How to Create an XML AJAX App with Open Standards

Data Integration & User Interaction with Open Standards

Open Standards and the W3C

On November 12, 1990 Sir Tim Berners-Lee @timberners_lee submitted a paper that would change the world, this paper was the WorldWideWeb: Proposal for a HyperText Project.  Sir Tim Berners-Lee leads the World Wide Web Consortium (W3C).  The W3C is an international community where Member organizations, a full-time staff, and the public work together to develop Web standards. Led by Web inventor Tim Berners-Lee and CEO Jeffrey Jaffe, W3C’s mission is to lead the Web to its full potential.  The W3C is having it’s very first Developer’s Conference (Free Streaming Video Available)  #W3Conf @w3cConf on November 15 – 16, 2011, “W3Conf Developer Conference“.

Data and Services Integration

Integration of heterogeneous data and services has always been a concern for creators and managers of services. With the emergence of the Web, the need for reusing data and services became even stronger, as the number of available services raised.

Cloud-based services are also created using different paradigms and present the same challenges as the ones found in Enterprise Services, or on the Open Web, and the opportunity to create mashups of services using different models.

There is currently extensive deployment experience with Web Services; the Semantic Web is more mature; and the XML Stack has become ubiquitous. The increasing use of JSON-based services and Cloud-based computing combined with experience and maturity of the XML-based services and of the Semantic Web technologies suggests that now is a good time to find ways to bridge and combine these various technologies to make a coherent platform for future business and technical work.  Additional information, reports, and presentations are available from this W3C Workshop.

A paper submitted by IBM to the W3C Data & Services Workshop describes the challenges of multiple data formats and possible solutions for loosely structured data, “Experiences with JSON and XML Transformations“.  This paper explains common problems developers and web service providers face when trying to develop a common interface.  The presenters identified many real-world key problems that left me wondering about a different solution that I hope others elaborate on here.

Web 2.0 App Model with XML AJAX API

Modern Web 2.0 Apps use Asynchronous JavaScript and XML (AJAX) to create dynamic interactive displays with data.  Many AJAX apps use JSON instead of XML.

What if they used Standard XML leveraging XPATH with cross-platform and language-independent DOM?  This approach could let us use object-oriented programming to work with object-oriented data.

The Data

The problem with loosely structured data is identifying target areas. This simple example of a book collection does not have unique identifiers in the data elements. Unique identifiers in the data elements would allow us to use standard methods to work with targeted areas.



Top Shelf Book Store

  Everyday Italian
  Giada De Laurentiis
  2005
  30.00



  Harry Potter
  J K. Rowling
  2005
  29.99



  XQuery Kick Start
  James McGovern
  Per Bothner
  Kurt Cagle
  James Linn
  Vaidyanathan Nagarajan
  2003
  49.99



  Learning XML
  Erik T. Ray
  2003
  39.95


 

The Data with NoDeCode Identifiers

This simple example of a book collection has unique identifiers in the data elements. The “XQuery Kick Start” book element now has a unique id, it’s author elements all have unique ids, along with every element in our XML data. Unique identifiers in the data elements allow us to use standard methods to work with targeted areas. No DeCode between JSON and XML is necessary with NoDeCode identifiers.



Top Shelf Book Store

  Everyday Italian
  Giada De Laurentiis
  2005
  30.00



  Harry Potter
  J K. Rowling
  2005
  29.99



  XQuery Kick Start
  James McGovern
  Per Bothner
  Kurt Cagle
  James Linn
  Vaidyanathan Nagarajan
  2003
  49.99



  Learning XML
  Erik T. Ray
  2003
  39.95

The NoDeCode identifiers are added as attributes to the XML DOM object with a few simple lines of code.

