cosign-discuss at umich.edu
general discussion of cosign development and deployment
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: status of JavaCosign?
On Sep 16, 2005, at 9:12 AM, Will Jaynes wrote:
Now that I've gotten a version of JavaCosign working on my
development machine, I'd like to better understand the current
status of JavaCosign.
The version on the download page (and the one I got working) is
1.0b1. In the cvs repository there are three tagged versions,
1.0b1, 1.0b2, and 1.0. Why does the download page only have the
beta2 version? Are these other versions not released/supported/
Probably we'll just change the download to be 1.0, which is the most
recent and currently recommended version.
There's some Kerberos related stuff in the current code. Is that
related to JavaCosign in some way, or can I ignore it?
I'm not super familiar with the JavaCosign code base, so I'm not
really sure to what part of the code you might be referring. But you
can probably just ignore it :) ( i think it's just an example )
Who is currently responsible for / working on the JavaCosign code?
If I have questions/suggestions who can I talk to?
An excellent question. :) The authors of the original JavaCosign
filter ( Paul Saxman and Tony Chan ) are no longer in the jobs they
were in when they wrote the filter, and so it's a grey area right
now. The 1.0 version contains their original code plus a series of
bug fixes and enhancements. This version was modified by our summer
temp, a Masters student in CS ( Jason Dillaman ), but he no longer
works with us, either. No one on the current core cosign team
programs in Java. We are, however, pursuing this in several
directions right now - a current staff member is in the process of
learning Java, we've been allotted some help from a Java programmer
in another group, and we're about to hire a new web programmer ( this
position will require some knowledge of Java).
Someone in the Umich or larger cosign community who is actively using
the JavaCosign fiilter could also become one of the maintainers.
I'm not yet sure whether the Med School will be using Cosign, but I
suspect we will in at least some applications. Since we use the
Spring Framework and the Acegi Security framework for Spring, I'll
probably be writing an Acegi security provider for Cosign. I
imagine this would look a lot like the CAS provider, so it
shouldn't be too hard to do. I'll know more when I get back from
vacation after next week.
Great! We have a test server that you can use for testing, and we can
give you access to logs and such if that will help your development