machine501

Here’s how to compile your arduino programs using the command line in windows xp.  I took the Makefile from the Arduino forum, but modified it because it didn’t work for me, probably due to my using Arduino 0011.

1. Make sure you have Arduino 0011 installed and that you can upload and run the blinking LED sample program.

2. You need make.  Install cygwin.  I have gnu make 3.78.1 installed.

3. Download this Makefile.

4. Create a directory somewhere and a file called “main.pde”.  Use the blinking LED program from the Getting Started section of the Arduino website.

5. Put the Makefile there

6. Modify the Makefile to suit your project.  Instructions are in the Makefile

7. Run make, it should build the stuff

8. Run “make upload” and your program should be uploaded to the board.  You can have auto-reset with Diecimila, but you have to modify avrdude.conf, which is in INSTALL_DIR/hardware/tools/avr/etc/avrdude.conf.  The Makefile has instructions for how to modify avrdude.conf

Happy physical computing.

Here’s a Work In Progress.

I’ve had lots of free time lately, so I’ve started sketching stuff and came up with this:

I may start painting it later today.

Update: Below is a quick experiment with simple volumes. nothing drastic:

Update: 06/10/08

Update: 08/03/2008

Needs some work on the arm on the left (picture left).

Started adding sketches of the avatar thumbnails.

This is unbelievable.  I just got a UPS package from Babies R’ Us because we’re about to have a baby (like, today or tomorrow!)  We didn’t know what was in it because we’ve been getting gifts from our friends and family from our registry.

The box is maybe 2 feet by 3 feet by 6 inches.

Then I open it up and see that it’s mostly that air packaging stuff.

And here’s the one, and only, item that was in it!  A tiny baby blanket!!!!

WTF is the huge box and all the padding for?  In case the blanket, uh … breaks?  Does it expand if you add water?  Did something fall out along the way?  This is an incredible waste of resources.  I’ve contacted Toys R Us corporate to let them know.

While running the Los Angeles Flex Users Group I got a lot of questions from people about how BlazeDS could fit into their existing infrastructure.

Typically, they will have an application container, such as JBoss, or maybe just a servlet container, like Tomcat, and a SQL backend. Usually MySQL or PostgresSQL. JSPs are used for the presentation layer and, sometimes, they may use Struts or SpringMVC as a web application framework. If you’re using ColdFusion this post is likely of little use to you.

Many programmers are understandably weary of introducing yet another component into their system and BlazeDS sounds like such a complex component that it’s often mistaken for a standalone application container that doesn’t readily integrate with standard Java application containers. This couldn’t be further from the truth. Those programmers who follow the bundled BlazeDS examples get stuck trying to figure out how to expand the example to fit their application or how to even start from scratch.

Let’s tackle the first misconception, that is, that BlazeDS doesn’t play well with Java application containers. To put it simply, BlazeDS is configured as a standard servlet. When a Flex client wants to make a request to a BlazeDS server it will issue a POST request to a defined servlet path. That path is whatever you configured the BlazeDS MessageBrokerServlet to. Flex sends the request as an AMF binary payload or an XML version of AMF. I’m glossing over some details but just knowing that you can access BlazeDS as a servlet is a good starting point for figuring out how you can start integrating BlazeDS into your existing application.

What this means to you is that BlazeDS can use container authentication or even work with Spring.

Let me make it even more clear by putting some sample configuration and code.

Here’s the part of the web.xml in which you declare and configure the MessageBrokerServlet:

<servlet>
<servlet-name>MessageBrokerServlet</servlet-name>
<display-name>MessageBrokerServlet</display-name>
<servlet-class>flex.messaging.MessageBrokerServlet</servlet-class>
<init-param>
<param-name>services.configuration.file</param-name>
<param-value>/WEB-INF/flex/services-config.xml</param-value>
</init-param>
</servlet>

Here’s the part where you map the MessageBrokerServlet to a path:

<servlet-mapping>
<servlet-name>MessageBrokerServlet</servlet-name>
<url-pattern>/messagebroker/*</url-pattern>
</servlet-mapping>

The file “services-config.xml” is the primary configuration file for BlazeDS. Here is where you define a “channel”:

<channel-definition id="amf" class="mx.messaging.channels.AMFChannel">
<endpoint url="http://localhost:8080/sample_bds/messagebroker/amf"  .... />
</channel-definition>

This tells the Flex client where to make an HTTP POST request when using the “amf” channel on a RemoteObject, for example.

