Blogging Roller

Over the past month or so I've been adding OAuth support to just about every open source project that I can commit to. I added OAuth support to Roller so that you can now use OAuth to protect Roller's AtomPub server and other things. I also added OAuth support to ROME Propono's AtomPub client so you can now use Propono to post to Roller (more about that later). Here's a quick overview of how OAuth in Roller works.

NOTE that this post applies to Roller 5.0, which has not yet been officially released.

Setting up OAuth for AtomPub in Roller

If you want to use OAuth with AtomPub on your Roller site, go to the Server Admin page and find the Web Services section, enable AtomPub and specify 'oauth' as the authentication mechanism, like so:

Getting your OAuth key, secret and URLs

Once you've done the setup, you'll find an OAuth Credentials link on the Roller Main Menu page, which will lead you a page like the one below showing your OAuth consumer key & secret and, if you are a site admin user, the site-wide key & secret. Currently, there's only one set of site-wide credentials; I plan to fix that.

Of course, those aren't my real keys. You'll want to keep your OAuth keys secret as they can enable anybody to access your Roller account via AtomPub.

Want to try it yourself?

I mentioned that Roller 5.0 has not yet been released and that's true. There's still a lot of work to be done on 5.0, but that doesn't mean you can't get your hands on the code and binaries now. To make it easy, I've made an unofficial snapshot version of Roller 5.0-dev available for testing purposes only. It's what I'm running on my site. You can get it here in two flavors:

apache-roller-5.0-dev-20090321-SNAPSHPOT.tar.gz (31 mb)

apache-roller-5.0-dev-20090321-SNAPSHPOT.zip (31 mb)

The instructions in the old Roller 4.0 installation guide should work fine, so follow them to install and configure the 5.0-dev SNAPSHOT. Please send questions and feedback to either the Roller dev mail list and I'll do my best to respond there.

You'll also need an OAuth capable AtomPub client. More on that topic tomorrow...

I'm going to be following up my OAuth everywhere! post, with several more OAuth related posts this week. So, just in case you are wondering "why is Dave going off on this cockamamie OAuth tangent?", I'll take some time now to explain a little about OAuth to help you understand.

OAuth is a emerging protocol that one web site can use to access your data on another website without asking you to reveal your username and password. For example, when the sinister BuddyNet9000(TM) Social Network site wants to access your GMail account so it can spam your "friends" on your behalf, you can use OAuth to give it access without telling it your username and password. Why risk your GMail security when all you want to do is spam some people? There are less snarky examples, but that one makes the point well, I think.

There's a good end-user oriented introduction on OAuth.net titled Beginner's Guide to OAuth: Protocol Workflow. OAuth is not that widely deployed yet, and is not perfect, but it is emerging and going the IETF standards route.

I'm interested in OAuth because it's part of the OpenSocial spec, used to authorize access to the OpenSocial REST API and to enable OpenSocial Gadgets to call out to OAuth protected resources. Also, because it's used to protect AtomPub-based services, including the Google Data APIs. I needed to learn about it for my Roller and SocialSite work and if you're going to be doing much OpenSocial work, you'll need to learn about it too.

I'm off to ApacheCon EU 2009> tomorrow in Amsterdam to speak on the topic of Shindig for Blogs and Wikis. I'm really looking forward to catching up with my Apache friends and colleagues. That's the conference venue in the photo on the right, the Movenpick hotel (in the background behind the music hall).

I'm staying a couple of extra days, so I hope to have time for bicycling around the city as I've done in the past (see also: Flickr photo sets for 2007 and 2008). Unfortunately, the weather forecast stinks. There's a 60% chance of rain every day that I'm in town. Oh well; guess I'll have plenty of time for blogging.

Speaking of blogging.This week, I'll be posting some blog entries to highlight the work that I've done in preparation for my talk. Here's what I plan to cover:

* Monday: OAuth for AtomPub in Roller
* Tuesday: OAuth for ROME Propono
* Wednesday: SocialSite on rollerweblogger.org
* Thursday: OAuth everywhere (continued)
* Friday: the future of Project SocialSite

If you plan to attend my talk, at 4:30PM on Friday March 27, then you should follow along. Pay special attention to the SocialSite on rollerweblogger.org and OAuth everywhere (continued) posts, which will include detailed background info. I'm looking forward to seeing you there.

• How I ended up with Apache Roller
  "I definitely recommend Roller for everyone that wants to have a powerful, stable and fast blog server."
• Sitemaps XML template for Roller 4.x
  "Roller makes it very easy by using the Velocity templating engine and exposing a lot of data via model objects
• Apache Roller 4.0 theme upgrade from 3.1
  "One of the reasons to select Apache Roller as my preferred blogging software was the excellent and free selection of themes from rollerthemes.com"

• The Aquarium: SocialSite and Apache
  "I'm finally catching up with Dave's post from last Friday... My very best wishes to SocialSite. "
• Ya todo est inventado: Socialsite, an opensource social network.
  "I am doing implementations of SS for the first time. This software is new, I've been working with this since very early releases."
• Collaborative Thinking: Musings on Oracle/Sun re: social networking
  On SocialSite "Oracle would clearly benefit by leveraging a distributed model for enabling other web systems with social widgets."

