Newsletter - 201006 - June 2010

Owned by Mark Mark
Last updated: Jun 29, 2010Version comment
13 min read

JASIG NEWSLETTER - JUNE 2010

================================================================

JASIG PROJECTS

Central Authentication Service (CAS)

  • Jasig CAS Client for Java 3.1.11
  • Announcement: Mitigating the Risk Due to Inherent Characteristics of Bearer Tokens

uPortal

  • July 2010 uPortal Community Call
  • uPortal Documentation Coordinator

Bedework

  • Who’s using Bedework? – You tell us
  • Bedework and Internationalization
  • Bedework visits Universidad Pública de Navarra
AROUND JASIG
  • Jasig 2010 Elections - Call for Nominations
  • Sakai Project Manager Position Open
  • Kuali Days Call for Proposals
  • Contegix Becomes Newest Jasig Partner
UPCOMING EVENTS
  • The Jasig Fall 2010 Unconference is Coming!
  • OSCON 2010 Open Source Convention - Portland, Oregon (July 19-23, 2010)
  • 2010 EDUCAUSE Annual Conference - Anaheim, California (October 12-15, 2010)
TECH CORNER
  • "Unplutofy" your Portlets

================================================================

JASIG PROJECTS

Central Authentication Service (CAS)

Jasig CAS Client for Java 3.1.11

Dear CAS Community,

We're pleased to announce a new release of the Jasig CAS Client for Java (version 3.1.11). The releases notes include:

New Feature

  • CASC-108 - Develop CAS Login Module for JAAS Support (contributed by Virginia Tech)

Improvement

  • CASC-80 - Be able to setup HostnameVerifier from system property
  • CASC-103 - Attribute parsing with Cas20ServiceTicketValidator does not work in some cases - should include guidance
  • CASC-105 - "SingleSignOutFilter" causes "safeGetParameter" method in "CommonUtils" to always display warning
  • CASC-112 - cas.log shows bogus 'no proxy ticket' error when in fact there is one

Task

  • CASC-67 - Document using the CAS Client with Spring Security Pre-Authentication methods

Bug

  • CASC-102 - Custom proxy granting ticket storage methods not being set properly in web.xml
  • CASC-106 - Saml11TicketValidatorTests.testValidationSuccessWithNoAttributes() fails due to TimeZone problem
  • CASC-107 - Encoding when parsing validation response should be configurable in CAS client
  • CASC-109 - Bug in AbstractTicketValidationFilter.java
  • CASC-110 - Unable to change the replacement proxyGrantingTicketStorageClass implementation via web.xml

For those of you who use Maven, you can follow these instructions to add the CAS Client to your project:https://wiki.jasig.org/display/CASC/Obtaining+from+Maven2+Repository

If you just need the binaries, you can grab them from the Maven2 repository manually:http://repo2.maven.org/maven2/org/jasig/cas/client/

This upgrade is recommended for all users of the 3.1.x branch.

Cheers,
Scott

================================================================

Announcement: Mitigating the Risk Due to Inherent Characteristics of Bearer Tokens

Dear CAS Community,

The CAS Steering Committee was recently presented with a paper that detailed some of the risks of protocols that use bearer tokens. The paper specifically mentioned CAS, though just about all protocols that use bearer tokens are subject to these risks.

The Steering Committee has drafted a formal response to this paper and encourages you to read it (the response specifically, but feel free to read the paper also!):https://wiki.jasig.org/display/CASST/Mitigating+Risk+due+to+the+Inherent+Characteristics+of+Bearer+Tokens

We've also started a document where the CAS community can collaborate on best practices for securing their applications (its a bit sparse right now, but we expect it to grow):https://wiki.jasig.org/display/CASC/Client+Security+Recommendations

We encourage you to read and contribute to this document.

We take security and usability of the CAS Server and Clients seriously. Future releases of the CAS Server and CAS clients will continue to take a lead in implementing security and usability best practices in order to protect users. Look for some of those to appear in the CAS Server 3.5 release.

If you have any questions, please do not hesitate to contact the steering committee.

