Scope

As I presented my thesis, I had to define a scope. The world of CMS is a large, complex and deals with multiple scales and platforms, ranging from global enterprise content management (with proper intranets, DAM, DRM, and the lot) to small single site web publisher software.

To reduce the scope I laid my approach to the following areas:

-One platform (java)
-One market (open source)

Focusing on these two, the second in particular (open source can mean many things) can be risky, but it's better than enveloping the whole CMS business.

The other day I was contacted by Benjamin Mestrallet, founder of the eXo platform, as he had naturally taken some interest in this blog. I realized that eXo fits quite nicely into the scope of my thesis. This means that I will have to analyse the eXo platform in the same way I have started off with Magnolia.

I know there are some more open source WCMS around (http://java-source.net/open-source/content-managment-systems), but I try to remind myself that some of these can be licensing boobytraps. Currently, even Magnolia is using a proprietary component which is not allowed for commercial use.

eXo is also subject of some licensing flaming. I quote an anoynmous person, though I'm sure a google search will disclose him: "BTW, these dual GPL/commercial licences like eXo make me puke. These are plain commercial entities surfing the marketing wave of free software to sell their stuff in a traditional way. I have nothing about classical runtime licences, except when they're hidden behind GPL smoke. ".

I have to add that I have not experienced Benjamin to be such a commercial entity. I've seen him speak in real life, and he seems to be an enthusiastic believer in open source. I won't make up my license opinion at this point, but it is a possible scope to focus on the business friendly licenses (ASL, BSD, LGPL). It would at least mean fewer open source solutions to analyse, and less work for me :D

Comments

Open source CMS evaluations

I have now seen three more or less serious open source CMS reviews. First guy to hit the field was Matt Raible ( 1 2 3 4 ), ending up with Drupal , Joomla , Magnolia , OpenCms and MeshCMS being runner-ups. Then there is OpenAdvantage that tries out a handful ( Drupal , Exponent CMS , Lenya , Mambo , and Silva ), including Plone which they use for their own site (funny/annoying that the entire site has no RSS-feeds, nor is it possible to comment on the articles), following Matt's approach by exluding many CMS that seem not to fit the criteria. It is somewhat strange that OpenAdvantage cuts away Magnolia because it "Requires J2EE server; difficult to install and configure; more of a framework than CMS", and proceed to include Apache Lenya in the full evaluation. Magnolia does not require a J2EE server. It runs on Tomcat just like Lenya does (maybe it's an idea to bundle Magnolia with Jetty to make it seem more lightweight). I'm still sure that OpenAdvant...

Encrypting and Decrypting with Spring

I was recently working with protecting some sensitive data in a typical Java application with a database underneath. We convert the data on its way out of the application using Spring Security Crypto Utilities . It "was decided" that we'd be doing AES with a key-length of 256 , and this just happens to be the kind of encryption Spring crypto does out of the box. Sweet! The big aber is that whatever JRE is running the application has to be patched with Oracle's JCE in order to do 256 bits. It's a fascinating story , the short version being that U.S. companies are restricted from exporting various encryption algorithms to certain countries, and some countries are restricted from importing them. Once I had patched my JRE with the JCE, I found it fascinating how straight forward it was to encrypt and decrypt using the Spring Encryptors. So just for fun at the weekend, I threw together a little desktop app that will encrypt and decrypt stuff for the given password...

The Git Users Mailing List

A year ago or so, I came across the Git-user mailing list (aka. "Git for human beings"). Over the year, I grew a little addicted to helping people out with their Git problems. When the new git-scm.com webpage launched , and the link to the mailing list had disappeared, I was quick to ask them to add it again . I think this mailing list fills an important hole in the Git community between: The Git developer mailing list git@vger.kernel.org - which I find to be a bit too hard-core and scary for Git newbies. Besides, the Majordomo mailing list system is pretty archaic, and I personally can't stand browsing or searching in the Gmane archives. The IRC channel #git on Freenode, which is a bit out-of-reach for people who never experienced the glory days of IRC. Furthermore, when the channel is busy, it's a big pain to follow any discussion. StackOverflow questions tagged git , these come pretty close, but it's a bit hard to keep an overview of what questio...

Git tools for keeping patches on top of moving upstreams

At work, we maintain patches for some pretty large open source repositories that regularly release new versions, forcing us to update our patches to match. So far, we've been using basic Git operations to transplant our modifications from one major version of the upstream to the next. Every time we make such a transplant, we simply squash together the modifications we made in the previous version, and land it as one big commit into the next version. Those who are used to very stringent keeping of Git history may wrinkle their nose at this, but it is a pragmatic choice. Maintaining modifications on top of the rapidly changing upstream is a lot of work, and so far we haven't had the opportunity to figure out a more clever way to do it. Nor have we really suffered any consequences of not having an easy to read history of our modifications - it's a relatively small amount of patches, after all. With a recent boost in team size, we may have that opportunity. Also the need for be...

Managing dot-files with vcsh and myrepos

Say I want to get my dot-files out on a new computer. Here's what I do: # install vcsh & myrepos via apt/brew/etc vcsh clone https://github.com/tfnico/config-mr.git mr mr update Done! All dot-files are ready to use and in place. No deploy command, no linking up symlinks to the files . No checking/out in my entire home directory as a Git repository. Yet, all my dot-files are neatly kept in fine-grained repositories, and any changes I make are immediately ready to be committed: config-atom.git -> ~/.atom/* config-mr.git -> ~/.mrconfig -> ~/.config/mr/* config-tmuxinator.git -> ~/.tmuxinator/* config-vim.git -> ~/.vimrc -> ~/.vim/* config-bin.git -> ~/bin/* config-git.git -> ~/.gitconfig config-tmux.git -> ~/.tmux.conf config...