In part one of this two part article, you will learn about five of the top ten "worst offenders" of misconfigurations of application security that can cause overall problems for ASP.NET Web-based applications. Learn more about how to secure the Web.config files of an ASP.NET application.
Maven is a popular build tool available for java developers. One of the benefits of maven is that helps to reduce the duplication of dependent software libraries (jars) required to build an application. The maven suggested approach is to store all the software libraries in a remote store called a repository. Maven synchronizes with the public repository at ibiblio.org This repository is slow, unreliable and does not have the latest versions of some libraries(jars) available elsewhere. Libraries private to the organization cannot be uploaded there either. By setting up an internal maven repository, an organization can avail of the benefits of a maven repository and bypass some of the shortcomings of the repository at ibiblio. This article looks at some of the functionality that a maven repository should provide. Criteria for choosing a maven repository are listed. Steps involved in setting up a maven repository using Artifactory are explained. The process of setting up the repository is same for both Linux and Windows and the minor differences are highlighted in the article. Examples of maven ‘pom’ files which use this repository are shown. The article is illustrated with screenshots to guide the user in setting up a repository. Sample maven and artifactory configuration is shown.
In the course of rescuing a development from 'merge misery', it became increasingly apparent that there were a number of practices for managing branches in the Version Control System that would have reduced the pain and effort of the subsequent merge, and made the dream of continuous delivery come closer to reality. From the experience comes some well-tested ways of making branches and merges a stress-free part of application development.
Gradle is a new and revolutionary build tool, based on the Groovy programming language. It is very different from existing tools like Ant and Maven in that it provides an extremely powerful capability to develop build applications using Groovy code and a compelling Groovy DSL. This allows to easily develop a non-standard build for any project, according to its needs, or to fall back to a more traditional convention-over-configuration approach also fully supported by the tool.
The increasing popularity of agile development methods is putting new demands on the traditional CM discipline. A working CM environment is essential for the rapid nature of agile development methods, but the CM process and the CM role has to be adapted to the present evolution of software development methods as well as automated tools. This article discusses lean principles and agile values within a CM scope and also introduces a method to classify the CM discipline in relation to development method and level of tool automation.
The inception of the Extreme Programming methodology has brought test-driven development and continuous integration into mainstream Java development practices. Applying these techniques to Java server-side development can quickly become a nightmare if you don't have the right tools. This article describes how to deal with continuous integration and how to use DbUnit in conjunction with JUnit to control the test environment end-to-end by setting up the state of the database before each test.
There are a lot of CM/ALM solutions out there - so where are we headed. In my opinion, the future of CM/ALM will be defined by the level of tool suite integration, more than by any other factor in the 3rd and 4th Generations of tools. And basic "integration" will not cut it. Putting tools together into a single package with some glue and triggers to help the tools interact is helpful, but will fall short of market demand. "Seamless Integration" will be a requirement. No advance is more important to the next genreation of CM tools. What about cost? What about ease-of-use? How about traceability?
Customizing or extending third party "vendor" source code is becoming increasingly common especially with the availability of open-source software. Building upon existing code increases your time to market and lets a group of experts elsewhere develop the foundation. Vendors typically provide frequent patches and new features in the form of vendor releases. Managing the incorporation of vendor releases alongside customizations requires an additional layer of configuration management. raditional branch-based software configuration management (SCM) tools require an unnecessarily complex branch and merge process. This article describes how stream-based SCM provides a more intuitive and efficient parallel development model for managing customizations to vendor code.
With so many Continuous Integration (CI) servers to choose from, it can be difficult to decide which one is right for you. This article looks at a handful of open source CI servers, including Continuum, CruiseControl, and Luntbuild, using a consistent evaluation criteria and illustrative examples.