From systems to services

December 14, 2011

Since I moved from a system related job to a service position job I knew I would have many things to learn. However the process is not being as painful as I expected. Services are a higher vision of system staff, therefore I don’t deal with machines, servers, daemons and such things but with deploy, configurations, xml, ears and wars.

Despite my residual developer role, these days I have been concerning about the Jasig CAS upgrade from and old version. Jasig CAS use the maven war overlay method to deal with the customization, and that’s great. We have a new artifact using a custom skin, custom theme, xml configuration files with the correct data source and so on. The upgrade process should be simple, but the new CAS version use a new version of spring, so I should update (Do I really need to update all that xml reference manually?) lots of xml files with the new reference. They also decide to change some components so I need to include some new configurations too. And all this try-and-error process follows the next sequence:

  • Modify some files
  • mvn clean package to generate the war
  • Deploy the war in Tomcat
  • Visit the site. If something went wrong try to figure out (through the trace of Tomcat)

Therefore the process is quite slow, as it include some slow steps such as mvn and deployment. I still don’t feel comfortable with the java process. I come from dynamic languages such as python (mainly Django) and, from my view, java projects needs more hardware resource, and developing them is slower too, so I think I’m missing something about that kind of projects.

Even so, I feel slower than usual but I do my work as well as I can so feel great when get home.

Advertisements

LDAP

May 12, 2008

I have been working with several LDAP implementations for last three month, particulary with OpenLDAP, Oracle Internet Directory and Active Directory. My main goal was to define a structure and a schema to be used as the authentication backend for about 50K users. It should be extensible, flexible and of course rock-solid. I start looking for recomendations in the Internet. The first annoying fact was people avoid the native directory hierarchy implementing that hierarchy with attribute values in each entry. So people use an hierarchized data base but without using hierarchy at all. That force me to think ¿Why?.

After a few weeks I had realized that nowaday the LDAP importance is NOT the database but the standard itself. LDAP provide a way to auth people in any applications using well-known steps and with security (the real password is not readable by application, I can use a SSL connection, …). The real trouble with LDAP is not ease of manage. In my opinion it would be great to have a authentication standard based in modern technologies like web services. You could do whatever you want to achieve user manage if you export the proper web services. Of course you could even manage the data using LDAP.

I know LDAP is much more than authentication and user manage but, on my view, it should be used in a 98% just for authentication. LDAP is highly optimized too; but, as the computer performance increase and hardware prize decrease, I wonder if the manageability, performance relation has sense in real applications nowaday.