Crochet Papoose Patterns

Corporate & Open Source model

Ovunque io abbia lavorato mi è capitato di dover sviluppare un’applicazione per gestire determinate situazioni. Progetti, gestione supporto tecnico, IT governance, e via discorrendo. Ultimamente ho molto a cuore la parte di gestione del supporto tecnico che cerco di plasmare secondo quella che è la realtà corporativa in cui mi trovo (vedi Visioni IT: continuiamo ad integrare il Help Desk ). Uno degli argomenti di cui invece non ho mai avuto modo di parlare sono sicuramente gli aspetti sistemistici.

 

In passato ho lavorato molto con Apache e RedHat Linux e continuo a farlo with considerable satisfaction, however, my choices in the company fell on Microsoft Windows 2003 Server as a server platform for the application, while maintaining an open component for its implementation (PHP, MySQL, OpenLDAP, etc.). The reasons are varied, but in principle I have to admit that Windows 2003 Server is a product that I like most. I think it is one of the best products released by Microsoft in recent years (I think that if I had to choose between Linux RedHat and Windows 2000 Server I would think much more carefully to what to choose). Having always been a large number of users to manage (> 50) and an Active Directory domain in which all users are managed and going to duplicate a user database is more or less equivalent to a suicide administrative (from the point of view of course management systems). For this reason (pretty obvious), Integrated authentication with IIS6 (or base) is the natural choice to solve my problem. The objective is typically to provide users with the least possible number of things to remember as much as possible and simplify their lives (transparent authentication of IE). Regarding security, HTTPS support IIS6 totally responds to my requirements. In other words, with a relatively low-cost licensing I have a chance to put up a front-end production (also virtual) with a high level functional and able to give me the capabilities of High Availability with Load Balancing service (also available on Windows 2003 Web Edition).

The backend application (usually installed on the same machine) rather than its structure based on a database, MySQL 5, and as the ever-popular programming language PHP. There are two applications that have known very well and pull in favor of upper decks (such as. NET and MSSQL) intrigues me not to much (although I use the other two platforms, even in a web context - see below). MySQL 5 database is a robust, fast and capable of handling large volumes of information without any problem. I use it all the way from 3.23, with support strictly relational. Today I think I know how to use a large capacity, exploiting all the benefits that I can bring, the transaction support stored procedures, up to the management of the trigger (with the advent of version 5). PHP is also a choice derived from years of experience is fast, has a very extensive feature set and a framework that I created over the years makes things a lot. The knowledge of the language was certainly the decisive choice.

Now back to the aspects of software design. I mentioned the problem authenticating users and this is undoubtedly one of the most important reasons why I opted for Windows as a web server. Another reason is undoubtedly the document storage and indexing system built into Windows. And how can we appreciate the access to system resources of Windows other than through the libraries of PHP and COM objects? The latter (COM objects precisely) called from PHP on Linux open borders that are not traversable. Just consider the report generation. Many now say "but how, we can generate them in PDF." And the problem is resolved. The problem is that this is a response from technical / programmer and my opinion about it is that the PDF is not a practical size. It is a read-only format, unwieldy and difficult to reuse especially. Let us remember that we are talking about corporate applications, not web sites (in which case the PDF are certainly a good solution).

installing Microsoft Office on the server can retrieve Office documents themselves, created a native mode that certainly will not cause compatibility problems with Office packages distributed in the company. Then generate reports in Excel or Word becomes a breeze. Similarly, the prints of the reports are not more way to handle HTML pages but in a more "appreciated" by the printers: send documents to print directly to printer queues on the network is also simple. Another advantage of this integrated system is to be delegate to a non-programmer the autonomy to create new electronic formats. Suppose you want to print a report on letterhead or with different formatting. The user generates the report format should just build the skeleton of the document, format it so that the application replaces certain areas (or fields) with the values generated by the application (of course, a short course of training is necessary). No intervention the application code is required, management and IT department does not need to cooperate for a typical operation of the first division.

want to go forward? This is one of my "vision" of how things could go, but some time ago I tried to play. Take the COM object libraries of Skype and make sure that our application can also talk to the players, breaking the barrier of using email and so no doubt profitable even instant messaging systems.

not forget. NET and its system functionality that can be very comfortable. Take for example a simple application developed in the test environment for my intranet. The need was to be able to create an environment in which to spool a photocopier can "park" a scanned PDF file. The copier upload the file server using a direct access to SMB. Once the file is "dropped" on the server disk (ergo, they are removed the read lock) the server should change the name of the file and catalog it on the filesystem in a certain way. Here. NET returns useful, especially if what we put up is a simple service system with a few lines of C # intercepts the file you just created (with FileSystemWatcher) and moves to a position not otherwise accessible to users.

