Thursday, July 17, 2014
It involved creating a new filter that could be placed in front of CAS's spring filter( org.springframework.security.cas.web.CasAuthenticationFilter). But since CAS's filter only redirects to the login screen if a user isn't logged in, we needed to do some authentication before the filter executes so it can do it's thing (like populating UserAuthorities and UserDetails so we can use spring security's annotations like @Secured, etc).
So below is the new basic authentication filter. It authenticates via CAS's rest web service so that will need to be enabled. Once it authenticates it "adds" the service ticket to the HttpServletRequest object. I say "add" because you can't really add a parameter to the request, you have to wrap it in an HttpServletRequestWrapper. The whole thing kind of feels like a hack, but I couldn't find, or come up with, a better solution.
Tuesday, July 1, 2014
And for convenience here is an import xml you can use to load all my favorites.
Friday, June 27, 2014
So it feels with my data integration journey, which really only amounts to really peeking inside the door at this point. I know life outside the world of data integration isn't possible for the scenarios I'm facing, but when I see all that is required to make it work I start to cringe.
Why Data Integration
If you're like me you've found yourself trying to utilize data from multiple data sources. And if you're like me you've found that trying to merge the data and perform any sort of operation in the application layer to be a real pain in the butt and it takes FOREVER to build it. So, the way I see it is that we can have the complexity in the application layer or we can have the complexity in the infrastructure.
Something like this:
So the concept seem pretty straight forward. You simply have three data stores and you only want to query against one. Easy enough! But some interesting question and answers came up as we were thinking about this.
Q. How are we going to get data to the consolidated data store?
A. We'll use some CDC tool!
Q. If we use a CDC tool, is the load on our source data stores going to increase?
A. A little as we'll need to write and read from the change logs, but hopefully it will be offset by moving any monitoring and BI operations to the consolidated store.
Q. Can we turn on CDC logging on our data stores?
A. Er...we better ask the System Admins/DBAs
Q. What level of normalization do we want in the consolidated store?
A. Good question.
Q. How are we going to save data that is changed by the users?
A. Well, we could figure out a two way sync and have it save back to the consolidated store or we could write back to the original source and let it propagate through.
Q. Do the CDC tools allow data transformations?
A. Some do.
Q. What tools are even out there?
A. We've come across DBMoto, IBM's Datastage, Oracle's GoldenGate, Talend's enterprise edition, Informatica also has something.
So far lots of questions and even less answers, but as we open the door wider and wider we're getting some answers. I just hope that we're not opening a Pandora's box.
Our next steps are evaluating the CDC tools since this seems to be the biggest unknown at this point. I'll continue writing about our data integration journey and hopefully it doesn't end with the nasties slaying the heroes.
Thursday, June 12, 2014
One of the main hindrances to teams being able to respond rapidly to new features are technical problems resulting from bad coding practices, also known as technical debt. Melissa and Brett will cover Agile tools and practices that help development teams write better code and increase maintainability. Topics that will be covered include:
- Pair programming
- Automated Unit Testing
- Test-Driven Development
- Agile Architecture
Friday, May 9, 2014
So, here is a way to execute a method annotated with the @Scheduled annotation. And, for the record, I don't like having to manually create Spring beans, loop through methods, or any of the other smelly things that are going on here.
The BaseAjaxResponse is simply a pojo that gets converted into json (see SpringMVC and jackson)
Friday, May 2, 2014
Resourcs for enabling CAS Rest Access:
- CAS REST API: https://wiki.jasig.org/display/casum/restful+api
- POST to protected resource: https://groups.google.com/forum/#!searchin/jasig-cas-user/post$20to$20rest$20resource/jasig-cas-user/NWmFahj9usk/YBECPJULN3sJ
(make sure redirectAfterValidation = false for the server using CAS to authenticate, but could have unintended consequences for browsers)
- More redirectAfterValidation: https://wiki.jasig.org/display/CASC/Configuring+the+Jasig+CAS+Client+for+Java+in+the+web.xml
- CAS on GitHub: https://github.com/Jasig/cas
And here is my simple implementation:
- Main.java contains a runnable main method and makes the calls to our REST service
- CasLogin.java holds our user's credentials and makes the call to get the TicketGrantingTicket and the ServiceGrantingTicket. You might be able to store the TGT in order to avoid passing the credentials over the wire for each request.
- RestClient.java holds some helper methods to make http calls