remove_key(string $key)  string
output_cache_remove_url(string $url)  string
output_cache_stop()  void
output_reset_rewrite_vars()  bool

time_nanosleep(long $seconds, long $nanoseconds)  mixed

About this blog

I have been a developer for roughly 10 years and have worked with an extensive range of technologies. Whilst working for relatively small companies, I have worked with all aspects of the development life cycle, which has given me a broad and in-depth experience.