Black Pepper Blog

The thoughts and musings of our team

Agile and ITIL

There's an increasing amount of forum traffic about when / if / how Agile methods can be harnessed with ITIL for use in an IT Operations environment. The line of questioning seems to suggest that the people-centric elements of Agile are only used in software development and just doesn't mesh with the rigour and control sought by ITIL adoption. Having implemented both, I think this argument is flawed on both sides:

 

1. People adopt agile to provide rigour and control over previous unwieldly waterfall projects


March 1, 2010 Posted by adamw | Untagged  | Comment (0)

WSSE authentication using SpringSecurity

I've been building some RESTful application recently and as part of that wanted to look at authentication techniques. Traditional web application will typically use form-based authentication - where the user enters their credentials on a web page and then they are authenticated for whole session. RESTful apps can use this approach, however it is different for every application and relies on server-side state, which is not ideal for scalability, and has the potential for session hi-jacking.

The alternative for RESTful apps is to provide authentication credentials with every call. Many applications have application specific means of providing credentials, which I've implemented in the past, however this time I've been particularly interested in looking at more general solutions.

HTTP supports two standard means of providing authentication information, via the 'Authorization' header: Basic and Digest. The Authorization header is extensible and the Atom community have produced an extension based on the WS-Security specification: WSSE. This has gained quite a lot of acceptance including in the REST community, and so I wanted to see how difficult it would be to implement it in my own application. The answer was that it was pretty straight-forward to get simple mechanism working.

For background on WSSE, read Mark Pilgrim's article on it.


February 1, 2010 Posted by JohnCooke | WSSESpringSecurityRESTAuthentication | Comment (0)

GENSO Workshop at University of Vigo

Background

From the Global Educational Network for Satellite Operations (GENSO) web site:

GENSO aims to increase the return from educational space missions by forming a worldwide network of ground stations and spacecraft which can interact via a software standard. This will fundamentally change the way that these missions are managed, dramatically increasing the level of access to orbital educational spacecraft.


January 26, 2010 Posted by Badger | Untagged  | Comment (0)

Simulating typing into a GWT RichTextArea with Selenium 2 (WebDriver)

I wrote an entry previously about manipulating a GWT RichTextArea widget via Selenium. Recently I've been investigating moving to Selenium 2, also known as Selenium WebDriver.

As with Selenium 1 the mechanism for manipulating a RichTextArea widget in Selenium 2:

  1. Select the iframe that the RichTextArea resides in
  2. Type the required text into the body of the iframe
  3. Select the top level frame

Assuming a RichTextArea with an ID of "gwt-debug-text-editor" the following Java code fragment gives a concrete example of doing this


December 18, 2009 Posted by JohnE | Selenium 2SeleniumGWTAcceptance Testing | Comment (1)

Agile is for life, not just for Christmas

In a recent article on TechRepublic, Ilya Bogorad reminded me how the mere possession of an IT buzzword does not make for good practice. In this instance, the topic of discussion was ITIL, the increasingly popular IT Service Management approach, or a "framework of common sense" for IT service providers, as some analysts point out.

The same cautionary tale is true for Agile, which as a buzzword is currently on the ascendancy, but as a practice has been around for as long as anyone capable of remembering can recall, albeit in different guises: RAD/JAD, Scrum, and DSDM set the scene for what is now roundly known as Agile close to 20 years ago. So why the current hype?

Traditionally, hype is fuelled by a promise of something new or better than before. That's true for Agile methodologies - done correctly, they can deliver successful software projects faster, cheaper, and to a greater degree of quality than traditional lifecycles.


December 3, 2009 Posted by adamw | Scrumprocessdevelopmentagile | Comment (0)

Cobertura errors in Hudson

I've just come across a very odd error while configuring one of our Hudson builds to publish cobertura metrics.

 The build failed, and the console log contained many, many errors a bit like this one:

FATAL: Unable to parse /var/lib/hudson/jobs/blah/builds/2009-11-27_13-37-31/coverage1986.xml
hudson.util.IOException2: Cannot parse coverage results
	at hudson.plugins.cobertura.CoberturaCoverageParser.parse(CoberturaCoverageParser.java:85)
	at hudson.plugins.cobertura.CoberturaCoverageParser.parse(CoberturaCoverageParser.java:48)
	at hudson.plugins.cobertura.CoberturaPublisher.perform(CoberturaPublisher.java:258)

Now I hadn't generated these coverage[nnnn].xml files, and nor did my build (at least, not when I ran it on my development machine). Inspection of the files on the hudson server revealed that they contained varying content, but each looked suspiciously like one of the files from my project.