Thanks
Scott

Scott Battaglia
Chair, Jasig Central Authentication Service Steering Committee
(sent on behalf of the entire CAS Steering Committee)

================================================================

uPortal

July 2010 uPortal Community Call

Thursday July 22, 2010
8:30am Pacific, 11:30am Eastern, 16:30 BST

The uPortal Steering Committee invites you to join us on our next uPortal Community Call, which will be held as a webinar, hosted by The University of Wisconsin-Madison, on Thursday, July 22, at 11:30am EST.

Agenda:

  • Introduction/Announcements
  • uPortal and Portlets update
  • Content Management Integration update
  • Updating the User Manual
  • Yale Portal Demo

If you have ideas for future calls or would like to demonstrate some of your portal functionality, please email uportal-steering-committee at lists dot jasig dot org.

To participate in the webinar (Requires Adobe Flash), click on the Adobe Connect URL provided by our host, University of Wisconsin-Madison, for the video portion of the call: http://wisc.na4.acrobat.com/uportal/ Click the "enter as guest" and include your organization in your name, e.g. Jim Helwig (UW-Madison).

The separate conference call lines for the audio portion are as follows:

  • US: (712) 432-1600
  • France: 0826 100 256
  • Spain: 902 886025
  • UK: 0844 58 191 02

All: Participant Access Code 548898#

We hope to see you there!

Conference Registration: https://www.concentra-cms.com/register/start.action?confId=46

================================================================

uPortal Documentation Coordinator

The uPortal Steering Committee is proud to introduce Laura McCord from Southwestern as the uPortal Documentation Coordinator. Laura will be working with the uPortal developers and community to revise and update the uPortal 3.2 user manual. As the work progresses, she and the uPortal Steering Committee will be posting status updates on the uPortal email lists. Laura will also be soliciting feedback via the uPortal email lists throughout the process. If you have questions, comments or any other feedback about uPortal documentation and more specifically the uPortal 3.2 manual for now please feel free to chime in on the uPortal email lists or contact Laura directly at mccordl@southwestern.edu

Jim Helwig
uPortal Steering Committee Chair

================================================================

Bedework

Who’s using Bedework? – You tell us

On the new Bedework presence on the Jasig website, http://jasig.org/bedework, we have adopted the Jasig project convention (as per CAS and uPortal) of allowing those of you who have deployed Bedework to share the details of your deployment.

On the Bedework.org site, we maintained the who’s using list ourselves, largely through Google searches and mining the Bedework mailing lists. This was certainly more work for us, but the real problem with this approach is that it is not nearly as effective as having the deployers themselves tell their story in their own voice.

Please visit http://www.jasig.org/bedework/deployments, create an account, and share the details of the fine work you have done.

================================================================

Bedework and Internationalization

Bedework was designed to accommodate internationalization. Bedework 3.6, the most recent release, has the most comprehensive changes for internationalization. Recent posts to the Bedework mailing lists indicate that there is more progress to be made with respect to internationalization.

Bedework has been deployed in a number of languages through the work that many of you have done locally. We would like to be able to redistribute your translations as part of the Bedework distribution, as we have done with the Universidad Pública de Navarra in Pamplona, Spain. In order to do so, we will need a Contributor License Agreement (CLA) from you. See http://www.jasig.org/licensing for the CLA form and additional background information.

================================================================

Bedework visits Universidad Pública de Navarra

Jonathan Markow, Jasig Executive Director, and I, at the invitation of the Universidad Pública de Navarra (UPNA), a long-time Bedework contributor and uPortal site, presented at the The Sectoral Committee on Information Technologies and Communication of the Conference of Rectors of Spanish Universities (CRUE-TIC) at the Public University of Navarra, June 14-15. CRUE is a nonprofit association made up of 71 Spanish public and private universities.

Although the conference was held in Spanish, the hosts, Dr. Alfonso Carlosena, Vice President for Research at the Public University of Navarre, and Dr. Javier Uceda Antolin, President of CRUE-ITC and Rector of the Polytechnic University of Madrid, graciously allowed us to give our presentations in English. 

We were introduced by Javier Franco, coordinator of the CRUE-TIC International Relations Group andITC Services Director at Universidad de Santiago de Compostela.

Jonathan presented on Jasig and its projects, and I followed with a presentation about Bedework, open source and community source, and finally what I referred to as “un mundo, un calendario" – “one world, one calendar”.  Jonathan and I both stressed our Bedework/Jasig desire to see greater collaboration with our European colleagues.  A lively Q&A session followed our presentations. 

