Sunday, August 22, 2010

Introduction to Semantic Web (Part 2)

In the first part i talked about the characteristics on which the Semantic Web is built. Now I'll introduce a couple of standards tools that support those characteristics.

The Standards and Tools i’ll cover are:


RDF (Resource Description Framewor): Is the De facto standard way of representing graph data for Semantic Werb, in a way that is both understandable by humans and machines. Is a language in which evrything is represented as a Resource (or a literal value), the subject, the predicate and the object. RDF can be represented in many ways. i’ll use the XML representation. An example RDF would be.

<rdf:rdf owl=""

dc="" fb=""
xhtml="" about="">

<dc:description>The Other Side of Midnight is a novel .....</dc:description>
<xhtml:license resource="">
<fb:media_common.adapted_work.adaptations resource="">

<dc:creator resource="">
< resource="">

In this RDF we can see the three parts of every triple. The subject being in our case the rdf:about after the namespace declarations. Objects can be literals or resources, and predicates are resources. So in the previous example one triple would be:


In this case subject, predicate and object are all resources. As we can see this forms a directed graph.

Namespaces can be mixed as we see, so for example we can create our own custom namespace and mix it with the previous graph definition, extending the knowledge modeled.

SPARQL: Is the language that allow us to query RDF modeled data. From my point of view, it’s a lot like SQL but specifically for querying data in the Triple form. To understand it let’s see an example based on the previous RDF.

PREFIX fb:<”">
PREFIX dc:<””>
PREFIX: rdf:<””>
select ?book
where ?book dc:creator

The previous sparql would return us all the books created by Sidney Sheldon. Notice that all the where clauses would be in the form of Triples. Also binding variables (?book in our case) can be used in more than one triple clause to narrow the results further.

RDFa: Is a set of added constructs that allow us to embbed RDF in XHTML in the form of attributes to normal XHTML tags.For example if we want to expose our knowledge about “The other side of midnight” to the web, allowing potential crawler to see this information we can do something like:

<div xmlns:dc=""
<span property="dc:description">The Other Side of Midnight is a novel... </span>
<span rel="dc:creator" resource=””> Sidney Sheldon</span>

These are maybe the main standards used in Semantic Web. If you are interested in the subject, you should also take a look at the OWL language and ontologies, and tools like Jena and Sesame for graph data repositories and servers.

Tuesday, August 17, 2010

Execute an X application remotely.

Today i bought a netbook, and i wanted to do a little programming on a project. I have the project configured on my main computer where i usually develop.

I didn’t want to create a full environment for my project, because of netbook capacity and because i won’t really program from here very often.

So i decided to use the ssh X forwarding facility. This way i could run my main computer eclipse in my netbook.

The Steps followed were very simple:

First on main computer:

- install openssh
- edit file /etc/ssh/sshd_config and make sure there is a non-commented line like X11Forwarding yes

That’s it for the main computer (Where eclipse really resides)

Then in my netbook i did:

- Open A terminal and execute:

ssh -X cscarioni@ /home/cscarioni/programas/eclipse/eclipse

Where /home/cscarioni/programas/eclipse/eclipse is where eclipse is installed on the main computer.

And that was it!!. i’m working in my home environment from my netbook.

edit: By the way in the home desktop computer xauth must be installed

Wednesday, August 4, 2010

Simple introduction to oauth protocol at the developement level. (with twitter and foursquare examples)

Oauth is basically a protocol for inter-application exchange of tokens, allowing one application to use resources and APIs of the other application, by authenticating between them with these tokens. One application being the Oauth Server, and the other one being the Oauth client.

The first step in configuring an oauth “contract” between the two applications is in the configuration of the server application, by registering the client application.

The server creates an “ID” for the client application from which it will identify it. This ID is formed by two strings known as the “key” and the “secret” . This ID strings are immediately made available to the client application.

The server must also provide 3 URLs to the client:
Request Token URL
Authorize URL
Access Token URL

It also must register a client callback URL

How it works

Request Token URL: URL where the client will request a first token, to identify a “user” within the client application. When accessing this URL with the id and key of the client application, it will return a token (oauth_token) (a String basically) which will then be used to authorize the client, with that particular token to access the server application. It returns another token (oauth_secret_token) that must be used later, so it has to be stored somehow (usually in the session). The first token will then be used to call the Authorize URL.

