Quod Scripsi, Scripsi

Great Article on Programming

This article sums up my idea of programming, and what I’ve been trying to express to many, many people around me for some time.

Masters Degree

I’ve been giving a lot of thought to pursuing a Masters degree. I thought about IST, but I’m honestly not sure what use that would be at this point in my career and it’s not something I would take for enjoyment or personal gratification. I am interested in Applied Math, but I’m not very confident in my very rusty higher math skills. I think if I could brush them up in some undergrad courses, I might be able to tackle it. Then again, it’s been a long time since I’ve tackled integrals.

Maybe I’ll look at IST again and see if there’s anything that looks promising. I wouldn’t mind getting deeper into database design and theory.

BioLogos Footnote

The next book I picked up and am now reading, The Orthodox Church has a footnote in the section on doctrine, page 218 of the new edition:

The opening chapters of Genesis are of course concerned with certain religious truths, and are not to be taken as literal history. Fifteen centuries before modern Biblical criticism, Greek Fathers were already interpreting the Creation and Paradise stories symbolically rather than literally.

Strange how things align sometimes…

On Randomness

It seems like one major point of conflict over evolution and faith is the idea of randomness. The term has many connotations, but the most common in this case is equivalence with a lack of purpose or guidance. Naturalists point to the randomness of nature as evidence against a rational God who guides His creation. Theists argue that any randomness is localized or illusory and that each creature is an act of special creation, no randomness.

My objection is over the idea of randomness itself. What we do not understand, we tend to call “random”, “chaotic” or “accidental”. I’m not a Deist, but I do believe that God generally lets His design run it’s course. Intervention isn’t necessary because it was perfectly designed in the first place. That’s not to say that He doesn’t intervene at times, just that it wasn’t required by the design. What appears random to us is really just beyond our comprehension. The roll of a die can be calculated according to the laws of physics given near perfect knowledge – without knowledge of physics and mechanics it would be impossible. Is it therefore random?

Perhaps it comes down to time and our place in the flow of it. I had a professor once who challenged my statement that God is outside of Time. I’m not sure that he was serious, but it did make me think about the implications and meaning of such a statement. I guess I don’t believe in randomness, just limits in our ability to see causes and consequences.

Also, I always hated studying probability theory. I suppose in some ways it was/is interesting, but I just couldn’t ever wrap my head around it.

Unified Identity at Penn State

One of my favorite soapbox issues at work is the complete lack of a central, authoritative database of persons affiliated with Penn State and their statuses. I have worked on literally dozens of projects (some ongoing) that require some form of reliable, electronic method of determining whether an individual is affiliated with PSU and more importantly how they are affiliated. I know that there are dozens if not hundreds or thousands more spread out across the University in small IT shops and across colleges.

The main issue is of course political, but there are also technical hurdles to overcome. LDAP is a good start, but it’s far from authoritative and not always easy to work with. I’m currently trying to figure out how to limit access to a Wiki that’s using WebAccess (Cosign) and an extension that automatically creates user accounts in the Wiki based on the remote_user value. The problem is that WebAccess at PSU is not currently configured to use multi-factor authentication, so I can’t do an LDAP lookup in the same step that WA authenticates. I only need (and can only use) LDAP for authorization, but so far all attempts at using Apache modules to do the lookup after WA returns have blown up.

I tried the mod_authz_ldap module recommended by UMich with their patch for a basic auth. Of course the module wouldn’t build with the version of Apache on Red Hat Enterprise 4.5. I did plug through some of the Make errors, but it wasn’t really worth the time, since it turns out to have some serious flaws. I also tried the plain mod_auth_ldap that shipped with Apache on the RH box. It seemed to work, but then further testing revealed that it wasn’t applying the filters and the directive requiring the specific field I needed from LDAP would blow up – code 500.

The real irony here is that if the Wiki was written in Coldfusion, I could use some code I wrote for Dickinson Law last year and do the LDAP lookup in code. Instead, it’s a nightmare of hacked together PHP. Furthermore, I’m not sure that even with caching there wouldn’t be a performance hit from LDAP lookups on each request. What I’m now contemplating is a scheduled script, maybe CF or Perl or Python, that would query LDAP for the subset of users that I need and create a local file that could be used by the basic auth mechanism of Apache via a “require group” directive.

Even if that works, this is still a tremendous pain in the ass for a function that should be very straightforward. We really need to integrate our authentication and authorization systems, because most of us don’t have time to hack this kind of mess together – and we shouldn’t have to.

Update: Yeah, so I hacked an LDAP call into the auth plugin I’m using. It hits LDAP too much, but it seems to work. Bloody php hacks.