Slashdot Mirror

PerlDiver writes: "Perl for Web Site Management by John Callender is for web professionals -- designers, editors, HTML jockeys -- who have never programmed before, but who now find themselves with the need to create their own site-management tools, automated web clients, and web-based applications. The title is an understatement; the book covers not just Perl programming but the bulk of what a novice needs to learn to function in a UNIX environment, from pwd and man to installing software packages from source tarballs. If you or anyone you know wants to cross the chasm from 'content' to 'code,' get this book." Read on for the rest of his review. Perl for Web Site Management author John Callender pages 528 publisher O'Reilly and Associates rating 8 reviewer perldiver ISBN 1565926471 summary Superb introduction to Perl for "accidental programmers"

In his preface, Callender describes his own transition from a writer and editor to the kind of one-man-band that, back in the '90's, we called a "webmaster". He characterizes himself and others in the same boat as "accidental programmers", and justly praises Larry Wall for creating a programming language that enables such novice coders to do useful things right away. "Like natural languages, one of the ways in which Perl makes easy things easy is that it is designed to let you get by using only a small subset of the language. As Larry puts it, Perl lets you talk baby talk, and in Perl such baby talk is officially okay."

For non-programmers, this is a better Learning Perl than Learning Perl. The latter title, by Schwartz and Phoenix, is explicitly intended for established programmers seeking to add Perl to their existing tool belt of languages. Perl for Web Site Management is for the folks Apple used to call "the rest of us". Callender assumes no knowledge on the part of his reader beyond some familiarity with HTML and the web; this starting-from-zero approach makes the book maximally inclusive, while his ability to convey a lot in a small space brings the newbies a long way in the space of a couple chapters. He provides thorough redirection to the standard sources of Perl and Internet lore (the perl* man pages, the standard Perl programming texts, and others).

Virgin programmers, when they're through with Perl for Web Site Management, will find themselves able to make effective use of Perl programs to automate a plethora of tasks, including mass manipulation and modification of a site's files; server log analysis (using Perl's powerful regular expression facility); link checking (using the LWP module); and auto-generating an annotated site map from the <META> tags in the site's HTML files. The latter part of the book introduces server-side web application programming using CGI (examples include coding a site Guestbook and integrating with the SWISH-E site search facility), along with more advanced lore like the CPAN code archive, Perl's object-oriented features, storing user data in DBM databases, and publishing modules for reuse by others. Along the way, the book teaches a respectable amount about UNIX, as well; the main text, as well as the many informative sidebars, contain concise and clear explanations of necessities like stdin/stdout redirection; chmod and file permissions; shell filename globbing; tab completion in bash; network troubleshooting with traceroute; and much more.

Callender's writing style provides the right mix of hand-holding, humor, and clarity for the book's target audience. He simplifies without dumbing down, and he proves that he picked up a considerable amount of hacker culture on his own journey up the learning curve, which he shares with his pupils, citing sources from Neal Stephenson's In the Beginning Was the Command Line to Jon Udell's Practical Internet Groupware. He also does a good job of evangelizing the culture of sharing and open systems that created Perl, Apache, and the Internet as we know it, giving abundant proper credit to the authors and creators of all the tools and references to which he refers his readers. He concludes by listing, and providing jumping-off points for, the wide variety of logical "next steps" that go beyond the scope of the book: Python and other programming languages for the web, Apache configuration, mod_perl, system administration, and relational database integration.

As you may have guessed by now, I recommend this book highly, especially for anyone who finds him- or herself with responsibility for maintaining a web site but feeling a bit underequipped to do so. The book has a limitation (which is not the same as a shortcoming): it's a tutorial, not a reference work; though the index is quite serviceable, this isn't the book to turn to when you need to remember the order of the arguments to substr. This is a book to sit down and read through, once or multiple times, to help build a framework of knowledge and begin populating it with pearls of wisdom that can be put to immediate use.

Additional information about the book, including code for the examples given, is available on the web at the author's web site, O'Reilly's page for the book, and at the online bookseller site of your choice. Table of Contents:

Preface

1. Getting Your Tools in Order
Open Source Versus Proprietary Software
Evaluating a Hosting Provider
Web Hosting Alternatives
Getting Started with SSH/Telnet
Meet the Unix Shell
Network Troubleshooting
A Suitable Text Editor

2. Getting Started with Perl
Finding Perl on Your System
Creating the "Hello, world!" Script
The Dot Slash Thing
Unix File Permissions
Running (and Debugging) the Script
Perl Documentation
Perl Variables
A Bit More About Quoting
"Hello, world!" as a CGI Script

3. Running a Form-to-Email Gateway
Checking for CGI.pm
Creating the HTML Form
The <FORM> Tag's ACTION Attribute
The mail_form.cgi Script
Warnings via Perl's -w Switch
The Configuration Section
Invoking CGI.pm
foreach Loops
if Statements
Filehandles and Piped Output
die Statements
Outputting the Message
Testing the Script

4. Power Editing with Perl
Being Careful
Renaming Files
Modifying HREF Attributes
Writing the Modified Files Back to Disk

5. Parsing Text Files
The "Dirty Data" Problem
Required Features
Obtaining the Data
Parsing the Data
Outputting Sample Data
Making the Script Smarter
Parsing the Category File
Testing the Script Again

6. Generating HTML
The Modified make_exhibit.plx Script
Changes to &parse_exhibitor
Adding Categories to the Company Listings
Creating Directories
Generating the HTML Pages
Generating the Top-level Page

7. Regular Expressions Demystified
Delimiters
Trailing Modifiers
The Search Pattern
Taking It for a Spin
Thinking Like a Computer

8. Parsing Web Access Logs
Log File Structure
Converting IP Addresses
The Log-Analysis Script
Different Log File Formats
Storing the Data
The "Visit" Data Structure

9. Date Arithmetic
Date/Time Conversions
Using the Time::Local Module
Caching Date Conversions
Scoping via Anonymous Blocks
Using a BEGIN Block

10. Generating a Web Access Report
The &new_visit and &add_to_visit Subroutines
Generating the Report
Showing the Details of Each Visit
Reporting the Most Popular Pages
Fancier Sorting
Mailing the Report
Using cron

11. Link Checking
Maintaining Links
Finding Files with File::Find
Looking for Links
Extracting
Putting It All Together
Using CPAN
Checking Remote Links
A Proper Link Checker

12. Running a CGI Guestbook
The Guestbook Script
Taint Mode
Guestbook Preliminaries
Untainting with Backreferences
File Locking
Guestbook File Permissions

13. Running a CGI Search Tool
Downloading and Compiling SWISH-E
Indexing with SWISH-E
Running SWISH-E from the Command Line
Running SWISH-E via a CGI Script

14. Using HTML Templates
Using Templates
Reading Fillings Back In
Rewriting an Entire Site

15. Generating Links
The Docbase Concept
The CyberFair Site's Architecture
The Script's Data Structure
Using Data::Dumper
Creating Anonymous Hashes and Arrays
Automatically Generating Links
Inserting the Links

16. Writing Perl Modules
A Simple Module Template
Installing the Module
The Cyberfair::Page Module

17. Adding Pages via CGI Script
Why Add Pages with a CGI Script?
A Script for Creating HTML Documents
Controlling a Multistage CGI Script
Using Parameterized Links
Building a Form
Posting Pages from the CGI Script
Running External Commands with system and Backticks
Race Conditions
File Locking
Adding Link Checking

18. Monitoring Search Engine Positioning
Installing WWW::Search
A Single-Search Results Tool
A Multisearch Results Tool
The map Function

19. Keeping Track of Users
Stateless Transactions
Identifying Individual Users
Basic Authentication
Automating User Registration
Storing Data on the Server
The Register Script
The Verification Script

20. Storing Data in DBM Files
Data Storage Options
The tie Function
A DBM Example Script
Blocking Versus Nonblocking Behavior
Storing Multilevel Data in DBM Files
An MLDBM-Using Registration Script
An MLDBM-Using Verification Script

21. Where to Go Next
Unix System Administration
Programming
Apache Server Administration and mod_perl
Relational Databases
Advocacy

Index

You can purchase Perl for Web Site Management from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

dooling writes: "Perl & XML is a well-written book that accomplishes what it sets out to do. It states in the preface that it is written for Perl programmers who want to learn about XML and what is available in Perl for XML processing. It achieves this goal, but little else. When you are done reading this book you will have been given an overview of Perl and XML, know where to begin to attack an XML document, and know where to look to find more information." For dooling's more complete review, read on below. Perl & XML author Erik T. Ray & Jason McIntosh pages 202 publisher O'Reilly and Associates rating 6 reviewer dooling ISBN 059600205X summary Good introduction to XML for Perl programmers.

The book starts out with a brief explanation of why XML and Perl are well-suited for each other. It then provides a teaser of things to come: an explanation of how to use the XML::Simple module. The first chapter concludes with some warnings and gotchas that seem a little premature since they have not really explained XML. Fortunately, most of these gotchas are covered in context later in the book.

The second chapter provides a whirlwind overview of XML -- covering its structure, DTDs, schemas, and XSLT (transformation). The discussion of XML in general, its history, and parts of an XML document are well done. They give someone who is familiar with static HTML the needed background to understand the structure of an XML document and the vocabulary used to describe it. Unfortunately, the discussion of where XML begins to distinguish itself from HTML, namely with DTDs, the new replacement for DTDs called schemas, and the transformation language XSLT, is too brief. They gloss over these topics with little explanation and few examples. That said, there are other books that do provide more in-depth coverage of XML (this book only promises an introduction).

The next five chapters cover Perl modules designed to process XML, starting with simple parsers and writers. Only methods and syntax relating to XML processing are explained. Therefore, if you are considering reading this book, you should be fairly comfortable with Perl and object-oriented (OO) interfaces to CPAN modules (nearly all the modules discussed provide OO APIs). Again, there are other books and perldoc documentation that cover Perl and it's OO features; so read them first if you are not familiar with OO Perl. If you are familiar with OO Perl, these chapters provide a good overview of the different ways XML can be processed (stream- and tree-based approaches), the advantages and disadvantages of each, and the Perl modules best suited for each approach. These chapters are the biggest strength of this book. The modules discussed in these chapters are by no means an exhaustive list of XML-related modules available from CPAN nor do the explanations of each module cover everything the module does. These chapters do, however, provide the reader with enough information that she can begin to process XML documents intelligently and know where to turn when she needs more information.

The next chapter, Chapter 8, covers XML tree iterators, XPath, XSLT, and XML::Twig. All of these topics are covered in a span of 16 pages (with only slightly over two pages dedicated to XSLT). Indeed, after reading the chapter, you may get the feeling that it was only included so the authors could cram more trite colloquialisms into the book. The short shrift given to these topics creates the impression, which is strengthened in the chapters that follow, that this book was rushed a bit to press.

Chapter 9 discusses applications of XML, including RSS and SOAP, and Chapter 10 is mostly example code. These chapters are intended to give you a feeling for what is possible without really giving you enough information to make it happen. The main problem with these chapters are the examples: the examples are long and the explanations are short. Thus, they are more useful as templates or a quick reference than for learning these topics in detail. Of course, the authors never promised you would be programming SOAP applications when you were done reading this book. And again, there are other books out there which discuss these topics in more detail. So the authors stay true to their promise throughout the book: they will introduce you to XML and tell you how to interact with XML using Perl, no more.

Personally, I found this book did, in general, give me enough information to get started using XML and pointed me where I needed to go to get more information. I am an experienced Perl programmer who is new to XML and comfortable with on-line documentation. This book seems to be written for people who fit this profile and who want to learn by doing (finding the answers to the "hard" questions as they arise). It does introduce a wide variety of XML-related topics and the Perl modules used to interact with them, which is what the authors promised to do in the preface. While it is by no means an authoritative text on Perl and XML, there is something to be said for keeping promises ...

Index As with most first-edition books, the index was adequate but not complete. For example, XML::Twig, which has an entire section covering it, does not appear in the index at all.

Contents
Preface

1. Perl and XML
2. • Why Use Perl with XML?
   • XML Is Simple with XML::Simple
   • XML Processors
   • A Myriad of Modules
   • Keep in Mind ...
   • XML Gotchas
3. An XML Recap
4. • A Brief History of XML
   • Markup, Elements, and Structure
   • Namespaces
   • Spacing
   • Entities
   • Unicode, Character Sets, and Encodings
   • The XML Declaration
   • Processing Instructions and Other Markup
   • Free-Form XML and Well-Formed Documents
   • Declaring Elements and Attributes
   • Schemas
   • Transformations
5. XML Basics: Reading and Writing
6. • XML Parsers
   • XML::Parser
   • Stream-Based Versus Tree-Based Processing
   • Putting Parsers to Work
   • XML::LibXML
   • XML::XPath
   • Document Validation
   • XML::Writer
   • Character Sets and Encodings
7. Event Streams
8. • Working with Streams
   • Events and Handlers
   • The Parser as Commodity
   • Stream Applications
   • XML::PYX
   • XML::Parser
9. SAX
10. • SAX Event Handlers
    • DTD Handlers
    • External Entity Resolution
    • Drivers for Non-XML Sources
    • A Handler Base Class
    • XML::Handler::YAWriter as a Base Handler Class
    • XML::SAX: The Second Generation
11. Tree Processing
12. • XML Trees
    • XML::Simple
    • XML::Parser's Tree Mode
    • XML::SimpleObject
    • XML::TreeBuilder
    • XML::Grove
13. DOM
14. • DOM and Perl
    • DOM Class Interface Reference
    • XML::DOM
    • XML::LibXML
15. Beyond Trees: XPath, XSLT, and More
16. • Tree Climbers
    • XPath
    • XSLT
    • Optimized Tree Processing
17. RSS, SOAP, and Other XML Applications
18. • XML Modules
    • XML::RSS
    • XML Programming Tools
    • SOAP::Lite
19. Coding Strategies
20. • Perl and XML Namespaces
    • Subclassing
    • Converting XML to HTML with XSLT
    • A Comics Index

Index

You may also want to check out Erik T. Ray's home page, Jason McIntosh's home page, or O'Reilly's page for the book. You can purchase Perl &amp XML from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

cpfeifer writes with the review below of O'Reilly's 802.11 Wireless Networks: The Definitive Guide; he warns that this is not a book for everyone setting up a casual home wireless network, but says it's excellent for its intended audience. Read on for his complete review. 802.11 Wireless Networks : The Definitive Guide author Matthew S. Gast pages 443 publisher O�Reilly & Associates rating 9/10 reviewer cpfeifer ISBN 0-596-00183-5 summary A thorough survey of the features, issues and potential solutions of deploying 802.11 based wireless networks.

The Scenario

For a lot of folks, implementing an 802.11 network involves selecting and purchasing an access point and adapter cards, and installing or compiling the proper drivers. From there, we are off and running, usually in under an hour. However for the few, the proud, the sysadmins of the world it's a whole different ballgame. Sysadmins need a deeper understanding of network technologies to be able effectively design, deploy and debug them.

What's Bad?

Most of the book is right on the mark when it comes to the sysadmin audience, however chapters 8 (the PCF, for contention free service), 10 (the ISM PHYs) and 11 (802.11a overview) are only of interest to folks who are implementing 802.11 hardware, IMHO. These chapters contain very low-level material about the 802.11 transmission protocol, and will not be generally useful since equipment manufacturers do not provide access to this layer. A dead giveaway that you can skip over chapter 8 is the phrase "The PCF has not been widely implemented." If it's not widely implemented, chances are you won't have the option of using it in a deployment.

After this bellycrawl through the weeds, chapters 12 and 14 give click-by-click instructions for installing two commercially available 802.11 access point/client adapter pairs on your Windows box. The selected products are Nokia's A032 Access Point along with their C110/C111 and Lucent's Orinoco (formerly WaveLan) Access Point and client adapter. It's worth noting that these are two of the most expensive 802.11 solutions available on the market and have enhanced features that are not present in other models. These chapters are simply rehashed vendor installation documentation for these products and provide very little added value. There's nothing that I hate more than paying $30-$50 for a book which repackages documentation that is freely available on the web. Skip these chapters; the rest of the book is excellent.

What's Good?

This book starts off with six strong chapters that cover the 802.11 protocol specification, why WEP is vulnerable, and some upcoming security specifications. The first six chapters are invaluable reading for any sysadmin that is planning (or already responsible) for an 802.11 deployment. This is your ammunition when users come and ask why the wireless network is slower than the wired network with fewer users (preventing contention adds more overhead in wireless) or why they really really should tunnel every wireless connection over SSH (because WEP is fundamentally flawed). The chapter that covers the current WEP implementation demystifies the "40 bit" vs. "64 bit" key-length sleight of hand that some vendors play. The standard WEP key length is 64 bits. However, 24 of those bits are used as WEP's initialization vector for the RC4 cipher. These bits aren't encrypted in an 802.11 packet, so by sniffing 802.11 traffic you can examine the IVs of the packets and see how many distinct keys are in use, and even retrieve the actual key once you have captured enough packets. AirSnort retrieves WEP keys by implementing the Fluhrer/Martin/Shamir attack (orig paper, Stubblefield paper). Chapter 16 covers using tools such as Airsnort and Ethereal to analyze the 802.11 traffic on your network. Remember to use your powers for good and not evil.

The final 3 chapters address deployment, analysis and tuning of 802.11 networks. These chapters, combined with the first six are the heart of this book and the whole motivation for buying the book. The analysis chapter has a particularly wonderful section about gathering user requirements with respect to 802.11 specific issues (security requirements, roaming ...) and a very practical section about physical installation that clearly illustrates the author's mastery of integrating 802.11 technologies into an existing infrastructure.

So What's In It For Me?

If you're an sysadmin and implementing 802.11 technologies is on the horizon, this book is a solid reference of the current state of 802.11 solutions, both good and bad. It pulls no punches in presenting issues and weaknesses with the current solutions and documents forthcoming standards that are being proposed or developed to address them. If you're considering a smaller deployment at home, the security aspects of the text are still applicable, but the design/deployment sections are more rigorous than you will need. There is a bit of starch (repackaged vendor installation documentation) and unnecessary details (knowing that 802.11 frequency hopping uses Gaussian frequency shift keying is good for impressing women at parties, but doesn't really impact the design/deployment of an 802.11 network) but the other chapters redeem themselves and make this a very valuable text.

