miércoles, 14 de agosto de 2013

Perl Net::LDAP::SimpleServer

Adaptaciones sobre el módulo LDAP Server para Windows (Strawberry Perl)

Lista de adaptaciones (continúa más abajo):
- Relajación de condiciones de bind:
    - Cuenta principal (principal account)
    - Validación de contraseñas

Ubicación del archivo:
%Strawberry_Perl%\site\lib\net\ldap\SimpleServer\ProtocolHandler.pm

CPAN: http://search.cpan.org/~russoz/Net-LDAP-SimpleServer-0.0.17/lib/Net/LDAP/SimpleServer.pm

Código:

package Net::LDAP::SimpleServer::ProtocolHandler;

use strict;
use warnings;

# ABSTRACT: LDAP protocol handler used with Net::LDAP::SimpleServer

our $VERSION = '0.0.17';    # VERSION

use Net::LDAP::Server;
use base 'Net::LDAP::Server';
use fields qw(store root_dn root_pw allow_anon);

use Carp;
use Net::LDAP::LDIF;
use Net::LDAP::Util qw{canonical_dn};
use Net::LDAP::FilterMatch;

use Net::LDAP::Constant (
    qw/LDAP_SUCCESS LDAP_AUTH_UNKNOWN LDAP_INVALID_CREDENTIALS/,
    qw/LDAP_AUTH_METHOD_NOT_SUPPORTED/ );

use Scalar::Util qw{reftype};
use UNIVERSAL::isa;

use Data::Dumper;

sub _make_result {
    my $code = shift;
    my $dn   = shift || '';
    my $msg  = shift || '';

    return {
        matchedDN    => $dn,
        errorMessage => $msg,
        resultCode   => $code,
    };
}

sub new {
    my $class  = shift;
    my $params = shift || croak 'Must pass parameters!';
    my $self   = $class->SUPER::new( $params->{input}, $params->{output} );

    croak 'Parameter must be a HASHREF' unless reftype($params) eq 'HASH';
    croak 'Must pass option {store}' unless exists $params->{store};
    croak 'Not a LDIFStore'
      unless $params->{store}->isa('Net::LDAP::SimpleServer::LDIFStore');

    croak 'Must pass option {root_dn}' unless exists $params->{root_dn};
    croak 'Option {root_dn} can not be empty' unless $params->{root_dn};
    croak 'Invalid root DN'
      unless my $canon_dn = canonical_dn( $params->{root_dn} );

    $self->{store}      = $params->{store};
    $self->{root_dn}    = $canon_dn;
    $self->{root_pw}    = $params->{root_pw};
    $self->{allow_anon} = $params->{allow_anon};
    chomp( $self->{root_pw} );
        print STDERR "*** new ***\n";
    return $self;
}

sub unbind {
    my $self = shift;

    $self->{store}   = undef;
    $self->{root_dn} = undef;
    $self->{root_pw} = undef;

    return _make_result(LDAP_SUCCESS);
}

sub bind {    ## no critic (ProhibitBuiltinHomonyms)
    my ( $self, $request ) = @_;

        select(STDERR);
        $| = 1;
    print STDERR '===== bind =====' . "\n";
    #print STDERR Dumper($self);
    print STDERR Dumper($request);
    my $ok = _make_result(LDAP_SUCCESS);

    if (    not $request->{name}
        and exists $request->{authentication}->{simple}
        and $self->{allow_anon} )
    {
        return $ok;
    }

    print STDERR qq{not anonymous\n};
    # As of now, accepts only simple authentication
    return _make_result(LDAP_AUTH_METHOD_NOT_SUPPORTED)
      unless exists $request->{authentication}->{simple};

    print STDERR qq{is simple authentication\n};
    return _make_result(LDAP_INVALID_CREDENTIALS)
      unless my $binddn = canonical_dn( $request->{name} );

    print STDERR qq#binddn is ok ($request->{name}) => ($binddn)\n#;
    #print STDERR qq#handler dn is $self->{root_dn}\n#;
    #return _make_result(LDAP_INVALID_CREDENTIALS)
    #  unless uc($binddn) eq uc( $self->{root_dn} );

    print STDERR qq{binddn is good\n};
    my $bindpw = $request->{authentication}->{simple};
    chomp($bindpw);

    #print STDERR qq|comparing ($bindpw) eq ($self->{root_pw})\n|;
    #return _make_result(LDAP_INVALID_CREDENTIALS)
    #  unless $bindpw eq $self->{root_pw};

    return $ok;
}

sub _match {
    my ( $filter_spec, $elems ) = @_;

    my $f = bless $filter_spec, 'Net::LDAP::Filter';
    return [ grep { $f->match($_) } @{$elems} ];
}

sub search {
    my ( $self, $request ) = @_;

    my $list = $self->{store}->list;

