Bodington Developers Meeting Leeds 1Jun06

Just returned from a well attended Bodington Developers meeting in Leeds - 13 in total. Notes can be found on the
Bodington Wiki

Brief summary of Moodle Moot 2005 and my paper about the integration of Bodington and Moodle VLEs.

As keen observers probably know (!) I attended the Moodle Moot here in Oxford the other day and presented a paper about getting Moodle and Bodington to work together.

The Moot was well attended about 100 people; 75% teachers (school and university) 20% techies and 5% management. It's amazing to see what an open source community looks like in the flesh. Lots of enthusiasm, fundraising and the like.

The first talk was a 'videolink' from Martin Moodleman in Austrailia. He spoke about the up and coming additions to Moodle, He basically read through the document located at http://moodle.org/doc/?file=future.html.

The highlights are Blogs and web services and DB module in 1.6. IMS LD (A), SCORM 2004 and integration with Harvest Road Hive and Merlot repositories in 1.7. Full IMS LD, in 2.0.

The morning's talks were mainly by teachers: "we did this with Moodle and everybody thought it was great", but there was an interesting session about using Hot Potatoes and JCloze and JQuiz for doing 'assessments' (or quizzes)

My talk on the second day went down well - the PPT presentation and paper will be on the moot site and the paper will also be on the newly redesigned and up-coming Bodington.org site.

There were 3 main thrusts of my talk and paper

1. Oxford staff like Moodle and are setting up systems in their departments, this means that content is being 'locked away' in systems not accessible to most staff and students, therefore, why not use Bodington (and eventually ASK) as a centrally accessible store.
   
2. To get the above to work we need a single sign on for Bodington and Moodle. We 'WebAuthed' Moodle; this involved writing a new 'auth' method. This type of authentication has probably been superseded already by Shibboleth. Moodle 1.5 is a SP, Bodington 2.4 an IdP.
   
3. We can make Moodle better by making Bodington tools available. We wrote a new 'module' called BodingtonLogbook. The logbook appears as an option on the Moodle 'activities' menu, when selected you get a page which looks very like the Bodington 'create a logbook page'. Moodle gathers data and sends to Bodington which then creates a new logbook and displays a screen with Moodle navigation and an embedded Bodington logbook. This was slightly troublesome due to Bodington's security mechanisms. (We didn’t modify Bodington at all.) In the end the value of the BODINGTON_ORG_SESSIONID cookie has to be pasted into Moodle in order to get the creation to work. This indicates that if we were going to do this exercise 'properly' then we'd need to develop a REST web service interface to Bodington with Authentication and authorization handled by Shibboleth (Guan Xi).
   

People were genuinely interested in tools integration and especially Shibboleth, but (I think) not that interested in using Bodington! Ho hum! Mind you I think Bodington made a few friends and was mentioned by other presenters a couple of times as being the OS alternative to Moodle.

The final session of the moot was a slot where punter could ask for new features. The main points were

• edit lock or CVS-like facilities on wiki pages to prevent clashes
  
• easy duplication (copying) of a resource
  
• import of data in iCAL format (which is underway)
  

I must admit that I really enjoyed the event but was jealous that Bodington doesn't yet have such an active community.

Guan Xi Shibboleth IdP, SP and WAYF

A reproduction of a note I received from Mr Guan Xi Alistair Young. I know this is supposed to be my blog, but he puts it so much better than I ever could.

The Guanxi IdP is written in Java, as is the Shibboleth one. The only C++ implementation is the Shibboleth SP.

The Guanx IdP makes life a little easier for a user to deploy in that it creates it's own self-signed certificate and puts it in it's own keystore. It also creates a Shibboleth compatible X509 for you to drop into your SP. The Gx IdP also doesn't use DOM3 as there's no requirement to sign SAML Attribute Assertions in the Shibboleth profile (which isn't really a standard, it's just an unofficial SAML Profile). The UNICODE problem is a DOM3 issue, rather than a Shibboleth one. It came up when testing the original Shibboleth IdP in Bodington. You need DOM3 to sign Shibboleth assertions due to the non-standard ID attribute involved but as I said, it's not required.The Gx IdP It can be run in two modes - standalone or embedded. It runs embedded in the Bodington VLE and takes advantage of the bod environment to turn it into an IdP with no modification to Bodington.The Guanxi SP, which is due soon, is a Java SP that differs from the Shibboleth one in that the Gx SP is distributed. It's based on web services and uses WS-CallBack to allow the core SAML Engine to be deployed/clustered anywhere on the net, with an army of Guards deployed to protect resources. It uses SAML2 metadata to form trust relationships between the Engine(s) and Guard(s). This lets you deploy a Guanxi Engine farm that takes care of the heavy duty SAML/ Shibboleth traffic, while the Guards just initiate the process and are notified when the attributes are ready.Lastly, Guanxi also includes SAMUEL - a lightweight SAML1.1 Java toolkit. The Gx IdP and SP both use this. SAMUEL differs from openSAML in that SAMUEL has no Shibboleth functionality. It's a pure SAML1.1 toolkit.