In fact, try it out on a browser, startup BlazeDS and point to htp://localhost:8080/blazeds/messagebroker/amf/

You’ll get a blank page. That’s a good thing!

The next question I usually get is, “do I have to dump my JSP/WebServices/Struts in order to use BlazeDS?” The answer is definitely no! In fact, if you have a JSP AND a WebServices front end to your application you’re a good bit along the way towards integrating BlazeDS. The reason for this is that if you have two front-ends to your application, and these two front-ends share some functionality, then you have probably structured your application in such a way (using a Service Layer, for example) that makes it easy to add a third front-end.

So what architectural patterns are useful for BlazeDS? To cut to the chase, I use Service Layer, Data Transfer Objects, and Mapper (or Assembler) on the server side. I’ll have a post on what I use on the client side later.

If you have played around with BlazeDS or used it to create a production application you’ve probably followed the examples bundled with the turnkey solution. And you probably have a hunch and instinct about how to create your app. I’m guilty of jumping right in and starting to code from my gut, but after a few days of learning a technology I like to step back and formalize my approach. My first place to consult is Martin Fowler’s Patterns of Enterprise Application Architecture (PEAA), and Design Patterns: Elements of Reusable Object-Oriented Software (Typically referred to as The Gang of Four Book, or GoF).

Service Layer

A Service Layer can have many methods, each using a variety of domain objects and models. Service Layer have application logic, like telling an emailing component to notify administrators that a payment has been processed, while delegating the business logic to the domain models. It’s pretty easy to figure out what types of methods a Service Layer should support; you can use the user interface as a guide to what sorts of things a client can do or you could base this off your use cases, if you’ve taken the time to do this.

The defining characteristics of Service Layers are the following:

• Defines application boundaries
• Defines available services from the perspective of interfacing clients
• Encapsulates business logics
• Provides convenient place for handling transactions, logging, etc.
• Prepares the response appropriately for the client

That last one brings me to the next pattern I use.

Data Transfer Objects

These are objects that have a bunch of properties, contain no domain logic, and may be structured in a simple hierarchy. When I first started with BlazeDS I was using an Hibernate as my object-relational mapping (ORM) solution and so I was happily transporting the objects I got from a database straight through BlazeDS and over to Flex. Some of my objects had few methods for domain logic, some had more. Few had a complex hierarchies.

Once I started adding parent child relationships and collections then I suddenly encountered a problem where retrieving one of these objects would cause Hibernate to recreate a pretty huge hierarchy. Just as bad was a problem with transactions; when you’re about to send an object down the wire, BlazeDS will call each of its getter methods and each of those Object’s getter methods in turn. This is why it recreates entire hierarchies, but if you close the Hibernate session before BlazeDS has a chance to get to these methods then you’ll get an exception because the Hibernate proxy object can’t get a hold of a session with which to get the rest of the objects out of the database.

There are ways to go around this, such as using the Open Session in View approach, and that works well, though I found it felt awkward because of the name, since the “view” part of this is that hibernate objects are being used by the view and so the session should not be closed, but I also didn’t need to load all the objects that were connected to the one measly object I wanted to read.

I could have used the custom serialization method specified here: Using custom serialization between ActionScript and Java.

So, the simples solution I finally adopted was to use Data Transfer Objects. Characteristics of DTOs are the following:

• May contain aggregated data
• Fields are simple, such as primitives, or other DTOs

The pain of adding DTOs is that you now have to transform some of your domain models, in my case, for example, some of the objects gathered with Hibernate into DTOs. So you have to use the Assembler (or Mapper) pattern. An Assembler can take care of:

• Knowing how to transform an object into a DTO
• How to reconstruct hierarchies for DTOs
• Keeps the domain model independent of external interfaces
• May make use of more than one assembler per dto based on the semantics of the request.

Now I have no problem with building deep hierarchies when I only need one object. If I do need the complete hierarchy I can use a different assembler that knows how to reconstruct that. That’s what the last bullet point on that list is talking about; if it makes sense in one request to bring in all children and grandchildren objects then an assembler can know how to do that, if, instead, all you need, is the one object, then that’s all the other assembler needs to do. In my case, I now had better control over when I could close the session without having to worry about Session closed exceptions.

An additional benefit with respect to BlazeDS and Flex is that the RemoteClass mapping from Flex to Java can always map to DTO and you won’t have to worry about changing your actual Domain Objects and having those changes reflected in the mapped actionscript class; if you remove a property from your domain object then the Java compiler will complain because the assembler will be unable to access that property. You’ve caught the error earlier on.

I didn’t talk about the client side much. I’m working on another post that will address that side.

Update: The “start”-method-not-getting-called bug is now a filed in the adobe bug tracker: http://bugs.adobe.com/jira/browse/BLZ-190

This post is another baby step in getting acegi/spring security and blazeds to work together. The whole purpose of these exercises is to for acegi to handle authentication/authorization and destination security. Even bypassing container security.

In the last part I talked about how I was stumped by the LoginCommand and how the “start” method is never called. The reason I want the start method to be called is so that I am passed a ServletConfig and from there I can get access to the ServletContext, and thereby access to the Spring WebApplicationContext but unfortunately this method never seems to get called. I traced the BlazeDS source in SVN, not very thoroughly I should admit, and never found a spot where the start method gets called.

That’s not such a big deal because I can get access to the ServletContext by using the FlexContext singleton. I’m not generally a fan of singletons but what the hell; if it gets it to work =p

Anyway, here’s a brief outline of my AcegiLoginCommand, which extends AppServerLoginCommand:

.. class AcegiLoginCommand extends AppServerLoginCommand …

public AcegiLoginCommand() {
    initAuthenticationManager();
}

private void initAuthenticationManager()
{
    ServletContext servletContext = FlexContext.getServletContext();
    String beanId = servletContext.getInitParameter("loginCommandBean");

    if (beanId == null) {
        beanId = "authenticationManager";
    }

    WebApplicationContext context =
        WebApplicationContextUtils.getWebApplicationContext(servletContext);

    authenticationManager = (AuthenticationManager)context.getBean(beanId);

    if (authenticationManager == null) {
      throw new RuntimeException("AuthenticationManager could not be found.  Tried beanId='"+ beanId+"'");
    }
}

The LoginCommand needs access t othe authenticationManager so that it can pass it call the manager’s “authenticate” method. To make it more configurable, I added a little bit of code that will get the bean name from a web.xml init-parameter.

Finally, my “doAuthentication” method looks like this:

public Principal doAuthentication(String username, Object password) {
  Authentication authentication =
        new UsernamePasswordAuthenticationToken(username, password);
  authentication = authenticationManager.authenticate(authentication);
  SecurityContextHolder.getContext().setAuthentication(authentication);

  return (Principal)authentication;
}

I don’t need to override doAuthorization because when I’m doing MethodSecurityInterceptor, that class takes care of looking at the Authentication token’s “GrantedAuthority”es to see if they can execute the method.

That’s pretty much it. I need to figure out the extent of the security integration. I know that at the moment the authentication will not work on RTMP channels.

A good explanation and example for Spring and BlazeDS is important for driving adoption of BlazeDS into environments that run on Java. I know a potential client of mine is looking into using BlazeDS as a transport layer for a product they have running on a Tomcat container. They want to try following established practices in Java and want to use off-the-shelf, tried-and-true technologies like Spring and Hibernate, and having information on using these with BlazeDS would make them more confident when adopting BlazeDS.

Hope this helps. Also, I just found out someone else had documented a similar approach at this blog post:

http://blog.f4k3.net/fake/entry/acegi_logincommand_for_fds

In an earlier post I talked about BlazeDS and Spring Security and gave a high level overview of how to get a BlazeDS destination to be secured with Acegi security instead of BlazeDS’ security. However, I overlooked a simple thing that would make the whole system play nicer with Flex. That is, I didn’t translate the authentication exception into a flex.messaging.SecurityException and did not set its code to Client.Authentication. It’s not really necessary to do so as you will get an error message anyway because BlazeDS catches Acegi’s exception and wraps it in a MessageException, but it’s nicer if it’s wrapped in a semantically appropriate exception.

I first thought I’d add an exceptionTranslationFilter to my filterChainProxy but this doesn’t work because BlazeDS wraps the exception after the proxied bean invocation and doesn’t let it percolate to the container filter. Duh! That took me about an hour to figure out.

The next step would have been to pass an afterInvocationManager to the method SecurityInterceptor but this guy never gets called when an exception occurs.

