Presentation is loading. Please wait.

Presentation is loading. Please wait.

Shift Log Tool Refactoring

Published byAlexia Fox Modified over 6 years ago

Similar presentations

Presentation on theme: "Shift Log Tool Refactoring"— Presentation transcript:

1 SLT Refactoring and JWT Authentication: Two Upgrade Proposals M Chavan, ESO

2 Shift Log Tool Refactoring

3 Some History Shift Log Tool was the first ObOps deliverable, 3Q2006
Several developers over the years Scope increased dramatically The context (on- and offline SW) changed as well

4 Very First Version Requirement: keep a log of Science activities

5 Major Change Requirement: react to system events
SchedBlockStarted, etc.

6 Tight Coupling with Online SW
SLT effectively became Online SW Business logic was in the stand-alone tool and in the ACS component New sci-ops requirements required backporting to Online code base Increasingly difficult towards end of cycle

7 Online and Offline Desktop SLT shares code with Web SLT
Desktop was online, Web was offline

8 2015.8 - Decoupling from ACS No business logic in online component
Remove offline dependencies from ACS

9 All is Not Well

10 All is Not Well / 2 Modules are duplicated in every STE
Multiply failure sources We (ObOps) still have an online module Debugging is very difficult Especially from Europe

11 New Architecture A new ACS component writes to a staging DB
SLTs only interacts with their DB

12 New ACS Component Receives and writes CORBA Events
Makes CORBA calls and writes results Limited scope Low maintenance

13 Division of Responsibilities
New ACS component to be written, maintained by SW Ops team ACS experts Close contact with online environment Offline components to be refactored by ObsIF

14 Plan for Cycle 5 Agree on the path forward Spec the new ACS component
Implement and deploy it In parallel to existing implementation? Re-engineer offline modules

15 JWT Authentication

16 Web-based Application Security
Currently using Central Authentication Service (CAS) Was tool of choice when we started Popular in academia (only) Provides Single Sign-On Good for server-side applications

17 Server-side Applications

18 Single Page Applications

19 Single Page Applications
Single Page Applications load only once Communicate async with one or more REST servers Response is used to modify the Web page locally

20 Single Page Applications
Front-end and back-end are clearly separate Front-end: visualization, interaction Back-end: data management, business logic Back-ends may serve non-GUI clients as well Back-ends should be secured

21 Why not CAS for SPAs? No machine-to-machine authentication
Dashboard receives “events” from script AQUA requires services from AQUA/Pipeline Agent SnooPI requires services from AQUA, Project Tracker Requires a complex 3-way “dance” Front-end (JavaScript), REST back-end, CAS Done for SnooPI, no general solution

22 Securing Servers with JWTs
JSON Web Tokens are open standard Transmitting information securely Encoded, digitally signed, optionally encrypted Self-contained: contain all required information User info (authentication/authorization)

23 JWT Pros Apply to SPAs and server-side Web apps
Stateless (JWT itself is the state) Self-contained Only one authentication/authorization DB query Survive auth and app server restarts Support Single Sign-On and -Off Used by VLT, JIRA, and many more

24 JWT Cons No “best practices” (it’s a protocol) No magic bullet
Security always implies tradeoffs

25 Backwards compatibility
ALMA, ESO, NRAO all invested in CAS Any alternatives must provide a path forward and integrate with CAS Browser-based Single Sign-On must be preserved: users must be able to Sign-On with CAS and use JWT-secured resources Sign-On with JWT and use CAS-secured resources

26 Status General concepts fully clarified
Expert panel gave positive feedback Prototype written as proof-of-concept No existing resources available Encouraging results CAS/JWT integration seems viable Protorype soon to be reviewed by expert panel

27 Plan Implement CAS/JWT integrated solution
Migrate existing apps to JWT auth Dashboard back-end SnooPI AQUA/Pipeline Agent User Portal? Investigate whether porting AQUA, Protrack, …

28 Conclusions TO-DO

29 The Atacama Large Millimeter/submillimeter Array (ALMA), an international astronomy facility, is a partnership of Europe, North America and East Asia in cooperation with the Republic of Chile. ALMA is funded in Europe by the European Organization for Astronomical Research in the Southern Hemisphere (ESO), in North America by the U.S. National Science Foundation (NSF) in cooperation with the National Research Council of Canada (NRC) and the National Science Council of Taiwan (NSC) and in East Asia by the National Institutes of Natural Sciences (NINS) of Japan in cooperation with the Academia Sinica (AS) in Taiwan. ALMA construction and operations are led on behalf of Europe by ESO, on behalf of North America by the National Radio Astronomy Observatory (NRAO), which is managed by Associated Universities, Inc. (AUI) and on behalf of East Asia by the National Astronomical Observatory of Japan (NAOJ). The Joint ALMA Observatory (JAO) provides the unified leadership and management of the construction, commissioning and operation of ALMA.

Download ppt "Shift Log Tool Refactoring"

Similar presentations

ALMA Cycle 2 Capability Jongsoo Kim ALMA EA Korea node.

