This page is an archive of my old blog. Please visit DavidTucker.net for my current blog.
This site is no longer being maintained and commenting is disabled.


Adobe Media Player Prerelease is Out

The heralded Adobe Media Player (formerly codename Philo) has been released (in a prerelease verison) on Adobe Labs. It requires Adobe AIR Beta 2.

Flex 3 Beta 2 and AIR Beta 2 Are Released

The Adobe Max release of cool new stuff has begun. Go to Adobe Labs to get the new releases. Also, many of the new “showcase applications” for AIR are also being released – including the much talked about Ebay Desktop application.

Off To Max 2007 Tomorrow

Tomorrow morning the crew from Georgia Tech Savannah (including me obviously) will be heading up to Chicago. We won’t be in the pre-conference workshops, but we will be there ready to go on Monday! I look forward to seeing all of you guys there. I will be Flickr’ing (as usual) and you can check out all of my Max photos as I take them by clicking the link below. I also will be blogging about all of the awesome when I can.

Linux Commandment 1 – Close Thy Ports

Linux adoption seems to be going through the roof as of late. What does this bring us – a lot of new Linux users. I would be willing to bet that some of those users have set up a basic web server – for development, testing, or even production purposes. When I first set up a Linux web server (in 2000), my machine got hacked in two days. I got an email from a research institute in California saying that my server was attempting to log into their servers. I had to pull the plug. The first tip for aspiring server administrators (and one that could have saved me in 2000) is to close all unnecessary ports.

Definition:
Necessary Ports – any port that is needed by the general public to view the content on your machine (there is only 1 exception to this rule)

As I said – there is one exception to this rule, port 22 (for SSH). If you have a single server that is remote – you will need to have this port open. However, if you know that you login from the same IP address each time, you can limit port 22 to that IP address. This is the port that we will use to gain access to all of the other ports that we need to use on the machine. This process is know as SSH Tunneling, and it is supported by most major SSH clients (including Putty, which is free).

There are many ports that are left open on dedicated servers that don’t need to be open: MySQL (unless you need to access your databases directly from another server), Plesk (unless your hosting customers need to log into it), DNS (if it isn’t a DNS box), and Webmin. These are only the tip of the iceberg. If you rent a dedicated server from a company, it usually will have anywhere from 10-20 ports open for such things as Internet printing and windows file sharing (through Samba). This opens up some BIG security holes that need to be fixed. Here is where SSH Tunneling comes in.

Definition:
SSH Tunneling – allows you to access any port on a remote computer by passing all of your data through the SSH (Secure Shell) port 22. This allows you to block ports to the outside world, but keep them open for you.

Example – Access to MySQL via SSH Tunneling

First, we are going to close the MySQL port on our server so that is only available to localhost. Unless you have changed it, MySQL should operate on port 3306. If you are running a Red Hat Linux, you can comment out the lines in /etc/sysconfig/iptables that have port 3306 listed. This works if you have a properly configured firewall already. Be sure of that first. Get more information about IPTables here. Once you have blocked port 3306 to the outside world, restart IPTables (or the firewall your system uses). In Redhat this can be accomplished by running “service iptables restart” as root.

MySQL has some great tools that you can use to administer your databases, users, and server processes. These come packaged together under MySQL GUI Tools on the MySQL site. To use these tools (if port 3306 is blocked on your firewall) you will have to set up an SSH Tunnel.

If you are using Putty, you can click the “Tunnels” option under “SSH”, you can add ports to tunnel. First, add the port you want to use on your local machine under “Source Port” (this doesn’t have to be the same as the port on the remote computer). Next, add your server hostname and port (like yourserver.com:3306) under the “Destination” field. Once you are done, click “Add” and then “Connect”. You are now tunneling in.

Now, you can access port 3306 on your remote server like below.

This principle can be applied to any port on any remote server that you have SSH access to. You can make your box infinitely more secure by closing all the ports that are not needed by the public. Oh, and Linux Commandment 2 will be – avoid FTP at all costs. This directly related to ports (will explain more in the next post).

Flash Media Server 3 Unveiled

Adobe released a press release regarding Flash Media Server 3 today. The FAQ below gives the details of the next release. So much of this is exciting! However, I was quite disappointed that the server-side scripting will still be Actionscript 1. At least the client side will be Actionscript 3 – and we can finally use AMF3 with FMS.

Flash Media Server 3 preview FAQ

AIR Tip 4 – Calling a SOAP Webservice

Getting information from multiple locations on the Internet for a single application is commonplace these days. It is one of many things that makes AIR such a great application platform.

To begin with, we are going to be dealing with a very simple Coldfusion component. The component contains one function "getStuff". If you pass in your name, it will return a string that says "Your Name is ...". If you place this somewhere in your web tree, you can expose it as a webservice by adding "?wsdl" to the end of the filename. That is all you have to do to expose your Coldfusion Component as a SOAP Webservice.

