Apachecon, build and -management with Ant, Ivy, Maven security with Triplesec

Here’s an more detailed story on ApacheCon! I write the article in English, as some of my colleagues are be interested. The company being quite international, many of my colleagues don’t speak Dutch.

I’ve seen a lot of interesting lectures (and spoke interesting people). Very interesting were lectures about Ant, Maven and Ivy, all build- and package-management tools.
Everyone in software development with or involving Java most likely knows Ant, and probably uses it too. At Thursday there was a lecture about Extending Ant, with custom tasks.
You can build custom tasks, using scripting-languages available for java, like Jython, JRuby or Groovy, by using the scriptdef task. Then your custom task can be used from within your Ant file. Along with the built-in API of Ant, you can do complex operations as well in your Build-files.
Of course, if you start developing software in Ant, you need to create unit-tests for the code as well. You can do this with the antunit task.

I had created some nice sample code, unfortunately, it was lost because of the way the visual editor of my weblog works. However, on the website of Ant you can find fine tutorials, which make the sample code not necessary anyway.
I also saw an introductionairy lecture on Maven. I know Maven a little, but it’s not used in my project very extensively.
Finally I saw a lecture on Ivy. Similar to Maven, Ivy seems especially useful, if you already have a lot of Ant tasks. Unlike Maven, Ivy is only a package-management tools, but not a build-tool.
In the Q&A sessions after the lectures, the question arose, Maven or Ivy? It depends (how cliche) on the situation. Ivy has as great advantage it works as a plugin for Ant, and provides depency-tracking only. If you already have an extensive build-system with Ant, Ivy can be easier to introduce than Maven.
However, if you’re just starting or only have a few Ant-scripts, Maven seems the best way to go: everything is working out-of-the-box. Maven’s use of plugins, rather then scripts forces your build-environment to be more structured.

Finally, I also went to a lecture on TripleSec. This project was very promising and interesting. Everyone probably has a dozen security related passes (bank, acces, library, etc.) and one or more authentication systems like for online-payment, remote access etc. What the project promised was a uniform and easy way to add dongle- or ‘digipass’ like security to your application.
Once installed, a user can login using his mobile phone. When the user logs in for the first time, a tiny java-application using SMS is installed on the telephone (after confirmation of the user of course). Using the application the user can generate a key to login. When the user logs in for a second time, she can use the same application to generate a new code, without the need to download the application again.
All in all, you can have security that is similar to the system banks use, dongles using a telephone. It’s cheaper to develop, and the user doesn’t need to carry a lot of devices to login.

All in all, very interesting lectures. So, this article was in my draft for a long time. Inspired by an article on RET, I decide to publish it!