dambalah

Finally, my notes on the third day of Ajax World East 2008 in New York City.

Opening Keynote: RIA Adoption in 2008

Anthony Franco from effectiveui started the day with a very engaging keynote. He was easily the best speaker of the conference: great delivery, engaging, interesting…

I liked the way he described his company: “we make cool useful stuff for companies who pay us”. They are the ones behind the famous eBay desktop client which has gotten so much press and is always referred to as a good example of a Rich Internet Application (RIA) built on Adobe AIR.

He started by questioning the value of RIAs and the tunnel vision of the developer community, with the following statements:

Why should you care about his mom? Well, she could spending thousands online but nobody takes the time to talk to her.

He used Starbucks and Target as two examples of companies that manage to create great in-store user experiences but failed to re-create that same user-experience quality online. On the other hand, he used 37Signals as an example of a company that is seen as the gold standard of the Web 2.0 era and pointed that one of the reasons they are so succesful is because they own their product. They dictate the how, the where, the why. They are the audience since they use their own products. However, a lot of us are not the audience for the stuff we build. A development firm cannot dictate to a car insurance company how their customers must be buying car insurance because they have to worry about issues such as compliance, etc…

Anthony believes that Web 2.0 should be about Utility + Community + Engaging Experiences. However, he doesn’t believe we have achieved that very well. He used a quote from Chris Bernard to illustrate what he believes is happening currently in Web 2.0: “Web 1.0 = Bad Photoshop, Web 2.0 = Good Photoshop”. Anthony’s address was like a wake-up call to the IT & Web communities: “We are not talking to the audience, not talking to our customers. Shame on us.”

He then went on to address every player in that community and tell them that they are responsible for this. We all are. “It is your responsibility. Stop pointing the finger”:

For each category of players, he used quotes that he has heard in the field that reflects the problem with this folks:

He pointed out that 500 Large enterprises were asked in a recent survey: Are RIAs more important for you in 2008? Nearly 70% answered yes.

Wow! That was a great presentation. It was engaging. He made 30 minutes fly by like it was 5 minutes. He urged the audience to challenge him on his blog, so go join the discussion if you are interested.

Session 2: The Social Aggregator - Widgets Reshape the Social Web

I was surprised to see that Justin Thorp was the speaker since he wasn’t the listed speaker. Justin is someone I consider to be a leader of the DC Web community, for his involvment in putting together barcampDC and the Ning DC Technology Network. I had met him during Startup Weekend in DC so it was good to see a fellow DCist was there.

Justing started with a brief description of where the web has been, where we are now, and where he believes it will go. Back in the day, we had big portals such as Yahoo that were editor driven. It was costly to put together a site so only professionals did it. In a way, browsing the web was like reading a newspaper or magazine, where an editor selected what you should read about.

With Web 2.0, we have better publishing tools, offline apps are going online, more storage has helped user-generated content, websites are more community oriented, etc… At the end of the day, it’s really not about your web site. It’s about your content and functionality. How is your application going to bring pleasure to users?

He then went on to describe web widgets and how the ClearSpring platform can help you deploy a widget. The big problem with widgets is that there are no standards yet, so if you want to develop a widget, you will have to code one for iGoogle, one for NetVibes, one for Hi5, etc… The social aggregator market is fragmented and that makes widget development more difficult. With the Clearspring platform, you only have to write the widget once, embed it in a ClearSpring container, and deploy it on a long list of sites.

Justin used an interesting metaphor between a website being your movie theatre and widgets being DVDs. You can carry them everywhere you go. They adapt to your situation and therefore makes your product more suitable to the user’s lifestyle.

Why should a company build widgets?

Some stats: 81% of all web users saw a widget in nov. 2007–> 148 million people

Someone from the audience made an interesting comment. She asked what happens to the person that brings in value by putting together a set of widgets on a page like iGoogle and sharing it. In a way, that person is a “Widget DJ”. How can that person be rewarded for this work? Should he/she be rewarded for doing it?

Session 3: Now Playing: Desktop Apps in the Browser!

