CDATA Zone
https://www.cdatazone.org/
The place where almost anything goesenhttps://www.cdatazone.org/templates/default/img/s9y_banner_small.pngRSS: CDATA Zone - The place where almost anything goes
https://www.cdatazone.org/
10021API Security
https://www.cdatazone.org/index.php?/archives/60-API-Security.html
Slides now online for my <a href="http://cdatazone.org/talks/phptek_2012/APISecurity.pdf" title="API Security">API Security</a> talk at PHP|Tek 2012
CDATA Zonenospam@example.com (Rob Richards)2012-05-25T16:06:19Zhttps://www.cdatazone.org/wfwcomment.php?cid=600https://www.cdatazone.org/rss.php?version=1.0&type=comments&cid=60API Development
https://www.cdatazone.org/index.php?/archives/59-API-Development.html
Slides now online for my <a href="http://cdatazone.org/talks/phptek_2012/ApiDev.pdf" title="API Development">API Development</a> talk at PHP|Tek 2012
CDATA Zonenospam@example.com (Rob Richards)
Services, 2012-05-23T13:11:46Zhttps://www.cdatazone.org/wfwcomment.php?cid=590https://www.cdatazone.org/rss.php?version=1.0&type=comments&cid=59xmlseclibs 1.3.0 Released
https://www.cdatazone.org/index.php?/archives/58-xmlseclibs-1.3.0-Released.html
It's been some time since the last release and there have been a number of features and a few bug fixes so I figured it was time for a new release. A few of you have sent me some patches that are not included in this release as they were too major for this release but they will be included for a 2.0 branch I am planning on starting shortly.<br />
<br />
You can find 1.3.0 here:<br />
<a href="http://xmlseclibs.googlecode.com/files/xmlseclibs-1.3.0.tar.gz" title="xmlseclibs 1.3.0">xmlseclibs 1.3.0</a><br />
<br />
Things added or fixed in this release:<br />
<br />
26, Sep 2011, 1.3.0<br />
Features:<br />
- Add param to append sig to node when signing. Fixes a problem when using<br />
inclusive canonicalization to append a signature within a namespaced subtree.<br />
ex. $objDSig->sign($objKey, $appendToNode);<br />
- Add ability to encrypt by reference<br />
- Add support for refences within an encrypted key<br />
- Add thumbprint generation capability (XMLSecurityKey->getX509Thumbprint() and<br />
XMLSecurityKey::getRawThumbprint($cert))<br />
- Return signature element node from XMLSecurityDSig::insertSignature() and<br />
XMLSecurityDSig::appendSignature() methods<br />
- Support for <ds:RetrievalMethod> with simple URI Id reference.<br />
- Add XMLSecurityKey::getSymmetricKeySize() method (Olav)<br />
- Add XMLSecEnc::getCipherValue() method (Olav)<br />
- Improve XMLSecurityKey:generateSessionKey() logic (Olav)<br />
<br />
Bug Fixes:<br />
- Change split() to explode() as split is now depreciated<br />
- ds:References using empty or simple URI Id reference should never include<br />
comments in canonicalized data.<br />
- Make sure that the elements in EncryptedData are emitted in the correct<br />
sequence.<br />
CDATA Zonenospam@example.com (Rob Richards)
Services, XML, 2011-09-26T11:59:48Zhttps://www.cdatazone.org/wfwcomment.php?cid=582https://www.cdatazone.org/rss.php?version=1.0&type=comments&cid=58Vizio Netflix Widget
https://www.cdatazone.org/index.php?/archives/57-Vizio-Netflix-Widget.html
This evening when trying to stream Netflix using the Netflix widget on my Vizio TV, I ran into an issue where only my Instant Queue was available. Having seen a similar issues before, I first checked that all my other Netflix enabled devices. They all worked perfectly so I ended up having to dig a little deeper into the Vizio widget. Last time I had streamed a movie to this particular TV was a couple of weeks ago; at which time it was working fine and all the queues were available for selection, so I knew something was broken here. After some troubleshooting with no luck, I ended up just searching the Net to see if anyone else was having the same issue. Sure enough I wasn't alone. The problem seems to have started a little over a week ago.<br />
<br />
After a few hours of searching I finally found someone who figure out how to get it working again. It appears the widget was recently updated and in order to get all the queues to show up, the widget needed to be deactivated and then reactivated. Sounds simple enough, but unfortunately not so straightforward. The widget doesn't have an option to do this via the UI. You are required to send a serious of commands via the remote in order to access the hidden functionality.<br />
<br />
Once in your instant queue, enter the following commands on the remote:<br />
<strong>up up down down left right left right up up up up</strong><br />
<br />
This brings up the prompt to deactivate the widget from your Netflix account. Select yes and then confirm. Once successfully deactivate, just restart the widget, reactivate it against your account and you should happily now see all the queues now available for selection.
CDATA Zonenospam@example.com (Rob Richards)
Misc, Services, 2010-09-16T21:46:00Zhttps://www.cdatazone.org/wfwcomment.php?cid=570https://www.cdatazone.org/rss.php?version=1.0&type=comments&cid=57Hello Word! (Take 2)
https://www.cdatazone.org/index.php?/archives/56-Hello-Word!-Take-2.html
I am happy and proud to say that on May 7th at 9:59 pm, my second son, Chase, was born. He and Mom are doing great and Dean is just thrilled to be a big brother.
CDATA Zonenospam@example.com (Rob Richards)
Misc, 2010-05-11T17:56:00Zhttps://www.cdatazone.org/wfwcomment.php?cid=560https://www.cdatazone.org/rss.php?version=1.0&type=comments&cid=56WS-* for PHP
https://www.cdatazone.org/index.php?/archives/55-WS-for-PHP.html
Support for dealing with encrypted SOAP messages was a feature that had been missing from my WS-* libraries pretty much due to my lack of time to implement it. When people ask for help interoperating with a SOAP server that requires encryption I typically just point them over to the WSF project. The problem has been that in many cases people are unable to install that framework, as they don't control the servers, or more recently I have gotten reports that they simply could not get it to work. Either it didn't support what they needed, wouldn't compile, or simple wouldn't work with even simple SOAP requests. I decided to finally set aside some time and implement the encryption/decryption portion of the library. Note that it was developed against some WCF services implementing message level security, so your mileage might vary against other platforms. Bug reports would be fastest way of getting any of those issues dealt with.<br />
<br />
As part of the recent changes, I also finally got around to creating an official project for the libraries rather than just being ad-hoc files people pulled from my web site. The libraries are now officially part of the <a href="http://code.google.com/p/wse-php/">wse-php project</a> hosted over at Google Code. It was a toss up between that and GitHub, but I really wanted to play around with Mercurial since I already use Git over at the Gnome project. Currently the libraries provide support for a portion of WS-Addressing and WS-Security that can be used with ext/soap in PHP. As time goes on I plan to add some support for simplified configuration of messaging as well as some other of the WS-* specs that might be useful when interoperating with other SOAP servers.
CDATA Zonenospam@example.com (Rob Richards)
PHP, Services, XML, 2010-03-19T12:49:00Zhttps://www.cdatazone.org/wfwcomment.php?cid=5516https://www.cdatazone.org/rss.php?version=1.0&type=comments&cid=55Xmlseclibs 1.2.2 Released
https://www.cdatazone.org/index.php?/archives/54-Xmlseclibs-1.2.2-Released.html
After quite some time, version 1.2.2 has finally been released. It can be downloaded at: <a href="http://xmlseclibs.googlecode.com/files/xmlseclibs-1.2.2.tar.gz" title="Download URL">http://xmlseclibs.googlecode.com/files/xmlseclibs-1.2.2.tar.gz</a><br />
<br />
Changes include:<br />
<br />
Features:<br />
- Add support XPath support when creating signature. Provides support for<br />
working with EBXML documents.<br />
- Add reference option to force creation of URI attribute. For use<br />
when adding a DOM Document where by default no URI attribute is added.<br />
- Add support for RSA-SHA256<br />
<br />
Bug Fixes:<br />
- fix bug #5: createDOMDocumentFragment() in decryptNode when data is node<br />
content (patch by Francois Wang)<br />
<br />
Please submit any bugs or feature requests into the <a href="http://code.google.com/p/xmlseclibs/issues/entry" title="Issue Tracker">Issue Tracker</a>.