• HTTP/1.1 status code activity diagram
  An activity diagram to describe the resolution of HTTP response status codes, given various headers
• SAS to build $70 million cloud computing facility
  "the facility will be built to Leadership in Energy and Environmental Design (LEED) standards for water and energy conservation."
• Business Tech - CNET News: Google uncloaks once-secret server
  "Google has an obsessive focus on energy efficiency and now is sharing more of its experience with the world."

• Forbes.com: A Rorschach Test for IBM and Sun
  "Even as Sun has stiffened into a slow-moving, self-entangled behemoth over the past decade, IBM has gradually shifted into the nimble mode of a start-up."


• IBM's bid to acquire Sun might cost jobs - The Denver Post
  "Sun is known for having a lot of cool technology but not much recognition in the market for it."


• ZDNet.com - IBM's potential purchase of Sun: Here's why it makes sense
  "One problem: There's a lot of software overlap here. In databases, IBM has DB2 and Sun has MySQL"


• Javalobby - IBM in Talks to Buy Sun?
  (in the comments) "Sun's energy would have been much better spent investing in writing proper Eclipse plugins for things such as Python/Groovy/Matisse/JavaFX/etc. instead of pushing their own IDE"


• SAS to build $70 million cloud computing facility
  "the facility will be built to Leadership in Energy and Environmental Design (LEED) standards for water and energy conservation"


• Atlassian Developer Blog - Customizing your cloud
  "we've released support for running builds in the cloud with the Elastic Bamboo feature"


• Tim Bray The Sun Cloud
  "We're going to be rolling out a Sun Cloud offering later this year"

I was invited to talk to the class COMP 380: Computers and Society at the University of North Carolina on the topic of Social Software at work, so I spent some time working up a presentation and set of slides. I gave the talk last night to three sections of the class and it seemed to go over pretty well. There was some booing at the start when I mentioned my alma mater N.C. State, but nobody threw anything and I think I put only one student to sleep. I definitely enjoyed the experience.

For the benefit of the class and anybody else who is interested, I just uploaded my slides to Slideshare. You can find them here: Social Software at work.

• Bad Times Spur Entrepreneurship, But There's a Catch - Boing Boing
  "The day we have national health care is the day that we unleash a wave of entrepreneurship the likes of which we've never seen before."


• Ben Hyde - The Misery of Opportunity: Barry Schwartz on Paradox of Choice
  "those who maximize a job choice did in fact capture significantly more income, but at a cost."


• Jon Stewart creams Jim Cramer on the Daily Show
  "I wonder if Rick Santelli will show his face on Stewart's set? Highly unlikely"


• Unit Structures: NY Times Botches SNS Privacy
  "The conclusion that Stross draws - that adults are now going to massively change their disclosure behavior because of young people - is as flawed as his 'privacy as anachronism' point."


• Rich Bowen: More twitter blah blah blah
  "To tell me that I need to define a goal for Twitter is somewhat like telling someone: you need to define a goal for conversation, and then every conversation you have needs to be working towards that goal."


• Geir's Blog - Dalibor's "Nanny State" Argument?
  "I hope I'm just misunderstanding what Dalibor is trying to say"


• PC Pro blog: I'm sorry but Dreamweaver is dying
  "Web 2.0 isn't an empty slogan, it marks a fundamental break with the past and Dreamweaver lies on the wrong side of it."

If you've been following my tweets you know that I accepted a new job yesterday. What I didn't reveal was my new employer. Before the end of this month I'll be joining IBM/Rational and working as a Web 2.0 Architect. I'm not sure how much I can say about what I'll be working on, so I won't be blogging too much about work until I figure that out. I think I can safely say this: I'm thrilled about this new job and the folks that I'll be working with. In the near term, it looks like my workmates will be @pmuellr and @BillHiggins and I'll be learning a lot about Jazz.

I feel very fortunate to have found such an excellent position a fairly tough job market and I'm more than ready to start working on new things. Thanks to everybody who helped out by recommending me, blogging about me, offering encouragement and taking the time to interview with me.

• Charlie Rose - A conversation with Marc Andreessen
  Great interview covering social networking and internet tech in general


• Fred Stutzman: How Facebook Should Address User Rights
  "If Facebook were a country, it would more accurately resemble North Korea or China than the United States."


• The Angry Drunk: Scoble Just Doesn't Get It
  "Social Networking is not Marketing; but the inability to grasp that fact is the defining characteristic of the New Media Douchebag"


• Eclipse Plugin Central: plugins resource center and marketplace
  "OSDE is the Eclipse Plug-in for developing OpenSocial applications"


• Engadget: Texas Instruments and Wind River do up Android right
  "what basically amounts to the ultimate Android device"


• InfoWorld: Mozilla backs move to decriminalize iPhone jailbreaking
  "Consumers should be entitled to use any software program they choose"


• Engadget: Android Market allows returns, but not sexy stuff
  "Google maintains the right to forcefully remove an app from your device whenever it feels like it"

Aaron Swartz: As chaunceyt pointed out, the new stimulus bill's implementation instructions require that each government agency report the money it gives out in RSS:

For each of the near term reporting requirements (major communications, formula block grant allocations, weekly reports) agencies are required to provide a feed (preferred: Atom 1.0, acceptable: RSS) of the information so that content can be delivered via subscription.

