httpS for badger

Posted on September 15, 2005 by Wesley Wright

Got hold of a geotrust signed certificate for badger. That was easy (and $110 of UVM money).

Hard part was getting it installed, since I built the key and the certificate signing request (CSR) with openssl rather than keytool, and it was all being installed in tomcat.

The Tomcat SSL How-To proved to be the definitive source, but it took several readings and several google searches and several failed attempts to get the right syntax and in/out files. Here’s what finally worked

openssl pkcs12 -export -in badger.crt -inkey badger.key 

-out badger.p12 -name tomcat 

-CAfile ca-bundle.crt -caname root -chain

along with this entry in /usr/local/jakarta-tomcat/conf/server.xml

    <Connector port="443" 

               maxThreads="150" minSpareThreads="25" maxSpareThreads="75"

               enableLookups="false" disableUploadTimeout="true"

               acceptCount="100" debug="0" scheme="https" secure="true"

               clientAuth="false" sslProtocol="TLS" 

                keystoreFile="/usr/share/ssl/certs/badger.p12" keystorePass="xxxxxx"

                keystoreType="PKCS12"
        />

Still need to get hold of a certificate from ldap.uvm.edu and add to default JAVA_HOME security chain

Posted in Projects, Systems and Servers | Leave a comment

Dspace for Landscape change

Posted on September 13, 2005 by Wesley Wright

As mentioned here, it has been decided (well, sort of) to pursue evaluation of Dspace as a content management system for the Landscape Chaange project.

Some issues and answers

  • can Dspace do the job?

    Yeah, probably — but this is what the evaluation is all about

  • Why Dspace?

    Any image repository/content managements system has three essential sub-systems: content ingestion, tagging and editing, deleting; searching; display. The current Landscape Change project has homegrown and buggy code for all three. Dspace has open-source community developed, tested, and maintained code for all three. By switching to Dspace, UVM only needs to re-develop and customize the object display sub-system.

  • Will CIT continue to support Dspace?

    Haven’t asked CIT management yet, but if we build it, they’ll come (around), I hope. CIT-TSG indicates we can have badger for as long as we want for development. Worry about final deployment later.

  • What about disk space for Dspace?

    For now, migrate 1/10 Landscape records to Dspace to set up a small development model. Later, CIT-TSG indicates that swapping LCP-owned disk space (300 GB) to a different server is not a problem.

  • Dspace configuration issues:

    I asked the dspace-tech list this question:

    We’re considering migrating the landscape change project and its 10,000+ images to Dspace, and then seriously customizing the look, feel, operation, and adding a laundry list of new features. The rational is that by using stock Dspace features to manage and especially search the collection, our student intern programmers can concentrate on interface design, display, and kooky new features in the recently funded grant proposal wish list.

    So my question: do we want to somehow integrate this new collection and a spiffy new front end with our existing Dspace collections, building an even larger Institutional Repository? If not, then solution is trivial — install a separate  Dspace instance on a separate server. But if so, then what? One Tomcat, different webapps? One Tomcat, multiple Virtual Servers? Two Tomcats, different ports?

    Got back respons from Geneva Henry  (Executive Director, Digital Library Initiative, Rice University)

    My "vote" would be to keep it simple; one DSpace.  The customized interface requirement is something we’re running into with all of our collections in our DSpace.  There is, however, an DSpace component under development that will support customized interfaces for each collection/community.  Actually, there **were** 3 projects doing this.  After the DSpace users group meeting in July in Cambridge, they agreed to combine their efforts in a common architecture; that work is currently underway, making it a cocoon-based solution.  My DSpace developer, Sid Byrd, is up at Texas A&M this week, working with Scott Phillips and others on their DSpace team to help move that development along since we at Rice really do need it.  I believe their targeting December for a release; anything we can do to move-up that time line will be done. 

    I don’t know how large your group is, but we’re quite small here. Maintaining many DSpace’s would require more resources than we have.  With the exception of development and test DSpace’s, we only run 1 production DSpace and I’d like to keep it that way. 

