20130819 (Monday, 19 August 2013)¶
Lino-Welfare¶
Continued on the https://www.lino-framework.org/todo.html.
: Reihenfolge und Bezeichnungen der Felder für Filterparameter optimiert. “Neue Klienten seit” war par défaut leer statt vor einem Monat.
Renamed ClientStates.coached to ClientStates.active. Added a new interpretation rule of pcsw.Clients.parameters:
Zum Feld “Beobachtungskriterium” in den Filterparametern von Klienten:
Der Standardwert hieß bisher “Begleitet”. Den habe ich umbenannt nach “Aktiv”. Es bedeutet “sowohl Begleitete als auch Neuanträge”.
Wenn man keine Periode angibt, wurde dieses Feld bisher komplett ignoriert, ab jetzt werden dann nur aktive Klienten angezeigt (also keine Ehemaligen und keine Abgelehnteb).
Added “yellow” to the list of supported row classes. Renamed get_row_class to get_row_classes and added Renderer.row_classes_map.
Klienten, die als veraltet markiert sind, werden jetzt generell mit einem Sternchen hinter der Partnernummer angezeigt.
Not pcsw.Person but only pcsw.Client is Printable. And not Printable but just BasePrintable.
Das Info-Panel im Detail von Empfang –> Klienten (client_info) zeigt jetzt falls nötig eine anklickbare Aufforderung “Muss eID-Karte einlesen!”
Die Titel der Tabellen in der Startseite sind jetzt wieder einfach schwarz statt blau und anklickbar. Dahinter jeweils eine anklickbare Ikone “Dieses Panel in eigenem Fenster öffnen”.
Reading the picture from a Belgian eID card¶
Continued from 2013-08-16. Still trying to reproduce the problem on welfare-demo.
After reading a blog entry eID sous Ubuntu by Christophe Beyls, I reinstalled middleware and viewer as he instructs using packages from eid.belgium.be, but nope, that wasn’t the problem. My client either freezes or says “Applet not found”.
After (re)discovering how to show the Java console for IcedTea under Ubuntu 12.04 (see https://www.lino-framework.org/davlink/client.html) I finally could visualize the reasons of the problem.
A first problem was:
Aug 19, 2013 11:15:12 PM org.jdesktop.applet.util.JNLPAppletLauncher displayError
SEVERE: java.io.IOException: org.xml.sax.SAXException: no protocol: /media/eid-jslib/beid35JavaWrapper-linux.jar
The solution was to edit the .jnlp files on the server to include the full URL address for codebase.
Second problem:
[ERROR] UnsatisfiedLinkError: /tmp/jnlp-applet/jln1693967795930166374/jln7665424274621368038/libbeidlibJava_Wrapper.so: libbeidcommon.so.3: cannot open shared object file: No such file or directory
java.library.path = /usr/lib/chromium-browser:/usr/lib/chromium-browser/libs:/usr/java/packages/lib/i386:/usr/lib/jni:/lib:/usr/lib
java.class.path = /usr/lib/jvm/java-7-openjdk-i386/lib/rt.jar
java.lang.reflect.InvocationTargetException
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at sun.applet.PluginAppletSecurityContext$4.run(PluginAppletSecurityContext.java:670)
at java.security.AccessController.doPrivileged(Native Method)
at sun.applet.PluginAppletSecurityContext.handleMessage(PluginAppletSecurityContext.java:667)
at sun.applet.AppletSecurityContextManager.handleMessage(AppletSecurityContextManager.java:68)
at sun.applet.PluginStreamHandler.handleMessage(PluginStreamHandler.java:235)
at sun.applet.PluginMessageHandlerWorker.run(PluginMessageHandlerWorker.java:78)
Caused by: java.lang.UnsatisfiedLinkError: be.belgium.eid.beidlibJava_WrapperJNI.BEID_ReaderSet_instance()J
at be.belgium.eid.beidlibJava_WrapperJNI.BEID_ReaderSet_instance(Native Method)
at be.belgium.eid.BEID_ReaderSet.instance(BEID_ReaderSet.java:37)
at be.belgium.beid.BEID_Applet.InitLib(BEID_Applet.java:621)
... 10 more
No solution until now…
Setting passwords manually¶
Before finding how to show the Java console I suspected that the beid applet refuses to start when it detects to be running over non-secured http, and so I set up a secured demo database to use_beid_jslib. Here is how to manually set a password for a given user:
$ python manage.py shell
>>> from lino.api.shell import *
>>> u = users.User.objects.get(username='robin')
>>> u.password
u'!'
>>> u.set_password("1234")
>>> u.save()
>>> u.password
u'pbkdf2_sha256$10000$KsU7cSfJbLDe$8rTzCjZMyR9/5Qx+zCUXPb84k77zW0F16od/TmFy7wk='
>>>
My EIDReader applet : Reading Estonian eID cards¶
I suspect the complex combination of Java and Middleware requirements to be the cause of many problems, and wrote a proof of concept for a rather utopic solution: write myself an applet that reads public info from a Belgian eID card, directly using javax.smartcardio and therefore without need for any middleware or offical fedict eid-applet.
As a first step I started by reading an Estonian eID card because I found a very helpful blog entry javax.smartcardio and EstEID written almost 3 years ago by Revo at codeborne. Thank you, Revo.
Another important document is the official EstEID card specification (found via ID-kaardi dokumentatsioon).
Result: /lino/media/applets/eid_test.html and /java/lino/eid/EIDReader.java.
Next steps would be to find out
how to read the photo of an Estonian eID card
the command APDUs for Belgian eID cards