Re: [Catalyst] Trusting $c->req->uri after login

2017-09-18 Thread Gavin Henry
Nevermind, I'd already done thought about this. Please ignore:

if ( !$c->user_exists ) {
$c->log->debug('***User not found, forwarding to /login')
  if $c->debug();

# $c->uri_for will return the URL for the current action namespace,
# so, if you request /customers/faxes, we'll get /customers/faxes
# that way we don't trust $c->req->uri, even though looking at the code
# Catalyst it's OK
$c->log->debug( 'Saving previous URI: ' . $c->uri_for() )
  if $c->debug();
$c->flash->{redirect_after_login} = $c->uri_for();
$c->response->redirect( $c->uri_for('/login') );
$c->detach();
}

___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/


[Catalyst] Trusting $c->req->uri after login

2017-09-17 Thread Gavin Henry
Hi all,

Can I trust this to use use to redirect a user after login (session expired
etc) or should I validate it against $c->uri_for()

Thanks.
___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/


Re: [Catalyst] New design

2013-07-25 Thread Gavin Henry
nice!

On 23/07/2013, Mark Keating  wrote:
> The nice chaps at Evozon have recently been making design mocks for a
> bunch of Perl sites and they have come up with a fresh look for
> Catalyst. Take a look and let me know what you guys think.
>
> http://www.mdk.me.uk/community/mocks/Catalyst.jpg
>
> Kind regards
>
> Mark
>
> --
> Mark Keating BA (Hons), Writer, Photographer, Cat-Herder.
> Managing Director: http://www.shadow.cat
> For more that I do visit: http://www.mdk.me
>
>
> ___
> List: Catalyst@lists.scsys.co.uk
> Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
> Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
> Dev site: http://dev.catalyst.perl.org/
>


-- 
http://www.suretecsystems.com/services/openldap/
http://www.surevoip.co.uk

___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/


Re: [Catalyst] Using Progressive realms when username and password fields are all different

2012-06-29 Thread Gavin Henry
> Does something like this fix the problem?
>
> --- Password.pm 2012-06-29 11:23:51.0 +0100
> +++ Password-new.pm     2012-06-29 11:33:40.0 +0100
> @@ -34,6 +34,14 @@
>  sub authenticate {
>     my ( $self, $c, $realm, $authinfo ) = @_;
>
> +    my $password_field = $self->_config->{'password_field'};
> +    if ($password_field ne 'password'
> +    and defined $authinfo->{password}) {
> +       $authinfo = {%{$authinfo}};
> +       $authinfo->{$password_field} = $authinfo->{password};
> +       delete $authinfo->{password};
> +    }
> +
>     ## because passwords may be in a hashed format, we have to make
> sure that we remove the
>     ## password_field before we pass it to the user routine, as some
> auth modules use
>     ## all data passed to them to find a matching user...

I've raised:

https://rt.cpan.org/Ticket/Display.html?id=78115

The main problem is that and the fact that username_field is missing.

I'd like to do ->authenticate( { username => $blah, password => $blah2 })

if username_field and/or password_field is in the config, map those to
above values, if not
just use the default. Otherwise there's no way you can use a
Progressive realm with
non-consistent user/pass field names in your DB. I could add a
viewbut it's not my
DB.

Silly or sane?

-- 
http://www.suretecsystems.com/services/openldap/
http://www.surevoip.co.uk

___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/


Re: [Catalyst] Using Progressive realms when username and password fields are all different

2012-06-28 Thread Gavin Henry
On 28 June 2012 23:08, Tim Anderson  wrote:
> That keys in the hash reference you are passing to the authenticate function
> should match the keys in your CcAgent model, plus the password field you
> defined in your config... something like this:
>
> # Attempt to log the user in
>
>            if (
>                $c->authenticate(
>                    {
>                        login => $username,
>                        passwd => $password
>                    },
>                    'progressive_oauth'
>                )
>              )
>            {
>

Thanks Tim. Yes, I know that but then the other two realms will fail
and that's the point of progressive. I want to call one ->authenticate
which tries all the realms I've defined in progressive_oauth.

Gavin.

-- 
http://www.suretecsystems.com/services/openldap/
http://www.surevoip.co.uk

___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/


Re: [Catalyst] Using Progressive realms when username and password fields are all different

2012-06-28 Thread Gavin Henry
On 28 June 2012 21:50, Tim Anderson  wrote:
> Gavin,
>
> Assuming you are using the Authentication plugin, you can define multiple
> realm objects, each of which allows you to specify the columns to be used
> for username and password.  The documentation is pretty good on this one,
> and it's working well for me.
>
> http://search.cpan.org/~bobtfish/Catalyst-Plugin-Authentication-0.10020/lib/Catalyst/Plugin/Authentication.pm#CONFIGURATION
>
> Does that help?

