This issue of XML Daily Newslink is sponsored by:
IBM Corporation http://www.ibm.com
- First Public Working Draft: Geolocation API Specification
- Shibboleth Identity Provider (IdP) Version 2.1.2
- Access Control Lists: Proposal for Access Control Lists in CMIS
- XForms for HTML: First Public Working Draft
- XForms, a Pause for Reflection
- First Look: MySQL 5.1 Open Source Database
- Entities and Streaming Processing
First Public Working Draft: Geolocation API Specification
Andrei Popescu (ed), W3C Technical Report
W3C announced that the Geolocation Working Group has published the First Public Working Draft for the "Geolocation API Specification." This specification defines an API that provides scripted access to geographical location information associated with the hosting device. The API defines a high-level interface to location information associated with the hosting device, such as latitude and longitude. The API itself is agnostic of the underlying location information sources. Common sources of location information include Global Positioning System (GPS) and location inferred from network signals such as IP address, RFID, WiFi and Bluetooth MAC addresses, and GSM/CDMA cell IDs. The API is designed to enable both "one-shot" position requests and repeated position updates, as well as the ability to explicitly query the cached positions. Location information is represented by latitude and longitude coordinates. The Geolocation API in this specification builds upon earlier work in the industry. The W3C Geolocation Working Group was chartered to develop one or more Recommendation Track documents that define interfaces for making geolocation information accessible within the User-Agent. Its objective is to enable Web access to the user's location information via a standardized interface or interfaces. The interface should be usable regardless of the source of location information, and should be consistent across location technologies. The interface may be specified in a language independent manner, the Recommendation will include a normative ECMAScript form. The number of Web enabled devices that are location-aware has increased markedly as of late. These devices are very common and include mobile phones with cell triangulation or Global Positioning System (GPS) capabilities, laptops with Wi-Fi triangulation capabilities and GPS receivers. The Geolocation WG was created in response to requests from the community for W3C to develop a standardized, secure and privacy-sensitive interface so that Web applications may gain access to location information.
Shibboleth Identity Provider (IdP) Version 2.1.2
Chad La Joie, Software Announcement
Shibboleth developers have announced the release of Shibboleth IdP version 2.1.2, available from the Internet2 web site. Shibboleth Single Sign-on and Federating Software was developed specifically to address the challenges of multiple passwords required for multiple applications. There are two primary parts to the Shibboleth system: (1) Identity Provider: the software run by an organization with users wishing to access a restricted service; (2) Service Provider: the software run by the provider managing the restricted service. The main focus of the Version 2.1.2 release is to greatly improve the memory usage of the IdP. Most sites should see somewhere between a 60-70% decrease in the amount of memory used by the IdP when sitting idle. There should also be a small decrease of the amount memory consumed per user session, but it's likely to be unnoticeable unless you're paying very close attention. Additionally this release has a couple minor bug fixes and a helper JSP has been added to the IdP will serve up its metadata if you make a request to its entity ID—assuming the entityID created by the installer is used and the default Servlet context name is used per the installation instructions. Background: "More and more, universities, companies and government agencies offer services and collaborate online. Users typically access both online resources inside and outside their organizations to do their work. In the past, each of these services required its own ID and password and, for the user, that meant adding another set of credentials to that collection of sticky notes. For the institution, closing the security holes and just keeping up with the access changes for the services on and off campus was quite a challenge... The Shibboleth System is a standards based, open source software package for web single sign-on across or within organizational boundaries. It allows sites to make informed authorization decisions for individual access of protected online resources in a privacy-preserving manner. The Shibboleth software implements widely used federated identity standards, principally OASIS' Security Assertion Markup Language (SAML), to provide a federated single sign-on and attribute exchange framework. Shibboleth also provides extended privacy functionality allowing the browser user and their home site to control the attributes released to each application. Using Shibboleth-enabled access simplifies management of identity and permissions for organizations supporting users and applications. Shibboleth is developed in an open and participatory environment, is freely available, and is released under the Apache Software License."
