In his post Why not standardize an Object Schema? Jason Mauss writes

I was listening to the latest .NET Rocks! episode; the part where they were discussing Service-Oriented systems. I don't remember exactly who-said-what but I do remember what was said. There was mention of something like, “You only want to pass XML messages back and forth, not objects.” The reasoning behind this (IIRC) had to do with interoperability. Let's say you have a .NET caller and a J2EE caller. Since they both define objects differently (and perhaps create and expect different serialized representations of objects) it's not gonna work. This got me thinking, why not have someone (like say, the W3C w/ the help of people at Sun, IBM, MS, etc.) develop a standard “object” schema for Web Services (and SO systems) to pass back and forth?

For example (this is just off the top of my head and not thought through well):

<object type=““ basetype=““>
   <property name=““ value=““ />
   <method name=““ accesstype=”” address="">
     <parameters>
        <parameter name="" type="" required="" />
     </parameters>
   </method>
</object>

I realize this is a huge simplification of what the schema might actually look like, but perhaps someone could provide me with some insight as to why this would or wouldn't be a good idea.

There are a number of points to tackle in this one post. The first is the misconception that XML and service orientation are somehow linked. Service orientation is simply a state of mind, go back and read Don's Don's four fundamentals of service orientation;

  • Boundaries are explicit
  • Services are autonomous
  • Services share schema and contract, not class
  • Service compatibility is determined based on policy

None of these explicitly rely on XML, except for the part about services sharing schemas and contracts not classes but XML isn't the only data format with a schema language. Some people such as Sun Microsoystems like to point out that ASN.1 schemas and binary encodings fit this bill as well. The key point is that you should be passing around messages with state not executable code. The fundamental genius of the SOAP 1.1 specification is that it brought this idea into the mainstream and built this concept into its very core. The original spec has this written into its design goals

 A major design goal for SOAP is simplicity and extensibility. This means that there are several features from traditional messaging systems and distributed object systems that are not part of the core SOAP specification. Such features include

  • Distributed garbage collection
  • Boxcarring or batching of messages
  • Objects-by-reference (which requires distributed garbage collection)
  • Activation (which requires objects-by-reference)

Once you start talking about passing around objects and executable code the system becomes much more complex and much more tightly coupled. However experience from enterprise messaging systems and global distributed systems such as the World Wide Web show that you can build scalable, loosely coupled yet powerful applications in an architecture based on passing around messages and defining a couple of operations that can be performed on these messages. Would the Web be as successful if to make web requests you had to fire up Java RMI, DCOM, CORBA or some equivalent instead of making HTTP GET & HTTP POST requests over network sockets with text payloads?

Now as for Jason's schema, besides the fact that doing what he requests defeats the entire purpose of claiming to have built a service oriented application (even though the term is mostly meaningless anyway) the schema is missing the most important part. An object has state (fields & properties) as well as behavior (methods). Service oriented architectures dictate that you pass around state while the methods exist at the service end point, (e.g. an HTTP GET or HTTP POST request sends some state to the server either in the form of a payload or as HTTP headers which are then operated upon by the server which sends a result after said processing is done). Once you start wanting to send behavior over the wire you are basically asking to send executable code. The question then becomes what do you send; MSIL, Java byte codes, x86 instructions or some new fangled binary format? When you finally decide that all you would have done is reinvent Java RMI, CORBA, DCOM and every other distributed object system but this time it uses the XML magic pixie dust.


 

Categories: XML

Am I the only one saddened by the fact that it's been over four years since Microsoft and IBM co-submitted the XInclude NOTE and the spec is still just a Candidate Recommendation? How about the fact that the W3C Query Languages workshop which led to the creation of the XQuery working group was held almost six years ago and the XQuery specification is still a Working Draft which means it is still a year or two from being done.

This lateness in delivering specs in combination with the unnecessary complexity yet lack of features of other W3C technologies such as XML Schema makes me feel more and more that the W3C is more of a hinderance to the world of XML development than a boon at this point.

Many feel that there isn't any alternative but grinning and bearing it. I wonder if that is truly the case and whether individual or community based innovation such as has happened with technologies like RSS or EXSLT isn't the way forward.