Surely the range of products available for Microsoft Windows environments are broader than the open-source products that, more often, requiring several hours of study, technical adaptation and inevitably the first graph to be implemented in production environments. Technical support, then, is something that touches us hope to have in a short time and always by community support.

short, according to my personal point of view, integrating vendor-specific solutions has its advantages (response time, deployment, technical support, documentation) and disadvantages (costs) compared to the world of Open Source solutions, but a balanced choice of two sizes to reap the advantages of both sides can bring tangible benefits and efficient corporate environment in which we work every day, giving users powerful tools that work - without us - so it would not work properly. Many different worlds can now work together without having to go crazy to find software that performs each action from outside suppliers, giving us the opportunity to create a single integrated and cooperative.

How To Write An Interest Letter For A Sorority

IT vision: we continue to integrate the Help Desk

This thing I had already 'thought more' than once. Appearance and 'a matter of course in a system of managing calls, but because' the system for tracking Help Desk I developed myself, for one reason or another, it 's never been implemented (mainly lack of time and / or resources to do so). In general, I decided, for a wide variety of reasons, to develop the application on a Microsoft Windows 2003 Server, IIS, MySQL database and PHP 5. The reasons for this choice will surely be a cause for discussion later:)

The concept of this idea is quite simple: what if we could intercept the calls that come to our internal (technical support) to retrieve them when we go to compile data on a call? Let me explain.

calls are currently handled manually, a user calls, record the call, the category of failure, the user's name and his telephone number. But if the phone number came from the exchange? The key node of this and 'that I know how to do it.

An call technical support. Phone (unfortunately) began to ring. The PBX triggers a SNMP trap to the management system, which at its reception, loads data into the database. The operator answers the phone and clicks on the hyperlink that handles incoming calls. The inclusion of the record automatically generates a call technique, even without additional information. In this way, if all operators are busy, it's still a record of incoming calls.

The operator answers the phone, and the list of incoming calls on Management selects the call that is managing. The ranking, assigns a priority and pass the call being processed in less than 30''(calculated as greetings and pleasantries usual questions about time and health). Meanwhile, you can proceed with the analysis of the problem and possible solution to the same phone, or trace remains of what are the activities to be done (and then follow the normal life cycle of a case of solving the problem). If the operators were all busy answering other calls, or work on a general problem, or were simply in the bathroom, the system continues to collect the phone numbers that can be recalled when the Dealers or return to your desk.

Now, this system can see some advantages and some disadvantages. Starting from the disadvantages, the compilation of the headlights of the form elements may be quite annoying, so it could be resolved with a series of "bookmark" and pre-packaged data to reduce data-entry operations in a few seconds. Personally, from a point of view of both organizational and technical, I only see this as a critical issue. The benefits instead I look huge. We start from the fact that all incoming calls to the helpdesk are recorded. Because this is a management system service calls, do not have the problem of privacy (we consider also that the various Call Center do exactly the same thing in public areas). The system collects the date and exact time of call, with the advantage of having a certain point of departure of the signal (sometimes left the Operator of the HelpDesk, an action that goes far to impact on any SLA and rules of procedure for the solution of problems) . In a geographically distributed environment, collecting and grouping data directly executable on the database can lead to the generation of detailed reports on the capillaries and maintenance costs and administrative efforts to solve problems on the various cost centers, not to mention the fact that data analysis (with appropriate report) can also lead to make forecasts and projections about future problems and needs of a particular location.

Help Desk home made? Definitely continue this practice.