So, the next step, which I think is kinda hacky, is to extend the MethodSecurityInvocation class and override invoke. Catch any AuthenticationExceptions and translate them into SecurityExceptions so that BlazeDS can transfer that exception to Flex as appropriate. Here’s the code:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20

<pre lang="Java" line="1">
@Override
public Object invoke(MethodInvocation mi) throws Throwable {
    try {
        return super.invoke(mi);
    } catch (AuthenticationException ae) {
        SecurityException se = new SecurityException();
        se.setMessage(ae.getLocalizedMessage());
        se.setRootCause(ae);
        se.setDetails(ae.getLocalizedMessage());
        // This is an authorization error instead of an auth error 
        if (ae instanceof InsufficientAuthenticationException) {
            se.setCode(SecurityException.CLIENT_AUTHORIZATION_CODE);
        }
        else {
            se.setCode(SecurityException.CLIENT_AUTHENTICATION_CODE);
        }
        throw se;
    }
}

My next step is to bypass BlazeDS’s authentication mechanism and just do it through Acegi. I’ll keep you posted.

I was reading an article in this week’s issue of the Journal of the American Medical Association that looked into the perceived quality of care of patients in medicare and per-capita spending. Basically they wanted to see if people in regions with lower spending were more or less satisfied than Medicare beneficiaries in regions with higher spending. To put it into perspective, per-capita medicare expenditures in Miami, Florida was nearly $12,000 compared to $5,700 in Minneapolis.

The result was that there’s not a significant difference in an individual’s satisfaction with their medical care. The “oh, snap. no you did’n” moment came when I read the last paragraph in the study:

This study suggests that, should fundamental changes in the structure of the US health care system occur so that the lowest expenditure quintile is viewed as the benchmark, the fraction of patients who view their care as inadequate or constrained will not, in the long term, increase above current levels. Instead, we suspect that the limiting factor in restraining cost growth or in fundamental reform will be the extent to which the medical community will be able to adjust to new standards for what constitutes appropriate medical practice.

(my emphasis) So, doctors, stop performing expensive, sometimes unnecessary procedures.

What drives costs up? A commentary in the same issue points out that direct-to-consumer advertising, and procedure specialties in particular regions that increases the likelyhood of having that procedure performed on you than if you lived somewhere where procedure was not in vogue.

This is a component that mimics the text finding functionality in Safari. When you do a search it dims out the text field and highlights the currently found fragment of text. Other fragments in the text are currently set apart by a black rectangle, but I plan to change that.  This is kind of like the Highlighter component on FlexLib http://code.google.com/p/flexlib/wiki/ComponentList

The currently selected text indicator can be a IDataRenderer component that you can specify in code.

I couldn’t wait to show it to people before cleaning the code … so here it is. Without code. But I’ll release the source to the public once I clean it up and fix a few bugs.

Things I still need to do:

• Allow custom renderer for non-selected item
• Fix scrolling issues
• Looks like I’m missing the ability to highlight items towards the very end of the text
• Simplify so it can be used as a component. Currently needs a few lines of AS code to get working

Some notable features:

• You are passed the text formats of the text fragment match so that you can render the text in the selected indicator exactly as it looks on the original text.
• You can pass a custom selected text renderer. Notice it has animations as you click for the next find

There is another version that works on an HTML control in AIR. There’s a problem with that, however, when the text match wraps; I can’t figure out a way to find the coordinates of the start of text that’s been wrapped to the next line.

I frequently read a blog about IT in health care because I’m interested in HCI in medical settings and the blog’s author usually makes good posts that sometimes shed light on the organization impact of introducing software and hardware into a healthcare setting. But the last post was a piece in which he praised and agreed with an opinion piece on the Wall Street Journal titled “Why Doctors are Heading for Texas“. This opinion piece is just a rehash of the story “More Doctors in Texas After Malpractice Caps” on the New York Times posted last October about the same subject. The gist of the NYT article and the WSJ opinion piece is that more doctors are moving their practice to Texas because of a series of tort reforms passed in 2003 and 2005 in the same state that essentially capped malpractice payments at 250k.

One [of the reforms] capped medical malpractice awards for noneconomic damages at $250,000, changed the burden of proof for claiming injury for emergency room care from simple negligence to “willful and wanton neglect,” and required that an independent medical expert file a report in support of the claimant.

The other reform had to do with asbestos litigation.

Let’s stop to think about this for a few minutes.

First, it offers no comparison numbers to the increase in physicians nationwide and the output from medical schools. So maybe Texas is siphoning off doctors from other states, maybe it’s just part of a national trend. I went to the Texas Medical Board’s website and loaded up the numbers onto a spreadsheet from 1997 to 2008 to give myself a sense of any trend. The articles don’t compare the increase in doctors to population growth either.

Second, it ties the increase in Texas, without any proof, to a single cause: the reforms. One should consider a host of other factors like quality of life, programs that lighten the burden of medical school expenses for doctors willing to practice in underserved areas, wages, and many others. After determining the impact of other possibilities on the decision for a physician to practice in Texas, then can we compare the actual overall effect of tort reform on their decision. It may be significant, it may not.

Third, in other states in which med malpractice caps have been declared unconstitutional the effect of this change has had little if any effect on the # of active doctors. For example, in Oregon, in which a $500k cap in medical damages was declared unconstitutional, the number of active doctors increased at the same rate during the four years before and after the damage cap were overruled, according to the Oregon Board of Medical Examiners. “The number of active doctors in Oregon rose 11.9 percent from 2000 to 2004, compared to 12 percent from 1995 to 1999,” the years when the cap was in place. “There were 8,388 physicians practicing in Oregon in 2000 and 9,382 in 2004—an increase of 994, or 11.9 percent. By comparison, the number of physicians practicing in Oregon grew from 7,517 in 1995 to 8,416 in 1999, an increase of 899, or 12 percent.” In fact, the rate of increase in some of the specialties that are considered more at risk of malpractice litigation, like ob/gyn and trauma care, had a steady or dramatic increase in the years after the rule was overturned. It would be unwise to say that the change is the cause for this increase.

Further, as the data in the TMB site show, wealthier counties are getting more doctors than rural, poorer counties. The WSJ piece tries to appeal to our moral sense by mentioning that frivolous lawsuits impact the uninsured, the poor, the underserved. Yet, if you look at the numbers, physicians are moving to wealthier counties, and poorer counties have had little to nill increases of physicians in any specialty. Anyway, liability is a high cost in some specialties (ob/gyn) and in trauma, for example, but in rural areas the driver is reimbursement.

The NYT piece’s title is misleading because it implies causality. The two events could be completely unrelated, yet because the writer chose to focus on the tort reforms and because there was an increase in doctors coming into the state then the headline and story seem to imply that one caused the other. Both the WSJ and the NYT pieces use anecdotal evidence, quotes from doctors who did move because they thought liability premiums made it difficult to practice in their states, to back up their stories.

Is there a story in the TMB numbers? Maybe figure out why doctors practice in more affluent urban areas than in rural areas. But I suspect that’s not an exciting story. It’s obvious, doctors are just like the rest of us; we gravitate towards places with good paying jobs and things to do. And I suspect that story’s been written about before.

I’m not for litigation, and there are many cases where people who are actually victims of malpractice do not sue for malpractice.  There are some cases where people who have not been harmed or have no claim to medical malpractice nevertheless file one.  There are also many greedy lawyers who see this as an opportunity to make a lot of cash. But it really nags me when newspapers are happy to overlook a most basic rule taught in college, that “correlation does not imply causation,” to get you to read a story. And it’s even a weak example of correlation since the opposite “effect” can be seen in other states, like the Oregon case.  Bleh. Go back to school!

I read a blog post by Jeff Clavier about Twitter, Microblogging, and when Twitter might go mainstream.  I thought, yeah: I publish much more often on Twitter, Flickr, Facebook, and am starting to mess around with Muxtape.  So I looked around for a widget for my blog where I could put up my different streams from different social services.  I found friend feed and thought it’d be good to put on my blog.  That’s when it hit me: why not just make my stream my home page?  Why not replace my whole blog with my social stream, and just make my longer entries part of that stream?  So I whipped up a script in a few minutes and came up with what you see on the front page of my site.

Is this the way we’ll start to see online presence for those of us brave enough to run our own blogs?  Basically, this is a way to publish feeds from your online identities, not to aggregate feeds you’re interested in.  It’s not a personal feed aggregator.  It’s a starting point for people to get to your online identity(ies).

I have a bunch of ideas for this.  The initial, quick and dirty, version of these scripts is setup in a somewhat modular format, so as you sign up to new services, or new services appear you just drop in a new module and it will load those up.  Each item from each service can be customized as you want using CSS.  And you can control how often it should aggregate your content.  The source is coming soon but if you want to play with it I can post it.

Let me know what you think.