See also: Shibboleth Identity Provider (IdP) uses
Access Control Lists: Proposal for Access Control Lists in CMIS
Paul Goetz, Contribution to OASIS Content Management Interoperability Services (CMIS) TC
An initial first proposal draft document on CMIS ACLs has been prepared by Paul Goetz (SAP AG) and contributed to the OASIS TC. Its sole purpose is to clarify the wording and outlines the assumptions which are relevant when dealing with ACLs in CMIS. Excerpt: "This draft proposes a specification for policies affecting the object, navigation, versioning, multifiling and discovery services. The repository, relationship and policy services are out-of-scope for this proposal... The CMIS specification defines a generic policy model. This proposal is about Access Control Lists (ACLs) as a specific subset of the policy model. Other options to support ACLs with CMIS are briefly discussed as well... The CMIS 0.5 specification draft introduces a concept of policy objects as part of the specification. The purpose of policies is to restrict access to certain methods of an object to a subset of principals. Policies like other primary entities of the CMIS specification are typed, have an id and have properties. A policy is created using the createPolicy method of the Object Service. Input of this method is a description of the policy (name, type, properties, etc.), output is an ID of the created policy instance. Providing this ID, a policy can be applied to a controllable object (applyPolicy), removed (removePolicy), or retrieved from an object (getAppliedPolicies) via the Policy Service. A controllable object can have zero or more policies applied. Not having a policy applied means that there exist no restrictions in accessing the object... We tried to classify applications and their security requirements in three kinds of scenarios: (1) Collaborative applications, like Collaborative Content Creation, Portals, Mashups, where an end user decides about the permissions to be applied to the documents at runtime; (2) Background tasks, like an archiving application, where a developer has to specify the permissions to be applied at designtime; (3) Business applications, like attaching the scanned images of an invoice to the ERP data, will require application specific security... The requirement is as follows: A developer should be able to work with permissions for CMIS objects in an interoperable manner at designtime—without needing to know what the concrete repository will be at runtime. ACLs imply at least a basic semantic for a policy in terms of 'who is allowed to do what' -- in the scenarios [formulated above] the who is known by the application, so this proposal will focus on the what (the permissions)..."
See also: CMIS general references
XForms for HTML: First Public Working Draft
John M. Boyer (ed), W3C Technical Report
Members of the W3C Forms Working Group have published the First Public Working Draft for "XForms for HTML". Summary: "XForms for HTML provides a set of attributes and script methods that can be used by the tags or elements of an HTML or XHTML web page to simplify the integration of data-intensive interactive processing capabilities from XForms. The semantics of the attributes are mapped to the rich XForms model-view-controller-connector architecture, thereby allowing web application authors a smoother, selective migration path to the higher-order behaviors available from the full element markup available in modules of XForms." Detail: "This document describes XForms for HTML, which provides a set of attributes and script methods encompassing a useful subset of XForms functionality and mapping that functionality to syntactic constructs that are familiar to authors of HTML and XHTML web pages. The intent of this module is to simplify the means by which web page authors gain access to the rich functionality available from the hybrid execution model of XForms, which combines declarative constructs with event-driven imperative processing. These attributes and script methods increase the initial consumability of XForms by allowing injection of rich semantics directly into the host language markup. In turn, the behaviors of the attributes and script methods are mapped to the XForms model-view-controller-connector architecture so that applications manifest behaviors consistent with having used XForms markup elements. This allows authors to gradually address greater application complexity as it arises in the software lifecycle by opportunistically, i.e., as the need arises, switching from the attributes and script methods of this specification to the corresponding XForms markup elements. This gradual adoption strategy is being further supported by the modularization of XForms into components that can be consumed incrementally by authors and implementers. The XForms for HTML attributes are offered to HTML and XHTML web pages as a set of local attributes. Other consuming host language markup languages may adopt these attributes as global attributes in the XForms namespace...