 

Categories: XML

Ted Neward, James Robertson and a few others have been arguing back and forth about the wisdom of preventing derivation of one's classes by marking them as sealed in C# or final in Java. Ted covers various reasons why he thinks preventing derivation is valid in posts such as Uh, oh; Smalltalk culture clashes with Java/.NET culture... , Unlearn Bo... and Cedric prefers unsealed classes. On the other side is James Robertson who thinks doing so amounts to excessively trying to protection developers in his post More thoughts on sealed/final

As a library designer I definitely see why one would want to prevent subclassing of a particular type. My top 3 reasons are

  1. Security Considerations: If I have a class that is assumed to perform certain security checks or conform to certain integrity constraints which is depended upon by other classes then it may make sense to prevent inheritance of that class.

  2. Fundamental Classes: Certain types are so fundamental to the software system that replacing them is too risky to allow. Types such as strings or numeric types fall into this category. An API that takes a string or int parameter shouldn't have to worry whether someone has implemented their own “optimized string class“ that looks like System.String/java.lang.String but doesn't support Unicode or stores information as UTF-8 instead of UTF-16.

  3. Focused Points of Extensibility: Sometimes a object model is designed with a certain extensibility points in which case other potential extensibility points should be blocked. For example, in System.Xml in Whidbey we will pointing people to subclass XPathNavigator as their way of exposing data as XML instead of subclassing XmlDocument or XPathDocument. In such cases it would be valid to have made the latter classes final instead of proliferating bad ideas such as XmlDataDocument.
There is a fourth reason which isn't as strong but one I think is still valid

  1. Inheritance Testing Cost Prohibitive: A guiding principle for designing subclasses is the Liskov Substitution Principle which states

    If for each object o1 of type S there is an object o2 of type T such that for all programs P defined in terms of T, the behavior of P is unchanged when o1 is substituted for o2 then S is a subtype of T.
    although straightforward on the surface it is hard work testing that this is indeed the case when designing your base classes. To test that one's classes truly exhibit this principle subclasses should be created and run through a gamut of tests that the base class passes to see if the results are indistinguishable. Often it is actually the case that there is dependency on the internal workings of the class by related components. There are two examples of this in v1.0 of the APIs in System.Xml in the .NET Framework, XmlValidatingReader's constructor accepts an XmlReader as input but really only supports an XmlTextReader and XslTransform should accept an XPathNodeIterator as output from an extension function but really only supports the internal ResetableIterator. Neither of these cases is an example of where the classes should be sealed or final (in fact we explicitly designed the classes to be extensible) but they do show that it is very possible to ship a class where related classes actually have dependencies on its internals thus making subclassing it inappropriate. Testing this can be expensive and making classes final is one way to eliminate an entire category of tests that should be written as part of the QA process of the API. I know more than one team at work who've taken this attitude when designing a class or set of classes.

That's my $0.02 on the topic. I do agree that most developers don't think about the ramifications of making their classes inheritable when designing them but to me that is an argument that final/sealed should not be the default modifier on a class. Most developers won't remember to change the default modifier regardless of what it is, the question is whether it is more beneficial for there to be lots of classes that one can't derive from or that one can even if the class wasn't designed with derivation in mind. I prefer the latter.  


 

Categories: Technology

Now that I've gotten Visual Studio.NET 2003 reinstalled on my machine I've been working towards fixing the few bugs I own that have prevented us from shipping a release. The most important bug left to fix is [ 930282 ] Remote storage doesn't actually synchronize state which exists because of laziness on my part.

RSS Bandit gives you the option to download and upload your feed list from a file share, an FTP server or a dasBlog weblog. However this doesn't actually do much synchronization during the import phase, basically it just adds the feeds that don't currently exist in your aggregator. It doesn't synchronize the read/unread messages, remove deleted feeds or remember which items you've flagged for follow up. I am in the process of fixing this for the next release.

I'm currently thinking that we'll break backwards compatibility with this feature. Synchronization will only work between current versions of RSS Bandit. You'll have a choice of two transfer formats ZIP and SIAM. If you select ZIP then we'll synchronize your search folders, flagged items, replied items, subscribed feeds and read/unread message state. All of these will be transferred as a ZIP file. The SIAM option will synchronize subscribed feeds and read/unread message state and will be transferred as a SIAM document. The supported data sources will be WebDAV folder, network share and FTP. I'm interested in any other options people think is interesting to support.