November 27, 2009 Posted by ChrisL | Untagged  | Comment (0)

Android Continuous Integration (Part 1)

At Black Pepper we have a history of carrying out n-Tier Flex/Java developments using continous integration with the following tools and libraries:

  • JUnit
  • JMock
  •  Selenuim
  • Cobertura
  • Findbugs
  • Hudson
  • Ant
  • LiquiBase
  • Eclipse

We are about to move into the Mobile Computing arena with the Google Android phone as one of our target platforms. To aid this, I am developing a CI environment using all of the above tools.

This blog is the first of a series which will show how such an environment can be built and used.


November 13, 2009 Posted by Badger | Untagged  | Comment (0)

The Pain of Integrating with HSBC e-Secure Payments

I've spent the last few weeks adding the ability to pay by credit or debit card to an application. Our customer has picked HSBC e-Secure Payments as their payment provider so I needed to integrate with their payment API. HSBC provide two mechanism, an API so that you can capture payment information within your own site and maintain your own branding, or you can redirect to a HSBC site for payment and then they'll redirect the customer back to your own site again once payment is complete. We wanted to use the API since we want customers to remain within our application.

Firstly HSBC do not provide a developer's site with documentation, code or even frequently asked questions so I had a little difficulty getting started. All questions and requests must go to their call centre who, while they are quite helpful, are no substitute for comprehensive documentation. They will email you their specifications - but why not have them on a web site, this is the twenty-first century after all. Secondly, the documentation that they do provide is lacking in a number of areas and incorrect in others (meaning that I have run up quite a phone bill calling their support number). Worst of all, HSBC do not provide a test or integration system.

I was shocked when I realised that I would have to do all my testing in a live environment, and remember that this is for financial transactions!


November 11, 2009 Posted by JohnCooke | IntegrationHSBCeSecure PaymentsCredit Card testing | Comment (2)

Migrating an SVN project to different repository

Following the completion of the development phase of a recent project, we needed to handover the project's source code to the client as part of the project delivery process.

We wanted to capture the project's history, so this would be available to the client's support and maintenance team. Fortunately, subversion provides a dump facility to do just that. Unfortunately, the dump process can produce huge volumes of data, and in our case, the output data was much bigger than the disc space available on the server!

The svnadmin dump command extracts all the data from each checkin and writes it in a fairly verbose format. We use a single repository for all our projects, and always have done, but we may have been better prepared for this delivery if we'd created a separate repository for this particular project.


November 5, 2009 Posted by Simon | subversion programming disk space continuous integration | Comment (0)

How to save 33GB of disk space (or... Managing Plesk Backups)

Our hosted server recently ran out of disk space - an awkward situation. A little research revealed that /var/lib contained quite a lot of data - about 33GB more than we were expecting, most of it in /var/lib/psa/dumps/tmp.

Turns out that this is where Plesk puts its temporary files when doing backups, and for some reason they weren't getting removed, and in our case, they totalled 33GB. So... first of all we removed them, and then set about making sure the situation didn't happen again.

Chris Meller notes that sometimes the permissions on the directory get broken (such as when you restore from a backup), so I made sure that it was owner/group psaadm:psaadm and then, just to be sure, added a quick nightly cron job for root that runs the following script to remove any temporary files older than 90 days.  Job done.  

#!/bin/sh
#
# Delete backup more than 90 days old.
#
backupDir="/var/lib/psa/dumps/tmp"
#
daysToKeep=90

echo "Checking for files older than $daysToKeep days in $backupDir"
listOfFiles=`find $backupDir -mtime +$daysToKeep`
if [ ! -z $listOfFiles ]
then
      echo "Found [$listOfFiles]"
else
      echo "None found."
fi
for toDelete in $listOfFiles
do
      echo "Deleting $toDelete"
      rm -rf $toDelete
done
echo "Done."

October 22, 2009 Posted by ChrisL | Plesk backup plesk disk space | Comment (0)
<< Start < Prev 1 2 3 4 5 6 Next > End >>