https://wiki.code4lib.org/index.php?title=Abstraction&feed=atom&action=history
Abstraction - Revision history
2024-03-28T14:58:53Z
Revision history for this page on the wiki
MediaWiki 1.26.2
https://wiki.code4lib.org/index.php?title=Abstraction&diff=3092&oldid=prev
Wickr: Reverted edits by 119.167.225.136 (Talk); changed back to last version by Wickr
2009-07-27T04:34:49Z
<p>Reverted edits by <a href="/Special:Contributions/119.167.225.136" title="Special:Contributions/119.167.225.136">119.167.225.136</a> (<a href="/index.php?title=User_talk:119.167.225.136&action=edit&redlink=1" class="new" title="User talk:119.167.225.136 (page does not exist)">Talk</a>); changed back to last version by <a href="/User:Wickr" title="User:Wickr">Wickr</a></p>
<table class='diff diff-contentalign-left'>
<col class='diff-marker' />
<col class='diff-content' />
<col class='diff-marker' />
<col class='diff-content' />
<tr style='vertical-align: top;' lang='en'>
<td colspan='2' style="background-color: white; color:black; text-align: center;">← Older revision</td>
<td colspan='2' style="background-color: white; color:black; text-align: center;">Revision as of 04:34, 27 July 2009</td>
</tr><tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l1" >Line 1:</td>
<td colspan="2" class="diff-lineno">Line 1:</td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>[[Category:Patterns]]</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>[[Category:Patterns]]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><del class="diffchange diffchange-inline">d.y.i. whirlpool repair http</del>:<del class="diffchange diffchange-inline">//peggyfrye482.freehostia.com/www.magellan.com-repair.html www.magellan.com repairgoldfield corp http</del>:<del class="diffchange diffchange-inline">//peggyfrye482.freehostia</del>.<del class="diffchange diffchange-inline">com</del>/<del class="diffchange diffchange-inline">whirlpool-u</del>.<del class="diffchange diffchange-inline">k.html whirlpool u.kwww.whirlpool.com.au http://peggyfrye482.freehostia.com/amvest</del>-<del class="diffchange diffchange-inline">corp</del>.<del class="diffchange diffchange-inline">-rodeo-palns</del>.<del class="diffchange diffchange-inline">html amvest corp</del>. <del class="diffchange diffchange-inline">rodeo palnsa</del>.<del class="diffchange diffchange-inline">abunayyan trading corp http://peggyfrye482</del>.<del class="diffchange diffchange-inline">freehostia.com/antique-seaman-corp.vibratory-roller.html antique seaman corp.vibratory roller6.5 diesel repair manuals http://peggyfrye482.freehostia.com/auto-repair-vallejo-ca.html auto repair vallejo camagna corp</del>. of <del class="diffchange diffchange-inline">shopsmith http://peggyfrye482.freehostia.com/whirlpool-repair-st.-paul.html whirlpool repair st. paulw.w.w.whirlpool .com http://peggyfrye482.freehostia.com/10.5-cu-ft-whirlpool.html 10.5 cu ft whirlpoolshdoclc.dll dnserror repair http://peggyfrye482.freehostia.com</del>/a.<del class="diffchange diffchange-inline">abunayyan-trading-corp.html </del>a.<del class="diffchange diffchange-inline">abunayyan trading corpsubaru repair ft. collins http://peggyfrye482.freehostia.com/montcalm-publishing-corp.html montcalm publishing corpecono lodge corp. office http://peggyfrye482.freehostia.com/d.y.i.-whirlpool-tub-repair.html d.y.i</del>. <del class="diffchange diffchange-inline">whirlpool tub repair</del></div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins class="diffchange diffchange-inline">=General rule</ins>: <ins class="diffchange diffchange-inline">Abstract things out as much as makes sense=</ins></div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div> </div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins class="diffchange diffchange-inline">==Specific rule</ins>: <ins class="diffchange diffchange-inline">Abstract the living crap out of your authentication scheme</ins>.<ins class="diffchange diffchange-inline">==</ins></div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div> </div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins class="diffchange diffchange-inline">Look, pretty much everyone with anything worth protecting already has an auth</ins>/<ins class="diffchange diffchange-inline">authZ infrastructure in place</ins>. <ins class="diffchange diffchange-inline">Sometimes an extensive, perhaps multi</ins>-<ins class="diffchange diffchange-inline">institutional infrastructure</ins>. <ins class="diffchange diffchange-inline">One that isn’t going to be bypassed without, say, getting fired</ins>.</div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div> </div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins class="diffchange diffchange-inline">So if you’re going to require people to log in, make sure you make that process as abstract as you possibly can, both in algorithm and in code</ins>. <ins class="diffchange diffchange-inline">Have a singleton class that’s easily subclassed to represent your user, and call it exclusively</ins>. <ins class="diffchange diffchange-inline">Make sure that your URIs are easily separated into those that require auth and those that don’t, for simple use of mod_rewrite or whatnot to redirect to authentication</ins>. <ins class="diffchange diffchange-inline">Make sure it’s easy to hook into (or work around) AJAX links that might require authentication that has expired</ins>.</div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div> </div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins class="diffchange diffchange-inline">And for the love </ins>of <ins class="diffchange diffchange-inline">god, don’t stuff username</ins>/<ins class="diffchange diffchange-inline">password information into </ins>a <ins class="diffchange diffchange-inline">cookie if you’re doing web work</ins>. <ins class="diffchange diffchange-inline">Use </ins>a <ins class="diffchange diffchange-inline">session and session key</ins>. <ins class="diffchange diffchange-inline">Any auth scheme that I can spoof is no auth scheme at all, because I’m an idiot and not even trying hard</ins>.</div></td></tr>