Blue Book For Shotguns

Disclaimer ... oh my Disclaimer

every day I find nothing short of wonderful things in emails that I read. Today I saw one that was really new dell'affascinante:

" please do not print this e-mail Unless you really need to. "

Now I wonder: what is the point? It 's like the rule says that "for a company to send notices via e-mail, you first need to ask - again via email - and if' you can send that communication. "It makes no sense, then companies would distribute leaflets to leave in our inbox before a consent solicitation for commercial communications!

things that our beloved politicians (always strictly secular) are setting up a we are technocrats standards and rules absolutely useless, meaningless and often not feasible. But it still and I do not think I shall refer 'to end very soon:)

Nappy-cake Decoration For A Baby Shower

Bella Vita

Invariably today I heard the infamous phrase "ah, you system yes you make a good life. "Yeah, the stereotype social workers on systems or networks (or - as I do not like very much - Computer ago) is a sedentary job, sitting behind a desk, intent on beating the keyboard. No stress, no major concern, fixed time, and piles of money. Well, inevitably, like all times, the person who said this phrase has absolutely no idea what it means to do our job.

I think that the system administrator and / or networks is the single most difficult job in the world. I say this not because I feel tired doing so (because it would not be absolutely true), but because it is a completely out of control. It is hectic, is evolving at a frightening speed. Every day, if not every hour, something new comes out, a security hole, an update, a new program, a new version. Not to mention the business aspects of the case. A technical manager for information systems must have an overview of who really incredible (do not be surprised if we are single-issue these individuals). From the outside you see only one set of machines that put order into their wardrobes, they are also a terrible figure. But who sees them with a different eye, he sees all sorts of problems: temperature, current, fire hazard, risk of burglary, damage caused by software, virus, mechanical problems, and to make matters worse sometimes it takes a also Sun with its sunspots. Who among you has ever asked if the area where you have the seat is an area with seismic activity? You know how many are the seismic monitoring stations in your area? Or have you ever wondered if the area where you are at risk of flooding?

fight every day with recurring problems and fixations that there are almost never stop thinking about our work, we would have to think and reflect at all times if we were to think of everything, and 24 hours day there would be enough to even begin. And what's more we miss the problems that give us the developers, known to consumers of all kinds because (often) too lazy to think about what they do. This leaves endless conflicts between the two levels of Information Technology who accuse each other of not being able to do the job. Suppliers of software products that they create rather than solve problems on their side because they have "experience". Hats off gentlemen, but sometimes, perhaps, who works in a company, knows it better than you, not to mention the fact that the market system since 390 is the past for some time, Intel thinks the era methods with a little 'different. At the end are those that when you talk about some technologies look at you as if I had just escaped from an insane a mental health center.

Well ... is not exactly a bed of roses and of course our work is not remunerated as good as many think (ah yes, but only in Italy!). What we experience every day, as well as phrases like "if you are not able to do your work, we find dozens of others better than yourself" is not considered an easy life. Often we have to do crazy rounds, pulled by 24 hours because we are in the midst of a stormy sea and we can not stop until we have repaired the damage (you read " vs Computer. Medical ?) Because if not our company remains strong.

The Information Technology is the engine of every company now, underestimated, understated and always fully used in any environment. We, as managers to run these engines, we are in our hands a dirty job, which always puts a strain on us, both emotionally and physically (Montataire you do the wiring closets or wherever it is needed: any technocrat as it should does this work with their colleagues). And look ... I have not invented anything

the other night I went out with some dear friends (I'm not sure those who make statements like those that have given birth to this post), and when they said that "to understand the technology, nowadays, and 'how to have super powers," I felt good. I must say that I had no second thoughts about my choice of work, continues to please me in every way (or almost). Pero 'to hear certain things ... and 'considerable satisfaction:)

Cover Letter For Clothing Shop

Gentlemen: We have a new place between thirty days

The great thing about their working reality is that you can organize just about any eventuality. We know the people, we know the business logic, we know of "death to die." When the reality then they are in business growth, is a source of pride twofold: first, that management is excellent, you see because productivity and farm size grows. The second is growing on a solid and stable foundation. The role of us in IT is just that: create a foundation that does not show signs of yielding to any sort of demand to the Management.

Keyword: growth. Requirements: planning.

Some planning is one thing upon which they based their work: I speak of course of the Project Manager. The problem is that sometimes they do not know the problems that may occur. We, on the other hand, we know our field and we know perfectly what are the weak links in the chain. In business growth, in particular the addition of a home to a corporate network, the weak link is the time (but not for all projects?).

times in Italy to activate a new line data is nothing short of appalling. When it goes well, we make it in two weeks to have a connection, when it's bad ... we have to wait almost a year (see "TLC operators in the limelight). Of course we can not hope that all goes well, so (as always) we have to find a solution. Here's my vision.

