TCHS 4O 2000 [4o's nonsense] alvinny [2] - csq - edchong jenming - joseph - law meepok - mingqi - pea pengkian [2] - qwergopot - woof xinghao - zhengyu HCJC 01S60 [understated sixzero] andy - edwin - jack jiaqi - peter - rex serena SAF 21SA khenghui - jiaming - jinrui [2] ritchie - vicknesh - zhenhao Others Lwei [2] - shaowei - website links - Alien Loves Predator BloggerSG Cute Overload! Cyanide and Happiness Daily Bunny Hamleto Hattrick Magic: The Gathering The Onion The Order of the Stick Perry Bible Fellowship PvP Online Soccernet Sluggy Freelance The Students' Sketchpad Talk Rock Talking Cock.com Tom the Dancing Bug Wikipedia Wulffmorgenthaler |
bert's blog v1.21 Powered by glolg Programmed with Perl 5.6.1 on Apache/1.3.27 (Red Hat Linux) best viewed at 1024 x 768 resolution on Internet Explorer 6.0+ or Mozilla Firefox 1.5+ entry views: 2245 today's page views: 179 (35 mobile) all-time page views: 3207905 most viewed entry: 18739 views most commented entry: 14 comments number of entries: 1203 page created Sun Jan 19, 2025 16:54:41 |
- tagcloud - academics [70] art [8] changelog [49] current events [36] cute stuff [12] gaming [11] music [8] outings [16] philosophy [10] poetry [4] programming [15] rants [5] reviews [8] sport [37] travel [19] work [3] miscellaneous [75] |
- category tags - academics art changelog current events cute stuff gaming miscellaneous music outings philosophy poetry programming rants reviews sport travel work tags in total: 386 |
|
- changelog - programming - changelog v1.08c --------------- * OpenID authentication incorporated in comments, with ID Selector support (can't let glolg competitors like Blogger/WordPress/LiveJournal/TypePad pull away too much, right?) * Mollom spam checking incorporated in underused chatterbox (misses some rather obvious spams now, but can only improve I suppose) * Some minor comments page UI upgrading and bugfixes. * Obscure but very irritating Snap Shots BASEFONT compatibility bug fixed for Internet Explorer. * Blog entry title now displayed in HTML page title on direct link standalone pages. Note: Our loyal readers still may or may not have realised that my blog has shifted servers. The explanation is easy enough for those with a grounding in domain name resolution, but for those not versed in it here's a very brief summary: Humans prefer to use meaningful domain names like http://www.glys.com, but the actual domain names recognized by computers are of the form http://203.211.149.111, which is probably slightly harder to remember. The translation (resolution) of readable to numerical domain names must occur whenever a website is requested by a browser, but given the massive amount of internet traffic it is infeasible for a single server to provide this service (which would also mean that the Internet would go down if that server crashes). Hence the job of domain resolution is farmed out to a large number of DNS servers, but again it proved unwieldy to exchange information for each request. Thus, the resolution is commonly cached for a period of time, during which the DNS server does not appeal to a higher authority, but happily just returns the last valid value. Which of course, could thus be out-of-date (by days, even). Local caching may also take place within operating systems or even browsers. Therefore, there is no way to instantly reflect server address changes, and in my case it would likely take longer than usual as I switched from a huge domain registry to a smaller one. But eventually my old ip 64.227.0.226 will disappear completely, and normal service will resume. This necessitates the inconvenience of merging visitor statistics from the two servers manually for a period, but I guess I can live with that. Here, I cannot fail to give another airing to the business practices of my old hosting provider. While they are happy enough to allow new customers to sign up for their services through the Web, cancellation requires a personal call... to their United States office. This made completely no sense of course, since I could no better prove my identity through the phone than by being logged in to their system, which I helpfully pointed out to them through their support ticket system. Hours later they predictably replied that they could not help me out in this case, leaving me to expend a few unnecessary bucks in making a tolled international call to their toll-free US number (didn't feel like exploring VoIP solutions just for this). The actual cancellation was mercifully swift after the automated process, thankfully. So what's up with the OpenID thingamajig that I integrated? Time to lift a paragraph from its Wikipedia article: OpenID is a shared identity service, which allows Internet users to log on to many different web sites using a single digital identity, eliminating the need for a different user name and password for each site. OpenID is a decentralized, free and open