Re: Crypt::SSLeay Usage

2012-10-24 Thread David Pottage 

On 23/10/12 05:02, Goon Chew wrote:

Hi,

I am not a PERL expert and am looking for some Crypt::SSLeay usage support,
hopefully someone can help me out.

We have a perl trigger script that has been working fine by Rational Change
using http. This script may be called either when a Change Request (CR) is
transitioned or selected attributes are modified. If the CR contains a
reference to a Saleforce.com case, the script sends a message to update the
case status. The script reads configuration information from the
cstrigger.properties file to determine whether the state transition or
attribute change requires a message to be sent to Saleforce and if so
it invokes the 'wget' command to send the status update message. wget is an
open source non-interactive web browser that has been installed on the
Rational Change server.

We are in the process of converting Rational Change to a brand new server
using https. During the testing, I received the following error when the
script is being executed:

LWP will support https URLs if the Crypt::SSLeay module is installed.
More information at .
Monday, October 22, 2012 10:06:33 PM CDT
ERROR - Failed to show problem: 94. Connection failure: The response as a
string is: 501 (Not Implemented) Protocol scheme 'https' is not supported
(Crypt::SSLeay not installed)
Content-Type: text/plain
Client-Date: Tue, 23 Oct 2012 03:06:34 GMT
Client-Warning: Internal response

LWP will support https URLs if the Crypt::SSLeay module is installed.
More information at .


I googled and found this site:
http://search.cpan.org/~nanis/Crypt-SSLeay-0.64/SSLeay.pm

I had our Unix team installed Crypt::SSLeay and OpenSSL on the brand new
server but I still get the same error above. I believe my trigger script
needs to be updated so it knows where to find the Crypt::SSLeay but I am
very lost even after reading the site I referenced above.

Please let me know if you need any additional information to help, any
assistance you can provide is greatly appreciated!!
As it happens, I have written trigger scripts for Rational Change, and 
from the way you have described your problem, I don't think it is 
specific to Crypt::SSLeay, more that when perl runs a trigger script it 
can't find the library.


I think what you need to do, is first contact you unix team and find out 
where they installed the library. They are unlikely to have installed it 
with the system perl libraries, more likely somewhere like 
/usr/local/lib/site_perl, and this might not be in the @INC list of 
paths that perl uses to find libraries. You should also make sure that 
that they installed it for the same perl version and processor 
architecture as the version of perl used by Change. (It is quite likely 
that Change is using a different version of perl than the system 
version, especially if you are on Solaris).


Then you should find out the @INC path as it is in a trigger script. 
This will be hidden somewhere in your Rational Change config files, but 
it is probably easier to get by adding a debug printf to a trigger 
script and have it write to a config file. eg:

open LOGFILE, '>', /tmp/debug.log
print LOGFILE $_ foreach @INC;
close LOGFILE;

Chances are you will find a miss match between the contents of @INC and 
the location of the library. You should be able to fix it by adding "use 
lib " to the top of your script.


If that does not work, then as I recall, it is possible to debug the 
trigger scripts in the environment that Change runs them in. I don't 
remember the details but as I recall you can set a variable in your 
change config, restart the server, and it will retain the file 
containing the environment each time it runs rather than removing them 
when the trigger script completes. Consult your documentation. You 
should then be able to run the trigger script in the perl debugger and 
find out what is going wrong.


If you still can't get Crypt::SSLeay working, then please post again.

--
David Pottage

Re: Windows authentication without a password

2012-10-24 Thread Lawrence Statton 

On 10/24/2012 09:21 AM, samuel.feren...@barclays.com wrote:

Hi,

Is it possible to authenticate the user on Windows without entering the 
password?

Our script uses LWP and is talking to a webserver that requires authentication. 
The code is as follows:



Here's an example of a trivial subclass of LWP::UserAgent that uses 
Net::Netrc to store passwords in "not the script"


package Cluon::TestAgent;

use parent 'LWP::UserAgent';
use URI;
use Net::Netrc;

sub get_basic_credentials {
  my $class = shift;
  my $realm = shift; # ignore this for trivial demo
  my $uri = URI->new(shift);
  if (my $tuple = Net::Netrc->lookup($uri->host)) {
return ($tuple->login, $tuple->password);
  }
  return;
}

#
# instantiate a new Cluon::TestAgent and use it to get a protected
# resource
#
sub test_driver {
  my $class = shift;
  my $ua = $class->new();

  my $response = $ua->get('http://lawrence.cluon.com/');

  die $response->status_line
unless $response->is_success;

  print "Got it\n\n";

}

1;

You'll need to createa  .netrc file in your $HOME that looks like

machine lawrence.cluon.com login testuser password testpass

And you can test the script with

perl -MCluon::TestAgent -le "Cluon::TestAgent->test_driver"

(This, of course, will only work if TestAgent.pm is under a directory 
named Cluon)


Expanding the TestAgent to use something else like .authinfo or your 
platform's favorite keyring store is an exercise for the reader :)


--Lawrence

Re: Windows authentication without a password

2012-10-24 Thread Lawrence Statton 

On 10/24/2012 09:21 AM, samuel.feren...@barclays.com wrote:

Hi,

Is it possible to authenticate the user on Windows without entering the 
password?


