Posts

Using AWS inspector to monitor AWS EC2 instance for common vulnerabilities.

Image
AWS Inspector. This is an automated security assessment service on the AWS console which scans through your environment and provides you with a report of vulnerabilities in it.
this service is useful in that

It helps to improve the security and complains of applications deployed in the AWS environmentIt assesses the application for exposure (vulnerabilities and deviation from best security practices)Shows your changes which took place that exposes your infrastructure.It recommends possible ways of fixing the vulnerabilities.
How to set up the inspector. To set up and AWS inspector, you need to make sure the service you want to monitor or access is running, in this case, the ec2 has to be running. So with the instance, you want to access running, on the AWS console search for the inspector service. With the inspector service on focus, click on get started.




Next, you are presented with the page for configuring or choosing the type of assessment of which are network assessment and host a…

Cross origin request explained

Image
If You are a developer getting started or have played with frontend as well as backend development for some time now then you must have faced issues with CORS a lot of the time. and I guess by now you must have known how to solve them. If you have not then follow along and you will know the reason why it is occuring and how to resolve it. If you already know how to solve it but don't understand the theory and reason behind what you do in order to solve it then you are in the right place. If you are a backend developer then you might have also heard a lot of your frontend guys ask you to enable CORS.
For a frontend dev, the typical error you get is this.
Access to fetch at 'http://localhost:3000/' from origin 'http://localhost:3001' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with COR…

Algorithm Design A Call For Concern To Software Engineers

Image
Algorithms in its entirety are often misunderstood and misinterpreted by most of the software engineers or developers. Technically every software or program you develop does use an algorithm and in most cases brute-force that is the obvious solution and at times the easiest. In computer science and software engineering, the concern is in solving problems and any problem that needs to be solved requires a solution in a finite amount of time and using the smallest amount of resources as possible.  In this post is the discussion about the importance and need for a software engineer to be able and capable of designing a good algorithm in his or her software development lifetime. This post will also go further to demonstrate on the side effects that you as a developer have without basic knowledge of algorithms,
 the software that you build and the community that uses the software you build.

Importance of good algorithm design.
Algorithm design is important because They make your program fly…

Reset Password via Email Project

Image
Primary Mentor: Wyclif Luyima.

Backup Mentor: Burke Mamlin.

Student: Harisu fanyui

Project Wiki: https://wiki.openmrs.org/display/projects/Reset+Password+via+Email+Project

Overview. This project aims at adding new feature into openmrs, ie that of which to allow users to perform self service resetting of password. This is going to do away with the bottle neck on the admins of having to carryout the password reset for other users by generating temporal password so when they log in they can reset. Or by allowing the users to provide some secret answers to secret questions that were previously provided. This new feature will allow users to request for password reset to be done via email and most importantly it should work and allow all these actions to be carried via reset webservice.
Work still to be done. Create a page for the reference app for requesting a password reset
Update the reference app pages that are used for resetting password and the controllers to display a different form …

Week Twelve

Image
Week 12.
This week commenced and i fully worked on making sure all the hanging pull request with respect to the core have been merged and closed. I accomplished these by hastening up my speed in fixing reviews, then i created new branches called general fix where all the light works related to renaming adding exception modifying exception messages and as well writing tests.
Rest webservice. After sucessfully finishing with the core and everything merged, I went straight away to the  rest webservice module where i added 2 endpoint to handle the get with provided activation and a post with new credentials  password and activation key. this i did before consulting my mentor and  after consulting him. There was alot of other design changes such. i had to send and email message to my two mentors ie primary mentor and backup mentor. I also posted on talk here  from this talk post i received many criticism and all of them were positively to my benefits in finishing up with the rest webservi…

Week Eleven

Gsoc Week 11,
This week commenced and was interleaved with a lot of assorted activities which i under took some of which were not directly related to the my gsoc activities. This week i while still working on and fixing a the pending reviews on the pull request i made, i created off a branch from my supposed master reference which in this case is passwordreset then i added some code to receive the new password along side the activation key and creates an updates the user password if the activation key provided in the request is proven to belong to the user and is valid as the constraint provided in the method that will be invoke to get the user using the email. which are make sure that the user activation key exist and is not expired, make sure the activation key is linked to a user. After adding this method i had to also as usual write test to make sure that  the user password is updated if activation key is correct and one to make sure that the password is not updated if the activati…

Week 10

Image
Gsoc Week 10.
This week started off with a continuation of addressing the pending reviews still on the pull request which did not get merged the following week. I went further and continued writing some tests. I also during this week had to make a presentiation of the work i've done so fare till date. This i made following some reviews of past works that i saw in past gsoc students. I started by creating a youtube channel then i went further to create a power point presentation after i got the presentation working. I had as a next challenge in making a video explaining what my presentation is talking about. Below is a front page of my presentation of the work i did. and the complete power point presentation of th work can be found here  .Aslso the link to the you tube presentaion can be found here Password Reset Via email Project -gsoc midterm presentation.

Also the link to the openmrs talk page can be found here  talk page



By the end of this week i still couldn't get the pull…