standard that lets users control the amount of personal information they provide. Thus, one can theoretically survive online with a single username and (strong) password, if OpenID gains widespread adoption (which it has a good chance to, with giants like Google, Microsoft and Yahoo throwing their weight behind it, though with some reservations discussed later). The idea is that an OpenID provider stores that username/password combination, and all sites which wish to have a user login supply a textbox for the user to enter his OpenID username. The user will then be taken to his OpenID provider's page, where he can choose whether to continue the login (and optionally set the login to automatically go through on future visits). The obvious advantage here is that one no longer has to memorize (or worse, lug around) dozens of usernames and passwords, as currently it would be rare to be able to use the same username (especially a common one) on different sites; The same password can often be used for multiple sites, but then a global password change would be incredibly frustrating; OpenID thus saves user effort by consolidating their sign-in costs. A local program like Firefox's Password Manager could also do the job, but not when a user has to log on at different terminals, and does not address the torment of global updating. There are criticisms too, and the best I've seen are from this warpspire post. They are not insurmountable, and here are my thoughts on the points raised:
Trouble stems from the implementation, however. Some large sites (again, like Yahoo) currently set themselves up to provide OpenIDs (and gain user data), but do not allow OpenIDs provided by others to be used to sign-in to their services (probably since they would then be providing the service but not have the user data). Which kinda defeats the whole purpose, then again since when have high-minded principles triumphed over hard-headed pragmatism in business? On my side, setting up OpenID authentication on the blog wasn't exactly a breeze. I didn't feel like coding my own library from the specs this time, so I decided to partake of the libraries kindly written by other developers. Felt like trying a Perl->PHP->Perl interface now that I have PHP enabled, and thus downloaded most of the PHP libraries listed to play around with. The Simple OpenID PHP Class was promising, and appealing since it was just a few scripts without tons of dependencies, but unfortunately was hopelessly outdated. In the end I went with JanRain and the EasyOpenID frontend. Early on there was an issue with XML parsing, which was resolved by switching to PHP5 from the PHP4 default. The combination then worked - but not for HTTPS servers or Directed Identity cases, which was quite unsatisfying. After contemplating fixing that up myself, I Googled the issue and strayed off onto the wrong track when I came across some other guy with a similar problem who posted on the developers' Trac that it had to do with Certificate Authorities, which was not the case for me. Finding little else pertaining to this in my opinion rather large hole, I took a punt and uploaded the latest development snapshot of the code instead of the stable release, which was just out three weeks ago. I had initially resisted this, since development code is often buggy, and how much could have changed in such a short time? Quite a bit, apparently, as everything magically worked (And the stable release seems to have been updated yesterday). So, I now have a leg up on Blogger it seems, as their OpenID implementation does not seem to support Directed Identity yet, hohoho. Took the opportunity to fix a some more code, like localtime() now being true Singapore time (as the server is now hosted in Jurong East, it seems). No more Daylight Savings compensation! Alright, I guess that's enough technical stuff to last a long time. (Minor) Public Service Announcement: I like Google to bits, but recently a couple of their services haven't been up to par. Gmail is lagging for one, and Google Web Accelerator conflicts with most YouTube videos, causing them not to play - even they are not perfect either, it seems. Definition of flaky Life recently has centered around the usual stuff and the holiday job, though I found the time to indulge in a bit of badminton. It would have been nice if the (free) weekend slots at NUS weren't snapped up almost instantaneously, and as it was we had to go to Clementi Sports Hall, not that slots there were easy to get either. After another serving of Blue-Hand syndrome from my antique grip, I finally got around to getting a nice new grey wrap for next time. Can't wait to try it out. Next: Sorry More Boring Technical Stuff
Linkback by Pingback test 2 « Glys&8217;s Weblog
Linkback by Pingback test 3 « Glys&8217;s Weblog
Linkback by Pingback test « Glys&8217;s Weblog
|
||||||||||||||
Copyright © 2006-2025 GLYS. All Rights Reserved. |