PMP vs Agile which certification is best

Opm-certificationsn my post about the pros and cons of PMP certification, project managers (and wannabe project managers) often ask me: Which certification is best, PMP, or ScrumMaster (Agile) Certification?

I myself am both PMP and ScrumMaster Certified, and the short answer that I give is that I believe they are both worth getting. If you’re going to be managing projects for a wide variety of companies and clients, it’s in your best interest to know and understand a wide variety of project management frameworks that you can apply in different situations. I’ve worked on projects suited to Agile methodologies, projects suited to waterfall methodologies, and projects that have benefited from a combination of different approaches. The deeper your knowledge of different approaches, the better you and your team will be suited to tackle a wide range of problems.

That said, it can’t hurt for me to explain a little bit about the differences between the two approaches, and take a closer look at some of the trends in the popularity of each framework.

Waterfall vs Agile methodologies

PMI’s framework is based on a waterfall methodology, while the ScrumMaster Certification is based on Agile. Both of these methodologies comprise very different approaches to software development.

Here’s a short summary of some key differences between waterfall and Agile methodologies:

Waterfall methodologies

  • Waterfall methodologies feature distinct planning, development, and testing phases
  • Software development projects are heavily planned during the planning stage, where little to no code is completed
  • During the build (development, or execution) phase, the product of the project is built
  • Any changes to product design are normally handled by change requests to the original project plan
  • After the build phase is completed, products are tested during a comprehensive testing phase. Clients (or customers) do not normally receive the finished product until all work on the project has been completed and delivered

Agile methodologies

  • Agile methodologies feature iterative development phases
  • Product features are gathered and prioritized in a backlog of features
  • Scrum teams take on development of product features during sprints, where they are designed, constructed, and tested – normally during a two-week period
  • After the sprint, features emerge as deliverable product
  • Clients are presented completed features from an individual sprint during a sprint demo
  • Product changes may not take place during sprints, but they are accepted at any other time, so products are constructed organically

the tale of trends

So which framework is more popular, and which one should you consider getting certified in?

Let’s take a look at the tale of the trends, thanks to Google Trends. This is not the most scientific approach to be sure, but looking at Google Trends is an easy way to see what people are interested in over time.

PMP vs Agile

First, let’s compare the general search terms “PMP” and “Agile”.



Click to enlarge the graphic. Here you can see that searches for PMP appear to have peaked at some point in 2008, and have recently declined. Meanwhile, searches for Agile, while spiking in late 2009, are generally trending upwards.

Note that this does comparison not take into account that people might be searching for PMP or Agile for reasons other than interest in project management methodologies – but I still found this chart quite interesting.

PMP Certification vs ScrumMaster


Click to enlarge the graphic. You can see here that while ScrumMaster searches are trending upward, there are many more searches for PMP Certification. And I wouldn’t say that searches for ScrumMaster are skyrocketing – they appear to be relatively level. One interesting search that you might try yourself is a search comparing “ScrumMaster” and “PMI-ACP”, PMI’s own, and relatively new, Agile certification. I’d be glad to hear your opinions on that comparison in the comments section of this post.

Which project management certification is the best

It does seem to me that interest in PMP certification is level, or perhaps even waning, while interest in Agile methodologies is growing – though interest in the most popular Agile certification, Certified ScrumMaster, does not appear to be “taking off” as much as I had originally thought it might be. Remember, this is a very simple analysis using Google Trends, so I may be way off the mark here – please be sure to tell me if I am! I’d be interested in seeing any data or opinions contrary to what I’ve explored here. I should note that I have noticed that PMP certification appears to be growing in popularity in India… I get a lot of questions from Indian professionals, especially software engineers and test engineers, who are interested in becoming project managers and getting PMP certified.

I still haven’t answered the question “which certification is best”… a lot of factors go into making this decision, and it turns out that one certification may be best for some, while the other certification may be better for others. It seems to me that PMP certification is more powerful if you’re interested in applying for a job as a project manager – many recruitersrequire PMP certification of their project managers – while Agile certification is important if you’re working for an iterative software development shop, or want to learn about a methodology that is slowly but steadily gaining in popularity. In my opinion, Agile methodologies will see even more recognition in the future while interest in waterfall methodologies will continue to wane.

As I mentioned above, I personally recommend getting both credentials. In fact, I make it my own mission to continue to improve myself both personally and professionally however I can, whenever I can, and education is one of the surest ways of doing this. Whichever path you choose to pursue, best of luck to you!