Table of Contents

1. Preface
2. Introduction to Wireless Networks
3. Overview of 802.11 Networks
4. The 802.11 MAC
5. 802.11 Framing in Detail
6. Wired Equivalent Privacy (WEP)
7. Security, Take 2: 802.1x
8. Management Operations
9. Contention-Free Service with the PCF
10. Physical Layer Overview
11. The ISM PHYs: FH, DS, and HR/DS
12. 802.11a: 5-GHz OFDM PHY
13. Using 802.11 on Windows
14. Using 802.11 on Linux
15. Using 802.11 Access Points
16. 802.11 Network Deployment
17. 802.11 Network Analysis
18. 802.11 Performance Tuning
19. The Future, at Least for 802.11
20. 802.11 MIB
21. 802.11 on the Macintosh
22. Glossary
23. Index

You can purchase 802.11 Wireless Networks : The Definitive Guide from bn.com. Slashdot welcomes readers' book reviews -- to submit yours, read the book review guidelines, then visit the submission page.

cpfeifer writes with the review below of O'Reilly's 802.11 Wireless Networks: The Definitive Guide; he warns that this is not a book for everyone setting up a casual home wireless network, but says it's excellent for its intended audience. Read on for his complete review. 802.11 Wireless Networks : The Definitive Guide author Matthew S. Gast pages 443 publisher O�Reilly & Associates rating 9/10 reviewer cpfeifer ISBN 0-596-00183-5 summary A thorough survey of the features, issues and potential solutions of deploying 802.11 based wireless networks.

The Scenario

For a lot of folks, implementing an 802.11 network involves selecting and purchasing an access point and adapter cards, and installing or compiling the proper drivers. From there, we are off and running, usually in under an hour. However for the few, the proud, the sysadmins of the world it's a whole different ballgame. Sysadmins need a deeper understanding of network technologies to be able effectively design, deploy and debug them.

What's Bad?

Most of the book is right on the mark when it comes to the sysadmin audience, however chapters 8 (the PCF, for contention free service), 10 (the ISM PHYs) and 11 (802.11a overview) are only of interest to folks who are implementing 802.11 hardware, IMHO. These chapters contain very low-level material about the 802.11 transmission protocol, and will not be generally useful since equipment manufacturers do not provide access to this layer. A dead giveaway that you can skip over chapter 8 is the phrase "The PCF has not been widely implemented." If it's not widely implemented, chances are you won't have the option of using it in a deployment.

After this bellycrawl through the weeds, chapters 12 and 14 give click-by-click instructions for installing two commercially available 802.11 access point/client adapter pairs on your Windows box. The selected products are Nokia's A032 Access Point along with their C110/C111 and Lucent's Orinoco (formerly WaveLan) Access Point and client adapter. It's worth noting that these are two of the most expensive 802.11 solutions available on the market and have enhanced features that are not present in other models. These chapters are simply rehashed vendor installation documentation for these products and provide very little added value. There's nothing that I hate more than paying $30-$50 for a book which repackages documentation that is freely available on the web. Skip these chapters; the rest of the book is excellent.

What's Good?

This book starts off with six strong chapters that cover the 802.11 protocol specification, why WEP is vulnerable, and some upcoming security specifications. The first six chapters are invaluable reading for any sysadmin that is planning (or already responsible) for an 802.11 deployment. This is your ammunition when users come and ask why the wireless network is slower than the wired network with fewer users (preventing contention adds more overhead in wireless) or why they really really should tunnel every wireless connection over SSH (because WEP is fundamentally flawed). The chapter that covers the current WEP implementation demystifies the "40 bit" vs. "64 bit" key-length sleight of hand that some vendors play. The standard WEP key length is 64 bits. However, 24 of those bits are used as WEP's initialization vector for the RC4 cipher. These bits aren't encrypted in an 802.11 packet, so by sniffing 802.11 traffic you can examine the IVs of the packets and see how many distinct keys are in use, and even retrieve the actual key once you have captured enough packets. AirSnort retrieves WEP keys by implementing the Fluhrer/Martin/Shamir attack (orig paper, Stubblefield paper). Chapter 16 covers using tools such as Airsnort and Ethereal to analyze the 802.11 traffic on your network. Remember to use your powers for good and not evil.

The final 3 chapters address deployment, analysis and tuning of 802.11 networks. These chapters, combined with the first six are the heart of this book and the whole motivation for buying the book. The analysis chapter has a particularly wonderful section about gathering user requirements with respect to 802.11 specific issues (security requirements, roaming ...) and a very practical section about physical installation that clearly illustrates the author's mastery of integrating 802.11 technologies into an existing infrastructure.

So What's In It For Me?

If you're an sysadmin and implementing 802.11 technologies is on the horizon, this book is a solid reference of the current state of 802.11 solutions, both good and bad. It pulls no punches in presenting issues and weaknesses with the current solutions and documents forthcoming standards that are being proposed or developed to address them. If you're considering a smaller deployment at home, the security aspects of the text are still applicable, but the design/deployment sections are more rigorous than you will need. There is a bit of starch (repackaged vendor installation documentation) and unnecessary details (knowing that 802.11 frequency hopping uses Gaussian frequency shift keying is good for impressing women at parties, but doesn't really impact the design/deployment of an 802.11 network) but the other chapters redeem themselves and make this a very valuable text.

Table of Contents

1. Preface
2. Introduction to Wireless Networks
3. Overview of 802.11 Networks
4. The 802.11 MAC
5. 802.11 Framing in Detail
6. Wired Equivalent Privacy (WEP)
7. Security, Take 2: 802.1x
8. Management Operations
9. Contention-Free Service with the PCF
10. Physical Layer Overview
11. The ISM PHYs: FH, DS, and HR/DS
12. 802.11a: 5-GHz OFDM PHY
13. Using 802.11 on Windows
14. Using 802.11 on Linux
15. Using 802.11 Access Points
16. 802.11 Network Deployment
17. 802.11 Network Analysis
18. 802.11 Performance Tuning
19. The Future, at Least for 802.11
20. 802.11 MIB
21. 802.11 on the Macintosh
22. Glossary
23. Index

You can purchase 802.11 Wireless Networks : The Definitive Guide from bn.com. Slashdot welcomes readers' book reviews -- to submit yours, read the book review guidelines, then visit the submission page.

Idmat writes "Tim's latest opus, "The Strange Case of the Disappearing Open Source Vendors," starts with Sherlock Holmes ruminating on "the curious incident of the dog in the night-time" and winds up explaining why open source is good for businesses even if it isn't always good for software vendors."

Lisam writes "Jon Udell, in a fascinating column titled "Seeing and Tuning Social Networks", writes: "New forms of social software are one of the most hopeful green shoots erupting from a still-bleak technology landscape." Software is catching up with what we know about social networks: the greater the reach of your array, the more effective an actor you can be within an organization.In this column, Jon talks with two observers about software that maps social networks and their patterns..."

Peter Wayner writes: "In a world where Ali had to meet Frazier and Luke had to meet his father, it was only a matter of time before buzzwords like Java and eXtreme Programming found themselves together on the same marquee. A pair of new books examines some open source Java development tools and outlines how they can be put to use by those trying to master their workload by adopting the techniques of eXtreme programming." Read on for his latest review, which is really two reviews in one. (see each) author (see each) pages (see each) publisher (see each) rating (see each) reviewer Peter Wayner ISBN (see each) summary Two books which explore the use of Ant in Java software development

The two books are excellent examples of how the book industry organizes and disciplines the often crazy explosion of new tools, approaches, structures and metaphors developed by the software industry. Ant: The Definitive Guide by Jesse Tilly and Eric Burke comes from O'Reilly, the masters of producing missing manuals for open source projects. The other, Java Tools for eXtreme Programming: Mastering Open Source Tools including Ant, JUnit, and Cactus by Richard Hightower and Nicholas Lesiecki was published by John Wiley and Sons. Both provide a clear, example-driven exploration of the tools at hand.

The books are probably driven by the success of Kent Beck's Extreme Programming Explained: Embrace Change , a manifesto that outlined Beck's belief that the best way to develop code was with small teams of programmers and users who constantly reworked the software. His most controversial and attention grabbing notion demanded that the programmers work in pairs sharing one computer, one mouse and one keyboard. The constant interaction forced everyone to actually communicate with each other without sending emails and that, more than anything else, may be responsible for the success of his vision. His book spawned a few others on how programmers can plan to apply his vision.

Meanwhile, on the other side of the buzzword galaxy, the Apache group was quietly creating some of the coolest Java development and deployment tools around. Ant was and still is one of the most revolutionary, even though it was just a simple reworking of the classic UNIX make command. Its creator, James Davidson, grew so frustrated with the shell interface of the make command that he wrote a Java-centric version that moved all of the compilation, compression, and distribution inside one Java process. Now, no one has to wait for another Java Virtual Machine to start up to compile each class file independently.

While Davidson's Ant isn't much different than make at first glance, it's hard to overestimate the power of giving programmers a clever tool with plenty of hooks into the development process. Anyone can write new tasks for Ant, and some clever folks have built great new widgets that do things like enforce style guidelines or grab new code from a CVS tree. The structure of Ant lets the programmer dig deeply into the build process. The organic growth and dynamic flexibility shows how close Java can be to Lisp.

Tilly and Burke do a good job capturing the spirit of the tool. Their book follows O'Reilly's time-tested and market-proven simple-examples technique to illustrate how to use Ant for your projects. The chapters in the first half of the book outline how to use and extend Ant for your project. The strength of the book may be the way the authors casually include practical advice about the bugs and idiosyncracies of the tool. While Ant is quite capable, there are a number of little limitations to the XML parser that can drive new users a bit nuts. The second half of the book is a detailed description of the API, the data types and the other practical documentation.

In one sense, it's not really fair to lump this book in with all of this gloss about Extreme Programming. because it's just another methodical O'Reilly book with Dover artwork on the cover. It's important to realize that these tools aren't directly tied to the extreme programming movement. Ant was just created by a Java programmer who hated to wait. Everything else came afterwards when he opened the API.

Ant: The Definitive Guide author Jesse Tilly & Eric M. Burke pages 260 publisher O'Reilly rating 7 ISBN 0-597-00184-3 summary A methodical, in-depth look at the Java tool.

The other book, however, explicitly illustrates how some popular open source tools can help the process of extreme programming. Hightower and Lesiecki's book is much broader than Tilly and Burke's because they want to tackle so much more. They don't want to just provide a missing manual for the tool-- they want to give the world a road map on how they use Ant and its cousins JUnit, HTTPUnit, and Cactus to build better applications. It should be noted that Hightower and Lesiecki work for a consulting group called eBlox and a number of other eBlox programmers are listed as contributors to the book. I think it's fair to say that anyone who hires eBlox will get eXtreme Programming results built with this methodology.

The best part about this book is the wide scope. Ant remains the central taskmaster responsible for building the software, but the book explains how to incorporate other tools for testing the software. The authors embrace one of the extreme programming central beliefs that programmers should define how to test their code before it is actually written. The book explains how to use JUnit, Cactus, and HTTPUnit to set up rules to test every class file. After ANT fires up the compiler, it turns around and runs the tests on the code.

Java Tools for eXtreme Programming author Richard Hightower and Nicholas Lesiecki pages 513 publisher John Wiley and Sons rating 7 ISBN 0-471-20708-X summary How to use some Java tools to transform extreme programming theory into reality.

I don't think that eXtreme Programming or any of these tools is the last word on the subject. The biggest problem is that testing a piece of code is guaranteed to be fairly rudimentary. No programmer can come up with test cases to push all of buttons in all possible combinations. The structure and discipline provided by this approach can help, but the book makes it clear that no amount of pairs programming or extremism will remove the need for the guidance of good programmers.

If anything these tools and the books about them should serve as inspiration for the next round of tools even more focused on extreme programming. The tools are impressive, but there is plenty of room for more innovation. None of them is aimed at explicitly coordinating the work of multiple developers and none of them is designed to provide much structure to the refactoring process. These areas are still very much arts, but there's no reason why tool suites like Ant can't evolve some rational approach to solving them. Perhaps the Slashdot audience can provide some informative postings with pointers to the next generation of cool tools.

Hightower and Lesiecki's book feels a bit more rudimentary and basic than Tilly and Burke's, in part because they cover so much more ground. Although their book is broader, it doesn't go into as much depth about Ant as Tilly and Burke's. The examples are simpler, too, and Hightower and Liesiecki seem mainly interested in getting you excited about building and testing software with the tools. There just isn't as much room for details. If you're interested in learning as much as you can about Ant, choose the book devoted to it. If you want to learn how to use a diverse set of tools to build and test your program in an extreme way, go for that book.

Peter Wayner blends the buzzwords of security, privacy, and data warehousing together in his latest book, Translucent Databases. It shows how to ensure that only the right people see the right information and the wrong people get nothing. His other new book, Disappearing Cryptography, mixes the buzzwords of being, nothingness, steganography, and cryptography. You can purchase both Ant: The Definitive Guide and Java Tools for eXtreme Programming from bn.com. Slashdot welcomes readers' book reviews -- to submit yours, read the book review guidelines, then hit the submission page.

Brian Donovan contributes this review of Web Database Applications with PHP & MySQL, the most recent of several books geared toward helping people use the common Linux, Apache, MySQL and PHP combination to produce database-backed websites. Read on for the review. Web Database Applications with PHP & MySQL author Hugh E. Williams and David Lane pages 563 publisher O'Reilly rating 9 reviewer Brian Donovan ISBN 0596000413 summary A comprehensive, tutorial-style roadmap for building data-driven web applications with PHP and MySQL.

PHP's speed of execution, gentle learning curve, and ease of development have contributed to its popularity, especially when teamed with MySQL, as a tool for building dynamic sites. Williams and Lane have written a thorough step-by-step guide to building web database applications with PHP and MySQL.

The Meat of the Book

Part I (Chpts 1-3) of Web Database Applications with PHP & MySQL (Web DB Apps) introduces the "Hugh and Dave's Online Wines" case study that's used to highlight the points made throughout the text and treats readers to the fundamentals of PHP, MySQL, and SQL - appropriate since the book assumes only some prior programming experience (not necessarily in PHP) and a general familiarity with HTML.

Chapters 4-9 (Part II) deal with the aspects of web application logic common to practically all data-driven sites : querying and writing to databases, maintaining state, and security. Chapter 4, "Querying Web Databases", includes a good explanation (Ex. 4-1) of the mechanics of connecting to and querying a MySQL db via PHP - numbered blocks of the example script correspond to sections in the accompanying text detailing what's happening at each point in the process (connect, query, retrieve results, process results, and close connection- unless you're using persistent db connections).

Chapter 5, "User-Driven Querying", explains how to pass data to PHP scripts using HTTP GET and POST. Although readers are initially shown parameters and parameter values being passed directly (as they are when register_globals is turned on in php.ini), the authors later explain why the same param:value pairs should instead be accessed through the global associative arrays $HTTP_GET_VARS and $HTTP_POST_VARS (the book was completed before the switch to $_GET and $_POST respectively with PHP 4.2.0) for security reasons. What the authors refer to as "combined scripts" (where the same script performs different functions depending on which, if any, variables in the GET or POST arrays, have been set, for example) are introduced and the reader is walked through the oft-used "next and previous links for query results" scenario.

In Chapter 6, "Writing to Web Databases", in addition to inserts, updates, and deletes, the authors explain one solution to the reload problem - i.e. where reloading a results page after some operation that alters the contents of the database has been performed (or even accessing a bookmarked url if HTTP GET was used to initiate the action) can potentially result in the operation being silently repeated or, if HTTP POST was used, the user being confronted with a big ugly "would you like to repost the data?" dialog. Locking (mostly how to make the best use of table-level locking) is also discussed in all of its glory. Chapter 7 deals with the validation of user input. The authors recommend and give an example implementation of dual server and client side validation (with JavaScript). Chapter 8 covers sessions (with and without cookies).

The chapter on security (Chapter 9, "Authentication and Security") mostly concerns user authentication. HTTP Authentication, managed HTTP Authentication (using PHP to validate encoded credentials from the HTTP Authorized header field), and handling your own authentication are considered, along with the security concerns inherent in stateful web apps - i.e., third party sites maliciously tricking browsers into coughing up cookies with login or session information for your site, session hijacking by feeding random session ids to the scripts until one corresponds to an existing session, etc. SSL is explained briefly.

The third and final section of Web DB Apps (Chpts 10-13) consists of a detailed examination of the guts of the wine store case study. Readers who find the commingling of application logic and html in the snippets of the wine store application discussed in the book distasteful will be gratified to know that, since publication, the authors have released a modified version of the "Hugh and Dave's Online Wines" code that uses the Xtemplate class (http://sourceforge.net/projects/xtpl/) to separate code from markup. Both versions are available in their entirety for download from the book website.

The five appendices, in turn, cover the installation and configuration of PHP, MySQL, and Apache on a Linux system, the architecture and workings of the Internet and Web, designing relational databases using entity-relationship modeling, how to define your own session handler prototypes and store session data in a database instead of files (the default), and provide an annotated list of PHP and MySQL resources (books, web sites, etc.).

The Good and the Bad

While it's clear that Web Database Applications with PHP & MySQL was written with the goal in mind of providing novice coders with a solid foundation for continued growth (or filling the niche of "handy reference" on the shelf of intermediate/advanced developers), the book manages to be comprehensive without patronizing the reader. I admit that I wouldn't have felt cheated if the authors had skipped the obligatory coverage of the history of the Internet, TCP/IP, and HTTP (Appendix B) in favor of, for instance, a discussion of web caching with an eye towards building cache-friendly apps, an important subject that all too gets short shrift from authors of web dev books. Also, some readers may be disappointed to find that the chapter on security doesn't relate to battening down your site against script kiddies and exploits, but that's really the sort of information that you should be getting from sites like PHP Advisory and Securiteam anyway.

For seasoned developers, this could be the book that you wish you'd had when you started out building web database apps and data-driven sites. Keeping a copy around for reference, especially if you frequently jump back and forth between projects in different languages/environments, also might be helpful - for those occasions when you need of a quick refresher in PHP/MySQL dev. Moreover, if you find yourself in the position of having to mentor junior developers (or helping non-coder friends) tasked with building or maintaining PHP/MySQL-based sites or apps, then lending them your copy or recommending that they buy their own could save you quite a bit of time and frustration.

Table of Contents

• Preface
• Part I
• • Chapter 1. Database Applications and the Web
  • Chapter 2. PHP
  • Chapter 3. MySQL and SQL
• Part II
• • Chapter 4. Querying Web Databases
  • Chapter 5. User-Driven Querying
  • Chapter 6. Writing to Web Databases
  • Chapter 7. Validation on the Server and Client
  • Chapter 8. Sessions
  • Chapter 9. Authentication and Security
• Part III
• • Chapter 10. Winestore Customer Management
  • Chapter 11. The Winestore Shopping Cart
  • Chapter 12. Ordering and Shipping at the Winestore
  • Chapter 13. Related Topics
• Appendix A. Installation Guide
• Appendix B. Internet and Web Protocols
• Appendix C. Modeling and Designing Relational Databases
• Appendix D. Managing Sessions in the Database Tier
• Appendix E. Resources
• Index

You can purchase Web Database Applications with PHP & MySQL from bn.com. Slashdot welcomes readers' book reviews -- to submit yours, read the book review guidelines, then hit the submission page.

Brian Donovan contributes this review of Web Database Applications with PHP & MySQL, the most recent of several books geared toward helping people use the common Linux, Apache, MySQL and PHP combination to produce database-backed websites. Read on for the review. Web Database Applications with PHP & MySQL author Hugh E. Williams and David Lane pages 563 publisher O'Reilly rating 9 reviewer Brian Donovan ISBN 0596000413 summary A comprehensive, tutorial-style roadmap for building data-driven web applications with PHP and MySQL.

PHP's speed of execution, gentle learning curve, and ease of development have contributed to its popularity, especially when teamed with MySQL, as a tool for building dynamic sites. Williams and Lane have written a thorough step-by-step guide to building web database applications with PHP and MySQL.

The Meat of the Book

Part I (Chpts 1-3) of Web Database Applications with PHP & MySQL (Web DB Apps) introduces the "Hugh and Dave's Online Wines" case study that's used to highlight the points made throughout the text and treats readers to the fundamentals of PHP, MySQL, and SQL - appropriate since the book assumes only some prior programming experience (not necessarily in PHP) and a general familiarity with HTML.

Chapters 4-9 (Part II) deal with the aspects of web application logic common to practically all data-driven sites : querying and writing to databases, maintaining state, and security. Chapter 4, "Querying Web Databases", includes a good explanation (Ex. 4-1) of the mechanics of connecting to and querying a MySQL db via PHP - numbered blocks of the example script correspond to sections in the accompanying text detailing what's happening at each point in the process (connect, query, retrieve results, process results, and close connection- unless you're using persistent db connections).

Chapter 5, "User-Driven Querying", explains how to pass data to PHP scripts using HTTP GET and POST. Although readers are initially shown parameters and parameter values being passed directly (as they are when register_globals is turned on in php.ini), the authors later explain why the same param:value pairs should instead be accessed through the global associative arrays $HTTP_GET_VARS and $HTTP_POST_VARS (the book was completed before the switch to $_GET and $_POST respectively with PHP 4.2.0) for security reasons. What the authors refer to as "combined scripts" (where the same script performs different functions depending on which, if any, variables in the GET or POST arrays, have been set, for example) are introduced and the reader is walked through the oft-used "next and previous links for query results" scenario.

In Chapter 6, "Writing to Web Databases", in addition to inserts, updates, and deletes, the authors explain one solution to the reload problem - i.e. where reloading a results page after some operation that alters the contents of the database has been performed (or even accessing a bookmarked url if HTTP GET was used to initiate the action) can potentially result in the operation being silently repeated or, if HTTP POST was used, the user being confronted with a big ugly "would you like to repost the data?" dialog. Locking (mostly how to make the best use of table-level locking) is also discussed in all of its glory. Chapter 7 deals with the validation of user input. The authors recommend and give an example implementation of dual server and client side validation (with JavaScript). Chapter 8 covers sessions (with and without cookies).

The chapter on security (Chapter 9, "Authentication and Security") mostly concerns user authentication. HTTP Authentication, managed HTTP Authentication (using PHP to validate encoded credentials from the HTTP Authorized header field), and handling your own authentication are considered, along with the security concerns inherent in stateful web apps - i.e., third party sites maliciously tricking browsers into coughing up cookies with login or session information for your site, session hijacking by feeding random session ids to the scripts until one corresponds to an existing session, etc. SSL is explained briefly.

The third and final section of Web DB Apps (Chpts 10-13) consists of a detailed examination of the guts of the wine store case study. Readers who find the commingling of application logic and html in the snippets of the wine store application discussed in the book distasteful will be gratified to know that, since publication, the authors have released a modified version of the "Hugh and Dave's Online Wines" code that uses the Xtemplate class (http://sourceforge.net/projects/xtpl/) to separate code from markup. Both versions are available in their entirety for download from the book website.

The five appendices, in turn, cover the installation and configuration of PHP, MySQL, and Apache on a Linux system, the architecture and workings of the Internet and Web, designing relational databases using entity-relationship modeling, how to define your own session handler prototypes and store session data in a database instead of files (the default), and provide an annotated list of PHP and MySQL resources (books, web sites, etc.).

The Good and the Bad

While it's clear that Web Database Applications with PHP & MySQL was written with the goal in mind of providing novice coders with a solid foundation for continued growth (or filling the niche of "handy reference" on the shelf of intermediate/advanced developers), the book manages to be comprehensive without patronizing the reader. I admit that I wouldn't have felt cheated if the authors had skipped the obligatory coverage of the history of the Internet, TCP/IP, and HTTP (Appendix B) in favor of, for instance, a discussion of web caching with an eye towards building cache-friendly apps, an important subject that all too gets short shrift from authors of web dev books. Also, some readers may be disappointed to find that the chapter on security doesn't relate to battening down your site against script kiddies and exploits, but that's really the sort of information that you should be getting from sites like PHP Advisory and Securiteam anyway.

For seasoned developers, this could be the book that you wish you'd had when you started out building web database apps and data-driven sites. Keeping a copy around for reference, especially if you frequently jump back and forth between projects in different languages/environments, also might be helpful - for those occasions when you need of a quick refresher in PHP/MySQL dev. Moreover, if you find yourself in the position of having to mentor junior developers (or helping non-coder friends) tasked with building or maintaining PHP/MySQL-based sites or apps, then lending them your copy or recommending that they buy their own could save you quite a bit of time and frustration.

Table of Contents

• Preface
• Part I
• • Chapter 1. Database Applications and the Web
  • Chapter 2. PHP
  • Chapter 3. MySQL and SQL
• Part II
• • Chapter 4. Querying Web Databases
  • Chapter 5. User-Driven Querying
  • Chapter 6. Writing to Web Databases
  • Chapter 7. Validation on the Server and Client
  • Chapter 8. Sessions
  • Chapter 9. Authentication and Security
• Part III
• • Chapter 10. Winestore Customer Management
  • Chapter 11. The Winestore Shopping Cart
  • Chapter 12. Ordering and Shipping at the Winestore
  • Chapter 13. Related Topics
• Appendix A. Installation Guide
• Appendix B. Internet and Web Protocols
• Appendix C. Modeling and Designing Relational Databases
• Appendix D. Managing Sessions in the Database Tier
• Appendix E. Resources
• Index

You can purchase Web Database Applications with PHP & MySQL from bn.com. Slashdot welcomes readers' book reviews -- to submit yours, read the book review guidelines, then hit the submission page.

tadghin writes ""Under the current regulatory regime, 802.11 would never have been legalized." Andy Oram reports this comment by David Reed in his summary of a wireless policy BOF session at the O'Reilly Emerging Technology conference. Andy discusses some of the hidden regulatory threats to wireless networking and what we might do about them, as well as many of the other sessions he attended, in a conference report on Wednesday's sessions."

tadghin writes "Rob Flickenger has an amazing take on what's happening in the wireless noosphere at the O'Reilly Emerging Technologies Conference. Rob used EtherPeg, a great Mac OS X hack that lets you see the GIFs and JPEGs flying around on the local network, to key off on an amazing visual commentary on what people were doing during Steven Johnson's keynote."

tadghin writes "Rob Flickenger has an amazing take on what's happening in the wireless noosphere at the O'Reilly Emerging Technologies Conference. Rob used EtherPeg, a great Mac OS X hack that lets you see the GIFs and JPEGs flying around on the local network, to key off on an amazing visual commentary on what people were doing during Steven Johnson's keynote."

Slashback with updates on RMS's biography, PVRs vs. the endangered edifice of Western Civilization, Oracle's funny deal with California, cold fusion and more. Read on for the details! Can't we please have a picture of the winner? obsidianpreacher writes: "Apparently, SETI@Home has just recently released who the winner of the 500 millionth result "contest" is, and posted the news on the SETI@Home site. Too bad it wasn't me (or one of the people who turn in 300 bajillion results per day)."

Even lukewarm fusion would be satisfy me. driggers writes: "I wrote a review of the book "Excess Heat" for /. last year. I thought you might (or might not :) be interested to learn that the U.S. Navy in February 2002 issued Technical Report No. 1862 titled "Thermal and Nuclear Aspects of the Pd/D2O System," Vol. 1 of which summarizes A Decade of Research at Navy Laboratories."

Dr. Frank Gordon, Head, Navigation and Applied Sciences Department, concludes his foreword with the remark, "It is time for the government funding organizations to invest in this research."

If you modify the source you must keep it accurate, like a Mad Lib. An Anonymous Coward writes "I just noticed the biography of Richard M. Stallman, "Free as in Freedom" by Sam Williams is online at oreilly, released under the GNU Free Documentation License."

What vapors rule the modern day Oracle? MarkedMan writes: "The following CNET article outlines Oracle's reply to the State of California's announcement it was canceling a nearly $100 million dollar contract. It should not come as a surprise, as few companies would give up that kind of money without a fight, not to mention the domino effect if they just rolled over. It would be a tacit admission that they ripped off naive customers."

Lisa writes "O'Reilly announced Monday, at WWDC, the O'Reilly Mac OS X Conference to be held in Santa Clara Sept 30-Oct 3rd. The call for papers has gone online if you're interested in presenting, and they're soliciting ideas for 'a panel discussion or a particularly provocative group of panelists that you'd love to see square off.' To submit your suggestions, send email to: macosx-idea@oreilly.com."

flynn_nrg writes: "O'Reilly has an interesting article about vulnerabilities in common programs found on most FreeBSD boxes. From the article: "Welcome to Security Alerts, an overview of recent Unix and open source security advisories. In this column, we look at buffer overflows in OpenSSH, Squid, Listar/Ecartis, slrnpull, and IRIX's syslogd; problems in Sudo, MHonArc, and Mosix; and a local root hole and denial-of-service attack vulnerability in FreeBSD.""

Lisa writes "An Apple iBook turns out to be a great choice for running Debian GNU/Linux. Edd Dumbill, the editor of XML.com explains why." This could also be an argument for why to use Mac OS X instead of Linux in the first place, but if you do want to use Linux, then a Mac is a good choice. :-)

andyo writes "Mailing lists are abuzz with the news that wireless Internet providers may have to pay fees to support plain old telephone service. My own perspective is at the O'Reilly Network." The Universal Service Fees are taxes set up long ago to assure that telephone service was provided to everyone, even people who it would normally be uneconomical to serve. The theory is a good one, the execution maybe not. (Maybe if the fees went towards Universal Broadband?)

Reader cpfeifer contributes the review below of O'Reilly's Programming Jabber: if your job (or hobby) includes instant messaging in all its glory, Jabber is a free-beer, free-speech framework for setting up instant messaging systems not bound to a single server in the middle. As cpfeifer points out, instant messaging can mean a lot more than popping an on-screen note to your friend in Des Moines -- machines and programs can use a general purpose communication system like this, with no human middleman required. Programming Jabber author D.J. Adams pages 4555 publisher O'Reilly rating 9 reviewer http://cpfeifer.blogspot.com ISBN 0596002025 summary A detailed guide for developers to understanding and extending the Jabber messaging framework. Examples in Perl, Python and Java. The Scenario

Jabber was first conceived by Jeremie Miller (pic) in early 1998 in an effort to unify the disparate instant messaging networks. Instant Messaging networks rely on the network effect to gain and retain marketshare. The concept is the same when applied to any sort of participatory network whether it's a junk exchange, or content exchange, the value of the network increases with the square of the number of participants.

If this is true, then doesn't it follow that it is in the best interests of the IM networks to establish peering agreements with each other so that their users can directly contact users on other networks without having to install each client?

Hello, Jabber.

When I first picked up this book, I expected to understand the Jabber protocol in sufficient depth to implement my own IM client. Instead, the approach this book takes is that Jabber isn't just an XML-based protocol strictly for IM, rather it is a general purpose event notification protocol that has some very nice message routing and user management features built into it. While i was reading about the messages that Jabber has defined as part of the protocol, I could easily see other applications/devices generating Jabber messages to notify subscribers (either other systems, or people) of events.

Part 1 of the book focuses on getting you up to speed on the basics of Jabber technology: motivation, major features, XML protocol sample and compiling/configuring your own Jabber server. Chapter 2 presents the "10,000 foot view" of Jabber technology. In here you will find a sample client-query request/response flow with full HTTP headers, discussed step by step. The next two chapters are a very in-depth discussion of installing and configuring your own Jabber server. When you dive into a custom configuration of a fleet of Jabber servers (a "constellation" in Jabber terminology), it really starts to hit home that the real problem Jabber solves is far deeper than just IM.

From there, part 2 kicks off with a detailed discussion of the most basic building blocks of Jabber technology: resource identifiers, XML handling mechanism and the set of XML elements/attributes that make up the vocabulary of the Jabber protocol. Each element/attribute is presented with an annotated example and sample client/server interactions where appropriate. Examples can make or break a technical book, and these examples do a good job of illustrating how the element/attribute is used.

The following chapters take you through using standard Jabber features, user registration/authorization, messages, presence, groupchat, components and the event model to enable new applications. One very interesting application presented is enabling developers to receive CVS commit notifications via Jabber.

What's Bad?

I know the /. community is suspicious of glowing book reviews where everything is wonderful and nothing could be done to improve the book, so I'll nitpick. My major problem with this book is that the overwhelming majority of the sample applications are written in PERL/TK. This isn't a problem in and of itself, but I'm not a PERL/TK developer. If I build a Jabber solution, it will be in java, so PERL/TK samples don't do me a lot of good. I think equal time should be given to implementing Jabber using the two most-used languages, as defined by the number and activity of open source projects using Jabber technology.

What's Good?

This book covers everything relevant to Jabber technology, from lowest level inner workings and extensibility examples for developers to configuration and deployment for admins. Most of the book is spent looking directly at the Jabber XML protocol, instead of a specific API implementation. This way, the book covers the technology and doesn't get lost in how one particular API models the protocol.

So What's In It For Me?

If you want to implement an inside-the-firewall IM solution for your company/group/tribe or investigate integrating event notification into an application, this is a great starting point. If you're just curious about Jabber and want to know how it works, then this will give you enough information to get you hooked.

Table of Contents

PART 1: Getting Started with Jabber

• Chapter 1. Introducing Jabber
• Chapter 2. Inside Jabber
• Chapter 3. Installing the Jabber Server
• Chapter 4. Server Architecture and Configuration

PART 2: Putting Jabber's Concepts to Work

• Chapter 5. Jabber Technology Basics
• Chapter 6. Jabber Namespaces
• Chapter 7. User Registration and Authorization
• Chapter 8. Using Messages and Presence
• Chapter 9. Groupchat, Components, and Event Models
• Chapter 10. Pointers for Further Development

Appendix A. The Jabber.xml Contents

Appendix B. The IQRPC Classes for JabberRPCResponder

Index

O'Reilly has posted other reviews of the book on their site. You can purchase Programming Jabber from bn.com. Want to see your own review here? Just read the book review guidelines, then use Slashdot's handy submission form.

Reader cpfeifer contributes the review below of O'Reilly's Programming Jabber: if your job (or hobby) includes instant messaging in all its glory, Jabber is a free-beer, free-speech framework for setting up instant messaging systems not bound to a single server in the middle. As cpfeifer points out, instant messaging can mean a lot more than popping an on-screen note to your friend in Des Moines -- machines and programs can use a general purpose communication system like this, with no human middleman required. Programming Jabber author D.J. Adams pages 4555 publisher O'Reilly rating 9 reviewer http://cpfeifer.blogspot.com ISBN 0596002025 summary A detailed guide for developers to understanding and extending the Jabber messaging framework. Examples in Perl, Python and Java. The Scenario

Jabber was first conceived by Jeremie Miller (pic) in early 1998 in an effort to unify the disparate instant messaging networks. Instant Messaging networks rely on the network effect to gain and retain marketshare. The concept is the same when applied to any sort of participatory network whether it's a junk exchange, or content exchange, the value of the network increases with the square of the number of participants.

If this is true, then doesn't it follow that it is in the best interests of the IM networks to establish peering agreements with each other so that their users can directly contact users on other networks without having to install each client?

Hello, Jabber.

When I first picked up this book, I expected to understand the Jabber protocol in sufficient depth to implement my own IM client. Instead, the approach this book takes is that Jabber isn't just an XML-based protocol strictly for IM, rather it is a general purpose event notification protocol that has some very nice message routing and user management features built into it. While i was reading about the messages that Jabber has defined as part of the protocol, I could easily see other applications/devices generating Jabber messages to notify subscribers (either other systems, or people) of events.

Part 1 of the book focuses on getting you up to speed on the basics of Jabber technology: motivation, major features, XML protocol sample and compiling/configuring your own Jabber server. Chapter 2 presents the "10,000 foot view" of Jabber technology. In here you will find a sample client-query request/response flow with full HTTP headers, discussed step by step. The next two chapters are a very in-depth discussion of installing and configuring your own Jabber server. When you dive into a custom configuration of a fleet of Jabber servers (a "constellation" in Jabber terminology), it really starts to hit home that the real problem Jabber solves is far deeper than just IM.

From there, part 2 kicks off with a detailed discussion of the most basic building blocks of Jabber technology: resource identifiers, XML handling mechanism and the set of XML elements/attributes that make up the vocabulary of the Jabber protocol. Each element/attribute is presented with an annotated example and sample client/server interactions where appropriate. Examples can make or break a technical book, and these examples do a good job of illustrating how the element/attribute is used.

