Dr Nic

Read “Wrath of a Mad God” and get closure on Raymond E Feist

I just finished reading a book.

If you’ve read Magician, by Raymond E Feist, and any of the sequels then you need to read Wrath of a Mad God which has just come out. I know as well as you do that Ray’s work hasn’t been fantastic over the last decade or so. In fact, I stopped reading his books altogether. This is noteworthy since he was the only novelist for whom I used buy each and every book he wrote, in hard cover so I could have the entire collection site nicely on my shelf. I even saw him speak in public once.

Then his books became soft like a wet tissue, and I stopped giving him my money. But I just read his latest book over Easter, and now you must read it too.

Similarly if the Catholic church releases the 3rd volume of their “Bible: The Testaments” trilogy, you’d probably grab a copy just to see how the story ends, even if you didn’t really follow the first 2 books.

With “Wrath of a Mad God,” Raymond E Feist has rewarded each any every loyal reader of his multitude of books with a final “this is how it ends” book. I’m prepared to believe that this is Ray’s final book. He might write more because his publisher gives him money to do it, but really this book ties together 20+ books about the fabulous characters from Midkemia. More importantly, this book answers questions.

Who is Nakor?

Who was Macros?

The downside of this book is that its the 3rd book of a trilogy. Over the last few weeks I bought + read them all, so I can’t say whether you can just read this latest one on its own and get full value.

Also, I’m not saying this is the best book you’ll ever read.

But, if you’re like me – yearning for the majestic wars, battles between armies from different planets, interfering Gods, and the superhumans at the center of it all, then its worth taking the final journey: read all three books (starting with Flight of the Night Hawks and Into a Dark Realm).

Need a final excuse to read these books and return to the bosom of all the wonders of Feist’s earlier works?

When I saw Feist speak in public a decade ago, I distinctly remember one thing. He said the problem with having a superhuman like Pug or Tomas is that you constantly need to distract them throughout the whole book so that the other characters have something to do. So Pug hasn’t really done any amazingly jaw dropping since he said “Tremble and despair for I am Power!” in the first book. I think this last book contains another jaw dropping moment worth the price of admission. Unfortunately he is on his own when he does it, so there is no snappy one-line quote to go with it. This is just an example of my final excuse for you to read these books and thus have closure of Raymond E Feist’s world of Midkemia:

The last book is all about Pug. A happy place to finish, just as it was a happy place to start.

Zero Sign On – 1 better or Infinitely better than Single Sign On?

This article has no code in it. There are no TODO steps. Nothing to install. Its a picture of the future.

There is no reason to bookmark this article and read it another day. Its nearly all pictures. You can read it now.

This “picture of the future” was actually added to our browsers in the 90s. Netscape and MSIE3.0 both had it.

“It” is Client Certificates, and to me to means “never logging on with username/password NOR OpenID ever again”. Zero Sign On. It must be better than the much-targetted Single Sign On.

Client Certificates

Firefox 2.0:

no-certificates

Or on Safari/KeyChain:

Keychain Access - no certificates

Small problem: no website I’ve ever used has ever offered them, so I never knew they existed. I didn’t know what they did, nor as a web developer that I could create them for users who’d never need to login again.

Clifford Heath showed me the light. On #roro irc channel, we were exploring how “Zero Sign On” might be implemented using ssh-keygen, and browser plugins etc. Clifford mentioned client certificates and then someone else mentioned that MyOpenID already supported them. [someone = Michael Kedzierski]

I already had an myopenid account, so raced over to explore the new world of certificates.

Under “Authentication Settings”:

myopenid-create-certificate

After submit:

myopenid-creating-certificate-dialog

And then:

myopenid-certificate-creation-finished

Then feedback:

SSL Client Certificates

So I thought to test out if “Zero Sign On” actually worked. Normally, after logging out you’d need to submit username/password or if a site supported OpenID (yes myopenid.com is an OpenID provider which is a bit circular but bear with me) you login by entering your OpenID url and pressing Enter. Either way, you’ve got work to do.