"We start with a new home in a month." Announcement fantastic, they are all happy. The IT department normally assume a heavy where people start to panic. "A month!? But we'll never no! ".

with us is different.

a day. Here comes the mandate. Open a new place, there will be no people to work and play this or that role. Let's load data, a short meeting per capire quali sono i requisiti della sede, raccogliere i dati significanti come indirizzo, condizioni dello stabile e cose così. Partono le prime telefonate ai fornitori con cui abbiamo stretta collaborazione. Armadio rack mezza altezza, pannelli di permutazione, router, switch di rete, prese di distribuzione, UPS, server dipartimentale e centralino telefonico. Conferme degli ordini ricevuti in giornata (abbiamo dei fornitori tosti ;)) e i tempi di consegna: settimana prossima abbiamo tutto il materiale. Intanto sentiamo anche l’elettricista e chiediamo autorizzazione al Capo per fare un sopraluogo della sede. Già che ci siamo sentiamo anche i nostri operatori per capire quanti ceri dovremo accendere per avere le linee dati (funzionanti) at that place.

Day two: all quiet, the usual tram tram work. Some minor operation on Active Directory and system management / publishing. Continue to collect data on new home, you go to see her tomorrow.

Day three: vision of the home, an electrician and a representative of corporate management to understand what they want to do there. Framing the technical area, we define electrical work and any wiring. The seat is large, it will take even a wireless access point for the meeting room and a videoconferencing system. Already made phone calls to suppliers (ah yes, in the past months we have drawn up a strict policy on products and services we are going to implement, and even before the site is "thought" we already know what it will cost the infrastructure of the core). OK suppliers, everything proceeds normally.

Day seven: got most of the material, everything is functioning properly. We have already printed and labeled all the equipment, configure the network switch and the departmental server ... limps. It has a power supply failure. Support Request (NBD?) And meanwhile we close the closet, certifying the operation. We continue with our day by day, so that you never get bored.

Day Ten: ready rack, mounted and loaded into the van. We have an appointment with the electrician who has finished the laying of electric line in place. Arrive on site, the placement of the cabinet. Attached to the floor, plugged in, e. .. okay. The core of the site is functional (too bad there are still ADSL). Telecom, however, brought us the studs ISDN, so we can establish temporary connections. Verification of network points and correct configuration of the equipment. We ISDN connections and verify that everything is in order. We understand that it is (thanks to the documentation that we have drawn in the previous months).

Day Fifteen: users of the new headquarters are in the main office for a short training course on the system we're going to propose: Windows GUI and web applications available anywhere. They also illustrate our security policies and explain the reasons for them. Our aim is only to protect the corporation, so no objections. Brochures to hand to all users, with user manuals and any routine procedures (such as contacting the Help Desk, such as numbers for what, who are people in the IT department and what they do). In short, we introduce ourselves as people who have the desire to transmit something, just do not work behind the scenes. At the end we are all in the same boat. End of presentation, we leave room for some question e. .. duty coffee break.

Day winds from remote test site, the first operational checks. Users can actually work, there should be no major hitches. Double check the documentation to make minor changes to the project, we document everything and we'll get it.

twenty-nine Day: recent tests, definitive. We are OK with everything, we did troubleshooting lower in recent days for good luck, but now we're really ready.

Day thirty six in the morning: a man in place for technical testing, ignition system and configuration of those situations that can be considered as a "last minute". Nine in the morning: there's our new colleagues, they enter the office and we found our man (probably the twelfth coffee) hyper active and ready to teach them how to identify network devices and how to act on them: in other words: "read here, hit here." The cables are color-proof color blind, so we should not expect scenes like "oh my God the red wire or the blue wire?". But I do not believe I did the right we have also applied the labels clearly visible on the cables and pasted on the door of a better plan (which, moreover, has also written the phone number to call for technical support).