This presentation was a sales pitch for nexaweb. They made it very interesting to listen to by role-playing. Coach Wei played the role of the CIO of a company that is defining their IT strategy while Bob Buffone was his chief architect, trying to go through the whole pletoria of tools, frameworks, languages to find the best solution. Bob finally arrived at the conclusion that NexaWeb made it so much easier to do plenty of things while keeping a consistent development environment. Their development environment seems compelling and I’m sure they will sell some products after this presentation since the audience seemed to enjoy it.

Session 4: DreamFace: The ultimate Framework for creating Personalized Web 2.0 Mashups

Olivier Poupeney, CEO of DreamFace Interactive, gave us a demo of his company’s product. DreamFace is a very cool application. My best description would be: a highly-configurable iGoogle on steroid for the enterprise with the ability to create your own workflows and enable widget interactions. An example of widget interaction (which you can’t currently do on iGoogle) that he demoed is clicking on a note widget automatically launches a YouTube search for the keyword in that note. Very cool stuff.

The interesting part is that during the widget session earlier, we briefly discussed the idea of using a widget aggregation portal as the main intranet portal for a company… and in the next session, Olivier demoed DreamFace, which is just that (and more).

Session 5: Digital Black Belt’s Gide to ASP.NET AJAX Security

Joe Stagner from Microsoft was the speaker for this great presentation on Ajax security. Even though the title pointed to ASP.NET but the talk could be applied to any other platform.

Joe does not agree with Douglas Crockford theme on yesterday’s keynote. He doesn’t think that the web is broken. He believes that JavaScript and AJAX is a fine set of tool, but that developers are the ones to blame for not being more careful about AJAX Security.

Joe started his talk with the main points that we should get out of his presentation:

Security is crucial because in today’s web, we are not only defending our infrastructure (servers, databases) but also our customers. If our web application gets hacked, our customers gets hurt also.

Joe showed us a few tool that he uses that can help us in the quest to “think like a bad guy”: fiddler, webscarab, ViewStateDecoder, his own Password Cracker, etc… I’ve used fiddler before and it helps a lot when doing web development. Every developer should used a similar tool to monitor HTTP traffic. At work, I used HTTPWatch in IE and FireBug in Firefox. I highly recommend downloading both. HTTPWatch is not free but if you can afford a license, it’s definitely worth it. Joe was using IE8 and it ships with a DOM Browser and a debugger. That’s awesome! Debugging on IE was more difficult because they lacked a good alternative to FireBug, but it will now be included in the main distribution.

Here are few tips from Joe’s talk:

Joe also showed us a few attacks that are common. Some of them a quite clever:

All this stuff is scary because as a big web user, I visit a lot of sites everyday and I don’t know if any of them have been attacked. Joe got me paranoid. I think I might start to leave fiddler running at all times on my machine so I can be sure no one is collecting info from my PC.

Session 6: Data And Syndicated Oriented Architecture

This talk was by Kurt Cagle from Burton Group. Kurt is a managing editor for xml.com.

This session was like attending a philosophy class where the topic of the day was XML and REST :-). A lot of acronyms and buzz words were thrown at us. The speaker obviously knows a whole lot about the subject but I feel like he could have made the talk more accessible and engaging.

In essence, Kurt talked about the emergence of REST. To quote him, “REST is XML++. It’s where XML is going”. If you have never heard of REST, I urge you to learn more about it as it will play a bigger role on the web in the near future.

Session 7: Using the DOJO toolkit to create AJAX powered forms

James Harmon from Object Training Group showed us how we can make HTML forms more user-friendly using the Dojo toolkit. It was a very focused talk. He didn’t cover too much but covered it slowly and in depth. It was a good introduction for people, like me, who have never used Dojo.

Dojo makes it really easy to create great HTML forms with validations, cool tool tips, better elements/widgets. They recently passed the 1.0 mark and the framework is quite stable now. Dojo has a partnership with AOL CDN so you can point your javascript include statement to the AOL CDN servers and leverage that infrastructure. Dojo is server-side agnostic but James think that Dojo is a good fit for Java shops.

James spent most of the presentation showing us code and demo-ing the form he enhanced with Dojo. You can download the powerpoint slides of his presentation here, as well as the source code.

Session 8: Open-Source AJAX Test Automation

Frank Cohen of PushToTest was the speaker for the last talk of the day. His talk was focused on the importance of testing and how one can automate AJAX testing.