Instead, I clicked “Login” link on the home page, and was redirected immediately to:

myopenid-login-uses-alternate-url

myopenid-signin-with-certificate-form

So it was still using cookies so that it could log me in immediately next time without clicking “login”, but either way, there is no username/password nor any other “type something here” login form. Just a “Remember Me” checkbox.

Finally, myopenid.com shows a log of your sign-in attempts:

recent activity

Your sites and the future

As a web developer, you can do one of two things to get some leverage of Client Certificates.

  1. Support OpenID as a login mechanism. Users with myopenid.com accounts (or other openid providers that support client certificates) will benefit from automatic login to their openid page and instant redirection to your site. You’ll also be able to help new users import their profile data to get them started quickly.
  2. Implement Client Certificates yourself. I would have liked to have had a crack at this before posting about Client Certificates and all their sweet loveliness, but I didn’t. My bad. Instead, I found a nice step-by-step (plus comments with updates) on implementing Client Certificates

If you have/do implement Client Certificates in Ruby/Rails world, you’ll get a 1000 Happy Points from me if you open source it/blog about it. Happy Points are redeemable for Happiness in all countries.

Ruby.NET goes Open Source … too late?

Once upon a time there were two Ruby on .NET projects – one by John Lam, created in his spare time (RubyCLR) and ultimately he and his code was absorbed by Microsoft (now IronRuby).

The other – Ruby.NET – was created by Wayne Kelly, at the Queensland University of Technology (QUT), in Brisbane, Australia. My city. Where I live. Which is great, because Wayne is going to talk about Ruby.NET on Monday night.


View Larger Map

Above: pointless map to the HQ of Ruby.NET in Brisbane; NOT the location of the meeting. Its just here to space out the text a bit and help you want to read the whole thing.

This Monday 15th Oct, Wayne will be talking at the Brisbane Ruby + Rails Brigade about Ruby.NET, and to reiterate that it has/is to be open sourced.

[/end infommercial for Ruby meetup]

[start of critique on why the hell I don't know tickitty-boo about Ruby.NET, and the perils of Open Sourcing something that no one knows anything about]

RubyCLR/IronRuby and Ruby.NET have the same aim – to allow Ruby to be used to write .NET apps, in addition to the other languages you can run on the .NET CLR (common language runtime) – C#, C++, J# and VB.

So if RubyCLR is now Microsoft IronRuby, and is being shipped with Silverlight and thus/probably with Visual Studio 2008, does this mean RubyCLR won and Ruby.NET lost?

Hint: refer to “I don’t know tickitty-boo about Ruby.NET” above and Microsoft’s $X trillian market cap and pervasive promotion of Silverlight lately.

I can’t compare the two projects technically, but I can compare them from a marketing/community perspective, and with a healthy dose of sarcasm. I also want to ask you for help – even if you haven’t used Ruby.NET nor ever will. Its an anti-Microsoft thing. Read on…

From the get-go, John Lam has talked and blogged about RubyCLR/IronRuby. It even had a fancy website back in its RubyCLR days, with a logo and everything. John will be at RubyConf in Charlotte NC in November, talking about IronRuby.

Ruby.NET doesn’t have its own website – its just a page somewhere on the QUT domain – http://plas2003.fit.qut.edu.au/Ruby.NET/, with updates that aren’t available via RSS.

Ruby.NET doesn’t have a blog, nor does Wayne. Oooh, I found Wayne has a 1995-compliant “who am I?” page, including the 1995-edition yellow balls *.

But, he did do this video with the Ch9 MSDN site.

This isn’t a dig at Wayne entirely – I haven’t met him yet and hopefully he finds the above funny enough that he’ll still talk to me :)

Rather, this is a call for help for getting Ruby onto .NET in a safe, friendly, Microsoft-free, open source way. Its about World Peace.

Ruby.NET maybe open sourced, but as a project and a movement, it needs help: “I am inexperienced at managing this kind of open source project I need your help and advice.” [Wayne]

Lots and lots of Ruby developers are sitting on Windows boxes, and probably a lot of them do/have written .NET stuff. Blending Ruby into .NET means awesome WinForms loveliness with a decent language behind the scenes.