The following chapters take you through using standard Jabber features, user registration/authorization, messages, presence, groupchat, components and the event model to enable new applications. One very interesting application presented is enabling developers to receive CVS commit notifications via Jabber.

What's Bad?

I know the /. community is suspicious of glowing book reviews where everything is wonderful and nothing could be done to improve the book, so I'll nitpick. My major problem with this book is that the overwhelming majority of the sample applications are written in PERL/TK. This isn't a problem in and of itself, but I'm not a PERL/TK developer. If I build a Jabber solution, it will be in java, so PERL/TK samples don't do me a lot of good. I think equal time should be given to implementing Jabber using the two most-used languages, as defined by the number and activity of open source projects using Jabber technology.

What's Good?

This book covers everything relevant to Jabber technology, from lowest level inner workings and extensibility examples for developers to configuration and deployment for admins. Most of the book is spent looking directly at the Jabber XML protocol, instead of a specific API implementation. This way, the book covers the technology and doesn't get lost in how one particular API models the protocol.

So What's In It For Me?

If you want to implement an inside-the-firewall IM solution for your company/group/tribe or investigate integrating event notification into an application, this is a great starting point. If you're just curious about Jabber and want to know how it works, then this will give you enough information to get you hooked.

Table of Contents

PART 1: Getting Started with Jabber

• Chapter 1. Introducing Jabber
• Chapter 2. Inside Jabber
• Chapter 3. Installing the Jabber Server
• Chapter 4. Server Architecture and Configuration

PART 2: Putting Jabber's Concepts to Work

• Chapter 5. Jabber Technology Basics
• Chapter 6. Jabber Namespaces
• Chapter 7. User Registration and Authorization
• Chapter 8. Using Messages and Presence
• Chapter 9. Groupchat, Components, and Event Models
• Chapter 10. Pointers for Further Development

Appendix A. The Jabber.xml Contents

Appendix B. The IQRPC Classes for JabberRPCResponder

Index

O'Reilly has posted other reviews of the book on their site. You can purchase Programming Jabber from bn.com. Want to see your own review here? Just read the book review guidelines, then use Slashdot's handy submission form.

Lisa writes: "As part of Microsoft's Shared Source initiative, the company announced Tuesday the public availability of more than 1 million lines of Windows and Microsoft .NET source code--aimed primarily at universities. I guess Microsoft hopes to slow down academic support for the open-source Linux OS. Don't know why they expect this to work, but Brian Jepson has a nice overview of this shared source release."

danny writes: "'Free as in Freedom: Richard Stallman's Crusade for Free Software' is an insightful biography of a figure whose mere name tends to start flame wars on Slashdot ..." Stallman may be one of the most interesting people alive right now: read on to see how well the biography is up to the task of describing him and his movement -- acccording to Danny, that may depend on the reader. Free as in Freedom: Richard Stallman's Crusade author Sam Williams pages 225 publisher O'Reilly rating 9 reviewer Danny Yee ISBN 0-596-00287-4 summary Life of Stallman

Free as in Freedom is a generally sympathetic but far from hagiographic biography of Richard Stallman, inspiration of the free software movement. While much of the material in it will be familiar to anyone actively involved with free software, there are, as Williams claims, "facts and quotes in here that one won't find in any Slashdot story or Google search." It is also an entertaining and accessible study, which I finished within a day of my review copy arriving.

Williams begins with the famous jamming printer and Stallman's encounter with a non-disclosure agreement that prevented him writing reporting software for it. He then jumps forwards to a speech given by Stallman in 2001, responding to attacks by Microsoft on the GNU GPL. Having used these episodes to introduce Stallman and explain the basic idea of free software, the rest of the work continues in a similar vein, mixing historical chapters with ones describing Williams' own meetings with Stallman.

Chapter three describes Stallman's childhood as a prodigy; chapter four his experiences at Harvard and MIT; chapter six the MIT AI Lab and the Emacs "commune"; chapter seven the death of the MIT hacker community and the first announcement of the GNU Project; chapter nine the GNU GPL; chapter ten the appearance of Linux and debates over GNU/Linux; and chapter eleven the coining of the term "open source" and the arguments over that. These contain quotes by everyone from Stallman's mother to the leading lights of free software, as well as plenty by Stallman himself. The narrative never strays too far from its subject, but becomes inextricably interwoven with the broader history and politics of free software and sometimes digresses to cover key figures and events with which Stallman wasn't directly involved.

Williams' first-hand accounts help give Stallman a human face: chapter five recounts a meeting in 1999 LinuxWorld, chapter eight a meeting in Hawaii, and chapter twelve a frustrating car trip with Stallman at the wheel. These give a feel for Stallman's personality and presence, his forthrightness and emotional intensity, his steadfastness and his abrasiveness, and his ability to unsettle. Chapter thirteen attempts to predict Stallman's status "in 100 years," quoting opinions from from Eben Moglen, John Gilmore, Eric Raymond, and Lawrence Lessig; it also suggests that Stallman's personality may be inseparable from his achievements.

Although I was already involved with free software advocacy, my first encounter with Richard Stallman came when he turned up to a rehearsal of my gamelan group; afterwards I tried without much success to explain to my fellow musicians just how important the strange bearded man they'd just met was. I don't think Free as in Freedom would help much with that: it jumps around too much and assumes too much general knowledge of the computer industry to be a good introduction for complete outsiders. Those already interested in the history and politics of free software and hacker culture, however, should relish it.

In an epilogue Williams talks about the writing of Free as in Freedom and the choice of copyright license. Despite the big fuss made about it being released under the GNU Free Documentation License, however, only a sample chapter is available online now and the rest will not, apparently, be put online until June. (This is not a violation of the OFDL, because Williams as copyright holder can allow O'Reilly to distribute the book in any way they like.) So if you don't want to buy a printed copy, you can either wait three months or hope someone OCRs the book sooner.

You can purchase Free as in Freedom from Barnes & Noble, read chapter three online, or check out Danny's 600 other book reviews. Want to see your own review here? Just read the book review guidelines, then use Slashdot's handy submission form.

Reader amoon writes: "With the rise of XML-based RPC (e.g. SOAP, XML-RPC, APEX), the distributed computing world is starting to really unsettle from the CORBA-RMI-DCOM oligopoly of the 1980s and 1990s. Yet, XML-based RPC is not a panacea (though it is quite cool), especially for those of us involved in the legacy and client-server worlds. Now, what is fascinating: the publishing world is revving up the engines on not only the XML-based RPC stuff, but also the RMI and CORBA stuff -- while rarely applied to the tech industry, the old adage, "what was old is new again," seems to fit well here. This review describes this über-cool trend from the RMI perspective, with a focus on Java RMI (O'Reilly) by William Grosso." Read on for the rest of the review. Java RMI author William Grosso pages 545 publisher O'Reilly rating 8 reviewer amoon ISBN 1-56592-452-5 summary Solid practical insight into the nitty-gritty details of RMI.

The Scoop

Remote Method Invocation (RMI) is the object-oriented remote procedure call (ORPC) facility for distributed programming in Java, since the 1.1 days. RMI also served as motivation and a proof-of-concept for jini, javaspaces, and numerous other solid distributed networking technologies. Of course, anyone from the academic distributed programming world knows Wollrath, Waldo, and Riggs.

Yet, despite a myriad of books over the past five years on network programming, RMI always seemed to be the stepchild: relegated to a single chapter (buried on page 496, of course) that always said that RMI was "better" than sockets and "worse" than CORBA. Now, granted that RMI is operationally rather trivial compared with CORBA and was (prior to RMI/IIOP) a unilanguage distributed ORPC technology -- but still. For those of us who have to interoperate with RMI (whether welcome from the Java world or not), the lack of in-depth technical analysis (beyond the spec) has been a hindrance.

Fortunately, this trend is finally starting to buckle with the release of several in-depth RMI books including: Java RMI, Java.rmi, and Mastering RMI: Developing Enterprise Applications in Java and EJB. As evidence of this problem, Grosso states the same in his introduction – and actually pulls it off without sounding self-serving.

I chose Grosso's text because of the cute squirrel (aka the O'Reilly brand), Grosso's recent series of articles on the hashbelt algorithm, and his unadulterated academic knowledge management and mathematics bent. Fortunately, I was rewarded: this animal returns to O'Reilly's pre-bubble quality. Koodoos to both Grosso and his editors (Knudsen, Loukides, and Eckstein) for getting the train back on the track.

What's to Like

Bottom line is that Grosso simply covers the topics and does so with solid conceptual and code coherence – even by O'Reilly standards (over 40 animals grace my shelves). His prose and explanatory patterns make it clear that he has actually gotten into the real-world of RMI, and doesn't hesitate to highlight both good and bad parts. You cannot be dozing off when you read this (at least not if you expect to understand it) -- this is written by someone with solid analytic thinking skills and it shows. After too many years of "there are no caveats" journalism and publishing, this is a nice reversion. Further, I can only imagine that his current employment is a testament to his real-world knowledge of RMI.

Grosso hits on a vein which is not well-appreciated: when not smoothed over by marketing people, RMI is actually a mostly-capable ORPC technology. Certainly activation and RMI/IIOP really began to make things interesting, from Java2 and EJB respectively. Discussion of reference-counted distributed garbage collection, a feature missing from CORBA and other popular ORPC standards, also contributes a nice bonus (although Grosso's ardent attempt to debunk the "RMI doesn't scale" argument is rather weak, even going so far as to rehash the definition of Threads and threadpools – this complexity mismatch is an ugly giveaway that a well-intentioned editor went astray).

What sets this text apart is the tight focus on nitty-gritty implementation details of RMI itself. After all, these RMI texts are way too late to the game to reteach how to write "baby RMI" code: 5 years after the original spec, you either know how to write RMI or you don't. Grosso simply gives you a solid in-depth analysis of all the obscurities of the RMI runtime, custom sockets, dynamic classloading, activation, MarshalledObjects, and HTTP tunneling. In other words, all the interesting real-world topics whose official documentation is poor and which the various RMI tutorials (written many years ago) ignored.

While canonical, the single banking example followed through the text was well-executed, although authors continue to underestimate the prevalence of readers who consume textbooks non-linearly.

What's Not to Like

RMI/IIOP is shaping up to be a fascinating contributor to the "cleanup the EJB mess" discussion. Dedicating a measly 13 pages (beginning on page 503, no less) to this critical topic seems a bit of an oversight – but maybe that is just my CORBA sentiments speaking. Either way, the mechanics of CORBA are sufficiently intricate in real-world deployments that saying "if you can build an RMI system, you can build a CORBA system" (p. 511) is a bit brazen (or naïve) for my tastebuds. I can only chalk up this oversight to deadline pressure, which is probably a Good Thing, since the book was supposedly in production over almost 2 years.

A minor point: the top-level organization of the book (Part I, II, III) is arbitrary, ignore it -- use the chapter organization instead.

The Summary

Quality: solid practical insight into the nitty-gritty operational implementation details of RMI in the real-world. You simply are not going to find solid O'Reilly-quality coverage of the topics elsewhere.

Relevance: If you are responsible for making RMI actually work in production systems, this might well be the next animal on your shelf – either now or later. If you want a breezy afternoon saunter around RMI, skip this. Instead, google one (of the many) free tutorials online."

You can purchase Java RMI from Fatbrain. Want to see your own review here? Just read the book review guidelines, then use Slashdot's handy submission form.

Reader amoon writes: "With the rise of XML-based RPC (e.g. SOAP, XML-RPC, APEX), the distributed computing world is starting to really unsettle from the CORBA-RMI-DCOM oligopoly of the 1980s and 1990s. Yet, XML-based RPC is not a panacea (though it is quite cool), especially for those of us involved in the legacy and client-server worlds. Now, what is fascinating: the publishing world is revving up the engines on not only the XML-based RPC stuff, but also the RMI and CORBA stuff -- while rarely applied to the tech industry, the old adage, "what was old is new again," seems to fit well here. This review describes this über-cool trend from the RMI perspective, with a focus on Java RMI (O'Reilly) by William Grosso." Read on for the rest of the review. Java RMI author William Grosso pages 545 publisher O'Reilly rating 8 reviewer amoon ISBN 1-56592-452-5 summary Solid practical insight into the nitty-gritty details of RMI.

The Scoop

Remote Method Invocation (RMI) is the object-oriented remote procedure call (ORPC) facility for distributed programming in Java, since the 1.1 days. RMI also served as motivation and a proof-of-concept for jini, javaspaces, and numerous other solid distributed networking technologies. Of course, anyone from the academic distributed programming world knows Wollrath, Waldo, and Riggs.

Yet, despite a myriad of books over the past five years on network programming, RMI always seemed to be the stepchild: relegated to a single chapter (buried on page 496, of course) that always said that RMI was "better" than sockets and "worse" than CORBA. Now, granted that RMI is operationally rather trivial compared with CORBA and was (prior to RMI/IIOP) a unilanguage distributed ORPC technology -- but still. For those of us who have to interoperate with RMI (whether welcome from the Java world or not), the lack of in-depth technical analysis (beyond the spec) has been a hindrance.

Fortunately, this trend is finally starting to buckle with the release of several in-depth RMI books including: Java RMI, Java.rmi, and Mastering RMI: Developing Enterprise Applications in Java and EJB. As evidence of this problem, Grosso states the same in his introduction – and actually pulls it off without sounding self-serving.

I chose Grosso's text because of the cute squirrel (aka the O'Reilly brand), Grosso's recent series of articles on the hashbelt algorithm, and his unadulterated academic knowledge management and mathematics bent. Fortunately, I was rewarded: this animal returns to O'Reilly's pre-bubble quality. Koodoos to both Grosso and his editors (Knudsen, Loukides, and Eckstein) for getting the train back on the track.

What's to Like

Bottom line is that Grosso simply covers the topics and does so with solid conceptual and code coherence – even by O'Reilly standards (over 40 animals grace my shelves). His prose and explanatory patterns make it clear that he has actually gotten into the real-world of RMI, and doesn't hesitate to highlight both good and bad parts. You cannot be dozing off when you read this (at least not if you expect to understand it) -- this is written by someone with solid analytic thinking skills and it shows. After too many years of "there are no caveats" journalism and publishing, this is a nice reversion. Further, I can only imagine that his current employment is a testament to his real-world knowledge of RMI.

Grosso hits on a vein which is not well-appreciated: when not smoothed over by marketing people, RMI is actually a mostly-capable ORPC technology. Certainly activation and RMI/IIOP really began to make things interesting, from Java2 and EJB respectively. Discussion of reference-counted distributed garbage collection, a feature missing from CORBA and other popular ORPC standards, also contributes a nice bonus (although Grosso's ardent attempt to debunk the "RMI doesn't scale" argument is rather weak, even going so far as to rehash the definition of Threads and threadpools – this complexity mismatch is an ugly giveaway that a well-intentioned editor went astray).

What sets this text apart is the tight focus on nitty-gritty implementation details of RMI itself. After all, these RMI texts are way too late to the game to reteach how to write "baby RMI" code: 5 years after the original spec, you either know how to write RMI or you don't. Grosso simply gives you a solid in-depth analysis of all the obscurities of the RMI runtime, custom sockets, dynamic classloading, activation, MarshalledObjects, and HTTP tunneling. In other words, all the interesting real-world topics whose official documentation is poor and which the various RMI tutorials (written many years ago) ignored.

While canonical, the single banking example followed through the text was well-executed, although authors continue to underestimate the prevalence of readers who consume textbooks non-linearly.

What's Not to Like

RMI/IIOP is shaping up to be a fascinating contributor to the "cleanup the EJB mess" discussion. Dedicating a measly 13 pages (beginning on page 503, no less) to this critical topic seems a bit of an oversight – but maybe that is just my CORBA sentiments speaking. Either way, the mechanics of CORBA are sufficiently intricate in real-world deployments that saying "if you can build an RMI system, you can build a CORBA system" (p. 511) is a bit brazen (or naïve) for my tastebuds. I can only chalk up this oversight to deadline pressure, which is probably a Good Thing, since the book was supposedly in production over almost 2 years.

A minor point: the top-level organization of the book (Part I, II, III) is arbitrary, ignore it -- use the chapter organization instead.

The Summary

Quality: solid practical insight into the nitty-gritty operational implementation details of RMI in the real-world. You simply are not going to find solid O'Reilly-quality coverage of the topics elsewhere.

Relevance: If you are responsible for making RMI actually work in production systems, this might well be the next animal on your shelf – either now or later. If you want a breezy afternoon saunter around RMI, skip this. Instead, google one (of the many) free tutorials online."

You can purchase Java RMI from Fatbrain. Want to see your own review here? Just read the book review guidelines, then use Slashdot's handy submission form.

Reader amoon writes: "With the rise of XML-based RPC (e.g. SOAP, XML-RPC, APEX), the distributed computing world is starting to really unsettle from the CORBA-RMI-DCOM oligopoly of the 1980s and 1990s. Yet, XML-based RPC is not a panacea (though it is quite cool), especially for those of us involved in the legacy and client-server worlds. Now, what is fascinating: the publishing world is revving up the engines on not only the XML-based RPC stuff, but also the RMI and CORBA stuff -- while rarely applied to the tech industry, the old adage, "what was old is new again," seems to fit well here. This review describes this über-cool trend from the RMI perspective, with a focus on Java RMI (O'Reilly) by William Grosso." Read on for the rest of the review. Java RMI author William Grosso pages 545 publisher O'Reilly rating 8 reviewer amoon ISBN 1-56592-452-5 summary Solid practical insight into the nitty-gritty details of RMI.

The Scoop

Remote Method Invocation (RMI) is the object-oriented remote procedure call (ORPC) facility for distributed programming in Java, since the 1.1 days. RMI also served as motivation and a proof-of-concept for jini, javaspaces, and numerous other solid distributed networking technologies. Of course, anyone from the academic distributed programming world knows Wollrath, Waldo, and Riggs.

Yet, despite a myriad of books over the past five years on network programming, RMI always seemed to be the stepchild: relegated to a single chapter (buried on page 496, of course) that always said that RMI was "better" than sockets and "worse" than CORBA. Now, granted that RMI is operationally rather trivial compared with CORBA and was (prior to RMI/IIOP) a unilanguage distributed ORPC technology -- but still. For those of us who have to interoperate with RMI (whether welcome from the Java world or not), the lack of in-depth technical analysis (beyond the spec) has been a hindrance.