CDATA Zonenospam@example.com (Rob Richards)
Infocard, PHP, Services, XML, 2010-01-11T14:02:00Zhttps://www.cdatazone.org/wfwcomment.php?cid=544https://www.cdatazone.org/rss.php?version=1.0&type=comments&cid=54Digital Identity and OAuth slides from ZendCon
https://www.cdatazone.org/index.php?/archives/53-Digital-Identity-and-OAuth-slides-from-ZendCon.html
Slides have been posted for the latest version of my <a href="http://cdatazone.org/talks/zendcon_2009/Digital_Identity.pdf" title="Digital Identity">Digital Identity talk</a>.<br />
<br />
The contents is a bit less technical than in the past and is aimed at wider audience than just developers. Please contact me if there are any questions on the material or topics presented. <a href="http://xri.net/=rob.richards">Rob Richards</a>.<br />
<br />
You can also find the slides from my <a href="http://cdatazone.org/talks/zendcon_2009/OAuth.pdf" title="Digital Identity">OAuth</a> presentation.
CDATA Zonenospam@example.com (Rob Richards)
Identity, Infocard, OpenID, PHP, 2009-10-21T15:29:00Zhttps://www.cdatazone.org/wfwcomment.php?cid=530https://www.cdatazone.org/rss.php?version=1.0&type=comments&cid=53Life's Too Short
https://www.cdatazone.org/index.php?/archives/52-Lifes-Too-Short.html
June 30th is a day I will never forget. It was the day I witnessed my sister pass away from lung cancer. A woman who was a non-smoker and lived an extraordinary life, I always believed Tracy would beat the odds. It really pisses me off. She wasn't a smoker, had a family, including 3 beautiful kids, yet was cut down in the prime of her life. She was only 3 years older than I and I cry foul!. All I can think of is the poem "Do Not Go Gentle Into That Good Night". We must all live life to the fullest which means taking advantage of every opportunity that arises and having the courage to do what we are afraid of doing. We all must "Rage, rage against the dying of the light."<br />
<br />
I have always been the black sheep in my family. Doing things against the grain and not considered the norm. Although they didn't always agree with my choices, my family always supported my decisions. I really want to thank them with all my heart for that. Mom, I bet you never thought I would be where I am today <img src="https://www.cdatazone.org/templates/default/img/emoticons/smile.png" alt=":-)" class="emoticon" /> Without everyone's support, I know I would never have achieved everything I have nor be where I am today. I thank you all for that. Julie, you have alway been there for me. No matter what I have been feeliing, you have always been there for me. No matter what you have always looked out for us.<br />
<br />
Life is too short to just play by the book. We all need to take chances, do what makes us happy. How many of us regret not having had the courage to kiss the girl or say what we really want to say because we are scared of what other people think? My life hasn't been easy and I experienced all of this, so don't think its not normal. It wasn't until I realized that I don't really care what other people think as long as I am happy and I know what I am doing is right that I could truly live a life worth living. For that matter had I not been, I doubt that Julie and I would ever have gotten together, gotten married and eventually have our beautiful son Dean.<br />
<br />
I ramble on..... I think the essence of what I am trying to say is that life is too short for fear, doubt, hate... We have to do what makes us happy. We need to experience everything that life has to give us. Being from farm country in Maine, I just have to quote Tim McGraw when he sings "Live Like You Were Dying". I really cannot sum it up better than his song.<br />
<br />
Tracy, We love you.