  • Dublin Core issues

    Before I can begin ingesting LCP data into Dspace, I need to map current LCP meta-data values into Dublin Core (like?) entities.

  • Dspace version issues

    Not really an issue with respect to this project, but something I’d like to get to before adding more data. We’re current running 1.3alpha1, current version is 1.3.1 (neither alpha nor beta). This version has native LDAP support, but a littlle custom code is needed to automatically add new LDAP authorized e-people into a UVM group so we can password-protect certain items. This, too, will probably necessitate https access to the server, and that requires a certificate. So right there, I see another 3-4 days of work.

Posted in Dspace, Landscape Change, Projects | Leave a comment

Enabling “Protected Content” on real.uvm.edu

Posted on September 12, 2005 by Wesley Wright

Step 1: read help files

Step 2: ignore big parts of what was read

The manual says you need to

  1. define a new mount point THAT IS NOT IN CURRENT Content mount point directory (nope)
  2. Define a new database, if needed (not)
  3. create a new realm associated with said database (apparently true, defined SecureUVM)
  4. add users and passwords to the realm (waw, soc101)
  5. create a new commerce rule referencing the mount point and realm (uvmsoc101)

Here’s a screenshot of the final commerce rule:
screen shot of realserver admin commerce rule page

Turns out you can specify any subdirectory of the "Content" mount point (which we define as /usr/local/video/realserver/videos) as a protected path — which is exactly what I wanted. The Do Not Evaluate Permissions piece means " all authenticated users have unlimited access to content protected by the commerce rule," so you don’t need to specify individual URLs. Real is the SecureUVM realm previously defined (into which we will add other class accounts, if necessary). Yes, since there will be but one class account per class, shared by every student in the class, we need to allow Duplicate User IDs. And that’s all there is to it.

Posted in Projects, Video and Audio | Leave a comment

Enabling "Protected Content" on real.uvm.edu

Posted on September 12, 2005 by Wesley Wright

Step 1: read help files

Step 2: ignore big parts of what was read

The manual says you need to

  1. define a new mount point THAT IS NOT IN CURRENT Content mount point directory (nope)
  2. Define a new database, if needed (not)
  3. create a new realm associated with said database (apparently true, defined SecureUVM)
  4. add users and passwords to the realm (waw, soc101)
  5. create a new commerce rule referencing the mount point and realm (uvmsoc101)

Here’s a screenshot of the final commerce rule:
screen shot of realserver admin commerce rule page

Turns out you can specify any subdirectory of the "Content" mount point (which we define as /usr/local/video/realserver/videos) as a protected path — which is exactly what I wanted. The Do Not Evaluate Permissions piece means " all authenticated users have unlimited access to content protected by the commerce rule," so you don’t need to specify individual URLs. Real is the SecureUVM realm previously defined (into which we will add other class accounts, if necessary). Yes, since there will be but one class account per class, shared by every student in the class, we need to allow Duplicate User IDs. And that’s all there is to it.

Posted in Projects, Video and Audio | Leave a comment

Silly Scanners

Posted on September 9, 2005 by Wesley Wright

Art folks had problems with Nikon scanners. I only installed Nikon software on two machines, one of which had a Konica scanenr attached to it (the Nikon was attached to the iMac next to it). Well anyway, I installed Nikon Scan 4 on all macs in the room, and ran software update everywhere too, just because I can.

Posted in Projects, Video Labs | Leave a comment

Landscape Change Project: Usability Study Meeting

Posted on September 8, 2005 by Wesley Wright

Several invitees met Thursday, Sept 8, from 10-1 at UVM to solicit  ideas and opinions on how to make the Landscape Change Program website and collection more useful for everyone involved.