ALMA Cycle 2 Capability Jongsoo Kim ALMA EA Korea node.
Atacama Large Millimeter/submillimeter Array Expanded Very Large Array Robert C. Byrd Green Bank Telescope Very Long Baseline Array The March to Early.

Atacama Large Millimeter/submillimeter Array Expanded Very Large Array Robert C. Byrd Green Bank Telescope Very Long Baseline Array The March to Early.
Atacama Large Millimeter/submillimeter Array Expanded Very Large Array Robert C. Byrd Green Bank Telescope Very Long Baseline Array.

Atacama Large Millimeter/submillimeter Array Expanded Very Large Array Robert C. Byrd Green Bank Telescope Very Long Baseline Array.
ALMA: The March to Early Science Al Wootten, ALMA/NA Project Scientist Cometary Radio Astronomy.

ALMA: The March to Early Science Al Wootten, ALMA/NA Project Scientist Cometary Radio Astronomy.
ALMA TACand the proposal process Lister Staveley-Smith Member, ALMA Review Panel.

ALMA TACand the proposal process Lister Staveley-Smith Member, ALMA Review Panel.
Chapter 7: Client/Server Computing Business Data Communications, 5e.

Chapter 7: Client/Server Computing Business Data Communications, 5e.
Atacama Large Millimeter/submillimeter Array Expanded Very Large Array Robert C. Byrd Green Bank Telescope Very Long Baseline Array.

Atacama Large Millimeter/submillimeter Array Expanded Very Large Array Robert C. Byrd Green Bank Telescope Very Long Baseline Array.
Atacama Large Millimeter/submillimeter Array Expanded Very Large Array Robert C. Byrd Green Bank Telescope Very Long Baseline Array.

Atacama Large Millimeter/submillimeter Array Expanded Very Large Array Robert C. Byrd Green Bank Telescope Very Long Baseline Array.
December 2007Chile Observatories Earthquake Preparedness Workshop1 Atacama Large Millimeter/submillimeter Array ALMA Eduardo Donoso.

December 2007Chile Observatories Earthquake Preparedness Workshop1 Atacama Large Millimeter/submillimeter Array ALMA Eduardo Donoso.
Descripción y Areas del Dpto. de Computación de ALMA (ADC) Tzu-Chiang Shen Gerente del Grupo de Software Departamento de Computación ALMA Joint ALMA Observatory.

Descripción y Areas del Dpto. de Computación de ALMA (ADC) Tzu-Chiang Shen Gerente del Grupo de Software Departamento de Computación ALMA Joint ALMA Observatory.
ALMA Common Software Basic Track Introduction to the ACS Framework.

ALMA Common Software Basic Track Introduction to the ACS Framework.
ALMA Common Software Basic Track Software Engineering Basics.

ALMA Common Software Basic Track Software Engineering Basics.
Workshop in ALMA Logs Prepared by Juan Pablo Gil – Arturo Hoffstadt

Workshop in ALMA Logs Prepared by Juan Pablo Gil – Arturo Hoffstadt
ICT Coordination and Planning Meeting #1 (17-19 April 2013) ALMA Dashboard 1.0 Giorgio Filippi 2013-04-17 The Atacama Large Millimeter/submillimeter Array.

ICT Coordination and Planning Meeting #1 (17-19 April 2013) ALMA Dashboard 1.0 Giorgio Filippi The Atacama Large Millimeter/submillimeter Array.
EA ARC Ken Tatematsu East-Asian ARC Manager. ARC organization Difference between ARCS: NA: concentrated in Charlottesville Europe: distributed in different.

EA ARC Ken Tatematsu East-Asian ARC Manager. ARC organization Difference between ARCS: NA: concentrated in Charlottesville Europe: distributed in different.
A Search for Hydroxlyamine (NH 2 OH) Towards IRC+10216, Orion-S, Orion(KL), SgrB2(N), SgrB2(OH), W512M, W3(IRS5) R. L. Pulliam NRAO / North American ALMA.

A Search for Hydroxlyamine (NH 2 OH) Towards IRC+10216, Orion-S, Orion(KL), SgrB2(N), SgrB2(OH), W512M, W3(IRS5) R. L. Pulliam NRAO / North American ALMA.
The ALMA Software and Release Management Ruben Soto Software Operations Group & Release Manager Joint ALMA Observatory.

The ALMA Software and Release Management Ruben Soto Software Operations Group & Release Manager Joint ALMA Observatory.
ALMA Integrated Computing Team Coordination & Planning Meeting #4 Santiago, 19-21 November 2014 Reporting Software Principles M Chavan, ESO R Soto, ALMA.

ALMA Integrated Computing Team Coordination & Planning Meeting #4 Santiago, November 2014 Reporting Software Principles M Chavan, ESO R Soto, ALMA.
ALMA Common Software Basic Track Component implementation guidelines.

ALMA Common Software Basic Track Component implementation guidelines.
Atacama Large Millimeter/submillimeter Array Expanded Very Large Array Robert C. Byrd Green Bank Telescope Very Long Baseline Array The ALMA Observing.

Atacama Large Millimeter/submillimeter Array Expanded Very Large Array Robert C. Byrd Green Bank Telescope Very Long Baseline Array The ALMA Observing.

Similar presentations

Ads by Google