Follow Us

We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

AJAX alliance to secure mash-ups

Developers spoke about hubs.

Article comments

The OpenAjax Alliance has put forth an aggressive roadmap for securing and interoperating AJAX tools and mash-ups.

Speaking at the AJAXWorld conference in California, Jon Ferraiolo, OpenAjax operations manager and an IBM web architect, detailed the upcoming release of the OpenAjax Hub 1.0 and the follow-up 1.1 release. Ferraiolo also discussed the OpenAjax Registry and IDE accommodations for AJAX.

With the hub, the alliance aims to iron out interoperability issues between AJAX tool-kits.

"Sometimes, they actually prevent each other from working. They step on each other," Ferraiolo said.

Developers can use the hub to integrate multiple tool-kits within the same web page while tool-kit developers can use it to allow tool-kits to talk to other tool-kits. While the 1.0 hub is useful in mash-up scenarios where all components come from a trusted source, version 1.1 adds a security layer for untrusted components to protect from any components that might be malicious.

The 1.0 version of the hub, to include AJAX library registration and a publish-and-subscribe engine, is due by the end of this year. Version 1.1 is planned for approval next year, although a full implementation is slated to be ready by the end of 2007.

"One of the key features [in version 1.1] is secure mash-ups," said Ferraiolo. "It's very much a security-focused enhancement providing a secure mash-up framework," he said.

IBM-contributed technology called SMash, for Secure Mashups, is being included in version 1.1. It provides for secure handling of third-party mash-up components.

Also in the security arena, the alliance has formed an AJAX Security Task Force

Version 1.1 also is slated to include publishing and subscribing across frames as well as publish-and-subscribe between clients and servers. Also featured is support for the Comet programming technique to push data from the server to client. Server push is desirable particularly in mash-ups and portals, according to the alliance.

The hub was called "absolutely essential" by attendee and author Dave Mosby. "It provides mechanisms for us to bridge between different components so that they can begin to talk to each other," Mosby said.

In other developments at the alliance, the planned OpenAjax Registry will provide an AJAX tool-kit and JavaScript global object registration authority to prevent JavaScript object collision within complex AJAX applications. The registry is to be managed by the OpenAjax Interoperability Working Group. Population of the registry begins this fall.

OpenAjax is holding an event this week called OpenAjax InteropFest, in which companies like Microsoft are testing their AJAX tool-kits for conformance with OpenAjax. Microsoft, with its Microsoft AJAX Library, has passed the conformance test, according to Microsoft.

The alliance also has launched a task force for mobile AJAX with a white paper planned on how to be successful with the concept. Also, the alliance will explore APIs for access to mobile device services. Device APIs would be exposed to JavaScript on these devices. A mobile AJAX workshop is planned for this Friday.

"Mobile devices are getting AJAX," said Ferraiolo.

An AJAX management task force, meanwhile, is being launched to make sure AJAX applications perform on a consistent basis. Another task force to be formed will focus on searchability to optimise the ability for search engines to find AJAX applications.

Another OpenAjax effort is its IDE working group, which will attempt to accommodate multiple AJAX tool-kits and IDEs. The alliance is trying to develop a standard XML file that describes JavaScript functions and other APIs, widgets and their properties. This project is intended to assist developers with user interface components such as widget pallets. Code compilation and type-checking on JavaScript functions also would be part of the effort.

Proposals from Microsoft, Adobe Systems, and Aptana have been submitted for consideration by the IDE working group.

OpenAjax Alliance features members like IBM and Microsoft.



Share:

More from Techworld

More relevant IT news

Comments



Send to a friend

Email this article to a friend or colleague:

PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.

Techworld White Papers

Choose – and Choose Wisely – the Right MSP for Your SMB

End users need a technology partner that provides transparency, enables productivity, delivers...

Download Whitepaper

10 Effective Habits of Indispensable IT Departments

It’s no secret that responsibilities are growing while budgets continue to shrink. Download this...

Download Whitepaper

Gartner Magic Quadrant for Enterprise Information Archiving

Enterprise information archiving is contributing to organisational needs for e-discovery and...

Download Whitepaper

Advancing the state of virtualised backups

Dell Software’s vRanger is a veteran of the virtualisation specific backup market. It was the...

Download Whitepaper

Techworld UK - Technology - Business

Innovation, productivity, agility and profit

Watch this on demand webinar which explores IT innovation, managed print services and business agility.

Techworld Mobile Site

Access Techworld's content on the move

Get the latest news, product reviews and downloads on your mobile device with Techworld's mobile site.

Find out more...

From Wow to How : Making mobile and cloud work for you

On demand Biztech Briefing - Learn how to effectively deliver mobile work styles and cloud services together.

Watch now...

Site Map

* *