Day sixty (maybe) come the xDSL. The operator shall notify the company's technical services office must simply certify that the cables of xDSL on the patch panel, paragraph 23 and paragraph 24. Point 23 is in ATM0 port of router A, while point 24 goes into the router ATM0 B. The links are UP (wonderful invention the remote control) and then we can release the service on the corporate VPN. 45 seconds of disservice to the convergence of the whole system, only the operator, after 200 phone calls, hath been cut off from the router. No problem: the phone call to colleague in office: "I can follow the procedure to restart the router?". After two minutes, the router is manageable again, we end configurations (half coffee to remember that we use BGP and OSPF), and we find that everything works.

copy running-config startup config

and good work.

is a utopian vision? Sfidatemi.

Gas Stations Near Me With Glory Holes

This summary is not available. Please click here to view the post.

Dromedary Date Nut Bread

power or continuity '? Visions

One of the things that the IT world and why I welcome less waste and conceptual' when companies' advice (or alleged guru of the field) manage to persuade companies to acquire enormous computing power without thinking of the consequences of their actions. Machines with four or eight-way, with a capacity 'bloated memory, combined with some' RAID disk to prevent loss of data and redundant power supplies ... um ... sorry, but if the car dies, your business what of? Assuming you also have the best support contracts, managed to have a firm also has four hours (read: half-day) on your work ... Thank goodness there 'the Windows Solitaire.

Recently I see many of these reality ', which require a high capability' preparation. I am not sure of the people who are frightened of numbers or transaction processing (application, not database) of which the company needs. Pero 'I have often wondered why the' nobody (or hardly anyone) ever speaks of the model "load balancing". Perhaps not everyone knows that the clusters are not only important to ensure the continuity 'of a service, but can also be used to increase the capacity' of processing system in its complexity '.

I take as an example a project that I developed (in the laboratory, but it 's quite capable of operating in the real world) for a test. The problem was you can make a large amount of processing' format documents PostScript to PDF conversion.

For the development test environment I used virtual machines that ran a Windows Server 2003 Standard Edition (yes, the standard edition, so it is not 'cost-prohibitive). The first Windows 2003 server I have configured the hardening also now making application, in order to have a virtual machine to be replicated on all the others. On completion of the installation I sealed the system with sysprep (other system component) and I copied the disk image to a DVD. I launched the first virtual machine, completed its configuration, and then put the domain (in this case I had already 'two DC running). The three other nodes I simply copied my image from the DVD and start the virtual machine from that disk. In less than two hours I had 4 servers perfectly ready to be configured in the cluster.

For the clustering load balancing I used the Network Load Balancing Microsoft Windows 2003 Server, I created the cluster and added the 4 nodes. The service was of course the shared file and printer sharing service. Then I started to send the files to the cluster and verified which were analyzed by the various server nodes. Of course I could not expect tremendous performance (the laboratory was running on a uniprocessor machine) but 'changing hardware architecture (possibly via a server Xeon Dual Core processors, or even games) the advantage was obvious.

The solution presented would be possible to develop a more 'large amount' of data with a single machine (reducing the waiting time of the output) to save on hardware (nearly 20%) of the proposal made by a 'On the other hand (a quad machine with a roar of memory and disk configurations unintelligible). The advantage of a true solution for load balancing (over for hardware that brings the same volume calculation) and 'continuity' of service. Suppose (as e 'in the case of the project described) that the PDF is crucial for the business' company and that a lack of delivery of the PDF you make a loss not only temporary but also image. What happens if the system stops? Between servicing, telephone calls from people who rail against the administrator of the system, the service call and prayers "is not the disk controller" spend between 2 to 4 hours before the problem is solved (already ', because 'found the courier traffic due to an accident, and if our SysAdmin opens the car assurance goes to hell). The damage ' fact: there are two hours to 20, closing date of the delivery of PDF, the next day there is 'an important event in which the company had invested money and can not' have the brochures from the printers. The system is solved, are the 19, the system and 'just broken, taking charge of the first file ... is damaged, it must recontact the chart to put them back in the queue of processes ... pass 20, the system 'still in the middle' way to finish the conversion ...

definitely the solution all on one "does not work, especially because 'that are real benefits in these applications. If she died a single virtual machine (dump system, crash the application), other nodes would however, continued to operate, and the delay would have been really low, without compromising the image.

Business Continuity and High reliability '? Let's talk about ...

