Qemu: a valid emulation option

In my last post I introduced ReactOS, which is a small operating system resembling Windows. However, I didn't really install it. I could have tried the live cd, but I was too lazy to do a reboot. And it was a great chance to experiment Qemu, which I had discovered recently. Qemu is a process emulator that can boot an operating system inside a window. Much like VMWare.
In the past I found a few other projects doing similar stuff (Bochs and Plex86, for example) but for the first time it worked smoothly out-of-the-box. I tried it with ReactOS and a few linux-based livecds. All of them worked perfectly, even audio and network. Well, perfectly if you don't mind the speed....which is slow. But that is to be expected in this kind of emulators. Tip: be sure to use the Qemu Accelerator module, which makes Qemu a lot faster. Without it, it's too slow to be useful.
Qemu usage is pretty straightforward. It has several command line options, but normally you can go with the simple command (for a livecd): qemu -cdrom /dev/hdb (being hdb your cdrom device).
In conclusion, Qemu is a very good piece of software and probably the best option if you don't want to buy VMWare.

Open Source Windows

Ever wanted M$ Windows to be free ? or even better, Open Source ?
You have two choices: you can wait that M$ does it, or you can try ReactOS. ReactOS is an open source initiative to create a free operating system, fully compatible with M$ Windows. Seems a very strange concept, but why not ? Linux is a free implementation of Unix...
And no, it's not just a concept...it works ! At least, what I've tried, which wasn't much...just the basic apps that came with it (notepad, explorer....). First impression: it looks like the real thing, except the four buttons on the taskbar representing four virtual desktops, which is something I never understood why M$ never implemented. I didn't try to install other applications, but trusting on their website, ReactOS can run, for example, the games Unreal Tournament and Deus Ex. I don't know if everything works smoothly, but if you don't have a M$ license and want to use a few Windows applications, you don't loose anything by trying it. The download is small and if you don't want to install it right away, they also have a livecd. And if it works you just saved some money ;)
I don't know if ReactOS developers will have any legal issues with it in the future. And I'm not saying that I feel it it's not legal. I don't. The code is not derived from Windows. It's all GPL code (they work closely with the Wine project). However, if M$ feels threatened in any way, I'm sure they can find a legal issue somewhere.

Who needs another language ?

No, I'm not going to talk about Ruby and the huge amount of news about it's possibility to take over the world :) I'm going to introduce you to a lesser known language: D. Yes, I presume it's name has something to do with the evolution from the C language... Anyway, I wasn't really thrilled when someone told me about this new language. I immediately thought "ok, a new language...yawn". However, I was surprised when I looked at this comparison. It just seems too good to be true. My first reaction was "where's the catch ? does it really work?". I never heard of it before, but apparently it has already been on Slashdot and Dr.Dobb's. At first sight, the language specification seems very similar to C or Java, but with the best of both worlds, and more. Why (almost) nobody knows about it ? maybe it's a hidden gem that will appear on the spotlight sooner or later...or maybe it will never catch on, despite its (apparent) quality (It wouldn't be the first). Worth a try...

Can you guess it ?

If you remember my last post, I used an UML diagram to explain the overall architecture of Acegi Security. Can you guess in which tool I made it ?
UML is one of the most well-known standards in the IT world, and many tools have been created to help us design those nifty diagrams. The first tools I met were the full-blown commercial products like Rational Rose or Together. And although they really are good products, with lots of features, it always seemed to me that they were a little fatter and heavier than they should. Is it really that difficult to create a small tool that models UML diagrams ?
Then I discovered Dia, which does a reasonably good job, and is completely free. But it's not an UML tool, it's a general-purpose diagram creator (much like M$ Visio). That can be an advantage, but it also means that certain features, typical in UML only tools, are not present: code generation and reverse-engineering. Although I rarely use those features, sometimes they can be very helpful. Overall, I think it's a good piece of software. However, I never enjoyed how the end result looked like.
So, after Dia, I tried ArgoUML. I was impressed by the different kind of UML diagrams it allowed, including the sequence diagram which is normally the first to be absent. I was just starting to explore ArgoUML when, by chance, I discovered Umbrello. Umbrello also has all the UML diagrams (at least all I can think of), does code generation and some reverse engineering (not tried it though). Normally this kind of tools have only one programming language in mind (when generating code or reverse engineering). Umbrello allows code generation for: Java, C++, JavaScript, Python, Perl, PHP5, SQL and a few others (reverse engineering allows only for C++). So what is the difference to ArgoUML ? ArgoUML also allows code generation to more than one language (although not as many as Umbrello), but I didn't find an option for reverse-engineering. Diagrams aside, ArgoUML has a few additional features relating to project handling and overall it seems a more complete and also a more complex product. In terms of usability I think Umbrello takes the lead: the interface is less cluttered and the overall program is lighter, faster and easier to use. And even comparing to Together, from what I can remember when I used it a few years ago, I prefer Umbrello for it's usability.
So, in conclusion I think both ArgoUML and Umbrello are excellent UML tools, that should be considered before blindly buying the full-blown commercial products.
And the answer to my initial question is: Umbrello...never leave home without it ;)