Quote: “Testers don’t get all the cool tools that developers get.”

3 Steps for testing AJAX Apps:

We need to automate this process. It’s important to have a Quality Engineering Process (QEP). It’s no longer possible for companies that are using Ajax to do manual testing and expect to achieve certain level of SLA. You can’t achieve a QEP without developers, testers, and IT working together.

Frank then went on to introduce his Test Automation Platform.

Client Side:

Server-Side:

Summary

Another great day at AjaxWorld. Overall, it was a good conference. I really enjoyed the sessions and learned a lot. Now I have a lot of homework to do to try to learn more about all these cool technologies.

The conference was a a few weeks back and I never had a chance to post my review/notes on day 2 and 3 of the conference. I finally got to clean-up my notes so here they are. Better late than never!

Opening Keynote: Can we fix the Web?

Douglas Crockford was the opening keynote today. He is the creator of JSON. If you’ve never heard of him and you do AJAX development, I urge you to visit his site. In my opinion, it’s one of the best JavaScript resource on the Internet. In many ways, Douglas has made my life as a developer easier, in particular with JSON and JSMin. For these reasons, I was excited about his keynote and he did not dissapoint me.

Douglas believes that the number one problem of the web is security:

Web applications are built using a set of languages such as JavaScript, HTML, CSS, etc.. This makes it more difficult to enforce security because text that is benign on one langague can be dangerous on another one.

The web standards require these vulnerabilities to be present. What are the causes of insecurity?

Quote: “If there is a script from 2 or more sources, the application is not secure. Period.” This means that mashups are insecure by nature. The big problem is that advertising, the bread and butter of the web, is a mashup.

After showing the audience why the web is broken and insecure. Douglas started answering the question set in the title of his presentation: How can we fix the web? His strategy for fixing the web revolves around three points:

Douglas concluded by saying that if we don’t fix the web, the competition (SilverLight, Flash, JavaFX) will displace it. They are all superior technologies.

For more coverage of Crockford’s Keynote address, check out these articles: 1, 2

Session 2: Accelerate AJAX development with Appcelerator

Jeff Haynie from appcelerator started his talk with a long history of web development. In my opinion, I think he spent too long on this portion of his talk and I felt like he lost the audience after a while. We were all waiting for the punch-line but it took too long to come.

Jeff gave us a brief overview of appcelerator’s platform. Appcelerator is an open source software company that develops products and services for rapid rich Internet application (RIA) development on a service-oriented architecture (SOA). You can find out more about their product on their website at www.appcelerator.com or you can join their developer community at www.appcelerator.org.

Session 3: Introduction to YUI

Eric Miraglia from Yahoo gave us a great introduction to the YUI Library.

The main components of YUI are:

YUI Core javascript is very similar to Prototype or JQuery. It is broken down into three parts:

The YUI Core Javascript is only 31K Minified.

The YUI Javascript Utilities contains a set of libraries for animation (You can animate everything in the styles that have a value. That’s awesome!), browser history management (to deal with back button), connection management (for doing AJAX), cookies manipulation, JSON, etc… YUI uses a modular design. You only need to load what you need.

YUI Controls/Widgets is a set of controls or widgets that one can use on a web page. It includes controls for calendars, charts, color picker, Slider, etc… YUI contains one of the best collections of controls among JavaScript frameworks.

The YUI library also provides a set of CSS tools. It is less than 7K of CSS when you pack all of the files together. It it composed of four elements:

While the competition between JavaScript frameworks is intense, YUI has a lot to offer:

Though I’ve never used the YUI library, it looks great and I would definitely consider using it on my next project.

Session 4: Enterprise Comet: Real-Time, or Real-Time Web 2.0?

Jonas Jacobi, co-founder of Kaazing, started by defining the term “real-time”. His web search brought up the following definitions of real-time:

He then proceeded to define the ‘real-time web’ and came up with the following:

Finally, he came to the conclusion that what matters is when you notify the user.

Comet is a technique to establish a permanent connection from server to client over HTTP. Comet allows you to send messages from server to client. It’s a pushing mechanism, rather than the traditional pulling mechanism that we are used to on the web. It is client agnostic. It supports browser clients or desktop applications.

HTTP 1.1 uses 2 connections per domain. So if you tie one connection to Comet, then there is only one connection left for your application to work with. The solution is to use sub-domains to work around this limitation. This sub-domain technique is recommended by Steve Souders in “High Performance Web Sites” and Rails 2.0 makes it very easy to configure.

Some Comet use-cases:

Jonas then went on to discuss scability issues with Comet. In particular, how do you send all these messages at the same time? The problem is that the server must copy messages across multiple-connections, possibly thousands.

Comet seems like an interesting technology and I look forward to see what will happen in that space.

Session 5: jMaki Webtop: an AJAX Mashup Framework

Arun Gupta who presented the day before on jMaki used this session to introduce us to the jMaki Webtop. He started with a short introduction of jMaki for those who did not attend his longer presentation on the subject the day before. Then, he proceeded to explain what jMaki Webtop is and showed us a demo.

jMaki webtop is a Mashup Framework that is:

In a few words, it’s kinda like a configurable iGoogle page. You can play with the demo that he showed us here.

Arun posted his slides on his blog, along with great reports of day 1 and day 2 of Ajax World.

Session 6: Real-World Enterprise Rails and AJAX: Top 10 lessons learned

Rode Cope is the CTO and Founder of OpenLogic, Inc. He used Rails to build osscensus.org, a global community effort to catalog the use of open-source software.

Rode Cope went through the 10 lessons that he learned while developing an enterprise Rails application with AJAX.

1) Use AJAX, but make it seamless

Good uses:

2) Don’t use AJAX if you don’t need it.

3) Use just enough tools

4) Use Open Source

5) Don’t be afraid of JavaScript

6) Watch out for JavaScript Conflicts

7) Client-side validation is hard, but worth it

8 ) Cross-browser issues: not too bad

9) Security must be implemented in all layers

10) Testing is crucial

Session 7: Spice up User Experience with Silverlight RIA

Sue Googe is a big fan of Silverlight. She spent her 50 minutes praising the benefits of SilverLight and trying to convince the audience that we should all be using Silverlight. So much that I thought she worked for Microsoft

Why Silverlight?

Sue showed a cool demo of the Silverlight Deep Zoom feature. She posted her slides on her blog.

Session 8: AJAX and Social Computing for the Enterprise

I’m still trying to find out whether I attended this session or not. I must be getting old

Session 9: Seam Remoting

Shane Bryzak’s talk was about Seam Remoting, which is an AJAX framework for JBoss Seam. I wasn’t planning to attend this talk at first but the OpenAjax Gadgets & Widgets talk was full by the time I got there. Since I heard good things about Seam in the past, I figured it wouldn’t hurt to learn what it is all about.

JBoss Seam is an Enterprise Java Framework:

How does it work?

Seam lets you make calls in JavaScript as if the class was defined in JavaScript. In your JavaScript, you will never make explicit ajax calls, you simply make a call to a function such as getStatus, as if you were on the server. Seam Remoting takes care of the plumbing and sends the request. The messages are sent using XML.

To define the Java classes and functions that you want accessible remotely, you simply have to annotate the calss with @Name(’nameofclass’) and annotate the functions that you want accessible remotely with @WebRemote.

Communication Protocol:

Seam makes working with JMS easy. Shane went on to demo a Chat Room application using Seam with JMS. I was quite impressed. I like Seam’s approach to Ajax and I would be curious to know if there are other frameworks doing something similar.

Shane’s slide were really good and you do not need to be at the talk to benefit from them. Shane was nice enough to email me his slides and authorized me to post them here. You can download them here.

SYS-CON.TV Power Panel: The Business Value of RIAs

The day concluded with a panel of CTOs talking about who their biggest clients are, what kind of RIA applications they are building, what they believe to be the future of RIA, and other topics related to the business value of RIAs.

Summary

In summary, the second day of the conference was very good. My favorite talks were Douglas Crockford’s opening keynote, the introduction to YUI, the real-world Rails talk, and the presentation on Seam Remoting.

Technologies that I plan to learn a bit more about after this day are: SilverLight, YUI, Seam Framework, Watir, FireWatir, and jMaki.