WTF self revelation
maldrich last edited by
I've just put something together that gives me that feeling -- you know the one -- where I really need to wash my hands. In my defense, I was between an immovable object and an irresistable force, which I guess is the source of many WTFs.
So, we have a company intranet, and it was built on ColdFusion. The team here has felt, for quite a while, that CF just isn't cutting it, and we need to move all that stuff to something else. "Something else," however, remains perpetually in the future, but its promise means the CF software is not upgraded. Not ever. We are running version 4.5, I think, on Windows NT. Frugal, no? Maybe next year will be the year. Alas, I am one of two who know Cold Fusion, from way back. Warts and all.
Anyway, there was a single-sign-on function in this existing system that would automatically grant people access if the server got the idea they were inside our network -- using a Novell ActiveX control, client side, to make that determination. Problem: it had gigantic security holes. Doors wide open. Hello world, come on in. Problem: fix the holes, do NOT upgrade Cold Fusion.
So, I put the ol' rubber gloves on:
In IE on the client, use jscript to invoke a, ActiveX object from Novell to fetch a userid and key from NDS; transmit those to the web server. On the web server, use Cold Fusion 4.5 to check the incoming NDS full name and key against ... whoa, that won't work. OK. Back up. On the web server, use Cold Fusion to parse the NDS name and transform it into an LDAP filter, then use the LDAP tag to query the LDAP presentation of the Novell eDirectory tree ... hang on, that won't work for binary data, which the key is.
Um. OK, write a .NET program that will run on a schedule, and in it invoke a Novell COM object to query eDirectory and pull the data into a Dataset, then store it in SQL Server. Then use Cold Fusion to check the username and key against SQL Server, then use it's LDAP tag to check the user's group membership in the LDAP presentation of eDirectory. Success! And only these ... er ... few technologies required:
ColdFusion, SQL Server, Novell eDirectory, Novell eDirectory LDAP, .NET framework, COM, windows scheduled task, Novell ActiveX NWDIR control, Novell ActiveX NWIDIR control, and let's not forget IE6 and JScript. Oh, and prayer and duct tape. Check.
pbounaix last edited by
i feel your pain...
but at least you got found a working solution!
Steeldragon last edited by
sucks to be u...lol
kiriran last edited by
where's the XML? lol ... at least it works
marvin_rabbit last edited by
... the popping baloon awakes the cat, which runs on the treadmill and tips the watering can ...
JoC last edited by
On the bright side, you added an extra two lines of technologies you can cite on your resume.