WSO2 Identity Solution 1.0 Beta Released

We released the WSO2 Identity Solution 1.0 Beta, just a few minutes ago. It is really good to see things that were developed independently, fit in nicely to produce a larger solution.

Please give it a try and send us your feedback.

Here goes the traditional release note...

WSO2 Identity Solution 1.0-beta Released
========================================

WSO2 Identity Solution team is pleased to announce the release of WSO2
Identity Solution 1.0-beta.

Release artifacts can be downloaded from :
http://dist.wso2.org/products/solutions/identity/1.0-beta/

WSO2 Identity Solution provides the following components to enable
CardSpace authentication for web applications.

* An Identity Provider
The identity provider includes an application to issue information
cards and a security token service. Security token service can be
deployed to issue tokens to trusted users. An identity selector will
obtain tokens from the Identity Provider and authenticate the users to a
Web applications with those tokens.

* A set of Relying Party components
Relying party components include an Apache HTTPD module and a Servlet
filter. The HTTPD module can be used with any Web application that is
hosted with Apache HTTPD irrespective of the implementation language.
The Servlet filter component is intended for Java based Web containers.

Key Features in this Release

* Identity provider
- Supports connecting to a JDBC or an LDAP user store
- Issues information cards based on username-token credential and
self issued credential
- Allows adding custom claims and mapping them to user attributes
in the user store
- Revocation of issued information cards
- Manage trusted relying parties
* Apache HTTPD relying party module - mod_cspace
* Java Servlet Filter relying party component

Reporting Problems
------------------------------------------------------------------------
Issues can be reported using the public JIRA available at
https://wso2.org/jira/browse/IDENTITY

Contact us
------------------------------------------------------------------------
WSO2 Identity Solution developers can be contacted via mailing lists:
* For Users: identity-user@wso2.org
* For Developers:identity-dev@wso2.org
For details on subscriptions see
http://www.wso2.org/projects/solutions/identity#mail

Thank you for your interest in WSO2 Identity Solution

WSO2 Identity Solution Team

Lecture of a lifetime - Achieving your childhood dreams

I got this (sad, funny, entertaining, moving, motivating, you name it...) video clip from a friend. Randy Pausch a CMU professor dying of pancreatic cancer delivering his last lecture. If you find it good, watch the whole 2hour lecture here.

Best thing about this lecture is its finale. I think I never have seen (or attended) a lecture with such intense ending that made me think over and over again. I wouldn't say that this lecture changed my life though it for sure made a huge impact. At the very least, it made me think seriously, whether I do what I always wanted to do?

Talking about childhood dreams, I don't think it'd be easy to achieve my childhood dreams, except for a few. Mine are not as specific as Randy's, they usually are more generic in nature. However, it is not the time to reveal them yet (huh! topsy krets). Hopefully, I would someday be able to blog (or do the equivalent of blogging then) on my childhood dreams and how successful I was in achieving them.

The whole lecture was full of food for thoughts, but one clue in particular on achieving childhood dreams:

Brick walls are there for a reason. They let us prove how badly we want things.

What's my blog rated?

Browsing around randomly - well, I was using google, so it was not entirely random - I found this funny web site which claims to provide a "Film Rating" for any blog.

Huh! my blog is rated PG-13. For 10x use of "crap" (can't help it when the blog it self is named "Random Crap") and 1x use of t i t.... What? Where did I say that? I searched through the whole blog, couldn't find where that is. Probably in html format only.... so I opened up a page source window and searched for the three letters followed by a space. Hmm, strange, I still can't find it. Could it be that their analysis is faulty somehow?

Anyway it's nice to have such a badge on your blog. Looks cool...

PG-13? who writes for children under 13? CRAP once more!!! Gimme an R.


Update (25/09/20007): As Yasith pointed out in his comment, after this post, my blog is rated R (isn't that great?):



For once I thought it would be a hard thing to achieve such an honor. Oh! it's just 13 craps and one word which happened to truncate in a totally unintended way, over which I have no control. Shame on blogger ;)

Go Offline with Google Reader

It has been a long time since I gave up my offline RSS reader. I loved the google reader interface and it's usability since it was in public beta. Only disadvantage about using it was that I had to be online to read any RSS feed, which hard was a problem for me.

I have been extremely busy these days due to an extended us trip and some deadlines to be met. Thus did not log in to the google reader for the last few weeks, until this evening after finishing my work. The first thing got my attention was a link in the top right hand corner which said offline. That was something I saw there for the first time. I was thinking may be they have written a stand-alone application to complement the web UI. Anyhow, I just clicked on it to check what it is and there I got the surprise of the month for sure.

Now you can save the latest 2000 items to your machine so that you can read them offline. 2000 is a decent amount I guess. This feature has been introduced to google reader only a week ago on the 31st May. It uses the recently released google gears, a browser plugin which enables writing offline web applications. It should rather be called a toolkit than a browser plugin. The official google reader blog says:

To do this, we've used the newly released Google Gears, a browser plugin that enables offline web applications. Once you've installed Google Gears, you can download your latest 2,000 items so they're available even when you don't have an internet connection. To get started, simply click the "Offline" link in the top right of Google Reader.