Hi Tim,

That's what I already have. I have 3 realms defined and then a
Progressive realm listing them:


class Progressive
realms customers_oauth
realms partners_oauth
realms admins_oauth


type customer


type partner


type admin





class Password
password_type clear
username_field useralias
password_field uipass


class DBIx::Class
user_model A2BillingDB::CcCard




class Password
password_type clear
username_field login
password_field passwd


class DBIx::Class
user_model A2BillingDB::CcAgent




class Password
password_type hashed
password_hash_type Whirlpool
username_field login
password_field pwd_encoded


class DBIx::Class
user_model A2BillingDB::CcUiAuthen



So I do:

# Get the username and password from form
my $username = $c->request->params->{username};
my $password = $c->request->params->{password};
my $signin   = $c->request->params->{signin};

if ($signin) {

# If the username and password values were found in form
if ( $username && $password ) {

# Attempt to log the user in
if (
$c->authenticate(
{
username => $username,
password => $password
},
'progressive_oauth'
)
  )
{

I would expect me passing in username and password like above to then
map that to the config that defines username_field and password_field
but instead I get:

Thu Jun 28 22:50:22 2012] [error] Failed to load user data.  You
passed [password,realm,type,username] to authenticate() but your user
source (A2BillingDB::CcAgent) only has these columns:
[id,datecreation,active,login,passwd,location,language,id_tariffgroup,options,credit,currency,locale,commission,vat,banner,perms,lastname,firstname,address,city,state,country,zipcode,phone,email,fax,company,com_balance,threshold_remittance,bank_info]
  Check your authenticate() call.

Thanks.

-- 
http://www.suretecsystems.com/services/openldap/
http://www.surevoip.co.uk

___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/


[Catalyst] Using Progressive realms when username and password fields are all different

2012-06-28 Thread Gavin Henry
Hi all,

I have three realms; customers, resellers and admins. Each auth table
in these realms is not consistent and uses different username_filed
and password_field names. I can't change this.

Now the normal way is to do:

if (
 $c->authenticate(
 {
 username => $username,
 password => $password
 },
 'progressive_test'
 )
   )
  {

This fails as no realms have username and password as the actual
column names. I wanted DWIM here so when I pass in username the auth
framework actually uses what I've set in my config using
username_field and password_field like so:



class Password
password_type clear
username_field useralias
password_field uipass


class DBIx::Class
user_model CustomerDB::Account



Ideas?

-- 
http://www.suretecsystems.com/services/openldap/
http://www.surevoip.co.uk/api

___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/


[Catalyst] Catalyst OAuth2 framework released

2012-05-28 Thread Gavin Henry
Hi all,

Just posted this:

http://www.surevoip.co.uk/blog/2012/05/28/surevoip-api-major-components-open-sourced/

The code is on the blog and will be put out to the CPAN later today.

We sponsored it, but it was written by the ShadowCat Systems guys.

Thanks!

-- 
http://www.surevoip.co.uk

___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/


[Catalyst] Re: I want to sponsor some Open Source awesomeness (mst words :-) )

2012-03-28 Thread Gavin Henry
Thanks all. I have someone now!

-- 
http://www.suretecsystems.com/services/openldap/
http://www.surevoip.co.uk

___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/


[Catalyst] I want to sponsor some Open Source awesomeness (mst words :-) )

2012-03-22 Thread Gavin Henry
Hi all,

I want to sponsor some libs/modules in Net::SureVoIP::API for the CPAN
and GitHub, but don't want to write it myself for obvious testing
reasons.

These are the docs (written by me):

http://www.surevoip.co.uk/support/wiki/api_documentation

Support resources are:

http://www.surevoip.co.uk/support/wiki/api_documentation#support

It's all written in Catalyst by me to date. t0m is getting sponsored
for tons of log::stash::* things for a event notification framework
which also allows use of zeromq to power WebHooks as they are now
getting called. SC/mst etc. are doing an OAuth2 consumer and provider
for Catalyst and CPAN too.

Currently offering a new iPad but happy to provide something else or cash.

Thanks,

Gavin.