CDATA Zonenospam@example.com (Rob Richards)
Misc, 2009-07-14T21:46:00Zhttps://www.cdatazone.org/wfwcomment.php?cid=520https://www.cdatazone.org/rss.php?version=1.0&type=comments&cid=52Streaming XML
https://www.cdatazone.org/index.php?/archives/51-Streaming-XML.html
Another php|tek has come and gone. Although a bit behind, I finally got my slides online for my <a href="http://cdatazone.org/talks/phptek_2009/Streaming_XML.pdf">Streaming XML</a> talk. I lingered a little too long on a few topics so the XMLWriter portion was a bit rushed. If anyone has questions on any of the topics, feel free to drop me a line. I did promise a few people I would write a bit about XMLReader and XMLWriter, but it's slow going as I try to find the time. Hopefully in the not to distant future I can get to this. This Dad thing is really time consuming <img src="https://www.cdatazone.org/templates/default/img/emoticons/smile.png" alt=":-)" class="emoticon" /> <br />
<br />
CDATA Zonenospam@example.com (Rob Richards)
PHP, Services, XML, 2009-05-28T11:21:00Zhttps://www.cdatazone.org/wfwcomment.php?cid=510https://www.cdatazone.org/rss.php?version=1.0&type=comments&cid=51A Dad At Last!
https://www.cdatazone.org/index.php?/archives/50-A-Dad-At-Last!.html
I can remember back to last years php|tek. The morning of my web services workshop I found out that I was going to be a Dad. Needless to say that is one presentation I will never forget. It has been a long 9 months, but I am happy to say that I am now officially a father. My son Dean was born at 1:03 am on Jan 27th. Both Julie and Dean are doing well, though Dean gets to sleep much more than we do. Life sure is going to change dramatically, but none of us would have it any other way. Dean, if you happen to be reading this years from now, pulled from the archives of some search engine, I just have to say that you are the most precious thing to your mother and I (seeing you don't have any siblings....yet).
CDATA Zonenospam@example.com (Rob Richards)
Misc, 2009-02-05T01:04:00Zhttps://www.cdatazone.org/wfwcomment.php?cid=502https://www.cdatazone.org/rss.php?version=1.0&type=comments&cid=50Entities, ext/xml and libxml 2.7
https://www.cdatazone.org/index.php?/archives/49-Entities,-extxml-and-libxml-2.7.html
As many people have found out, entity handling in ext/xml is broken when used with libxml2 2.7.0-2.7.2. The problem lies with the way pre-defined entities are handled; or rather not handled when used with one of the newer libxml2 versions. The entities, &amp;, &lt; , &gt;, &apos; and &quot; never get passed to the user's callbacks, causing a big problem in quite a number of applications out there. Needless to say, I've received a good amount of hate mail over this problem. Got to love people. You never hear how grateful anyone ever is, but sure as hell once there is a problem they are all over you. Anyways, I digress.<br />
<br />
Although I have been telling people for a few years now that they should use XMLReader rather than ext/xml, this breakage was not intentional; no matter what anyone says – Yes, I've had a few throw that out there. The good news is that the problem has finally been fixed, but will require both an updated PHP (5.2.9+) and libxml2-2.7.3, although none of them have yet been released. Until things are available, the available options are to either compile your own builds using the code from the libxml2 and PHP repositories, don't upgrade to libxml2 2.7.x yet if you haven't yet done so, build ext/xml with expat rather than libxml2, or lastly, convert your PHP code to use XMLReader.<br />
<br />
My parting thought on this to everyone is just switch to the XMLReader extension. It's faster, easier to use and much more powerful.<br />
<br />
CDATA Zonenospam@example.com (Rob Richards)
PHP, XML, 2009-01-13T15:20:00Zhttps://www.cdatazone.org/wfwcomment.php?cid=495https://www.cdatazone.org/rss.php?version=1.0&type=comments&cid=49OAuth Signature Validation Tool
https://www.cdatazone.org/index.php?/archives/48-OAuth-Signature-Validation-Tool.html
While working on OAuth implementations for our clients at Mashery, one of the biggest issues I see developers running into is how to debug and fix invalid signature errors. There are numerous OAuth libraries out there, in fact we even have our own, so how do you determine which side is really generating the correct signature and which has a flaw in the logic? I find that using a third party library is a great way to quickly zero in on which side is at the root of the issue. The problem, however, is there are no readily available tools to do this. I have found a number of test applications, but they pretty much are for testing wether a consumer library/app is working correctly against them. <br />
