machine501

In an earlier post I talked about BlazeDS and Spring Security and gave a high level overview of how to get a BlazeDS destination to be secured with Acegi security instead of BlazeDS’ security. However, I overlooked a simple thing that would make the whole system play nicer with Flex. That is, I didn’t translate the authentication exception into a flex.messaging.SecurityException and did not set its code to Client.Authentication. It’s not really necessary to do so as you will get an error message anyway because BlazeDS catches Acegi’s exception and wraps it in a MessageException, but it’s nicer if it’s wrapped in a semantically appropriate exception.

I first thought I’d add an exceptionTranslationFilter to my filterChainProxy but this doesn’t work because BlazeDS wraps the exception after the proxied bean invocation and doesn’t let it percolate to the container filter. Duh! That took me about an hour to figure out.

The next step would have been to pass an afterInvocationManager to the method SecurityInterceptor but this guy never gets called when an exception occurs.

So, the next step, which I think is kinda hacky, is to extend the MethodSecurityInvocation class and override invoke. Catch any AuthenticationExceptions and translate them into SecurityExceptions so that BlazeDS can transfer that exception to Flex as appropriate. Here’s the code:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20

<pre lang="Java" line="1">
@Override
public Object invoke(MethodInvocation mi) throws Throwable {
    try {
        return super.invoke(mi);
    } catch (AuthenticationException ae) {
        SecurityException se = new SecurityException();
        se.setMessage(ae.getLocalizedMessage());
        se.setRootCause(ae);
        se.setDetails(ae.getLocalizedMessage());
        // This is an authorization error instead of an auth error 
        if (ae instanceof InsufficientAuthenticationException) {
            se.setCode(SecurityException.CLIENT_AUTHORIZATION_CODE);
        }
        else {
            se.setCode(SecurityException.CLIENT_AUTHENTICATION_CODE);
        }
        throw se;
    }
}

My next step is to bypass BlazeDS’s authentication mechanism and just do it through Acegi. I’ll keep you posted.

I was reading an article in this week’s issue of the Journal of the American Medical Association that looked into the perceived quality of care of patients in medicare and per-capita spending. Basically they wanted to see if people in regions with lower spending were more or less satisfied than Medicare beneficiaries in regions with higher spending. To put it into perspective, per-capita medicare expenditures in Miami, Florida was nearly $12,000 compared to $5,700 in Minneapolis.

The result was that there’s not a significant difference in an individual’s satisfaction with their medical care. The “oh, snap. no you did’n” moment came when I read the last paragraph in the study:

This study suggests that, should fundamental changes in the structure of the US health care system occur so that the lowest expenditure quintile is viewed as the benchmark, the fraction of patients who view their care as inadequate or constrained will not, in the long term, increase above current levels. Instead, we suspect that the limiting factor in restraining cost growth or in fundamental reform will be the extent to which the medical community will be able to adjust to new standards for what constitutes appropriate medical practice.

(my emphasis) So, doctors, stop performing expensive, sometimes unnecessary procedures.

What drives costs up? A commentary in the same issue points out that direct-to-consumer advertising, and procedure specialties in particular regions that increases the likelyhood of having that procedure performed on you than if you lived somewhere where procedure was not in vogue.

This is a component that mimics the text finding functionality in Safari. When you do a search it dims out the text field and highlights the currently found fragment of text. Other fragments in the text are currently set apart by a black rectangle, but I plan to change that.  This is kind of like the Highlighter component on FlexLib http://code.google.com/p/flexlib/wiki/ComponentList

The currently selected text indicator can be a IDataRenderer component that you can specify in code.

I couldn’t wait to show it to people before cleaning the code … so here it is. Without code. But I’ll release the source to the public once I clean it up and fix a few bugs.

Things I still need to do:

• Allow custom renderer for non-selected item
• Fix scrolling issues
• Looks like I’m missing the ability to highlight items towards the very end of the text
• Simplify so it can be used as a component. Currently needs a few lines of AS code to get working

Some notable features:

• You are passed the text formats of the text fragment match so that you can render the text in the selected indicator exactly as it looks on the original text.
• You can pass a custom selected text renderer. Notice it has animations as you click for the next find

There is another version that works on an HTML control in AIR. There’s a problem with that, however, when the text match wraps; I can’t figure out a way to find the coordinates of the start of text that’s been wrapped to the next line.

I frequently read a blog about IT in health care because I’m interested in HCI in medical settings and the blog’s author usually makes good posts that sometimes shed light on the organization impact of introducing software and hardware into a healthcare setting. But the last post was a piece in which he praised and agreed with an opinion piece on the Wall Street Journal titled “Why Doctors are Heading for Texas“. This opinion piece is just a rehash of the story “More Doctors in Texas After Malpractice Caps” on the New York Times posted last October about the same subject. The gist of the NYT article and the WSJ opinion piece is that more doctors are moving their practice to Texas because of a series of tort reforms passed in 2003 and 2005 in the same state that essentially capped malpractice payments at 250k.

One [of the reforms] capped medical malpractice awards for noneconomic damages at $250,000, changed the burden of proof for claiming injury for emergency room care from simple negligence to “willful and wanton neglect,” and required that an independent medical expert file a report in support of the claimant.

The other reform had to do with asbestos litigation.

Let’s stop to think about this for a few minutes.

First, it offers no comparison numbers to the increase in physicians nationwide and the output from medical schools. So maybe Texas is siphoning off doctors from other states, maybe it’s just part of a national trend. I went to the Texas Medical Board’s website and loaded up the numbers onto a spreadsheet from 1997 to 2008 to give myself a sense of any trend. The articles don’t compare the increase in doctors to population growth either.

Second, it ties the increase in Texas, without any proof, to a single cause: the reforms. One should consider a host of other factors like quality of life, programs that lighten the burden of medical school expenses for doctors willing to practice in underserved areas, wages, and many others. After determining the impact of other possibilities on the decision for a physician to practice in Texas, then can we compare the actual overall effect of tort reform on their decision. It may be significant, it may not.

Third, in other states in which med malpractice caps have been declared unconstitutional the effect of this change has had little if any effect on the # of active doctors. For example, in Oregon, in which a $500k cap in medical damages was declared unconstitutional, the number of active doctors increased at the same rate during the four years before and after the damage cap were overruled, according to the Oregon Board of Medical Examiners. “The number of active doctors in Oregon rose 11.9 percent from 2000 to 2004, compared to 12 percent from 1995 to 1999,” the years when the cap was in place. “There were 8,388 physicians practicing in Oregon in 2000 and 9,382 in 2004—an increase of 994, or 11.9 percent. By comparison, the number of physicians practicing in Oregon grew from 7,517 in 1995 to 8,416 in 1999, an increase of 899, or 12 percent.” In fact, the rate of increase in some of the specialties that are considered more at risk of malpractice litigation, like ob/gyn and trauma care, had a steady or dramatic increase in the years after the rule was overturned. It would be unwise to say that the change is the cause for this increase.

Further, as the data in the TMB site show, wealthier counties are getting more doctors than rural, poorer counties. The WSJ piece tries to appeal to our moral sense by mentioning that frivolous lawsuits impact the uninsured, the poor, the underserved. Yet, if you look at the numbers, physicians are moving to wealthier counties, and poorer counties have had little to nill increases of physicians in any specialty. Anyway, liability is a high cost in some specialties (ob/gyn) and in trauma, for example, but in rural areas the driver is reimbursement.

The NYT piece’s title is misleading because it implies causality. The two events could be completely unrelated, yet because the writer chose to focus on the tort reforms and because there was an increase in doctors coming into the state then the headline and story seem to imply that one caused the other. Both the WSJ and the NYT pieces use anecdotal evidence, quotes from doctors who did move because they thought liability premiums made it difficult to practice in their states, to back up their stories.

Is there a story in the TMB numbers? Maybe figure out why doctors practice in more affluent urban areas than in rural areas. But I suspect that’s not an exciting story. It’s obvious, doctors are just like the rest of us; we gravitate towards places with good paying jobs and things to do. And I suspect that story’s been written about before.

I’m not for litigation, and there are many cases where people who are actually victims of malpractice do not sue for malpractice.  There are some cases where people who have not been harmed or have no claim to medical malpractice nevertheless file one.  There are also many greedy lawyers who see this as an opportunity to make a lot of cash. But it really nags me when newspapers are happy to overlook a most basic rule taught in college, that “correlation does not imply causation,” to get you to read a story. And it’s even a weak example of correlation since the opposite “effect” can be seen in other states, like the Oregon case.  Bleh. Go back to school!

I read a blog post by Jeff Clavier about Twitter, Microblogging, and when Twitter might go mainstream.  I thought, yeah: I publish much more often on Twitter, Flickr, Facebook, and am starting to mess around with Muxtape.  So I looked around for a widget for my blog where I could put up my different streams from different social services.  I found friend feed and thought it’d be good to put on my blog.  That’s when it hit me: why not just make my stream my home page?  Why not replace my whole blog with my social stream, and just make my longer entries part of that stream?  So I whipped up a script in a few minutes and came up with what you see on the front page of my site.

Is this the way we’ll start to see online presence for those of us brave enough to run our own blogs?  Basically, this is a way to publish feeds from your online identities, not to aggregate feeds you’re interested in.  It’s not a personal feed aggregator.  It’s a starting point for people to get to your online identity(ies).

I have a bunch of ideas for this.  The initial, quick and dirty, version of these scripts is setup in a somewhat modular format, so as you sign up to new services, or new services appear you just drop in a new module and it will load those up.  Each item from each service can be customized as you want using CSS.  And you can control how often it should aggregate your content.  The source is coming soon but if you want to play with it I can post it.

Let me know what you think.