Web Applications

From ECE Information Technology Services
Jump to navigationJump to search

Supported Packages

The ECE Department supports the following web applications for research groups:

Please file a help request if you would like to have a web application installed on your research group website.

Requesting Installation of Packages

Given the department's limited resources, we can only support a limited set of web application packages. Therefore, any decision to add packages to the list of support applications will be subject to an evaluation based on the following criteria:

Chosen packages should be sufficiently general such that other users won't request a competing package that has just one more feature that they need.
Code Structure
Code should be cleanly structured. Code that is difficult for programmers to follow and code that mixes logic with presentation will take longer to review, and is likely to be problematic.
The package needs to have a simple procedure for upgrading from version to version. The package must be able to support multiple website instances with a single copy of the code. If the package uses a database, there should be systematic way to upgrade the database schema if necessary.
To ensure that the code won't be abandoned, packages should ideally be open-source and have a large active community of users and developers.
Code must not exhibit common vulerabilities such as SQL injection, filesystem traversal, and cross-site scripting. Packages with a recent track record of security vulnerabilities will be avoided.
Resource-intensive applications (such as Java webapps) will be disfavoured.
The application must be compatible with the ECE webservers. In general, this means it should run with Apache on Linux. PHP applications should work with a recent version of PHP (PHP 5) in a standard configuration (magic quotes disabled).
If the application needs to authenticate ECE users, the authentication mechanism should use ECE accounts. Integration may be implemented using LDAP, PAM, or Apache authentication.