Tag Archive for 'access control'

Scalable and Secure Git

Now that WANdisco has released an integration between Git MultiSite and GitLab, it’s worth putting the entire Git lineup at WANdisco into perspective.

Git MultiSite is the core product providing active-active replication of Git repository data. This underpins our efforts to make Git more reliable and better performing. Active-active replication means that you have full use of your Git data at several locations, not just in a single ‘master’ Git server. You get full high availability and disaster recovery out of the box, and you can load balance your end user and build demands between several Git servers. Plus, users at every location get fast local read and write access. As one of our customers recently pointed out, trying to make regular Git mirrors work this way requires a few man-years of effort.

On top of Git MultiSite you have three options for user management, security, and collaboration.

  • Use WANdisco’s Access Control Plus for unified, scalable user and permission management. It features granular permissions, delegated team management, and full integration with SVN MultiSite Plus for unified Subversion-Git administration.
  • Use Gerrit to take advantage of powerful continuous review workflows that underpin the Android community.
  • Use GitLab for an enterprise-grade social coding and collaboration platform.

Not sure which direction to take? Our solution architects help you understand how to choose between Subversion, Git, and all the other tools that you have to contend with.

Version Control In The Enterprise

Apache Subversion is gaining increasing popularity within the enterprise and, when you consider all the potential benefits, it’s easy to see why. Client requirements change, and new features can sometimes cause more problems than they fix. In these situations, Subversion effectively provides you with an undo button, allowing you to write some code, realise it doesn’t work, revert to a previous revision, write some more code that does work – and finally receive new client requirements and restore the original version of your project, ready to start again from scratch. Without Subversion, the above situation would have to be managed manually, but SVN provides all the functionality you need to make such situations as straightforward as possible.

Still on the fence about whether Subversion has a place in the enterprise? Here are our top three reasons, for keeping your enterprise projects under SVN’s version control:

  • Easy Collaboration – Subversion makes collaboration easier by allowing multiple developers to access the same code in a central repository, regardless of geographical location. This is invaluable in distributed, global organisations.
  • Keep Up to Date With Changes – Subversion keeps development teams synchronized with the latest changes in the central repository. Developers can pull all the latest changes into their working copy with a simple ‘svn update’ command.
  • Revert to Previous Revisions – Subversion’s version tracking functionality allows you to recover previous versions of your project without the hassle of manually unpicking your changes. This is useful if you have implemented changes that haven’t worked out, or turned out to be unnecessary. In some situations, it may even be quicker to revert to an earlier revision and then re-implement only the changes that worked, rather than trying to isolate and remove specific changes. Having an easy way to restore previous revisions when development teams hit difficulties, can also have a big impact on maintenance costs.
  • Improved Productivity – Ultimately, Subversion improves developer productivity. It allows multiple developers to work on the same project, at the same time, and imposes conventions that mean complications caused by accidental overwrites, lack of communication and manual merging, are less likely. Whenever defects are introduced, version control gives you the option of rolling back to a time before these defects found their way into your project.

Interested in seeing how Subversion could benefit your enterprise projects? 15 day free trials of both our Subversion MultiSite and Subversion Access Control products are available now.

 

uberSVN Update for ‘Chimney House’ Users

We’re pleased to announce an update to uberSVN ‘Chimney House’ that includes a new and improved manageAPPS page and LDAP enhancements.

uberSVN ‘Chimney House’ 3 features plenty of improvements, including:

  • Improvements to uberSVN APIs and internal development of uberSVN SDK (public release coming soon!)
  • New manageAPPS page allows you to see metadata attached to your APP license, such as expiry date, number of named users, and more.
  • Further improvements to the way uberSVN handles LDAP and LDAPS.
  • The latest Apache Subversion 1.7.5 binaries set to active by default.
  • A list of bug fixes, including some fixes and alignment of the uberSVN Access Control Team Leader and uberSVN Delegated Team Admin (where uberSVN Access Control is active)

You may have already heard, but with the latest release of Chimney House, we’re splitting uberSVN’s release cycle into two distinct phases. At least a few weeks before an update is released to the entire uberSVN user base, we’ll be giving our Latest Release Channel users a sneak preview of upcoming features and functionality. These users will get to test new features and see how they fit into the ALM environment before the update becomes widely available. Interested? Check out our blog post announcing the Latest Release Channel for more info.