The conference presented many opportunities to engage CRUE-TIC leadership and members in conversation. In addition to the leadership mentioned previously, we also had the opportunity to speak with Juan Antonio Caballero Molina, Coordinator of the CRUE-TIC Open Source Group, and Vice President for Information Technology and Communication at the University of Córdoba.

At UPNA, we had the pleasure of speaking with Dr. Julio Lafuente López, president of the University and a great advocate of open source, and Belén Altuna, Director of the Library. 

On Tuesday, Jonathan and Juan Cruz Ruiz de Gauna produced Bedework screencasts in Spanish. Later, again in Spanish, we did video interviews with Juan Cruz, Carlos Alonso, and Ana Rodríguez Mazquiarán.

Overall, we were very impressed with the IT work being done in the Spanish universities, and we were completely overwhelmed by the gracious hospitality of our UPNA and CRUE-TIC hosts. We would especially like to thank Bedework-ers Juan Cruz Ruiz de Gauna and Carlos Alonso Vega, their UPNA colleagues, and their Director of Information Services, Ana Rodríguez Mazquiarán for making our visit so memorable. 

Information about CRUE-TIC and the Universidad Pública de Navarra can be found at: http://crue-tic.uji.es/http://www1.unavarra.es/actualidad/congresos?contentId=132404http://agenda.unavarra.es/

Gary Schwartz

================================================================

AROUND JASIG

Jasig 2010 Elections - Call for Nominations

Jasig is pleased to announce the opening of nominations for the Board of Directors, the uPortal Steering Committee, and the CAS Steering Committee.

Jasig, Inc. is a non-profit, 501(c)3, international consortium of educational institutions and commercial affiliates supporting community-driven, open source software development and promoting open system architectures for higher education.

JASIG BOARD

The Board is the group that manages strategic direction and policy for the entire organization, oversees all projects and events, provides shared infrastructure, and takes responsibility for the licensing and protection of intellectual property. The board also ensures that project management is consistent with the organization’s mission, and makes sure that Jasig operates within its fiscal resources.

The 2010 elections will fill four (4) vacant Director positions that will result from an annual planned cycling of Board positions. Board Directors shall serve for a term of three years. Board Directors may serve two consecutive terms, if re-elected.

UPORTAL STEERING COMMITTEE

The uPortal Steering Committee will be filling two (2) stakeholder positions. uPortal Steering Committee members serve for a period of two years and may be re-elected to a second consecutive term.

CAS STEERING COMMITTEE

The CAS Steering Committee will be filling three (3) open stakeholder positions. Committee members serve for a one-year period and may be re-elected to a second consecutive term.

Steering committees serve as advocates for their project. They exercise strategic and operational oversight, encourage broadened support, and seek to increase participation from the community.

REQUIREMENTS FOR SERVING

The slates for these committees are open to all. While voting is conducted by Jasig members, membership is not required to serve.

These committees, and board, meet in person at least twice a year at Jasig events or at such times and places as designated by the Chair. Members are expected to attend monthly meetings and regularly conduct business electronically. The Board of Directors meets monthly by video-conference. Directors may phone in when they are not able to participate by video. The other committees meet monthly by teleconference.

Prospective board and committee members should be prepared to serve in a proactive way. If elected, they are asked to take on oversight responsibilities, recruit others in the community to help out, when appropriate, serve as spokespeople for the organization or project, and occasionally lead initiatives on behalf of Jasig and its projects. The time commitment is manageable, usually amounting to several hours a month. Some key success factors are good communication skills and a keen desire to be helpful!

Board and Committee members are not compensated for their work. Nominees will be expected to confirm that their organizational leadership approves of this commitment of time if elected.

ELECTION PROCESS

Nominations for all positions must be emailed to elections@ja-sig.org no later than 5:00 PM EDT (GMT-4) on Friday, July 9, 2010. As stated earlier, anyone can be nominated to stand for election to these positions. Self-nominations are also encouraged. Receipt of any nomination you submit will be confirmed. The Jasig Election Coordinator will notify all nominees and confirm their willingness and ability to run for election. If they agree, a short bio and a personal statement will be solicited and posted on the Jasig wiki.

