snellspace.com

So the first face-to-face APP interop event is over. Many many thanks to our gracious host Google. DeWitt did a fantastic job organizing the event and keeping things going. It was great to be able to finally meet many of the APP WG members face to face. Tim has some pictures; Keith has posted some thoughts; Dave as a few reflections; M. David Peterson and Joe Cheng managed to get two zunes in the same room at the same time; John Panzer of AOL still has an endpoint up if y’all want to test it.

From IBM, I brought the Lotus Connections Blogs and Dogear components. Joe Gregorio brought a home grown server and client pair. Kevin Beyer brought a PHP+DB2 based server implementation and Elias Torres brought his Wordpress APP implementation. We managed to find a few bugs, work out some issues and generally have a good time. The really cool thing is that we were unable to find any significant holes in the spec. Things just worked.

A couple of points, however…

• Authentication schemes can really harsh the mellow. At least one of the server implementations there used WSSE based auth… none of the clients, however, actually supported WSSE. After a bit of quick coding, several implementations were able to get it working. The Google endpoints all required GoogleLogin or AuthSub, which only a few of the clients actually supported (Abdera included). Since the Lotus Connections Dogear component uses Form-based authentication by default, I decided to be a bit evil and not enable the basic auth right away. This required that clients be able to do a form post for auth, hold on to a cookie, and return that back to the server with each request. The Abdera client is able to do that but I don’t think any of the other clients there were able to. Eventually I changed it over to basic auth with SSL but since I was using a self-signed cert some of the clients still were not able to connect and test. The lesson: APP Implementors need to pay very close attention to authentication schemes. Auth is and will continue to be the most significant issue with APP interopability.
• We need profiles. In APP, a “profile” is a generalized description of how different classes of APP servers will function. e.g. we had several blog server implementations at the event, we have several media server implementations, we had some that we simple arbitrary content stores, etc. Each of these implementations made different assumptions about what was allowed and placed different requirements on the clients. For the sake of people writing client code, we need to capture and document these behaviors so that, as much as possible, we can get most blog servers, for instance, working in generally the same way, using generally the same features and extensions, etc. The members of the WG are going to start working on this. Oh, and btw, in case you’re wondering, Microsoft’s Windows Live Writer works great with the Lotus Connections Blog’s component via the APP interface. The lesson: The core APP spec is really solid, but we need to document the common behaviors of the various types of APP implementations in order to succeed long term.

I’ll try to post a bit more later. For now, I need to catch up on a couple days of IBM email and unread feeds.

Update: Tim posted some thoughts as well.

This entry was posted on Wednesday, April 18th, 2007 at 8:30 amand is filed under Personal, Technology, Atom 1.0, Abdera, standards, dW.
You can follow any responses to this entry through the Atom Comments feed. Responses are currently closed, but you can trackback from your own site.