Skip to content

Raven UCamWebAuth

This page gives an overview of the Raven UCamWebAuth service, describing its current status, where and how it's developed and deployed, and who is responsible for maintaining it.

Service Description

The Raven service provides a self-service, web-based interactive sign in service for the University. It has several parts. Raven UCamWebAuth provides the most commonly used interface for sites around the University.

Service Status

The Raven UCamWebAuth service is currently live. There are plans to decommission this protocol in favour of the modern industry standard protocols (SAML, OAuth2).

Contact

Technical queries and support should be directed to raven-support@uis.cam.ac.uk and will be picked up by a member of the team working on the service. To ensure that you receive a response, always direct requests to raven-support@uis.cam.ac.uk rather than reaching out to team members directly.

Issues discovered in the service or new feature requests should be opened as GitLab issues in the Raven UcamWebauth or Raven Legacy Infrastructure projects (both DevOps only).

Environments

Raven UCamWebAuth is currently deployed to the following environments:

Name Main Application URL GCP Project
Production https://raven.cam.ac.uk/ Raven Legacy - production
https://webauth.prod.raven-legacy.gcp.uis.cam.ac.uk
Staging https://test.legacy.raven.cam.ac.uk/ Raven Legacy - staging
https://webauth.test.raven-legacy.gcp.uis.cam.ac.uk/
Development https://dev.legacy.raven.cam.ac.uk/ Raven Legacy - development
https://webauth.devel.raven-legacy.gcp.uis.cam.ac.uk/

All environments access a meta project (Raven Legacy meta) for shared secrets and monitoring.

Notification channel(s) for environments

Environment Display name Email
Production Raven Legacy - Wilson DevOps team email channel devops-wilson@uis.cam.ac.uk
Staging Raven Legacy - Wilson DevOps team email channel devops-wilson@uis.cam.ac.uk

Source code

Source code for Raven UCamWebAuth is spread over the following repositories:

Repository Description
Raven Legacy WebAuth Server1 Containerised Apache2 frontend which handles interactive authentication
Raven Legacy Infrastructure1 Terraform configuration for infrastructure and deployment

1 DevOps only

Technologies used

The following gives an overview of the technologies that Raven UCamWebAuth is built on.

Category Language Framework(s)
Server Perl Mason
GCP deployment Terraform
Admin API Python FastAPI

Operational documentation

There is a dedicated operational documentation folder in the infrastructure Gitlab project (DevOps only).

Admin scripts

An admin-scripts container also provides restricted API access for management actions.

How and where the service is deployed

The Raven Legacy infrastructure is deployed using Terraform, with releases of the authenticator application deployed by the GitLab CD pipelines associated with the infrastructure Gitlab project (DevOps only).

Deploying a new release

The README.md files in each of the source code repositories explain how to deploy the App.

Monitoring

The monitoring and alerting system is based on Cloud Monitoring. Alert policies and metrics can be viewed in the Raven Legacy meta project (DevOps only).

Our standard 'webapp' alerts have been configured:

  • Service uptime check from various geographic regions
  • SSL expiry checks
  • Sign-in alerts if logins fail (or succeed when they should fail)

Debugging

See the Raven UcamWebauth project (DevOps only) for details on how to deploy a local development instance.

Service Management and tech lead

The service owner for Raven UCamWebAuth is Vijay Samtani.

The service manager for Raven UCamWebAuth is Abraham Martin.

The tech lead for Raven UCamWebAuth is Robin Goodall.

The following engineers have operational experience with Raven UCamWebAuth and are able to respond to support requests or incidents: