modified Desktop Connector 1.2beta of HTTPS(SSL) enabled available

[yasuaki]

Hi all,

I just posted the "modified Desktop Connector 1.2beta of HTTPS(SSL) enabled" on the MindTouch Community Portal that you can take a look at this and find this useful.

http://developer.mindtouch.com/User:...S(SSL)_enabled


Because we needed this tool as a user of open-source MindTouch Core, I corrected an old (GPL license) code found at the MindTouch repository to implement our needs.

The correction is a minimum requirement as described below:

(1) Support HTTPS (HTTP on SSL).
If SSL certificate was not certified by Certification Authority (CA), this tool warn of the security problem.

(2) Support of Trusted Authentication with LDAP.
We changed timing of user authentication internally.

(3) Encrypt user password in the registry


There are unsolved known issues as below. However, I believe this modified Desktop Connector achieves the value of higher operationality for MindTouch Core users. Also please feel free to changes to the source code yourself to implement something useful.

Enjoy!


<known issues>
http://developer.mindtouch.com/User:...ktop_Connector

<PLEASE NOTE>
1. This is not an official product from MindTouch. If you are a user of a commerical version of MindTouch, you can get the latest official product here:
http://www.mindtouch.com/products/desktop_tools/

2. You should accept any result of causing by this tool, and should not inquire of a official support. Of course, you should not apply this to your production system.

[zapping]

Can this be downloaded and tested?

[crb]

Can this be downloaded and tested?

I don't see why not - see the Files section on Yasuaki's first link.

[yasuaki]

Hey zapping

Can this be downloaded and tested?

Yes, as Crb said, this is downloadable from the "Files" section on the page below.

http://developer.mindtouch.com/User:...S(SSL)_enabled

And this is used at our daily job, but not test it by strict product test.
Of course I don't know wheather this work at your site or not.

[maphew]

Thank you Yasuaki! I look forward to testing this.

Can it safely co-exist with the commercial connector if they don't run at the same time? I have both Mindtouch Standard and Core sites to work with. If they can't I'll run one inside a VM but it would be less hassle if they can be on the same machine.

[yasuaki]

Hey matt,

Can it safely co-exist with the commercial connector if they don't run at the same time?

No, I do not recommend coexistence of open-source tool and product version tool for the following reasons.

The reason is that a management method each other is different though the same registry key is shared. I confirmed the encryption password that open-source tool managed was deleted with the product version tool.

There is an idea that changes the registry key name to solve this issue and compile again.

[crb]

Could we make it use the same registry key as the new product version?

[yasuaki]

No, we can't. Because password in the registory are encripted using secret seed data which are MindTouch internal only. So we can't obtain raw password from the registory.

By the way, do you have multiple MindTouch sites which are open-souce license and production license ?

[crb]

Are you sure it doesn't just use a standard .NET encryption? We should reverse-engineer it (and/or ask MT to tell us )

[brigettek]

Desktop Connector uses the following:


public static string EncodePassword(string password) {
return Convert.ToBase64String(ProtectedData.Protect(Unico deEncoding.ASCII.GetBytes(password), null, DataProtectionScope.CurrentUser));
}

public static string DecodePassword(string password) {
return UnicodeEncoding.ASCII.GetString(ProtectedData.Unpr otect(Convert.FromBase64String(password), null, DataProtectionScope.CurrentUser));
}