Here’s an interesting thought. You know all those credit cards from organisations linked to the environment etc.? Spend 50 quid on your credit card and we’ll give 5% of that to a deserving charity? Stuff like that. Well, what if it extended to software? Buy this software and we’ll donate a percentage of the cost to charity. In a way, you can, if you take Bill Gates’s foundation at face value:
Bill Gates: billionaire philanthropist
According to the stats for the Bill and Melinda Gates Foundation, they’ve given away 7 billion dollars. OK, at the same time, he handed over 75 billion dollars to his shareholders and donated his 3 billion dollar cut of the handover to his trust. But that’s still 7 billion dollars the foundation gave away. It basically has about 27 billion dollars to dish out to the needy causes. Perhaps the cynic might spot that the greatest donation was 1 billion dollars to the United Negro College Fund. An umbrella group for Negro colleges in the US. Colleges? Surely they’ll need computers and, well, software?
Gates’s stated aim is to “improve the lives of millions of people across the globe” and the foundation donates heavily to medical research to alleviate suffering in developing countries.
So in a small, very small, way, buying Microsoft software could be construed as a redistribution of wealth. Someone, somewhere could be cured of ill health because you bought Office. Never mind that idiotic paper clip nagging you from the corner of the screen, the crap spelling checker that wants to turn your prose into an Americanised flavour of English. Don’t be put off by the barrage of spam mail and worms and viruses crawling over your digital goods, let in by the software equivalent of open prisons.
Nay, every wince and grimace elicited from your suffering being is another healthy person somewhere on the globe.
A healthy person who is in need of education, computers, software. Someone to replace you as a worn out Microsoft customer. Devoid of documents which were emailed into the ether by a worm, cashless as a virus found your bank details in a Textpad document and hounded by the police as a trojan found your credit card number and spent the lot on questionable porn.
The only solace is in open source, where at least you know your money, if you’ve any left, is going to keeping the developer’s beer belly in good order.
First, go get the source
Decompress it to get your wildfire directory, which we’ll call WILDFIRE_HOME
If you’re going to use LDAP with Wildfire, it’ll be a good idea to follow the instructions on this page:
Solve LDAP alias problems
otherwise you may get errors such as:
Search for userDN based on username ‘xxx’ found multiple responses, throwing exception
Note that the WILDFIRE_HOME/bin/wildfire.vmoptions doesn’t work when running in debug mode as there’s no wildfire script. So to enable the above patch, you have to add it explicitly to the VM options as -Djava.naming.ldap.derefAliases=never
Build wildfire:cd WILDFIRE_HOME/build
ant
This will build everything into WILDFIRE_HOME/target
Now you need to create the database and it’s tables. If you just create the database, Wildfire will complain about the database schema not being installed. It’s one of those apps where you have to set up the database yourself:
mysql -u root -p mysql
create database wildfire;
grant all privileges on wildfire.* to USER@”localhost” identified by ‘PASSWORD’;
flush tables;
flush privileges;
exit
mysql -u USER -p wildfire < WILDFIRE_HOME/target/resources/database/wildfire_mysql.sql
In IDEA, create a new Application debug profile with the following parameters, assuming WILDFIRE_HOME=/Users/Alistair/dev/wildfire
Main class:
com.install4j.runtime.Launcher
VM parameters:
-server -DwildfireHome="." -Dinstall4j.appDir="." -Dexe4j.moduleName="./bin/wildfire" -Dwildfire.lib.dir="./lib" -Dinstall4j.jvmDir="/System/Library/Frameworks/JavaVM.framework/Versions/1.5/Home" -Djava.naming.ldap.derefAliases=never
Program parameters:
start org.jivesoftware.wildfire.starter.ServerStarter false false "./logs/stderror.log" "./logs/stdoutt.log" true true false "" true true 0 0 "" 20 20 "Arial" "0,0,0" 8 500 "version 2.6.2" 20 40 "Arial" "0,0,0" 8 500 -1 -DwildfireHome=. -Dwildfire.lib.dir=./lib
Working directory (IDEA should fill this in for you):
/Users/alistair/dev/wildfire/target
The next step is to add all the JARs to IDEA:
WILDFIRE_HOME/build/lib
WILDFIRE_HOME/build/lib/dist
WILDFIRE_HOME/build/lib/merge
WILDFIRE_HOME/src/plugins/userImportExport/lib
Then tell IDEA to build everything to this directory:
WILDFIRE_HOME/classes
To stop wildfire generating this error:
Failed to load admin-sidebar.xml file from Wildfire classes - admin console will not work correctly
copy WILDFIRE_HOME/target/lib/wildfire.jar to WILDFIRE_HOME/classes
jar xvf WILDFIRE_HOME/classes/wildfire.jar
This will put all the XML files into IDEA's CLASSPATH
So they’re at it again, the pro-whaling nations, Japan, Norway and the likes. Not content with almost bankrupting their fish farming industry, just to flood the EU with cheap salmon, Norway has voted to restart commercial whaling. The story suggests Japan has wangled this but obviously with the support of Norway. Quotes like these are quite restrained:
“…whaling would be on a much smaller scale than in the past…”
“…It’s not going back to the commercial whaling…”
“…sustainable whaling…”
“…protection of depleted and endangered species…”
when what they really want is to empty the seas of whales for their short term national gain. We’ve already seen that with Norway, whose fish management policy is non existent. Just ask Scottish fish farmers how well Norway manages it’s fish farming industry.
So Japan wants a lot less whaling than in the past? Why not eat what they catch for “research”? Whaling has been going on for decades under the banner of science. mmmm, tasty science indeed I’ll wager. How much research can one do on a dead whale? What calibre of scientist would continually work on a carcass? Oceans full of life but these “scientists” must kill and drag back to the lab.
Once these traditional exploiters of the world’s oceans start their take take take again, it’ll just be another blood bath and path back towards extinction for the whale.
SP
- v1.2.0
- Added xalan.jar to build.xml
- Updated org.guanxi.sp.engine.Engine to take account of target parameter from an IdP being either upper or lower case
- Updated org.guanxi.sp.engine.Engine to put Request IssueInstant in correct format, i.e. yyyy-mm-ddThh:mm:ssZ
- Updated org.guanxi.sp.engine.Engine to remove hard coded “guanxi” NameIdentifier in AA calls. Now gets it from it’s config file
- Updated org.guanxi.sp.engine.Engine to set the Content-type of the AA connection to “text/xml”
- Updated org.guanxi.sp.engine.Engine – Rationalised the configuration to get all info from the config file. Only the config file is specified in web.xml now. Also tells X509Chain to load it’s certs from the IdP metadata directory instead of the certs directory.
- Updated org.guanxi.sp.guard.GuardRequest – Now gets the original request parameters from the Pod
- Updated org.guanxi.sp.guard.GuardRequest – Updated getHeader() to look for the header name as is before trying all lowercase as the SAML attributes can be mixed case.
- Updated org.guanxi.sp.engine.Engine – The Resource attribute of the AttributeQuery sent to the AA is now set to the entityID of the Guard.
- Updated org.guanxi.sp.engine.Engine – Modified to parse the correctly formatted Guard metadata files that CA creates.
- Updated WEB-INF/config/guanxi-sp-engine.xml – updated WAYF example and added NameQualifer, TrustStore, TrustStorePassword, GuardsMetadataDirectory and IdPMetadataDirectory example
- Updated WEB-INF/config/metadata/guards/ExampleGuard/ExanpleGuard.xml – added <Keystore> and <KeystorePassword> elements to GuanxiGuardService
- Updated org.guanxi.sp.engine.X509Chain – removed loadX509Certs() and X509CertFileFilter. Added loadX509CertsFromMetadata() and MetadataFileFilter. The class now verifies certificates directly from metadata rather than separate certs dir
- Updated org.guanxi.sp.guard.Guard – Fixed bug where transient cookies couldn’t be set
- Updated org.guanxi.sp.guard.GuardRequest – Fixed bug where header names were case sensitive. The servlet spec says they should be case insensitive
- Updated web.xml – added wayfFile as init parameter to Engine servlet
- Removed WAYF from WEB-INF/config/guanxi-sp-engine.xml
- Added WEB-INF/config/wayf.xml – WAYF locations are now specified in this file to allow Guards to have their own WAYF locations
- Updated org.guanxi.sp.engine.CA – Now creates Guard metadata files with correct namespaces.
- Updated org.guanxi.sp.engine.CA – Fixed bug where the Guard certificates were being generated with server authentication extended usage instead of client authentication
Core
- v1.0.2
- Updated xsd/guanxi-sp.xsd – added NameQualifier, TrustStore, TrustStorePassword, GuardsMetadataDirectory and IdPMetadataDirectory elements to Engine
- Updated xsd/guanxi-sp.xsd – added GuardWAYFLocationsType and WAYFLocation
gx_lib
- v1.3.3
- Updated guanxibeans.jar for new guanxi-sp.xsd
Common
- v1.2.8
- Updated org.guanxi.common.EntityConnection – added setRequestProperty(String, String)
- Updated org.guanxi.common.Pod – now stores the original request parameters
IdP
- v1.2.8
- Updated org.guanxi.idp.attributors.BodingtonAttributor to standardise attribute namespaces
- Updated WEB-INF/config/attributors/BodingtonAttributor.xml – Bodington attributes now issued under urn:bodington:org. Attribute namespaces end in : in the config file now