Acegi Security Introduction

Lately I've been busy learning and trying out the Acegi Security System, which is a security framework for the Spring Framework. It's not the easiest framework to grasp, but if you have the time and will, it will pay off. During the process of learning it, I created a diagram to help me understand, and now I decided to create a small introduction around it.
Remember, this is just an example of a possible Acegi configuration. Acegi Security is very flexible and has a lot more features (like single-sign-on and remember-me services).

Introduction

Acegi is based on servlet filters. This has one big advantage: it decouples your application from Acegi. And this makes it easier to add Acegi to an already working application, for example.
For simplicity sake, there's no need to declare all filters on the web.xml. You can use FilterChainProxy which encapsulates a group of filters and executes them in order. As you can see in the picture, we can have 3 filters lined up. Ignoring the HttpSessionIntegrationFilter for now, the other two, AuthenticationProcessingFilter and SecurityEnforcementFilter, implement Authentication and Authorization, respectively.


Authentication

Authentication is the process of confirming that a user is who he claims to be. Typically, this is done by supplying an username and a password (in Acegi concepts those are called Principal and Credentials, respectively). In a web environment, normally, the username and password are provided as a result of an HTML form submit. This submission is captured by the AuthenticationProcessingFilter (it analyzes the URLs passing by, looking for the configured string, that is passed by the form's "action" property) AuthenticationProcessingFilter then calls AuthenticationManager, which starts the process of authenticating. First step is to find the user in some repository, based on the given username. Next, the credentials are compared, and if they are equal, authentication is successful.

The base class in this process is the Authentication class. It's a simple bean composed of a Principal, Credentials and a few Authorities (this normally means user "roles"). AuthenticationProcessingFilter creates a new Authentication Object with the specified username and password, and if authentication succeeds, at the end of the process the Authentication Object will be filled with some Authorities.
But first, we need to find the claimed user in the system. There can be a variety of user repositories in the system (database, ldap, etc). Each of these repositories can be accessed through an AuthenticationProvider. The role of the AuthenticationManager is to maintain a collection of these providers.

Acegi has a few different types of AuthenticationProviders, but probably the most used is the DaoAuthenticationProvider. This AuthenticationProvider uses a DAO (Data Access Object) to retrieve the user from a repository (typically a database). You can use the provided JdbcDaoImpl to connect to a database through JDBC and retrieve the user information, without writing any code. However, is quite simple to implement your own Dao (I did it because I was using Hibernate): just one method that retrieves a User based on a username.

Authorization

Authorization is the process of protecting resources by only allowing those resources to be used by users that have been granted authority to use them. SecurityEnforcementFilter is the filter responsible for the authorization process. It uses a FilterSecurityInterceptor to identify the resources that need to be secured. It holds a collection of patterns (regular expressions) and authorities (an Authority is normally just a string representing an user role). When an URL is identified by one of the patterns, the related authorities must be present in the Authentication object (the one that was created by the authentication process). If there is no Authentication object (the user has not logged in yet) or if the given Authentication does not have the authorities the resource requires, then the application is redirected to a configured AuthenticationProcessingFilterEntryPoint. This normally just represents an URL to a login form.


