Friday, January 16, 2015

Troubleshooting a Facebook IE8 last week...

Monday, December 29, 2014

User location API's in Android

With the new framework with Google Play, you have to update your code now to use this unified GoogleApiClient.Builder() approach:

There are now actually two ways to get location from Android. The 2nd way attempts to unify the various LocationProviders (GPS, network, other applications, etc.) into one API:

Friday, December 12, 2014

How to map multiple keyboards to the same OSX mappings

If you're trying to use Karabiner to support key remappings for multiple devices, you can take advantage of the templating syntax:

You can have your product and vendor ID definitions here:

You define your main key remappings here:

Wednesday, December 10, 2014

Using padding in ListViews

Don't forget to use scrollbarStyle and clipToPadding according to this post!

The difference between gravity and layout_gravity -- one deals with the parent (layout_), the other deals with the child.

Monday, November 24, 2014

How Nginx computes the ETag header for files.

Curious how the ETag: header is generated in Nginx?

Turns out it's a combination of the last modified time and the content length:
etag->value.len = ngx_sprintf(etag->, "\"%xT-%xO\"",
                      - etag->;

You can determine the last modified time in hex by using this Unix line:
printf "%x" $(stat -c%Y <file>)

The content length is determined here:
stat --format="%s" <file>

Sunday, November 9, 2014

Implementing Splunk SSO with Google Apps

Trying to setup Splunk with Google Apps authentication?

1. You can download a reverse proxy module for Nginx released by's engineering team. It requires installing Go (apt-get install go). You can compile it by typing go build, and the binary should be built.  The download link is listed below:

The instructions in the README walk you through what you need to do to setup with Google's API console. Since Google is phasing out OpenID support, using Google Oauth is now the expected way to authenticate.

To start running the proxy, you'll need the accepted Google Apps domain, the callback URL (should end with /oauth2/callback), client ID, and client secret from the Google API console.

./google_auth_proxy -cookie-secret=abcd -http-address= -redirect-url= -upstream= --client-secret=1234

2. Setup your Nginx configuration to reverse proxy to 4180:

server {
  listen 80;

  location / {
      proxy_set_header Host $host;
      proxy_set_header X-Real-IP $remote_addr;
      proxy_set_header X-Scheme $scheme;
      proxy_connect_timeout 1;
      proxy_send_timeout 30;
      proxy_read_timeout 30;

3. Next, you'll have to setup your configuration in etc/system/local/web.conf with this config. The goal is to use the email address used during login, which gets passed as X-Forwarded-Email, to Splunk. SSOMode set to strict will require all logins to depend on this header.  The tools.proxy.on seems to be used for older Apache reverse proxy setups, but doesn't need to be used for this setup.

SSOMode = strict
trustedIP =
remoteUser = X-Forwarded-Email
tools.proxy.on = False

4. Before you restart Splunk, make sure to create your usernames as the email address.  If you need to rename your existing ones, you'll need to edit the Splunk etc/passwd entries manually.

5. Once you restart, Splunk provides a /debug/sso endpoint, which lets you verify that the X-Forwarded-Email is being set correctly.   If you have any issues, turn off SSOMode = permissive until your are confident that the reverse proxy is setup correctly.