</table>
Wickr
https://wiki.code4lib.org/index.php?title=Abstraction&diff=3089&oldid=prev
119.167.225.136: /* General rule: Abstract things out as much as makes sense */
2009-07-27T00:42:53Z
<p><span dir="auto"><span class="autocomment">General rule: Abstract things out as much as makes sense</span></span></p>
<table class='diff diff-contentalign-left'>
<col class='diff-marker' />
<col class='diff-content' />
<col class='diff-marker' />
<col class='diff-content' />
<tr style='vertical-align: top;' lang='en'>
<td colspan='2' style="background-color: white; color:black; text-align: center;">← Older revision</td>
<td colspan='2' style="background-color: white; color:black; text-align: center;">Revision as of 00:42, 27 July 2009</td>
</tr><tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l1" >Line 1:</td>
<td colspan="2" class="diff-lineno">Line 1:</td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>[[Category:Patterns]]</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>[[Category:Patterns]]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><del class="diffchange diffchange-inline">=General rule</del>: <del class="diffchange diffchange-inline">Abstract things out as much as makes sense=</del></div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins class="diffchange diffchange-inline">d.y.i. whirlpool repair http</ins>:<ins class="diffchange diffchange-inline">//peggyfrye482.freehostia.com/www.magellan.com-repair.html www.magellan.com repairgoldfield corp http</ins>:<ins class="diffchange diffchange-inline">//peggyfrye482.freehostia</ins>.<ins class="diffchange diffchange-inline">com</ins>/<ins class="diffchange diffchange-inline">whirlpool-u</ins>.<ins class="diffchange diffchange-inline">k.html whirlpool u.kwww.whirlpool.com.au http://peggyfrye482.freehostia.com/amvest</ins>-<ins class="diffchange diffchange-inline">corp</ins>.<ins class="diffchange diffchange-inline">-rodeo-palns</ins>.<ins class="diffchange diffchange-inline">html amvest corp</ins>. <ins class="diffchange diffchange-inline">rodeo palnsa</ins>.<ins class="diffchange diffchange-inline">abunayyan trading corp http://peggyfrye482</ins>.<ins class="diffchange diffchange-inline">freehostia.com/antique-seaman-corp.vibratory-roller.html antique seaman corp.vibratory roller6.5 diesel repair manuals http://peggyfrye482.freehostia.com/auto-repair-vallejo-ca.html auto repair vallejo camagna corp</ins>. of <ins class="diffchange diffchange-inline">shopsmith http://peggyfrye482.freehostia.com/whirlpool-repair-st.-paul.html whirlpool repair st. paulw.w.w.whirlpool .com http://peggyfrye482.freehostia.com/10.5-cu-ft-whirlpool.html 10.5 cu ft whirlpoolshdoclc.dll dnserror repair http://peggyfrye482.freehostia.com</ins>/a.<ins class="diffchange diffchange-inline">abunayyan-trading-corp.html </ins>a.<ins class="diffchange diffchange-inline">abunayyan trading corpsubaru repair ft. collins http://peggyfrye482.freehostia.com/montcalm-publishing-corp.html montcalm publishing corpecono lodge corp. office http://peggyfrye482.freehostia.com/d.y.i.-whirlpool-tub-repair.html d.y.i</ins>. <ins class="diffchange diffchange-inline">whirlpool tub repair</ins></div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div> </div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div></div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><del class="diffchange diffchange-inline">==Specific rule</del>: <del class="diffchange diffchange-inline">Abstract the living crap out of your authentication scheme</del>.<del class="diffchange diffchange-inline">==</del></div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div></div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div> </div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div></div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><del class="diffchange diffchange-inline">Look, pretty much everyone with anything worth protecting already has an auth</del>/<del class="diffchange diffchange-inline">authZ infrastructure in place</del>. <del class="diffchange diffchange-inline">Sometimes an extensive, perhaps multi</del>-<del class="diffchange diffchange-inline">institutional infrastructure</del>. <del class="diffchange diffchange-inline">One that isn’t going to be bypassed without, say, getting fired</del>.