Study Note: Exploring Keystone.

OpenStack's Keystone.

  1. Identity - represent user, can be store internally and they suggest that in production enterprise environment use an external identity provider. It is advice to use LDAP or AD because of weak password support (no password rotation & no password recovery).
  2. Authentication - process of validating a user's identity (aka login process). They also suggest that in production enterprise environment use LDAP or AD. It will generate a bearer token with expiry and is developer's responsibility to protect this token.
  3. Authorization - determine what resources can be access with the token. It maps user's role to domain(s) or project(s). There is a policy engine to evaluate information pertaining to user & role to allow or reject users actions.
  4. Projects - is an abstraction used by OpenStack services to group & isolate resources. It is not own by users but use a concept called Role Assignment where users/groups given access to the project (aka grant).
  5. Domain - is an abstraction to isolate visibility. Each organization can only see their assigned users, groups and projects (aka multi-tenancy).
  6. Users & User Groups - are entities given access to resources. Groups are a collection of users. Actors comprises of users & groups.
  7. Roles - authorized to do something e.g. admin role is assigned to john and assigned on the project A.
  8. Assignment - as in role assignment (grant or revoke) is a combination of an actor, a target and a role.
  9. Target - a role is assigned on a target --> often refers to Projects or Domains.
  10. Token - is a data structure and for Keystone it is in JSON format. It contains required information such as issue date, expiry, ids and any information required to authorize access.
  11. Catalog - also in JSON format, contains URLs & end-points. It allow apps to access resources.
  12. Multiple Identity Providers - available since Juno release.
  13. External Identity Providers - use Federated Authentication. Backends software (LDAP, AD) or Social Login (Google, Facebook, Twitter). Supported protocol are SAML & OpenID Connect. Get extension from Github for OAuth2 support.

Building Qt 4.8 x64 using VS2012 on Windows 10

Good day...

Today's task is to build Qt 4.8.6 from source.

This is the first article describing my journey on this project and more will be published later.

It will be as brief as possible because I'm updating this blog as soon as each step was performed.

Let's start.

Assumed that you already have Visual Studio 2012 installed on your machine.

1) Download and install ActivePerl x64.

2) Get precompiled OpenSSL from

3) Download openssl-1.1.0f-vs2012.7z.

4) Extract this file to C:\OpenSSL-1.1-0f-vs2012.

5) Download from Qt archive repository.

6) Extract this file to C:\Qt\4.8.6_x642012.

7) Add QTDIR=C:\Qt\4.8.6_x642012 to your environmental variable.

8) Add C:\Qt\4.8.6_x642012\bin and C:\OpenSSL-1.1.0f-VS2012\bin64 to your path.

9) Run "Open VS2012 x64 Native Tools Command Prompt"

10) cd to C:\Qt\4.8.6_x642012

11) Type in the following command:

configure -mp -prefix C:/Qt/4.8.6_x642012 -debug-and-release -shared -exceptions -stl -confirm-license -opensource -qt-zlib -qt-libjpeg -qt-libpng -qt-libmng -qt-libtiff -no-qt3support -no-webkit -I C:/OpenSSL-1.1.0f-VS2012/include64 -L C:/OpenSSL-1.1.0f-VS2012/lib64 -plugin-sql-mysql -I C:/Mysql-5.7.19-winx64/include -L C:/Mysql-5.7.19-winx64/lib -plugin-sql-psql -I C:/Postgresql-9.6.5-1-x64/include -L C:/Postgresql-9.6.5-1-x64/lib -plugin-sql-odbc

(Note: this is my preferred configuration. You can choose options that best fit your needs).

11.1) If you include these options:

-plugin-sql-psql -I C:/Postgresql-9.6.5-1-x64/include -L C:/Postgresql-9.6.5-1-x64/lib

You need to get PostgreSQL ( prior to above configuration or otherwise remove these options.

Just in case you need to download PostgreSQL binaries, it can be found here: Extract it to C:\Postgresql-9.6.5-1-x64 folder.

11.2) If you include these options:

-plugin-sql-mysql -I C:/Mysql-5.7.19-winx64/include -L C:/Mysql-5.7.19-winx64/lib

You need to get Mysql ( prior to above configuration or otherwise remove these options.

Download from to get this file. Extract to C:\Mysql-5.7.19-winx64 folder.

12) run nmake and wait.... wait.... wait for it..... done!

13) Check C:\Qt\4.8.6_x642012bin and C:\Qt\4.8.6_x642012lib folders to see DLLs and lib files are created.

Revisiter - VB.NET strings

How many times you wish you can construct strings not using the " (quote) and + (plus).

In our day to day programming, we usually do stuff like:

Sub Query(table_name As String, idx As Integer)
  Dim sql As String = "SELECT * FROM " + table_name + "WHERE PKID=" + idx.ToString()

Or maybe you can use "string.format" or StringBuilder

Dim sql As String = String.Format("SELECT * FROM {0} WHERE PKID={1}", table_name, idx)


Dim sql As New StringBuilder
sql.Append("SELECT * FROM ").Append(table_name).Append(" WHERE PKID=").Append(idx.ToString())

As you can see, you can't get away from using the " and + sign. angry.jpeg

Fortunately, there is another way to write above code and you can only get in VB.NET, sorry C# guys...

Dim sql As String = <span>SELECT * FROM <%= table_name %> WHERE PKID=<%= idx.ToString() %>; <span>.Value

So elegant...

Try it out. Happy coding...

GitHub – stanleytktan

Stanley Tan


I'm a very "senior" software developer. tbc...