For the full list of bug fixes, new features and improvements in uberSVN ‘Chimney House’ Release 3, see our Release Notes.

Not yet using uberSVN? It can be downloaded for free from http://www.ubersvn.com/

avatar

About rbudas

Rob Budas has over 25 years of software industry experience, with the last 15 years focused on the Software Configuration Management sector. Prior to joining WANdisco, Rob had worked at IBM Rational for 8 years where he was a Sr. Product Manager for Rational ClearCase. He has held various development, technical sales and product management roles throughout his career. Rob holds a Bachelor of Science in Computer and Communication Science from the University of Michigan.

Apache Subversion: Access Control Options

Subversion Access Control is a security solution for Apache Subversion that goes well beyond what SVN can provide on its own. To fully understand the benefits of Subversion Access Control, we’ll first look at the fundamental technical differences between Subversion’s built-in security functionality, and WANdisco’s Subversion Access Control product.

Apache Subversion…….

In Apache Subversion, user authentication is performed either through a local passwd file or from an LDAP or Active Directory server. Apache also provides an Authorization Layer for defining more granular control of repository objects, but managing text based rules through the Authz file can become difficult as the number of users and repositories inevitably increases.

…..v.s Subversion Access Control

Subversion Access Control is implemented as a proxy from the local Subversion server. It works directly with your LDAP or Active Directory, meaning you can keep your existing setup.

But what can Subversion Access Control offer you? Here are our ten top features of Subversion Access Control:

1) Easy to install, with no retraining required! Subversion Access Control requires no changes to clients or backend servers, meaning that you can continue to use the Subversion technology you’re familiar with.

2) Easy to use, point and click interface.

3) Access control made easy! The ability to implement and maintain complex security policies with minimal effort.

4) Audit capabilities – every repository access attempt down to the file level is reported, showing user ID, Subversion command, date and time, IP address of the client machine used, and whether access was allowed or denied

5) Unlimited access control – Subversion Access Control can support any size of development organization with any number of repositories and access control rules.

6) Delegated admin – this option allows the root administrator to create teams and delegate admin authority to team leaders.

7) Automatic LDAP synchronization – Subversion Access Control automatically picks up LDAP user and group membership changes and assigns new users to the Subversion team that corresponds to their LDAP group.

8) Instant alerts – your security administrators receive immediate alerts for any access violations.

9) Integrated seamlessly with Subversion MultiSite – Subversion Access Control can be implemented standalone, or in combination with Subversion MultiSite for distributed development teams. With Subversion MultiSite, security policy changes made at one location are immediately replicated to every other to enforce consistency across all sites.

10) Available for uberSVN! – uberSVN is the free, open ALM platform for Apache Subversion that has won a string of industry awards and received an overwhelmingly positive response from the Subversion community. For those who want to combine this award winning platform with a fully functional security solution, Access Control is available through the uberAPPS store.

Here’s just some of the benefits of deploying this enterprise-level Access Control functionality with uberSVN:

  • Full authorization/authentication
  • Define Access Control rules through a simple point-and-click interface
  • Delegated admin control
  • Define control within each Team/sub-Team to a granular level
  • Assign Team Leaders
  • Audit capabilities
  • Support for ecosystems without internet access

Interested in finding out more about access control options? We’ll be running a free Subversion training webinar on November 15th that covers the pros and cons of the following methods of access control:

  • Apache Subversion access control
  • Hook scripts
  • uberSVN
  • Subversion Access Control from WANdisco

Visit the ‘Access Control Options with Subversion’ webinar page now to register. Remember that spaces are limited, so register now to avoid missing out.

