|
Grex > Coop11 > #148: Request for ideas and comments: web-party | |
|
| Author |
Message |
spooked
|
|
Request for ideas and comments: web-party
| 
Dec 17 14:56 UTC 1999 |
I have to undertake an honours level project for my Bachelor of Information
Technology (Honours) degree award next year. In preliminary discussions with
fellow Grex staffers, I suggested (and it was agreed) that a web-interface
to the popular textual version of party be designed and coded. Alongwith a
window where one could send 'tel'-like messages to fellow Grexers, this would
give Grex a neat web interface to the conferences through Backtalk, and party
through web-party (though we will think of a cooler name for this), and a
small window for 'tel'-like messages, and ideally with only one login
authentication needed (i.e. you wouldn't have to log in using username and
password to Backtalk and then again to web-party). What I now need is
discussion from the greater Grex community. This project will be demanding
(the authentication problem alone is going to be very thronny), so I don't
want anyone expecting web-party in the next few months. It will evolve, like
all projects. I would first hope for lots of discussion on the interface
Grexers desire. Then I could mock up some prototype 'dumb'(meaning
non-interactive) interface designs to see if you like them. In the meantime,
I also have to think (in the background) about the client-server protocol.
For the technical minded, this is looking like a project where I have to go
client-server, probably using a Java applet on the frontend, and a C program
(or more likely set of C programs) for the server (backend) role.
Thanks for your help. Despite what some people might think, I'm not all that
experienced a programmer, and this project will be exceptionally chanllenging
for me, but for Grex (which I love with a passion) I'm willing to lose some
more hair (afterall it's pretty grey anyways!:)
|
| 49 responses total. |
remmers
|
|
response 1 of 49:
|
Dec 17 15:43 UTC 1999 |
The best way to get experience is by doing stuff. I'm glad you're
undertaking this, and that you're soliciting user input from the
beginning.
Offhand, I don't see the authentication problem as being that big. Even
in the worst case, having to log in twice wouldn't be all that odious.
But it can probably be avoided.
Doing this as a Java applet is the only way I can think of to make the
interaction tolerably fast, which is what you want for party. I've used
one or two Java-based web chatrooms, and they work reasonably well.
What will probably be the trickiest part of this is to make it
interoperable with the tty-based party/tel facilities, so that people
will see the same stream of party text regardless of whether they're
logged in via the web or via telnet/dialup. An interesting problem will
be how to handle !tel -- the software will have to figure out whether
the person you're telegramming is on the web or not, and do the right
thing in either case.
|
gypsi
|
|
response 2 of 49:
|
Dec 17 16:32 UTC 1999 |
That's what I was thinking, but I feel strange adding my two cents worth when
I don't know a thing about programming... (the part about recognizing which
interface <?> someone is using).
|
pfv
|
|
response 3 of 49:
|
Dec 17 16:51 UTC 1999 |
OK, I posted to the prior item.. But, techie - I'll try here..
1) mod_auth_external (see Janc's webpage) is the way to do the
authentication.. Talk to the Backtalk-Boys, but I believe
your server will simply need a permission. After that,
you use the Backtalk database.
2) mod_cgisock (it's on the web) is a slick little Apache module
that permits a browser to hit httpd, and get a unix-socket
straight into a running daemon/server on the host.
I've modded the module & browbeaten the author: he's going
to look into a better "protocol", but at this time, my
mods seem to be working fine. (I want to look into using
OOB data, but otherwise.. I'm REAL happy.) I can provide
you with a tarball of his cgisock plus my testbeds and
Cserver source, as well as the little "block" I added to
"httpd.conf".
3) Java.. I don't let mine run.. Don't plan on it, either. I've
always relied on Javascript, even if "less powerful".
Personally, I dislike the idea of having to download & run
something I can't read on my side.. I know, it sounds
wacky. I'm not sure why Java would *have* to be used,
unless you are shooting for some sorta' wildly-slick GUI?
I dunno' - you'd have to "sell me" on the idea.
If I can help out, let me know..
|
remmers
|
|
response 4 of 49:
|
Dec 17 18:19 UTC 1999 |
Re Java: Party is supposed to be a real-time application (minimal delay
between somebody typing something and having it show up on everybody
else's screen), and it's supposed to update the display incrementally,
i.e. when new text appears, the previous text should just scroll up
without the whole window having to be refreshed. Java is the only thing
I know of that (a) can do that and (b) is widely supported by web
browsers. Is there something else that can?
|
pfv
|
|
response 5 of 49:
|
Dec 17 19:01 UTC 1999 |
I don't know, but I'd love to find out. After all, if we can
suffer animated trash when browsing, there must be a way.
|
richard
|
|
response 6 of 49:
|
Dec 17 22:26 UTC 1999 |
is java what aol uses on its web party interfaces?
|
pfv
|
|
response 7 of 49:
|
Dec 17 22:32 UTC 1999 |
ARGGHHHHH!! "AOL" ACK GAG BLECH HEeeeeelllpp!
|
gypsi
|
|
response 8 of 49:
|
Dec 17 22:48 UTC 1999 |
<laughs> AO-Hell...
|
spooked
|
|
response 9 of 49:
|
Dec 18 02:19 UTC 1999 |
Yeah, as was pointed out to me (and when I started thinking some) programming
web-party in CGI would be too inefficient. CGI works well for backend
database or script type programming, but wouldn't scale well to real-time,
multi-user chat we have in party.
