Pushing new repository to gitolite server
Posted by Carsten Saathoff in Development on July 27th, 2010
I am playing around with git and gitolite recently. Setting up a git server using gitolite is very simple. Authentication is done using ssh, configuring the repositories can all be done from the client by just pushing new configurations into an admin repository. Very convenient. Creating a new repository on the server is as easy as adding a new configuration to the config file and pushing it to the server. However, what didn’t work was pushing something into this new repostory. The reason is that pushing into an emtpy repository needs a special command in git, what I didn’t know. You basically have to add some files, commit them and then do a
git push origin master
However, that still requires to add some files. This might not always be convenient, and thanks to this post I found out that the following also works on an empty repository:
git commit --allow-empty
git push origin master
Probably this is not new to people using git for a longer time, but I thought it is a good idea to document this for future reference.
Cross Domain AJAX with Restlet and jQuery
Posted by Carsten Saathoff in Java, REST on July 7th, 2010
We are currently implementing a prototype for event-based access to media. The basic idea is to organize media like videos or images around the events they were taken at. Examples are videos of a concert or images from some art exhibition. The data is stored as RDF, all URIs are dereferencable and return RDF/N3 by default. However, in order to make use of the dataset easier, we also want to provide a RESTful API that returns JSON representation of the resources and provides additional resources for performing different searches over the dataset. Furthermore, the RESTful API is also supposed to allow modifications of the data.
Now, the RESTful API and the frontend will run on different servers, and we also want to enable mash-ups, so we actually need to allow cross-domain AJAX. However, that is prohibited by most modern browsers. As long as you only want to do GET requests, one way around this issue is JSONP, as explained here.
We require, however, POST requests (and actually also PUT or DELETE). However, JSONP is basically a hack that works only with GET. Some research into this issue revealed that there is actually one way round it, called Cross-Origin Resource Sharing. CORS was proposed by the W3C. An explanation with nice code examples can be found in this blog entry.
The basic idea is that the client sends a header that specifies the Origin of the request, i.e., where the code doing the request is located. The server checks this header and returns some additional headers, most notably the list of origins that are allowed to access the resource in a cross-domain fashion. This approach works for simple GET and POST requests (some standard requests, the details are explained in the proposal).
If the request is non-standard, as in our case, a more complicated mechanism is established. Actually, the client first sends an OPTIONS request with some extra headers, actually asking the server whether it is allowed to do its request or not. The server then answers, again with some special headers, and either allows or denies the anticipated request. Implementing this is pretty easy, once you know the pitfalls. What I didn’t know is that the some headers you send in response to the OPTIONS also have to be sent in response to the POST. Basically, this is contained in the original proposal, but not very explicit for the specific case I was working on. So I missed that detail, which cost me like half a day. Of course, there were no proper error messages and the only observable effect was en empty response body in Firefox. For this kind of debugging, FireBug is a really nice tool. In addition, Firefox and Chromium did behave differently, what didn’t make finding the problem easier.
I’m now going to show what needs to be done on the client side with jQuery and on the server side using Restlet. Assume that our front-end lives on some domain http://allevents.example.com and the RESTful API on http://eventapi.example.org. Despite the similarity of both URLs, they are in fact different Doing a POST request with jQuery is fairly simple:
$.ajax({
type: "POST",
dataType: "json",
contentType: "application/json",
url: "http://eventapi.example.com/event",
data: {starttime:\"2008-12-01\", endtime:\"2010-12-02\", limit:10, offset:10},
success: function(response, status, xhr){
$("#text").append(response.events[0]);
}
});
We use the ajax function in order to do a POST request. We specify with dataType that we expect JSON as the response and with the contentType that we are also sending JSON. The URL POSTed to is http://eventapi.example.com/event. The data is a simple JSON object containing a start, an end date, and some pagination information. Actually, this is supposed to be a search request for all events that took place in the given time interval. Obviously, we couldĀ realizeĀ this as a GET, but in reality the search parameters might be much more complex and much longer, so that GET is a bad choice du to some length restrictions present in different clients and servers. The success field is bound to a callback function that just appends the first event to some html element.
But due to the different domains the frontend (and thus the AJAX) is served from and the POST is directed at, the client will not perform the POST without some extra effort. The client side extra effort is handled by the browser, so we are finished with that. On the server side, the RESTful API has to implement some extra methods. What actually will happen is the following. The browser will send an OPTIONS request that will more or less look like:
Origin: http://allevents.example.com Access-Control-Request-Method: POST Access-Control-Request-Headers: Content-Type
In reality there will be some additional headers, but these are the ones actually implementing CORS – Cross-Origin Resource Sharing. The cliet actually says: Hey, I running content from http://allevents.example.com, specified in the Origin: header, I want to POST (Access-Control-Request-Method), and I will send an extra header Content-Type (Access-Control-Request-Headers). The latter is required, since we don’t send any default content, but JSON. This is specified using the Content-Type header, which is not among the default headers allowed.
In Restlet we can now answer this OPTIONS request:
@Options
public void doOptions(Representation entity) {
Form responseHeaders = (Form) getResponse().getAttributes().get("org.restlet.http.headers");
if (responseHeaders == null) {
responseHeaders = new Form();
getResponse().getAttributes().put("org.restlet.http.headers", responseHeaders);
}
responseHeaders.add("Access-Control-Allow-Origin", "*");
responseHeaders.add("Access-Control-Allow-Methods", "POST,OPTIONS");
responseHeaders.add("Access-Control-Allow-Headers", "Content-Type");
responseHeaders.add("Access-Control-Allow-Credentials", "false");
responseHeaders.add("Access-Control-Max-Age", "60");
}
Here we actually create a response with only headers, so no response body is transmitted. The first header says any domain might access the API (responseHeaders.add("Access-Control-Allow-Origin", "*");). In the next line we say POST and OPTIONS are allowed HTTP methods. We allow the extra header as requested. We don’t allow any credentials to be sent, and we actually allow the client to cache this response for 60 seconds. That means in the next 60 seconds, the OPTIONS request will not be send again.
Now, when the response indicates that the anticipated POST is allowed by the server (which is the case here) the browser will do the actual POST request. On the server side it is now important to include the Access-Control-Allow-Origin header from the OPTIONS response again, or the POST response will not correctly be handled. The actual behavior with Firefox was that the response body was empty. Content-Length and other headers were retrieved correctly, but the response body was empty, although the server did send a body. Again, the Restlet code:
@Post
public Representation acceptEvent(Representation entity) {
Form responseHeaders = (Form) getResponse().getAttributes().get("org.restlet.http.headers");
if (responseHeaders == null) {
responseHeaders = new Form();
getResponse().getAttributes().put("org.restlet.http.headers", responseHeaders);
}
responseHeaders.add("Access-Control-Allow-Origin", "*");
Representation result = null;
// generate and return JSON
return new StringRepresentation(generateJSON(), MediaType.APPLICATION_JSON);
}
The important part is at the top of the method, where we add the additional headers to the response. The rest is a normal Restlet function that returns some JSON.
I hope that this small blog posts clarifies things for some people having a similar problem.
Displaying Error Messages in Equinox
Posted by Carsten Saathoff in Java on May 20th, 2010
Just found out via this blog post how to actually enable displaying of debug messages in Eclipse Equinox when using declarative services. Just add
-Dequinox.ds.print=true
as a VM argument when starting equinox, e.g. in the Run Configuration within Eclipse. Very helpful if you are informed why your bundle doesn’t start as expected.
Using Substance Look and Feel within OSGi
Posted by Carsten Saathoff in Java on January 10th, 2010
I am currently porting the KAT to OSGi in order to get a more sphisticated runtime environment that is separated from the user interface. The reason is that we also want to develop a web version of Semaplorer. However, I had some problem with running the current GUI within OSGi. The reason was that the Substance classes could not be located and I got a bunch of exceptions like the following:
UIDefaults.getUI() failed: no ComponentUI class for: javax.swing.JButton[...
Some searching around the web lead me to the following solution:
UIManager.setLookAndFeel(new SubstanceBusinessBlackSteelLookAndFeel());
UIManager.getLookAndFeelDefaults().put("ClassLoader", SubstanceLoader.class.getClassLoader());
Some useful REST resources
Posted by Carsten Saathoff in REST on October 29th, 2009
I recently informed myself about REST, the basics, and how to implement a REST Api. I found the following resources to be quite useful to get an overview. So I blog them for archival purposes, and because they might be useful for others as well.
Ubuntu karmic, Thunderbird 3.0 beta/Shredder and Enigmail
Posted by Carsten Saathoff in Ubuntu on October 23rd, 2009
I’m using Shredder aka. Thunderbird 3.0 beta now for a while and think it’s the best mail client I used so far. I sign all my mails with gpg and sometimes use gpg encryption. However, after my update to karmic (the beta, yes I know, quite a lot of betas), however, Enigmail failed to sign my mails. Interestingly, verifying signatures worked, but signing/encryption did not. The error message was long, telling me that gpg-agent was not able to query the passphrase:
gpg command line and output: /usr/bin/gpg --charset utf8 --batch --no-tty --status-fd 2 --keyserver-options auto-key-retrieve --keyserver pgp.mit.edu -d --use-agent gpg: problem with the agent - disabling agent use gpg: can't query passphrase in batch mode gpg: Invalid passphrase; please try again ... gpg: can't query passphrase in batch mode gpg: Invalid passphrase; please try again ... gpg: can't query passphrase in batch mode
After some googling I found a rather radical solution, that, however, solved the problem. I deinstalled gpg-agent, seahorse, and gpgv together which a large amount of packages that are probably quite important for a working system. Then I reinstalled just ubuntu-desktop. And voila, it worked. So, should you experience any problems in karmic with Thunderbird 3.0/Shredder and signing/encrypting mails, maybe try the same trick.