Following the nomination period, elections are scheduled to be conducted for a period of two weeks via email, beginning Monday, July 19, 2010, with results announced soon after Thursday, July 29, 2010. Votes will be submitted by the designated Community Liaisons representing our member organizations. More complete directions for voting will follow. Newly elected committee members and board directors will join group meetings during the summer and officially assume their new responsibilities in September, 2010.

A current list of Jasig Members eligible to vote include the Institutional Members and Jasig Partners on the Jasig wiki.

Thank you very much for helping us present the most qualified slate of candidates. We look forward to hearing from you soon.

Deborah K. Smith, Election Coordinator and Jasig Administrator
CONCENTRA-CMS

================================================================

Sakai Project Manager Position Open

Sakai is looking for a new breed of Project Manager. The vibrant, broadly distributed, very diverse next generation Sakai project needs a PM who can coordinate an agile development team with a focus on inclusion, participatory design and broad community engagement. If you are excited by this opportunity to explore new territory as part of the Sakai team, please see

http://sakaiproject.org/news/sakai-3-project-manager-job-description

for details and application instructions.

================================================================

Kuali Days Call for Proposals

Dear Jasig Community,

The Kuali Foundation just opened up a Call for Proposals for our Kuali Days 2010 conference. This is the first Call for Proposals that we have ever done, and we're working hard to make sure that word gets out. We are also hoping that some of our sister communities like Jasig will take advantage of the Other Topics track to submit presentations and come to Kuali Days.

Thank you!
Zach

Zachary Naiman, Kuali Member Liaison
Email: zach at kuali.org

Kuali Days: http://kuali.org/kd/kd2010

================================================================

Contegix Becomes Newest Jasig Partner

Contegix, a leading provider of internet infrastructure intelligence and hosting management services, announced that it has joined Jasig, the not-for-profit consortium which provides a collaborative environment to foster the development of open source technologies and software for higher education.

Contegix will be providing hosting and managed support of the Jasig Internet infrastructure. This will allow the organization to focus on its core business – the development of their software products and support of the growing community. The new Jasig infrastructure is built on Contegix’s stable platform and is fully managed 24x7 by Contegix engineers. Thus, it will greatly reduce the time spent doing troubleshooting and support internally.

"A few years ago, many people still questioned the use of open source software in higher education," says Matthew Porter, CEO and Co-Founder of Contegix. "Organizations such as Jasig are showing that through collaboration amongst institutions and commercial parties, open source software and related projects can enable future advancements in the higher education environment. Jasig’s projects enable many global educational institutions to benefit from the contributions of a highly technical community and we are proud to support this endeavor."

As a company, Contegix believes strongly in the open source community, the Linux community, and the power of the entrepreneur in the social web since it was founded. For this reason, mixed with the desire as an organization to give back to the community, they sponsor individuals, organizations, and their respective projects for the betterment of all.

"We're very pleased that Contegix has joined us as our newest Jasig Partner," said Jonathan Markow, Executive Director of Jasig. "We have already migrated our infrastructure applications to their facilities, and they have more than lived up to their excellent reputation for technical know-how, project management skills, and customer service. We couldn't be more satisfied with their support. We welcome Contegix to the Jasig community and look forward to working together with them."

About Contegix, Inc.

Contegix is a technology firm known for delivering exceptional customer service and internet infrastructure intelligence. Their dedicated staff of engineers provide solid solutions to complex business challenges in the areas of hosting, cloud computing, co-location and infrastructure management services. Founded in 2004, Contegix was listed as the Linux Journal’s Reader’s Choice Award for Favorite Linux-Friendly Web-Hosting Company, and has built a solid industry reputation entirely based on delivering peace of mind to valued clients. They serve clients in range of industries - from innovative technology start-ups to Fortune 500 companies.

================================================================

UPCOMING EVENTS

The Jasig Fall 2010 Unconference is Coming!

DATES:
October 18-20, Unconference sessions
October 21, Developer meetings

PLACE:
University of St. Francis
500 Wilcox St., Joliet, IL 60435

REGISTRATION FEE:
$225 - Jasig Members
$275 - Non-Members
(Includes Mon/Tue/Wed Lunch, and Snacks)

Registration at: https://www.concentra-cms.com/register/start.action?confId=46

ACCOMMODATIONS
Harrah's Joliet
151 N. Joliet Street, Joliet, IL
Reservation Line: 800-Harrahs (1-800-427-7247)
Hotel Direct #: (815) 740-7800
Room rate: $88.99 plus tax per room. Includes breakfast voucher for breakfast in the Union Station Buffet.
Rooms must be booked by 10/3/2010 to get the guaranteed rate.
Reference group code "S1017JC" to get the special Jasig rate.

WHAT'S AN UNCONFERENCE?!

"An unconference is a conference where the content of the sessions is driven and created by the participants, generally day-by-day during the course of the event, rather than by a single organizer, or small group of organizers, in advance." -Wikipedia

Jasig has always been about people coming together to share and learn in an open environment, and this is what an "unconference" is all about.

This fall event will provide both spontaneous and planned opportunities to collaborate on all Jasig community initiatives as well as initiatives from other community open source projects. This year we plan to continue discussions begun at the June Internet2/EDUCAUSE/Jasig Identity and Access Management ACAMP, as well.

Mark your calendar and make plans to join us! More information about the Unconference will be available soon.

WHAT ARE WE GOING TO DO?

It's up to you. Ideas people are talking about so far include the following:

Lightning Talks - Volunteers talk for up to 8 minutes. Any topic goes.
Workshops - Bring your uPortal, portlet, CAS, Bedework, or IdM code or design or requirements and work on them with core developers.
Birds of a Feather Sessions - Discuss common interests, issues, problems with colleagues.

Strategic Planning - What should Jasig be focused on next year? In three years? Join the conversation.
Newbie? Meet the experts and get individualized help.
How-to's. How-not-to's. Tips and techniques.

The final schedule will be determined in real-time, interactively with the attendees.

More information will be available soon. See you at the Unconference!

-The Fall 2010 Jasig Unconference Organizers

================================================================

OSCON 2010 Open Source Convention - Portland, Oregon (July 19-23, 2010)

"OSCON welcomes everyone passionate about open source, from developers, designers, trainers, and programmers to sys admins, IT managers, hackers, and entrepreneurs.

This year's OSCON takes place July 19-23, 2010 at the Oregon Convention Center in Portland, Oregon. Make plans to make it happen with open source this summer!"

Source: http://www.oscon.com/oscon2010
Twitter Tag: #OSCON

================================================================

2010 EDUCAUSE Annual Conference - Anaheim, California (October 12-15, 2010)

"In the realm of higher education information technology, no other event brings together more powerful, creative minds in the field than the EDUCAUSE Annual Conference…

CONNECT with colleagues and explore solutions to today’s common higher ed IT challenges.
EMPOWER action by uncovering new ways to enhance your campus’s resources and policies.
REVITALIZE and ignite ideas that help you navigate and shape our ever-changing future.

The EDUCAUSE Annual Conference unites the best thinking in higher education IT by bringing together insightful people, innovative research, supportive companies, and useful resources...providing you opportunities to:

  • Network with peers who share similar interests and concerns
  • Explore 7 tracks, more than 250 sessions, and over 200 exhibitors
  • Discover Point/Counterpoint, Lightning Round, In the Hot Seat, and Discussion Sessions
  • Refresh & Renew by learning from nearly 500 forward-thinking, inspirational speakers

Whether your focus is on administration, teaching and learning, information technology infrastructure, information systems, cybersecurity, policy, library systems or information technology leadership, there's something at the annual conference for you."

Source: http://net.educause.edu/E10

================================================================

TECH CORNER

"Unplutofy" your Portlets

Gary S. Weaver of Duke University released the "unplutofy" project in GitHub. Unplutofy is a utility for those that need to undeploy JSR-168 portlets in preparation for redeployment to a portal that uses a different version of Apache Pluto. This would be of interest to those with deployed portlets that wish to upgrade their portal and to those that wish to migrate portlets to/from another portal. It would also be useful in cleaning up portlets accidentally deployed multiple times. For more information, see: http://github.com/garysweaver/unplutofy

================================================================
================================================================

Jasig Newsletter - June 2010

Editor: Mark Rogers (University of Manitoba)

Past editions of the Jasig Newsletter can be found in the Jasig wiki at:
http://www.ja-sig.org/wiki/display/JSG/Newsletter

================================================================
================================================================