Drupal instead of TWiki

In my company I’m still running TWiki as
the department collaboration tool. Although to be honest, except for 2 or 3 people in my
group the usefulness of a Wiki has not yet really been understood.

Anyway, I’m still running the September, 2001 version of TWiki with some local design modifications.
Since I have redesigned my departments website, I thought, it was time for an Twiki refresh
as well. A release candidate for version 4.0 was announced recently on
freshmeat, so I gave this version a try.
And I must say, that I’m very probably going to switch to
Drupal. I found TWiki’s customization layer
not very user friendly and somewhat hard to understand. There are so many files with so
many TMPL definition. In the end I might not have tried hard enough to
understand it all, but it sure looks intimidating. Drupal on the other hand was very easy
to understand, one template file styled with CSS. To have a little more flexibility, I
installed the PHPtemplate
engine and after about a hour I had a basic working design implementation even though I never have programmed one line in PHP. With the
installed Markdown module,
text input for any user will be just as easy as with a Wiki.

So, I guess, Drupal will be it in the end.

Rediscovery

Long time no write. These first weeks in January I have been pretty busy with redesigning the departments Web site. Most of it was done during the evenings and weekends. After fighting a couple of hours against junk, one is usually not longer in the condition to write an inspired entry.

I’ve haven’t been doing serious Web design and programming for more than a year. Since my company implemented a new corporate internal design sometime in 2005 for the Intranet and since my departments web appearance needed a face lift according to that design, I decided to plunge in and rediscover some old knowledge.

However, in the end I wasn’t prepared for shit, that come downhill. The Intranet design is implemented pretty 1999ish with tons of tables (somewhere I read, that some of the MS Visual .NET tools might be responsible for the bad code). Articles likes this and this come to mind, when you look at the source code. Having read stylin’ with CSS and Eric Meyer On CSS and More Eric Meyer on CSS I thought, that I was sufficiently prepared to recreate something in pure CSS, which looks just a good.

Well, in the end I think, I was sufficiently prepared as long as Firefox was concerned. I wasn’t prepared for the pile of shit IE really is. I now know more about IE misbehavior and the workarounds, then I ever wanted to know. Without position is everything I would have been completely lost. Even more depressing is the fact, that some of the workarounds won’t be working any more, when IE7 comes along. Still, I’m pretty happy with the final visual and source code outcome (without a table), even if I couldn’t reach 100% identity.

This whole project also gave me the occasion to refresh my Cocoon knowledge since I did the original implementation completely in XML. And I worked pretty intensively with Eclipse.

Stylin’ with CSS

I’ve just read Jeffrey Zeldman’s review of Stylin’ with CSS: A Designer’s Guide. Judging from this review, this appears to be just the book for someone like me, who is not a full time web designer, but who occasionally needs to style the private or department website. I still have The Zen of CSS Design on my Amazon wish list and I’ll probably purchase it sometime in the future, but for the moment Stylin’ with CSS: A Designer’s Guide seemed more interesting to me. And when I popped over to Amazon I even found an offer with about 8 Euro off the list price and immediately ordered it and while I was at it, I also included Spring: A Developer’s Notebook in the order. Spring frequently pops up on the Java oriented blogs I have on my blogroll. Since Spring is also mentioned in Better, Faster, Lighter Java, which I’ve already read, this appeared to be another worthwhile book. This book was 6 Euros off the list price.

Firefox profile hosed.

Somehow my firefox profile got hosed. While normal browsing appeared to be working properly, the creation of popup windows didn’t work, either from a bookmarklet or from a HTML page. I checked all the possible settings from the preferences and any extensions, but I couldn’t get it going again. And firefox processes stayed around and wouldn’t terminate after firefox was quit. Everything only worked again once I had created a new profile and reinstalled all of my standard extensions. Luckily this worked without any major problems. In particular I needed to copy some files from the old profile to keep my passwords, cookies and form data.