//Add nodecode for indexing elements
xmlUtil.prototype.addNodeCode = function(xmlNode){
	for (var i = 0; i < xmlNode.childNodes.length; i++) {//each child node
		if (xmlNode.childNodes[i].nodeType == 1) {//no white spaces
			//add nodecode attribute
			xmlNode.childNodes[i].setAttribute("id", this.getNodeCode());
			//http://www.w3.org/TR/xml-id/
			//setIdAttribute is not supported in common web browsers
			//xmlNode.childNodes[i].setIdAttribute("id", true);
		}
		//recursive to child of children
		this.addNodeCode(xmlNode.childNodes[i]);
	}
}

Simple AJAX Interfaces for Targeted XML DOM Objects

The NoDeCode supports connecting standard user interfaces to targeted data areas in the XML DOM Object supported by standard XPATH methods.  It is important to note that no round trips to the server are taking place at this time.  All the user interactions are taking place in the XML Object on the client.  The data can be manipulated and modified on the client, then the data object can be transformed into a string and posted to the server using standard HTTP protocol.

A screenshot of a simple delete books user interface

NoDeCode has been tested in the following web browsers:

  • Firefox 7
  • Google Chrome 15
  • Internet Explorer 8

NoDeCode Supports:

  • Standard HTTP protocol to get XML string
  • Method to convert XML string to XML object
  • Method to convert XML object to XML string
  • Methods/Properties to target loosely structured XML
  • Methods to connect User Interfaces to XML objects

The NoDeCode AJAX XML XPATH DOM Model demonstrates how to extend existing web browser objects and methods for custom needs.  It also shows how to use Object-Oriented JavaScript programming to create custom objects that can easily be extended to include new methods and properties.  NoDeCode contains many resources in it’s source code and was written in a single HTML page to support fast modifications and quick testing.  The source code along with a sample XML file can be downloaded here, NoDeCode.zip

Please feel free to share your thoughts and comments here.

Social Media Matters: Blogs, Facebook, & Twitter

Blogs, Facebook, & Twitter

A Social Media Strategy Story

A few weeks ago, I met with some people from a local organization to discuss how to use the web and social media to share some of their stories.  The goal of phase 1 was to connect with others and obtain good placement in search engine results from Google, Bing, and Yahoo.  Here is the situation:

  • Little Time
  • No Money
  • Minimal Tech Skills

A quick analysis of the situation lead us to Google Blogger, Facebook, Twitter, and the creation of Children of Humble School Africa Blog.  Most of the people in the organization were already familiar with these Social Networking Services.  These Social Media tools are free and can be activated in minutes.  These tools don’t require a Computer Science degree to use, in fact they are simple enough to be used by a child, grandparent, or anyone in-between.

Social Media Gets Results

Using Social Media to share stories and connect with others has a positive effect in top search engines.  Here are the results after 14 days.

Google: Search Engine results for our site after 14 days was top four results out of 13.2 Million.

 

Google: Search Engine results for our site after 14 days was the top result out of 29.2 Million.

 

Bing: Search Engine results for our site after 14 days was two of the top four results out of 4.2 Million.

 

Yahoo: Search Engine results for our site after 14 days was two of the top four results out of 4.3 Million.

 

Social Media for Small Businesses & Non-Profits

The Social Business of Web 2.0

Once upon a time, the power to reach out and connect with others beyond your local community was reserved an exclusive group of people.  Social Media extends this ability to all people and bursts open the door of new opportunities.

Google Blogger

I was not as familiar with Google Blogger compared to other types of Social Media tools, but was pleasantly surprised at how easy it was to get started.  The ability to integrate other social media is also very simple.

Blogger is a web-based tool that helps you publish to the web instantly – whenever the urge strikes. It’s the leading tool in the rapidly growing area of web publishing known as weblogs, or “blogs.”  Google Blogger gives you a way to automate (and greatly accelerate) the blog publishing process without writing any code or worrying about installing any sort of server software or scripts. And yet, it still gives you total control over the look and location of your blog.  Details on how to get started are available in this video.

Web Gadgets, Widgets, & Apps

There are countless gadgets, widgets, and apps to support social media integration.  Some of these for Facebook, Twitter, LinkedIn, and other Social Networks can be found in these collections, “25 Great Blogger Widgets“, “Google Gadgets Directory, Collection of Google Blogger Plugins, and people can easily create their custom social gadgets with the Google Blogger API.

Mobile Device Support

The ability to support displaying your content in “app-like” format on multiple mobile devices at the flip of a switch is one of the main strengths of this free service.

Photo Walls

You can also add interactive photo walls to your blog, created with pictures from Facebook, Picasa, Flickr, YouTube, and RSS.  You can share these photo walls on web sites, blogs, Facebook, Twitter, Blogger, WordPress, and more.  You can create and share amazing photo walls for your web sites and blogs using Cooliris.

Social Media Engagement

The Children of Humble School Africa Blog with Social Media integration is just a tiny example of the real possibilities.  There are many great people that share helpful tips about how small businesses and non-profits can leverage the power of social media. Some of these very talented people include:

[twitterusers @goodlaura @scedmonds @JessicaNorthey @Philanthropy @kanter @rosettathurman @briansolis @2morrowknight @chrisbrogan]

 

Social Business Relationships in Enterprise 2.0

Social Business Strategy & Trends

The SOA Social Graph Love Affair

Saint Valentine’s Day is quickly approaching and it has me thinking more about relationships.  Psychology Today published an interesting article on learning what you need to know to make your relationship last.  A relationship can be defined as an association between two or more people that may range from fleeting to enduring. This association may be based on limerence, love, solidarity, regular business interactions, or some other type of social commitment. Interpersonal relationships are formed in the context of social, cultural and other influences. The context can vary from family or kinship relations, friendship, marriage, relations with associates, work, clubs, neighborhoods, and places of worship. They may be regulated by law, custom, or mutual agreement, and are the basis of social groups and society as a whole.  This article will focus on relationships in Enterprise 2.0 Strategy and the Service-Oriented Architecture (SOA) Social Graph love affair.  The content of the article will include Social Business trends & predictions, Web 2.0 Technologies, and resources to help users integrate systems through Service-Oriented Architecture (SOA) to support relationships between people and data fueling the Social Graph providing context to information for the Enterprise.  This relates to a previous article: Enterprise 2.0 Cloud Computing & Service Oriented Architecture (SOA).

Social Business Forecast: 2011 The Year of Integration

Industry analyst that specializes on customer strategy and  Altimeter Group partner Jeremiah Owyang ( @jowyang ) shares survey information and great insights in this presentation.

Social Business Integration with SOA & WOA

The use of Service-Oriented Architecture leveraging Web-Oriented Architecture (WOA) in Enterprise 2.0 can ease the pain of integration and centralize information management.  This strategy provides the flexibility of sharing information in the proper context while supporting the Social Graph.  Context can be provided by including simple markup in existing solutions.  This markup includes FOAFXFN, and Microformats for events & profiles.  The internet provides many great examples of Web 2.0 Technology integrating SOA and WOA.  Gravatar and DISQUS are two quick examples.  Gravatar provides people a Globally Recognized Avatar that software developers can include through a very simple Application Programming Interface (API) supported by WOA.  DISQUS is a comments platform that helps you build an active community from your website’s audience. It has awesome features, powerful tools, and it’s easy to install.  A solid Enterprise 2.0 Strategy includes much more that providing collaboration tools to employees and includes supporting relationships between everyone and everything connected to the Business.

Social Graph Based Business Models

The audio in this video is low, but there are many great topics covered here.  These topics include “The Super Connector”, “Activity Streams”, “Network Effects”, “Social Graph”, “Facebook”, “Micro Transactions”, and more.  This Social Graph Based Business Models video can be viewed here.

Introduction to the Social Graph API

Google engineer Brad Fitzpatrick gives an introduction to the Social Graph API. The Social Graph API makes information about the public connections between people more easily available. Developers can query this public information to offer their users dramatically streamlined “add friends” functionality and other useful features.  A quick overview of the Social Graph API is available in this video.


