Enterprise Social using Open Source Frameworks (SMWCPH)

ENTERPRISE SOCIAL USING
OPEN SOURCE FRAMEWORKS
like Agorava #SMWFrameworks

Social Media Week Copenhagen

Werner Keil
Copenhagen, Denmark
22 / 02 / 13

Twitter
Werner Keil - Bio @wernerkeil
• Consultant – Coach
• Creative Cosmopolitan
• Open Source Evangelist
• Software Architect
• Java Godfather
• JCP Executive Committee Member
• Eclipse UOMo Project Lead
3 • DevOps Guy

Proliferation

4 © 2010-2013 Creative Arts & Technologies

Proliferation of Social Media


Social Gaga


Before JSR 357 (Java Social)

7

Twitter4J
• Twitter4J is an unofficial Java library for Twitter API.
With Twitter4J, you can easily integrate your Java
application with Twitter.
• Its author, Yusuke Yamamoto used to work at Twitter.
While he did, he was briefly meant to represent Twitter
in the Social JSR EG.

• It’s light and based on Java 1.4 to be integrated in
mobile app for instance
8

Scribe Java
• Scribe is Java framework that provides basic OAuth
function
• It also contains configuration for a lot of Social Media

• Only one dependency on Apache Common Codec

• At the heart of Agorava 0.5

9

DaliCore – CMS
• More than a CMS → DaliCore
• Adds functionality common to users, content and
permissions on top of Java EE 6.
• Focus on Users and Permissions.
• In about every DaliCore project, users should be able
to login with existing credentials (Facebook, Twitter,
Google Connect,...)
• Dali modules extend DaliCore
10

Spring Social
• Spring social that inspired Seam
Social and Agorava and has been
around a bit longer

• Spring Social module were used to create first
Agorava modules (thanks to OSS and ASL2)

• But it’s Spring only module....
11

Along came JSR 357
• In march 2012 on Werner Keil’s initiative, Java Social
was submitted to the JCP to become a JSR

• It proposed to standardize high level access to Social
Media for the Java Platform

• It was voted down by 8 votes against 5

12 Images © 2003 Universal Pictures. All Rights Reserved.

What went Wrong?
(Feedback from vote)

13

Too Broad ?

Maybe...
14

Too Soon?

Lack of real POC...
15

It can’t be standardized?

FALSE
16

Standard part in Social Media
• All social medias use REST as transmission protocol

• Most of them transmit data in JSON format and some
in XML

• Identification & Authentication are almost entirely
based on OAuth protocol

17

REST
• REpresentational State Transfer : Requests about
resource representation (customer, book, order)
• REST is based on low level HTTP concepts
• Each resource has a unique identifier (an URI). 4
HTTP verbs can be applied to a URI : GET, POST,
PUT, DELETE
• Java has a standard for REST: JAX-RS. Version 1.0
doesn’t provide client API yet. JAX-RS 2.0 will
18
provide one

JSON
• JavaScript Object Notation:
1: {
2:
3:
"firstName": "John",
"lastName" : "Smith",
Data format inspired by
4: "age" : 25,
5:
6:
"address" :
{
JavaScript. It became a
7: "streetAddress": "21 2nd Street",
8:
9:
"city"
"state"
: "New York",
: "NY",
standard for online services
10: "postalCode" : "10021"
11:
12:
},
"phoneNumber":
including Social Media.
13: [
14: {
15: "type" : "home",
16: "number": "212 555-1234"
17: },
18: {
19: "type" : "fax",
20: "number": "646 555-4567"
21: }
22: ]
23: }

19

OAuth
• OAuth is a protocol to delegate rights for an
application to act on the behalf of an user who
granted its rights without giving away login / password
• Developed by Twitter, Magnolia and Google, it was
made standard by IETF in April 2010 under RFC 5849
• Version 2.0, simpler to use but often criticized for too
many implementation was standardized in October
2012 under RFC 6749 and 6750. It’s already used by
many actors (Facebook, Google, Microsoft)
20

OAuth (2)
• All Social Media services are based on
OAuth 1.0a or 2.0.
• To use OAuth, one has to create an application on
the targeted service to have an entry point for
consumer

21

OAuth has 3 steps
• Creating an application in an OAuth Social Media
service
• Initialization: the right granting phase also called the
OAuth Dance. At the end of the dance we obtain an
access token (formed by a public and secret part) to
use in the next step
• Signature: each request is signed with an access
token identifying the OAuth application that’s been
granted rights

Standards that didn’t make it


OpenSocial

• Become an
OpenSocial Container
Get Shindig (PHP or Java)
or the Google implementations*
• http://shindig.apache.org
OpenSocial Container
• Look at examples & documentation
• http://code.google.com/p/opensocial-resources/wiki/SampleApps

• * See later why

24

OpenSocial – Shindig

• Open source implementation of OpenSocial &
Gadgets specification
• An Apache Software project
• Available in Java & PHP
• http://shindig.apache.org
It’s Goal: “Shindig's goal was to allow new sites to start
hosting social apps in under an hour's worth of work“
• Those who tried it confirm, this failed quite miserably
25

25

OpenSocial – What is a Gadget?

Simple gadgets for getting a Grid proxy credential and
running remote commands. Both run on my own
Web server.

26

OpenSocial Fork
• Death Star
The “official” OpenSocial implementation has shifted – from Shindig
to Google Code https://code.google.com/p/opensocial-
resources/
And just plans to move yet again, this time to GitHub!
In fact, Google’s OpenSocial Ruby Gem moved there 4 years ago,
and the code hasn’t changed since
https://github.com/revans/opensocial
(original Google Code SVN by MySpace also still exists;-)

27

Who uses OpenSocial?
• OpenSocial Empire
• MySpace
• Orkut
• Friendster
• Hi5
• Jive
• IBM (Lotus Notes;-)

28

Who does not use OpenSocial?
• Rebel Alliance
• Facebook
• Twitter
• LinkedIn
• XING*
• Yammer
• Foursquare
• Google+

...
* Abandoned it for lack of Security among other reasons

29

What’s said about OpenSocial?
• OpenSocial is what Google created for MySpace
(Yammer CTO and co-founder Adam Pisoni)
• Out of the box, most gadgets are publicly available
content that do not require authentication and
authorization.
(ThoughtWorks Studios about OpenSocial gadgets)

30

What’s said about OpenSocial (2)
• OpenSocial is a specification that provides a standard
way to share content between semi-trusted
applications.
• While initially proposed for public facing social
networking sites, it has possibly more potential
within the corporate firewall
(ThoughtWorks Radar, March 2012)

31

SocialSite – Sun’s Approach to Social

Sun Microsystems
Socialsite: Shindig + gadget based UI written in Java
Open Source https://socialsite.dev.java.net/

32

The non Standard parts
• No standard identity management or any other API
across Social Media

• More than that. There is no Social Media that
guarantee:
• Its API won’t change for a given period

• Backward compatibility when its API change

33

What would be a standard for Social ?
• A basic heart providing basic services :
• OAuth and Rest request
• Multi Social Media connections
• Polymorphic services to enforce standard on social Media
• Connector definition for Social module

• So this standard would be a kind Java Social
Connector definition standard

34

From JSR 357 to Agorava
• Before Agorava there was Seam Social, part of the
JBoss Seam 3 project
• Early 2012, Seam was stopped to be merged in
Apache DeltaSpike
• Agorava was born mainly from Seam Social after JSR
357 attempt
• One of it’s goals is to be the missing POC
for a new Java Social Standard
35

Differences to Spring Social
• Spring Social works primarily with Spring
• Other UI frameworks than Spring MVC are harder to
integrate
• Focus on Facebook, so far examples only provide
Single Service support, unlike Agorava Multiservice
approach

36

Differences to Spring Social (2)

• Despite otherwise still somewhat active
Spring community, even at SpringSource / VMware
there’s doubt about support and activity, especially
after some people left
• Currently supports .NET, too

37

Differences to DaliCore
• Also offering Social Container and CMS, partial
OpenSocial support
• Persistence support via EJB, JPA, etc.
• Not so clear separation of modules, especially
API/Spec and Implementation, in most cases they
share same module and even package

49

38

Differences to DaliCore (2)
• Currently seems a little heavier, strong dependencies
on the Full Java EE stack, i.e. using only Web Profile
or Java SE seems hard right now
• Glassfish support and Integration
• Demonstrated Scalability also under heavy usage

49

39

Differences to Oracle SocialLink
• Feels almost like Eclipse or Microsoft project
(ISocialNetwork)
• Still very new, looks immature in several areas
• Seemingly non-existent community support
• No Modularity or separation between API and
Implementation

50

40

Differences to Oracle SocialLink (2)
• No Modularity or separation between API and
Implementation
• Makes less use of Java EE stack and standards than
any of the other frameworks even Spring Social
• Has fewer dependencies, thus could be ported to
Desktop or Mobile/Embedded more easily
• No clean Exception hierarchy

50

41

Agorava 0.5 Macro architecture
• Agorava core is the «smart
module» of the framework
• Modules are mainly REST
API and JSON mapping
• Today Agorava provides CDI
implementation only
• On the roadmap we plan to
provide:
• Full Java SE support (e.g. CDI 2)
• JSR 330 (Guice/Dagger or maybe
Spring) support

42

Demo

Let’s Dance...

Agorava Book

• A book about Agorava is
scheduled for release to print
and online (e.g. Amazon Kindle)
this Spring.
• Please check
http://www.developer-press.com/
for updates about it soon

44

Twitter
Links #Java_Social
@AgoravaProj
• Agorava Project: http://agorava.org

• DaliCore: http://java.net/projects/dalicore/

• Oracle SocialLink:
http://java.net/projects/sociallink/

Enterprise Social using Open Source Frameworks (SMWCPH)

More Related Content

Enterprise Social using Open Source Frameworks (SMWCPH)