Vacations over, Jasig CAS and Django

This is my first week after a whole month on vacations, so I’m feeling plenty of energy to work in my two principal projects at work:

  • Jasig CAS
  • A Django app to manage digital identity

On the Jasig CAS side, I have some upgrades to do, and also some challenges to face. Jasig CAS has a problem with the documentation. It symply doesn’t exists. The documentation is maintained separated from source, and they don’t have any QA process on it. I manage a custom deployment with a custom theme, and custom authentication handlers and repositories, to support spanish DNIe. To do this I need a custom login-webflow, so every new versión I need to figure out what changed to incorporated it into our login-webflow. With the source in Github the best  way to do this is using “history” on the login-webflow of the project.

I often need to expose user data through Web Services to other apps. Depending on the nature of the user data exposed this has some security concerns. My challenge regarding Jasig CAS is to include in the attributes some ones gathered throw web services. Doing this way I ensure the user data are exposed when the user is logged, so I have a point, a crazy developer won’t be able to poll the entire user database.

On the other hand the Django project has tons of things to do. The upgrade work is a continuous task, because I use so many libraries, that they are always getting security upgrades. This project is being developed in an internal svn repository. I want to move the project to git, mainly because I want to use feature branches to avoid hot fixes issues. I’m using jenkins to tests the test, although our test coverage is not that high now. I would like to publish this project in github too,  my boss used to agreed me, but he always said we need to improve the project to publish it “finished”. I convinced him that developing in github is a good idea, because if no one gets involve then I won’t be slower, but if some one gets involve I’ll expend some time in managing his/her collaborations, but also won’t expend time actually doing what he/she commited.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: