For the past couple of weeks, I've used some of my time to write code that adds support for Federated Login for Google Account Users to an Elgg instance. This particular project's requirements don't end with just an implementation of Single Sign-On (SSO) but it also needs to have access to some of the user's Google Apps Data.  Because of this, I decided to use Google's OpenID+OAuth Hybrid protocol, which is a good fit for the requirements.

The first thing I did was to register the domain of the application I'm writing with Google.  You can read instructions on how to do this here.  After I've validated the domain, I now need to write the interface to Google's OpenID+OAuth Hybrid protocol.  The goal is to have SSO working with the capability to automatically create users on the Elgg side and map them to the proper Google account and to be able to request access to Google services.

I searched the plugins page for Elgg if anyone already wrote such a module and I got two results that piqued my interest.  These are Kevin Jardine's OpenID client plugin and Justin Richer's OAuth plugin.

View full post

We were recently tasked with an Elgg project that requires forum discussions to behave like mailing lists.  There's already a community contributed plugin that does something similar but doesn't quite meet the client's required specifications, notably with regards to permissions.

During the initial design, the client mentioned that we should think about reusability since the system might require other functionality that makes use of incoming emails in the future.  So instead of just coding a plugin that will take care of discussions via email I decided to write a plugin that can handle incoming emails in a generic way and then trigger plugin hooks.  The different plugins will then be responsible for implementation on how to handle the incoming email.

View full post

We recently posted about our project that implements Single Sign-On between Moodle and Elgg using Moodle Network (MNET). We wrote an Elgg plugin that extends the mnet-lib PHP library as part of this implementation.  This early version of the plugin allows Elgg to function as an Identity Provider (IdP)  so that its users can SSO to moodle.  The current implementation assumes that ELGG is the authorative system. It doesn't have the capability to act as Service Provider.  We expect to be doing a great deal more work to extend this plugin in its early stages so stay tuned!

View full post

Last week I looked into automating web-based user interface tests using Selenium Remote Control. This is a Java based server that listens for HTTP requests containing test commands. These commands are used to drive a web browser with a Javascript adapter. It works with IE, Firefox, or Safari depending on which operating system the Remote Control server is running on.

It was very easy to setup, download the Selenium Remote Control  java code. On Linux you can just type "java -jar selenium-server.jar" and the server starts up, waiting for commands on an HTTP server listening on port 4444.

View full post

Jakob Nielson writes about the issues facing designers who want to design Web user interfaces that are easy to use. He promotes user testing and defines 3 levels of a designer-user continuum. The first is where the user is the designer; the second, where the designer understands the product or domain; and the third, where the designer is unfamiliar with the domain. He then gives some examples of projects and problems that could occur.

There is one example that I did not quite understand. He mentions a Web site selling suits and says the designers were too close to the people who make the suits, instead of the people who wear suits. It seems to me, you could probably find a designer who could, at least, pretend he wanted to buy a suit while designing the user interface. Of course, you have to remember to do this.

View full post

Clickpass is a new service that helps you manage OpenIDs. Once you signup you can use one click login on sites that support it. By default it will generate a unqiue OpenID address for every site you sign up on, so you are anonymous unless you choose to share your information with that site.

In addition they have developer tools to add Clickpass support to your web site. This looks like a good step to making OpenID easier to use. 

View full post

There is often a need to take content from the web and share it in a different format. For one client, we built a web based report. The client also wanted the report to be able to be downloaded and viewed using Microsoft Word. To do this we decided to export the HTML results of the report as an RTF document.

A quick search of the web will show there aren't too many options to convert HTML into an RTF document that will work with modern CSS based HTML. One program that can do this is OpenOffice. Of course, OpenOffice can convert from any format it can read in, and can convert to any format it can save ,so this technique is useful for many file format conversions.

View full post

Step by step is a YUI-based tool that builds guided walkthroughs of Web applications.  This looks like a great tool to build documentation right into a Web application.  A context-sensitive help system could be built with this tool.  The script is available under a Creative Commons license.

The positives are it is much more interactive than a video or screencast and the users stay right on the Web site.   

The negative is that, at least for now, a programmer has to be involved in creating the experience.  A screencast or documentation page can be created by a nonprogrammer.  However, we could write a front end if someone wanted to use it extensively.

View full post

As we add Ajax-powered applications for our clients and share the code with others, there is some demand to make these features available within OpenACS and .LRN. .LRN, in particular, has a goal of meeting WAI accessibility guidelines. It is very challenging to meet these guidelines with Ajax-powered systems.

At the latest OpenACS/.LRN conference, we had a discussion on new Ajax applications and accessibility. I created a wiki page to document what we learned, including links to resources and best practices, as well as draft proposals from WAI for accessible rich internet applications.

View full post

Whatever field you are in, good communication is one of the keys that make work easier. In search for better communication, one of our colleagues came across the Jing program and shared about it to the rest of the group. I was tasked to look into Jing and see what it can do for the company.

As I tried to learn how to use the Jing program, I read through a few of the comments and blogs written by some users who participated in the Jing Project by providing their feedbacks which in turn became useful to the design and development team of Jing. The comments and feedback paved the way to a newer and better version of Jing. My learning experience with Jing was quite okay, I must say. Some things I found advantageous and useful while others, just about average.

View full post

It's interesting how different companies, competitors even, can come together for a good cause in the name of making it easier for more people to use the Web.

In this feature from the Ajaxian, a Web architect from Yahoo, Chris Heilman, makes Google Charts, a product from Google, more accessible to people who can't see the charts it generates.

By "people who can't see", I am referring to people who are either fully or partially (color) blind and who rely on special screen readers like JAWS to view Web pages. 