Here is my google reader gone offline, yay!

Axis2/C 1.0 Released

Apache Axis2/C 1.0 was released a few days ago. Well that was last Sunday, the 6th. The release was delayed by a few weeks due to improvements and fixes suggested.

Wow! what an achievement, of course I am happy to be (however vanishingly small) a part of the great amount of human hours used in this exercise.

In the meantime, Apache Rampart/C project, the WS-Security implementation for Axis2/C has plans to release 0.90 by the end of this week. We found a small memory issue with our xml canonicalization (xml-c14n) implementation yesterday, and it is fixed now. You can test the release artifacts from here.

On Bits, Bytes, and Bitrates

How fast can you download torrents?

This is one of the problems that I get from most of my friends who are into torrent downloading business. When I say that I get something like 55 kBps, with SLT ADSL basic connection, which offers 512kbps downstream, most of them go nuts! What the heck happens to the 457? If you wonder where 457 came from, try subtracting 55 from 512.

This post is a reply to all those who disagree with me at such discussions. Now I can ask anyone who starts arguing with me on this regard, to do their homework first, i.e., to read mu blog ofcourse!

Theoretically, with SLT ADSL basic package, I should be able to download at 512kbps (i.e., 500Kibps, 62.5kBps, or 64KiBps). All these figures are in accordance with the IEC 60027-2 standards. IEC stands for International Electrotechnical Commission. They define the standards on Letter symbols to be used in electrical technology [1].

kbps, kBps, Kibps and KiBps

In the above paragraph, I've mentioned kbps in four different manners (sometimes with an i next to the k). This shows the difference it can make just by capitalizing a single letter of a letter sequence in engineering. Oh! did I say "gibberish"?

kbps is a measure of data transfer speed. Some refer to it as a measure of bandwidth too. However, as bandwidth has no fixed definition at all, for some meanings of bandwidth, it may not make any sense to be measured by kbps. Wikipedia has a great article on different meanings of the term "bandwidth". 1 kbps is 1000 bits per second (not 1024). This measure had been always used mostly (if not only) in telecommunication and there is no dispute over whether it is 1000 or 1024.

kBps is the data transfer rate in 1000 Bytes (a byte is 8bits) per second. It is commonplace to write this measurement as KBps or KBPS, though it is not the standard. Also it is very common to use kB to indicate 1024 bytes. Even it was used in almost all the computer applications that were built before the new millennium and in many applications even today. However, since IEC now have a standard for measurements of information too, kBps stands for 1000 bytes.

Kibps is pronounced kibi-bits per second. The kibi- prefix stands for 1024, in the same manner kilo- stands for 1000. This prefix was introduced to replace k, the kilo- prefix used in a binary sense.

KiBps by this time it should be fairly obvious that KiBps stands for kibi-bytes per second. and that it is 1024 bytes per second.

In the same way Ki is used for 1024 (2^10) bytes, Mi, Gi, and other respective prefixes are used to represent 2^20, 2^30 and the respective powers of 2. (FYI: Mi is mebi- and Gi is gibi-)

Calculation

Okay, now it's time for elementary mathematics.

My ADSL connection is 512kbps download.
Therefore it is 512*1000 = 512000 bits per second.
That means (512000/8)/1000 =64 kilo bytes per second.
also, 512000/1024 = 500 kibi bits per second.
and in turn, (512000/8)/1024 = 62.5 kibi bytes per second.

giving 15% for noise, the actual download speed would be something like... (64/100)*85 ~ 55kBps.

Afterall, I am a happy man, I get almost the most out of my ADSL connection practically possible.

Usage

Even though the standards are there, it has not been adopted by many computer applications yet. For examples, Windogs still use kB for 1024 bytes. Linux and other open source software (rulez!) like Gnome are among the first to use the standards.

Lessons to learn

1. If you have an SLT ADSL basic package and your torrent client says that it is doing 55kBps, don't complain, it is doing it's best.
2. Never trust the computer when it comes to storage sizes or data transfer speeds. You never know (if it's manual specifically says so) whether k stands for 1000 or 1024, and whether M stands for 1000000 or 1048576.

Someone Else

Someone Else
by Nuwan Ishantha

Is this you who I see?
Or is it someone else?
Or is it someone else that I saw in you?

Is this confusion?
Or is it that I "was" confused?
Confused that you were someone else, when you were still actually you?

Am I who I think I am?
Or am I someone else?
Or am I just not the one I thought I was?

Am I?
For I see that you are still who you are
But that you are still someone else.

I am someone else.

WSO2 Identity Solution Alpha Released!

This is bit of an old news. As I was not at home for the last week, I could not blog about this earlier than this.

WSO2 Identity Solution is an open source implementation of Microsoft CardSpace, which is a standards-based solution for working with and managing diverse digital identities.