Fortunately, this trend is finally starting to buckle with the release of several in-depth RMI books including: Java RMI, Java.rmi, and Mastering RMI: Developing Enterprise Applications in Java and EJB. As evidence of this problem, Grosso states the same in his introduction – and actually pulls it off without sounding self-serving.

I chose Grosso's text because of the cute squirrel (aka the O'Reilly brand), Grosso's recent series of articles on the hashbelt algorithm, and his unadulterated academic knowledge management and mathematics bent. Fortunately, I was rewarded: this animal returns to O'Reilly's pre-bubble quality. Koodoos to both Grosso and his editors (Knudsen, Loukides, and Eckstein) for getting the train back on the track.

What's to Like

Bottom line is that Grosso simply covers the topics and does so with solid conceptual and code coherence – even by O'Reilly standards (over 40 animals grace my shelves). His prose and explanatory patterns make it clear that he has actually gotten into the real-world of RMI, and doesn't hesitate to highlight both good and bad parts. You cannot be dozing off when you read this (at least not if you expect to understand it) -- this is written by someone with solid analytic thinking skills and it shows. After too many years of "there are no caveats" journalism and publishing, this is a nice reversion. Further, I can only imagine that his current employment is a testament to his real-world knowledge of RMI.

Grosso hits on a vein which is not well-appreciated: when not smoothed over by marketing people, RMI is actually a mostly-capable ORPC technology. Certainly activation and RMI/IIOP really began to make things interesting, from Java2 and EJB respectively. Discussion of reference-counted distributed garbage collection, a feature missing from CORBA and other popular ORPC standards, also contributes a nice bonus (although Grosso's ardent attempt to debunk the "RMI doesn't scale" argument is rather weak, even going so far as to rehash the definition of Threads and threadpools – this complexity mismatch is an ugly giveaway that a well-intentioned editor went astray).

What sets this text apart is the tight focus on nitty-gritty implementation details of RMI itself. After all, these RMI texts are way too late to the game to reteach how to write "baby RMI" code: 5 years after the original spec, you either know how to write RMI or you don't. Grosso simply gives you a solid in-depth analysis of all the obscurities of the RMI runtime, custom sockets, dynamic classloading, activation, MarshalledObjects, and HTTP tunneling. In other words, all the interesting real-world topics whose official documentation is poor and which the various RMI tutorials (written many years ago) ignored.

While canonical, the single banking example followed through the text was well-executed, although authors continue to underestimate the prevalence of readers who consume textbooks non-linearly.

What's Not to Like

RMI/IIOP is shaping up to be a fascinating contributor to the "cleanup the EJB mess" discussion. Dedicating a measly 13 pages (beginning on page 503, no less) to this critical topic seems a bit of an oversight – but maybe that is just my CORBA sentiments speaking. Either way, the mechanics of CORBA are sufficiently intricate in real-world deployments that saying "if you can build an RMI system, you can build a CORBA system" (p. 511) is a bit brazen (or naïve) for my tastebuds. I can only chalk up this oversight to deadline pressure, which is probably a Good Thing, since the book was supposedly in production over almost 2 years.

A minor point: the top-level organization of the book (Part I, II, III) is arbitrary, ignore it -- use the chapter organization instead.

The Summary

Quality: solid practical insight into the nitty-gritty operational implementation details of RMI in the real-world. You simply are not going to find solid O'Reilly-quality coverage of the topics elsewhere.

Relevance: If you are responsible for making RMI actually work in production systems, this might well be the next animal on your shelf – either now or later. If you want a breezy afternoon saunter around RMI, skip this. Instead, google one (of the many) free tutorials online."

You can purchase Java RMI from Fatbrain. Want to see your own review here? Just read the book review guidelines, then use Slashdot's handy submission form.

Reader amoon writes: "With the rise of XML-based RPC (e.g. SOAP, XML-RPC, APEX), the distributed computing world is starting to really unsettle from the CORBA-RMI-DCOM oligopoly of the 1980s and 1990s. Yet, XML-based RPC is not a panacea (though it is quite cool), especially for those of us involved in the legacy and client-server worlds. Now, what is fascinating: the publishing world is revving up the engines on not only the XML-based RPC stuff, but also the RMI and CORBA stuff -- while rarely applied to the tech industry, the old adage, "what was old is new again," seems to fit well here. This review describes this über-cool trend from the RMI perspective, with a focus on Java RMI (O'Reilly) by William Grosso." Read on for the rest of the review. Java RMI author William Grosso pages 545 publisher O'Reilly rating 8 reviewer amoon ISBN 1-56592-452-5 summary Solid practical insight into the nitty-gritty details of RMI.

The Scoop

Remote Method Invocation (RMI) is the object-oriented remote procedure call (ORPC) facility for distributed programming in Java, since the 1.1 days. RMI also served as motivation and a proof-of-concept for jini, javaspaces, and numerous other solid distributed networking technologies. Of course, anyone from the academic distributed programming world knows Wollrath, Waldo, and Riggs.

Yet, despite a myriad of books over the past five years on network programming, RMI always seemed to be the stepchild: relegated to a single chapter (buried on page 496, of course) that always said that RMI was "better" than sockets and "worse" than CORBA. Now, granted that RMI is operationally rather trivial compared with CORBA and was (prior to RMI/IIOP) a unilanguage distributed ORPC technology -- but still. For those of us who have to interoperate with RMI (whether welcome from the Java world or not), the lack of in-depth technical analysis (beyond the spec) has been a hindrance.

Fortunately, this trend is finally starting to buckle with the release of several in-depth RMI books including: Java RMI, Java.rmi, and Mastering RMI: Developing Enterprise Applications in Java and EJB. As evidence of this problem, Grosso states the same in his introduction – and actually pulls it off without sounding self-serving.

I chose Grosso's text because of the cute squirrel (aka the O'Reilly brand), Grosso's recent series of articles on the hashbelt algorithm, and his unadulterated academic knowledge management and mathematics bent. Fortunately, I was rewarded: this animal returns to O'Reilly's pre-bubble quality. Koodoos to both Grosso and his editors (Knudsen, Loukides, and Eckstein) for getting the train back on the track.

What's to Like

Bottom line is that Grosso simply covers the topics and does so with solid conceptual and code coherence – even by O'Reilly standards (over 40 animals grace my shelves). His prose and explanatory patterns make it clear that he has actually gotten into the real-world of RMI, and doesn't hesitate to highlight both good and bad parts. You cannot be dozing off when you read this (at least not if you expect to understand it) -- this is written by someone with solid analytic thinking skills and it shows. After too many years of "there are no caveats" journalism and publishing, this is a nice reversion. Further, I can only imagine that his current employment is a testament to his real-world knowledge of RMI.

Grosso hits on a vein which is not well-appreciated: when not smoothed over by marketing people, RMI is actually a mostly-capable ORPC technology. Certainly activation and RMI/IIOP really began to make things interesting, from Java2 and EJB respectively. Discussion of reference-counted distributed garbage collection, a feature missing from CORBA and other popular ORPC standards, also contributes a nice bonus (although Grosso's ardent attempt to debunk the "RMI doesn't scale" argument is rather weak, even going so far as to rehash the definition of Threads and threadpools – this complexity mismatch is an ugly giveaway that a well-intentioned editor went astray).

What sets this text apart is the tight focus on nitty-gritty implementation details of RMI itself. After all, these RMI texts are way too late to the game to reteach how to write "baby RMI" code: 5 years after the original spec, you either know how to write RMI or you don't. Grosso simply gives you a solid in-depth analysis of all the obscurities of the RMI runtime, custom sockets, dynamic classloading, activation, MarshalledObjects, and HTTP tunneling. In other words, all the interesting real-world topics whose official documentation is poor and which the various RMI tutorials (written many years ago) ignored.

While canonical, the single banking example followed through the text was well-executed, although authors continue to underestimate the prevalence of readers who consume textbooks non-linearly.

What's Not to Like

RMI/IIOP is shaping up to be a fascinating contributor to the "cleanup the EJB mess" discussion. Dedicating a measly 13 pages (beginning on page 503, no less) to this critical topic seems a bit of an oversight – but maybe that is just my CORBA sentiments speaking. Either way, the mechanics of CORBA are sufficiently intricate in real-world deployments that saying "if you can build an RMI system, you can build a CORBA system" (p. 511) is a bit brazen (or naïve) for my tastebuds. I can only chalk up this oversight to deadline pressure, which is probably a Good Thing, since the book was supposedly in production over almost 2 years.

A minor point: the top-level organization of the book (Part I, II, III) is arbitrary, ignore it -- use the chapter organization instead.

The Summary

Quality: solid practical insight into the nitty-gritty operational implementation details of RMI in the real-world. You simply are not going to find solid O'Reilly-quality coverage of the topics elsewhere.

Relevance: If you are responsible for making RMI actually work in production systems, this might well be the next animal on your shelf – either now or later. If you want a breezy afternoon saunter around RMI, skip this. Instead, google one (of the many) free tutorials online."

You can purchase Java RMI from Fatbrain. Want to see your own review here? Just read the book review guidelines, then use Slashdot's handy submission form.

Reader amoon writes: "With the rise of XML-based RPC (e.g. SOAP, XML-RPC, APEX), the distributed computing world is starting to really unsettle from the CORBA-RMI-DCOM oligopoly of the 1980s and 1990s. Yet, XML-based RPC is not a panacea (though it is quite cool), especially for those of us involved in the legacy and client-server worlds. Now, what is fascinating: the publishing world is revving up the engines on not only the XML-based RPC stuff, but also the RMI and CORBA stuff -- while rarely applied to the tech industry, the old adage, "what was old is new again," seems to fit well here. This review describes this über-cool trend from the RMI perspective, with a focus on Java RMI (O'Reilly) by William Grosso." Read on for the rest of the review. Java RMI author William Grosso pages 545 publisher O'Reilly rating 8 reviewer amoon ISBN 1-56592-452-5 summary Solid practical insight into the nitty-gritty details of RMI.

The Scoop

Remote Method Invocation (RMI) is the object-oriented remote procedure call (ORPC) facility for distributed programming in Java, since the 1.1 days. RMI also served as motivation and a proof-of-concept for jini, javaspaces, and numerous other solid distributed networking technologies. Of course, anyone from the academic distributed programming world knows Wollrath, Waldo, and Riggs.

Yet, despite a myriad of books over the past five years on network programming, RMI always seemed to be the stepchild: relegated to a single chapter (buried on page 496, of course) that always said that RMI was "better" than sockets and "worse" than CORBA. Now, granted that RMI is operationally rather trivial compared with CORBA and was (prior to RMI/IIOP) a unilanguage distributed ORPC technology -- but still. For those of us who have to interoperate with RMI (whether welcome from the Java world or not), the lack of in-depth technical analysis (beyond the spec) has been a hindrance.

Fortunately, this trend is finally starting to buckle with the release of several in-depth RMI books including: Java RMI, Java.rmi, and Mastering RMI: Developing Enterprise Applications in Java and EJB. As evidence of this problem, Grosso states the same in his introduction – and actually pulls it off without sounding self-serving.

I chose Grosso's text because of the cute squirrel (aka the O'Reilly brand), Grosso's recent series of articles on the hashbelt algorithm, and his unadulterated academic knowledge management and mathematics bent. Fortunately, I was rewarded: this animal returns to O'Reilly's pre-bubble quality. Koodoos to both Grosso and his editors (Knudsen, Loukides, and Eckstein) for getting the train back on the track.

What's to Like

Bottom line is that Grosso simply covers the topics and does so with solid conceptual and code coherence – even by O'Reilly standards (over 40 animals grace my shelves). His prose and explanatory patterns make it clear that he has actually gotten into the real-world of RMI, and doesn't hesitate to highlight both good and bad parts. You cannot be dozing off when you read this (at least not if you expect to understand it) -- this is written by someone with solid analytic thinking skills and it shows. After too many years of "there are no caveats" journalism and publishing, this is a nice reversion. Further, I can only imagine that his current employment is a testament to his real-world knowledge of RMI.

Grosso hits on a vein which is not well-appreciated: when not smoothed over by marketing people, RMI is actually a mostly-capable ORPC technology. Certainly activation and RMI/IIOP really began to make things interesting, from Java2 and EJB respectively. Discussion of reference-counted distributed garbage collection, a feature missing from CORBA and other popular ORPC standards, also contributes a nice bonus (although Grosso's ardent attempt to debunk the "RMI doesn't scale" argument is rather weak, even going so far as to rehash the definition of Threads and threadpools – this complexity mismatch is an ugly giveaway that a well-intentioned editor went astray).

What sets this text apart is the tight focus on nitty-gritty implementation details of RMI itself. After all, these RMI texts are way too late to the game to reteach how to write "baby RMI" code: 5 years after the original spec, you either know how to write RMI or you don't. Grosso simply gives you a solid in-depth analysis of all the obscurities of the RMI runtime, custom sockets, dynamic classloading, activation, MarshalledObjects, and HTTP tunneling. In other words, all the interesting real-world topics whose official documentation is poor and which the various RMI tutorials (written many years ago) ignored.

While canonical, the single banking example followed through the text was well-executed, although authors continue to underestimate the prevalence of readers who consume textbooks non-linearly.

What's Not to Like

RMI/IIOP is shaping up to be a fascinating contributor to the "cleanup the EJB mess" discussion. Dedicating a measly 13 pages (beginning on page 503, no less) to this critical topic seems a bit of an oversight – but maybe that is just my CORBA sentiments speaking. Either way, the mechanics of CORBA are sufficiently intricate in real-world deployments that saying "if you can build an RMI system, you can build a CORBA system" (p. 511) is a bit brazen (or naïve) for my tastebuds. I can only chalk up this oversight to deadline pressure, which is probably a Good Thing, since the book was supposedly in production over almost 2 years.

A minor point: the top-level organization of the book (Part I, II, III) is arbitrary, ignore it -- use the chapter organization instead.

The Summary

Quality: solid practical insight into the nitty-gritty operational implementation details of RMI in the real-world. You simply are not going to find solid O'Reilly-quality coverage of the topics elsewhere.

Relevance: If you are responsible for making RMI actually work in production systems, this might well be the next animal on your shelf – either now or later. If you want a breezy afternoon saunter around RMI, skip this. Instead, google one (of the many) free tutorials online."

You can purchase Java RMI from Fatbrain. Want to see your own review here? Just read the book review guidelines, then use Slashdot's handy submission form.

sanglin writes: "On O'Reilly's ONJava.com site, there's a new "Using SOAP with Tomcat" column from James Goodwill. It shows you how to create and deploy SOAP services with Apache's RPC model onto the Tomcat container."

wjv writes: "Open source Bioinformatics hackers from around the world are meeting in the first ever Biohackathon to hack, eat, hack, sleep, hack... The South African Business Day has the scoop, or see our weblog. The event is co-sponsored by my employer and O'Reilly. I'm typing this from the hackathon, and you wouldn't believe the buzz... or the scenic venue!"

Two Slashdot (and Slashcode) readers -- Alex McLintock of Openweb Analysts Ltd, and Dave Aiello of CTDATA -- have graciously contributed their impressions of the new O'Reilly book Running Weblogs With Slash. Since the Slash code is now used to run sites covering a huge number of topics (fly fishing, mountain biking, "news for nerds," etc.), it's time there was at least one printed reference to it. Running Weblogs With Slash author chromatic, Brian Aker, Dave Kreiger pages 262 publisher O'Reilly rating (see each) reviewer Alex McLintock ISBN 0-596-00200-2 summary It's the first book I know about slash: That means it's the best, and the worst.

dave_aiello's review:

I have been running two small-scale Slash sites since 1999. When I began developing web sites using Slash the only code available was Version 0.3, one of the first tarballs ever released by Rob Malda. That code was almost totally undocumented and not at all modular.

The Slash project has grown and the code has improved since then. Slash has now reached the point where it is a feature-laden, open source web publishing platform. However, documentation that can help new users has always been hard to come by.

I found a paragraph near the beginning of the book that I thought was important because it may help you to decide whether this book will be helpful to you:

This book is aimed at anyone interested in setting up and running a weblog with the Slash software. This includes system administrators and programmers, but attempts have been made to keep the discussion readable for people who have no desire to compile their own kernel or to rewrite the moderation system. It concentrates much more on how to accomplish things than how things work underneath, though it doesn't shy away from the greasy gears and wheels when appropriate.

The authors' choice of audience might also be why you have seen comments from some experienced Slash site maintainers indicating that they weren't entirely satisfied with the finished product. That's OK -- it wasn't written for them. But, if you have a desire to build a web site running on Slash and you don't want to spend the months that it took me to read the code line-by-line, "Running Weblogs with Slash" is a good place to start.

The main part of the book begins with an overview chapter. It starts with a brief history of the Slash project. The next ten pages are a review of the user interface of Slashdot, including a number of screenshots. This is followed by three important short sections: The Slash Author Interface (administration), The Slash Publishing Cycle, and The Slash Architecture. These sections do not contain screenshots, but author interface is discussed in detail later in the book, and the publishing cycle and architecture parts have diagrams to help you visualize the concepts being discussed.

The next chapter, Installing Slash, may be the most important one of the book. This chapter is surprisingly short (about 21 pages) considering the difficulty that some people have installing the software. Two of the most critical pages of the chapter cover getting help with the key underlying software: mySQL, Perl, Apache, mod_perl, and Slash itself. All of the important URLs and mailing lists are documented here. A short outline of the installation process, and a set of step-by-step installation instructions follow. There are also short sections on building sites that are distributed across multiple machines, and running multiple virtual Slash sites on the same server.

Although the installation chapter is clearly written, some users may have difficulty completing it without a little frustration. For instance, the book says "Although many UNIX-like operating systems come with Perl already installed, building Apache with mod_perl requires the Perl source." It would help if the detailed installation section of the chapter indicated how to uninstall a binary version of Perl from at least one of the major Linux distributions. The authors have been consistent, however, in focusing this chapter on critical, Slash-specific installation issues.

The next five chapters of the book focus on Slash site administration. The topics covered include editing and updating stories, reviewing and approving submissions, comment-related functionality, moderation, and managing sections and topics. These chapters are important because most people who want to implement a Slash site have never seen the administration interface and need some help understanding the tools that are available. These chapters are also helpful to people who have experience with other web publishing systems, because a quick comparison can be done between the Slash author interface and the system with which the reader is more familiar.