The Tabbrowser Preferences 1.2.2 however appears to not work any more. This probably has something to do with the new preferences dialog, which was introduced with 1.0.2. And finding the Mozex 1.07a extension, which is modified from the original to allow the installation into recent firefox version, took a bit of searching. Otherwise everything is now working again.

This site seriously sucks with IE.

My brother told me something along these lines on last Sunday, that some links in the right column didn’t work. I couldn’t believe this somehow, since I used some links just the day before. But today I checked myself under Windows with the Internet Explorer and indeed all links in the right column don’t work. Of course there are no problems with decent browsers like Firefox :-), but this needs fixing. I have a suspicion, that it has something to do with the fact, that the left column is floated. I think, it is mentioned in “More Eric Meyer on CSS”, that IE has problems with floated columns and that positioned columns are a better choice. I guess, I need to study “Project 9: Styling a home page” again and fix things.

Update: That was, before I switched to the WordPress Default Kubrick theme.

New authentication scheme for an Apache installation

In my company on the department host I lost authentication connectivity to the
Windows domain controller sometime during the year change for Apache web authentication
purposes. I was using the mod_auth_samba
to allow authentication against the domain controller. This was working ok more or less. If the
configured domain controller was unavailable, the module would core dump however. And also
the group management for this module was somehow fragile. And after I came back after the
Christmas and New Years holidays, I couldn’t get authentication to work again. Maybe some NTLMv1 vs. NTLMv2 issue.

Anyway, on my Linux PC, I tried to prototype a scheme, which I then would install on the
production system. And because the production system still runs an older SuSE Linux 8.1, I needed to stay with Apache 1.3. If I’ve wanted to move to Apache 2.0 I would have needed to update to a recent SuSE version. At this time I did have time for such an undertaking.

This also caused some problems along the way. I started with to protect a location with Basic Authentication backed by a Berkeley Database (mod_auth_db.so). I couldn’t this simple setup to work. After a long search I found, that it was a problem with differing DB version. My Gentoo PC has DB 3.x, 4.0 and 4.1 installed. Apache 1.3 is explicitly build with DB 4.0. To setup the password and group files I used dbmmanage, which is a Perl program and part of an Apache 1.3 installation.
However the Perl DB_File module, which dbmmanage utilizes is of course linked against the latest and greatest, which is 4.1. And Apache 1.3 linked with DB 4.0 can’t use 4.1 database file. So I removed DB 4.1 and reinstalled the Perl DB_File module now linked with DB 4.0. After recreating the password and group files my basic setup worked as expected.

Next I tried mod_auth_ldap
to authenticate against the Windows Active Directory, but unfortunately it doesn’t work (or I couldn’t get it to work). Sometime ago I tried Apache 2.0 with the integrated mod_auth_ldap module and this worked immediately. But not Apache 1.3.

On to mod_auth_pam in connection with pam_ldap. This setup worked. After making the required changes for pam_ldap in /etc/ldap.conf or /etc/openldap/ldap.conf depending on your Linux distribution and changing the file /etc/pam.d/httpd to use the pam_ldap.so shared library, I could successfully authenticate against the Active Directory. I could also integrate with the AuthDBGroupFile directive, so that authenticated users could be authorized depending on the membership of a particular group. As a side note, which wasn’t immediately obvious to me from reading the documentation and I learned only by consulting the mod_auth_ldap source code, that mod_auth_pam reads the /etc/group file. This means, that a possible authentication scheme might be done through the system files. But that also means, that any user to be authenticated must be existing in the /etc/passwd file.

So I moved this setup to the production system. From first glance it really appeared to work, but the Apache error log showed frequent segmentation faults. I couldn’t really isolate the problem, but it definitely it had something to do with authentication through mod_auth_ldap. So, again a no go.

In the end I settled for the Perl AuthenLDAP module (since the production system also has mod_perl installed). This worked flawlessly direct from the beginning. Integration with AuthDBGroupFile was also working fine. So this is it.

The setup has still problems though since the passwords go unencrypted over the wire. In future another change might be necessary possibly with the integration of SSL and Samba 3.0.