View full post

This quote from Mary Lou Jepson, the CTO of OLPC and designer of the amazing, low power, sunlight readable display inside it, shows why the OLPC will change the world while Intel just wanted to sell CPUs.

"Mary Lou Jepsen: Where to start: Classmate is more expensive, consumes 10 times the power, has 1/3 the wifi range, and can't be used outside. Also, the Classmate doesn't use neighboring laptops to extend the reach of the internet via hopping (mesh-networking) like the XO does. So not only is the XO cheaper than the Classmate, the XO requires less infrastructure expenditure for electricity and for internet access. In Peru we can run off on solar during the day and handcrank at night for an additional $25 or so per student – this is a one-time expense – the solar panel and the crank will last 10 or, perhaps, 20 years. Just try running electricity cables up and down the Peruvian Andes for that cost while making sure it's environmentally clean energy. The Classmate isn't as durable as the XO, and its screen is about 30% smaller, the batteries are the type that can explode and only last 1-2 years and can't be removed by the user and harm the environment. The batteries are expensive to replace: $30-40 per replacement. The XO batteries last for 5 years and cost less than $10 to replace. Finally, the XO is the greenest laptop ever made, the Classmate isn't – this matters a great deal when one proposes to put millions of them in the developing world."

View full post

Ajaxian mentions SafeErb for Rails, an add-on to help secure that user input is safe. It does so by checking if you explicitly call a certain method to escape the user content.

OpenACS, the base for .LRN, has been doing this for awile now. We took a different approach. All content is escaped by default, and the programmer must decide when to let through unescaped content. Either way it's something all Web frameworks should support if they allow users to enter HTML. 

View full post

As part of Solution Grove Blog's facelift, we added links to "share" the content to different social web communities.  We already have the standard "Digg" and "del.icio.us" links in most of our client sites and we initially thought of putting this in our own blog.  However, while browsing other blogs, I came across a niftier implementation.  It's a free script provided by ShareThis.  All you have to do is 1) register, 2) customize your "Share This" link using their "button builder", and 3) copy the code to your page or site template.

View full post

First, let me greet everyone Happy Holidays!!!

I would just like to let everyone know about a blog article I read about how a Gmail user and graphic designer, David Airey, lost his domain to a hacker because of a gmail exploit.

Please check your gmail filters and settings to make doubly sure that you have not been hacked. 

View full post

This document is a how-to for delivering full-text, in-database search of Word, Excel, Powerpoint, and PDF documents using OpenACS, PostgreSQL, tsearch2, and a collection of command line utilities to convert binary formats to text or HTML. These techniques allows search to return results from both OpenACS applications, such as forum posts and blogs and from a full full text indexing of files in file-storage. OpenACS search is integrated with the OpenACS permissions model, so search results are only returned for documents the searcher can read. Full-text, in-database search will be included in OpenACS 5.3 scheduled for fall 2006. It will work with PostgreSQL 7.4 and up. (There is also support for full text document indexing with Oracle under OpenACS that will be addressed in a future post.) If you would like to use this feature now, the Search package from OpenACS CVS (HEAD) is required. To check out this package from anonymous cvs use the following command.

cvs -d:pserver:anonymous@cvs.openacs.org:/cvsroot co openacs-4/packages/search

Once you have the new search package installed, you will need the following utilities

• Catdoc for Word and Excel indexing
• ppthtml for indexing Powerpoint documents. ppthtml is included in the xlhtml package. You could also use xlthml to index Excel documents.
• pdftotext for indexing PDFs (part of xpdf)

Any other document formats can be supported by installing a filter or utility to convert the document to text or html. If you install the utilities in /usr/local/bin the should work as soon as you index your documents. If the utilities are installed someplace else, you will need to edit packages/search/tcl/search-convert-procs.tcl to point to the location of the executable file for each utility. The final step is to reindex all your files. If you have documents in file-storage, a query similar to this one can be used to queue the files for indexing.

insert into search_observer_queue 
(select live_revision,now(),'UPDATE'
from cr_items ci,
cr_revisions cr
where ci.live_revision=cr.revision_id
and   ci.content_type='file_storage_object'
and   ci.name like '%.doc')

You can repeat that query changing the like '%.doc' criteria to like '%.xls', etc... for each file type you want to index. Pdfftotext will not extract text from a PDF document that does not allow copy/paste from the text of the PDF document. In this case only the text of the filename will be indexed.

View full post

We've been hearing a lot of open source projects moving over to subversion in recent months. Projects like KDE and Wine have taken the leap and left CVS for good in exchange for the promise of Subversion. The promise of ... - atomic commits - versioning of directories - versioning in spite of renaming - familiar workflow - stellar Graphical User Interface (TortoiseSVN) It will not require a great deal of effort for users to move to subversion because workflow and syntax are almost identical to CVS. In addition to the compelling reasons already mentioned, using subversion repositories will also give us a choice to move to distributed version control using SVK (http://svk.elixus.org) if the need arises and if developers prefer to do so. Subversion is also easy to extend thanks to hook scripts where administrators can specify scripts to execute on specific events. For instance a post-commit hook script can run to send email notification or even update the bug tracker right after a commit. Keeping our repository up to date with OpenACS CVS will be a challenge. We are looking at a python script - Tailor.py (http://nautilus.homeip.net/~lele/projects/tailor/) to help us keep in sync. It will automatically retrieve the latest commits from OpenACS and commit them to a vendor branch in the Solution Grove repository where developers can pick which revisions can be merged to their respective projects. In addition, Tailor.py will also help us to contribute work back to OpenACS CVS direct from our subversion repository.

View full post