There are a couple of interesting problems to solve before I'm done mostly to do with how to perform the synchronization as quickly as possible. They revolve around scenarios like “What if my work machine has 3 months of posts while my home machine only has 2 weeks of posts in its cache and I synchronize between them?“ or “What happens if I've read different posts from the same feed on my work machine and on my home machine?“. The issue revolve around the fact that replacing the existing information with the incoming information while simple leads to information loss.

This should be fun, I've wanted this functionality for a while.


 

Categories: RSS Bandit

Dimitri Glazkov has produced a JavaScript implementation of DOM Level 3 XPath for Microsoft Internet Explorer. Below are some examples of what using XPath from Javascript looks like with his implementation

Now counting all links on your document is just one XPath query:

var linkCount = document.evaluate( “count(//a[@href])“, document, null, XPathResult.NUMBER_TYPE, null).getNumberValue();

So is getting a list of all images without an alt tag:

var imgIterator = document.evaluate( “//img[not(@alt)]“, document, null, XPathResult.ANY_TYPE, null);

So is finding a first LI element of al UL tags:

var firstLiIterator = document.evaluate( “//ul/li[1]“, document, null, XPathResult.ANY_TYPE, null);

Excellent work. XPath is one of the most powerful XML technologies and getting support for it in clientside HTML scripting is should be a great boon to developers who do a lot of HTML processing using Javascript.  


 

The march towards getting the next official release of RSS Bandit continues, until then you can download the latest version.

The biggest changes since the last beta are that two more language translations have been added, Brazilian Portuguese and Polish. This  brings our number of supported languages to six (English, German, Russian, Simplified Chinese, Brazilian Portuguese and Polish). A couple of bugs with Search Folders were also fixed.

I'm currently the one holding up the release. I've finally gotten Visual Studio.NET 2002 installed on my machine and it seems that I should be able to get Visual Studio.NET 2003 installed today. Once done I'll work on the new installer and implement actual synchronization of feed state using a central server of your choice. Lack of this feature is beginning to get on my nerves.


 

Categories: RSS Bandit

April 20, 2004
@ 08:55 AM

From the Duh! department are the following excerpts from the an interview with the author of Sister's Keeper

In her book, Robbins goes undercover at a college she calls “State U.” during the 2002-2003 school year to find out whether the stereotypes—binge drinking, drug use, eating disorders and promiscuity—are true.

NEWSWEEK: What kinds of things did you witness?
Alexandra Robbins: I really hadn’t expected to find the level of "Animal House" campiness that I did in some groups. They had a tradition called boob ranking where pledges had just a lim­ited amount of time to strip off their shirt and bras to examine each other topless so that by the time the clock was up, they were basically lined up in order of chest size in order of the sisters to inspect. Some sorori­ties hold what they call “naked parties,” during which after a few drinks sisters and pledges strip off their clothes and basically run around the house naked, some of them hooking up with each other before they let the boys in.

NEWSWEEK: Isn’t there a constant emphasis on boys?
Alexandra Robbins: From the mixers to the formals to the homecomings to fraternity parties—there’s frequently a race to get dates from a limited pool of acceptable fraternity guys. And white sororities are so centered on relationships with their ceremonies and rituals and songs to celebrate specific relationship mile­stones. By comparison, in at least one white sorority, the award for getting the highest GPA was a bag of potato chips. And you have to wonder what’s the point of a girls-only organization if it revolves around men.

NEWSWEEK: How prevalent are eating disorders?
Alexandra Robbins:
I had heard urban legends about plumbers having to come clean out the pipes ever month or so in sororities because they get clogged with vomit. A lot of girls told me that was true. Eating disorders are so popular that some houses have puking contests after dinner. At State U., every sin­gle one of the 18 sororities had eating-disor­der problems.

The entire premise of the book reminds me of an episode of the Maury Povich show, an excercise in voyeurism.