I started working on the Identity Solution by accident, when someone was needed to write an apache module for this solution. Although there were many who knew better, and I knew nothing about writing apache modules, I got the chance since I was jobless (not exactly!) then. Afterall, it is the main project that I'm working on at the moment. At the first shot at it, things didn't look so good. I was trying to write the whole module using very low-level APIs, not knowing that there are a lot many comprehensive abstractions that can be used. Handler concept, which is new in Apache2 made my task a few orders of magnitude easier than it would have been in Apache 1.3.

Nick Kew's companion website of the book "The Apache Modules Book" came in handy when I needed any bright ideas. I wonder how efficient I would have been if I had the book at hand. Thanks Nick, for the great effort.

Release note:

We are happy to announce the alpha release of WSO2 Identity Solution.

This release can be downloaded from the following location:

http://dist.wso2.org/products/solutions/identity/alpha/

Key features of this release includes

* An Apache2 module to enable CardSpace authentication on a
web application.
* A ServletFilter component to enable CardSpace authentication
on a Java servlet based web application.
* Two samples explaining the use of the above components.
(Please follow instructions given in the README files)

Release artifacts :
-------------------------------------------------------------------------------
Binary distribution  - identity-solution-alpha-bin.zip
Source distribution  - identity-solution-alpha-src.zip

Project Information
-------------------------------------------------------------------------------
Web site              - http://www.wso2.org/projects/identity
Issue tracker         - https://wso2.org/jira/browse/IDENTITY
Mailing list          - identity-dev@wso2.org


Thanks,
WSO2 Identity Solution Team

"Is not the Title of a Book, AFAIK" is not the title of a book, AFAIK - Part I

It was too much for me to digest, the first time I encountered recursion. That was when I knew all the bits and bytes about GW-BASIC, an awesome language for the beginners at the time. BASIC allowed all the hacks that aren't possible with modern languages while providing very least of the structured programming constructs. Still, many people used BASIC and it was fairly adequate for not-so-impressive programs (usually written by the owner of a pc) a layman would have ever needed. It was a time when I could write a program to find all the permutations of a given set using a myriad of goto's pointing every here and there of the program. Yet it was so familiar and easy to write, although all the programming text that I came across said that's not the way to do it. Duh! who cares about those structure-worshiping authors. I can do it in fewer lines than they do!

However, that was history. Much later at some point in time, I switched the language that I use to program from BASIC to Pascal. Suddenly it all seemed so easy. Structured programming seemed to be the way to go. Recursion was so natural with Pascal procedures. I wondered why I didn't start programming in Pascal earlier than this...

This change in programming language alone was one of the reasons that made me to grasp recursion quite easily. You can call one procedure within itself. But, only if you make sure that your procedure stops recursing (calling itself) at some point, your program would really work. Recurse ad infinitum is something that we can never achieve in the limited time frame that we live in, no matter how fast the recursion is performed, albeit if pull together some alien technology from Stargate (SciFi) to build our computers.

Infinitely many recursion, though can not be used with computers, is used extensively in mathematics, for it only is a thought process that proving theorems are involved with. The most popular such usage would be induction. We show that some statement P(n) is true for some initial value of n, and for P(m+1) if P(m) is. As we have already proved that P(n) is true, from the second part of the proof, we have P(n+1), hence P(n+2), and hence P(n+3)... ad infinitum. It is preferred in mathematics to say for 'all n', instead of 'to infinity' due to certain technicalities, however. The basic idea is the same: apply the inductive statement over and over infinitely many times, you get all n.

Uh oh! I didn't notice that I wrote about a pageful of crap until I previewed the site just now. Original reason I started writing this post was to note down some self-referent statements that could be constructed using natural language. Being the way too technical low life I am, I got brainsick with the parallels of self-reference in computer languages. Thus I'd mark this post as part-I. I will follow up with a sequel soon...

To Blog or not to Blog

Alright, finally I made my mind up. I am going to start blogging yet again. Did I say "yet again"? Yes ofcourse...

Well, I had been maintaining a weblog the days I started programming seriously. I have been messing around with computers since I was in grade 6. But it was in the vacation of 8 months (?) or so I had after my O/L examination, that I took computing really seriously. All I did those days is looking for some clever way of writing a piece of software. So I made a note of things that I learn each day on a web diary. Mind you, those were the days that the word blog itself was yet to be invented. Writing programming stuff for a few months, anyone is destined to be bored with it. I am no exception; all work and no play makes dummy a dull boy! Besides, I had to prepare for my A/Ls the next two years. Hence that tech blog was long gone.

The next time I started blogging was when I was an intern at IFS. The whole purpose of that blog was to keep track of the work I did there. Since I did not maintain the industrial placement report, which was required to obtain my B.Sc., on a day to day basis, this blog kept the necessary information instead. Like many (almost all except for Nuwan and GL may be) other students, I wrote the report about a month after the training was ended, when the university asked us to submit it. This blog was hosted in MSN Spaces, and it served it's purpose very well. I had no idea of continuing that blog anyway.

Now, coming back to the present, I have started blogging yet again. This time, the content is going to be drastically different (at least I hope so) from my previous attempts at blogging. I may drop technical posts here and there, but I want it to be non-techy savy friendly this time.

So here we go...