<br />
We mostly deal with providing the service provider side of OAuth, meaning numerous different endpoints, so these tools were of little help. I ended up writing a down and dirty signature generation app using the C# OAuth library (so Windows only folks). It will generate a signature based on the different OAuth parameters you enter. You can use this to compare the signature it generates to that from your consumer app or service provider. Full source code and more detailed information can be found on the <a href="http://solutions.mashery.com/docs/tips_and_tricks/oAuth">Mashery Customer Solutions</a> site. Time permitting, I may continue to add features to this tool. Hopefully others find this useful as well.<br />
<br />
Source and Binaries: <a href="http://solutions.mashery.com/docs/tips_and_tricks/oAuth">OAuth Signature Validation Tool</a>
CDATA Zonenospam@example.com (Rob Richards)
Identity, Services, 2009-01-07T12:26:00Zhttps://www.cdatazone.org/wfwcomment.php?cid=480https://www.cdatazone.org/rss.php?version=1.0&type=comments&cid=48Digital Identity slides from ZendCon
https://www.cdatazone.org/index.php?/archives/47-Digital-Identity-slides-from-ZendCon.html
Slides have been posted for the latest version of my <a href="http://cdatazone.org/talks/zendcon_2008/Digital_Identity.pdf" title="Digital Identity">Digital Identity talk</a>.<br />
<br />
This talk has evolved since I first starting giving it, but the latest version simple needed more time to present. I was asked to combine all the topics (OAuth was to be its own presentation) into one, which I probably won't do again. Even just only covering the absolute basics, I found that there just isn't enough time to cover them all in the short amount of time, so some material was skimmed over. If anyone has any questions on any of the material, please feel free to contact me.
CDATA Zonenospam@example.com (Rob Richards)
Identity, Infocard, OpenID, PHP, 2008-09-22T12:23:00Zhttps://www.cdatazone.org/wfwcomment.php?cid=470https://www.cdatazone.org/rss.php?version=1.0&type=comments&cid=47Where's Waldo?
https://www.cdatazone.org/index.php?/archives/46-Wheres-Waldo.html
I've been getting a number of emails asking if I'm still alive and kicking. The answer is yes, just have had a lot of things going on lately. Those of you who were at php|tek in Chicago this year know that my wife and I are having our first baby. We've been busy doing the doctor's visits, shopping, getting nursery ready, shopping, wondering if we have everything we need, and did I mention shopping. Never realized how expensive babies are and he's not even here yet (Yes, I said "he", we are having a boy).<br />
<br />
On the flip side, work has been very hectic. Things are going well and we are very busy. For the past 5-6 months, on top of my regular work on our proxy, I have been living and breathing OAuth. Unlike OpenID, which is really only found in the social networking/blogging areas, and Information Cards which is still new and has some ways to go for more widespread adoption, companies have started actively adopting and implementing OAuth for use with their APIs. Things should start getting interesting once they start rolling these out to the general public.<br />
<br />
I'm still involved with my xmlseclibs project, PHP and libxml2/libxslt. I just haven't had as much time over the past few months. I try to fix what I can when I get a chance, but my participation really has been slacking. With fall having started and winter on the way, I'll have more free time to work on these things. Hope to hit some of the feature requests I've gotten in the XML/PHP areas, as well as soon add some additional functionality to xmlseclibs to work with WS-BPEL (just needs some additional testing). If there are any additional feature requests or bugs I haven't looked at yet (I got a number via email that aren't in any of the bug systems - so may have forgotten about them), let me know and I'll make sure they make my TODO list.
CDATA Zonenospam@example.com (Rob Richards)
Misc, 2008-09-22T11:28:00Zhttps://www.cdatazone.org/wfwcomment.php?cid=462https://www.cdatazone.org/rss.php?version=1.0&type=comments&cid=46