</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div></div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div> </div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div></div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><del class="diffchange diffchange-inline">So if you’re going to require people to log in, make sure you make that process as abstract as you possibly can, both in algorithm and in code</del>. <del class="diffchange diffchange-inline">Have a singleton class that’s easily subclassed to represent your user, and call it exclusively</del>. <del class="diffchange diffchange-inline">Make sure that your URIs are easily separated into those that require auth and those that don’t, for simple use of mod_rewrite or whatnot to redirect to authentication</del>. <del class="diffchange diffchange-inline">Make sure it’s easy to hook into (or work around) AJAX links that might require authentication that has expired</del>.</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div></div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div> </div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div></div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><del class="diffchange diffchange-inline">And for the love </del>of <del class="diffchange diffchange-inline">god, don’t stuff username</del>/<del class="diffchange diffchange-inline">password information into </del>a <del class="diffchange diffchange-inline">cookie if you’re doing web work</del>. <del class="diffchange diffchange-inline">Use </del>a <del class="diffchange diffchange-inline">session and session key</del>. <del class="diffchange diffchange-inline">Any auth scheme that I can spoof is no auth scheme at all, because I’m an idiot and not even trying hard</del>.</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div></div></td></tr>
</table>
119.167.225.136
https://wiki.code4lib.org/index.php?title=Abstraction&diff=2863&oldid=prev
Wickr: Reverted edits by 62.175.249.249 (Talk); changed back to last version by Jrochkind
2009-06-13T21:54:20Z
<p>Reverted edits by <a href="/Special:Contributions/62.175.249.249" title="Special:Contributions/62.175.249.249">62.175.249.249</a> (<a href="/index.php?title=User_talk:62.175.249.249&action=edit&redlink=1" class="new" title="User talk:62.175.249.249 (page does not exist)">Talk</a>); changed back to last version by <a href="/index.php?title=User:Jrochkind&action=edit&redlink=1" class="new" title="User:Jrochkind (page does not exist)">Jrochkind</a></p>
<table class='diff diff-contentalign-left'>
<col class='diff-marker' />
<col class='diff-content' />
<col class='diff-marker' />
<col class='diff-content' />
<tr style='vertical-align: top;' lang='en'>
<td colspan='2' style="background-color: white; color:black; text-align: center;">← Older revision</td>
<td colspan='2' style="background-color: white; color:black; text-align: center;">Revision as of 21:54, 13 June 2009</td>
</tr><tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l1" >Line 1:</td>
<td colspan="2" class="diff-lineno">Line 1:</td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>[[Category:Patterns]]</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>[[Category:Patterns]]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><del class="diffchange diffchange-inline">MrlhKH  <a href</del>=<del class="diffchange diffchange-inline">"http</del>:<del class="diffchange diffchange-inline">//ducolsjalscd</del>.<del class="diffchange diffchange-inline">com/">ducolsjalscd<</del>/a<del class="diffchange diffchange-inline">></del>, <del class="diffchange diffchange-inline">[url=http://rojbzsvgcyea</del>.<del class="diffchange diffchange-inline">com/]rojbzsvgcyea[/url]</del>, <del class="diffchange diffchange-inline">[link=http://grglypwccdpm</del>.<del class="diffchange diffchange-inline">com/]grglypwccdpm[/link]</del>, <del class="diffchange diffchange-inline">http:</del>/<del class="diffchange diffchange-inline">/jljxmhddoyus</del>.<del class="diffchange diffchange-inline">com/</del></div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>=<ins class="diffchange diffchange-inline">General rule</ins>: <ins class="diffchange diffchange-inline">Abstract things out as much as makes sense=</ins></div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div> </div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins class="diffchange diffchange-inline">==Specific rule: Abstract the living crap out of your authentication scheme</ins>.<ins class="diffchange diffchange-inline">==</ins></div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div> </div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins class="diffchange diffchange-inline">Look, pretty much everyone with anything worth protecting already has an auth</ins>/<ins class="diffchange diffchange-inline">authZ infrastructure in place. Sometimes an extensive, perhaps multi-institutional infrastructure. One that isn’t going to be bypassed without, say, getting fired.</ins></div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div> </div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins class="diffchange diffchange-inline">So if you’re going to require people to log in, make sure you make that process as abstract as you possibly can, both in algorithm and in code. Have </ins>a <ins class="diffchange diffchange-inline">singleton class that’s easily subclassed to represent your user</ins>, <ins class="diffchange diffchange-inline">and call it exclusively</ins>. <ins class="diffchange diffchange-inline">Make sure that your URIs are easily separated into those that require auth and those that don’t</ins>, <ins class="diffchange diffchange-inline">for simple use of mod_rewrite or whatnot to redirect to authentication</ins>. <ins class="diffchange diffchange-inline">Make sure it’s easy to hook into (or work around) AJAX links that might require authentication that has expired.