“Top 10 Open Source Web-Based Project Management Software”

Posted by Piyush Gupta on September 06, 2010

Project management software is not just for managing software based project. It can be used for variety of other tasks too. The web-based software must provide tools for planning, organizing and managing resources to achieve project goals and objectives. A web-based project management software can be accessed through an intranet or WAN / LAN using a web browser. You don’t have to install any other software on the system. The software can be easy of use with access control features (multi-user). I use project management software for all of our projects (for e.g. building a new cluster farm) for issue / bug-tracking, calender, gantt charts, email notification and much more.

Obviously I’m not the only user, the following open source software is used by some of the biggest research organizations and companies world wild. For example, NASA’s Jet Propulsion Laboratory uses track software or open source project such as lighttpd / phpbb use redmine software to keep track of their projects.

You use the following top 10 software for personal or business use. Keep track of all your projects in one place and finish them successfully on time.

#1: Codendi

Codendi is an open-source collaborative development platform offered by Xerox. From only one interface, it gathers, all the needed tools for software development teams: management and versioning of code, bugs, requirements, documents, reporting, tests etc. It is mainly used for managing software project processes.

#2: Redmine

Redmine is a flexible project management web application. Written using Ruby on Rails framework, it is cross-platform and cross-database. It includes calendar and gantt charts to aid visual representation of projects and their deadlines.

#3: ProjectPier

ProjectPier is a Free, Open-Source, self-hosted PHP application for managing tasks, projects and teams through an intuitive web interface. ProjectPier will help your organization communicate, collaborate and get things done Its function is similar to commercial groupware/project management products, but allows the freedom and scalability of self-hosting.

#4: Trac

Trac is an open source, web-based project management and bug-tracking tool. Trac allows hyperlinking information between a computer bug database, revision control and wiki content. It also serves as a web interface to a version control system like Subversion, Git, Mercurial, Bazaar and Darcs.

#5: Project HQ

Project HQ is a collaborative open source project management tool, similar to Basecamp and activeCollab. Project HQ is built on open source technologies like Python, Pylons and SQLAlchemy and is fully database independent. Project HQ uses a structured workflow to assist you in managing your projects.

#6: Collabtive

Collabtive is a web-based project management software that is being published as Open Source software. The project was started in November 2007. It strives to provide an Open Source alternative to proprietary tools like Basecamp or ActiveCollab.

#7: eGroupWare

eGroupWare is a free open source groupware software intended for businesses from small to enterprises. Its primary functions allow users to manage contacts, appointments, projects and to-do lists.

It is used either via its native web-interface, making access platform-independent, or by using different supported groupware clients, such as Kontact, Novell Evolution, or Microsoft Outlook. It can also be used by mobile phone or PDA via SyncML.

#8: KForge

KForge is an open-source (GPL) system for managing software and knowledge projects. It re-uses existing best-of-breed tools such as a versioned storage (subversion), a tracker (trac), and wiki (trac or moinmoin), integrating them with the system’s own facilities (projects, users, permissions etc). KForge also provides a complete web interface for project administration as well a fully-developed plugin system so that new services and features can be easily added.

#9: OpenGoo

It is a complete online solution focused on improving productivity, collaboration, communication and management of your teams. OpenGoo main features include document management, contact management, e-mail, project management, and time management. Text documents and presentations can be created and edited online. Files can be uploaded, organized and shared, independent of file formats.

#10: ClockingIT

ClockingIT is a free Project Management solution, which helps your team stay focused and on top of things.

Other FOSS Project Management Software Projects

  1. JotBug
  2. Bugzilla (only bug tracking)
  3. OpenProj (desktop app – replacement for MS-project)

How do you manage your IT / software and other projects? Are you using a better option? Let us know in the comments.

“Diagrammr – Great tool for quick, sentence-constructed diagrams”

Posted by Piyush Gupta on June 18, 2010

I saw someone on twitter tweet about this useful tool that helps create diagrams with sentences you type.

