User comments | InterSystems Developer Community

Dmitry Maslennikov · Jan 23, 2019 go to post

SSO, can be achieved in some different ways. It can work over OAuth2, NTLM, Kerberos, SAML and so on. In different projects, I have used Kerberos/NTLM and OAuth2. But real SSO was only with Kerberos. And when you already have LDAP Auth in your application, it will be quite easy to add SSO. But also depends on which OS and which WEB server you have. On Windows much easier to start with IIS while so difficult to find a working module for Apache. On Linux there is also could be a problem to find the latest version of the module which will work with the latest version of apache. But when you will manage to get it worked on web-server side, on Caché side, almost nothing to do left. When you get first unauthorized request, you should return back with status 401, and say which method of authentication you need through header WWW-Authenticate: NTLM. Then if web server managed to get username, it will send it by header REMOTE_USER. Of course, you will not get password, you just use this username and authorize session.

Dmitry Maslennikov · Jan 23, 2019 go to post

If your server on windows, you have two connection options.

Terminal. Available only locally, and can use windows security. Enabled by default.
Telnet. Used to connect from outside. Disabled by default (you can activate this service in SMP.). After enabling, you can connect using terminal or any other tool by default port 22.

If your server on Linux. You have only one option is csession or irissession tool which works only locally to the server. For remote access you should use ssh or telnet. But you can't configure telnet from Cache. You should do it by yourself.

Dmitry Maslennikov · Jan 22, 2019 go to post

How Caché works with licenses, actually very interesting and sometimes quite difficult to understand, but it is possible to find a balance for everybody. Fortunately, at the same time, it has actually some tricks on how to turn it on your side.

The first important thing is every time when user login, you should log in the user not only in security but license as well. In this case, if the user uses the same IP address will be used the license unit.

In your case, I'm not even sure about forcing log out, do you really need it? You mentioned that your application still web, and does not matter is at wrapped as an application or opened right from the browser. You should have the same behaviour. So, you can reduce timeout for the session, add some timer which will ping the server from time to time when app is active to extend session time. Sessions on the server side also have a grace period after a timeout which is 5 minutes long, in most cases enough to return back from the call.

Dmitry Maslennikov · Jan 22, 2019 go to post

Glad to see thew newest version, great work.
Hope to see some details about community and expression editions. Unfortunately, both of these versions did not work well for me as I expected, so, I would like to see how they differ from the original version and about limitations.

Dmitry Maslennikov · Jan 21, 2019 go to post

Hi, unfortunately, there are no ready solutions and mostly because NTLM auth is not so easy to implement, even in other languages. If it is possible, better to find another mechanism.

Dmitry Maslennikov · Jan 21, 2019 go to post

Well,

this add-in url is

/isc/studio/templates/%25ZEN.Template.AddInWizard.SOAPWizard.cls?Namespace=USER

But when you redirect with Redirect directive, your query part dissapear. And it opens with default namespace %SYS.

To solve it you should use mod_rewrite instead with RewriteCond and RewriteRule directives. I don't give you any examples, just don't have a good place to check it. But I think I can find it.

Dmitry Maslennikov · Jan 20, 2019 go to post

Usually, the problem which you can face with SSL, is, how to trust self-signed certificate. In your case looks like, you have one server for development, and everybody connects to this one server. And in this case, there are two ways to make this SSL trusted,

if you have a domain name which publicly available, from the internet. Internal servers should not be available from outside, just only one server, where you can generate certificate with Let'sEncrypt. And you can make wildcard certificate as well.
you don't have such domain name, and don't have access from outside. So, you should have own certificate server, and make by yourself. I think this way is a bit harder.

For local instances, when you need SSL only on your machine for yourself, you can use the mkcert tool and any subdomain from localtest.me (which goes to localhost) for example.

Dmitry Maslennikov · Jan 17, 2019 go to post

I have not planned any special, just wanted to see how it will be on place.

Dmitry Maslennikov · Jan 16, 2019 go to post

I'm going to be there, too, and I have something to show for you. I can demonstrate VSCode extension for InterSystems ObjectScript. And I can show how to build and deploy with Kubernetes.

Dmitry Maslennikov · Jan 16, 2019 go to post

I'm going to be in Antwerp next month. If you want to see a live demonstration, I can do it for you. I already have some more features, to show.

Dmitry Maslennikov · Jan 16, 2019 go to post

Done

Dmitry Maslennikov · Jan 15, 2019 go to post

CSP not supported, yet. Fill issue. And I will add support later

Dmitry Maslennikov · Jan 11, 2019 go to post

How big is your object? By default on your version you have 256Mb if lical memore, and this error happens when you exceeded this limit.

You can try to convert object directly to FileStream without using TmpStream

I would also recommend to post your question as separate post, not as comment.

Dmitry Maslennikov · Jan 7, 2019 go to post

CACHE.DAT or even IRIS.DAT does not have any relation with operation system. So, you can easily move database files between instances on different OS and versions. But you should remember about data itself, like differences between 8-bit and Unicode. And code, which should be compiled for particular version but also not depends on OS.