Authorize URL: This is the URL that is called from the client to give authorization to a specific account on the server application. This means that by accessing this URL, normally the authentication mechanism of the server application will pop, and after filling it, a dialog will pop requesting the acceptance or denying of the authorizations from the client application. After the permission is granted, the server application will call a callback URL on the client application (defined in the server configuration at the begining of the process) sending it a new token (oauth_token). The final Step will be calling the access token URL and..

Access Token URL: When the client application receives the callback call from the server, it takes the new oauth_token from the request, combine it with the saved oauth_token_secret from the first request and call the access token URL with that. The response is yet another two tokens known as the access tokens. These tokens must be stored persistently somewhere for future use, and usually will be associated with some user within the client application.

Now users within the client application can access their resources on the server application, sending their two tokens in every request for identifying them. And of course sending also the key and secret that identify the application.

Seeing it on the wire

This is the exchange using foursquare as an example of Oauth server

1. First the client request a request token, givinf the key of the application and the encrypted secret

GET /oauth/request_token?oauth_nonce=62603210&oauth_timestamp=1280930229&oauth_consumer_key=NO2ML1KLHEEPWMUQZPZSIOIGWX3LEBOTBYXTSIHECZ02WVL1&oauth_signature_method=HMAC-SHA1&oauth_version=1.0&oauth_signature=PRFQvAJngqdrrj3RIM%

2. The server answers OK and returns the tokens. Also returned Sessions cookies XSESSIONID and more (omited).

Expert Info (Chat/Sequence): HTTP/1.1 200 OK\r\n

3. The client sends the authorize request with the oauth_token:


4. The server redirects the client to the server’s authentication page, still referencing the oauth_token.

Request URI: /login?continue=%2Foauth%2Fauthorize%3Foauth_token%3D2BTJEXPZHWRY2CJD5YVHOQUEMD0WVPNKASLP2WDCLMGYN2ZB

5. After the user login into the server application it is redirected to the allow/deny page.

6. When the user allows the permission, the server calls the callback URL on the client sending it the new access token.

7. With this new token, and with the secret token from step 2. A call is made to the Access Url on the server.


8. The server returns the last two tokens that must be saved in the client for future use.

Te following is an example in python of Oauth against foursquare an twitter

First a couple of classes with the details

__author__ = 'cscarioni'

import oauth2 as oauth
import cgi as urlparse
from django.utils import simplejson

from StringIO import StringIO
class BaseOauth(object):


def __init__(self,oauthKey,oauthSecret,requestURL,accessURL,authorizeURL):


def requestAuthorization(self,dictionary):

consumer = oauth.Consumer(self.oauthKey, self.oauthSecret)

client = oauth.Client(consumer)
resp, content = client.request(self.requestURL, "GET")

if resp['status'] != '200':
raise Exception("Invalid response %s." % resp['status'])

request_token = urlparse.parse_qs(content)

return "%s?oauth_token=%s" % (self.authorizeURL, request_token['oauth_token'][0])

def getAccessTokens(self,oauthtoken,dictionary):
consumer = oauth.Consumer(self.oauthKey, self.oauthSecret)

client = oauth.Client(consumer,token)

resp, content = client.request(self.accessURL, "POST")

if resp['status'] != '200':
raise Exception("Invalid response %s." % resp['status'])

access_token = urlparse.parse_qs(content)
return access_token["oauth_token"][0],access_token["oauth_token_secret"][0]

def requestWithOauthJSON(url, key, secret, http_method="GET", post_body=None,http_headers=None):

consumer = oauth.Consumer(self.oauthKey, self.oauthSecret)

token = oauth.Token(key, secret)
client = oauth.Client(consumer, token)

resp, content = client.request(


return simplejson.load(StringIO(content))

class FoursquareOauth(BaseOauth):

def __init__(self):


class TwitterOauth(BaseOauth):
def __init__(self):



which can be used from client code like:

def associateFoursquareAccount(request):
return HttpResponseRedirect(foursquareOauth.requestAuthorization(request.session))

def foursquareCallback(request):

user=User.gql("WHERE login = :login",login=request.session["userlogin"])


return HttpResponseRedirect("/")