The main part of the book concludes with chapters on managing a Slash-based community, basic and advanced customization, and advanced administration. The customization chapters are the only places in the main part of the book where the Perl code that makes up Slash is discussed in any detail. Now that Slash implements much of the web site's look and feel through the Template Toolkit, modification of the application source is much less important than it used to be. The advanced administration chapter is primarily about the Slash daemon (slashd), the tasks it performs (dailyStuff, moderatord, portald), and how tasks can be added and modified.

The appendices are easily the most technical part of the book. They begin with a detailed discussion of the Slash architecture, which includes several process diagrams, and a discussion of the Slash directory structure. The second appendix discusses the Slash database schema. The appendix on the Slash Template Language looks quite useful to people trying to modify the appearance of their Slash site. The Slash API appendix covers some of the important high-level functions that would be useful in building your own Slash plugin or theme. The last appendix covers Slash configuration variables, which can be important if you have to modify the location of Slash content in your file system, or you need to change other fundamental aspects of your site's configuration.

I would strongly recommend this book to you if you plan to build a Slash-based site and you want to develop a basic understanding of the Slash software as quickly as possible. You will also need to find resources (either in print or on-line) to help you understand administration of the underlying operating system, Perl, Apache, and mySQL, if you have little or no background in these subjects.

I'm sure that many people will be able to successfully install and operate Slash by using this book as their primary reference. And, if they have difficulty, they will have sufficient understanding of the architecture and terminology to ask "good questions" on the mailing lists or the Slashcode web site.

Alex McLintock's review:

Executive Summary:

This review basically lists the flaws and missing features in the book. But that doesn't mean it is a bad book - just that it is easier to find fault than praise. If you need a book on running a weblog with slash then buy this book.

About the Reviewer:

My slash experience is in running a book reviews website http://news.diversebooks.com/ using slashcode. I did set up a site years ago called "mines-a-pint.com" using a pre 1.0 version of slashcode but the site fell over due to lack of spare time.

I am also a perl programmer and web developer so I can figure out a huge variety of problems with Apache, mod_perl, and MySQL. This is lucky because slashcode depends quite greatly on the administrator having those skills. Sadly this book doesn't look into them in great detail. Were this a Wrox book the publishers would have copied a few chapters from different books - or at least given more details on how to troubleshoot those systems. The O'Reilly strategy is that you can perfectly well buy their book on MySQL, their Apache book, and their mod_perl book(s).

Choosing Slash:

I was expecting more of a comparison of Slash to other weblogs. Why chose slash over others? It is in fact a hard question to answer unless you require a site really quite like http://slashdot.org The big benefit of being able to cope with a lot of traffic probably don't apply to most sites just starting out.

The book assumes you have greater than Slash 2.2.0, but presumably quite a few people such as myself have 2.0 installed and not upgraded yet. (I don't know how many people are running pre 1.0 slash sites). It doesn't mention how you upgrade. Lets face it - even if you installed the latest version today (2.2.5) you *will* have to upgrade at some point.

Setting Up Sites:

I expected this section to be a lot more detailed than the basic instructions - but it isn't so much better. When setting up slash sites there are at least three different types of user (slash, unix, and database) and these are not differentiated properly. The authors of the book fall too easily into using slashcode jargon without realising that someone coming to this for the first time wont know the slash-speak. I understand it because I've been reading the mailing list for nearly a year. However, someone picking up this book may not have.

Most jargon terms are introduced but they could be better explained - perhaps with more diagrams. As a typical example, it took me ages to understand the difference between topics and sections. It would have been great to see examples of how different slashcode sites decided what their topics and sections would be. Originally I just saw topics and sections as being a matrix of slots into which one would pigeonhole each article. However there are some things you can do with sections (the columns of the matrix) which you can't do with the topics (the rows). This seemed to me to be an arbitrary limitation of slashcode which an installer needs to be aware of when choosing topics and sections.

More screenshots of the default theme are needed. For instance it talks about the various slashboxes which are configurable but doesn't show them.

Virtual Slash Sites:

I pretended I was a newbie at this and tried to follow their instructions for installing virtual slash sites (ie multiple weblogs on the same machine). The instructions for setting up virtual users aren't complete. EG how do you *add* a new user to DBIx::Password I figured it out because I know perl but others may have significant problems....

Slightly Unusual Config:

I wanted to see if the book would tell me how to put all slash URLs inside a directory of a pre-existing site. (eg http://mysite.com/newsdir/slashpages ) but no found info on doing this at all....

This is a shame because it means that if you wish to combine slashcode with some other html you have to take the approach of installing slash and then adding the extra html content rather than the other way around. It should have considered the situation where someone already has a pre-existing website which they just want to enhance with some news capability.

Running a Slash Site:

There is not much description of the workflow of submitted articles through the system. Instead it is explained by describing what slashcode editors (aka "Authors") do. Looking at the article workflow is important because many other organisations will have different workflows and thus will need to change their behaviour to match Slashcode and not vice versa. This is generally a "bad thing".

Would I Buy This Book?

If I were installing slash for someone and I wasn't being paid to do all the maintenance I would have no hesitation in buying this book to help whoever is doing first line support. However I don't feel a desperate need to keep the book myself since I've already learned most of what it contains just by running a slash site. I know how to read the docs, look at the perl and database, and use the mailing list.

Ok - I can't do entirely without the book because it has some useful reference sections: a full third of the book is made from Appendices and index! One of the most useful of these is the chapter on Andy Wardley's Template Toolkit. I have a bit of an advantage here since I have used Andy's code before in a different web project. However most of my future slash site design will be done by a more junior web developer who doesn't have any perl experience and I expect this will be his most used chapter. (Check back to http://news.DiverseBooks.com in a few days for his additions to this review). The final appendix is useful too -- the list of configuration variables and their meanings.

You can purchase Running Weblogs with Slash from Fatbrain. Want to see your own review here? Just read the book review guidelines, then use Slashdot's handy submission form. (Psst! O'Reilly has also made available a 20% discount for Slashdot readers ordering by phone (800-294-4747), email (order@oreilly.com) or from the O'Reilly web site. Use discount code "#E1EW36."

Two Slashdot (and Slashcode) readers -- Alex McLintock of Openweb Analysts Ltd, and Dave Aiello of CTDATA -- have graciously contributed their impressions of the new O'Reilly book Running Weblogs With Slash. Since the Slash code is now used to run sites covering a huge number of topics (fly fishing, mountain biking, "news for nerds," etc.), it's time there was at least one printed reference to it. Running Weblogs With Slash author chromatic, Brian Aker, Dave Kreiger pages 262 publisher O'Reilly rating (see each) reviewer Alex McLintock ISBN 0-596-00200-2 summary It's the first book I know about slash: That means it's the best, and the worst.

dave_aiello's review:

I have been running two small-scale Slash sites since 1999. When I began developing web sites using Slash the only code available was Version 0.3, one of the first tarballs ever released by Rob Malda. That code was almost totally undocumented and not at all modular.

The Slash project has grown and the code has improved since then. Slash has now reached the point where it is a feature-laden, open source web publishing platform. However, documentation that can help new users has always been hard to come by.

I found a paragraph near the beginning of the book that I thought was important because it may help you to decide whether this book will be helpful to you:

This book is aimed at anyone interested in setting up and running a weblog with the Slash software. This includes system administrators and programmers, but attempts have been made to keep the discussion readable for people who have no desire to compile their own kernel or to rewrite the moderation system. It concentrates much more on how to accomplish things than how things work underneath, though it doesn't shy away from the greasy gears and wheels when appropriate.

The authors' choice of audience might also be why you have seen comments from some experienced Slash site maintainers indicating that they weren't entirely satisfied with the finished product. That's OK -- it wasn't written for them. But, if you have a desire to build a web site running on Slash and you don't want to spend the months that it took me to read the code line-by-line, "Running Weblogs with Slash" is a good place to start.

The main part of the book begins with an overview chapter. It starts with a brief history of the Slash project. The next ten pages are a review of the user interface of Slashdot, including a number of screenshots. This is followed by three important short sections: The Slash Author Interface (administration), The Slash Publishing Cycle, and The Slash Architecture. These sections do not contain screenshots, but author interface is discussed in detail later in the book, and the publishing cycle and architecture parts have diagrams to help you visualize the concepts being discussed.

The next chapter, Installing Slash, may be the most important one of the book. This chapter is surprisingly short (about 21 pages) considering the difficulty that some people have installing the software. Two of the most critical pages of the chapter cover getting help with the key underlying software: mySQL, Perl, Apache, mod_perl, and Slash itself. All of the important URLs and mailing lists are documented here. A short outline of the installation process, and a set of step-by-step installation instructions follow. There are also short sections on building sites that are distributed across multiple machines, and running multiple virtual Slash sites on the same server.

Although the installation chapter is clearly written, some users may have difficulty completing it without a little frustration. For instance, the book says "Although many UNIX-like operating systems come with Perl already installed, building Apache with mod_perl requires the Perl source." It would help if the detailed installation section of the chapter indicated how to uninstall a binary version of Perl from at least one of the major Linux distributions. The authors have been consistent, however, in focusing this chapter on critical, Slash-specific installation issues.

The next five chapters of the book focus on Slash site administration. The topics covered include editing and updating stories, reviewing and approving submissions, comment-related functionality, moderation, and managing sections and topics. These chapters are important because most people who want to implement a Slash site have never seen the administration interface and need some help understanding the tools that are available. These chapters are also helpful to people who have experience with other web publishing systems, because a quick comparison can be done between the Slash author interface and the system with which the reader is more familiar.

The main part of the book concludes with chapters on managing a Slash-based community, basic and advanced customization, and advanced administration. The customization chapters are the only places in the main part of the book where the Perl code that makes up Slash is discussed in any detail. Now that Slash implements much of the web site's look and feel through the Template Toolkit, modification of the application source is much less important than it used to be. The advanced administration chapter is primarily about the Slash daemon (slashd), the tasks it performs (dailyStuff, moderatord, portald), and how tasks can be added and modified.

The appendices are easily the most technical part of the book. They begin with a detailed discussion of the Slash architecture, which includes several process diagrams, and a discussion of the Slash directory structure. The second appendix discusses the Slash database schema. The appendix on the Slash Template Language looks quite useful to people trying to modify the appearance of their Slash site. The Slash API appendix covers some of the important high-level functions that would be useful in building your own Slash plugin or theme. The last appendix covers Slash configuration variables, which can be important if you have to modify the location of Slash content in your file system, or you need to change other fundamental aspects of your site's configuration.

I would strongly recommend this book to you if you plan to build a Slash-based site and you want to develop a basic understanding of the Slash software as quickly as possible. You will also need to find resources (either in print or on-line) to help you understand administration of the underlying operating system, Perl, Apache, and mySQL, if you have little or no background in these subjects.

I'm sure that many people will be able to successfully install and operate Slash by using this book as their primary reference. And, if they have difficulty, they will have sufficient understanding of the architecture and terminology to ask "good questions" on the mailing lists or the Slashcode web site.

Alex McLintock's review:

Executive Summary:

This review basically lists the flaws and missing features in the book. But that doesn't mean it is a bad book - just that it is easier to find fault than praise. If you need a book on running a weblog with slash then buy this book.

About the Reviewer:

My slash experience is in running a book reviews website http://news.diversebooks.com/ using slashcode. I did set up a site years ago called "mines-a-pint.com" using a pre 1.0 version of slashcode but the site fell over due to lack of spare time.

I am also a perl programmer and web developer so I can figure out a huge variety of problems with Apache, mod_perl, and MySQL. This is lucky because slashcode depends quite greatly on the administrator having those skills. Sadly this book doesn't look into them in great detail. Were this a Wrox book the publishers would have copied a few chapters from different books - or at least given more details on how to troubleshoot those systems. The O'Reilly strategy is that you can perfectly well buy their book on MySQL, their Apache book, and their mod_perl book(s).

Choosing Slash:

I was expecting more of a comparison of Slash to other weblogs. Why chose slash over others? It is in fact a hard question to answer unless you require a site really quite like http://slashdot.org The big benefit of being able to cope with a lot of traffic probably don't apply to most sites just starting out.

The book assumes you have greater than Slash 2.2.0, but presumably quite a few people such as myself have 2.0 installed and not upgraded yet. (I don't know how many people are running pre 1.0 slash sites). It doesn't mention how you upgrade. Lets face it - even if you installed the latest version today (2.2.5) you *will* have to upgrade at some point.

Setting Up Sites:

I expected this section to be a lot more detailed than the basic instructions - but it isn't so much better. When setting up slash sites there are at least three different types of user (slash, unix, and database) and these are not differentiated properly. The authors of the book fall too easily into using slashcode jargon without realising that someone coming to this for the first time wont know the slash-speak. I understand it because I've been reading the mailing list for nearly a year. However, someone picking up this book may not have.

Most jargon terms are introduced but they could be better explained - perhaps with more diagrams. As a typical example, it took me ages to understand the difference between topics and sections. It would have been great to see examples of how different slashcode sites decided what their topics and sections would be. Originally I just saw topics and sections as being a matrix of slots into which one would pigeonhole each article. However there are some things you can do with sections (the columns of the matrix) which you can't do with the topics (the rows). This seemed to me to be an arbitrary limitation of slashcode which an installer needs to be aware of when choosing topics and sections.

More screenshots of the default theme are needed. For instance it talks about the various slashboxes which are configurable but doesn't show them.

Virtual Slash Sites:

I pretended I was a newbie at this and tried to follow their instructions for installing virtual slash sites (ie multiple weblogs on the same machine). The instructions for setting up virtual users aren't complete. EG how do you *add* a new user to DBIx::Password I figured it out because I know perl but others may have significant problems....

Slightly Unusual Config:

I wanted to see if the book would tell me how to put all slash URLs inside a directory of a pre-existing site. (eg http://mysite.com/newsdir/slashpages ) but no found info on doing this at all....

This is a shame because it means that if you wish to combine slashcode with some other html you have to take the approach of installing slash and then adding the extra html content rather than the other way around. It should have considered the situation where someone already has a pre-existing website which they just want to enhance with some news capability.

Running a Slash Site:

There is not much description of the workflow of submitted articles through the system. Instead it is explained by describing what slashcode editors (aka "Authors") do. Looking at the article workflow is important because many other organisations will have different workflows and thus will need to change their behaviour to match Slashcode and not vice versa. This is generally a "bad thing".

Would I Buy This Book?

If I were installing slash for someone and I wasn't being paid to do all the maintenance I would have no hesitation in buying this book to help whoever is doing first line support. However I don't feel a desperate need to keep the book myself since I've already learned most of what it contains just by running a slash site. I know how to read the docs, look at the perl and database, and use the mailing list.

Ok - I can't do entirely without the book because it has some useful reference sections: a full third of the book is made from Appendices and index! One of the most useful of these is the chapter on Andy Wardley's Template Toolkit. I have a bit of an advantage here since I have used Andy's code before in a different web project. However most of my future slash site design will be done by a more junior web developer who doesn't have any perl experience and I expect this will be his most used chapter. (Check back to http://news.DiverseBooks.com in a few days for his additions to this review). The final appendix is useful too -- the list of configuration variables and their meanings.

You can purchase Running Weblogs with Slash from Fatbrain. Want to see your own review here? Just read the book review guidelines, then use Slashdot's handy submission form. (Psst! O'Reilly has also made available a 20% discount for Slashdot readers ordering by phone (800-294-4747), email (order@oreilly.com) or from the O'Reilly web site. Use discount code "#E1EW36."

Two Slashdot (and Slashcode) readers -- Alex McLintock of Openweb Analysts Ltd, and Dave Aiello of CTDATA -- have graciously contributed their impressions of the new O'Reilly book Running Weblogs With Slash. Since the Slash code is now used to run sites covering a huge number of topics (fly fishing, mountain biking, "news for nerds," etc.), it's time there was at least one printed reference to it. Running Weblogs With Slash author chromatic, Brian Aker, Dave Kreiger pages 262 publisher O'Reilly rating (see each) reviewer Alex McLintock ISBN 0-596-00200-2 summary It's the first book I know about slash: That means it's the best, and the worst.

dave_aiello's review:

I have been running two small-scale Slash sites since 1999. When I began developing web sites using Slash the only code available was Version 0.3, one of the first tarballs ever released by Rob Malda. That code was almost totally undocumented and not at all modular.

The Slash project has grown and the code has improved since then. Slash has now reached the point where it is a feature-laden, open source web publishing platform. However, documentation that can help new users has always been hard to come by.

I found a paragraph near the beginning of the book that I thought was important because it may help you to decide whether this book will be helpful to you:

This book is aimed at anyone interested in setting up and running a weblog with the Slash software. This includes system administrators and programmers, but attempts have been made to keep the discussion readable for people who have no desire to compile their own kernel or to rewrite the moderation system. It concentrates much more on how to accomplish things than how things work underneath, though it doesn't shy away from the greasy gears and wheels when appropriate.

The authors' choice of audience might also be why you have seen comments from some experienced Slash site maintainers indicating that they weren't entirely satisfied with the finished product. That's OK -- it wasn't written for them. But, if you have a desire to build a web site running on Slash and you don't want to spend the months that it took me to read the code line-by-line, "Running Weblogs with Slash" is a good place to start.

The main part of the book begins with an overview chapter. It starts with a brief history of the Slash project. The next ten pages are a review of the user interface of Slashdot, including a number of screenshots. This is followed by three important short sections: The Slash Author Interface (administration), The Slash Publishing Cycle, and The Slash Architecture. These sections do not contain screenshots, but author interface is discussed in detail later in the book, and the publishing cycle and architecture parts have diagrams to help you visualize the concepts being discussed.

The next chapter, Installing Slash, may be the most important one of the book. This chapter is surprisingly short (about 21 pages) considering the difficulty that some people have installing the software. Two of the most critical pages of the chapter cover getting help with the key underlying software: mySQL, Perl, Apache, mod_perl, and Slash itself. All of the important URLs and mailing lists are documented here. A short outline of the installation process, and a set of step-by-step installation instructions follow. There are also short sections on building sites that are distributed across multiple machines, and running multiple virtual Slash sites on the same server.

Although the installation chapter is clearly written, some users may have difficulty completing it without a little frustration. For instance, the book says "Although many UNIX-like operating systems come with Perl already installed, building Apache with mod_perl requires the Perl source." It would help if the detailed installation section of the chapter indicated how to uninstall a binary version of Perl from at least one of the major Linux distributions. The authors have been consistent, however, in focusing this chapter on critical, Slash-specific installation issues.

