Category Archives: Ruby

PAM authentication for Ruby 1.9

Announcement

So, I’m happy to announce the availability of PAM authentication for Ruby 1.9.x, through the rpam-ruby19 gem. A couple of gems had existed for previous ruby versions, but 1.9 broke compatibility with all of those. After looking at the options, I decided that the the rpam gem was the best candidate for an update. It works really well on Linux (tested on Debian and Ubuntu), it’s simple to use, and there’s an authlogic plugin if you want to use rpam in your rails app.

Why?

I ran into a situation where I needed to use an approved “enterprise” authentication solution. My options were limited to Shibboleth, OpenID, SiteMinder, and ActiveDirectory. The first three involved a redirect to an ugly sign-in page; that was a no-go for a mobile app. So I decided to get creative. Using Authlogic + Rpam + Likewise to validate AD credentials created a seamless way to integrate into the environment, while leaving the look-and-feel of everything under my control.

Caveat

Using PAM for web authentication is ONLY a good idea for internal applications. Even then, you have to be careful. But if all potential users of your application are also potential user of your systems (i.e., AD/LDAP entities), it can be a decent solution.

P.S.

If you want the source, or would like to contribute, you can find it on my GitHub. It’s still a work in progress; it really needs tests and documentation. But it works, and might come in handy for someone, so I’m throwing it out there now.


(Programming) Language Wars

So, given my blatant Rubyism, why did I link this video? Well, the first reason, is that it’s funny as hell, and really well written. Even the Ruby-bashing is hilarious… and any community needs to be able to laugh at itself. Sure, Ruby is kinda the faux-hawked hipster of programming languages at the moment. It’s also popular and in the spotlight because it’s FRICKIN’ AWESOME!!!

What I think is more telling, though, is the way this video presents the arguments of the stalwart defenders of PHP, who are usually the first-line Ruby haters. The number-0 argument I typically here in defense of PHP is along the lines of, “more large-scale, successful web projects are built on PHP than any other stack.”

Really? That’s what you’re going to lead with?

More (lines of) large-scale, successful, production code in the world right now is written in COBOL than virtually any other single language.

So by the same argument, COBOL is the BEST language for application development, right?

The use of COBOL cripples the mind; its teaching should, therefore, be regarded as a criminal offense.  ~ Edsgar Dijkstra

Okay, Dijkstra had a gift for hyperbole, but I don’t think you could make the argument that COBOL has any place in the modern computing world beyond the maintenance of billions of lines of legacy code already in the wild.

I’m not equating PHP with COBOL, nor am I suggesting PHP doesn’t have its place. It actually has two places. PHP is great iff:

  1. You’re maintaining a large, legacy codebase written in PHP, or
  2. Your employer/client/whatever has mandated that you use a certain PHP framework for the project.

Now, my personal inclination to case (2) is that it’s time to find a new employer/client/whatever. But that’s just me. I had a point when I started writing this, and ended up kvetching about PHP… it’s like a lot of conversations I have.

The topic I was ostensibly leading up to was that of language wars, or more generally, any of the Holy Wars geeks get up to. Like the Deep Magic, the Holy Wars began in the Elder Days. The canonical Holy Wars are such esoterica as big-endian vs. little-endian, Unix vs. VMS, Apple vs. Microsoft, Vi vs. Emacs, and so on. But you can really substitute [my favorite language] vs. [your favorite language], and so on. Some of this is just geek personality flaws traits shining through, making a choice of text editor seem like a life-or-death decision. On the other hand, I think there’s something else going on here. When you see true vehemence from the community surrounding an established, accepted language/framework/environment toward a plucky little upstart, a number of things might be happening:

  1. The old guard are threatened by something about the plucky little upstart, be it market share, mindshare, or something else.
  2. The old guard are jealous of the people who get to work with the plucky little upstart, and would rather bitch than upgrade their skillset and move on.
  3. The plucky little upstart is actually a complete crock, but for some reason nobody notices and/or cares.

The attitude of (some) PHP coders toward Ruby is reminiscent of how people thought of Linux in the late 90’s. It’s cute and all, but not for real-world, mission-critical applications. Real Unix came from Sun or IBM (guh!) or SCO. And this was also when Microsoft was making their ungodly encroachment into the datacenter.

One of my favorite (like, saved to my favorites on Twitter!) tweets ever comes from David Heinemeier Hansson, the creator of Rails:

Tweet from DHH

There’s always that. If I may be permitted to switch Holy Wars for the moment: IT professionals who don’t actually like computers LOVE Windows on the server for this reason, in my opinion. First, it’s brainless system administration. Secondly, it’s constant system administration. Sure, you can do everything through a GUI, but secondly, you’re doing it all damn day. So you need an admin for every few servers you add to your infrastructure. compare this to Unix/Linux servers, where uptime is measured in years rather than days (hours?), and although configuration requires, um, I don’t know, expertise or competence or something, one admin can take care of 50, 100 servers, natch.

I kinda feel like there might be some similar ill-will coming from the PHP camp toward Ruby. I don’t mean to defame PHP coders as a group. There are some excellent programmers working in PHP. But at the same time, I look at blog posts like Where Did All The PHP Programmers Go?, and it makes me think… the bulk of the PHP code I’ve encountered in my life is of truly dismal quality. Like, Visual Basic spaghetti-code bad. It’s painful. Again, there’s good stuff out there… but it’s hard to find. With Ruby, on the other hand, I haven’t seen much truly bad code. I spend a lot of time clicking around Ruby projects on GitHub, and most of the code I find is pretty decent. Good, even. I don’t think ruby programmers are inherently better coders, but I do think that a language like Ruby makes it easier to follow good design principles, and harder to implement truly bogus crocks. whereas PHP lends itself immensely to bogus crocks (variable variables, anyone?)

This isn’t meant to be an objective comparison of programming languages. More of an extension of my previous thoughts on why I love Ruby so much, expanding more into the area of languages you really couldn’t pay me to work in, in this day and age. And thinking about why. If you feel strongly about languages (whether you’re a Rubyist or a PHP die-hard or none of the above), please tell me why in the comments.


BbWorld Transact

So, for those of you who don’t know, I work in the ID Card Services Systems team at Johns Hopkins University. Most of my (paid) development work involves creating a custom, (mostly) Ruby on Rails web interface to the Blackboard Transact transaction processing system. It’s pretty interesting work, adapting Rails/ActiveRecord to this proprietary database format to do all the things we want it to do. Sometimes it’s frustrating, especially with dealing with importing data from other departments’ maddening stovepipe systems, but, all in all, pretty rewarding. And then it all got exciting.

Last week, our team went to the BbWorld Transact conference at the Talking Stick Resort in Scottsdale, Arizona. Not only was it great fun to head out to the Southwestern desert in March, escaping the Mid-Atlantic doldrums, but it was a truly exciting and invigorating experience.

Sure, we were giving a presentation on the web app I’ve developing for the past seven months or so (read: 9,383,094 years of ASP development or 87 years of PHP development, subjective time), and that was pretty damn exciting. So was the response. People were crowding the table at our session collecting our business cards, hoping we could get permission to put this code up on GitHub (I hope so, too).

But what’s got me the most pumped was my experiences of the conference itself. Starting with a keynote from Bridgeworks, LLC, about “millenials” and the desire for connectedness, the conference delved into a new commitment to openness and transparency from Blackboard, which, as a developer, gets me psyched. There’s nothing like support from the vendor supplying the system you’re developing against.

We had some great meetings with the Transact product development team, as well as Sony‘s FeliCa team, and I haven’t been so excited about the code I’m getting (paid) to write in a long time. Already, we have proof-of-concept code in the works to do Twitter tweets and Foursquare check-ins via card swipes.

The coding is only going ot get sexier from here on out.


Why I love Ruby (part 2)

II was going to write a second installment, but I think DHH has said it all for me…


B’more on Rails

So I’ve been meaning to do it for a while, and tonight I finally made it to a B’more on Rails meetup. Damn, was it worthwhile. Jeff Casimir of Jumpstart Lab gave a presentation entitled “Fat Models Aren’t Enough,” and damn if it didn’t change my opinion about the ActiveRecord scope method… and give me some awesome refactoring ideas.

One of the best funny-because-it’s-true moments of the evening was this quote in big letters on the screen:

I don’t know how much more emphasized step 1 of refactoring could be: don’t touch anything that doesn’t have coverage. Otherwise, you’re not refactoring; you’re just changing shit.

It’s a quote from this blog post, which I highly recommend. (Thanks to Jeff for tweeting me the URL while I was writing this post.)

Anyhow, It’s late, and I can’t possibly recap Jeff’s great presentation (my notes are in the other room, and I’m lazy), but if you missed it, you’re in luck: he’ll be presenting on this topic at this year’s RailsConf, May 16-19 right here in Baltimore. Definitely check it out.


Why I love Ruby (Part 1)

So, it occurred to me that so far, my posts (both of them) have been pretty negative. So I thought today, instead of ranting about something I detest, I’d rave about something I love. And that something is Ruby. I looooove Ruby. I got into Ruby because of the Rails web application framework, but my love of Ruby goes so far beyond Rails. Let’s start with a quote from Yukihiro Matsumoto (Matz), the creator of Ruby:

For me, the purpose of life is, at least partly, to have joy. Programmers often feel joy when they can concentrate on the creative side of programming, so Ruby is designed to make programmers happy.

