Tuesday, March 3, 2009

Security thoughts continued.

Had a lot of people in and out of the lab today.

But I still managed to make some headway on the security stuff. Brian and I switched out from a servlet listener to a servlet filter, moved things we wanted authenticated into the "auth" directory, and then we got the SHA1 algorithm parsing the entered passwords.

After that, I got the parsing to put out readable text using the Apache Commons Codec library to base64 encode the output parse. Then I set up some methods for the login.jsp page to allow for checking and setting the proper variable for actually marking authentication in the session.

Tomorrow, I will set up the database connectivity to a user/passwordHash table. I will probably set up the appropriate table in PostGres and then start wiring it to the SQL Server. I will also be doing some updating of connection code inside Gmap-polygon and moving some code out of the static load for a servlet inside gmap-poly-web and npdsgmaps-web.

All these epiphanies and suggestions from sitting with another coder and having them look at what I've written for about an hour. We need to do this more often.

Otherwise, I met with Will Duck again today, and I think we are settling on Flot as the next thing to draw the NPDS charts. As you can see from the examples there are a lot of really neat things that Flot can do, it's all java script, and it allows for things like zooming and hover-over tips.

It's pretty too.

1 comment:

Tom Savel, MD said...

that Flot is very very impressive...very glad you are working with it.