April 2007 Archives

The vast majority of you regular readers will not care about this. I write for those who may own one the application security gateways and either have no documentation or do (since the documentation isn't very good).

NetSilica is a nifty way to use the browser instead of VPN to allow users access to an internal network. It "supports" (rumor has it the company hasn't received funding to further develop the appliance, but they have organized and created a consulting group that'll provide support for about $2000 per month) most email apps, SSH and telnet clients, but also allows you to grant users access to your intranet applications. If you've read even this far, you already know that.

What you may not know is that the NetSilica application security gateway (hereon called "the appliance") doesn't not play so nicely with AJAX. I've spent the better part of a week tracking down the error that caused our month-to-date sales application to just hang when you requested a previous month's sales via an AJAX call in some old-ass (likely pre v1) Prototype library.

This is because NetSilica adds some random hash string to the URL so the user has no effing clue what the actual address of the site is and, therefore, provides some security. Only problem is the AJAX call gets that retarded hash string. So what used to be:

myObject.get("intranet.salesapp.com/sales_for_month?m=march");

gets translated by NetSilica to:

myObject.get("netsilica.mybusiness.com/2ic89asdafaklj3j54/sales_for_month?m=march");

Like I said, it doesn't play nice.

The fix? Well, I'm glad you asked and at least read this far. Turns out you can tell NetSilica to avoid encrypting the url. And it's actually pretty easy. You know, once you dig through the mess of code and find out what function is actually making the call.

I don't know how all the admin panels look or even if there's more than one version of the appliance, but for sake of completeness I'm going to be excrutiatingly detailed for the version I've worked on.

1. Login to the admin panel of the NetSilica domain that the AJAXy app runs in and click the "+" next to Webapps
2. Click List. Click the "Manage" link next to the AJAX app.
3. On the menu the shows up click "Configure Java Script Details"
4. On the screen that comes up, there are two potential text fields that you'll need to fill out.
   • If you store the URL for the AJAX call in a variable, you'll need to var the variable name (mine was just url) in the JavaScript Variables text field.
   • If the URL is hardcoded into the function, simple enter the function name into the JavaScript Functions text field
5. Click the "Submit" button.

That's the fix that worked for me. I hope this helps someone else out there save a crapload of time.

This is why Maxim is quite possibly the best magazine ever.

So, I know it's been, like, forever since I wrote last. That'll be changing, I promise. In the meantime, while I work up something about how Easter should be called Zombie Day, here's short glimpse of what I do in a work week. I didn't write this for fun. I wrote it because I have to let my boss know what I've been doing before we have our staff meeting:

Did some more management of the Netsilica (NS) appliance. It seems to be running smoothly and will likely be a good solution for the publishing partners. I'm still trying to find the last remaining bug in the MTD Sales page, but I'm confident all the other reports work fine, both via NS and internally.

The most recent pain in my side was the Sales Mart. Last week I made a change to how the CISPub sales were added to the fact_sales (which solved the problem of sales be counted more than once) table which led to another bug. It's all cleaned up now and both the DataStage processes (Michelle knocked out all the CISPub entries with a date of March 10, 200 or around there) and the Sales Mart load are running fine. Kerry unofficially verified that the final sale of Syngress book by Ingram to Ingram, and the subsequent change Jack made to the shipto so we could count the sale, is showing up in the division reports. Lastly, I was able to "find" $600K in gross sales for the MTD Sales report. I really need to solve the MTD Sales problem above for a number of reasons. First, the publishing partners need and deserve dynamic reporting. Second, the MTD Sales pages are statically generated. So, in the case of the past week where the Sales Mart didn't load properly, we simply just didn't have a weeks worth of sales posted. A dynamic report would have A) given us immediate visibility into a broken system, and B) had it not given us that visibility would at least have reported correct numbers once the problem was solved.

I did a quick Subversion update of the Product Database. The Calendar report had it's column sorting all whacked out. I'd already solved the problem, but hadn't committed my changes. So, easy fix. I also did a bulk update of some stragglers that managed to sneak out fo getting changed in the reorg. And I removed "Creative Processing" from the Division (business_unit) list. I'll have to add a Jira ticket for Nikola regard this. I don't like the idea of assigning the business_entity_id to 0 to get them to not show up. Moving forward, if we do plan to open the PDB up to the clients, we need a way of marking them active/inactive rather than just making the business_entity 0. For data integrity and for historical purposes.

I was able to put together a report for Jack to help him and Indy get the customer migration piece of the Oracle implementation moving.