I don't see where your script has anything to do with authenticating on 
windows -- you appear to be authenticating against a web server, which 
may HAPPEN to be running under windows, but that is invisible to you at 
the HTTP layer.


And the obvious answer is:  No - if there were a way to authenticate 
without a password, there'd be no point in HAVING passwords.




Our script uses LWP and is talking to a webserver that requires authentication. 
The code is as follows:

# Perl code
my $ua = LWP::UserAgent->new(keep_alive =>  1);
$ua->credentials(URI->new($url)->host_port, '', $USER, $PASS ) if $USER and 
$PASS;
my $resp = $ua->request( GET $url );



So - their advice is good - you need to keep a local copy of the 
credentials (e.g. username and password) in some "sufficiently secure" way.


Depending on your security/paranoia profile, this could be as simple as 
a chmod 400 dot-file, or as complex as you want it to be.


--Lawrence

Windows authentication without a password

2012-10-24 Thread samuel.ferencik 
Hi,

Is it possible to authenticate the user on Windows without entering the 
password?

Our script uses LWP and is talking to a webserver that requires authentication. 
The code is as follows:

# Perl code
my $ua = LWP::UserAgent->new(keep_alive => 1);
$ua->credentials(URI->new($url)->host_port, '', $USER, $PASS ) if $USER and 
$PASS;
my $resp = $ua->request( GET $url );

Now, it's failing as we don't have the $PASS stored in the script. The 
webserver team have advised us to use the equivalent of .NET's "credential 
cache":

// C# code
var webRequest = WebRequest.Create(mDownloadUrl);
webRequest.PreAuthenticate = true;
webRequest.Credentials = CredentialCache.DefaultCredentials;
...

Can this be achieved with LWP? Should perhaps the NTLM module 
(LWP::Authen::Ntlm) be of help here?

Thanks,
Sam

___

This e-mail may contain information that is confidential, privileged or 
otherwise protected from 
disclosure. If you are not an intended recipient of this e-mail, do not 
duplicate or redistribute 
it by any means. Please delete it and any attachments and notify the sender 
that you have received 
it in error. Unless specifically indicated, this e-mail is not an offer to buy 
or sell or a 
solicitation to buy or sell any securities, investment products or other 
financial product or 
service, an official confirmation of any transaction, or an official statement 
of Barclays. Any 
views or opinions presented are solely those of the author and do not 
necessarily represent those 
of Barclays. This e-mail is subject to terms available at the following link: 
www.barclays.com/emaildisclaimer. 
By messaging with Barclays you consent to the foregoing.  Barclays offers 
premier investment banking 
products and services to its clients through Barclays Bank PLC, a company 
registered in England 
(number 1026167) with its registered office at 1 Churchill Place, London, E14 
5HP.  This email may 
relate to or be sent from other members of the Barclays Group.

___

Crypt::SSLeay Usage

2012-10-24 Thread Goon Chew 
Hi,

I am not a PERL expert and am looking for some Crypt::SSLeay usage support,
hopefully someone can help me out.

We have a perl trigger script that has been working fine by Rational Change
using http. This script may be called either when a Change Request (CR) is
transitioned or selected attributes are modified. If the CR contains a
reference to a Saleforce.com case, the script sends a message to update the
case status. The script reads configuration information from the
cstrigger.properties file to determine whether the state transition or
attribute change requires a message to be sent to Saleforce and if so
it invokes the 'wget' command to send the status update message. wget is an
open source non-interactive web browser that has been installed on the
Rational Change server.

We are in the process of converting Rational Change to a brand new server
using https. During the testing, I received the following error when the
script is being executed:

LWP will support https URLs if the Crypt::SSLeay module is installed.
More information at .
Monday, October 22, 2012 10:06:33 PM CDT
ERROR - Failed to show problem: 94. Connection failure: The response as a
string is: 501 (Not Implemented) Protocol scheme 'https' is not supported
(Crypt::SSLeay not installed)
Content-Type: text/plain
Client-Date: Tue, 23 Oct 2012 03:06:34 GMT
Client-Warning: Internal response

LWP will support https URLs if the Crypt::SSLeay module is installed.
More information at .


I googled and found this site:
http://search.cpan.org/~nanis/Crypt-SSLeay-0.64/SSLeay.pm

I had our Unix team installed Crypt::SSLeay and OpenSSL on the brand new
server but I still get the same error above. I believe my trigger script
needs to be updated so it knows where to find the Crypt::SSLeay but I am
very lost even after reading the site I referenced above.

Please let me know if you need any additional information to help, any
assistance you can provide is greatly appreciated!!

Thanks and have a great day!!