Dashboard > ESOE Developers > Home > GSOC 2008
  ESOE Developers Log In   View a printable version of the current page.  
  GSOC 2008
 Browse Space
Added by Bradley Beddoes, last edited by Bradley Beddoes on Mar 18, 2008  (view change)
Labels: 
(None)

The Google summer of code 2008 is now up and running again and this year we are entering this ESOE as a project which will hopefully be accepted as a valid open source effort by Google for some development time by some talented students.

Ideas

Currently we have the following ideas for students to work on during the GSOC (this list is currently ongoing feel free to add suggestions via the users/developers mailing lists) :

  • Looking at the ESOE automated testing environment and correcting some of the test cases which are currently broken due to various environment factors. Along side this with GridGain, grid enabling our test suites to really distribute out some of the heavier test cases which when running sequentially do take some time to respond. Grid Gain is very innovative OSS work and we would benefit from its work.
  • Extending the number of out of the box authentication plugins we support, currently this is just LDAP and Kerberos. Look at providing flexible options for database schemas, flat files and other SAML 2 authentication authorities as per SAML 2.0 specification (HTTP GET, POST, Artifact).
  • Right now the ESOE SAML 2 SSO endpoint is not pipelined. Migrate our flexible authenticator pipeline conceptual model to the SSO endpoint to allow for more flexible customized progressing of SAML documents on ingress and egress.
  • Add XML document encryption support via Xerces and Apache XML Security in addition to our current XML Signature support.
  • Continue to examine and update the ESOE dependency matrix to the latest versions of all required libraries, dealing with issues and making recommendations associated with each modification while keeping our automated dependency resolver based on Ivy in complete working state. This would additionally include coming up with a neater (non raw SCP) method of promoting required binaries up into our supported Ivy repository using some form of webportal which may be useful for contribution to the Ivy project longer term.
  • Investigate free/open source build tools for security and code quality auditing and implement as part of the standard build process. Examples of possible tools that perform static analysis of Java code are FindBugs, Jlint etc. Also investigate free/open source dynamic analysis tools.

Of course ESOE is a bleeding edge service with many internal components, we'd be willing to listen to ideas for any one of them. If you'd like to implement the full XACML 3.0 spec for example then we'd love to hear about your idea

Submission

We have now made our submission to Google. This will be updated with the outcome on success or otherwise.

Outcome

Unfortunately with over 500 submissions and only 175 places available ESOE has missed out for 2008, we'll try again in 2009!.

Having said that we are still more then happy for more developers to join the project please contact us on the developer mailing list!.
Site running on a free Atlassian Confluence Open Source Project License granted to Enterprise Sign On Engine (ESOE). Evaluate Confluence today.
Powered by Atlassian Confluence, the Enterprise Wiki. (Version: 2.5.5 Build:#811 Jul 25, 2007) - Bug/feature request - Contact Administrators