-- 
http://www.suretecsystems.com/services/openldap/
http://www.surevoip.co.uk

___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/


Re: [Catalyst] Catalyst::Controller: find_meta not found

2012-02-15 Thread Gavin Henry
> With a very simple catalyst app this happens:
>
> Array found where operator expected at 
> /opt/perl/5.10/lib/site_perl/5.10.1/Catalyst/Controller.pm line 215, at end 
> of line
>  (Missing operator before ?)
> Undefined subroutine &Catalyst::Controller::find_meta called at 
> /opt/perl/5.10/lib/site_perl/5.10.1/Catalyst/Controller.pm line 199.
> Compilation failed in require at 
> /opt/perl/5.10/lib/site_perl/5.10.1/Module/Runtime.pm line 317.
>  at /opt/perl/5.10/lib/site_perl/5.10.1/Catalyst/Script/Server.pm line 239
>
>
> If I comment out the 'use namespace::clean' at the top of Catalyst::Controller
> everything is fine (or seems fine).
>
> If I downgrade Class::Load, Module::Runtime, Module::Implementation, and
> MooseX::MethodAttributes everything is fine with the app w/o changes to
> Catalyst code.
>

I'm getting this as well on perlbrew 5.10.1 and it's just started
happening. I'm trying to trace back to how/when:

[ghenry@dax-xen SureVoIP-API]$ CATALYST_DEBUG=1 DBIC_TRACE=1
script/surevoip_api_server.pl
Array found where operator expected at
/home/ghenry/perl5/lib/perl5/Catalyst/Controller.pm line 215, at end
of line
(Missing operator before ?)
String found where operator expected at
/home/ghenry/surevoip/surevoip-api-git/SureVoIP-API/script/../lib/SureVoIP/API/Controller/SMS.pm
line 19, near "has 'sms_form'"
(Do you need to predeclare has?)
syntax error at
/home/ghenry/surevoip/surevoip-api-git/SureVoIP-API/script/../lib/SureVoIP/API/Controller/SMS.pm
line 19, near "has 'sms_form'"
BEGIN not safe after errors--compilation aborted at
/home/ghenry/surevoip/surevoip-api-git/SureVoIP-API/script/../lib/SureVoIP/API/Controller/SMS.pm
line 44.
Compilation failed in require at
/home/ghenry/perl5/lib/perl5/Catalyst/Utils.pm line 287.
Compilation failed in require at
/home/ghenry/perl5/lib/perl5/Module/Runtime.pm line 317.
 at /home/ghenry/perl5/lib/perl5/Catalyst/Script/Server.pm line 239


I'm on the latest Cat and MooseX::MethodAttributes, but will check for
downgrades like you did.


If I do:

perlbrew switch perl-5.14.2

I get:

[ghenry@dax-xen SureVoIP-API]$ CATALYST_DEBUG=1 DBIC_TRACE=1
script/surevoip_api_server.pl
Segmentation fault

If I do:

[ghenry@dax-xen SureVoIP-API]$ perl -Ilib -c lib/SureVoIP/API/Controller/SMS.pm
lib/SureVoIP/API/Controller/SMS.pm syntax OK

I can at least run perltidy and do a syntax check.


-- 
http://www.suretecsystems.com/services/openldap/
http://www.surevoip.co.uk



-- 
http://www.suretecsystems.com/services/openldap/
http://www.surevoip.co.uk

___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/


[Catalyst] Catalyst::Action::REST, HATEOAS and gathering OPTIONS for a site map

2011-10-24 Thread Gavin Henry
Hi all,

As part of the HATEOAS (Hypermedia as The Engine Of Application State)
restful requirement, I wondered if it was a good idea to add a
->sitemap type option which does the same as _return_options which
sets the "Allow" header but returns a data structure of all the links
and methods available for each class? I planned to use similar for
returning a site map at say '/' in order
to provide as much in-band client information as possible.

Thoughts?

Thanks,

Gavin.

-- 
http://www.suretecsystems.com/services/openldap/
http://www.surevoip.co.uk

___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/


[Catalyst] OAuth 2.0 for a RESTful API?

2011-10-18 Thread Gavin Henry
Hi all,

Has anyone done this yet or wish to work together on a plugin?

Cheers.

-- 
http://www.suretecsystems.com/services/openldap/
http://www.surevoip.co.uk

___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/


Re: [Catalyst] Catalyst As OAuth Service Provider

2011-10-13 Thread Gavin Henry
Is anyone any further with this?

I'm looking at OAuth 2.0 for our RESTful API.

Gavin.