Grails Authentication With Shiro

Shiro is a security framework that is meant to make life easier. The goal of it is to allow the developer to performauthentication, authorization, cryptography and session management. After reading over the 10 minute tutorial, I trust that it is an excellent option to use in my Grails application. It should be also noted that the website also uses Shiro for all authentication.


compile ":shiro:1.2.1"



it will create


package shiro

 * Generated by the Shiro plugin. This filters class protects all URLs
 * via access control by convention.
class securitySecurityFilters {
    def filters = {
        all(uri: "/**") {
            before = {
                // Ignore direct views (e.g. the default main index page).
                if (!controllerName) return true

                // Access control by convention.

you could edit it to

class securitySecurityFilters {

     * Array of controller/action combinations which will be skipped from authentication
     * if the controller and action names match. The action value can also be '*' if it
     * encompasses all actions within the controller.
    static nonAuthenticatedActions = [
            [controller: 'home', action: 'index']

     * Array of controller/action combinations that will be authenticated against the user's
     * role. The map also includes the roles which the controller/action pair will match
     * against.
    static authenticatedActions = [
            [controller: 'home', action: 'secured', roles: ['ROLE_ADMIN', 'ROLE_USER']],
            [controller: 'home', action: 'admin', roles: ['ROLE_ADMIN']]

    def filters = {

        all(controller: '*', action: '*') {
            before = {

                // Determine if the controller/action belongs is not to be authenticated
                def needsAuth = !nonAuthenticatedActions.find {
                    (it.controller == controllerName) &&
                            ((it.action == '*') || (it.action == actionName))

                if (needsAuth) {

                    // Get the map within the authenticated actions which pertain to the current
                    // controller and view.
                    def authRoles = authenticatedActions.find {
                        (it.controller == controllerName) &&
                                ((it.action == '*') || (it.action == actionName))

                    if (authRoles) {

                        // Perform the access control for each of the roles provided in the authRoles
                        accessControl {
                            authRoles.roles.each { roleName ->

                    // Skip authentication if the authRoles was not found
                    else {
                        return true

                // Skip authentication if no auth is needed
                else {
                    return true


Update your Config.groovy

security {
    shiro {
        filter.config = """\
                        shiro.loginUrl = /auth/login
                        rg = AnyOfRolesAuthorizationFilter

                        ROLE_ADMIN = *

                        /admin/** = authc, rg["ADMIN,USER"]
                        /guest/ = anon
                        /guest/sec = authc, rg["USER"]

update your resources.groovy

import org.apache.shiro.authc.credential.Sha512CredentialsMatcher

// Place your Spring DSL code here
beans = {
    credentialMatcher(Sha512CredentialsMatcher) {
        storedCredentialsHexEncoded = true

initialize Bootstrap

import org.apache.shiro.crypto.hash.Sha512Hash

class BootStrap {

    def init = { servletContext ->
        def roleUser = new ShiroRole(name:'USER')
//        roleUser.addToPermissions('auth:*')
//        roleUser.addToPermissions('home:sec'), failOnError: true)

        def roleAdmin = new ShiroRole(name:'ADMIN')
//        roleAdmin.addToPermissions('auth:*')
//        roleAdmin.addToPermissions('admin:*'), failOnError: true)

        def user = new ShiroUser(username: "user", passwordHash: new Sha512Hash("123").toHex())
        user.addToRoles(roleUser), failOnError: true)

        def admin = new ShiroUser(username: "admin", passwordHash: new Sha512Hash("123").toHex())
        admin.addToRoles(roleAdmin), failOnError: true)
    def destroy = {

Add AnyOfRolesAuthorizationFilter Class

public class AnyOfRolesAuthorizationFilter extends RolesAuthorizationFilter {

    public boolean isAccessAllowed(ServletRequest request, ServletResponse response,
                                   Object mappedValue) throws IOException {

        final Subject subject = getSubject(request, response);
        final String[] rolesArray = (String[]) mappedValue;

        if (rolesArray == null || rolesArray.length == 0) {
            //no roles specified, so nothing to check - allow access.
            return true;

        for (String roleName : rolesArray) {
            if (subject.hasRole(roleName)) {
                return true;

        return false;

Geb, What is it?

What is it?

Geb is a browser automation solution.