Ruby definitely brings the joy. Oh, does it ever bring joy. Have you ever coded in something like PHP or C++, and felt like you were fighting the language to accomplish your task? This common phenomenon is absolutely absurd. Tools should make the job easier. This bears repeating:

TOOLS SHOULD MAKE THE JOB EASIER!!!

I like tools that make the job easier. This is why I only use Unix-like operating systems, because they have many small, convenient tools that make life infinitely easier. I’ve never understood how people could assert that Unix (or Linux, etc.) isn’t user-friendly. It’s the most user-friendly OS that has ever existed… it’s just selective about who its friends are. But, back to Ruby.

Ruby knows exactly who its friends are: programmers. It’s the most programmer-friendly language I’ve ever worked with. It’s designed from the ground up to operate on the Principle of Least Surprise. What this means is that the irritating gap between what you want the computer to do and what you actually told it to do becomes a lot narrower.

Ruby was also developed slowly, and thoughtfully, from the ground up, using the best-of-the-best from multiple programming paradigms, and from the best-of-breed languages from each of those paradigms:

  • Smalltalk: Smalltalk was the first object-oriented programming language, invented by Alan Kay at Xerox PARC in the late ’70’s and early ’80’s. Ruby draws its pure-OO object model from the language that started it all, and this adds to the joy of object-oriented programmers.
  • Lisp: Probably the first full-fledged functional programming language, Lisp has a storied history of use in academia and the AI community. From Lisp, Ruby inherits its concepts of closures, lambda functions, and tail call optimization, which make it possible to do very function-oriented things in this pure-OO language… I won’t go into the guts of why tail-recursive functions are a Good Thing, or why closures add to programmer joy… but the guy who said “Ruby is like Lisp, but with syntax” wasn’t wrong.
  • Perl: Ruby has less of the Perl-paradigm than it has of the paradigms of Smalltalk and Lisp, but it shares much of the Perl-nature. Ruby has powerful text-processing and regex capabilities which were non-existent before Perl (don’t even bring up sed and awk). It also borrows some rather random things from Perl; Gems follow the CPAN paradigm to a degree, Ruby can handle shell one-liners much like Perl, and Ruby is actually great at most of the system administration tasks that Perl started to make easier in the late ’80’s. Procedural Ruby scripts even tend to look a bit like Perl scripts, but maybe that’s just because so many of them are written by old Perl hackers.

So, Ruby took the best concepts from the best of the best, and worked them into a masterpiece of language design. Compare the evolution of something awful like, oh, I don’t know, PHP.  Jeff Atwood of Coding Horror and Stack Overflow fame puts it rather well:

From what I’ve seen of it, PHP isn’t so much a language as a random collection of arbitrary stuff, a virtual explosion at the keyword and function factory. Bear in mind this is coming from a guy who was weaned on BASIC, a language that gets about as much respect as Rodney Dangerfield. So I am not unfamiliar with the genre.

PHP first emerged as a subset of Perl for embedding code inside of HTML, mostly. Think about that for a minute. Now think about Unobtrusive JavaScript, and the whole thrust of behavioral separation, getting the code OUT of the markup. Surely, we now realize that PHP was misguided from its inception? But this is beside the point. What PHP should demonstrate is that a programming language should evolve programmatically, not organically. PHP was never planned, it was just vomited upon the world as a mass of kludges and spaghetti code.

The development of Ruby was the polar opposite of this. Ruby was planned, designed for the sake of programmer joy. And programmer joy is, IMHO, derived from a few core experiences. I don’t claim this to be a comprehensive list, but some of those include:

  • Not having to re-invent the wheel every damn day: Ruby makes it a breeze to write re-usable code. If you find yourself violating the DRY principle while coding in Ruby, you’re doin’ it wrong.
  • Avoiding repetitive, unnecessary keystrokes: repetitive-stress injuries are an occupational hazard. If a language reduces the number of keystrokes you’re having to enter by an order of magnitude, that’s a Good Thing.
  • Principle of Least Surprise: I mentioned this earlier. Ruby’s core libraries follow class and method naming conventions fairly rigidly, so you know that a method anding in ? is going to return a boolean, and a method ending in ! is going to modify the object in-place. And this principle has been followed quite closely by gem (library) authors. So I know if I call @variable.foo?, it’s going to return true, false, or possibly nil, but not a String or Float or anything else.

This post has outgrown my intentions for it, and there are so many more resons to love Ruby, that I’m going to have to continue this later… look for Part Two soon.