Monday, December 10. 2007
Life and work have been eating up all my time, so I have had no time to write anything about what's been going on. I finally decided to take a break from work, sit down and try to catch up with things.
Although busy, I have been updating my libraries; adding deatures, fixing bugs and trying to get some structure going. The libraries are used by a good number of projects, so I figured it was about time to make some of the changes known. First off, I started tracking versions and keeping changelogs for the different libraries (Only those that have changed since I started version tracking have changelogs right now). The libraries can all be found on my Source Code page. As for some of the specific changes....
Continue reading "Library Updates and Other Dealings"
Wednesday, October 3. 2007
I have been in contact with the folks at the Maine Software Developers Association (MESDA) and they are interested in the possibility of starting a PHP user group here in Maine. Before anything is officially organized (aiming for the beginning of the year), they would like to find out the interest of such group from those in the area. Meetings would most likely take place at their facility in Westbrook, or somewhere in the Portland area. If anyone is interested, please contact me via email or i-name: =Rob.Richards.
MESDA will also be announcing this at their 15th annual conference and be seeking those interested in joining the user group. In order to help invigorate PHP development or at least educate some of the IT decision makers at the local companies around here about PHP, I will be doing a full day workshop on PHP at the conference on November 6th. The morning session, geared for anyone wanting to know how PHP could fit into their organization and what PHP 5 brings to the table, will cover an overview of PHP, its basics and overviews of the new features introduced in PHP 5. The afternoon session will be more coding oriented, taking a more detailed look using PHP 5, for the developers out there. This will be my first time at this conference. I'm not sure the cost for attendees is yet, but if last year is any indication, it will be around $130, which is a bargain for a conference.
So, to recap...
If anyone is interested in a Maine PHP user group and/or will be attending the MESDA conference, I'd like to hear from you. I can be reached via email or i-name: =Rob.Richards.
Thursday, July 5. 2007
Work has been keeping me extremely busy over the past few months, so I haven't had much time for any new entries. This, however, doesn't mean that there hasn't been anything going on. I figured it was about time I provided an update so people will quit asking if I'm still alive
Contrary to what I said in the past about no longer maintaining these libraries, I have been quietly releasing updated versions of the code with bug fixes. There are quite a number of people using them for various reasons so I have decided to continue supporting and developing all the libraries. There will be a few changes though. I have had far too many emails and questions concerning the lack of licensing (For some reason people don't get the public domain concept). To hopefully reduce the amount of questions I get about this, I will be releasing the next versions under a BSD license. I will also being maintaining versioning information for each file and the changes made between versions. The changes made so far have primarily been concerned with fixes when used through a SOAP server context, some ability to perform encryption in a SOAP message from the client side and some new features that I have needed for an Managed Identity provider (see the Infocard section for details).
Continue reading "Catching Up"
Tuesday, March 20. 2007
I finally managed to get my slides converted to PDFs (and a decent size). They can be found in the Talks section along with older ones. Yann and the rest of the crew did a great job (as usual) putting together the 2007 PHP Quebec conference. I had a great time in Montreal and my body is still getting over the sugar shock from consuming so much maple syrup on Saturday.
Friday, March 2. 2007
It's no surprise to anyone who has visited my blog before that I have had InfoCard support within Serendipity for some time now. Serendipity was not originally designed with third party authentication mechanisms in mind, so in order to allow for this, I had to heavily modify the internals of the code. Although an external authentication plugin has been available, it simply allows a username/password combination to be validated by an outside source. This combination is then saved in the Serendipity author table and then pulled from there. Not the best solution (and a simple explanation on my part of how it really works), but in the case of OpenID and InfoCard quite impossible. There are no username/passwords being submitted to the blog. In any event, this made Serendipity upgrades very painful as I had to merge my changes by hand into the new revisions. The problems I had with integration have been the very same issues that has prevented the addition of OpenID support.
That is until now (hopefully).
Continue reading "OpenID and InfoCards coming to Serendipity"
Tuesday, November 21. 2006
I've ran into services in the past that supported WS-Addressing, but it was only recently that I worked with one requiring it in addition to WS-Security. It's not very difficult to implement, but I threw together a library for anyone else that might need to leverage it.
WS-Addressing Library: soap-wsa.php
WS-Addressing Example: soap-wsa-example.php
* The example also uses WS-Security (not required for WS-Addressing) but demonstrates some new WS-Security functionality.
The functionality has only been implemented for a SOAP client side and has only been tested against a .NET service. If anyone runs into any bugs or interoperability issues, please let me know so they can be addressed.
Continue reading "WS-Addressing for ext/soap"
Monday, October 23. 2006
Last month I released some prototype code for working with XMLSEC and XMLDSig in PHP and also mentioned that I would not be actively maintaining it. A few weeks ago I was asked by Pat Patterson, one of the Federation Architects at SUN, about incorporating the library for use in a PHP based SAML 2.0 service provider within the OpenSSO project. The code will probably recieve more attention there than I currently have time to provide, so you might want to check out what they are doing within their repository (note: the code located there is subject to the Common Developement and Distribution License). They are also looking for help from any PHP developers who might be interested in working the project.
So what does this mean to people already using the code or do not want to worry about any potential licensing issues?
The xmlseclibs code located on my site (including any changes I might make to it) currently is and will remain to reside within the Public Domain. Basically if you get the code from here you do not need to worry about any licensing legal mumbo jumbo (there is none). You will however be on your own for any bugs or problems you might encounter when using the code from here.
So what's in the future for working with Encryption and Digital Signatures in PHP?
We, Alexandre Kalendarev and myself, are close to being ready to add our xmlsec implementation to PECL, but are still working through some issues - especially in the Digital Signature area. Currently it can process almost the same files as when I use the xmlseclibs library, but is still lacking when trying to create signatures with multiple references.
For those who might want to try it out in its current state, you can Download the Pre-Alpha code, which includes some examples. Also, Alexandre has some documentation in Russian available, for those of you who can read it. It has taken us a while to get the code to this state, so hopefully we will be able to have an alpha release in the near future.
Friday, September 15. 2006
The slides for my tutorial and talk can be found at:
Advanced XML and Web Services (with accompanying code)
For the XML Security session, what people are probably most interested is the code used to implement WS-Security and possibly Infocards using PHP.
Security Library - Base XML Security library implementing XMLENC and XMLDSig functionality.
WS-Security library - WS-Security library for use with SOAP. Currently only implements client functionality and is missing the ability to encrypt SOAP data.
Example Usage of WS-Security - An example of interacting with the Amazon Elastic Compute Cloud (Amazon EC2) SOAP Service. Easily re-factored for use with other services requiring WS-Security.
Infocard Library - Base library for processing infocards.
Infocard demonstration - Demonstration of processing a submitted Infocard. The result is a SAML token along with a function to view submitted assertions. The form has NOT been updated to work with the recent namespace change, so modify the requiredClaims for use with IE7 RC1, Vista RC1 or .NET 3.0 RC1.
Continue reading "Slides from PHP|Works 2006"
Saturday, August 26. 2006
If anyone is wondering what the new Infocard registration and login links are on my blog, let me explain. As I mentioned in my last entry, I am working on libraries to work with XMLENC and XMLDSig in PHP. Being complicated technologies, the code produced so far has been just trying to design a API that uses PHP's KISS approach before moving on to writing bindings for the XML Security Library. In order to test out the APIs I wanted to use real world scenarios, such as building a class to handle WS-Security using the routines from the API. A few months ago I came across another technology leveraging XMLENC and XMLDSig: Infocards (aka Windows CardSpace). I am getting really sick of long blog entries showing up almost in their entirety in aggregators, so I am truncating this here and you can read the full entry for the rest of the story.
Continue reading "Infocard enabled Serendipity"
Monday, July 3. 2006
I have gotten quite a few messages over the past month or so concerning implementing WSSE with ext/soap. Unfortunately I have had little to no time to write up anything on this or the other XML Security topics. If my time doesnt free up, you might have to wait until my presentation in Toronto. Until then here is some very basic, crude and unorganized code that should get anyone needing this functionality started.
Update (9/15/2006): New libraries and sample files are available. Please see the entry Slides from PHP|Works 2006
XML Canonicaliztion functions C14N() and C14NFile() have been added to DOM for PHP 5.2. Until this is released, I wrote some functionality to perform basic exclusive canonical XML (So far it has worked fine with all the Soap services implemeting WSSE I have encountered as well as XML using XMLDSIG). When used within a system running PHP 5.2 it will use the functionality built into the DOM extension rather than the custom implementation.
For WSSE, here is a class extending SoapClient that can be used to add basic WSSE functionality to a soap request. It requires an additional xmldsig template file. The example code provides the following:
This code is very crude, unorganized and built quickly using brute force - So if you dont like it, then dont use it - but dont bitch to me about it . Much cleaner and feature rich code will be available for my XML Security presentation in Toronto, but due to the number of requests for help on this subject I am making this code available as is in its current state. It was pieced together from code from a much larger system and may contain typos. Overall the code should work fine though you should change the way the certificates and passwords are included within the example code.
I can be reached via my i-name: =Rob.Richards