It brings together the power of WebDriver, the elegance of jQuery content selection, the robustness of Page Object modelling and the expressiveness of the Groovy language.

It can be used for scripting, scraping and general automation — or equally as a functional/web/acceptance testing solution via integration with testing frameworks such asSpockJUnit & TestNG.

The Book of Geb contains all the information you need to get started with Geb.

What does it look like?

Here’s what a simple Geb script to log into an admin section of a website might look like…

import geb.Browser {
    assert $("h1").text() == "Please Login"
    $("form.login").with {
        username = "admin"
        password = "password"
    assert $("h1").text() == "Admin Section"

This is what is known as the scripting style of Geb and it’s great for quick automation.

Be sure to checkout the highlights in the right navigation bar, and of course the Book of Gebfor in depth information on how to use Geb in your projects.


Allocating business logic in Grails


I’ve been on a couple of larger Grails projects in the past year and half and I’m witnessing a disturbing phenomenon. The allocation of business logic responsibility across the abstractions that Grails provides today is causing considerable pain. Grails provides controllers, services and domain objects where business logic can reside. I’ll contend in this blog entry that these abstraction categories work well for small- to medium-sized Grails projects, but thing quickly start to unravel once your application gets to be large.


I see a lot of business logic code in controllers these days. Controllers shouldn’t contain any business logic whatsoever. The controller’s responsibility is to handle the web request and response. Anything else should be delegated to a collaborator. Don’t do it!


The next logical place to put business logic is in the domain class. Allocating responsibility here works to a point, but you will quickly encounter issues when you need business logic that resides in services. I’m not a fan of injecting Grails services into domain classes. This situation quickly spirals out of control and makes unit testing very difficult to perform. For simple per-domain business logic, free free to allocate to the domain class. Anything more, and it belongs in a service (or something else, which we’ll discuss in a bit).


So most business logic seems to end up in Grails services these days. That’s what the creators of Grails intended. I have no qualms about that. The beef I have with services is that a method is a crappy abstraction for representing business logic in the system. On larger Grails projects, the service approach seems to break down, as services seem to take on more and more responsibility, making them more difficult to test. I’m also witnessing a lot of code duplication; in it’s current incarnation, there is no delineation of public API services versus private services which the public API services compose larger sets of business logic with. What we end up with is large, hard-to-test service methods that collaborate with too many dependencies and do too much.


I want an abstraction in Grails that promotes proper factoring of business logic into unit-testable abstractions. These abstractions can be composed into larger abstractions to provide the necessary logic to fulfill the requirements of the system. The chain of responsibility design pattern may offer some value here. Individual commands that have a singular responsibility can be created, unit tested, and finally composed into “chains” of commands that provide the necessary functionality of the system. The command chains can be integration tested to ensure that the individual commands composition provides the functionality required by the customer/business. When new functionality is needed, a new command chain is created, reusing existing commands where appropriate and creating new commands where functionality does not exist. Spring Batch has a similar concept that is core to its design.


I hope to blog a bit more around this in the coming weeks. I really like Grails and would love to see its usage increase in the coming months and years. I think it has some really cool features that allow you to get up and running very quickly. The plugin system alone is a huge advantage to using Grails, because features like a Chain of Responsibility executor can easily be added to the core Grails system.

the best ways to store a tree structure in a relational DB

As always: there is no best solution. Each solution makes different things easier or harder. The right solution for you depends on which operation you will do most.

Naive Approach with parent-id:


  • easy to implement
  • easy to move a big subtree to another parent
  • insert is cheap
  • Needed Fields directly accessible in SQL


  • retrieving a whole tree is recursive and therefore expensive
  • finding all parents is expensive too ( SQL doesn’t know recursions… )

Modified Preorder Tree Traversal ( saving a start- & end-point) :


  • Retrieving a whole tree is easy and cheap
  • Finding all parents is cheap
  • Needed Fields directly accessible in SQL
  • Bonus: you’re saving the order of childnodes within its parentnode too


  • Inserting / Updating can be very expensive, as you’ll maybe have to update a lot of nodes

Saving a path in each Node:


  • Finding all parents is cheap
  • Retrieving a whole tree is cheap
  • Inserting is cheap


  • Moving a whole tree is expensive
  • Depending on the way you save the path, you won’t be able to work with it directly in SQL, so you’ll always need to fetch & parse it, if you want to change it.

I’d prefer one of the last two, depending on how often the data changes.

See also: