Windows on quantum computing

It is recent news that over the past decade Microsoft has been pursuing a research project aimed at building a quantum computer. The news may appear surprising, given that quantum computation is generally thought to be an object of far-fetched theoretical research. But is it really so? In this post we’ll get a taste of what quantum computation is, and how far (or how close) we may be to it.

Continue reading “Windows on quantum computing”

NTML authentication for Rails from inside Microsoft™ ActiveDirectory

I ended up with a decent setup in which the whole authentication is handled by IIS on a Windows machine that lives inside the ActiveDirectory tree. Adapting from these instructions.

IIS will act as a reverse proxy to your Rails app (typically installed on a *nix server, apache+passenger in my case).

The secret resides in configuring IIS to handle NTLM and then adding this nifty plugin that will basically reproduce the mod_proxy api for IIS.

Here’s an iirf.ini example:

# NOTE: 
# This file should be placed in the IIS document root 
# for the application

StatusInquiry ON
RewriteLogLevel 3
RewriteLog ....TEMPiirf
RewriteCond %{REQUEST_FILENAME} -f
RewriteRule ^.*$ - [L]
ProxyPass ^/(.*)$ http://1.2.3.4:80/$1
ProxyPassReverse / http://1.2.3.4/

With this setup you can rely on the fact that the authentication is performed by IIS and you only get authenticated request with the authentication information stored inside HTTP_AUTHORIZATION.

To parse the user data from the auth header I used net-ntlm:

require 'kconv'
require 'net/ntlm'

if /^(NTLM|Negotiate) (.+)/ =~ env["HTTP_AUTHORIZATION"]
  encoded_message = $2
  message = Net::NTLM::Message.decode64(encoded_message)
  user = Net::NTLM::decode_utf16le(message.user)
end

After that you can even connect to the LDAP ActiveDirectory interface and fetch details about the user.