Our Blog

Consolidating Multiple SFTP Accounts Into One Master Account

By Selvakumar Arumugam
March 16, 2020

Photo by Dan Meyers

Recently, a client implemented a data-intensive workflow to generate various reports and insights from a list of facilities as part of an EpiTrax installation. Because a significant portion of these files contain sensitive healthcare data, they needed to strictly comply with HIPAA. Optimally, facilities should be able to transfer files securely and exclusively to our server. One of the best methods of achieving this is to create individual SSH File Transfer Protocol (SFTP) accounts for each source.

SFTP account

Private SFTP accounts were established for each facility and the data was received at a designated path. At these individual points of contact, a third-party application picks up the data and processes further into the pipeline. The following demonstrates how SFTP accounts are developed and configured:

• Create a user group for SFTP accounts:

$ addgroup sftpusers

• Configure the following settings in sshd_config (this enables an SFTP account and sets the default location as the home path):

$ vi /etc/ssh/sshd_config
...
# override default of no subsystems
Subsystem       sftp    internal-sftp...

Match Group sftpusers
    ChrootDirectory /home/%u …

Capturing Outgoing Email With Mock SMTP Servers

By Patrick Lewis
March 13, 2020

Photo by Seattleye, used under CC BY 2.0, cropped from original.

Sending automated email to users is a common requirement of most web applications and can take the form of things like password reset emails or order confirmation invoices.

It is important for developers working in development/staging environments to verify that an application is sending email correctly without actually delivering messages to users’ inboxes. If you were testing a background task that searches an e-commerce site for abandoned shopping carts and emails users to remind them that they have not completed a checkout, you would not want to run that in development and end up repeatedly emailing live user email addresses.

A mock SMTP server is useful for development and testing because it lets you configure the email settings of your development environment almost exactly the same as you would for outgoing SMTP email in your production site. The mock SMTP server will capture all of the outbound email and allow you to review it in a web interface instead of actually delivering it to users’ inboxes.

Mock SMTP Servers

There are a variety of standalone/free and hosted/commercial options for mock SMTP servers …

E-commerce Client Project Management

By Greg Hanson
March 12, 2020

Photo by You X Ventures on Unsplash

Moving from writing code to managing the show

Many times engineers/​developers make the move from development to project management. It’s a natural move, we want the folks who know the nuts and bolts of e-commerce projects to eventually manage them.

So that’s all fine and dandy, but what if you haven’t been a “manager” before?

• How do you manage an e-commerce client?
• How do you manage an e-commerce project?
• How do you manage engineers/​developers for an e-commerce project?

An answer for each of the above is always: “It depends.” Or maybe more familiarly for Perl developers: TIMTOWTDI.

The reason for that of course is that all of the above questions have variables that will change for every situation.

As a developer, you understand the large number of outcomes that can be introduced into an application by using a single variable. You also understand that the number of outcomes increases proportionally with the number of variables.

The same holds true for management. When you are faced with managing a project, your “variables” now move from placeholders in your code, to placeholders in your project. Where you may have assigned a variable for a …

Cooking with CAS

By Josh Tolley
March 10, 2020

Photo by Flickr user reidrac, licensed under CC BY-SA 2.0

One of our customers asked us to host a new suite of web-based applications for them and to protect them with a single sign-on (SSO) solution. Ok, easy enough; these applications were in fact designed with a particular SSO system in mind already, but our situation required a different one, and we eventually chose Apereo’s open source Central Authentication Server project, or CAS. I’d like to describe the conversion process we went through.

The ingredients

Our customer’s application suite included:

• The principal Java application using JAAS authentication
• Another Java application based on Spring Security
• A pair of PHP applications
• A few automated tasks that needed to authenticate.

The original SSO system sets a header on each request, identifying an authenticated user. This requires a gateway system to sanitize request headers to ensure malicious users cannot forge a header themselves. It also requires each application inspect request headers and respond appropriately.

CAS is a bit more complex: applications redirect unauthenticated requests to a CAS server, which authenticates the user through any of various configurable …

Symfony Quickstart

By Árpád Lajos
March 2, 2020

Photo by Arindam Mahanta

This article is written for anyone who has experience working with PHP and is starting to work with Symfony. We won’t assume any prior knowledge you might have with Symfony, so if getting started with this framework is a high priority, then this article is for you. I know that it can be difficult and you may be unsure where to look; I was in the same situation when I first worked with Symfony.

You might be pointed to consult the documentation, but even though the documentation is very detailed and nicely written, you might have a very urgent issue to solve, and thus not have time to read multiple articles about the framework before you start working. You might just need to quickly start, solve a few issues and worry about the details later.

How do I run this stuff?

If your project does not exist yet, you will need to set up Symfony, using the steps nicely outlined in Symfony’s setup guide.

Assuming that the project already exists and you need to quickly start working on it, you will need to run composer install in the root folder of the project to make sure that the dependencies are properly set. This could result in errors; for example, PHP might be not …

Bucardo 5.6.0 Released

By David Christensen
March 1, 2020

Bucardo 5.6.0 was released on February 28, 2020.

Bucardo is an asynchronous multi-master replication system for PostgreSQL. In addition to some bug fixes and minor compatibility tweaks for Pg 11 and 12, Bucardo 5.6.0 includes performance optimizations and an improved custom unique conflict handler.

Bucardo 5.6.0 is available for download here:

https://bucardo.org/downloads/Bucardo-5.6.0.tar.gz

Detached signature (signed with key ID DF9B65B8):

https://bucardo.org/downloads/Bucardo-5.6.0.tar.gz.asc

Detailed changes

• Minor PostgreSQL 11/12 tweaks in bucardo install

• Add config option log_timer_format to glog() to customize timestamp output

• Change handling of file-path config settings so that they are no longer lower-cased—the new log_timer_format config will also be case-preserved

• Fixed the relation parameter to the add customcode command to support schema-qualified relation names

• Optimized table lookup when validating syncs to a single query, rather than separate queries for each table. Also added checks to avoid purging “toast” tables and old delta tables

• Improve the unique conflict exception handler sample code and test

• Map timestamp from PostgreSQL to MongoDB datetime …

A Tool to Compare PostgreSQL Database Schema Versions

By Selvakumar Arumugam
February 11, 2020

Photo by @kelvyn on Unsplash

The End Point development team has completed a major application migration from one stack to another. Many years ago, the vendor maintaining the old stack abandoned support and development. This led to a stack evolution riddled with independent custom changes and new features in the following years.

The new application was developed by a consortium that created migration scripts to transfer data to a fresh stack resulting in a completely restructured database schema. While we could not directly use those consortium migration scripts to our client application, attempting to create migration scripts from scratch would be tedious due to the many labor-intensive and time-consuming tasks. We looked to reuse and customize the scripts in order to ensure an exact match of the customized changes to the client’s application.

Liquibase: A Schema Comparison Tool

After an arduous hunt for a suitable solution, we came across Liquibase, an open-source schema comparison tool that utilizes the diff command to assess missing, changed, and unexpected objects.

Installation and Usage

Let’s see how to use Liquibase and review the insights and results offered by the diff …

A primer on Java

By Árpád Lajos
February 10, 2020

What is Java and why is it interesting?

Java is a descendant of C++ and it is a C-based language. C was therefore the original language and it is probably not an overstatement to say that C is the most popular programming language in history. Most programmers speak at least C or one of its descendants. Let’s take a quick look at the most popular on the list of C-based languages:

• C
• C++
• C#
• Fantom
• Go
• Java
• JavaScript
• Objective C
• Perl
• PHP
• Swift

Java is a member of a large family of programming languages and as a result, if someone learns Java, then they will have an easier time learning one of its cousins. And at the same time, if someone already speaks a C-based language, then Java is not too difficult to learn. Also, if someone is already a programmer and does not speak a C-based language yet, then it is in his/​her interest in most cases to learn a C-based language and thus to have an understanding of the most popular language family.

Let’s see the list of popular languages according to Stackify: