Wild month at work…

… and at home, for that matter!

So, I haven’t made good on my last post‘s promise of details on my Heroku success, but that’s only because it’s been an on-going effort. I was able to get my build process smoothed out and Mavenized, but there were a few tweaks that I’ve got to go back and document / integrate to make next time easier. I shared the archetype with a co-worker, so once I get his feedback I’ll post the goods here.

Work has been crazy. I was thinking I should core dump the last few months of tasks so I don’t forget them in the long run.

Fun with SSO

Way back (near June, I believe) I was tasked with securing our existing apps with an organization-wide SSO solution, as well as kicking off a few new projects that would also be secured via said SSO solution. The actual act of wiring up the security layer wasn’t difficult (due to the excellent work of the Support / Stack teams my client has) and only took a few days. The real trouble began when we started working towards my latest rabbit-hole feature known simply as “AppSwitcher”.

The concept of AppSwitcher (or AS as I’ve grown to call it for short since it’s appeared in so many bug reports) was simple: We have a number of applications that provide vital information to our users; Our users generally need to use some combination of our applications, but don’t necessarily have access to ALL the applications; each application should provide an uniform widget to allow the user to easily “switch” between applications (assuming they have access to said application). Easy, right? Well, sort of…

Since each app needs to be responsible for authorizing a user itself, calls had to be made client-side to capitalize on our new SSO feature. Easily accomplished with a JavaScript library + JSONP, right?  Wrong! Not quite so easy since our apps are built on different stacks, one of which being GWT. Even more troubling was the fact that our SSO solution intermittently drops connections w/o a good means of determining what happened.

The eventual solution ended up consisting of a multi-module Maven dependency shared among several projects, a JavaScript widget with some hefty dependencies, a polling solution and a highly-scrutinized inter-application communication protocol that has to be versioned and extended for the foreseeable future. Lots of fun and lots learned, but man it’s been a fair amount of work…