The next five chapters of the book focus on Slash site administration. The topics covered include editing and updating stories, reviewing and approving submissions, comment-related functionality, moderation, and managing sections and topics. These chapters are important because most people who want to implement a Slash site have never seen the administration interface and need some help understanding the tools that are available. These chapters are also helpful to people who have experience with other web publishing systems, because a quick comparison can be done between the Slash author interface and the system with which the reader is more familiar.

The main part of the book concludes with chapters on managing a Slash-based community, basic and advanced customization, and advanced administration. The customization chapters are the only places in the main part of the book where the Perl code that makes up Slash is discussed in any detail. Now that Slash implements much of the web site's look and feel through the Template Toolkit, modification of the application source is much less important than it used to be. The advanced administration chapter is primarily about the Slash daemon (slashd), the tasks it performs (dailyStuff, moderatord, portald), and how tasks can be added and modified.

The appendices are easily the most technical part of the book. They begin with a detailed discussion of the Slash architecture, which includes several process diagrams, and a discussion of the Slash directory structure. The second appendix discusses the Slash database schema. The appendix on the Slash Template Language looks quite useful to people trying to modify the appearance of their Slash site. The Slash API appendix covers some of the important high-level functions that would be useful in building your own Slash plugin or theme. The last appendix covers Slash configuration variables, which can be important if you have to modify the location of Slash content in your file system, or you need to change other fundamental aspects of your site's configuration.

I would strongly recommend this book to you if you plan to build a Slash-based site and you want to develop a basic understanding of the Slash software as quickly as possible. You will also need to find resources (either in print or on-line) to help you understand administration of the underlying operating system, Perl, Apache, and mySQL, if you have little or no background in these subjects.

I'm sure that many people will be able to successfully install and operate Slash by using this book as their primary reference. And, if they have difficulty, they will have sufficient understanding of the architecture and terminology to ask "good questions" on the mailing lists or the Slashcode web site.

Alex McLintock's review:

Executive Summary:

This review basically lists the flaws and missing features in the book. But that doesn't mean it is a bad book - just that it is easier to find fault than praise. If you need a book on running a weblog with slash then buy this book.

About the Reviewer:

My slash experience is in running a book reviews website http://news.diversebooks.com/ using slashcode. I did set up a site years ago called "mines-a-pint.com" using a pre 1.0 version of slashcode but the site fell over due to lack of spare time.

I am also a perl programmer and web developer so I can figure out a huge variety of problems with Apache, mod_perl, and MySQL. This is lucky because slashcode depends quite greatly on the administrator having those skills. Sadly this book doesn't look into them in great detail. Were this a Wrox book the publishers would have copied a few chapters from different books - or at least given more details on how to troubleshoot those systems. The O'Reilly strategy is that you can perfectly well buy their book on MySQL, their Apache book, and their mod_perl book(s).

Choosing Slash:

I was expecting more of a comparison of Slash to other weblogs. Why chose slash over others? It is in fact a hard question to answer unless you require a site really quite like http://slashdot.org The big benefit of being able to cope with a lot of traffic probably don't apply to most sites just starting out.

The book assumes you have greater than Slash 2.2.0, but presumably quite a few people such as myself have 2.0 installed and not upgraded yet. (I don't know how many people are running pre 1.0 slash sites). It doesn't mention how you upgrade. Lets face it - even if you installed the latest version today (2.2.5) you *will* have to upgrade at some point.

Setting Up Sites:

I expected this section to be a lot more detailed than the basic instructions - but it isn't so much better. When setting up slash sites there are at least three different types of user (slash, unix, and database) and these are not differentiated properly. The authors of the book fall too easily into using slashcode jargon without realising that someone coming to this for the first time wont know the slash-speak. I understand it because I've been reading the mailing list for nearly a year. However, someone picking up this book may not have.

Most jargon terms are introduced but they could be better explained - perhaps with more diagrams. As a typical example, it took me ages to understand the difference between topics and sections. It would have been great to see examples of how different slashcode sites decided what their topics and sections would be. Originally I just saw topics and sections as being a matrix of slots into which one would pigeonhole each article. However there are some things you can do with sections (the columns of the matrix) which you can't do with the topics (the rows). This seemed to me to be an arbitrary limitation of slashcode which an installer needs to be aware of when choosing topics and sections.

More screenshots of the default theme are needed. For instance it talks about the various slashboxes which are configurable but doesn't show them.

Virtual Slash Sites:

I pretended I was a newbie at this and tried to follow their instructions for installing virtual slash sites (ie multiple weblogs on the same machine). The instructions for setting up virtual users aren't complete. EG how do you *add* a new user to DBIx::Password I figured it out because I know perl but others may have significant problems....

Slightly Unusual Config:

I wanted to see if the book would tell me how to put all slash URLs inside a directory of a pre-existing site. (eg http://mysite.com/newsdir/slashpages ) but no found info on doing this at all....

This is a shame because it means that if you wish to combine slashcode with some other html you have to take the approach of installing slash and then adding the extra html content rather than the other way around. It should have considered the situation where someone already has a pre-existing website which they just want to enhance with some news capability.

Running a Slash Site:

There is not much description of the workflow of submitted articles through the system. Instead it is explained by describing what slashcode editors (aka "Authors") do. Looking at the article workflow is important because many other organisations will have different workflows and thus will need to change their behaviour to match Slashcode and not vice versa. This is generally a "bad thing".

Would I Buy This Book?

If I were installing slash for someone and I wasn't being paid to do all the maintenance I would have no hesitation in buying this book to help whoever is doing first line support. However I don't feel a desperate need to keep the book myself since I've already learned most of what it contains just by running a slash site. I know how to read the docs, look at the perl and database, and use the mailing list.

Ok - I can't do entirely without the book because it has some useful reference sections: a full third of the book is made from Appendices and index! One of the most useful of these is the chapter on Andy Wardley's Template Toolkit. I have a bit of an advantage here since I have used Andy's code before in a different web project. However most of my future slash site design will be done by a more junior web developer who doesn't have any perl experience and I expect this will be his most used chapter. (Check back to http://news.DiverseBooks.com in a few days for his additions to this review). The final appendix is useful too -- the list of configuration variables and their meanings.

You can purchase Running Weblogs with Slash from Fatbrain. Want to see your own review here? Just read the book review guidelines, then use Slashdot's handy submission form. (Psst! O'Reilly has also made available a 20% discount for Slashdot readers ordering by phone (800-294-4747), email (order@oreilly.com) or from the O'Reilly web site. Use discount code "#E1EW36."

babbage writes:"As the banner above the title of James Tisdall's Beginning Perl for Bioinformatics indicates, this book is 'an introduction to Perl for biologists.' What the banner doesn't mention is that it's also an introduction to biology and bioinformatics for Perl programmers, and it's also an introduction to both Perl *and* biology for people that have never really been exposed to either field. The author has clearly thought a lot about making one book to please these different audiences, and he has pulled it off nicely, in a way that manages to explain basic topics to people learning about each field for the first time while not coming off as condescending or slow-paced to those that might already have some exposure to it." Read on for the rest of his review. Beginning Perl for Bioinformatics author James Tisdall pages 400 publisher O'Reilly & Associates rating 8 reviewer babbage ISBN 0-596-00080-4 summary Well-balanced approach to applying Perl's sorting and analytical abilities to the field of bioinformatics.

Superficially, this book isn't all that different from a lot of introductory Perl books: the Perl material starts out with an overview of the language, followed by a crash course on installing Perl, writing programs, and running them. From there, it goes on to introduce all the various language constructs, from variables to statements to subroutines, that any programmer is going to have to get comfortable with. Pretty run of the mill so far. Tisdall starts with two interesting assumptions, though: [1] that the reader may have never written a computer program before, and so needs to learn how to engineer a robust application that will do its job efficiently and well, and [2] that the reader wants to know how to write programs that can solve a series of biological problems, specifically in genetics and proteomics.

As such, there is at least as much material about the problems that a biologist faces and the places she can go to get the data she needs as there is about the issues that a Perl programmer needs to be aware of. The author introduces the reader to the basics of DNA chemistry, the cellular processes that convert DNA to RNA and then proteins, and a little bit about how and why this is important to the biologist and what sorts of information would help a biologist's research. The main sources of public genetic data are noted, and the often confusing -- and huge -- datafiles that can be obtained from these sources are examined in detail.

With the code he presents for solving these problems, Tisdall makes a point of not falling into the indecipherable-Perl trap: this is a useful language, well-suited to the essentially text-analysis problems that bioinformatics means, and he doesn't want to encourage the kind of dense, obscure, idiomatic coding style that has given Perl an undeservedly bad reputation. Some of Perl's more esoteric constructs are useful, and they show up when they're needed, but they're left out when they would only serve to confuse the reader. This is a good decision.

Rather, the focus is on teaching readers how to solve biological problems with a carefully developed library of code that happens to leverage some of Perl's most useful properties. The result is pretty much a biologist's edition of Christiansen & Torkington's Perl Cookbook or Dave Cross' Data Munging With Perl. The author presents a series of issues that a working bioinformaticist might have to deal with daily -- parsing over BLAST, GenBank, and PDB files, finding relevant motifs in that parsed data, and preparing reports about all of it. If a bioinformaticist's job is to be able to report on interesting patterns from these various sources, then following the programming techniques that Tisdall explains in clear, easy-to-follow prose would be an excellent way to go about doing it.

And when I say "programming techniques," note that I'm not specifically mentioning Perl. The code in this book is clear and organized, and all programs are carefully decomposed into logical subroutines that are then packaged up into a library file that each later sample program gets to draw from. Each new program typically contains a main section of a dozen lines of code or less, followed by no more than two or three new subroutines, along with calls to routines written earlier and called from the BeginPerlBioinfo.pm that is built up as the book progresses. Each sample is typically preceded by a description of what it's trying to accomplish and followed by a detaild description of how it was done, as well as suggestions of other ways that might have worked or not worked.

This modular approach is fantastic -- too many Perl books seem to focus so heavily on the mechanics of getting short scripts to work that they lose sight of how to build up a suite of useful methods and, from those methods, to develop ever-more-sophisticated applications. It isn't quite object-oriented programming, but that's clearly where Tisdall is headed with these samples, and given a few more chapters he probably would have started formally wrapping some of this code into OO packages.

If I have a complaint with the book, in fact, it's that Tisdall doesn't go any further: everything is good, but it ends too soon. Seemingly important topics such as OO programming, XML, graphics (charts & GUIs), CGI, and DBI are mentioned only in passing, under "further topics" in the last chapter. I also have a feeling that some of the biology was shorted, and the book barely touches upon the statistical analysis that probably is a critical aspect of the advanced bioinformaticist's toolbox. I can understand wanting to keep the length of a beginner's book relatively short, and this was probably the right decision, but it would have been nice to see some of the earlier sample problems revisited in these new contexts by, for example, formally making an OO library, showing a sample program that provided a web interface to some of the methods already written, or presenting code that presented results as XML or exchanged them with a database.

But these are minor quibbles, and if the reader is comfortable with the material up to this point, she shouldn't have a hard time figuring out how to go a step further and do these things alone. It's a solid book, and one that should be able to get people learning Perl, genetics, or both up to speed and working on real world problems quickly.

You can purchase Beginning Perl for Bioinformatics at Fatbrain. Want to see your own review here? Read the review guidelines first, then use Slashdot's webform.

babbage writes:"As the banner above the title of James Tisdall's Beginning Perl for Bioinformatics indicates, this book is 'an introduction to Perl for biologists.' What the banner doesn't mention is that it's also an introduction to biology and bioinformatics for Perl programmers, and it's also an introduction to both Perl *and* biology for people that have never really been exposed to either field. The author has clearly thought a lot about making one book to please these different audiences, and he has pulled it off nicely, in a way that manages to explain basic topics to people learning about each field for the first time while not coming off as condescending or slow-paced to those that might already have some exposure to it." Read on for the rest of his review. Beginning Perl for Bioinformatics author James Tisdall pages 400 publisher O'Reilly & Associates rating 8 reviewer babbage ISBN 0-596-00080-4 summary Well-balanced approach to applying Perl's sorting and analytical abilities to the field of bioinformatics.

Superficially, this book isn't all that different from a lot of introductory Perl books: the Perl material starts out with an overview of the language, followed by a crash course on installing Perl, writing programs, and running them. From there, it goes on to introduce all the various language constructs, from variables to statements to subroutines, that any programmer is going to have to get comfortable with. Pretty run of the mill so far. Tisdall starts with two interesting assumptions, though: [1] that the reader may have never written a computer program before, and so needs to learn how to engineer a robust application that will do its job efficiently and well, and [2] that the reader wants to know how to write programs that can solve a series of biological problems, specifically in genetics and proteomics.

As such, there is at least as much material about the problems that a biologist faces and the places she can go to get the data she needs as there is about the issues that a Perl programmer needs to be aware of. The author introduces the reader to the basics of DNA chemistry, the cellular processes that convert DNA to RNA and then proteins, and a little bit about how and why this is important to the biologist and what sorts of information would help a biologist's research. The main sources of public genetic data are noted, and the often confusing -- and huge -- datafiles that can be obtained from these sources are examined in detail.

With the code he presents for solving these problems, Tisdall makes a point of not falling into the indecipherable-Perl trap: this is a useful language, well-suited to the essentially text-analysis problems that bioinformatics means, and he doesn't want to encourage the kind of dense, obscure, idiomatic coding style that has given Perl an undeservedly bad reputation. Some of Perl's more esoteric constructs are useful, and they show up when they're needed, but they're left out when they would only serve to confuse the reader. This is a good decision.

Rather, the focus is on teaching readers how to solve biological problems with a carefully developed library of code that happens to leverage some of Perl's most useful properties. The result is pretty much a biologist's edition of Christiansen & Torkington's Perl Cookbook or Dave Cross' Data Munging With Perl. The author presents a series of issues that a working bioinformaticist might have to deal with daily -- parsing over BLAST, GenBank, and PDB files, finding relevant motifs in that parsed data, and preparing reports about all of it. If a bioinformaticist's job is to be able to report on interesting patterns from these various sources, then following the programming techniques that Tisdall explains in clear, easy-to-follow prose would be an excellent way to go about doing it.

And when I say "programming techniques," note that I'm not specifically mentioning Perl. The code in this book is clear and organized, and all programs are carefully decomposed into logical subroutines that are then packaged up into a library file that each later sample program gets to draw from. Each new program typically contains a main section of a dozen lines of code or less, followed by no more than two or three new subroutines, along with calls to routines written earlier and called from the BeginPerlBioinfo.pm that is built up as the book progresses. Each sample is typically preceded by a description of what it's trying to accomplish and followed by a detaild description of how it was done, as well as suggestions of other ways that might have worked or not worked.

This modular approach is fantastic -- too many Perl books seem to focus so heavily on the mechanics of getting short scripts to work that they lose sight of how to build up a suite of useful methods and, from those methods, to develop ever-more-sophisticated applications. It isn't quite object-oriented programming, but that's clearly where Tisdall is headed with these samples, and given a few more chapters he probably would have started formally wrapping some of this code into OO packages.

If I have a complaint with the book, in fact, it's that Tisdall doesn't go any further: everything is good, but it ends too soon. Seemingly important topics such as OO programming, XML, graphics (charts & GUIs), CGI, and DBI are mentioned only in passing, under "further topics" in the last chapter. I also have a feeling that some of the biology was shorted, and the book barely touches upon the statistical analysis that probably is a critical aspect of the advanced bioinformaticist's toolbox. I can understand wanting to keep the length of a beginner's book relatively short, and this was probably the right decision, but it would have been nice to see some of the earlier sample problems revisited in these new contexts by, for example, formally making an OO library, showing a sample program that provided a web interface to some of the methods already written, or presenting code that presented results as XML or exchanged them with a database.

But these are minor quibbles, and if the reader is comfortable with the material up to this point, she shouldn't have a hard time figuring out how to go a step further and do these things alone. It's a solid book, and one that should be able to get people learning Perl, genetics, or both up to speed and working on real world problems quickly.

You can purchase Beginning Perl for Bioinformatics at Fatbrain. Want to see your own review here? Read the review guidelines first, then use Slashdot's webform.

babbage writes:"As the banner above the title of James Tisdall's Beginning Perl for Bioinformatics indicates, this book is 'an introduction to Perl for biologists.' What the banner doesn't mention is that it's also an introduction to biology and bioinformatics for Perl programmers, and it's also an introduction to both Perl *and* biology for people that have never really been exposed to either field. The author has clearly thought a lot about making one book to please these different audiences, and he has pulled it off nicely, in a way that manages to explain basic topics to people learning about each field for the first time while not coming off as condescending or slow-paced to those that might already have some exposure to it." Read on for the rest of his review. Beginning Perl for Bioinformatics author James Tisdall pages 400 publisher O'Reilly & Associates rating 8 reviewer babbage ISBN 0-596-00080-4 summary Well-balanced approach to applying Perl's sorting and analytical abilities to the field of bioinformatics.

Superficially, this book isn't all that different from a lot of introductory Perl books: the Perl material starts out with an overview of the language, followed by a crash course on installing Perl, writing programs, and running them. From there, it goes on to introduce all the various language constructs, from variables to statements to subroutines, that any programmer is going to have to get comfortable with. Pretty run of the mill so far. Tisdall starts with two interesting assumptions, though: [1] that the reader may have never written a computer program before, and so needs to learn how to engineer a robust application that will do its job efficiently and well, and [2] that the reader wants to know how to write programs that can solve a series of biological problems, specifically in genetics and proteomics.

As such, there is at least as much material about the problems that a biologist faces and the places she can go to get the data she needs as there is about the issues that a Perl programmer needs to be aware of. The author introduces the reader to the basics of DNA chemistry, the cellular processes that convert DNA to RNA and then proteins, and a little bit about how and why this is important to the biologist and what sorts of information would help a biologist's research. The main sources of public genetic data are noted, and the often confusing -- and huge -- datafiles that can be obtained from these sources are examined in detail.