Here's what Jan told me (in an e-mail) a week or so ago on the authentication
issue:
"Authentication is a problem. It should definately
require a Grex login and password. The mechanism used by backtalk and
web-vote may not be usuable. If you implement this with a java ap on the
browser, and a server running on Grex, then the server has to be checking the
authentication (it could furn the pwauth program to do so), which means the
java app must send login and password to it. But even if a user has already
logged into Backtalk, so the browser knows the login and password, the Java
app probably can't get it to send it to the party server. You may need to
have a separate login box for party, which is ugly. Maybe we need to rethink
our way of authenticating web users in hopes of coming up with something that
can be used more flexibly. It would be nice to be able to offer a smoothly
integrated set of web interfaces to Grex."
Jan also said that is was more tempting now to write a client-server version
of the textual party program, to jell in more smoothly.
And, I agree with John, I don't know of any other way to go than Java on the
front-end. Java is widely used for this type of application and many more.
One can be near assured there won't be any serious problems with such an
applet, this one at least, as it'll be thoroughly tested before full-release.
Don't be Java-phobic, that's what I'm trying to be say (: There are many more
eviler evils on the web, many of which you're probably unaware of.
|
spooked
|
|
response 10 of 49:
|
Dec 18 02:34 UTC 1999 |
Yes, there are going to be some non-trivial aspects in this project, including
1) As john points out, Orville write's distinguishing web or tty interface,
and its dialogue with the Java applet
2) The authentication problem (we really do want single-logon)
3) The backend server to client dialogue (there's quite a few `sentences' it
will have to be able to understand and communicate)
I'm sure there's more.. (:
|
mdw
|
|
response 11 of 49:
|
Dec 18 03:38 UTC 1999 |
One word: kerberos
|
remmers
|
|
response 12 of 49:
|
Dec 18 03:59 UTC 1999 |
Interesting word. I assume it relates to the authentication problem.
|
spooked
|
|
response 13 of 49:
|
Dec 18 07:07 UTC 1999 |
Let's just go SESAME (: Okay, so who's going to help me set Kerberos up with
both Backtalk and web-party? By the way, do we have Kerberos source here?
|
gypsi
|
|
response 14 of 49:
|
Dec 18 07:53 UTC 1999 |
<is trying desperately to keep up...really...>
|
spooked
|
|
response 15 of 49:
|
Dec 18 08:35 UTC 1999 |
Kerberos is an authentication framework designed at MIT as part of the Athena
project in the mid-late 80's for networks, providing a single log-on service.
I won't go into the details of the security architecture, but the basic idea
is someone could log on (let's say a university system) in the morning.
He/she would not have to re-enter his/her password and username for every
application/system they use. So, this is good because that person doesn't
have to remember multiple passwords. There are also other advantages. SESAME
is a much more complete security architecture, but used Kerberos as the basis
of its authentication framework. SESAME also has audit and authorization
capabilities within its architecture. SESAME was developed in Europe, and
whilst undoubtedly a better solution, Kerberos gained more popularity because
it was out there first, and also because the standards organizations are
predominantly made up of Americans - the process of standardization is by far
political rather than technical.
Anyways, this is a very brief overview. You don't really want to learn all
about these architecture intracacies, but if you want to know more I can give
you plenty of references.
|
gypsi
|
|
response 16 of 49:
|
Dec 18 16:26 UTC 1999 |
Wow. That was perfect, Mic. Thanks. =)
|
mdw
|
|
response 17 of 49:
|
Dec 19 00:34 UTC 1999 |
I don't think the makeup of the standards organizations has much to do
with what's standardized. HTML was first invented in europe, as was
Pascal.
|
spooked
|
|
response 18 of 49:
|
Dec 19 03:28 UTC 1999 |
It most certainly does, Marcus. I have to disagree with you on that one,
Marcus, for a change, but let's not drift (:
|
mdw
|
|
response 19 of 49:
|
Dec 20 04:58 UTC 1999 |
Perhaps you would care to explain what CCITT stands for?
|
spooked
|
|
response 20 of 49:
|
Dec 20 09:20 UTC 1999 |
CCITT stands for many things, just do a web search.
|
mdw
|
|
response 21 of 49:
|
Dec 20 16:23 UTC 1999 |
Good. Now you are prepared to explain the politics behind X.25.
|
janc
|
|
response 22 of 49:
|
Dec 20 19:57 UTC 1999 |
If either Netscape or IE supported kerberos, then kerberos would be the
perfect solution. Unfortunately, they don't.
Marcus has slipped into quizmaster mode again. I think he does it to
save typing.
|
mdw
|
|
response 23 of 49:
|
Dec 20 20:29 UTC 1999 |
I get accused of awful evil things if I do all the typing.
|
gull
|
|
response 24 of 49:
|
Dec 20 20:40 UTC 1999 |
Is X.25 at all related to AX.25, or is it just an accident of nomenclature?
|