|
Grex > Coop11 > #148: Request for ideas and comments: web-party | |
|
| Author |
Message |
| 25 new of 49 responses total. |
remmers
|
|
response 4 of 49:
| 
Dec 17 18:19 UTC 1999 |
Re Java: Party is supposed to be a real-time application (minimal delay
between somebody typing something and having it show up on everybody
else's screen), and it's supposed to update the display incrementally,
i.e. when new text appears, the previous text should just scroll up
without the whole window having to be refreshed. Java is the only thing
I know of that (a) can do that and (b) is widely supported by web
browsers. Is there something else that can?
|
pfv
|
|
response 5 of 49:
|
Dec 17 19:01 UTC 1999 |
I don't know, but I'd love to find out. After all, if we can
suffer animated trash when browsing, there must be a way.
|
richard
|
|
response 6 of 49:
|
Dec 17 22:26 UTC 1999 |
is java what aol uses on its web party interfaces?
|
pfv
|
|
response 7 of 49:
|
Dec 17 22:32 UTC 1999 |
ARGGHHHHH!! "AOL" ACK GAG BLECH HEeeeeelllpp!
|
gypsi
|
|
response 8 of 49:
|
Dec 17 22:48 UTC 1999 |
<laughs> AO-Hell...
|
spooked
|
|
response 9 of 49:
|
Dec 18 02:19 UTC 1999 |
Yeah, as was pointed out to me (and when I started thinking some) programming
web-party in CGI would be too inefficient. CGI works well for backend
database or script type programming, but wouldn't scale well to real-time,
multi-user chat we have in party.
Here's what Jan told me (in an e-mail) a week or so ago on the authentication
issue:
"Authentication is a problem. It should definately
require a Grex login and password. The mechanism used by backtalk and
web-vote may not be usuable. If you implement this with a java ap on the
browser, and a server running on Grex, then the server has to be checking the
authentication (it could furn the pwauth program to do so), which means the
java app must send login and password to it. But even if a user has already
logged into Backtalk, so the browser knows the login and password, the Java
app probably can't get it to send it to the party server. You may need to
have a separate login box for party, which is ugly. Maybe we need to rethink
our way of authenticating web users in hopes of coming up with something that
can be used more flexibly. It would be nice to be able to offer a smoothly
integrated set of web interfaces to Grex."
Jan also said that is was more tempting now to write a client-server version
of the textual party program, to jell in more smoothly.
And, I agree with John, I don't know of any other way to go than Java on the
front-end. Java is widely used for this type of application and many more.
One can be near assured there won't be any serious problems with such an
applet, this one at least, as it'll be thoroughly tested before full-release.
Don't be Java-phobic, that's what I'm trying to be say (: There are many more
eviler evils on the web, many of which you're probably unaware of.
|
spooked
|
|
response 10 of 49:
|
Dec 18 02:34 UTC 1999 |
Yes, there are going to be some non-trivial aspects in this project, including
1) As john points out, Orville write's distinguishing web or tty interface,
and its dialogue with the Java applet
2) The authentication problem (we really do want single-logon)
3) The backend server to client dialogue (there's quite a few `sentences' it
will have to be able to understand and communicate)
I'm sure there's more.. (:
|
mdw
|
|
response 11 of 49:
|
Dec 18 03:38 UTC 1999 |
One word: kerberos
|
remmers
|
|
response 12 of 49:
|
Dec 18 03:59 UTC 1999 |
Interesting word. I assume it relates to the authentication problem.
|
spooked
|
|
response 13 of 49:
|
Dec 18 07:07 UTC 1999 |
Let's just go SESAME (: Okay, so who's going to help me set Kerberos up with
both Backtalk and web-party? By the way, do we have Kerberos source here?
|
gypsi
|
|
response 14 of 49:
|
Dec 18 07:53 UTC 1999 |
<is trying desperately to keep up...really...>
|
spooked
|
|
response 15 of 49:
|
Dec 18 08:35 UTC 1999 |
Kerberos is an authentication framework designed at MIT as part of the Athena
project in the mid-late 80's for networks, providing a single log-on service.
I won't go into the details of the security architecture, but the basic idea
is someone could log on (let's say a university system) in the morning.
He/she would not have to re-enter his/her password and username for every
application/system they use. So, this is good because that person doesn't
have to remember multiple passwords. There are also other advantages. SESAME
is a much more complete security architecture, but used Kerberos as the basis
of its authentication framework. SESAME also has audit and authorization
capabilities within its architecture. SESAME was developed in Europe, and
whilst undoubtedly a better solution, Kerberos gained more popularity because
it was out there first, and also because the standards organizations are
predominantly made up of Americans - the process of standardization is by far
political rather than technical.
Anyways, this is a very brief overview. You don't really want to learn all
about these architecture intracacies, but if you want to know more I can give
you plenty of references.
|
gypsi
|
|
response 16 of 49:
|
Dec 18 16:26 UTC 1999 |
Wow. That was perfect, Mic. Thanks. =)
|
mdw
|
|
response 17 of 49:
|
Dec 19 00:34 UTC 1999 |
I don't think the makeup of the standards organizations has much to do
with what's standardized. HTML was first invented in europe, as was
Pascal.
|
spooked
|
|
response 18 of 49:
|
Dec 19 03:28 UTC 1999 |
It most certainly does, Marcus. I have to disagree with you on that one,
Marcus, for a change, but let's not drift (:
|
mdw
|
|
response 19 of 49:
|
Dec 20 04:58 UTC 1999 |
Perhaps you would care to explain what CCITT stands for?
|
spooked
|
|
response 20 of 49:
|
Dec 20 09:20 UTC 1999 |
CCITT stands for many things, just do a web search.
|
mdw
|
|
response 21 of 49:
|
Dec 20 16:23 UTC 1999 |
Good. Now you are prepared to explain the politics behind X.25.
|
janc
|
|
response 22 of 49:
|
Dec 20 19:57 UTC 1999 |
If either Netscape or IE supported kerberos, then kerberos would be the
perfect solution. Unfortunately, they don't.
Marcus has slipped into quizmaster mode again. I think he does it to
save typing.
|
mdw
|
|
response 23 of 49:
|
Dec 20 20:29 UTC 1999 |
I get accused of awful evil things if I do all the typing.
|
gull
|
|
response 24 of 49:
|
Dec 20 20:40 UTC 1999 |
Is X.25 at all related to AX.25, or is it just an accident of nomenclature?
|
pfv
|
|
response 25 of 49:
|
Dec 20 21:01 UTC 1999 |
"keatings of text"
Janc? Why can't a web-party use the same methods as BackTalk?
(I still have to wonder where the session-ID stuff is sent
back and stored)
|
mdw
|
|
response 26 of 49:
|
Dec 21 03:16 UTC 1999 |
AX.25 is indeed related. X.25 predates AX.25, and is, um, somewhat
different.
|
remmers
|
|
response 27 of 49:
|
Dec 21 11:51 UTC 1999 |
There exist Java telnet applets, maybe even free ones. Would it be
feasible to hack one those so that a user who logs in through it
doesn't go into the telnet queue and would be put in a special shell
rather than their normal shell? The special shell could be a
restricted version of party that doesn't allow shell escapes. This
would be a quick and dirty way of providing web-based party that
wouldn't require an elaborate "party server" to be written.
|
other
|
|
response 28 of 49:
|
Dec 22 00:41 UTC 1999 |
that sounds cool. what would be the webserver configuration impact of that,
beyond what is now configured?
|