</ins></div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div> </div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins class="diffchange diffchange-inline">And for the love of god</ins>, <ins class="diffchange diffchange-inline">don’t stuff username</ins>/<ins class="diffchange diffchange-inline">password information into a cookie if you’re doing web work. Use a session and session key. Any auth scheme that I can spoof is no auth scheme at all, because I’m an idiot and not even trying hard</ins>.</div></td></tr>
</table>
Wickr
https://wiki.code4lib.org/index.php?title=Abstraction&diff=2860&oldid=prev
62.175.249.249: /* General rule: Abstract things out as much as makes sense */
2009-06-13T01:53:08Z
<p><span dir="auto"><span class="autocomment">General rule: Abstract things out as much as makes sense</span></span></p>
<table class='diff diff-contentalign-left'>
<col class='diff-marker' />
<col class='diff-content' />
<col class='diff-marker' />
<col class='diff-content' />
<tr style='vertical-align: top;' lang='en'>
<td colspan='2' style="background-color: white; color:black; text-align: center;">← Older revision</td>
<td colspan='2' style="background-color: white; color:black; text-align: center;">Revision as of 01:53, 13 June 2009</td>
</tr><tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l1" >Line 1:</td>
<td colspan="2" class="diff-lineno">Line 1:</td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>[[Category:Patterns]]</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>[[Category:Patterns]]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>=<del class="diffchange diffchange-inline">General rule</del>: <del class="diffchange diffchange-inline">Abstract things out as much as makes sense=</del></div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins class="diffchange diffchange-inline">MrlhKH  <a href</ins>=<ins class="diffchange diffchange-inline">"http</ins>:<ins class="diffchange diffchange-inline">//ducolsjalscd</ins>.<ins class="diffchange diffchange-inline">com/">ducolsjalscd<</ins>/a<ins class="diffchange diffchange-inline">></ins>, <ins class="diffchange diffchange-inline">[url=http://rojbzsvgcyea</ins>.<ins class="diffchange diffchange-inline">com/]rojbzsvgcyea[/url]</ins>, <ins class="diffchange diffchange-inline">[link=http://grglypwccdpm</ins>.<ins class="diffchange diffchange-inline">com/]grglypwccdpm[/link]</ins>, <ins class="diffchange diffchange-inline">http:</ins>/<ins class="diffchange diffchange-inline">/jljxmhddoyus</ins>.<ins class="diffchange diffchange-inline">com/</ins></div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div> </div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div></div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><del class="diffchange diffchange-inline">==Specific rule: Abstract the living crap out of your authentication scheme</del>.<del class="diffchange diffchange-inline">==</del></div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div></div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div> </div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div></div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><del class="diffchange diffchange-inline">Look, pretty much everyone with anything worth protecting already has an auth</del>/<del class="diffchange diffchange-inline">authZ infrastructure in place. Sometimes an extensive, perhaps multi-institutional infrastructure. One that isn’t going to be bypassed without, say, getting fired.</del></div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div></div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div> </div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div></div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><del class="diffchange diffchange-inline">So if you’re going to require people to log in, make sure you make that process as abstract as you possibly can, both in algorithm and in code. Have </del>a <del class="diffchange diffchange-inline">singleton class that’s easily subclassed to represent your user</del>, <del class="diffchange diffchange-inline">and call it exclusively</del>. <del class="diffchange diffchange-inline">Make sure that your URIs are easily separated into those that require auth and those that don’t</del>, <del class="diffchange diffchange-inline">for simple use of mod_rewrite or whatnot to redirect to authentication</del>. <del class="diffchange diffchange-inline">Make sure it’s easy to hook into (or work around) AJAX links that might require authentication that has expired.</del></div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div></div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div> </div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div></div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><del class="diffchange diffchange-inline">And for the love of god</del>, <del class="diffchange diffchange-inline">don’t stuff username</del>/<del class="diffchange diffchange-inline">password information into a cookie if you’re doing web work. Use a session and session key. Any auth scheme that I can spoof is no auth scheme at all, because I’m an idiot and not even trying hard</del>.</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div></div></td></tr>