WANdisco’s June Roundup

Happy summer! As well as enjoying the nice weather and longer days, this month we announced an exciting update for the uberSVN community.

uberSVN keeps going from strength to strength and, with an ever-growing community of users, we need your feedback more than ever to ensure we continue to deliver the features and functionality you need. Have some thoughts on the uberSVN user interface? Head over to SVNForum.org now to read our proposals for a redesigned Users/Teams tab and a redesigned Admin tab. If you’re a registered SVNForum.org user you can join the discussion by posting at the relevant thread (if you’re not already registered, then signing up is quick and easy!) Alternatively, send us your feedback directly.

We also announced a dedicated channel for keeping in touch with the uberSVN community, the Latest Release Channel. Everyone signed up to the Latest Release Channel will get a sneak preview of upcoming releases at least a few weeks before the rest of the uberSVN user base. This gives you the opportunity to test new features and see how they fit into your ALM environment before the update becomes widely available.

Members of the Latest Release Channel already have access to an update to uberSVN Chimney House. This update features a list of improvements and new functionality, including:

  • Improvements to uberSVN APIs and internal development of uberSVN SDK.
  • Further improvements to the way uberSVN handles LDAP and LDAPS.
  • New manageAPPS page allows you to see metadata attached to your APP license.
  • The latest Apache Subversion 1.7.5 binaries set to active by default.
  • …..and more!

Not on the Latest Release Channel? Expect to see the uberSVN Chimney House update in the Stable Release Channel within the next two weeks. We’ve had a great uptake on the Latest Release Channel so far – if you’re an uberSVN user who wants to make your voice heard, then head over to our blog announcement to find out more.

But it hasn’t all been about uberSVN, we’re pleased to announce that registration for Subversion Live 2012 will be opening shortly!

After getting a great response from the Apache Subversion community in 2011, this year’s conference series is bigger and better than ever, with events taking place in San Francisco (October 10th & 11th) Greenwich, Connecticut: (October 16th & 17th) and London (October 23rd & 24th).

This year’s sessions will include:

  • What’s coming in 1.8
  • Merge & Performance Improvements
  • Hook Scripts
  • Branching & Merging Best Practices

We look forward to meeting up with the Apache Subversion community later this year! In the meantime, be sure to follow @WANdisco and @uberSVN for all the latest conference news.

If you can’t wait until the conference for your Subversion training, we’ve just announced another set of free SVN training webinars for the Apache Subversion community. After receiving lots of feedback, we’ve added another one hour course on branching and merging, alongside plenty of other webinar goodness:

Finally, fancy winning an iPad or a Kindle Fire? You may remember we announced the 2012 Worldwide Developer Survey last month. The survey will help us to build a picture of the developer’s perspective on software development, and trends in the software change and configuration control management tools market. We already announced that, at the end of the Worldwide Developer Survey we’ll make the results available to everyone who took part but we’ve been so pleased with the response that we’re also entering all respondents into a prize draw. The top prize will be an iPad, with two lucky runners-up receiving a Kindle Fire. If you haven’t completed the survey, make sure you send us your answers before 13th July 2012 to be in with a chance of winning an iPad or Kindle Fire.

Good luck!

WANdisco Announces Free Webinars for SVN Community

We hope you’re enjoying our bi-weekly free Subversion webinars! Thank you to everyone who has attended and sent us feedback on what they enjoyed, and what they’d like to see more of. Based on your feedback, we’ve devised another set of free training webinars for the Subversion community.

Here’s what’s coming up over the next couple of months (don’t forget, it’s free to register for any of our Apache Subversion webinars):

1) Hidden Subversion – get ahead of the game, as we share some tricks and techniques that many Subversion users aren’t even aware of.

2) Locking – we cover the Subversion Lock command in detail, including:

  • What is a lock?
  • How do you lock and unlock files?
  • Best practices for avoiding lock conflicts

3) Using Repository Browsers – drill down into the functionality of the Repo Browser, in this one-hour course.

4) Subversion Difference Command – get an overview of the various ways Subversion can compare files and generate meaningful reports.