So, on Monday, Wayne is going to show off his wares. If you are in Brisbane, come along. For everyone else, I’ll park the video camera at the back of the room.

Now, before I ask you for assistance, I need to tell this story (blockquoted for dramatic effect):

I was at Web Directions South conference a few weeks ago, which Microsoft helped sponsor, and had a large booth at the front door promoting Silverlight.

I met some of the Silverlight people at drinks and got talking to one guy who was an ex-programmer-come-spruiker, and the conversation degraded as follows:

Him: IE7 was delayed for a long time because 'ajax' came out and it scared Microsoft.
Me: Microsoft of f@#ked up IE7 on purpose?
Him: We have shareholders.
Me: So you did it on purpose?
Him: Yes
[Me: exits the table]

This translates directly into my fears for IronRuby (similarly concerned are Martin Fowler and Ola Bini). Microsoft was persecuted for modifying Java outside the license agreement. Shareholders first, community last, and all that.

Ruby.NET isn’t my project, but I envisage it to be an important project.

But it will be an abandoned trivial project unless it gets a community of users, the corresponding portion of patchers, and a corresponding portion of core developers.

To my mind, Ruby.NET needs marketing help. It needs a website + blog, logo + identity: a place for users to feel proud of, a site they can show their bosses when they are trying to convert their team from C#.NET to Ruby.NET.

You don’t need to use Ruby.NET to be able to help here.

If you can help, please contact Wayne directly.

Alternately, if you have any public thoughts on how Wayne can build a community around the project etc, go for gold below.

NOTE: I’ve never built a large community around any more my projects so I can’t claim any real high-ground over the Ruby.NET project. But I do know I’d rather have choice in my Ruby for .NET implementations, and Ruby.NET is only going to be a choice if it can become a self-sustaining project.

One year on the InterTubes

Dumping thoughts onto the InterTubes, aka blogging, is fun. And I’ve been doing it 1 year now.

Its also challenging.

Its like inviting people over for dinner – you have to clean up your house so they get a completely false impression of how you normally live your life.

Same with code – pasting it into blog articles or releasing projects makes you work harder to clean up code.

Same with the article – like rewriting paragraphs and sentences so they read better.

Why?

Remember the I Hired Jeff Clark site from a year ago?

I started this blog a year ago with the idea of it being an Online CV – I’d write clever things, people would comment, and employers would pick me instead of someone else.

Feedburner

Click through for fancy dynamic flash graph [1]

Leaving Tele2

The whole time I’ve been overseas working for Tele2 – a Swedish telephone company, developing their billing systems. No Ruby code anywhere. Lots of perl, some Java, and lots of an internal proprietary language. It hurts to work on that environment.

And today is my last day, so now I can pursue Ruby/Rails with full-time reckless abandon.

Starting with Dr Nic Academy.

What’s left to blog about?

In the last 12 mths, I think I’ve covered a fair bit of (seemingly random) ground: composite keys, magic models, javascript, radrails fixups, newgem, and lately openid.

In the future, the following stuff intrigues me, and it’d be fun to explore:

  1. Social OS – when I use flickr, I add contacts/friends/family and I add photos. When I visit your fancy new Web2.0 site, how can I import this profile information and automatically find all my friends or invite them to use your site? I envisage this built on OpenID, where every app is both an OpenID consumer (you login with OpenID) and possibly an OpenID provider (you can use your account page as a login to other apps).
  2. Mongrel handlers – sexy integration of handlers into the Rails code base, so they are automatically picked up when the mongrel servers are started. I haven’t looked into this at all, so that sentence mightn’t make any sense.
  3. Caching – nothing fancy, I just haven’t figured out how to use it yet. Anyone that used MyConfPlan during RailsConf might have guessed this.
  4. Javascript widget generator – generators get me from “idea” to “ooh that’s pretty” much faster, and avoid the “oh I can’t be bothered setting up the code base” step. I want to write a bunch of widgets for the RoR Oceania blog, to pull data from the RoR Oceania facebook API, so hopefully I can extract some base code into a generator.