Duas For Stomach Ache

IT: Integrated Warehouse

Imagine your company has a warehouse of products to customers is completely computerized. A database with all the stock items, labeled with a labeling machine that prints the serial number with a barcode. Your employee enters magazzno not need to know that the stock is, when it was purchased or another: the box is there, has a label, so it can be removed. Your employee takes the box, passes to the terminal in store, insert the own serial number and password (which happens to be 'the username and password using the PC), reads the barcode, enter the recipient's neck, and the purpose. Send the form to the server management that is out there on the printer side of the packing slip of the product. Everything is already 'recorded and saved in your database management, the workers involved in the operation of the warehouse can be found on the screen immediately, no loss of time, no organizational problem. Do you think it would be great, but you're afraid that costs a crazy exaggerated? Perhaps it is not 'so.

The right choice of platforms can 'bring substantial benefits in enterprise environments. Build an Intranet web-based, for example, has the advantage that it can be extended to the whole business environment in minimum time and there is no need to install client-specific user terminals. The choice of Microsoft Windows Server 2003 to execute the application would promote the concept of "single sign-on (provided you have a domain or NT5 NT6 available) through which users are accustomed to a few things (running a Only one user name and password) in a timely manner (complexity 'credentials, self-service password change) for all business applications. A solution that is also reflected on the management of those documents that must comply with safety and obvious pragmatic management policies credentials of the user. The adoption of Microsoft Windows Server as an application platform that offers a second advantage to my vision: native support for different printer driver (etichettattrice or network printer does not necessarily PS) allows for greater flexibility 'in choosing products to use and the' uselessness' of writing code "ad hoc" for this printer, as the middleware between application and printer down from the same application code to the device driver itself. Third and not least, the concept of COM objects in Microsoft Office enables web application to use Word or Excel as an "engine" of print management (notoriously unmanageable via html) print making processes more 'simple and, once again, more' independent of the output device used (laser, inkjet, thermal, needles).

but open source and 'free! Of course, there is no 'doubt that installing a Linux web server has a cost related only to the hardware, it also means that the knowledge of the medium are delegated to a small number of people who know that environment. It also means creating a system that can not 'blend in with the rest of azendale which inevitably relies on commercial platforms. Means to introduce additional "weak points" in the chain (already 'fragile) stability' of the system and create confusion among users, complicating the lives of those who, with rare exceptions, sono pigri e faticano a pensare anche al loro piccolo. Provate a spiegare ad un utente che deve ricordarsi la propria password del pc, quella della posta elettronica, quella del proxy, quella del gestionale, quella della Intranet. E che ai sensi di legge, devono anche pensare di tenerle tutte complesse e cambiarle ogni tanto!! Per quanto le soluzioni tecniche Open Source possano essere belle e strafighe (passatemi il termine) corporativamente parlando (e politicamente) sono un suicidio amministrativo (tecnicamente parlando).

Come appunto ho appena affermato, scelte opportune si riflettono su ambiti differenti. La spesa (perpetua) di acquisizione di licenze per Microsoft Office e Windows 2003 Server (anche web edition) possono essere facilmente recovered by calculating the savings in time application development using also (like myself would suggest) Open Source programming languages like PHP and database platforms like MySQL or PostgreSQL (without forgetting where possible or necessary) the commercial databases such as Oracle, DB2 or SQL Server.

development prodtti mix of enterprise and open source method, in my personal opinion, could ('cause normally tip or "all open" or "all branded") lead to levels of integration that seem only to the extent by major companies rely on huge solution provider, both addends of a formula on how extortionate sum investment (unnecessary and difficult to justify, IMHO).

How To Re Cap Beer Bottles

Privacy & Development Web

Current privacy laws (and common sense) require that application development is done in order to protect access to sensitive data to people who actually do have permission. According to guidelines, the development expected to create the database views and queries that, according to the user level, giving access to a given set of information. This approach, in my opinion, it is very costly in terms of resources and of the time actually available for development, is not easily achievable. What I want to propose here is an alternative method to develop web applications that meet those needs quickly.

The application uses PHP as a programming language as it may be applied to any other programming language. SQL queries are reported by MySQL.