Supporting the Social Graph with SocialSite

Understand the importance of Social Networking features in Web applications. Learn about the new OpenSocial standard for plugging into Social Networks. See how Project SocialSite’s Web Services and Widgets make it easy to make your Web Applications social.  Learn more here.

Google’s OpenSocial

Applications that use the OpenSocial APIs can be embedded within a social network itself, or access a site’s social data from anywhere on the internet or intranet.  Learn more here.

Picture 20

Enterprise OpenSocial Whitepaper: Enterprises are collections of people, and thus inherently social. Employees of any organization benefit from social connections, group affiliations and relationships both within their own business and between other businesses. As a result, social networking capabilities have become increasingly popular in business-to-consumer, business-to-business, and internal enterprise collaboration applications. New technologies and standards such as Web 2.0 and OpenSocial [1] are helping software providers better model relationships between people, allowing end-users to benefit from such relationships in day-to-day business processes within their own enterprise, and across business networks. Google’s Enterprise OpenSocial Whitepaper is available here.

Web 2.0 and the Enterprise: A Symbiotic Relationship

Time shifting & place shifting We then discovered that the same type of time shifting happening among consumers was taking place in the workplace too. People were switching between tasks, collaborating and consuming media in completely new ways. Lean more here.

Happy Fav Five Friday!

Fav 5 Places

The Architecture of SocialSite

A quick presentation on the architecture of SocialSite, Sun’s implementation of a OpenSocial compliant Social Networking site using Shindig.  Learn more about SocialSite architecture here. (SocialSite is a Glassfish project now known as “SocialFish“)

Enterprise 2.0 Activity Streams

Activity streams will continue to be a much hyped capability within social platforms. However resulting “stream glut”, interoperability, and security-related issues will threaten benefits unless better user experience design, filtering, standardization, permission models, and back-end analytics are applied. Learn more here.

Social Media is from Mars, Enterprise 2.0 is from Venus

Focus on creating and maintaining genuine relationships with customers.  Learn more here.

The relationship between Enterprise 2.0 and Web 2.0

A topic that is closely related to Enterprise 2.0 is Web 2.0. It is important to note, however, that the concepts are not one and the same, but rather they are two individual areas that are built on top of similar foundations. The term Web 2.0 describes the shift in focus from static and singular media to dynamic, interactive community-oriented social media. Learn more here.

Web 3.0 and Social Business: 2011 Predictions & Recommendations

2011 will mark a turning point in the adoption of digital social technologies because the experimentation phase is drawing to a close, and stakeholder expectations are increasing. Organizations and people will no longer gain attention by executing badly. At the enterprise level, participation will wane in venues and initiatives that have no business strategy, focus, content strategy and commitment.  Learn more here.

Summary

The future of intranets and the internet is all about context, integration, app stores, apps, mashups, widgets, gadgets, and filters.  Integrating Web-Oriented Architecture (WOA) in Enterprise 2.0 supporting Service-Oriented Architecture (SOA) will improve Business success.

Enterprise 2.0 App Stores: When Good Web 2.0 Apps Go Bad

Custom Dashboards in the Enterprise & Web 2.0 Apps

There’s an app for that!

The success of Apple’s iPhone App Store, Mac apps, and Google’s Marketplace all play a part in driving the trend of Enterprise 2.0 App Stores in business organizations of all sizes.  The idea of providing a solution with “There’s an app for that!” will be common place in the near future.  The App Store market will get very interesting when organizations and Government Agencies harness the true power of Service Oriented Architecture (SOA) & Cloud Computing.  This trend will help fuel the Federated System.  More information about Enterprise 2.0 App Store Architecture can be found here The 80-20 Rule for Web 2.0 Architecture in the Enterprise.

Where Do Apps Come From?

Custom Enterprise 2.0 Dashboards can include apps, widgets, and gadgets that include resources that are internal, external, and a combination of both.