Reference: Coldfusion 8 and Web Services

NOTE: I am planning to write an article on Consuming Coldfusion Webservices with JavaScript. This article will only cover the basics of it.

Coldfusion:
  1. <cfcomponent>
  2.  
  3.         <cffunction name="getStuff" access="remote" returnType="String">
  4.                 <cfargument name="personName" required="true" type="string" />
  5.  
  6.                 <cfreturn "Your Name is " & personName />
  7.  
  8.         </cffunction>
  9.  
  10. </cfcomponent>

Calling the Webservice is drastically different between Flex and Javascript. In Flex, you simply use the tag. Inside of the tag you can define the "operations" that will be associated with the Webservice. In our case, we will define "getStuff" as one of the operations. We will also add the "onResult" function to the result event for the operation. The onResult function simply sends the result text to a Label on the stage.

mxml:
  1. <!--
  2. WEB SERVICES
  3. -->
  4. <mx:WebService
  5.     id="sampleService"
  6.     wsdl="http://yourDomain/SoapTest.cfc?wsdl">  
  7.     <mx :o peration name="getStuff" result="onResult(event)" />      
  8. </mx:WebService>

Actionscript:
  1. import mx.rpc.events.ResultEvent;
  2.            
  3. private function callService(e:MouseEvent):void {
  4.                
  5.      sampleService.getStuff.send(myName.text);
  6.                
  7. }
  8.            
  9. private function onResult(e:ResultEvent):void {
  10.                                
  11.     resultLabel.text = e.result as String;
  12.                
  13. }

With JavaScript, we are going to use the XMLHTTPRequest object just as we did in the last tip. Basically, we will have to add a couple of custom headers, and then craft the SOAP Envelope by hand.

Your reference for the SOAP Envelope will be the "wsdl" file. You can view the wsdl for our webservice in your browser by typing in the URL and adding "?wsdl" to the end of the file name. The wsdl is your guidebook to that specific webservice.

Reference: WSDL Tutorial

JavaScript:
  1. var xmlhttp;
  2. var appXML;
  3.  
  4. function callService() {   
  5.  
  6.     var myName = document.getElementById("myName").value;            
  7.    
  8.     var url = "http://yourDomain/SoapTest.cfc?wsdl";
  9.     xmlhttp = new XMLHttpRequest();
  10.     xmlhttp.open("POST", url, true);               
  11.    
  12.     xmlhttp.onreadystatechange=function(){
  13.        
  14.         if (xmlhttp.readyState==4) {
  15.            
  16.             var mainDiv = document.getElementById('result');
  17.             mainDiv.innerHTML = xmlhttp.responseText;
  18.            
  19.         }
  20.        
  21.     }
  22.    
  23.     xmlhttp.setRequestHeader("Content-Type", "text/xml");
  24.     xmlhttp.setRequestHeader('SOAPAction','http://yourDomain/SoapTest.cfc?wsdl');
  25.    
  26.     xmlhttp.send("<?xml version='1.0' encoding='UTF-8'?>"+"\n\n"+
  27.             '<soapenv:Envelope'+
  28.             ' xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"'+
  29.             ' xmlns:xsd="http://www.w3.org/2001/XMLSchema"'+
  30.             ' xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">'+
  31.             '<soapenv:Body>'+
  32.             '<ns1:getStuff xmlns:ns1="http://communications"'+
  33.             ' soapenv:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">'+
  34.             '<personName xsi:type="xsd:string">' + myName + '</personName>'+
  35.             '</ns1:getStuff>'+
  36.             '</soapenv:Body>'+
  37.             '</soapenv:Envelope>');
  38.    
  39. }

This is one clear example of something that is much easier with Flex. However, to make things easier with JavaScript, here are a few tips to remember:

  • Case Matters. Be sure to watch your casing here - small inconsistencies will lead to errors.
  • You can write your function outside of AIR so that you can use tools like Firebug for debugging.
  • When calling a Coldfusion Webservice - if get the RDS Password page, you forgot to set the SOAPAction header.
  • You have to use "POST" in the xmlhttp.open() function.

Flex Example
Source Code

JavaScript Example
Source Code

Coldfusion Component
Source Code

Flash Player Future

Ted Patrick had an intriguing post on the future of the Flash Player (in relation to the Silverlight release) on his blog.

"At Adobe MAX 2007 in Chicago we are going showing off the next full release of Flash Player code named "Astro". The features are mind numbing and add capabilities far beyond anything the market today. The future of Adobe Flash Player looks very bright indeed."

-Ted Patrick

Man, after the h.264 announcement, what else could there be? If you have any predictions, leave a comment.