5) Hook Scripts – these server-side executables can be used for a variety of tasks, including:

  • Automatic email notifications
  • Checkin content validation
  • Automatic backup
  • Specific access control

6) Introduction to uberSVN – an introductory webinar for uberSVN, the open ALM platform for Apache Subversion that’s easy to install, easy to use and easy to extend. This webinar will cover uberSVN’s core capabilities, including:

  • Installation and setup
  • Simplified repository creation and management
  • Team and user administration
  • Social coding capabilities
  • Extendibility with your favorite ALM tools

7) Access Control option with Subversion – need to control access to Apache Subversion repo information, but not sure which option is right for you? This session will weigh up the pros and cons of:

  • Subversion Access Control
  • Hook Scripts
  • uberSVN
  • …and more!

8 ) Branching and Merging – get an intro to the basic concepts of branching and merging, including when to perform a merge and create a branch, the different merge types, and some all-important best practices.

9) Subversion Properties – everything you need to know about SVN Properties! This one hour course will cover:

  • Defining properties
  • Property and “Standards and Procedures”
  • Property name rules
  • Automatic Properties
  • Recursively defining properties
  • ….and more!

Places are limited, so register now to avoid disappointment! And don’t forget to Contact Us if you have any comments, questions or suggestions for future webinars!

WANdisco’s April Roundup

Happy spring! As well as enjoying the warmer weather, everyone at WANdisco has been busy creating and launching a completely redesigned WANdisco.com. We think you’ll agree, it’s a major improvement on our old website:

With this update, we’ve concentrated on making the WANdisco website easier to navigate, and easy to use, with a section dedicated to what WANdisco is all about. Feedback? Suggestions? As ever, please don’t hesitate to contact us – we’re all dying to know what you think about the new-look WANdisco.com.

This month, we were lucky enough to co-host a webinar with our friends at CloudBees. ‘9 Ways to Dominate Development with Jenkins’ taught attendees nine Jenkins best practices that can be easily implemented to make your life – and the life of your team – easier. As if that wasn’t enough, the following week industry expert Adrian Bridgwater co-hosted our ‘Introducing Subversion Access Control 4.1’ webinar, looking at what’s new and noteworthy in the 4.1 release of our security product for Enterprise Subversion. We’re always announcing new webinars for the Subversion community – keep checking our Free Subversion Training Webinars for the latest information.

Users of Subversion’s 1.6 series got an update this month, with the release of Subversion 1.6.18. The full list of what’s new and noteworthy in this release is available in the Changes file and the binaries can be downloaded for free from our website. What’s more, uberSVN users can easily toggle between the latest 1.7 releases of Subversion and 1.6.18, using uberSVN’s ‘SVN Switch’ functionality.

There have also been major changes to uberSVN, the free, open ALM platform for Apache Subversion. With the release of 12.4 ‘Chimney House,’ uberSVN officially came out of beta! A massive thank you to everyone who has downloaded, deployed, and provided feedback on the beta release – we couldn’t have done it without you! As well as taking us out of beta, the 12.4 release introduced many new features, including:

  • New plugin API architecture and core upgrade that allows WANdisco registered plugins to work with uberSVN. We’re particularly excited about this one, as it lays the foundations for future uberSVN SDK releases.
  • Subversion Access Control’s 4.1 LDAP functionality (apart from some advanced features linked directly to Access Control) has been integrated into uberSVN’s ‘Default LDAP’ tab (accessible through the ‘Administration’ section.) This is the feature uberSVN users have requested the most.
  • A new file upload function has been added to the uberSVN Updates tab. This allows us to hand build updates for installations, push updates to users who aren’t connected to the internet, and deliver specialist packages to specific installations.
  • A new option to subscribe to our Latest Release Channel or wait for us to deliver fixes highlighted by our early adopters in a Stable Release Channel. Set your preference within uberSVN.
  • Plus, the usual list of bug fixes, including updates to the activity feed posts.

And, as is tradition, we’re all looking forward to celebrating the release of uberSVN Chimney House, in the venue it’s named after – The Chimney House at Kelham Island, Sheffield.

And in other uberSVN-related news, uberSVN turned one this month! uberSVN, the free, open ALM platform for Apache Subversion is now officially one year old. It’s hard to believe uberSVN has only been around for twelve months: not only has this unique, SVN-based product already been awarded the Made in Sheffield mark and Business IT Innovation of the Year medal, but it’s received a positive response from the community, and fantastic reviews by the IT media. We celebrated with some very special uberSVN cupcakes made by our friends at Fancie. We’re sure you’ll agree, they did a brilliant job!