I put together a report for upcoming titles for the sales reps and Regina and Mike's request.

I've been managing Nikola through Jira. We've had a few conference calls via Skype and he seems to really get the system and is making good progress. I want to set aside time for myself and one or two other memebers of the IS Software group to test his changes once he's completed this project. The more eyes on it the better. I really think this will help solve a lot (read: 90%) of the more mundane PDB tasks we get in the RT queue. I still need to organize my thoughts and write up the first draft spec for what I'm calling the MyPDB project. It'll effectively let users choose what fields they view on what tabs, leading them to customize the PDB for themselves. This will also solve the problem of needing a customized PDB for the publishing partners.

The Oracle meetings have been interesting. I can't say that I could recite, verbatim, anything I've heard, but however vauge and distant the information seems right now, I think it'll prove invaluable going forward. It will definitely help when making decisions regarding business reporting applications and work flow.

Lastly, I've been reading Programming Flex 2 and remain excited about this technology and applications it would have within the company. I also got ahold of Essential ActionScript 3.0 and while the first chapter or two could easily supplant the first 12-15 units of programming classes I took at SSU, it's a little weak. It is several months from being officially published, so I understand. Who would I contact to be a tech reviewer?

And you know what? I fucking love every minute of it when I'm not pulling my hair out and hurling insults at interns.

Time for some movie reviews! Special thanks to Kel for the help on these and forcing me to sit through some of them.

Best Use of Animal Puppets
Sleepwalkers
The last 10 minutes of this movie have some of the best cat puppets used in the most amazing ways known to man. Know what happens when you shoot a monster in the stomach with a shotgun when a cat is on its back? This movie answers that question.

Lifetime Network Horror Movie Award
First Born
Oxygen claims to be the first women's network, but anyone who has watched cable since 1984 knows that the real women's network is Lifetime. Known for their films about hardships common among females, this movie fits the bill perfectly. Elizabeth Shue has a baby, goes through postpartum depression, and deals with a husband's negligence that contributes to the death of an infant.

Best Use of a Trailer Misrepresenting a Film's Plot
Wicker Man
Is it super natural horror? Did a ghost do it? Or was it some highly unlikely plan set in motion decades before the events in the film actually take place? Guess which.

Best Sexless Porn With Too Much Plot
The Return
The posters and cover make it seem very much like a Japanese horror film. About 15 minutes, non-consecutive, verify this, but the majority of it consists of thinly veiled hints that something larger, more super-natural is unfolding. The rest is an intensely boring, and yet disturbing, story of a 20-something eventually humping a 50-something.

Best Stephen Dorff Vehicle
The Gate
Stephen Dorff: The Beginning. He's twelve. He likes model rockets. He defeats ultimate evil. Sans gratuitous shot of cock a la Shadowboxer.

Best $3.50 Enabler
The Break-Up
Vince Vaughn meets Jennifer Aniston at a ballgame and convinces her to dump her current boyfriend for him. And that's just the first 5 minutes. This film explores the average complex and nuanced 21st-century relationship: two people who hate themselves and each other, but are both too stubborn to admit it and, instead, passive aggressively attempt to beat each other into submission.

Best Understated MPAA Rating
Happy Feet
A penguin goes on a journey to stop humans from overfishing his penguin pals' ocean. Sounds harmless, yeah? This movie scared me. I almost cried, like, nine different times. Also, Robin Williams voiced three characters.

Best Teen Movie for Thirty-Somethings
You, Me, and Dupree
Matt Dillon's best friend, Owen Wilson, terrorizes he and Kate Hudson as newlyweds. Think of Zoolander but remove the funny and likeable characters.

Best Poor Execution of a Great Idea
Stranger Than Fiction
Will Ferrell, aided by Dustin Hoffman, convinces multimillion dollar author Emma Thompson that her profitable, if formulaic, plot device is retarded.

Best Loved/Hated Film
Ankle Biters
The tagline is "Don't Look Down." It's a vampire movie where the main characer is essentially a low-bidget, white trash Blade. He fights midgets. Midget vampires. Midget vampires with southern accents. Midget vampires with southern accents on sets that are largely comprised of the crew's garage, quarter-acre of weeds and rusted out '87 Trans Am chassis, dive bars, and Best Westerns. How could you not both love and hate this?

Honorable Mention
House
The Greatest American Hero fights Vietnam evil with Cheers' Norm.

Happy Feet
Best line: "He's so accidentally cool."