Now for the first filter, HttpSessionIntegrationFilter...this is responsible for integrating the Authentication object with the HTTP Session. The authentication and authorization processes talked before don't really interact with the HTTP Session. They aren't even aware there is such a thing. They use a SecurityContextHolder to retrieve a SecurityContext, which contains the Authentication object. When a request is made, HttpSessionIntegrationFilter loads the SecurityContext from the Session and stores it in the SecurityContextHolder, where all subsequent filters can access it. At the end of the request, the SecurityContext (that may have been altered during the request) is stored again in the Session. This kind of design is very flexible... all the authentication and authorization processes are independent of HTTP session handling. Thus, we could provide a SecurityContext in any other way. HttpSessionIntegrationFilter it's just a thin layer on top of the rest of the Acegi Security System.

Video editing in Linux

As usual, when on holidays, one must fill endless video tapes of friends and relatives doing funny stuffs (and boring stuff also). Next we have the task of putting them to DVD. It's not hard, but it took me more time than I expected.
First, we have to capture the raw movie from the camera. I already have a DV camera, so that part is plain easy. I could use command-line dvgrab, but I preferred Kino.
Kino allows for capture (with full control of your camera....you can pause, play, etc from the program) and saving to a variety of formats. For me, I was interested in the DVD format. Kino does this job pretty well, and it also has a few additional tools for some editing, like moving and deleting scenes. I haven't tried those though. Kino can, thus, do the entire job. Unless you really want to express your creativity and apply some fancy effects...or a more professional-like editing.
You guessed it, I wanted to express a little of creativity...and for that I used Cinelerra. Cinelerra has lots of advanced editing options (more than I will ever need) and some cool effects...like chroma key...you know...when those pretty girls tell the weather on TV ;)
Anyway, I didn't want to go that far....just add a few titles and images along with the movie. Cinelerra's manual is big, but it explains well all that you need to know. However, you can try this tutorial first, for a quick start.
So, in conclusion...I captured my DV movie with Kino, saved the movie as QuickTime (this is needed for Cinelerra) and made some editing in Cinelerra. After Cinelerra rendered the movie, I imported it again in Kino and converted to DVD format.
A few tips I learned the hard way:

• Select the option in Kino for splitting the captured movie in multiple files. This makes it easier for editing afterwards, because of Kino's smart auto-split: it detects when a scene ends and another starts. It's also lighter on the machine. I tried working with a 13Gb file in Cinelerra and it kept crashing.
• Don't forget to set your movie properties (video size, pal/ntsc, etc) in Cinelerra. It doesn't ask, and if you set it wrong, you won't get good results.
• When rendering the movie in Cinelerra you have a few choices for the output format. The only one I could make it work back in Kino again was Raw DV.
• And finally, remember that this takes a lot of disk space. 1 hour movie equals more or less 13GB...multiplied by two because of the cinelerra's rendered Raw DV format...and the DVD itself..:)

Have fun!

Flash user interface

We usually identify Flash as a language for making web animations, with or without interaction. Even games...And although Flash has given us, also, extraordinary examples of user interface creativity, its applicability for creating user interfaces is far from being the mainstream. Flash is not very easy. I'm no expert, but normally, we have to create the entire look from scratch...and although that brings flexibility it also takes time and is more suited for artistic designers (or at least someone with that capability). I, for example, couldn't create a better interface than the one HTML gives me. So I stick with HTML.
However, if we could specify a Flash interface in XML things would become a lot easier. That's what Lazlo creators thought. I already tried it and I think they made a very good product. With Lazlo you get a consistent look of windows, dialogs, buttons, sliders, etc. It clearly resembles a desktop application. You do not have to worry too much about the look (it's already great) and just create XML for the interface and a few JavaScript for animations and other dynamic content.
Another feature I think it's great is that Lazlo works with data in XML format. This means that if you want to populate a table, you can easily map the XML with table columns. Also, you can get this XML from a web service very easily. Try the demos and have a look at the interactive tutorial...you'll probably be amazed.
One last thing, it's free and has better documentation than many commercial stuff that I've seen.