Blog from March, 2012

I had the tingling feeling with the previous release of tapestry-security but since we have such a blind faith in our functional testing suite, and the tests all passed, we went ahead and managed to cause some headache for all of our users deploying their secure applications to non-root contexts. At least I'm happy the library is popular enough that I get immediate feedback when I screw up (thanks Lenny!). Anyway to restore our crisis of faith, we responded by writing even more tests and here we go again, upgrade to tapestry-security 0.4.4, it's all fixed. There's also some updates to the documentation, check out tapestry-security guide!

Release notes:

Sub-task

  • [TYNAMO-144] - This patch broke fallbackURL functionality
  • [TYNAMO-145] - TYNAMO-133 breaks SecurityUtils.logout() from within Tapestry onEvent methods

Bug

  • [TYNAMO-124] - Context path duplicated when redirecting to saved request
The Tynamo team never rests and is at it again, bringing you a new Tapestry module: tapestry-activiti. This module allows you to integrate Activiti into your Tapestry application. Activiti is a workflow and Business Process Management (BPM) platform. Its core is a super-fast and rock-solid BPMN 2 process engine for Java. We are very excited about this new module and can't wait to hear your thoughts, suggestions and how you put it to use. Go check out tapestry-activiti!

Cheers,
Tynamo Team

PS: We'd like to thank Omar Carvajal for all the work he has put into this.
I rarely find it good use of my time to read random blog posts, but every once and a while you hit a gem. The following is not written by me but I agree with it word for word, and is one of the reasons I left the enterprise world:

"Today I found myself thinking again of what I see as two distinct cultures in the development world: Hackers and Enterprise Developers. This really isn’t any kind of a rant just an observation that I’ve been thinking over lately.
Hackers are really bleeding edge. They have no problem using the commandline, using multiple languages, or contributing back to open source. They’ll find and fix bugs in the opensource software they use and issue pull requests frequently. They’ll always be willing to use new tools that help them produce better software when there might not even be any good IDE support. Finally, they’re always constantly investigating new technologies and techniques to give them a competitive edge in the world.
Now when I say hacker I don’t mean someone who just hacks lots of random shit together and calls it a day (that kind of developer isn’t good for anyone). Just someone who isn’t afraid to shake up the status quo, isn’t afraid to be a bit different and go against the grain. They’re the polar opposite of enterprise developers.
Enterprise Developers on the other hand are fairly conservative with their software development methodology. I’m not saying that a lack of standards is a good thing, but enterprise developers want standards for doing everything and they want it standardized across the company. If there isn’t IDE support for a tool they’ll refuse to use it. Want to use mongodb, riak, etc? Not unless there’s a fancy GUI client for interacting with it. If they find a bug they’ll back away from the framework they’re using and simply declare that the company shouldn’t use the framework until the bug is fixed externally. I find this group prefers to play it safe and work on solidifying their existing practices rather than explore new ideas.
Now don’t get me wrong, this isn’t another rant on IDEs or developers who don’t use the command line. But give me a couple days in any organization and I can quickly point out who the Hackers and Enterprise Developers are."

It's also noteworthy to point out that at least from my experience, the average enterprise developer typically makes much more than the average hacker. So who's really the smart one, eh? Read the whole post at: http://www.javacodegeeks.com/2012/03/tale-of-two-cultures-hackers-and.html

I swear, I thought tapestry-security already implemented anything you need for security. But turns out I was wrong. So, we quickly put together another, even more awesome release of tapestry-security for Apache Tapestry 5 from tynamo.org, with the following enhancements in the newly baked 0.4.3:

Bug

  • [TYNAMO-124] - Context path duplicated when redirecting to saved request
  • [TYNAMO-133] - ShiroHttpServletRequest isn't used if there's no chain associated with the request

Improvement

  • [TYNAMO-121] - Ability to plug into ExceptionPage for the same exception type
  • [TYNAMO-127] - Make SubjectFactory and RememberMeManager their own services for better flexiblity

New Feature

  • [TYNAMO-128] - Make Authenticator its own service to allow registering authenticationlisteners

Check out the tapestry-security guide for more information and enjoy!

Oh and btw, we had also previously released but hadn't announced a bug-fix release 0.1.2 for the exceptionpage module, that tapestry-security uses for exception handling. The lone issue was:

Bug

  • [TYNAMO-126] - Exceptionpage doesn't work for page contributions

Read more about the exceptionpage module from tapestry-exceptionpage guide

Welcome Dragan!
Tynamo's ranks are growing yet again! Please join me welcoming Dragan Sahpaski to the project. Dragan is a highly skilled individual whom I had a privilege to work with last summer when I was mentoring him for a GSoC project. I've had this idea for a light in-place content editing component for Tapestry5 and when I was looking for a reasonable rich text editor to integrate with, of course I found tapestry5-ckeditor, a brilliant CKEditor integration for T5 that Dragan had put together. At the same time, he was looking for a solid home to publish the component. Fits like a Huggies diaper, right? This marks the first foray into UI components for Tynamo.org though, but hey what's life without risks? (smile)