Pretty amazing to see a government so tech-savvy.

Uncle Sam should contact Manning, who, I'm pretty sure, has stacks of RSS and Atom In Action available for a very good price.

We've got a date and a venue for BarCamp RDU 2009, so mark your calendars:

BarCamp RDU 2009 - August 8 at Red Hat headquarters in Raleigh, NC

More information and registration coming soon...

I started a new blog on this site to explore what's possible with Google Friend Connect (GFC). It's called the G Friend Connect blog. I've added the GFC Members Gadget and I replaced Roller's built-in comment macro with the GFC Wall Gadget. In theory, if you have a Google, Yahoo or Open ID account, you should be able to login via a gadget, make friends with other site members and leave comments. If you have a minute or two, try it out. Join the site and leave a comment. That will give me (and you) a better idea of how things work.

So far I'm not particularly impressed with the Wall Gadget as a comments replacement. Here is an example. It doesn't support rich-text editing, no HTML is allowed, the comment area is too small and there's no preview button. Maybe that's why it's called a Wall Gadget rather than a Comments Gadget. Or maybe I'm just not doing it right.

NCSU and IW3C2 Sign Agreement: It’s official! North Carolina State University and the International World Wide Web Steering Committee (IW3C2) based in Geneva, Switzerland, have reached agreement to host the 19th International World Wide Web Conference (WWW2010) at the new Raleigh Convention Center on April 26-30, 2010. The general conference chairs are Michael Rappa, director of the Institute for Advanced Analytics at North Carolina State University, and Paul Jones, director of iBiblio.org at the University of North Carolina–Chapel Hill.

From the Roller project blog:

Ganesh Mathrubootham has been doing great work on the Media Blogging for Roller project and helping out in other ways in Roller development and support. So in January we nominated and voted him in as Roller's newest committer. Welcome Ganesh, we're very happy to have you on the team.

I've really enjoyed working with Ganesh and his project partner Tanuja over the past six months, so this is great news. I'll tell you a bit more about the Media Blogging for Roller project in one of my next blog posts.

You may remember that my dad, Charles Johnson, was working on a book that explains the science behind photography, from "quantum mechanics to physiology and art appreciation." He's finished now and while he negotiates with publishers he is making a limited number of copies available on CD, mostly to his photographer friends.

The book is beautifully illustrated with color photographs, diagrams and lots of equations. Yes, I said equations; you'll need to brush up on your physics and calculus to really appreciate the entire work. I really enjoyed the first couple of chapters and the later chapter on appreciation of art in photography, but I have to admit, I haven't read the whole thing.

I'll try again when I have the printed edition

You can download a detailed table of contents via his blog photophys.com. He'll also be making selected chapters available there to get feedback; the first is How to get really high magnifications.

The day before the layoff axe fell at Sun, I blogged about my upcoming Shindig for Blogs and Wikis talk at ApacheCon EU in March. Since then, I've been working almost non-stop on finding a new gig and have had little time to work on my presentation. That's not good, because I have fairly ambitious plans for this talk. I'll explain.

I want to be able to show how to add social features including OpenSocial support to a blog server and a wiki server by using plain old Shindig and then Project SocialSite. I'm targeting Roller and JSPWiki because they're the blog and wiki source code bases that I know best right now and they're both Apache efforts, but the same techniques should work with other systems like Wordpress or Drupal. If I have time I might be able to demo those too (but I wouldn't count on it).

I'm not sure how far I can go with plain old Shindig because, like most blog and wiki servers, neither Roller nor JSPWiki has detailed profile data, social relationships or activities. I should be able to get Google Gadgets working via Shindig, but OpenSocial Gadgets will take a lot more thought and effort.

I'm much more confident in the Project SocialSite approach. SocialSite provides for storage of detailed profile information, groups, activities and app data as well as the necessary UI. I'm confident enough that I'm going to deploy it on this site. So, stay tuned. I hope to have something to show by the end of next week.

Oh, and by the way. Today is the last day to register for ApacheCon EU with the early-bird discount. So sign-up already!

I just signed up for the NC State University FOSS Fair 2009 on Monday, Feb. 2. I'm pretty excited that there's a GRASS GIS session on the list; that's where I got my start with open source software sometime in the previous century (GRASS was public domain back then, not GPL as it is today).

The first Triangle Tweetup of the year is tomorrow at the stylin' Glenwood South facilities of Edge Office. There's a site now with an interesting speaker line-up and people tweeting about it (and food).

Count me in!

Update: Reminder the #triangletweetup is a food drive too, bring some nonperishables, info: http://tinyurl.com/6vn3ct via @ginnyskal #givingback