    #my $basedn = $request->{baseObject};
        select(STDERR);
        $| = 1;
    #print STDERR '=' x 50 . "\n";
        print STDERR '===== search =====' . "\n";
    print STDERR Dumper($request);
    #print STDERR Dumper($list);

    my $res = _match( $request->{filter}, $list );

    #print STDERR Dumper($res);

    return ( _make_result(LDAP_SUCCESS), @{$res} );
}

1;    # Magic true value required at end of module



=pod

=encoding utf-8

=head1 NAME

Net::LDAP::SimpleServer::ProtocolHandler - LDAP protocol handler used with Net::LDAP::SimpleServer

=head1 VERSION

version 0.0.17

=head1 SYNOPSIS

    use Net::LDAP::SimpleServer::ProtocolHandler;

    my $store = Net::LDAP::SimpleServer::LDIFStore->new($datafile);
    my $handler =
      Net::LDAP::SimpleServer::ProtocolHandler->new({
          store   => $datafile,
          root_dn => 'cn=root',
          root_pw => 'somepassword'
      }, $socket );

=head1 DESCRIPTION

This module provides an interface between Net::LDAP::SimpleServer and the
underlying data store. Currently only L
is available.

=head1 METHODS

=head2 new( OPTIONS, IOHANDLES )

Creates a new handler for the LDAP protocol, using STORE as the backend
where the directory data is stored. The rest of the IOHANDLES are the same
as in the L module.

=head2 bind( REQUEST )

Handles a bind REQUEST from the LDAP client.

=head2 unbind()

Unbinds the connection to the server.

=head2 search( REQUEST )

Performs a search in the data store.

=head1 SEE ALSO

Please see those modules/websites for more information related to this module.

=over 4

=item *

L

=back

=head1 AUTHOR

Alexei Znamensky

=head1 COPYRIGHT AND LICENSE

This software is copyright (c) 2012 by Alexei Znamensky.

This is free software; you can redistribute it and/or modify it under
the same terms as the Perl 5 programming language system itself.

=head1 BUGS AND LIMITATIONS

You can make new bug reports, and view existing ones, through the
web interface at L.

=head1 DISCLAIMER OF WARRANTY

BECAUSE THIS SOFTWARE IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
FOR THE SOFTWARE, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT
WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER
PARTIES PROVIDE THE SOFTWARE "AS IS" WITHOUT WARRANTY OF ANY KIND,
EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE
SOFTWARE IS WITH YOU. SHOULD THE SOFTWARE PROVE DEFECTIVE, YOU ASSUME
THE COST OF ALL NECESSARY SERVICING, REPAIR, OR CORRECTION.

IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
REDISTRIBUTE THE SOFTWARE AS PERMITTED BY THE ABOVE LICENCE, BE LIABLE
TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL, OR
CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE
SOFTWARE (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING
RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A
FAILURE OF THE SOFTWARE TO OPERATE WITH ANY OTHER SOFTWARE), EVEN IF
SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH
DAMAGES.

=cut


__END__


Lista de adaptaciones (parte 2):
- Corrección del bug TAG 13 ASN

Net::LDAP::Server versión 0.43, solamente cambia el método "new"

# Net::LDAP::Server

sub new {
    my ($proto, $input, $output) = @_;
    my $class = ref($proto) || $proto;
    my $self = fields::new($class);

    #print STDERR Dumper($input);
    #print STDERR Dumper($output);

    binmode($output, ':raw');
    binmode($input, ':raw');
    $self->{in} = $input;
    $self->{out} = $output || $input;
    return $self;
}


Alternativamente, se puede crear un .bat con lo siguiente:

set PERLIO=raw
C:\strawberry\perl\site\bin\ldapd.bat

 

martes, 13 de agosto de 2013

SAP / ERP

Recursos para aprender SAP:

http://stackoverflow.com/questions/518226/how-should-i-start-learning-about-sap
https://open.sap.com/about/opensap
https://training.sap.com/v2/content/opensap
http://scn.sap.com/people/david.donnachie/blog/2013/08/13/do-it-yourself-learning
http://scn.sap.com/community/events/sapphire-now/blog/2012/11/19/a-view-on-learning-from-capgemini




Figura: Niveles en los que opera SAP. "A four level pyramid model of different types of Information Systems based on the different levels of hierarchy in an organization." Fuente: http://en.wikipedia.org/wiki/Information_systems

Info suplementaria: Software CRUD: http://en.wikipedia.org/wiki/CRUD

Matemática

1.


7.


8.




9.


10.


29.


30.


31.


32.


Un optimista ve una oportunidad en toda calamidad, un pesimista ve una calamidad en toda oportunidad.
        -- Winston Churchill. (1874-1965) Político inglés.



El pesimista sabe rebelarse contra el mal. Sólo el optimista sabe extrañarse del mal.
        -- Gilbert Chesterton. (1874-1936) Escritor británico.