-- 
http://www.suretecsystems.com/services/openldap/
http://www.surevoip.co.uk

___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/


[Catalyst] Re: DBIC_TRACE=1 and Progressive Realms not moving on with HTTP basic auth

2011-10-12 Thread Gavin Henry
Turns out this won't work due to the fact that ->detach is called in
Credential::HTTP

On 12 October 2011 00:15, Gavin Henry  wrote:
> Hi all,
>
> I'm opening up an existing DB that has various types of users and am using:
>
>    default_realm progressive
>    
>        
>            class Progressive
>            realms admins
>            realms resellers
>            realms customers
>        
>
> with basic HTTP auth.
>
> I can see the dbic traces but they only ever try the admins realm. If
> each of the above realms are dbic stores, should I expect to see 3
> different selects?
>
> Thanks.
>
> --
> http://www.suretecsystems.com/services/openldap/
> http://www.surevoip.co.uk
>



-- 
http://www.suretecsystems.com/services/openldap/
http://www.surevoip.co.uk

___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/


[Catalyst] DBIC_TRACE=1 and Progressive Realms not moving on with HTTP basic auth

2011-10-11 Thread Gavin Henry
Hi all,

I'm opening up an existing DB that has various types of users and am using:

default_realm progressive


class Progressive
realms admins
realms resellers
realms customers


with basic HTTP auth.

I can see the dbic traces but they only ever try the admins realm. If
each of the above realms are dbic stores, should I expect to see 3
different selects?

Thanks.

-- 
http://www.suretecsystems.com/services/openldap/
http://www.surevoip.co.uk

___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/


[Catalyst] RESTful example apps?

2011-09-15 Thread Gavin Henry
Hi,

I was wondering if any one has any example code implement a REST API
in Catalyst?

Thanks.

-- 
http://www.suretecsystems.com/services/openldap/
http://www.surevoip.co.uk

___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/


Re: [Catalyst] Empty pdf file/ using Catalyst::View::PDF::Reuse

2010-03-09 Thread Gavin Henry
Hi,

I've used PDF::Reuse a lot, not with Cat though. The template should
be a PDF file and then you can write over it and output a new one. So
without checking the pod for this view is your template right?

Try it outside Cat first or using a test you've written.

Thanks,

Gavin.


On 06/03/2010, Lupin Deterd  wrote:
> Hi,
> I'm using View::PDF::Reuse to create/generate pdf, and though it
> successfully create one but it's empty, following is code/template.
>
> -- code --
>  {
>$c->stash->{list} = ['one', 'two', 'three', 'four'];
>$c->stash->{pdf_disposition} = 'attachment';
>$c->stash->{pdf_filename}= 'receipt.pdf';
>$c->stash->{pdf_template}= 'order/receipt.tt2';
>$c->detach( $c->view('PDF::Reuse') );
>
>}
>
> -- template/receipt.tt2 --
>
> [% pdf.prFont('Helvetica-Bold') %]
> [% pdf.prFontSize(50) %]
>
>
> [% y = 500 %]
>  [% FOREACH item IN list %]
>   [% pdf.prText(100,y,item) %]
>   [% y = y - 13 %]
>  [% END %]
>
>
> Thanks in advance for any hints.
>
> lupin
>
> ___
> List: Catalyst@lists.scsys.co.uk
> Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
> Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
> Dev site: http://dev.catalyst.perl.org/
>

-- 
Sent from my mobile device

http://www.suretecsystems.com/services/openldap/
http://www.suretectelecom.com

___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/


Re: [Catalyst] Signup/Wizards recommendations

2010-03-08 Thread Gavin Henry
On 8 March 2010 18:43, Kiffin Gish  wrote:
> I've got a simple registration based on mojomojo which works just fine.
> Have a look there for more details.

Will do, thanks.

-- 
http://www.suretecsystems.com/services/openldap/
http://www.suretectelecom.com

___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/


[Catalyst] Signup/Wizards recommendations

2010-03-08 Thread Gavin Henry
Hi all,

I was wondering what you'd recommend for a 2-3 page
registration/signup process. I use dbic and formhandler and trying to
decide on whether I should do this all on one page like the
Google/ebay signup or to the "Next page" option. I've been following
http://www.catalyzed.org/2010/03/an-introduction-to-formhandler.html
and what to do things the same way.

But, If I go for the later do you store partial progress signups in a
table or keep all the vars in hidden fields etc.?

I've got, user/company contact details, password etc. and then the
product and some other details, so may be a 3 page sign up or one long
page with dojo parts. Would chained be good for this:
signup/step1/start etc.

Most of my work has always been single page with Dojo parts, so not
sure what others do or recommend.

Any advice much appreciated.

Thanks,

Gavin.

___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/


Re: [Catalyst] Handel shopping cart?

2009-12-01 Thread Gavin Henry
> I guess that almost no one is, take a look on archive starting at this thread:
>
> http://www.mail-archive.com/catalyst@lists.scsys.co.uk/msg08339.html

Thanks,

Will do!