Thank you for all your support over the past year – and happy birthday, uberSVN!

uberSVN Turns One: What’s Next for uberAPPS?

uberSVN is one year old!

It’s been a great first year for uberSVN, the open ALM platform for Apache Subversion. Not only has this unique, SVN-based product been awarded the Made in Sheffield mark and Business IT Innovation of the Year medal, but it’s received a positive response from the community, as well as some fantastic reviews by the IT media. But, one of the things we’re particularly proud of, is our uberAPPS store. Since it was launched in July 2011, the partnerships and exciting new apps have just kept on coming!

To celebrate uberSVN’s first birthday, we’ll take a look at all of the apps uberSVN users can now get their hands on, simply by visiting the integrated uberAPPS store.

Jenkins

Jenkins is an easy-to-use, continuous integration system that makes it easy to manage and control an application development lifecycle, focusing on build, documentation, testing, and packaging. Using Jenkins with uberSVN has a long list of benefits, including:

  • Easy installation and configuration.
  • Monitor build results by RSS or e-mail to receive real-time notifications on failures.
  • JUnit/TestNG test reporting.
  • Plugin Support: WANdisco approved Jenkins plugins (coming soon!)

Jenkins & uberSVN Professional Support

Need some extra support for your Jenkins + uberSVN installation? Professional Jenkins Support can be purchased easily from inside the uberAPPS store. Our support staff are fully trained Jenkins experts, and we pride ourselves on ensuring that you get the most out of your Jenkins deployment. Or maybe you’re just after Professional Support for uberSVN? We’ve got this covered too! uberSVN support includes:

  • 24-by-7 online, phone and email support.
  • Guaranteed response times.
  • Automated delivery of fixes and upgrades.
  • Global coverage from the US and Europe.

uTest Express

The world’s largest marketplace for software testing services is also accessible through uberSVN! uTest makes it easy for uberSVN users to get their apps professionally tested under real-world conditions, by offering a range of testing types for web, desktop and mobile apps across all the major operating systems. With each uTest project, you’ll receive detailed bug report with screen captures and steps to reproduce the issues; step-by-step results for each testing task you define; and expert feedback on the design, performance and functionality of your app.

uberSVN Starter Pack

A convenient, lightweight support option for uberSVN users who require something more than the community support available for free at our forum, but who do not wish to commit to a termed Subversion or uberSVN Support contract. Our uberSVN Starter Pack is an entry level support service that’s designed to bring tricky support cases to a speedy conclusion. Our uberSVN Starter Packs are the perfect option for small businesses who are looking for a very flexible, pay-as-you-go model.

TortoiseSVN Support

In a perfect world, you’d never need a support contact and everything ‘just works,’ but no software is perfect, and we pride ourselves on keeping your business running smoothly. We provide a ‘safety net’ for TortoiseSVN users, allowing you to gain access to experts whenever you need them, to ensure that your mission critical services have the maximum available uptime.

Subversion Health Check

Rolling out, implementing and supporting Apache Subversion can be challenging if you or your team do not have much experience of managing Subversion environments. There’s a lot to think about. Our less experienced customers usually need some crucial questions answering, before they move forward with Subversion. WANdisco’s Subversion Health Check service provides a pre-implementation or post-implementation audit of your Subversion environment and we’ll work closely with you to recommend the best business strategies for deployment and growth, whilst lowering the cost of maintaining your environment.

Time-Based Consultancy

With our Time-Based Consultancy package, we’ll endeavor to answer all of your questions and guide you through the implementation phase. In some cases, we may even be able to write your code for you. Everyone’s Time-Based Consultancy package will be different, but some of the areas we commonly cover include:

  • Hook script development
  • Performance issues
  • Scalability
  • Backup and recovery
  • Security
  • ……and more!

What does the future hold for uberAPPS?

Put simply: more apps! With apps such as SmartSVN, Jenkins plugins, Assembla, and Sonar still to come, we’re confident that uberAPPS will become the place to go for all your ALM needs.

Is there an app that’s seriously missing from uberAPPS? Or a feature you would like to see added to uberSVN? Please don’t hesitate to contact us with your feedback or use the uberSVN:Suggestions forum, and help us make the next twelve months as successful as uberSVN’s first year!

WANdisco Updates Components of Enterprise Subversion

Following on from the announcement of Subversion Access Control 4.1, we’re pleased to announce a major update to another of WANdisco’s Enterprise Subversion products, Subversion MultiSite. Subversion MultiSite combines WANdisco’s one-of-a-kind replication technology and intelligent load balancing software to ensure that a central Subversion server is no longer a single point of failure or performance bottleneck. Subversion MultiSite delivers optimum performance, scalability and availability, with built-in continuous hot backup, immediate failover and automatic recovery.

Subversion MultiSite 4.1 marks a major update for this Enterprise product, including completely redesigned LDAP support, and a dedicated log for all access control activity. Other key updates include:

  • Full support for HTTPv2, bringing many performance enhancements.
  • Support for pre-commit, pre-lock and pre-unlock hooks, which can be assigned on a per-repository basis and configured straight from the admin console.
  • Support added for multiple admin accounts.
  • An enhanced “Emergency Reconfiguration” procedure that allows any node to be permanently dropped from the replication group, making it far easier to recover from the loss of a node.
  • Improved LDAP and SSL integration.
  • Seamless integration with Subversion Access Control 4.1.

More information on what’s new and noteworthy in MultiSite 4.1, is available at the Release Notes.

The Complete Solution Stack from WANdisco

Subversion MultiSite 4.1 can be implemented standalone or in combination with Subversion Access Control 4.1 for distributed development teams. Subversion Access Control provides full authorization, authentication, access control and audit capabilities that go well beyond what Apache Subversion provides on its own.

Availability

Want to try our Enterprise Subversion components before you buy? Free evaluation downloads of both Subversion MultiSite and Subversion Access Control are available – just fill in the online form to request your copy.

WANdisco Addresses Community’s Source Code Security Concerns

You may have heard that we’ve just announced a substantial update to our Enterprise Subversion Product, Subversion Access Control. Subversion Access Control 4.1 places an emphasis on security by providing full audit, authorization and access control capabilities that go well beyond what Subversion can offer on its own. Subversion Access Control’s underlying architecture protects against the sort of security holes that have resulted in a number of recent high-profile source code thefts from Perforce’s source code management (including the leaking of Norton AntiVirus source code.) With Perforce, the client completely trusts the server, which means the server has complete control over the client user’s account – leaving Perforce users vulnerable to source code thefts.

Understandably, this has left many Perforce customers concerned – and with good reason: in the software industry, source code is the most valuable intellectual property there is. With this current wave of source code management thefts, we think there’s never been a better time to look into source code management solutions that offer built-in security features. Subversion Access Control’s security functionality includes:

  • Support for SSL to securely encrypt all client server communication, ensuring that all data is protected at all levels.
  • A simple graphical interface to manage the three A’s of security (Authentication, Access and Audit!) Users are organized into teams and rules are setup for each team that defines their level of access to one or more repositories or to within a path inside a repository. Administrators can easily setup sophisticated security rules to the system and all user activity is recorded and can be stored in a relational database.

The Complete Solution Stack from WANdisco

Globally distributed teams are at an even greater risk of source code theft. For teams who need that extra security, it is possible to implement Subversion Access Control in combination with our Subversion MultiSite product. This ensures consistent enforcement across all sites by replicating the Subversion Access Control configuration, with centralized management and no performance degradation, by forcing everyone to go through a central server.

Availability

Want to try before you buy? We have a free download of the just-released Subversion Access Control 4.1 and Subversion MultiSite 4.1, ready for evaluation. Just complete the online form, and you’ll be able to trial both of our security products for free. Need more info on how to keep your source code safe from hackers? WANdisco will be hosting a free hour-long ‘Introducing Subversion Access Control 4.1’ webinar on April 12th. Or, if you would like to speak to us directly about your options for source code security, please do not hesitate to contact us.