How many axioms would you like?
Posted by Carsten Saathoff in Ontology Design on September 22nd, 2009
I’m currently working on the formalization of our new Multimedia Metadata Ontology M3O. It used Descriptions and Situations as one core pattern, along with information realization and the data value pattern (at least we termed the representation of plain data values in DOLCE Ultralight like that). While it is pretty simple to come up with many axioms that I could add, I question myself how many I want to add.
As an example: Currently we have D&S based patterns where the description defines a number of concepts that determine the roles of the participating entities within a certain context. Each concept might only classify exactly one entity. We need this property of the patterns in order to assure that no ambiguities arise in the real data. My idea was to add super concepts like M3OConcept, among others, in order to formalize these basic properties. For instance, I would formalize that M3OConcept = classifies exactly 1 Entity and classifies only (Entity and hasSetting some M3OSituation). What does this give me? Well, it formalizes that a concept within M3O might classify only one entity, and that this entity must have as setting a M3O Situation. This could be continued, e.g., by requiring that M3OSituations only satisfy M3ODescriptions, that M3ODescriptions define only M3OConcepts, and so on. But that would also imply that specializing our patterns would require sub-concepts of our M3O concepts, which would need to satisfy the same axioms.
But is that really desired? Obviously it would provide very clear semantics, but it might hinder adoption. Maybe we can not foresee particular cases where our axioms do not hold. So the question is: How strong should an ontology design pattern be formalized? Is their main advantage the formalization? Or is it rather their template-like character that provides an idea of how to model certain things? I am personally not yet sure which way I will go, so I’m open for comments 
.
Information Realization in Dolce Ultra Light
Posted by Carsten Saathoff in Ontology Design on August 5th, 2009
Yesterday I discussed with Ansgar about some Ontology Design Patterns, and we encountered an issue with the Information Realization pattern from ontologydesignpatterns.org and Dolce Ultra Light (DUL).
The original Information Realization Pattern.
In the original pattern InformationRealization is a subclass of
realizes some InformationObject.
In DUL, however, InformationRealization is also defined as being equivalent to
PhysicalObject or (Event and hasParticipant some PhysicalObject) and realizes some InformationObject.
In other words, it is either a PhysicalObject that realizes some InformationObject, or it is an event in which some PhysicalObject participates that realizes the InformationObject. This definition makes sense, since some performance on a specific date and at a specific place indeed realizes some InformationObject, e.g., Goehte’s Faust.
Anyway, this definition also seemed to us, at least, problematic, since it is not clear anymore whether an information realization is an object or an event. We tried to model what the underlying patter should be, and came up with the following.
The extendend Information Realization Pattern.
We came to the conclusion that information realization always consists of both an event and at least one object, which is depicted in the lower part. Both are involved in realizing the information. For example, in the case of the Mona Lisa, it is not only the painting that realizes the Mona Lisa, but it is the painting participating in the event of its existence that realizes the Mona Lisa. Obvioulsy, this particular view is still debatable, since it would also be a possible interpretationĀ that both Da Vinci and the painting participating in the event of the creation of the painting are the realization. In both cases there are, however, both an object and an event involved. In other words, even when intuitively the object realizes some information, it is actually the participation of some object in an event that realizes the information. This view is even supported by one of the most fundamental axioms of DUL, namely that there is no object without an event, and vice versa. Therefore we know that this event must exist.
However, using only the event as the InformationRealization does also not suffice, since not all participating objects necessarily realize the information. Take the performance of Goethe’s Faust as an example. There is clearly the actors that realize the act, although both the actors and the audience participate in the event of the play. In other acts, such as the Rocky Horror Picture Show the audience might, however, play a role, and some interaction between audience and actors takes place. In such cases at least some audience members actualy contribute to the realization.
In the final pattern, we decided to keep the class InformationRealization for convenience reasons.
The full Information Realization Pattern.
Our pattern, while more complete, is also more complex and less intuitive. Therefore, we concluded that it might not always be reasonable to instantiate the full pattern and chose the middle way. We include both, making the full pattern, and also the full semantics, of information realization explicit, but also providing the possibility to use it in a more conveneint way through the simple pattern. Whether that is a good choice will need further discussion, though.
New Blog
Posted by Carsten Saathoff in Misc on August 4th, 2009
So, after having two blogs for the last year, one in German and a work-related one in English, I decided to set up a single blog, in which I will only blog about professional stuff, i.e., everything related to Semantic Web, Semantic Multimedia, Software Development, or IT in general. This will become my primary homepage from now on. Now I only have to find time to create content 
.