As always, I’m completely happy for someone else to tackle these things first. So get cracking :)


[1] The XML for this
Maani graph is mashed from the raw feedburner API via this Ruby CGI script. If you want to use it, you need to turn on the Feedburner API first, and change the start date within the code (currently set to 1/8/2006)

That is, the data goes from feedburner XML to maani XML.

One App, One User Account and Multiple OpenIDs

Summary: Its the future, and its not Facebook. Learn it.

I’ve just implemented OpenID sign-ons for a client site, as a compliment for the standard signup/login process, and I choose the following association:

1 x User account —> 0 or 1 x OpenID

The OpenID value is a field on my User model/table.

So I login with my OpenID and I get one application account.

Or similarly, if the User already has an account, there is a field on their User settings page for their OpenID. They can put in their LiveJournal or AOL OpenID URL (or from one of 3000+ OpenID providers) there, and they can now log into that account using either normal login, or OpenID login.

Great.

But then I was watching a GoogleTechTalk video by Simon Willison and he gave the following Bonus Use of OpenID:

  1. User logs into a site using an AOL OpenID
  2. The site can now send AOL IM messages to that user

This is cool for two reasons:

  1. The site automagically derived information about the User – they are an AOL member, and their AOL username.
  2. More importantly, it KNOWS the user is the owner of that AOL account.

The site gets authentication of this information for free through the OpenID sign-in process – the user is redirected back to AOL’s OpenID page at which time the user has to prove they own the account thru AOL signin (or cookies).

So, back to my story.

My users can sign into my site with an AOL OpenID and prove they own an AOL IM account name.

What if they also have a LiveJournal account? LiveJournal URLs are all OpenID URLs too [1]

If they signed in with LiveJournal OpenID then they could prove they have such an account and my site could do funky LiveJournal specific things… like… read the user’s blog for them… ok, this example is going nowhere.

But! What is your MSN/Live account had an OpenID associated with it? Or Google Account? Or Yahoo Account? All have IMs associated with them. OpenID login could prove ownership of that information.

But…

My user has already logged in with AOL OpenID.

Stupid 1-to-1 data model of User and OpenID. Bah!

Solution: allow Users to have 0+ OpenIDs. Some quick refactoring and you’re done.

Your controller code (the standard Rails solutions for OpenID support use a sessions controller to manage the OpenID provider interactions will now have to do a small amount of extra work.

Small.

Like, you’ll need a table of known OpenIDs and a belongs_to foreign key to the User model/table.

Small.

But perhaps you are already doing this and I’m the only silly sausage around here.

Even if you don’t see the benefit of these use cases – trusting the information from the OpenID profile – here’s a more common use case I think we’ll find:

Users will want to sign-in with whichever OpenID makes them feel the happiest at the time.

I’m feeling some AOL love today, I’ll use http://openid.aol.com/iamawesome

I’ll use iamawesome.myopenid.com here as its got my Age and Country setup already.

And the poor user will instantly get 2 accounts with your application – on top of the account they already had. That’s 3 accounts.

Unless we do the following:

  • Allow “new” OpenID sign-ins to select an existing application User account to connect to – don’t make the poor user feel stupid for using OpenID – help them connect it to their existing information.
  • As above, allow multiple OpenIDs to be connected to each User account

OpenID allows its Providers to return additional information beyond [name, email, etc] [2]. So different OpenID profiles might store different bonus information.

AOL might expose my AOL buddies list.

LiveJournal might expose my LiveJournal buddies.

A user could login to your app with both OpenIDs, connect it to one User account, and re-use all their buddies within your app.

Its awesome, and its the “Social OS” that everyone’s harping on about.

Its the future. And its not Facebook.


[1] [History lesson] Live Journal –
now owned by A List ApartSix Apart – invented OpenID. [/History Lesson]


[2] Through a draft specification
OpenID Attribute Exchange; very nifty indeed as the raw OpenID1.1 spec has very limited profile data sharing. Like none.