With the code he presents for solving these problems, Tisdall makes a point of not falling into the indecipherable-Perl trap: this is a useful language, well-suited to the essentially text-analysis problems that bioinformatics means, and he doesn't want to encourage the kind of dense, obscure, idiomatic coding style that has given Perl an undeservedly bad reputation. Some of Perl's more esoteric constructs are useful, and they show up when they're needed, but they're left out when they would only serve to confuse the reader. This is a good decision.

Rather, the focus is on teaching readers how to solve biological problems with a carefully developed library of code that happens to leverage some of Perl's most useful properties. The result is pretty much a biologist's edition of Christiansen & Torkington's Perl Cookbook or Dave Cross' Data Munging With Perl. The author presents a series of issues that a working bioinformaticist might have to deal with daily -- parsing over BLAST, GenBank, and PDB files, finding relevant motifs in that parsed data, and preparing reports about all of it. If a bioinformaticist's job is to be able to report on interesting patterns from these various sources, then following the programming techniques that Tisdall explains in clear, easy-to-follow prose would be an excellent way to go about doing it.

And when I say "programming techniques," note that I'm not specifically mentioning Perl. The code in this book is clear and organized, and all programs are carefully decomposed into logical subroutines that are then packaged up into a library file that each later sample program gets to draw from. Each new program typically contains a main section of a dozen lines of code or less, followed by no more than two or three new subroutines, along with calls to routines written earlier and called from the BeginPerlBioinfo.pm that is built up as the book progresses. Each sample is typically preceded by a description of what it's trying to accomplish and followed by a detaild description of how it was done, as well as suggestions of other ways that might have worked or not worked.

This modular approach is fantastic -- too many Perl books seem to focus so heavily on the mechanics of getting short scripts to work that they lose sight of how to build up a suite of useful methods and, from those methods, to develop ever-more-sophisticated applications. It isn't quite object-oriented programming, but that's clearly where Tisdall is headed with these samples, and given a few more chapters he probably would have started formally wrapping some of this code into OO packages.

If I have a complaint with the book, in fact, it's that Tisdall doesn't go any further: everything is good, but it ends too soon. Seemingly important topics such as OO programming, XML, graphics (charts & GUIs), CGI, and DBI are mentioned only in passing, under "further topics" in the last chapter. I also have a feeling that some of the biology was shorted, and the book barely touches upon the statistical analysis that probably is a critical aspect of the advanced bioinformaticist's toolbox. I can understand wanting to keep the length of a beginner's book relatively short, and this was probably the right decision, but it would have been nice to see some of the earlier sample problems revisited in these new contexts by, for example, formally making an OO library, showing a sample program that provided a web interface to some of the methods already written, or presenting code that presented results as XML or exchanged them with a database.

But these are minor quibbles, and if the reader is comfortable with the material up to this point, she shouldn't have a hard time figuring out how to go a step further and do these things alone. It's a solid book, and one that should be able to get people learning Perl, genetics, or both up to speed and working on real world problems quickly.

You can purchase Beginning Perl for Bioinformatics at Fatbrain. Want to see your own review here? Read the review guidelines first, then use Slashdot's webform.

lisam writes: "The Wiki plugin integrates nicely with Slash and has a lot of cool features, says Chromatic who introduces Wikis and gives a detailed explanation of how and why the Wiki plugin works in this OnLamp article. (chromatic is coauthor of O'Reilly's upcoming Running Weblogs with Slash.)" A lot of people just think of Slashdot style sites when thinking of the Slash codebase, but this article goes on about how to extend slash in cool ways. If you are interested in plugins, the repository is a good place to start.

lisam writes: "The Wiki plugin integrates nicely with Slash and has a lot of cool features, says Chromatic who introduces Wikis and gives a detailed explanation of how and why the Wiki plugin works in this OnLamp article. (chromatic is coauthor of O'Reilly's upcoming Running Weblogs with Slash.)" A lot of people just think of Slashdot style sites when thinking of the Slash codebase, but this article goes on about how to extend slash in cool ways. If you are interested in plugins, the repository is a good place to start.

Lisa points to this article on oreillynet with "two opposing viewpoints on whether all software created by publicly funded research should be licensed as open source, and the chance to weigh in yourself." Open-source software (under whatever license) seems to me like a good way to multiply the investment of tax dollars that public funding relies on, but the counterarguments offered here are interesting.

Wrinkled Shirt writes: "If you want to be able to work either as or with a systems analyst, you're going to have to speak the same language as everyone else in your team, and in the tech industry that language is increasingly becoming the UML. The Unified Modelling Language provides ways of modelling every sort of system that you can imagine, covering everything from the relationships of your different objects to the dynamics of the system in action to the way it'll look when you physically set it up." He's reviewed below the SAMS-published Teach Yourself UML in 24 Hours; read on below for his reactions to the book, both good and bad. Teach Yourself UML in 24 Hours, 2nd Edition author Joseph Schmuller pages 397 publisher SAMS rating 5.5 reviewer WrinkledShirt ISBN 0-672-32238-2 summary Useful enough as an introductory text, but likely needs companion texts for anyone who wants to design complex systems.

Introduction

The UML was adopted by the OMG (Object Management Group) as their official method of visually representing an object-oriented design, and as such is particularly well-suited to working with CORBA (Common Object Request Broker Architecture). Now, the OMG believes in their acronyms the way the Irish believe in their whiskey, and if you're hoping they'll give you introductory material on how to use the UML without broadening the context to all the other standards the OMG is responsible for, well, good luck. Addison Wesley has an entire series dedicated to the UML and different aspects of it, and O'Reilly's got the requisite Nutshell book, but there's definitely a void for good low-cost beginner texts, and it is this void that Schmuller's book attempts to fill.

Does it succeed? Well, sort of.

The Good

Teach Yourself UML in 24 Hours is a very thorough introduction to the language. The first fifteen chapters alone cover practically every structural and behavioural element, all the important relationships, static diagrams and dynamic diagrams, and even a little object-oriented design theory. As far as computer books go, it's not very expensive at its full price, and is even available at some discount stores. It is also loaded with sample diagrams throughout, and has a large seven-chapter case study going through a sample project design process, terminating with a couple of chapters on miscellaneous applications of the UML.

Understanding the subjective element of design, this book tries to help the reader gain their own personal take on the UML by providing lots of sample exercises to perform, and the sum total is a book that gives the reader a good idea of the effectiveness of the UML as a modelling language. In fact, if I were a systems analyst and I needed to give my team a crash course in the UML before getting them to implement my specs, I could do a lot worse than making them all read this book first.

Unfortunately, here's where the accolades stop. A book that teaches people how to read another person's diagrams written in the UML is one thing, but as an effective reference on how to design using the UML, the book comes up short in a few ways.

The Not-So-Good

Part of the power of the UML is that even though the OMG really needed to it to get their CORBA spec to make sense visually, you can basically use the UML to describe any old sort of system you want. Unfortunately, Schmuller takes a little too much advantage of this, and a disproportionate amount of the examples and diagrams involve physical systems instead of software systems. It's as though software design is a bit of an afterthought, which is fine, but the book could have been richer had it focused more on this aspect of UML implementation rather than, for instance, how to use the UML to model a soda machine.

Another shortcoming is that the book tantalizes us with the odd example proving that part of the power of the UML comes from the flexibility to combine elements from multiple diagrams into a single diagram, and yet these examples are used so sparingly and with no substantive explanation to the methodology involved that you're left with a feeling that even though the UML can do a lot of things, you're not quite sure how to make it do all those things for you.

It's admirable that Schmuller devoted so much time to the case study, and made sure that the scope was broad enough that all of the topics explained to that point got an appearance. However, one of the pitfalls of trying to come up with a case study that outlines a fundamentally subjective process is that some of the design decisions are going to seem arbitrary to some people who don't have a psychic connection to the author. It's not something unique to this book, but this book falls victim to it. Schmuller would have done better to have used those seven chapters to describe two different systems to give a broader idea and more than one context to the process of UML design. He also took a little too much creative license with scripting the hypothetical interview process. A reference book on the UML isn't the best place to try out your best David Mamet impression.

And then there are the really minor problems. Some of the diagrams could use a little cleaning up, and sometimes the basic diagram is represented a little differently in the summary section as it is in the chapter dedicated to it. Some of the more complex diagrams are handled first and the simpler ones later. There's no real explanation that makes sense to a newbie about the difference between an aggregation and a composite. And finally, even though one could argue that learning about the UML itself should be kept as a separate and distinct process from learning about how to program off a UML design, I think such a chapter would have been far more beneficial to a neophyte than the chapter on modelling for embedded systems, which is likely to be the domain of people who are far beyond the level of UML familiarity that this book is going to give you anyway.

Conclusion

Now, even though as individual criticisms these might seem minor, as a whole it adds up to a book that's going to need a couple of companion references for the reader to truly feel ready to start diagramming with the UML in a professional environment. However, as said before, it isn't too expensive and is pretty much alone in the world of introductory manuals to the UML, and even if you're hoping to become a full-fledged analyst you have to learn to crawl before you can learn to walk, and this book will help you do just that. Just don't expect to be running marathons by the end.

Table of Contents

( exploded version here)

Introduction.
Hour 1. Introducing the UML.
Hour 2. Understanding Object-Orientation.
Hour 3. Working with Object-Orientation.
Hour 4. Working with Relationships.
Hour 5. Understanding Aggregations, Composites, Interfaces, and Realizations.
Hour 6. Introducing Use Cases.
Hour 7. Working with Use Case Diagrams.
Hour 8. Working with State Diagrams.
Hour 9. Working with Sequence Diagrams.
Hour 10. Working with Collaboration Diagrams.
Hour 11. Working with Activity Diagrams.
Hour 12. Working with Component Diagrams.
Hour 13. Working with Deployment Diagrams.
Hour 14. Understanding the Foundations of the UML.
Hour 15. Fitting the UML into a Development Process.
Hour 16. Introducing the Case Study.
Hour 17. Performing a Domain Analysis.
Hour 18. Gathering System Requirements.
Hour 19. Developing the Use Cases.
Hour 20. Getting into Interactions and State Changes.
Hour 21. Designing Look, Feel, and Deployment.
Hour 22. Understanding Design Patterns.
Hour 23. Modeling Embedded Systems.
Hour 24. Shaping the Future of the UML.
Appendix A. Quiz Answers.
Appendix B. Modeling Tools for the UML.
Appendix C. A Summary in Pictures.
Index.

Related Links SAMS
Object Management Group
OMG's UML Resource Page
Google Search for Case Tools

You can purchase Teach Yourself UML in 24 Hours at Fatbrain. Want to see your own review here? Read the review guidelines first, then use Slashdot's webform.

Michael writes: "The O'Reilly Open Source Convention has announced their call for participation for the upcoming OS Convention. They're especially seeking presentations that invoke open source's innovative, do-more-with-less origins and address the challenges of today's economic turbulence. The convention takes place at the Sheraton San Diego Hotel and Marina, San Diego, California, July 22-26, 2002."

twms2h queries: "It is everybody's favorite task, the worst part of programming: writing the documentation. I have been charged with writing lots of documents, some smaller some larger, most of them documenting programs I wrote myself. In order to avoid the torture of fighting with Microsoft Word all the time (which crashes on me regularly) I am looking for an easy way to get printed and electronic (HTML/PDF) documents from as simple a source as possible. I have looked into several of the processing tools that are available on the net." Below is twms2h's take on a few of the documenting systems available. The preference is to keep things simple, editing ASCII files to produce high quality documentation. Are there other tools some of you know of that might prove to be better solutions?

"So far, I like aft, mostly because it is simple to use, and gives me nice result as HTML. Unfortunately HTML is not enough, since I also need a very good looking printable version.

There are alternatives like DocBook, which I could not get to work and udo (Page is German, get the translation from the fish) which I have not yet looked into very closely.

Then of course there is TeX and any number of WYSIWY-won't-G word processors. I haven't used TeX much, I only tried my luck in writing a few letters (and found out that it is not suitable for this). I went through hell when I wrote larger documents with various versions of MS Word and I am not really a fan of Star Office even though version 5.2 has not yet crashed on me (however 6.0 beta did). KWord, part of KOffice doesn't seem to be stable enough yet.

I would prefer a simple ASCII only format as the source for being converted to more complex formats anyway, especially since it could be easily put into CVS for version management (Anybody tried that with MS-Word documents? Don't!)

As all these projects show I am not the first one faced with this problem. I wonder what experiences Slashdot readers have had with these and other packages?"

Lisa writes "Tim O'Reilly has a piece called "Open Source and the Obligation to Recycle" in his weblog, where he urges every company whose products are "obsolete" to consider making them available under an open source license, or putting them in the public domain, thereby enriching the soil of our collective commons. (Interestingly, the first posting on the weblog disagrees, saying "...Giving away the software of failed companies could turn every corporate failure into a disaster for everyone else.)""

Cally writes: "An interesting article appeared on the Info-Sec News list the other day about Guardent's new security appliance. Based on Snort, Nessus and IPTables, Guardent are taking the unusal step of trying to sell a product based on Free software into the highly resistant corporate security market. Although Free/Open security software is widely acknowledged to be better than commercial alternatives, it's rarely been trusted in the enterprise - the article points out that, although the NSA use Free software, the need for an expensive government audit prevents the government from saving money and improving security."

Lisa writes: "Yukihiro "Matz" Matsumoto talks about Ruby's history, the influence of Perl and Python on Ruby, and his new book, Ruby in a Nutshell. In the article he explains: "When I started the language project, I was joking with a friend that the project must be code-named after a gemstone's name (àla Perl). So my friend came up with "ruby". It's a short name for a beautiful and highly valued stone. So I picked up that name, and it eventually became the official name of the language. Later, I found out that pearl is the birthstone for June, and ruby is the birthstone for July. I believe Ruby is an appropriate name for the next language after Perl.""

Lisa writes: "Yukihiro "Matz" Matsumoto talks about Ruby's history, the influence of Perl and Python on Ruby, and his new book, Ruby in a Nutshell. In the article he explains: "When I started the language project, I was joking with a friend that the project must be code-named after a gemstone's name (àla Perl). So my friend came up with "ruby". It's a short name for a beautiful and highly valued stone. So I picked up that name, and it eventually became the official name of the language. Later, I found out that pearl is the birthstone for June, and ruby is the birthstone for July. I believe Ruby is an appropriate name for the next language after Perl.""

Anonymous Coward writes "It seems that the folks over at O'Reilly have quietly released a book entitled, "Java Internationalization". The website for the book can be reached from the Java O'Reilly site, . The authors also have a website dedicated to the book. I'm curious as to how developers are treating software internationalization, not just in Java, but in other programming languages like C#, C++, Perl. For software designers out there today, is internationalization and localization a forethought or an afterthought? Is Java the only viable language for writing truly multi-lingual applications?"

Anonymous Coward writes "It seems that the folks over at O'Reilly have quietly released a book entitled, "Java Internationalization". The website for the book can be reached from the Java O'Reilly site, . The authors also have a website dedicated to the book. I'm curious as to how developers are treating software internationalization, not just in Java, but in other programming languages like C#, C++, Perl. For software designers out there today, is internationalization and localization a forethought or an afterthought? Is Java the only viable language for writing truly multi-lingual applications?"

Anml4ixoye asks: "I currently work for a county government as their senior webmaster. Before that, I oversaw the internet development for a large credit union. In both places I ran into the same issues. What should compose a web services team, and where does it belong within an organization? I notice that larger companies such as IBM have separate departments for their web sites (VP of Web Site Operations). So my question is, should the team that handles the organization's web site be its own entity, being solely responsible for the hardware, programming and implementation of the web site, or can those tasks be effectively split between several sections and still work? Can anyone give some insight into how it works within your organization?"

"For example, at the credit union, the position I was hired into was brand new. They wanted to bring their web site in house. Their solution was to hire a Manager of Internet Development (me) who was responsible for determining the needs of the credit union, setting up the servers, doing the development and programming, and maintaining the site. No staff, and they wanted the site up as quickly as possible. I spent most of my time reporting back and forth between the VP of marketing and the Director of IT. When they finally figured that wasn't going to work and tried to have me report to one department, they couldn't figure out which one it should be so they eliminated the position and outsourced the web site again.

I am running into the same thing at the county. I came on about a year ago to a web site in shambles. The previous 'web team' consisted of an Internet Administrator, a team leader, a webmaster, a web data specialist, and a web temp. The team leader wanted them to be their own section, but unfortunately, he did it by power-playing and burning bridges. The Director of IT came through and broke the team apart, firing the team leader and the web data specialist, releasing the temp, and splitting the remaining team between the Distributed Processing Management (DPM) and the Network Administration sections. The other webmaster left about two months after I came on, leaving me as the sole webmaster for 3 sites of around 80-100 thousand webpages. We are finally back up to staff (another webmaster and a web-data specialist). The challenge we are running into is that in order for items to get on the site, they are designed by the departments, approved through our communications department, then passed on to us to integrate into the site. If we have a server problem, we have to contact Network Administration, even if it is something like having a Data Source Name set up.

To further challenge matters, the manager we report to has 28 people who directly report to him, including us.

With the size of the sites being what they are, it wouldn't take much for the whole thing to fall apart, and I am trying desperately to prevent that from happening. I envision an Information Architecture being put into place which would allow us to work on content management, instead of building these pages by hand. But I seem to run into obstacles every where I turn."

Sarcasmo writes: "Hillary Rosen, CEO of the RIAA ^? , spoke at length (PDF of Speech) yesterday, during the 'O'Reilly Peer to Peer and Web Services conference'. " Update: 11/08 02:15 GMT by H : Yeah, I removed the Rosen text. Sorry.

andy@petdance.com asks: "Any programmer who's used an online programming resource or community has had the frustration of answering programming questions for non-programmers. This is especially true with web-centric technologies like Perl and PHP. I've always wondered where to point these newest of the new, and O'Reilly's latest Ask Tim article addresses this. Unfortunately, Tim suggests picking up an ORA book on ActionScript, which seems a bit too specific. Are there any good introductions to the concepts of programming? And is any such book necessarily tied to a language?"

andy@petdance.com asks: "Any programmer who's used an online programming resource or community has had the frustration of answering programming questions for non-programmers. This is especially true with web-centric technologies like Perl and PHP. I've always wondered where to point these newest of the new, and O'Reilly's latest Ask Tim article addresses this. Unfortunately, Tim suggests picking up an ORA book on ActionScript, which seems a bit too specific. Are there any good introductions to the concepts of programming? And is any such book necessarily tied to a language?"