Tracking change and innovation in the enterprise software development community
Scaling Scrum
in the enterprise?
ScrumWorks Pro
can help.
Start a trial today
QCon London 2010!
March 10-12, 100
Speakers, 80 sessions,
"THE" team leads and,
architects conference.
Free Book Offer
SOA Demystified
$40 Value
Posted by Obie Fernandez on Nov 14, 2006
Rubyist Justin Bailey has just released RubySSPI, which enables NTLM proxy authentication for Ruby on Windows platforms. RubySSPI interacts with Microsoft's Security Support Provider Interface (SSPI) API to enable Ruby programs using Net::HTTP or open-uri to authenticate as the current Windows user with proxy servers requiring NTLM authentication (e.g. Microsoft's ISA). The library provides bindings to the Win32 SSPI libraries, which implement various security protocols for Windows. It was primarily developed to give Negotiate/NTLM proxy authentication abilities to Net::HTTP (and thus, open-uri), similar to support found in Internet Explorer or Firefox.
The library is not an implementation of the NTLM protocol and does not give the ability to authenticate as any given user. It does authenticate with a proxy server as the current user logged into the given Windows workstation where the code is executing. It also does not provide full bindings to the SSPI library, but the author is accepting patches that extend the library in that direction, if anyone is so inclined. An already suggested future enhancement is to leverage RubySSPI to use NTLM authentication with SQL server, removing the need for usernames or passwords in configuration files.
If you are behind a proxy that authenticates all traffic, then this library enables your ruby scripts to authenticate with the proxy as the current user seamlessly. This solves the shortcomings of other solutions which require you to enter your username and password in clear text at least once. After a few simple steps, you should be able to successfully install things like Ruby on Rails by simply typying gem install rails, exactly how non-Windows users get to do.
The inability to do gem install was a big mental barrier to adoption in some Microsoft-heavy shops where I've tried to introduce Ruby and Rails. It was also a huge (and constantly recurring) pain for gem commands to fail when I was stuck at a large client with an ISA proxy/firewall. The biggest problem is that a lot of times, nobody at the client site will know anything about the ISA proxy and attempts to figure out why "my Ruby just doesn't work" will meet with confusion, if not outright hostility.
To make RubyGems (gem) commands work seamlessly behind an ISA firewall just download and install the RubySSPI gem manually, and follow the instructions provided in the Readme.txt file inside the distribution.
The extraordinarily comprehensive README provided with the RubySSPI gem even includes a useful list of related resources and open-source projects that were used in decoding both NTLM messages and integrating with the SSPI library:
Unix, Linux Uptime & Reliability Increase While Patch Management Woes Plague Windows (Yankee Group)
Right Collaboration Architecture Drives Business Transformation
Understand and Align BPM, SOA, and Lean Six Sigma: 43 page IBM Redguide
Technical Debt and Design Death
The 5 Mandates of Software Development Teams - Presto Manifesto
Obie,
Thanks for the write up. This library was pretty painful to create but once it was working, it really made my ruby-life a lot easier. Personally, I'd like to see the functionality get pushed into the ruby distribution, but when I posted a patch to the core mailing list the silence was deafening. Hopefully the need will be perceived eventually and it will make it in.
I am wondering if I could use this (and how), to authenticate the Windows user within a Rails app. I am missing the link how "NTML sets" the (remote) user in the HTTP request, or otherwise.
Any hints appreciated!
Obie,
..........
but when I posted a patch to the core mailing list the silence was deafening.
So, why not try atleast the windows installer group who should be more inclined to listen to you. When I installed ruby on my box, I saw that it contained 6-7 win32 related gems. So, Curt Hibbs or others on the win32 setup team might want to install your stuff by default ?
Tbank you,
BR,
~A
anjanb.wordpress.com
Brian Marick takes us through a quick tour of the most important values and challenges to adopting Agile successfully (they aren't the typical challenges and values we hear in the community).
The line between development and architecture is tricky. Does it exist at all? Is an ivory tower actually needed? There's a balance in the middle, but how do you move from developer to architect?
The word 'authority' sometimes produces an allergic response in hard-line agilists. Freedom and authority – both are bad if misused and both are good if used in right spirit for a noble cause.
"Getting Started with Grails" brings you up to speed on this modern web framework. Companies as varied as LinkedIn, Wired, and Taco Bell are all using Grails. Are you ready to get started as well?
Those familiar with only ITIL V2 often scoff at the thought that ITIL could serve as a governance framework for SOA. With ITIL V3, the focus of the framework shifted towards service-orientation.
SpringSource CTO Adrian Colyer discusses AspectJ, SpringSource's dm Server and tc Server products, OSGi and Scrum.
Heroku's Adam Wiggins talks about Rails, Background Jobs, Add-Ons, Ruby, and how Heroku manages to work around Ruby's inefficiencies using Erlang and other languages.
For Grady Booch the foundation of a good architecture is patterns, SOA being just one of many patterns. In this Second Life presentation, Booch attempts to bring more clarity on what architecture is.
3 comments
Watch Thread Reply