Watch how easy it is:

  1. First, type in a sentence along like:

    37b5d79cdc2167bb9a93dd12b483f877

  2. After hitting , you get this diagram

    20c9bcb89ec0ed3540d5f8b7073fcfa0

  3. Try typing another

    D7faa05dc378f2ee07cee550937e4b90

  4. Easy yeah?

    509187955d42ed91245499ec24fd0516

  5. Now try to link 2 items together with a verb

    D854c9d2236e0389b9af599bd1be906f

  6. Awesome, it resizes itself nicely!

    53e54f4a3c0e0b2d6f88b36114c4111a

Try it out for free at http://diagrammr.com

Created by Freshlog Storyteller

“How to do XYZ in Agile? “

Posted by Piyush Gupta on June 14, 2010

Clients sometimes ask, “How do you do estimation in Agile?” or, in general “How do you do XYZ in Agile?”. Typically these are people making a transition from non-Agile methods. They often want to hold on to some existing ways of functioning. They would like to blend Agile into their existing processes. There is a problem here. To be agile is not about following a different set of prescribed processes or practices. The only things that matter are:

    * Continuous delivery of valuable functionality
    * Happy team (team includes client)

The agile manifesto starts off by saying:
We are uncovering better ways of developing
software by doing it and helping others do it.
The practices codified under XP (or Scrum) is just documentation of how a bunch of practitioners were able to achieve continuous delivery and happy team. The question, “How do you do XYZ in Agile?” misses the point. It is a relic of “process conformance” mentality. What’s more, I was once asked, “Is it ok to ask for a number of tailorings or deviations from the master process template for agile?” I was speechless. Turned out that the organization still retained the services of a group called SEPG (software engineering process group, a relic of CMM) to define a master process template for agile. Every project was supposed to conform to the template and ask approval for tailorings (tweaking a process/practice) or deviations (omitting a process/practice)!

I think this is a case where ends justify means. If you are achieving continuous delivery and happy team, you are obviously doing something right. It doesn’t matter how Agile it is. If you aren’t achieving continuous delivery and happy team then again it doesn’t matter how Agile your processes are. One might argue that this is watered-down agile. Big deal. Granted, it is definitely wise to go by the book first. It is arrogant/foolish to assume that we are smarter than the book before we begin. After all, the book represents distilled wisdom of practitioners. But it is important to keep an eye on the outcomes. All advice is contextual. It is no use wailing that you have done everything by the book and not getting results. It is dogma to stick to the book in the face of contrary results.

Source : http://www.bunchedin.com/MK5ZQY

“Getting your meta tags on track : RAILS”

Posted by Piyush Gupta on June 05, 2010

Sick of the lame Rails puns in the headlines yet? Great!

Ok, so this post is a kind of ‘Ask the community’ post. How do you deal with meta tags including page titles? We should all know the ideal for titles is to be unique for each page on the site , but how do you go about this the rails way?

Here’s what I do (and it’s just one way of many) :

In my layout/application.html.erb

<title><%= @meta_title %> My Site Name</title>
<meta name="keywords" content="<%= @meta_keywords %>" />
<meta name="description" content="<%= @meta_description %>" />

In my application controller:

  before_filter :meta_defaults
  private

 def meta_defaults
    @meta_title = "Welcome to"
    @meta_keywords = "my keywords"
    @meta_description = "my meta description"
  end

and then in individual actions in my controllers I override the defaults

def view
    @article = Article.find(params[:id])
    @meta_title = "#{@article.name} - "
    @meta_description = @article.short_description
end

I’ve also seen suggestions for using yield and content_for, but to me that is a bit heavy-weight for simple strings.

So, what do you do?

“Dress for the Office to Increase Telecommuting Productivity”

Posted by Piyush Gupta on May 24, 2010

One of the first things new telecommuters like to do is work in their pajamas just to say they’ve done it. As fun as that may be, dressing up for work will boost your productivity.

When you’re dressed for work it sends a message that you’re ready to work. A message to who? To yourself, dressing like you’re about to go take a power nap or plan some racquetball doesn’t send a signal that you’re about to get some serious work done. At the financial blog Lazy Man and Money they write:

Wear Pants – I never thought I’d find myself writing about the basic need to wear pants… but I am. It’s very tempting to just roll out of bed and get working. For me that’s a recipe for failure. For some reason, I subconsciously associate pajamas with “Time to check out stats in my fantasy baseball league.”

When I first started working from home I’d just wear casual clothing. Right now I’m wearing the same business attire I used to wear when I went into an office every day. My principal reason for doing so is that the clothing, aside from flipping a psychological switch that it’s “work time” makes it hard to do non-work stuff. If I notice something that needs to be done around the house—a constant distraction for people who work from home—I’m less likely to go and do it if I’m wearing business attire than if I were just wearing jeans and a t-shirt.

