Monday, 26 February 2007

OpenID and REST doubts

Gabriele Renzi:

che bello, mi distraggo per un po’ e Microsoft, AOL e Digg adottano OpenID, mentre phpbb e wordpress ammiccano tramite mod e plugin.

Tim Bray:

Unless I’m missing something.

For a coincidence (I really don't remember what drove me to do it), a while ago I register to MyOpenID and so now I can identify myself as and, trough delegation, as
which, if no other, is pretty cool (in response to Tim Bray's What Could I Use It For Today? question ;-) ).

But I'm missing something about OpenID too and I'm going to share these doubts with my readers (have I readers??!!).

A short story: I discovered OpenID about 6 month ago while I was evaluating authentication methods for a new public web application. It immediately appeared to me as a very clever and exciting idea so I would be happy to adopt it. From another side, I wanted to follow a REST architectural style and these two requisites seemed to me very hard to conciliate and so, having already enough problems in my ToDo list, I gave up with OpenID.

Back to present, I still retain that it's a great idea but I wonder how can it be used RESTfully. Let me explain why in 4 steps:

  1. to obey the RESTful principles your application should be stateless;
  2. this means that you haven't a user session where to save authentication credentials;
  3. this, in turn, implies that you have to authenticate every request;
  4. if OpenId is part of the game, this means that for every request you have to contact an OpenId server to check the user credentials. In my opinion this is impracticable in most of the real situations.

Obviously I could be completely wrong, am I? In such case, how is it possible to use OpenID in a RESTful way? Back when I did my first evaluation I searched quickly (very very quickly, honestly speaking) but found nothing.

Technorati Tags:

Posted by Nicola Piccinini at 12:29 AM CET in /taken cues/

Friday, 26 January 2007

Firebug 1.0

Joe Hewitt:

The web development paradigm wants to evolve, but we can’t build the future with yesterday’s hammer.

Tools are very important indeed.
Firebug made me love JavaScript again and preserves our relationship in the course of time ;-) .

Posted by Nicola Piccinini at 12:01 AM CET in /taken cues/

Thursday, 9 November 2006


Kyle Shank:

The light at the end of the tunnel is dimming for the developer/entrepreneur who wants to change the world. Act now.

At least, it isn't time anymore to build a video game alone, I believe.

Wil Shipley:

Don't listen to me.

via Dion Almaer.

Marc Hedlund:

What have I been learning: I’m learning to appreciate luck a lot more.

via Francesco.

PS: four posts in a row, that's a record.

Posted by Nicola Piccinini at 6:43 PM CET in /taken cues/

Wednesday, 8 November 2006

More hype please

Joe Gregorio:

... the hype around Ruby on Rails is beginning to fade ...

I'm a RoR adopter and I retain that hype is a big weapon for a framework, therefore this isn't a good news.
I'm writing this post in the hope to revive a little bit of hype ;-)

Technorati Tags:

Posted by Nicola Piccinini at 2:21 AM CET in /taken cues/

Friday, 29 September 2006

What Ruby needs

Tim Bray:

Still, there are flies in the ointment, worms in the apple, fake jewels in the shop window.

At least Unicode (as soon as possible) and IDE. We have RadRails, I use it but it's lacking some important features (by the way, rumors in the mailing list say that an usable debugger is around the corner, great!)

Technorati Tags:

Posted by Nicola Piccinini at 8:20 AM CEST in /taken cues/