You can find some details about database format from my articles.

Dmitry Maslennikov · Dec 28, 2018 go to post

Some users configured with link to their GitHub account, and they shown in green, so can click, other users does not have links. If you would register there and have joined our leaderboard, you would be able to check it by yourself.

Dmitry Maslennikov · Dec 25, 2018 go to post

my code of day 18

Dmitry Maslennikov · Dec 20, 2018 go to post

Sounds wonderful.

But, I hope you don't do it from scratch and reuse some already developed components. Developing editor, from scratch is too difficult, and TDD is the last thing to do on the list. And when you say IDE, it means much more than just Editor. And is VSCode is not IDE but has a lot of possibilities already. You can look at Monaco editor, which can work in a browser, but it is also an engine for VSCode. So, it would be possible to reuse some functionality from VSCode extension.

Dmitry Maslennikov · Dec 20, 2018 go to post

Every debugging tied very much with an editor of code. So, the first question should be, which editor should be used. The studio already has some debugging options, Atelier, too. I'm working hard now on VisualStudio code, and they also have good ways for debugging and hope I will manage to add good debugger for VSCode as well, but not only me who can do it. George James already has their debugger and introduced their work on the same debugger in VSCode.

Dmitry Maslennikov · Dec 16, 2018 go to post

well, error 126 is the dependency error. for such errors, I used Dependency Walker, very useful tool, for such cases.

As you said you managed to connect to this dll with less code, so, in added lines you use some external library, which can't be loaded. Just place missed dll's close to your, and it should work.

Dmitry Maslennikov · Dec 16, 2018 go to post

when you get the error <DYNAMIC LIBRARY LOAD>, you should look at cconsole.log (or messages.log for IRIS), where you may find code of error.

It is possible that you build it for 32bit, but uses in 64bit instance. In this case, you will get the error with code 139. if you got other code, you can google it.

Dmitry Maslennikov · Dec 11, 2018 go to post

You can also look at my project (https://github.com/daimor/CacheBlocksExplorer), I use WebSockets in the real project.

Dmitry Maslennikov · Dec 10, 2018 go to post

My repo the same for previous years. https://github.com/daimor/AdventOfCode

Dmitry Maslennikov · Dec 8, 2018 go to post

Go to private leaderboard, and use this code 130669-ab1f69bf to join.

Dmitry Maslennikov · Nov 27, 2018 go to post

I'm sure it is quite difficult to write such a universal solution, every time it depends on your code. Years ago I wrote such a tool for an application which textual interface, and I had to convert parse code for pseudographics there and convert it too. So, I would say you need such specific too, just for your case.

Dmitry Maslennikov · Nov 26, 2018 go to post

STORE error means, your reached limit of memory per process. Since 2012.2 we have 256Mb per process by default and you can increase it up to 2Tb. You can increase it, but I would recommend playing with different ways how to collect SQL Data, or on optimization in this SQL query. Or you can split such many rows by portions with less number of rows.

Dmitry Maslennikov · Nov 24, 2018 go to post

Said the one who has the highest number of points. I think it should not be too much expensive, and it will be a good goal for some participants.

Dmitry Maslennikov · Nov 23, 2018 go to post

Or something based on x86. While InterSystems does not work on ARM.

Dmitry Maslennikov · Nov 21, 2018 go to post

Interesting looks like such error expectable for RedHat. But don't have any RedHat subscription, and I managed to build an image with RedHat, but with centos repo. And in my case, it works without any errors. Maybe you can contact me directly and send your image, so I can check on it?

My differences from your Dockerfile

RUN /bin/echo -e '[centos]' \
    '\nname=CentOS $releasever - $basearch' \
    '\nbaseurl=http://ftp.heanet.ie/pub/centos/7/os/$basearch/' \
    '\nenabled=1' \
    '\ngpgcheck=0' > /etc/yum.repos.d/centos.repo \
 && cat /etc/yum.repos.d/centos.repo \
 && yum -y --nogpgcheck update \
 && yum -y --nogpgcheck install which tar hostname net-tools wget \
 && yum -y clean all \
 && ln -sf /etc/locatime /usr/share/zoneinfo/Australia/Brisbane

and I used the latest version of ccontainermain from releases, maybe with this version will be better for you as well.

curl -L https://github.com/daimor/ccontainermain/releases/download/0.7/ccontainermain -o /ccontainermain

Dmitry Maslennikov · Nov 20, 2018 go to post

look at $zf function in the documentation, it gives a possibility to execute a command in OS.

so, the same Legacy task and your code should be

set res=$zf(-2, "c:\path\to\your\shutdown_ensemble.bat")

Dmitry Maslennikov · Nov 20, 2018 go to post

batch file means, that you want to do it outside of Ensemble. In this case you should use ccontrol command or iris if you use IRIS.

ccontrol stop <ensemble> quietly

ccontrol start <ensemble>

where you should replace <ensemble> with your instance name.

if you work on windows, you can find ccontrol tool in bin directory of installed Ensemble.

you can find more details about using ccontrol in the documentation

User statistics