-- 
http://www.suretecsystems.com/services/openldap/
http://www.suretectelecom.com

___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/


[Catalyst] Handel shopping cart?

2009-11-30 Thread Gavin Henry
Hi,

We're looking at using this for ourselves and wondered who else has?

Thanks.

-- 
Sent from my mobile device

http://www.suretecsystems.com/services/openldap/
http://www.suretectelecom.com

___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/


Re: [Catalyst] New Apress book shipping now from Amazon.com

2009-07-28 Thread Gavin Henry
Got mine yesterday finally from Amazon. Ordered it ages ago. Can't
wait to get into it!

Cheers.

-- 
http://www.suretecsystems.com/services/openldap/
http://www.suretectelecom.com

___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/


Re: [Catalyst] New Apress book on Safari Books Online

2009-07-22 Thread Gavin Henry
Amazon uk keep delaying my order. It's definitely out right?

Thanks.

On 21/07/2009, Kieren Diment  wrote:
>
> On 22/07/2009, at 7:49 AM, Meeko wrote:
>
>> Does anyone know if/whether the new Apress book "The Definitive
>> Guide to
>> Catalyst" will appear on O'Reilly Safari Books Online?  I have a
>> Safari
>> subscription, and prefer reading my tech books there.  I would
>> really like
>> to read the new book, and I keep checking every few days to see if
>> it has
>> appeared but so far it hasn't.
>> I was just wondering if anyone knows how long it usually takes books
>> to
>> appear there, and if or when the new Catalyst book will appear.  I
>> see lots
>> of Apress books on Safari, so I know their books do appear, so I'm
>> hoping
>> the new Catalyst books makes it soon.
>>
>
>
> I asked the boss, and will get back to you when he replies!
>
>
>
>
> ___
> List: Catalyst@lists.scsys.co.uk
> Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
> Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
> Dev site: http://dev.catalyst.perl.org/
>

-- 
Sent from my mobile device

http://www.suretecsystems.com/services/openldap/
http://www.suretectelecom.com

___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/


Re: [Catalyst] PDF creation in Catalyst?

2008-10-23 Thread Gavin Henry
Yeah, have to agrre with that. We use PDF::Reuse a lot with Catalyst.

Gavin.

On 10/23/08, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
>>And in case you want PNG or PDF output, you'll need just a few
>> lines...
>
> Funnily enough, JJ was mentioning at Birmingham.pm last night that he
> generates PDF docs from a Catalyst View using PDF::Reuse to merge
> field data to PDF templates. You can generate the templates from Word
> then saving with PDFMaker.
> Check out PDF::Reuse::Tutorial for details
> http://search.cpan.org/perldoc?PDF::Reuse::Tutorial
>
> Regards,
> Peter
> http://perl.dragonstaff.co.uk
>
>
>
>
> ___
> List: Catalyst@lists.scsys.co.uk
> Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
> Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
> Dev site: http://dev.catalyst.perl.org/
>

-- 
Sent from my mobile device

http://www.suretecsystems.com/services/openldap/

___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/


[Catalyst] Catalyst in Linux Magazine

2008-09-28 Thread Gavin Henry
Hi,

Nice tutorial and article on Catalyst in the current issue:

http://www.linux-magazine.com/resources/current_issue

(not available online unfortunately).

Gavin.

___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/


Re: [Catalyst] Password policy support for Catalyst::Authentication::Store::LDAP

2008-07-20 Thread Gavin Henry
> New-style auth uses authenticate().
>
> I -think- it should be possible for any true value to be passed back out,
> so instead of 'return 1' you could return an object that describes the
> current status of the account?
>

Sounds good to me.


-- 
http://www.suretecsystems.com/services/openldap/

___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/


Re: [Catalyst] Password policy support for Catalyst::Authentication::Store::LDAP

2008-06-20 Thread Gavin Henry
2008/6/20 Buchan Milne <[EMAIL PROTECTED]>:
> In our internal management web app (which has only been feasible due to
> Catalyst), we authenticate against our OpenLDAP (2.3) infrastructure.
>
> Due to various security requirements (SAOX etc.), we are required to have
> password expiration etc. So, we implemented password policies a while back
> using OpenLDAP's slapo-ppolicy overlay
> (http://www.openldap.org/software/man.cgi?query=slapo-ppolicy&sektion=5&apropos=0&manpath=OpenLDAP+2.3-Release)
>
> Net::LDAP recently added support for the Password Policy control, so at least
> this is now feasible (without hacking Net::LDAP, which is where I got stuck
> on the previous attempt).
>
> I think I may be able to provide a patch for Authentication::Store::LDAP,
> however, the first problem is that Catalyst::Authentication (like many other
> authentication frameworks) assumes the result of an authentication will
> always only be a boolean, and thus doesn't make provision for situations such
> as:
> -The account is locked out (the password may have been correct, but the user
> can't authenticate)
> -The password was reset and needs to be changed (so, authenticate them but
> allow for a means to send them to a password changing facility)
> -The password will expire soon
> etc.
>
> I wouldn't like to try and propose a solution for Catalyst::Authentication
> (yet), but I can try and provide input on any proposed solution.
>

Can't you still return a true/false and then provide/use an error
method which will then contain the reason for failure, which include
the response from ppolicy?

