Author: Lisa

EV UTV!

When we picked up the field goal posts, we also checked out a Polaris Ranger EV that was being auctioned by a park / habitat preservation entity. We actually won the auction! Scott and Anya went out today to pick it up. The batteries are shot (of course! We’d measured the voltages already and bid with the assumption that new batteries would be needed), but everything looks solid otherwise. Fingers crossed we can get 48v of the batteries working to boot it up and confirm everything is functional.

Gooooooal … posts

Another government auction deal – $36 for 700 or 800 pounds of aluminum tubes that we’ll make into gates. The field goal system is designed to rotate to allow the field to be used for non-football purposes … which should be perfect for swinging a gate across the driveways and farm road.

PingFederate – OGNL Customization of AuthnContext

After a recent merger, we have added federated authentication in our PingFederate environment that allows the incoming company to continue to use their Entra (ADFS) logon process to authenticate through PingFederate. All of the IDs exist in our directory, and contract attributes are populated based on the local account. But the authentication is handled by their existing system. It’s really cool, and works for 99.9% of the applications. One, however, was not happy with the resultant attribute contract. It worked fine for me, logging in directly with PingFederate. Anyone who authenticated through Entra, however, got a very specific error:

AuthenticatingAuthority array contains a value which is not a wellformed absolute uri

And, yes, I concur – there is absolutely an element in the AuthenticatingAuthority array that is not a well-formed absolute URI

Luckily, there appears to be a solution. On the ACS URL tab, select “Show Advanced Customizations”

A screenshot of a computer AI-generated content may be incorrect.

Use the drop-down to select the message type of “AssertionType” and the expression provided at https://support.pingidentity.com/s/article/OGNL-Examples-Message-Customization#rm-authauthority to remove authenticating authority values when multiple are present (which also works when only one is present)

A close-up of a computer screen AI-generated content may be incorrect.

Now I no longer have authenticating authorities but the AuthnContextClassRef is “urn:oasis:names:tc:SAML:2.0:ac:classes:Telephony” … so, in the assertion creation, we need to add SAML_AUTHN_CTX to the attribute contract

A screenshot of a computer AI-generated content may be incorrect.

In the attribute contract fulfillment, map this to a static TEXT string – I am using “urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified” which is used as the default in PingFederate

Final Answer! I have an AuthnContext that does not contain any invalid URI strings and a AuthnContextClassRef that is expected.

 

Embroidery

The library system in our neighboring county has five or six locations with 10-needle embroidery machines. They’re free to use, but you pay $0.10 for every 1,000 stitches. And you cannot just bring your own thread (they will, however, order colors if you request them … not thirty shades of orange, but they’re happy to stock colors that aren’t really close to something they already own). Lesson of the day: even if it’s not “a computer”, it’s a computer. Reboot it.

I took a day off work, and we planned to spend the day at the library embroidering an entire stack of shirts. Five hours later, one was not even complete. There were two staff members going through the really big manual. They tried everything. The threads breaking issue turned out to be a badly would bobbin, but we still had trouble with the machine locking in the thread when it would move to a new run. Try enough times, you could get it to start. But, when it locked off the run, cut the thread, and moved elsewhere to start another run? The thread wouldn’t get locked in, and it would come out of the needle. We tried “fast forwarding” the job to the point of using a different needle. Same issue. We tried a simpler design (we started big, which was probably a bad idea). Same issue (although we managed to re-thread the upper needle frequently enough that the job completed). Kind of a last ditch effort, we rebooted the thing. And it worked perfectly. I’m guessing there’s some re-calibration steps that run on start-up because I don’t see this as a purely software issue where clearing the memory and starting over would have done something. But, sigh! Reboot it!

Wood carvings

Anya had whittled a few things (even a crochet hook!) with her multi-tool, so I bought a set of actual wood carving knives, safety gloves, and basswood cubes. She’s been doing a lot of wood carving this summer, and she’s gotten really good! The left-hand owl was coated with linseed oil and submitted for a local art showcase. The snowman has the cutest (and pointiest!) little stick “carrot” nose.

Local Library

I’ve always known that half of the local library looks like a barn – cute, and keeping with the rural roots of the community. I never really questioned the aesthetic. Anya has been volunteering at the library a few days a week this summer. We took a walk around the property checking it all out after her shift one day — yup, half of it looks like a barn. But!

At the corner of the building, they have sculptures. A pig, a mouse, a goose, really realistic corn.

And an archway with a metal “spider web” that says terrific … the entire area is designed after Charlotte’s Web!

 

 

Salsa and Guacamole

There were fresh, homegrown tomatoes available … so I made some salsa:

6 large tomatoes, diced
5 jalapeno peppers, diced finely
2 cloves of garlic
1/2 large onion, also diced
juice from 1/2 of a fresh lime
Salt and pepper

The jalapeno peppers were not spicy, so I might use habanero next time, but this made a great fresh salsa. And I realized that guacamole is pretty much the salsa mixed with mashed avocado.  I took about a third of the salsa, drained the liquid, and added it to three large, ripe avocados mashed up.