“I’ve experienced quite a bit about how open source works. It’s been a wonderful learning experience for me and definitely turned me from someone who thought open source code and developers were somehow not as good as closed source equivalents into a person who knows that the opposite is most definitely the case!”(Mark Little, Red Hat, blog)
Indisputable fact of today’s worlds is an existence of many IT companies that based their success on the Open Source. Talend, Alfresco, Cloudera, Mozilla and last but not least: Red Hat/JBoss (How JBoss did it!) are great examples of that.
The end of 2010 was very intense and interesting for the SMART project. We have attended three big events: Internet Identity Workshop 11, Devoxx and Middleware 2010 Conference. It was a great opportunity to get feedback on our current work as well as hear news from the Internet identity and the developers world.
At the beginning of November we went from windy and rainy Newcastle to Mountain View for the 11-th Internet Identity Workshop (IIW). Even though it takes about 15 hours to get there, we never regret meeting great people and hearing what new things are happening at Facebook, Google, Yahoo and within the whole identity ecosystem. Among many interesting presentations, personally I really liked the Janrain’s talk about social login and sharing for online retailers as well as Google’s presentation of results of their research on OpenID usability. Of course there was Eve Maler presenting User Managed Access. I am very happy that with every next IIW there are more people asking about UMA. We definitely need to speed up with our prototype implementation. Together with Maciej we did a session on our Java implementation of OAuth 2.0 – leeloo library. We discussed how to use leeloo to build OAuth clients, authorization and resource servers. Apart from that, there was a really great discussion with session attendees about good patterns of building OAuth enabled applications.
We hardly had time to rest after IIW because just a week later we went to Antwerp. This Belgium city hosted Devoxx, the biggest in Europe and world’s second conference for Java developers. With more than 100 speakers and 3000 attendees it is great place to discuss technical issues and hear opinions on UMA from the developer community. The SMART project did two presentation describing the UMA flow and showing prototype of UMA/j - a Java framework for building UMA compliant Web applications.
UMA/j framework was also a topic of our paper: Implementation of User-Managed Access Framework for Web 2.0 Applications that has been accepted for the Middleware for Service Oriented Computing (MW4SOC) Workshop at Bangalore, – the Sillicon Valley of India. Bangalore is a really crazy city, completely different from what I’ve seen in US or Europe. I made there a presentation, as well as showed a poster, explaining design and main components of the UMA/j framework. There were many people interested in how UMA tries to solve a problem of authorization and data sharing in the cloud.
We’re looking forward to 2011 when we hope to have at least the same amount of opportunities to present our work, get feedback and learn new things that will be beneficial for our research and the SMART project.
We are pleased to announce the availability of a new OAuth V2.0 library – leeloo. Leeloo allows to easily build all endpoints of the OAuth V2.0 protocol – clients, authorization servers, and resource servers.
- Covers OAuth 2.0 specification draft 10
- Both for OAuth clients and AS/RS
- Lightweight and non intrusive
- Simple and extensible API
- Under heavy development
- High unit tests coverage
Where can I find out more?
All information about leeloo is available at http://leeloo.smartam.net.
We have been using leeloo internally as part of the UMA/j framework that we hope to release very soon. It’s been also included in the smartgallery Web application – UMA-enabled Web app that allows individuals to protect their photos with User-Managed Access.
We are happy to announce that SMART Authorization Manager (SMART AM) is ready for its first public evaluation. It’s exciting to finally get to this step where you can actually show your system to others and gather some useful feedback.
Alan Karp, a great researcher from HP Labs, invited the SMART project team to give two presentations at HP Labs in Palo Alto, CA. We were very excited to talk to some of the most prestigous researchers in the world about UMA and the work we do at Newcastle. The first presentation was particularly interesting and we had a chance to talk to such people as Douglas Crockford (Yahoo!) and Mark S. Miller (Google). It was great and precious to get some feedback, comments and advices from people that have huge impact on the future of IT.
We had the opportunity to talk to researchers with different backgrounds and experience who highlighted different aspects of our User-Managed Access (UMA) implementation and UMA itself.
Maciej Machulak (Newcastle University), Domenico Catalano (Sun Microsystems, Inc.), Eve Maler (PayPal, Inc.) and Prof. Aad van Moorsel (Newcastle University) had a poster at the IEEE Security and Privacy symposium poster session in Oakland, California, USA. Stay tuned, the feedback on User-Managed Access should appear shortly on the UMA WG Mailing List.
At the second day of Internet Identity Workshop X in Mountain View, CA we had a demo our prototype SMART project implementation (first known UMA implementation in Java!) It was quite a challenge for us as we had to explain the motivation behind UMA and describe the main SMART functionality in ONLY 5 minutes. In total, we showed more than ten demos within just one hour! Really exhausting. Our presentation methodology had to be changed, as we typically talk about SMART for two hours or more:). Anyway, it was really good to show people what we’ve done and gather some very useful feedback.
As for the feedback, the main was related to the usability of our system. Before you read further, take a moment to look as some of the screenshots from our presentations (here) and send us some comments! At the time of our demos at IIW, we did not have any fancy CSS applied and the entire interface of the AM did not look very appealing. I hope we can work on that shortly. Hopefully, we should be able to perform some usability studies on the UX of our prototype AM.