 

In Christoph Schittko's post about CapeClear's latest WSDL editor he writes

CapeClear recently released a new version of their free WSDL editor. The new version allows adding XML Schemas which, in my mind, was definitely a much needed feature...The only gripe I have is that the new version is no longer called WSDL Editor. Now it's the SOA editor

SOA is now a much overhyped and meaningless buzzword. The entire industry is hyping XML Web Services all over again without pointing out anything of much concrete worth. Microsoft is right up there as well with publications like Microsoft Architects Journal whose last issue had 3 of 5 articles with "Service Oriented" in the title with at least one other being probably the quintessential work on Service Oriented Architecture, Metropolis.

There are basically only 2 people's whose opinions about the mostly meaningless Service Oriented hoopla I consider worth anything. Pat Helland who was talking about service oriented architecures before the buzzword had a name and Don Box because he's the first person I've seen do a decent job of trying to distill the service oriented fundamentals (see A Guide to Developing and Running Connected Systems with Indigo).

Don's fundamentals

  • Boundaries are explicit
  • Services are autonomous
  • Services share schema and contract, not class
  • Service compatibility is determined based on policy

make a lot of sense to me. The only problem I have with Don is that he is working on Indigo which is anything from 1.5 to 2 years from shipping depending on who you're listening to but Microsoft is pimping SOA today. I've talked to him about doing a bit more writing service oriented development with existing technologies and even offered to cowrite if he can't find the time. Unfortunately I've been really really busy (we are short one PM and a dev on my immediate team, speaking of which WE ARE HIRING!!!) so haven't been very good at nagging him to do more writing. Hopefully once we lock down for Whidbey beta 1 I'll have some free time until the beta 2 deluge begins.


 

Categories: Technology

My buddy Josh Ledgard has a posts on the search for the best way to provide online discussion forums on Microsoft technologies for our customers. He has two posts that kick of his thoughts on the issues; MVP Summit Views and Issues with Threaded Discussions and Brainstorming Results of Online Discussion Solutions. In the former he basically states that during the MVP Summit the major feedback he got from MVPs was that they want discussions in an online forum to have all the functionality of NNTP newsgroups and newsreaders provide today (offline capability, watches, authentication & identification, etc) but they don't like the amount of traffic in the NNTP newsgroups. 

Josh's second post mainly tries to address the fact that a number of groups at Microsoft felt that newsgroups are a low tech solution and have ended up creating alternate online forums such as the ASP.NET forums and GotDotNet message boards. This basically has fragmented our developer support experience and is also problematic for product teams since we need to monitor multiple online venues using multiple tools.

My simple suggestion is that the various Microsoft forums should emit RSS that fully supports the Comment API and wfw:commentRss then developers will step up to the plate and create online or desktop aggregators that combine both the NNTP newsgroups and the Web forums. One of the reasons I plan to add NNTP support to RSS Bandit is exactly because I now have to use 3 different tools to monitor our developer forums (Outlook for mailing lists and to get alerts from Web forums, Outlook Express for NNTP newsgroups and RSS Bandit for blogs). There's no reason why I can't collapse this into two tools or even one if one uses something like Newsgator.

Josh and I are supposed to have lunch tomorrow. I'll see what the Visual Studio team is thinking of encouraging in this direction if anything.


 

In his post Or, maybe more strict Phil Ringnalda writes

I've been idly thinking about starting a campaign to get RSS/Atom aggregator authors (and validator authors, as well) to be a little less strict and dogmatic about what feed content is uniformly evil, and must be stripped out in all cases. We have a roughly shared (and mostly unexamined) set of standards, mostly based on Mark Pilgrim's groundbreaking post, saying that you should never allow, among other things, any Javascript, any CSS styles, or any object or embed elements
...
But, the inevitable but: the more you look, the more evil there is in the world
...
Or, say you have a Windows program embedding the IE browser control. You've carefully managed your security zone, so objects are no more dangerous than they are in general, you only display one entry at a time so CSS is no danger, and you've built your own popup blocker so you don't have any reason to strip Javascript. Then I come along again (maybe you should just refuse to subscribe to any of my feeds?), and drop in a simple little paragraph: <p style="height: expression(alert('gotcha'))">.

To the best of my knowledge none of these things is a problem for RSS Bandit. As Phil points out in his post when you embed the IE browser control, you can actually either choose your security zone which is exactly what RSS Bandit does. By default RSS Bandit disables Javascript, ActiveX and Java applets. This is fully configurable by end users because we provide the option to change the web browser security settings use by RSS Bandit.


 

Categories: RSS Bandit