Al Hobbs

Rancher
+ Follow
since Aug 30, 2017
Al likes ...
Fedora IntelliJ IDE Spring
Cows and Likes
Cows
Total received
6
In last 30 days
0
Total given
0
Likes
Total received
40
Received in last 30 days
0
Total given
71
Given in last 30 days
0
Forums and Threads
Scavenger Hunt
expand Rancher Scavenger Hunt
expand Ranch Hand Scavenger Hunt
expand Greenhorn Scavenger Hunt

Recent posts by Al Hobbs

Even though they are on the same network the security even within the internal network is tight.  People have to be given explicit access either by the username or ip to be able to connect to any pc.
2 months ago
if you bundle the angular app with the spring boot app you would want to put some execution info in maven pom file.

If the angular app is just hanging out in the static area you would need to make the url path to your static files accessible without logging in.
2 months ago
It seems like those functions just return some hard coded data. I wouldn't really say those really deserve to be separated.  Actually they do pretty much the same thing so if you do move them out it seems like it would make more sense to move them out together.
Actually I didn't mention that I have to use a vpn to connect to the gateway pc. The database is a test database so it's kind of live because maybe there's old data, but there's also a lot data created during development of different apps. Also the test database is completely separate from any production databases.  Like on another computer with controlled access.

I will just make a copy of the test db locally and use what I need.
2 months ago
Thanks for the reply.
I was looking to do a database connection like jdbc (im using c#).  This situation is only for developing the app. Theres a test database that the client has that I could use and I wanted to just use that instead of setting up the test database locally.  
If you can't think of a way do the jdbc connection through a proxy or another simple method then I'll just set up the test db locally.
2 months ago
Hi all,

I have a question about making a connection through another pc.

I was wondering if its possible to somehow connect to a database that is on an internal network through a gateway pc.
In my case,  I have one pc on an internal network that I can remotely access and from that pc connect to database on that internal network.  
What I am trying to do is make a database connection  to the db on the internal network that I dont have direct access to.

Is that possible or do I just have to make it so I have direct remote access to the database?

Thank you
2 months ago

Stephan van   wrote: How would the client know what token to send before they established connection?


If they dont have a token to use then they would have to send their username and password to get the token.  I guess I would invalidate it after a certain amount of time.  Maybe id do amount refresh token and access token kind of deal.


Stephan van   wrote:
Sending the user ID is redundant.


Yes I was thinking that because guessing the 8 byte number might be too easy.

Stephan van   wrote:
when you can just send a 12 byte access token instead?
I'm curious, how did you arrive at 8 bytes in the first place?


8 bytes came from an unsigned long being 8 bytes.  I would just convert the bytes.   I realize now that should probably just make the token longer.  
I was thinking maybe using this:
https://docs.microsoft.com/en-us/dotnet/api/system.security.cryptography.randomnumbergenerator.getbytes?view=netframework-4.8#System_Security_Cryptography_RandomNumberGenerator_GetBytes_System_Byte___

The question I have now is if I have a longer token, how long is enough  to be secure but not too long like 600 bytes.


Stephan van   wrote:
use the Facebook SDK for Android.


I wasnt actually going to use Facebook but if theres a library that handles of that for you then that seems pretty easy and might just do that.   I will have to look into the one that I want to use.
3 months ago
What I meant was when the user connects to the server they would authenticate themselves by sending their user ID and the token.   The token would be looked up in the token table and then it would check if the user id associated with the token matches the user id sent in. The token number would be random.   They would have to have the user id correct and have the token correct to get in  .  It would basically be basic authentication except the password is temporary and has limited privileges.   Essentially the user sends his id (auto incremented 4 byte number) along with a 'token' (random 8 byte number).

I still could use single sign on to handle my authentication which would be better I agree.  Even if the token size was 800 bytes it would be sent only when the connection is first made because the connection would be maintained for a while unlike http.  The problem that I have with sso is that it would make it much more complicated.  The pro about sso is that I would be able to use a service that requires a phone number.

Is it still possible to use single sign on with that kind of connection? Or would they have to do the oauth dance before making the connection with their new token from Facebook?

3 months ago
I forgot to mention that the user id would be sent with the 8 byte number if that makes any difference. if authentication fails too many times I could block the IPs / lock the account. Not sure if that works, but I would try to have some kind of mechanism for defending that kind of attack.

I would try to have the user ids auto increment but I would try to start it from a higher number.  I guess somebody could just guess a high number.

When you say brute force the id you mean like brute force unencrypting an intercepted request or just sending a lot of requests to the server?
3 months ago
The number would be the id for a database entry that has the user ID, expiration etc.  If somebody sent a random number then it would close the stream I guess cause it wouldn't match
3 months ago

Stephan van Hulst wrote:authentication bit?


For example,  in oauth protocol (?),  a user sends his password one time and then the next time the user sends a request with a token that can be verified on the server side.   The idea being that if the request is comprised they only get a temporary token instead of the password.

I want to do something similar but instead of sending a token it would just be an 8byte number.  

My goal was to have the messaging done with very little over head in an ssl stream.
3 months ago
Ok a 2 person conversation seems like you would only need the ids for the people.  Then pub sub for multi chat.  

I was planning on having the connections all be ssl.   For authentication I was planning on having unsigned longs point to authentication data in a database.  

Is that idea feasible?
3 months ago
Hi all,

I am planning on making a phone messaging app for fun.  I was thinking I would use a publisher subscriber design for it.  I figured that way having multi person chat would be simple.  

Is there another design that might be better?  

Thanks
3 months ago
You should run with debug logs.  You will be able to see if its being made and any errors.
3 months ago
All of then write like that haha
3 months ago