This is a translation of the following article. Thanks @Evgeny Shvarov for the help in translation.
Let's assume that you wrote a program that shows "Hello World!", for example:
write "Hello, World!"
The program works and everyone is happy.
With time, however, your program becomes more complex, gets more features and you eventually need to show the same string in different languages. Moreover you don't know the number and names of these languages.
The spoiler below contains a description of how the task of multi-language localization is solved in Caché.
Most of you should be aware that the Wanna Cry virus is massively infecting un-patched windows machines all around the world. It's particularly affecting the NHS, one of my main clients.
Wanna Cry is one of a line of Viruses that exploit SMBv1 over ports 135 and 445.
A kill switch has been enabled, but this won't protect machines sitting behind http proxies, and there are already reports of new versions without a kill switch.
All windows machines should be isolated and updated a.s.a.p.
In our last lesson, we added some formatting and validation to our Edit Widget form. So, now we are ready to add the ability to add new Widgets to our application. However, the great Widget Wars have come to an abrupt end, as Widget Direct has purchased its biggest competitor, WorldWideWidgets. In order to maintain some continuity, we need to display their catalog on our new application.
It's almost a year since I have published a series of articles explaining how to configure Cache instance as a client / resource server / authorization server. By that time, the implementation of OAuth 2.0 was still a pre-release software.
In our last lesson, we added a form to Edit our existing Widgets, and save them back to the server. However, our Form was not well structured and our Save button had no intelligence, and was not fully visible. So today, we will apply some Material components and Angular style to make the form more useful
Created by Daniel Kutac, Sales Engineer, InterSystems
Part 3. Appendix
InterSystems IRIS OAUTH classes explained
In the previous part of our series we have learned about configuring InterSystems IRIS to act as an OAUTH client as well as authorization and authentication server (by means of OpenID Connect). In this final part of our series we are going to describe classes implementing InterSystems IRIS OAuth 2.0 framework. We will also discuss use cases for selected methods of API classes.
The API classes implementing OAuth 2.0 can be separated into three different groups according to their purpose. All classes are implemented in %SYS namespace. Some of them are public (via % package), some not and should not be called by developers directly.
Say you have a global in one database that you instead want to map from a different database. If you just create a global mapping to the new database, the existing global will become inaccessible because it still lives on the old database. The documentation notes this problem here but doesn't give details on how to fix it.
Prompted by this post about accessing a global at its original location after you have changed a mapping, here's a tip about one specific dropdown in Portal that's sometimes useful.
We finished our last lesson with our Widgets Direct page iterating over a list of widgets, displaying an ID and a Name value. While we have been able to achieve this with only a small amount of coding, the page itself is not the most visually appealing place to be. The AngularJS framework is providing a powerful Model-View-Controller framework for our structure and logic, but it does not implement anything that will provide a nice UI experience.
If your application is raising <PROTECT> errors and you're finding it hard to work out why, here's a way to get additional information.
First, if auditing is not already enabled, turn it on:
Then use "Configure System Events" (highlighted above) and locate the event named %System/%Security/Protect. In the screenshot below I used the Filter field to do this (type "protect" - highlighted below - and press TAB):
At the end of our last lesson, we ended with our page displaying a nice (but garish) Angular Material Toolbar, and our Widget data displaying in a list of Material cards. Our page feels a bit static, and we already know that the large number of Widgets that we will be dealing with will not be especially usable on a static list. What can we do to help?
If you are developing applications that use CSP or Zen, or potentially any of the other InterSystems web-related stuff that's built on top of CSP, then it's important to know how to keep one particular secret.
A central part of the CSP security architecture is a server-side session key. "Server-side" because its value should never be revealed to the client that is issuing the web requests. If it is revealed, a malicious client might be able to use it to bypass your security and make your server do things you don't want it to.
Code coverage and performance optimization of code has come up a bunch of times already, so most of you should already be aware of the SYS.MONLBL utility.
We finished our last lesson with our Widgets Direct page receiving a Welcome message as a property of a JSON object, which was unpacked and displayed on the page. However, we are on Lesson 3, and we still haven't had any talk of displaying widgets yet.
On the back of my recent post on writing bug-less code I wanted to raise a few suggestions (to ISC) that would help prevent certain types of bugs at compile time. I've probably missed a few, but these are the main ones in my mind. Please contribute more suggestions.
Btw, these also serve as potential gotchas for new COS developers.
In this recent post I highlighted the importance of a CSP session's Key property in enforcing the level of security your web application may be relying on, and in particular the need to keep the property value secret.
It's almost time to get your customers upgraded to new versions - are you worried about showing off your SQL Performance after upgrades? If you want to upgrade without worrying, then I have just the program for you!!! Check out this video from Global Summit 2016 featuring yours truly explaining how to upgrade a system without worrying about pesky SQL queries showing on your waistline!
Sometimes I observe people scrolling manually down to the bottom of the Console Log document when they want to see the most recent messages. So I want to draw attention to the handy link that does the job for you in a single click:
If you deal with multiple instances of Caché / Ensemble / HealthShare and sometimes have to work at the Terminal command prompt, did you know that you can easily add extra information to that prompt which may help prevent you running a command on the wrong instance?
During startup a Caché/Ensemble/HealthShare instance must consult a parameter file to get some information it needs at the early stages of startup. By default it uses the file called cache.cpf, but by adding an extra argument to the ccontrol start command you can make it use an alternative file.
In this post, I am going to detail how to set up a mirror using SSL, including generating the certificates and keys via the Public Key Infrastructure built in to Caché. The goal of this is to take you from new installations to a working mirror with SSL, including a primary, backup, and DR async member, along with a mirrored database. I will not go into security recommendations or restricting access to the files. This is meant to just simply get a mirror up and running.
In the previous article, I had just started working with Arduino, and got a meteorological station to show as a result. In this article, let's go further: we will set up authentication via RFID cards and Arduino against the InterSystems Caché application.
This sample can be used to create Identicons for users of app for example, it can be useful to use in Zen Mojo applications, generating an identifier image based on name of the user by example, but it can be used in others kind of applications too(Zen, CSP etc)
Inspired by the article "Declarative development in Caché" that's still trending on the dev com. The OP explored a functional style of iterating over a collection. A comment today suggested "Caché would need syntax support for anonymous functions".
With Macros you can kind of get anonymous like syntax using dot notation.
This is not production code, but it does work. First the macros...