Diferencial


y=x2, obtener: Ay, dy (x2: x elevado al cuadrado, Ay: delta y, dy: diferencial de y)
Ay = f(x+Ax) - f(x) =
= (x+Ax)2 - x2 =
= x2 + 2xAx + Ax2 - x2 =
= 2xAx + Ax2


dy = f'(x) dx =
= 2x Ax (*)


* Recordar:
x' = 1 (*2)
dx = x' Ax = Ax (*3)


*2 Recordar:
(1): lím Ax->0 Ax/Ax = x' (derivada de 1 variable con respecto a sí misma, toda variable está en función de sí misma x = f(x) / x = x)
(2): lím Ax->0 Ax/Ax = lím Ax->0 1 = 1
Por (1) y (2): x' = 1


*3 Recordar:
lím Ax->0 Ax/Ax = x'
Ax / Ax = x' + alfa / Ax -> 0 => alfa -> 0
Ax = x' Ax + alfa Ax
dx = x' Ax = Ax (diferencial de la variable independiente con respecto a sí misma, obviamente por ser independiente)



Integral

lím i → ∞ ∑ f(xi) ∆xi = ∆x lím i → ∞ ∑ f(xi) = ∫def.[a..b] f(x) ∆x, ∆x0 = ∆x1 = ... = ∆xi  = ∆x, i → ∞ <=> ∆x → 0



∫def.[a..b] f(x) ∆x = primitiva de f(b) - primitiva de f(a) = primitiva de f(b).g(z) - primitiva de f(a)


si primitiva de f(a) = 0:
∫def.[a..x] f(x) ∆x = primitiva de f(x) = primitiva de f(x). g(z) = ∫def.[a..x] f(x) ∆x.g(z) = ∫def.[a..x] f(x) dx


si no:
∫def.[a..x] f(x) ∆x = ∫def.[a..x] f(x) g(z1)-g(z0), g(z1)-g(z0)=∆x




si F(x) = x => dx = ∆x
si y=F(x) ^ x=G(z) => dx = f(x) . g(z) . ∆z
si no => dx = f(x) ∆x


primitiva de f(x) = primitiva de f(x).g(z)


Matemática, teoría de juegos, software libre


Positivism and Software Engineering

When Aristoteles stated his geocentric theory, the sustained theories were hard to explain without complex formulas describing weird trajectories about the other corps over the system.
About the same idea, Greek mechanics was largely accepted for describing accurately enough trajectories of objects near the grounth and above the heights. But it still miss something...

In my humilde opinion, the success key which lead Galileo and Newton theories superseed their ancestors was that these are based on postulates of equality among all the interveinig elements of analysis. In other words, each element being under analysis posseses undistinguishable properties over the others, and any of them hasn't special atributes and/or governementship over the others: The apple goes towards the Earth, and the Earth does the same towards the apple all simultaneously; A hunt walks it's way over the Earth's surface, and the Earth moves arround its centre as a reaction to the strength excerced by the hunt steps.

"Logic carries you from A to B, imagination everywhere", and "There's 1 thing more valuable than knowledge: imagination", are quotes from Einstein, this makes me question if the status we attribute to intelligence should be reevaluated.

I'm still wondering, what would Arquimedes have mean to say when he said "Give me a standpoint and I'll move the world".

Your post raised my interest up!



lunes, 12 de agosto de 2013

Seguridad informática en Java

Recorrido por temas en materia de seguridad informática en Java:

http://www.oracle.com/technetwork/java/javase/tech/index-jsp-136007.html
http://en.wikipedia.org/wiki/Java_security
http://en.wikipedia.org/wiki/Mockito
http://code.google.com/p/mockito/
http://docs.oracle.com/javase/1.5.0/docs/api/java/security/package-summary.html#package_description
http://docs.oracle.com/javase/1.5.0/docs/api/java/lang/reflect/Proxy.html
http://docs.oracle.com/javaee/6/tutorial/doc/bnbwj.html


http://docs.oracle.com/javase/6/docs/technotes/guides/security/overview/jsoverview.html
http://static.springsource.org/spring-security/site/features.html
http://en.wikipedia.org/wiki/Spring_Security
http://blog.javabenchmark.org/2013/05/java-instrumentation-tutorial.html

La forma "de libro" para manipular una clase (con javassist) empieza así:

ClassPool cp = ClassPool.getDefault();
CtClass cc = cp.get("org.javabenchmark.instrumentation.Sleeping");

Una alternativa, si el ClassPool no tiene acceso a la clase org.javabenchmark.instrumentation.Sleeping (por ejemplo, se cargó con un ClassLoader diferente):

ClassPool cp = ClassPool.getDefault();
cp.makeClass(new ByteArrayInputStream(classfileBuffer));
CtClass cc = cp.get(className.replaceAll("/", "."));

Java 5 API doc:
 Parameters
[...]
className - the name of the class in the internal form of fully qualified class and interface names as defined in The Java Virtual Machine Specification. For example, "java/util/List".
[...]
classfileBuffer - the input byte buffer in class file format - must not be modified