</table>
62.175.249.249
https://wiki.code4lib.org/index.php?title=Abstraction&diff=2056&oldid=prev
Jrochkind at 17:39, 2 February 2009
2009-02-02T17:39:45Z
<p></p>
<table class='diff diff-contentalign-left'>
<col class='diff-marker' />
<col class='diff-content' />
<col class='diff-marker' />
<col class='diff-content' />
<tr style='vertical-align: top;' lang='en'>
<td colspan='2' style="background-color: white; color:black; text-align: center;">← Older revision</td>
<td colspan='2' style="background-color: white; color:black; text-align: center;">Revision as of 17:39, 2 February 2009</td>
</tr><tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l1" >Line 1:</td>
<td colspan="2" class="diff-lineno">Line 1:</td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins style="font-weight: bold; text-decoration: none;">[[Category:Patterns]]</ins></div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins style="font-weight: bold; text-decoration: none;"></ins></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>=General rule: Abstract things out as much as makes sense=</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>=General rule: Abstract things out as much as makes sense=</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td></tr>
</table>
Jrochkind
https://wiki.code4lib.org/index.php?title=Abstraction&diff=2055&oldid=prev
Jrochkind at 17:38, 2 February 2009
2009-02-02T17:38:52Z
<p></p>
<table class='diff diff-contentalign-left'>
<col class='diff-marker' />
<col class='diff-content' />
<col class='diff-marker' />
<col class='diff-content' />
<tr style='vertical-align: top;' lang='en'>
<td colspan='2' style="background-color: white; color:black; text-align: center;">← Older revision</td>
<td colspan='2' style="background-color: white; color:black; text-align: center;">Revision as of 17:38, 2 February 2009</td>
</tr><tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l1" >Line 1:</td>
<td colspan="2" class="diff-lineno">Line 1:</td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><del class="diffchange diffchange-inline">h1. </del>General rule: Abstract things out as much as makes sense</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins class="diffchange diffchange-inline">=</ins>General rule: Abstract things out as much as makes sense<ins class="diffchange diffchange-inline">=</ins></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><del class="diffchange diffchange-inline">h2. </del>Specific rule: Abstract the living crap out of your authentication scheme.</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins class="diffchange diffchange-inline">==</ins>Specific rule: Abstract the living crap out of your authentication scheme.<ins class="diffchange diffchange-inline">==</ins></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>Look, pretty much everyone with anything worth protecting already has an auth/authZ infrastructure in place. Sometimes an extensive, perhaps multi-institutional infrastructure. One that isn’t going to be bypassed without, say, getting fired.</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>Look, pretty much everyone with anything worth protecting already has an auth/authZ infrastructure in place. Sometimes an extensive, perhaps multi-institutional infrastructure. One that isn’t going to be bypassed without, say, getting fired.</div></td></tr>
</table>
Jrochkind
https://wiki.code4lib.org/index.php?title=Abstraction&diff=2054&oldid=prev
Jrochkind: New page: h1. General rule: Abstract things out as much as makes sense h2. Specific rule: Abstract the living crap out of your authentication scheme. Look, pretty much everyone with anything worth...
2009-02-02T17:38:38Z
<p>New page: h1. General rule: Abstract things out as much as makes sense h2. Specific rule: Abstract the living crap out of your authentication scheme. Look, pretty much everyone with anything worth...</p>
<p><b>New page</b></p><div>h1. General rule: Abstract things out as much as makes sense<br />
<br />
h2. Specific rule: Abstract the living crap out of your authentication scheme.<br />
<br />
Look, pretty much everyone with anything worth protecting already has an auth/authZ infrastructure in place. Sometimes an extensive, perhaps multi-institutional infrastructure. One that isn’t going to be bypassed without, say, getting fired.<br />
<br />
So if you’re going to require people to log in, make sure you make that process as abstract as you possibly can, both in algorithm and in code. Have a singleton class that’s easily subclassed to represent your user, and call it exclusively. Make sure that your URIs are easily separated into those that require auth and those that don’t, for simple use of mod_rewrite or whatnot to redirect to authentication. Make sure it’s easy to hook into (or work around) AJAX links that might require authentication that has expired.<br />
<br />
And for the love of god, don’t stuff username/password information into a cookie if you’re doing web work. Use a session and session key. Any auth scheme that I can spoof is no auth scheme at all, because I’m an idiot and not even trying hard.</div>
Jrochkind