-- 
http://www.suretecsystems.com/services/openldap/

___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/


Re: [Catalyst] Catalyst and PayPal

2008-04-21 Thread Gavin Henry

> Zbigniew Lukasiak wrote:
>> On Mon, Apr 21, 2008 at 1:43 PM, Kieren Diment <[EMAIL PROTECTED]> wrote:
>>
>>>  On 21 Apr 2008, at 21:22, Angel Kolev wrote:
>>>
>>>
 Hi fellas.
 I plan to include PayPal payment possibility in my cat website. Is
 there

>>> any plugin/tool that works with the paypal developers toolkit
>>> https://www.paypal.com/cgi-bin/webscr?cmd=p/pdn/software_dev_kit_php-outside
>>>
 Can anyone give me a direction


>>>  http://search.cpan.org/~mock/Business-PayPal/  # simplest
>>>  http://search.cpan.org/~scottw/Business-PayPal-API # newest and
>>> probably
>>> most complete
>>>  http://search.cpan.org/~sherzodr/Business-PayPal-IPN # most reviewed
>>> on
>>> cpanratings.
>>>
>>>  Whichever one you go with a base controller (e.g.
>>> Catalyst::Controller::Business::Paypal) onto cpan would be appreciated.
>>>
>>
>> I am not so sure if the, often repeated here, advice to build
>> everything as a base controller is a good one.  Let's say you would
>> like to use the PayPal thing and FormFu - and bang you are dealing
>> with the tricky area of Multiple Inheritance.  'Composition over
>> Inheritance' is popular in other circles.
>>
>>
> I dont need FormFu, because i will use Template toolkit only. May be
> Catalyst::Controller::Business::Paypal is good enough solution. Im not
> familiar with paypal, but can i test some payments without "real" money
> transactions?
>

There's already one in Catalyst SVN. We use it and have added to it for
https://www.flexitimemanager.net

See:

http://dev.catalyst.perl.org/repos/Catalyst/trunk/Catalyst-Model-PayPal-IPN/

It does the form data and encryption too. See the docs for it I did.

Gavin.

___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/


Re: [Catalyst] Show Catalyst info page

2008-04-16 Thread Gavin Henry

> I just found that cat 5.7 Ánd 5.12 have many differences.
> For example, action stats changed and old version has broken.
>
>  I want to do a back compatibility with 5.7/
> I can get $Catalyst::VERSION in controller, but I don't know where to find
> it in "c." for TT Template.
> If I can retrieve c.catalyst.version in TT than I can use conditional
> blocks for 5.7 and 5.12

http://search.cpan.org/~mramberg/Catalyst-View-TT-0.26/lib/Catalyst/View/TT.pm#CATALYST_VAR

To set the var, if that's what you mean.

>
> Or may be someone already done the universal stats?
>
> P.s.
> And I have an idea to make an CatInfo page such as phpinfo.  It will be
> useful to have all information about
>  Catalyst environment in -Debug mode /

Like loaded modules and versions etc?

I remember seeing this on the list or on Chisel Wrights website and use it
somewhere myself:

177 =head2 modules
178
179 =cut
180
181 sub modules : Local {
182 my ( $self, $c ) = @_;
183 $c->stash->{template} = 'admin/modules.tt';
184 my $inc_data;
185
186 my @inc_loaded = grep { s/\//::/g; s/\.pm//g; } sort keys %INC;
187
188 for my $module_name (@inc_loaded) {
189 eval {
190 $inc_data->{ $module_name } = $module_name->VERSION();
191 };
192 push @{$c->stash->{loaded_module_data}},
193 {
194 name=> $module_name,
195 version => $inc_data->{ $module_name },
196 };
197 }
198 }
199
200 =head podhtml
201
202 Convert our loaded modules to html for reading
203
204 =cut
205
206 sub podhtml : Local Args(1) {
207 my ( $self, $c, $pm ) = @_;
208
209 my $podtohtml = Pod::Simple::HTML->new();
210
211 $pm =~ s/::/\//g;
212 $pm .= '.pm';
213
214 $c->res->body( $podtohtml->parse_from_file($INC{$pm}) );
215 $c->res->content_type('text/html');
216 }

___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/


Re: [Catalyst] Re: Catalyst and Web Services?