Source : www.bunchedin.com/9Vp1MB

Technorati Tags: , , ,

“Users and Passwords – Rails (Best Practices)” 2

Posted by Piyush Gupta on May 18, 2010

Last week I lost several productive hours resetting my ‘insecure’ password on several websites due to a security breach, if you’ve ever used that site, you’d be well advised to change your password pretty much everywhere. In order to prevent this happening in the future, I figured I’d write up a simple best practices article on handling passwords and authentication. There’s nothing particularly new here, but it’s always worthwhile revisiting the basics.

What Not to do?

Never store your users’ cleartext passwords in your database, no exceptions. The most important reasons is that if your site is compromised or your backup drive lost all your users will be in danger. The attacker will have access to a ready-made list of passwords and the related email addresses which they’ll be able to go off and cause havoc with other websites. The second risk is that any one of your staff members could steal that information and use it to attempt to access other systems where your users have used the same password.

While it’d be nice if users never reused a password, the reality is that nearly everyone does it. We need to be responsible and realistic, and take the necessary precautions to protect our users.

Instead what you should be storing is a hash of the user’s passwords. This will let you verify that the password provided matches the one on file, but will never let you recover that password.

Salting

But just storing a hash of the passwords isn’t enough, this would still leave you open to rainbow attacks where an attacker pre-calculates hashes of millions of passwords, then compares the hashes with the values they’ve stolen from your database. To prevent this you need to salt them. This means storing a small random value against each of your users and adding that to the password before you hash it.

Putting it Together.

So this leaves us with a user model with two relevant columns, salt and hashed_password, leaving us with a simple migration like:

create_table :users do |t|
  t.string :email
  t.string :hashed_password
  t.string :salt
end

We’ll also need two kinds of method on the model itself, hashing methods and verification methods. We’ll cover the hashing methods first:

require'digest/sha2'
  class User ActiveRecord::Base
    # Create two virtual (in memory only) attributes to hold the password and its confirmation.
    attr_accessor:new_password,:new_password_confirmation
    # We need to validate that the user has typed the same password twice
    # but we only want to do the validation if they've opted to change their password.
    validates_confirmation_of :new_password, :if => :password_changed?
    before_save :hash_new_password, :if => :password_changed?
    # By default the form_helpers will set new_password to "",
    # we don't want to go saving this as a password

   def password_changed?
     !@new_password.blank?
   end

   private # This is where the real work is done

   def hash_new_password
     # First reset the salt to a new random string.  You could choose a
     # longer string here but for a salt, 8 bytes of randomness is probably
     # fine.  Note this uses SecureRandom which will use your platform's secure
     # random number generator.
     self.salt = ActiveSupport::SecureRandom.base64(8)
    # Now calculate the hash of the password, with the salt prepended, store
    # store that in the database
    self.hashed_password = Digest::SHA2.hexdigest(self.salt + @new_password)
  end
end

Of note here is the salt, it’s set to a new random value every time the user changes his password, this will come in handy another day. The next method we need to implement is the authentication method.

Class User < ActiveRecord::Base
   # As is the 'standard' with rails apps we'll return the user record if the
   # password is correct and nil if it isn't.

   def self.authenticate(email, password)
      # Because we salt the passwords we can't do this query in one part, first
      # we need to fetch the potential user
      if user = find_by_email(email)
           # Then compare the provided password against the hashed one in the db.
            if user.hashed_password == Digest::SHA2.hexdigest(user.salt + password)
                   # If they match we return the user
            return user
            end
       end
    # If we get here it means either there's no user with that email, or the wrong
     # password was provided.  But we don't want to let an attacker know which.
    return nil
  end
end

Cleanse the Logs

Finally, you need to make sure that your user’s passwords don’t get logged either, thankfully this is built right in with rails.

  class ApplicationController < ActionController::Base
     filter_parameter_logging :password
  end

Wrap Up

All in all using secure password hashing takes around 15 lines of code so there’s no excuse for not doing it in your applications. It’s also relatively simple so I wouldn’t suggest using a plugin if all you want is simple secure login code, those plugins come with tonnes of additional features which you may not want. I’ll follow up next week with simple secure remember-me tokens which also don’t require anything fancy.

Finally a product plug, 1Password from AgileWebSolutions is a really useful tool for generating, storing and recalling secure passwords for the myriad of websites which require logins. It’s much simpler and more secure than re-using some ‘insecure’ password on dozens of websites. It also has the side benefit of being pretty-well immune to phishing attacks.

Technorati Tags: , , ,