  1. Internal Resources: Apps and their data that are hosted and maintained within the organization. The risk level is low.
  2. Internal and External Resources: There are usually internally created apps that use external data. The risk level is medium.
  3. External Resources: Apps that are hosted by third parties.  The trust relationship is complex and the risk level usually remains high.

How Are Apps Delivered?

Apps are added to devices and dashboards in multiple ways. App code and private data should reside in the client, but this is rarely the case.  Web 2.0 Apps are usually added to Enterprise 2.0 Dashboards by using the following technologies and methods.

What Are Application Security Risks?

Attackers can potentially use many different paths through your application to do harm to your business or organization. Each of these paths represents a risk that may, or may not, be serious enough to warrant attention.  The top 10 application security risks of 2010 can be reviewed on the Open Web Application Security Project (OWASP) web site here.  Additional Web Security information is available from the Open Ajax alliance at Ajax and Mashup Security.  The main rule of thumb is, “Never trust external data”.  Using a Proxy Server to fetch external data can help support the additional security requirements.  A proxy server is also helpful in capturing metrics of external resource usage.  The proxy server can integrated like an Enterprise Service Bus (ESB) to support the complex structure of Enterprise 2.0 App Stores.

What Happens When Good Web 2.0 Apps Go Bad?

How to Detect a Key Logger on Your System

Most people in the Web 2.0 World are familiar with the acronym WYSIWYG, “What You See is What You Get”.  This new acronym WYRIWYR, “What You Requested is What You Received” will be covered here.  The consumer and the producer should be focused on WYRIWYR.  Producers need to trust the consumer’s identity and consumers need to feel secure.

Data can be tampered with on either end and while in transit.

The Open Source Software Community frequently uses checksum to protect software integrity. This same strategy can be used to protect consumers from malicious apps and widgets.  This simplified example will use MD5 in PHP to check the integerity of the app, but MD5 should not be used for sensitive data like passwords in a production environment.  US-CERT of the U. S. Department of Homeland Security said MD5 “should be considered cryptographically broken and unsuitable for further use,” and most U.S. government applications will be required to move to the SHA-2 family of hash functions after 2010.

Simple App

Here is a very simple app that could be part of a custom Enterprise 2.0 Dashboard. The App is reviewed and approved. The reviewer signs the app (creates app MD5 Hash: c15a7308d89afe9218a1b0f60a37f8ad) so changes can be detected when it comes back through the proxy server.





World's Best Web 2.0 Widget

Simple App in Proxy Server before Dashboard Display
Deliver app if new hash and signature match. Disable app and notify Admin if something does not look right.

$app = <<



World's Best Web 2.0 Widget

END; if (md5($app) == 'c15a7308d89afe9218a1b0f60a37f8ad'){ deliverApp($app); //Signature & Hash matched! App Delivered. } else{ disableApp($appId); alertAdmin($message); }

The Simple App with Key Logger Script Injected

$app = <<




World's Best Web 2.0 Widget

END; if (md5($app) == 'c15a7308d89afe9218a1b0f60a37f8ad'){ deliverApp($app); } else{ disableApp($appId); alertAdmin($message); //Signature & Hash do not match App not delivered. //App disabled and Admin notified. }

Happy Fav Five Friday!

Fav 5 Places

  1. Google Gadgets For Your Webpage
  2. ‘App store’ makes service orientation real for the business
  3. Global CIO: The Case For Copying Apple’s App Store
  4. Nexuo Enterprise Platform
  5. Enterprise Irregulars: Designing User Experience

The people from Open Social provides a great Introduction To Signed Requests

OpenSocial API provides a method to communicate OpenSocial ID numbers back to your server in a secure way, allowing for the construction of robust web service backed OpenSocial applications, using a portion of the OAuth authorization protocol.  This article will explain the method to make such secure requests from your OpenSocial applications, as well as the server-side process that you need to follow in order to verify that the data passed has not been tampered with.   Learn more here.