2008-02-04 Thread Gavin Henry

> * Gavin Henry <[EMAIL PROTECTED]> [2008-02-04 12:05]:
>> If you want to provide access over SSL with auth, i.e. for
>> example a desktop app posting and retrieving info from/to a
>> Catalyst app what's the best way?
>>
>> REST or SOAP?
>
> Well, the question you’re asking is actually REST or WS-*; SOAP
> is actually just an envelope format that can be used in both
> scenarios. Of course in practice no one uses SOAP for REST
> because it adds no value that you can’t get another way anyway.

OK, thanks.

>
> Anyway, between WS-* and REST, the answer is clearly REST, with
> the only exception being if you need to integrate with existing
> infrastructure that is already heavily geared toward WS-* – in
> short, you’re in a Microsoft shop.

Well, it might involve an Outlook Plugin (to right-click a calendar
entry), a Thunderbird plugin with/for Lightening/Sunbird and a taskbar app
all using wxWidgets, connecting to the central Catalyst App.

>
>> I want the same users that normalling login via a web browser
>> and get a cookie to be able to login via a "light" wee desktop
>> app or some such?
>>
>> Would you create a new interface/access point on the Cat site
>> and use REST or SOAP?
>>
>> All new to me, so excuse the dumb questions.
>
> I don’t know what you’re doing, so I can’t say if it’ll work for
> your case, but in the very least as a source of inspiration, take
> a look at Atompub. It’s a great example of how to structure a
> REST system, and in fact, with a little creativity, it is a close
> match for the great majority of scenarios in which people want to
> provide an API. The advantage is that there is already a bunch of
> code that implements Atompub, both on the client but also on the
> server – see Catalyst::Controller::Atompub.

Cool, thanks will look at that.

>
> But, as I said, even if it *really* doesn’t fit your needs, it
> gives you an idea for how a REST service should look like.

It's bascially to login, retrieve some db entries and post them back
authenticated with a session etc. just like a normal session/cookie web
login.

>
> Regards,
> --
> Aristotle Pagaltzis // <http://plasmasturm.org/>
>
> ___
> List: Catalyst@lists.scsys.co.uk
> Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
> Searchable archive:
> http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
> Dev site: http://dev.catalyst.perl.org/
>


___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/


[Catalyst] Catalyst and Web Services?

2008-02-04 Thread Gavin Henry
Hi All,

If you want to provide access over SSL with auth, i.e. for example a
desktop app posting and retrieving info from/to a Catalyst app what's the
best way?

REST or SOAP?

I want the same users that normalling login via a web browser and get a
cookie to be able to login via a "light" wee desktop app or some such?

Would you create a new interface/access point on the Cat site and use REST
or SOAP?

All new to me, so excuse the dumb questions.

Thanks.

___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/


Re: [Catalyst] LDAP

2008-01-28 Thread Gavin Henry

> From: "Gavin Henry" <[EMAIL PROTECTED]>
>> Ah, ok. What Directory server are you using btw?
>
> openldap

Ok. If you're using a recent version you can use back-sql and make certain
db tables available via LDAP. It's not the best design decision you could,
but an option if you're really stuck:

http://www.openldap.org/software/man.cgi?query=slapd-sql&apropos=0&sektion=0&manpath=OpenLDAP+2.4-Release&format=html

Only do it if you have no other option.

Gavin.

> Carl
>
>
> ___
> List: Catalyst@lists.scsys.co.uk
> Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
> Searchable archive:
> http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
> Dev site: http://dev.catalyst.perl.org/
>


___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/


Re: [Catalyst] LDAP

2008-01-26 Thread Gavin Henry

>> Externally in your organisation?
>
> No to an external organisation that has been contracted by us to provide
and
> host a web application. This application needs to share a single sign-on
with applications built in-house using Catalyst.

Ah, ok. What Directory server are you using btw?

>
>> For configuration, why don't you have one set and reference it from
both *::LDAP ??
>>
>> Or I am being dumb here?
>
> No you're right that I can combine some of the configuration and
reference it accordingly. However I don't have a single obvious place to
add an extra
> method (although J Rockway may have a hack around that).

Sounds good.