See also: the W3C Forms Working Group
XForms, a Pause for Reflection
Philip Fennell, O'Reilly Technical
"Whilst debugging an XForms enabled application with a combination of the Mozilla XForms, XForms Buddy and Firebug plug-ins I noticed something rather unusual. GET requests against an empty 'xf:instance' were generating URIs with many parameters, which is rather odd when you consider the actual request URI specified for the 'xf:submission' element had no parameters at all... You can set-up data bindings to the host document that enable you to access information that would otherwise be unavailable to XForms. One example might be that you have generic form components that are included, server-side, into the application but require context information. You could have applied server-side transforms to contextualize the forms or alternatively, you could keep the XForms untouched and use Reflection to access the context information from the host document. This is, on the face of it, just like XSLT's ability to access the current style sheet by calling the document('') function with an empty string as its argument... There is an article that covers "XSLT Reflection" by Jirka Kosek. However, unlike XSLT, this behaviour in XForms is not part of the W3C XForms 1.0 recommendation, or for that matter the forth-coming recomendation for XForms 1.1. I've not been able to recreate this behaviour on other XForms implementations (I've not tried them all yet), but that's not surprising really when you consider it is a non-standard feature. As a means of accessing the host document, it is not ideal either. If it were to become a feature of XForms, then access to the host document should be via a specific function call. All that said, I must admit I did get rather excited at the prospect of reflective programming with XForms but there is more work to be done before that becomes a reality."
See also: XML and Forms
First Look: MySQL 5.1 Open Source Database
Will Kraft, Application Development Trends
"MySQL 5.1 was released by Sun Microsystems in April, but I decided to test it out this month. I downloaded the Windows version of this open source database management app and gave it a spin. The setup script added the MySQL server component with minimal interaction on my part. A wizard helped me perform the initial configuration and define a root password. After that, MySQL was fully functional and I was able to get to work right away. I tested MySQL with a GUI frontend. Database operations were very fast during my test run, even with my larger databases. I did not encounter any bugs or problems during the tests. I was extremely impressed with how easy it was to deploy MySQL 5.1 on a Windows system. In contrast, installation on other platforms (such as Linux) has typically been much more difficult... By default, MySQL 5.1 uses a command line environment for running SQL statements. SQL code must by typed directly into the terminal by the user. When SELECT and SHOW queries are executed on the command line, the data are presented in a nice tabular format. However, distortion can occur if your terminal window is not wide enough. It can cause the text to wrap to the next line. Expert users may prefer the command line. Other users may wish to install a front-end, such as phpMyAdmin or HeidiSQL, which can make working with databases and tables easier. MySQL has powerful server-side and clustering functionality. However, it is also very useful on the client side for smaller applications, especially when combined with a GUI front-end. MySQL 5.1 is definitely worth a try, with its many new features listed here. The database app works with Windows x64, Mac OS X and various forms of Linux and UNIX OSes..."
See also: the MySQL Download page
Entities and Streaming Processing
Rick Jelliffe, O'Reilly Technical
It occurs to me that I don't think I have seen any description on the web of how XML entities/inclusions can increase the power of streaming processing. It was common knowledge in the old SGML days, when documents were often (indeed typically) greater in size than physical or virtual RAM, but I think may be under appreciated now. I say entities, but it could also be XML fragments referenced with XInclude elements and an XInclude-enabled XML processor. Streaming processing uses technology like SAX, where the document to be processed is presented as a stream of events of some kind, and at any one stage only the minimum data is kept in memory. There are also several streaming technologies available, such as STX (a streaming version of XSLT with a non-random-access dialect of XPath but which allow users arbitrary data to be retained) and XStream (a term-rewriting language that automatically only keeps the minimal amount of data needed to complete the calculation. Honourable mention should go to the OmniMark language, which was streaming but had a two-pass technology (I expect it is out of patent now) called referents: you could divert output to a referent, add references to that referent anywhere (earlier or later than when the referent value was created): the processor had a built-in second pass on the intermediate data which would insert the value of the referents. This was implemented as co-routines (which have made a comeback in Lua) to minimize memory requirements... When streaming processing, it is possible to process a document in parallel, and produce two or more output entities, with one including an entity reference to the other. Doing this shuffles the work of combining the fragments to the XML processor. This technique is useful when you know that you need some data in a certain place at the time at least by its first occurrence, so that it can be harvested. In other words, it is not useful for when you have to make decisions in one place about data in another place.
XML Daily Newslink and Cover Pages sponsored by:
|Sun Microsystems, Inc.||http://sun.com|
XML Daily Newslink: http://xml.coverpages.org/newsletter.html
Newsletter Archive: http://xml.coverpages.org/newsletterArchive.html
Newsletter subscribe: firstname.lastname@example.org
Newsletter unsubscribe: email@example.com
Newsletter help: firstname.lastname@example.org
Cover Pages: http://xml.coverpages.org/