The first phase of this development should be the development of a strong set of functions that carry out the functions of authentication and authorization. This set of functions must perform the tasks proposed below. Assign some functions of names, so you can draw in the sample code that I'm proposing.

authentication function

This feature should always be present. It can not be omitted, it must support a control mechanism that verifies the existence and the correctness of the credentials, the account was activated or not. In terms of application code this feature can be omitted because the handling of credentials can be delegated to the Web Server (basic authentication, etc.). As more manageable and integrated with other authentication systems or single sign on (eg. IIS and Active Directory) that are easier to control and already have a strong system of accounting control user (password expiration, complexity, etc.).

function authorization management

This in contrast to that component, however, is indispensable. The function gives the user a "level" of authorization that across the entire application, provides the user access to certain components or content. The function will load in session (not cookies!) The levels of permission that must be accessible. At the logon user supplied set of credentials will then be compared with the level of the user, and its "Authority token is saved in session. Every time you want to publish a component (an anchor, a record, even a single label), the program will determine whether or not the user is authorized to access that information using the "token" as a method of comparison.

How do we handle the data access?

Suppose you have a master data table structured like this: CREATE TABLE

tbl_pazienti (

ID_paziente INTEGER UNSIGNED NOT NULL AUTO_INCREMENT,

nome_paziente VARCHAR (45) NULL,

codice_fiscale CHAR (15) NULL,

address VARCHAR (45) NULL,

location VARCHAR (255) NULL, province CHAR

( 2) NULL,

state CHAR (3) NULL DEFAULT "ITA",

phone VARCHAR (20) NULL,

codice_assistito CHAR (10) NULL, PRIMARY KEY

(ID_paziente)

)

Under the Guidelines, each "level" of authorization should create a view that gives access only to a limited data component. Programmatically, then, should we make a series of control structures that, depending on the user level, loads the appropriate view. The commitment to permission management becoming expensive, while adding a new level of approval would require the least intervention of a DBA (if the code is structured properly).

implement the method described in this article, however, we are going to handle all application layer. Through a configuration panel you can configure the parameters of "authorization." The process of creating a new permission level includes the following steps:

1. Creating the permission level
2. For each table we are going to define which column the user can see and which not (a boolean)
3. Save changes

The above operation can be done easily by any user who has the appropriate credentials for access to the administration, and must not be either a DBA or a programmer. In terms of code instead? All exactly the same. Let's see how.

Starting from the SELECT statement that queries the database, let's load the record of a particular patient.

SELECT t.nome_paziente, t.codice_fiscale, t.indirizzo, t.localita,

t.provincia, t.stato, t.telefono, t. codice_assistito

tbl_pazienti FROM t WHERE

t.ID_paziente

= 25 LIMIT 1;

The query returns a record only with the patient demographics. Now we see the application code.

The rule of RAD (Rapid Application Development) to see data that says we have to make a structure like this:

$ q = "SELECT .....";

$ r = mysql_query ($ q);

$ data = mysql_fetch_array ($ r);

# Other code

print ($ data ["nome_paziente"]);

not want to upset the rule of the rapid application development, rather, we want to keep. Then we replace only one function of the whole set this: the print () function.

Our new feature (which I will call GetElement ") does nothing but make the output of an element's content $ Date, but before doing so, checks whether the user has permission to view this element. According to the above example, therefore, that we wrote the code that we will be more like the following example:

$ sql = "SELECT ....";

$ obj-> query ($ sql);

# Other code

print $ obj-> GetElement ("nome_paziente");

Conclusions

The advantage of this programming method is that the developer can develop applications quickly, without regard for the concept of authorization. The system described can be applied to any element of the program as labels, elements of form, anchors, etc.. Development of the guideline within the administration making a complete split between the user who must receive an application, and the development group that must act on it instead of adding new features. When an end user needs to modify a permission level, the proposed system is sufficient to ask the person who deals with the management level which is normally a person who knows the internal optics business. If we used the views, however, we would have to call a DBA or developer, with the logical consequence of having to wait for a longer period of time for editing (and possibly bug because the change is made on the code).

There are aspects of security and privacy (this one is linked to the health care world that fascinates me a lot lately) I have not covered since they are mainly in arguments Systems. These elements are the communication between database and application servers, and between application servers and network clients, data encryption on the disks of the database, and any encryption data within the database tables. Maybe will be the subject of another article:)