>
>> You're pulling LDAP users into your RDBMS? Why not keep them there? If you
>> are using PostgreSQL you can use dblink-ldap as a function. Might be
handy.
>
> No I've got data in my RDBMS that has a relationship to the data in my LDAP
> directory. For example "comments" are added by users, therefore the
comments
> in the database have a submitter for which the details are held in LDAP.
>
> dblink-ldap is interesting but we're a MySQL shop. I'm also taking a
look at
> DBD::LDAP on CPAN which does a similar thing in perl-land.

Understood.

>
> Carl
>
>
> ___
> List: Catalyst@lists.scsys.co.uk
> Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive:
> http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
> Dev site: http://dev.catalyst.perl.org/
>




___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/


Re: [Catalyst] LDAP

2008-01-24 Thread Gavin Henry

> Hi,
>
> I've been playing around with the LDAP stuff in Catalyst, we have a need
> to
> share user data externally for authentication reasons and currently
> believe
> LDAP is a good solution for this.

Externally in your organisation?

>
> To this end I've got C:P:Auth:Store:LDAP correctly authenticating users
> against a LDAP database. I've also got C:Model:LDAP pulling users out of
> the
> DB so that we can display names next to user-submitted content.
>
> Now to get to this stage I've got two lots of configuration, and
> effectively
> two chunks of code doing very similar jobs. I now need to add a custom
> method, and can't see anyway outside of doing it twice.

For configuration, why don't you have one set and reference it from both
*::LDAP ??

Or I am being dumb here?

>
> Next up I want to link my DBIC schema to the LDAP stuff so I can
> automatically inflate users, however on this project we have some chunks
> of
> code that work outside Catalyst using the same schema, so I can't link
> them
> to the Catalyst Model. Ideally what I need here is some kind of generic
> ORM
> layer, an a thinner Catalyst Model which uses it.

You're pulling LDAP users into your RDBMS? Why not keep them there? If you
are using PostgreSQL you can use dblink-ldap as a function. Might be
handy.

>
> So anybody else got any experiences to share here? Is there some easy way
> to
> achieve what I want that I've missed? Anybody got code to share?
>
> Thanks
>
> Carl
>
>
>
> ___
> List: Catalyst@lists.scsys.co.uk
> Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
> Searchable archive:
> http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
> Dev site: http://dev.catalyst.perl.org/
>


___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/


Re: LDAP Injection [Catalyst]

2008-01-24 Thread Gavin Henry

> Oh another LDAP subject that I meant to mention - LDAP Injection. It's
> something that's been mentioned regarding our use of LDAP.
>
> For example C:P:Auth:Store:LDAP suggests using a filter like:
>
> (&(objectClass=posixAccount)(uid=%s))
>
> Then does:
>
> $filter =~ s/\%s/$replace/g;
>
>
> Which on a casual glance would seem to be a possibility for a
> LDAP-injection
> attack.

It doesn't matter, it will get rejected as a bad filter:

[EMAIL PROTECTED] ~]$ ldapsearch -x
"(&(objectClass=posixAccount)(uid==&234%20%/ad)$1\\))"
# extended LDIF
#
# LDAPv3
# base  (default) with scope subtree
# filter: (&(objectClass=posixAccount)(uid==&234%)\))
# requesting: ALL
#

ldapsearch: ldap_search_ext: Bad search filter (-7)


>
> The problems due to SQL Injection are well known and nobody would write
> similar code to interact with a DB. However there seems to be little in
> CPAN
> that acknowledges the risks of LDAP Injection.
>
> I suspect that Net::LDAP doesn't help here, there is a reference to making
> use of Net::LDAP::Filter to specify queries that will be properly escaped
> -
> however there isn't an example in the POD (hell I glanced at the source
> and
> couldn't be entirely sure).
>
> So again is this an area that anybody has considered and has some
> experience
> to share?
>
> Thanks again,
>
> Carl
>
>
> ___
> List: Catalyst@lists.scsys.co.uk
> Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
> Searchable archive:
> http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
> Dev site: http://dev.catalyst.perl.org/
>


___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/


[Catalyst] Locally hosted Solution?

2008-01-04 Thread Gavin Henry
Hi All,

It's been a while since I posted.

We did and look after https://www.flexitimemanager.net, which is a Cat app
using dbix, Postgres, Dojo etc for a client.

Have any of you guys been in a position when a clients customer requests a
locally hosted version of the app?

What did you offer? I was thinking about a VMWare/Xen Image with a
tailored admin interface. Or something that links back to main app?

Thoughts?

Thanks,

Gavin.

-- 
Walking the road to enlightenment... I found a penguin and a camel on the
way. Fancy a [EMAIL PROTECTED] Just ask!!!
http://perlmonks.org/?node_id=386673

___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/