Category Archives: Enterprisey

When I think of solutions for people, I tend to look at the context. For bigger clients I try to keep an enterprise thinking hat on.

Enterprise Programmer’s Bill of Rights

I recently looked into the Programmer’s Bill of Rights and one commenter’s revised edition.. However, there’s one key problem I had with it and that is the focus on the company providing everything to the developer. Personally, I don’t think it is sustainable for larger enterprises. As such I have a rewrite of the Programmer’s Bill of Rights that can be adapted to more enterprises especially those that are not focused on IT.
Continue reading Enterprise Programmer’s Bill of Rights

Delivery vs enterprise level tooling

One of the key tenets of enterprise architectures is that it needs to be sustainable. Being agile is not one of the tenets and in most cases goes against sustainability of an architecture at an enterprise level. Agile Enterprise Architecture is a myth and this is where I and Cay Hasselmann host of Critical Enterprise Architecture Netcast agree upon at least on one of his episodes (I don’t know if his POV had changed recently). Enterprises do not have to be agile especially if it is not sustainable.
Continue reading Delivery vs enterprise level tooling

Being a good enterprise architecture citizen

One of the side projects I am working on is to develop yet another enterprise application framework.  The purpose of this was to learn and try out some of the current features of Java EE and try to put a fresh eye from what I have seen from other frameworks. Specifically, I wanted to look at developing my framework to be a good enterprise architecture citizen.

Continue reading Being a good enterprise architecture citizen

OAuth 2.0 JASPIC implementation

I’ve worked on several projects now and practically every one of enough scale of them had the login use case. In in almost all those cases, I tend to be the one working on it. Even with other tools I have used such as Sonar, Redmine and Jenkins I had to deal with the login because they each had developed their own systems and kept it with the application. It’s only Curam projects that I worked on and one web app of my entire career where I actually used container managed authentication. My preference … container managed authentication hands down.

However, container managed authentication is not really the most trivial thing to do. In the past every application server had its own way of doing things. Thankfully Java EE 6 had brought in JASPIC as part of the standard (even if it is quite out of date in implementation). Now if we mix it with OAuth 2.0, we can push the authentication out of the app and the app server itself and put it in an enterprise OAuth 2.0 server instead of having just a thin veil in the application using Form based login.

I had recently implemented HTTP Header based authentication with JASPIC; this post talks about using the OAuth 2.0 system on JASPIC.
Continue reading OAuth 2.0 JASPIC implementation