I took delivery of an iPod Touch recently, paid my dues to Apple and downloaded the iPhone/iPod SDK. Then I went over to The Pragmatic Bookshelf and got a few screencasts of Objective-C, Xcode and iPhone development. By the end of the day I’d learnt Objective-C and knocked up i-aws:

I’ve been using VMware Fusion for ADSI development lately and it’s such a beautiful product. I’m running Windows XP Professional with Visual Studio, MSDN and ToirtoiseSVN for that full on Windows development experience. If you open Visual Studio in the virtual machine and choose Unity, it runs it on the Mac’s Desktop:

What a blast from the past. That’s the trouble with going back to something you haven’t done in years, in this case COM programming and exporting functions from DLLs in particular. You hit problems you solved a long time ago and have to dredge up the answer again. I want to keep the COM stuff out of the way so I’ve bunged it in a DLL and exported a function:

extern "C" GADFLY_API bool CreateUser(LPSTR, LPSTR); (more...)

My poor head. The day before yesterday it was Java. Yesterday it was Java and C++. Today it’s C++, Java and Ruby! But today’s language soup is down to SOAP and its evil sidekick WSDL. It’s great when it works. You can just run Axis2 over the WSDL to generate your beans and off you go but today I have a major headache with the library system at $WORK. I’m looking into plumbing it in to the account creation system and it has a nice SOAP interface, which doesn’t conform to WS-I. It uses RPC/Encoded. That’s ok as Axis2 supports it now but the WSDL itself is “broken”:

[java] Caused by: org.apache.axis2.AxisFault: Part 'fault' of fault message
'{http://webapps.iii.com/wsclient/patronio}PatronIOFault'
must be defined with 'element=QName' and not 'type=QName' (more...)

Well here I am, back in my Alma Mater, Windows, working on user account creation for Active Directory. The project I’ve called GADfly (Groupwise Active Directory on the fly). GADfly requires developing on Windows. Well it does and it doesn’t. I’ve already written a couple of Java creators to compare direct LDAPS and TLS which can run from any OS but I’ll need to create home directories and assign correct permissions, which requires ADSI, which is C++ and COM, which is Windows only. (more…)

FAM#2 project is nearing completion, so I thought I’d bung up a couple of piccies to illustrate the state of play. The difference between Athens and the fed is that OpenAthens hides the resources behind one “super-SP”, with one providerId, so it’s impossible to track resource usage from the IdP. In effect, OpenAthens is a mini federation, with the SP as the gateway to the UK Federation’s IdPs.

Brilliant talk. Long but worth it and the way it’s filmed means you can actually see the slides and feel like you’re in the room.

original ref.

Back when it was first touted as the next generation access management paradigm, Shibboleth was hailed as the hero that would free electronic resource providers and consumers from the shackles of local account administration. One username/password would get you into all resources to which an institution subscribed. Turns out, the shackles were indeed removed from the suppliers but were then divvied up and redistributed among the suppliers and subscribing institutions. How can this be? A Shibboleth enabled supplier just consumes attributes and opens its digital doors in accordance with the values of those attributes. Therein lies the problem though. Most suppliers in the UK Federation just want eduPersonTargetedID (ePTID) for personalisation and maybe eduPersonScopedAffiliation or eduPersonAffiliation. They assume the Identity Provider (IdP) is working on behalf of one institution. So if you assert ePTID you get access to the resources. But what if the IdP is working on behalf of a federation of institutions? and the supplier has all the resources lumped into one access bundle? It can take up to 6 months to partition those resources based on attribute names/values. (more…)

oops, gotta rollback that commit! (more…)

With all the talk of Sakai3 (3akai) having a widgetable backend, I thought I’d have a look at Firefox extensions. As always, the best way to learn is to do, so I came up with fello. A Firefox Hello World Extension, which you can download from my github here. (more…)