Alistair

m-ICTE 2005 (Multimedia and ICTs in Education) Caceres, Extremadura, Spain

I'd rather misjudged the level of this conference when originally writing my presentation. The conference was quite interesting but was (shall we say) one (or maybe two) level(s) down from my usual fare.

There were an awful lot of presentations (I'm guessing at 100+) split into several themes. There were a lot of presentations along the lines of: "I teach a course in X, we wrote this software package to help students with aspect Y of the course. Here is the software. We did an evaluation of the software and most of the students said they liked it becuase it was different to the norm." This sort of thing would have been interesting had I been a lecturer looking for novel ideas to deliver courseware. As a developer, it was interesting to see what people are doing, but the talks were not in general relevant to my work.

One talk did pop into my conciousness; it was by Ron Gonzales from Brigham Young University. Unfortunately Ron was so efficient in his submission of his paper that it fell of the front of the conference proceedings! He was looking at IT skills and pointed me towards www.sigite.org - ACM Special Interest Group for Information Technology Education which (if you look under 'curriculum') breaks IT skills down into a heirarchy akin to what we have done with the skills framework instance. I was interested to see if SIG ITE had used IMS RDCEO to represent these skills formally but it became apparent that they'd never considered this. (I dont think they even knew that such standards exist.)

My talk about the LUSID skills framework went down very well indeed; I guess as it was slightly more thought-provoking that the mean. I had a small huddle at the end and got a few contacts.The fact that the conference was (ahem) slightly dull meant that I could have a good rummage around the historic area of Caceres - very nice, very non-touristy. The even hold a

WOMAD once a year. Four and a half hours on the train from Madrid at a cort of about £12. The same journey would probably be £100 in the UK.

As well as the above I was of course (as ever) on a publicity for the Bodington VLE. I managed to distribute 50 Bodix (Bodington on Knoppix) CDs; I'm not sure whether we've had any feedback.Oh well back to the dubious English weather! [Actually, it's quite nice today.Oh yes, and to date we've beaten the Aussies at cricket twice in two games. Now if that's not tempting fate I don't know what is!

And oh yes once more. Liverpool FC have gained entry to the Champions League again!

Paper for m-ICTE2005 Formatex Conference Cáceres, Extremadura, (Spain)

I have just completed a paper for m-ICTE2005 Formatex Conference Cáceres, Extremadura, Spain. June 7-10th 2005.

This paper gives an overview of the work undertaken by the JISC SPWS project in designing a meta-framework for the representation of (HE) skills.
Actually, I'm a bit of a fraud for claiming any sort of credit for this paper as it is a very small enhancement to the 'executive summary' document so expertly written by (SPWS project collaborator) Simon Grant! Still - at least I get an all expenses paid trip to Spain out of it - and that sort of thing is of course the whole point of writing papers in the first place. Anyway, I digress. The original executive summary is available on the SPWS project website (in the RHS panel).Without going into it too deeply, the SPWS meta framework uses IMS RDCEO to express 'shared skill concepts' (referred to by me as 'skill topics'). These topics can then be gathered together into something that could be termed a 'skill area'. Likewise skill areas can be grouped into things which we would recognise as 'skill sets'. So we use RDCEO (and VDEX) to form a heirarchical, er, heirarchy of topics and group these into bunches! This approach has been piloted by the LUSID PDP system and has proved quite a sucessful 'blunt instrument'. Oooh yes, and the skill topics may themselves comprise other finer-grained skill topics and so on.The whole purpose for doing this (other then the aforementioned jaunt to Spain) was to aid the implemention of a skills profiling web service interface to LUSID. This we achieved - the results are on the SPWS website - and we also managed to enhance the utterly brilliant Bodington VLE to consume this (RESTian) service. (Me biased?) The Bodington code is available on the Bodington Source Forge site and will be embraced into Bodington v2.8 due ourt later on this year.So I'm off to a place that translates as 'Extremely Hard' (Extremadura). I think that is a reference to the general climate and lack of rain rather than a statement that all residents would be able to win in a fist fight against skinheed out of Viz or Alien or Preditor or whatever. I digress (again).

Shibboleth Capabilities of Bodington (Guan Xi)

JA SIG UK are the umbrella body in the UK for people who are using uPortal, SAKAI and OSPI. We feel that Bodington 2.4.3 in conjuction with Guan Xi can help these people as it can be used 'out of the box' as a 'system formerly known as a Shibboleth orgin' - we should now refer to it as a Shibboleth service provider.

We're hoping to attract attention to Bodington from all UK (and indeed worldwide) Shibboleth developers and users.

I've been faffing around with a 'press release' type article that will be handed out and now seem to have volunteered myself to design a t-shirt. As if I didn't have enoungh to do already! Still I suppose it make a change from the drudgery of working on LUSID (http://sourceforge.net/projects/lusid/). [I should actually say 'not quite getting around to working on LUSID'!]

Here's the article:

Improved Shibboleth Identity Provider Capabilities in the Bodington VLE

The Joint Information Systems Committee (JISC) has recently endorsed Shibboleth as the next generation authentication and authorisation system controlling access to e-learning systems . The intention is that it will replace the current Athens authentication system for accessing on-line resources. Work to provide a gateway which will allow institutions who use Shibboleth compatible systems to access Athens protected resources has already begun .
Bodington is an ideal testbed for developers wishing to have their first play with Shibboleth especially as it is very simple to install.

Guan Xi is a standalone Shibboleth compatible Identity Provider (IdP, formerly known as 'Shibboleth Origin'). The first version is available as a stand alone webapp from: http://sourceforge.net/projects/guanxi The Guan Xi team is also working on the Service Provider (SP) (formerly known as 'Shibboleth Target') which should be completed later on this year.

Getting Started

To get started with the Shibboleth profile, developers should download the 2.4 release of the Bodington VLE. This contains a pre-configured Guan Xi IdP that gets you up and running and a member of a Shibboleth Federation with zero configuration. We'd recommend developers go this way at first.

Although the 2.4 release of Bodington contains a zero configuration IdP, to support multiple federations, the Guan Xi team envisage some simple configuration in the next release but the bulk of the work will still be done by Guan Xi itself. An explanation of what Guan Xi is, (specifically describing the Bodington version), what it does and what you can expect to get from it is available at: http://www.weblogs.uhi.ac.uk/sm00ay/?p=71

There is a requirement to sign SAML assertions but this is not a problem as the Guan Xi IdP that comes with Bodington provides a default certificate store with pre-configured XML fragments for use in a Service Provider's FederationProvider configuration. It also contains XML for the IQ-trust.xml entries used by the Guan Xi IdP. The default keystore and self-signed certificates are generated using random data and passwords to ensure each Guan Xi enabled Bodington is unique in a federation.

The default configuration is not intended for a production environment, rather it's there to allow developers to quickly install Bodington, join a federation, such as SDSS (http://sdss.ac.uk) and "kick the tyres".

For a production IdP we recommend creating your own keystore and purchasing commercially available secure certificates. By that time, you should have an idea of what's involved in running an IdP service.

Why Bodington?

The Bodington VLE has a very fine-grained user permissions environment and combined with the Guan Xi IdP you can use this to your advantage when arranging access to SP resources in a federation.

As Bodington has its own user store, a user can log in to their IdP and manage attribute release policies. Logging in also provides you with true SSO between multiple federations and service providers. As long as your Bodington session is valid, the Guan Xi IdP will honour this and not require you to login each time you access a different service provider.

Guan Xi will soon support self registration when combined with Bodington, so you can allow users who do not have local accounts to register with your Bodington IdP and gain access to resources at the lowest level of access. Once created, you can upgrade the self registered accounts to give a greater degree of access to those users.

If you fancy giving it a go, the Guan Xi community can provide some Shibboleth compatible resources for you to access and we can help with fine tuning attribute access to let you see what's involved in deploying and managing a Shibboleth compatible IdP.