There were   three foci for the meeting.  Improving the search function, redesigning the display pages, and getting feedback about the type of images that would be useful to add to the collection. We worked independently through some search scenarios, writing down comments, idead, and observations; discussed our results in small groups; then reported back to the full group. After lunch, we discussed as a group the layout of several key display pages.

Afterwards, PI Paul Bierman met with me, Justin Henry, and Ellen Iverson of Carelton College (something of a useability specialist). We talkied about the next steps in implimenting the changes and improvements raised at the meeting.

The original plan was to fix what is there now using student interns from Robert Erikson’s CS148 course. Grant monnies would also allow Paul to hire Justin to fic a few short-term items. However, Justin is of a mind that rather than fix and patch broken code — or start over with the same database — we should start over using Dspace (or similar) as a back-end.

This, of course is non-trivial. Issues raised:

  • can Dspace do the job?
  • Why Dspace?
  • Will CIT continue to support Dspace?
  • What about disk spcae for Dspace?

Stay tuned for the exciting answers to these and more.

Posted in Landscape Change, Projects | Leave a comment

CMAP Server

Posted on September 8, 2005 by Wesley Wright

Met with Jon Bellum to discuss usage of the CMAP server I iinstalled on Badger: permissions, organization, limits.

Posted in Projects, Systems and Servers | Leave a comment

Activity Log: QuickTime Support Calls

Posted on September 7, 2005 by Wesley Wright

Lots of QuickTime Questions.

A Snider (aka Tuna) was wanting to switch from RealMedia to QuickTime for his Debate videos. I addressed the pros and cons of Streaming vs Progressive Download; where to upload them (with a short discourse on zoo file space and server architecture) ; what the links would look like; playing them in a browser (QuickTime plug-in) versus playing with QuickTime Player. Questions and answers were split over a couple days time, during which I also prepared a diagram and several examples movies and associated web pages.

Gagnan Mirchandani has been experimenting with QuickTime Broadcaster, both for live broadcasting and recording live lectures. He had several questions regarding how to link to the resultant movies. The same examples prepared for Tuna worked satisfactory as examples for him.

RTSP (real time streaming protocol) is used for Live Broadcasts or archived material delivered from Streaming Servers. See

http://www.apple.com/quicktime/technologies/streaming/

RTSP is problematic because browsers don’t always know what to do with it. Consider these two URLs

rtsp://quicktime.uvm.edu:1554/waw/wdi05hs2b.mov

rtsp://real.uvm.edu:554/waw/geeker.rm

What happpens when you click on them? Is it what you expected?

Because of these problems, RTSP URLs are best handled using the HTML "EMBED" command.

——————-

This example has two movies. Both are "embedded" in a web page. The top movie is served from a standard web server using the HTTP protocol. The bottom movie is served from a QuickTime Streaming Server using the RTSP protocol.

http://www.uvm.edu/~waw/movies/wdi05hs2b-2.html

——————–

This example shows many ways to link to a .mov file with an HTML URL (no streaming involved)

http://www.uvm.edu/~waw/movies/wdi05hs2b.html

——————–

This is Apple’s reference on the EMBED syntax

http://www.apple.com/quicktime/tutorials/embed.html

Posted in Projects, Video and Audio | Leave a comment

Almost a PowerPoint: Podcast Slide Show

Posted on September 6, 2005 by Wesley Wright

I thought it might be cute to repurpose a PowerPoint slide show as a Podcast with Pictures. This example is a bit of a counterfeit: it began life as a MS-Word document. I read the text (recorded my voice using QuickTime Player Pro), extracted the pictures (saved Word Document as HTML and pulled JPEGs from the resultant images folder), built the podcast with Chapter Tool Me (http://www.rbsoftware.net/?page=ctm)

Using the Digital Animation Stand

Posted in Blogs, Projects, Video and Audio | Leave a comment

A first Podcast

Posted on September 2, 2005 by Wesley Wright

For demonstration purposes only, Anne and William play drums and piano.
This is a MPEG-4 AAC file.

Posted in Blogs, Projects | Leave a comment