Sharing structured data

XML Magazine

Subscribe to XML Magazine: eMailAlertsEmail Alerts newslettersWeekly Newsletters
Get XML Magazine: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Top Stories

API Security has finally entered our security zeitgeist. OWASP Top 10 2017 - RC1 recognized API Security as a first class citizen by adding it as number 10, or A-10 on its list of web application vulnerabilities. We believe this is just the start. The attack surface area offered by API is orders or magnitude larger than any other attack surface area. Consider the fact the APIs expose cloud services, internal databases, application and even legacy mainframes over the internet. What could go wrong? API Security has been added to OWASP Top 10 2017 - RC1. This is a commendable step taken by the web application security thought leaders and is a clear indication of where the industry is heading. Security professionals have all the tools and awareness to fence in applications, databases and legacy systems through firewalls. OWASP has served the security professionals well... (more)

Building Private and Hybrid Clouds with Ubuntu 9.04

Ubuntu Workshop at Cloud Expo April 23, 2009  - Ubuntu 9.04 (Jaunty Jackalope) has been released today bringing highly interesting new features, specially in the Cloud Computing and Virtualization area. The new Ubuntu server distribution includes two complementary cloud tools, OpenNebula and Eucalyptus, so providing the technology required to build the three types of Cloud architectures, namely private, hybrid and public clouds. Eucalyptus can be used to transform an existing infrastructure into an IaaS public cloud, being compatible with Amazon’s EC2 interface. Eucalyptus is fully functional with respect to providing cloud-like interfaces and higher-level cloud functionality for security, contextualization and image management. OpenNebula, on the other hand, is a virtual infrastructure engine that enables the dynamic and scalable deployment and re-placement of grou... (more)

XMLSPY 5 Release 4 Offers New Features to Simplify Customized XML Content and Data Editing Applications

(April 8, 2003) – XMLSPY 5 Release 4 is now available from Altova. Presently, organizations are engaging in the development of customized XML content editing and data-entry applications which help increase the reusability of corporate information assets, resulting in greater productivity and cost savings in creating business content. Altova has enhanced key features in its XML Development Environment, XMLSPY 5, which are commonly required in creating customized XML content and data editing applications. The new version of XMLSPY is available immediately for free trial download. XMLSPY 5 builds on the success of previous versions through the addition of: Enhanced WebDAV Support - Web-based Distributed Authoring and Versioning (WebDAV) is a standardized set of extensions to the HTTP (web) protocol, which allows users to collaboratively edit and manage XML files located... (more)

ILOG JViews 8 With Enhanced AJAX Support Released

(SYS-CON Media) - ILOG announced ILOG JViews 8, the latest version of ILOG's award-winning Java graphics tools suite that targets more users in the user interface collaboration chain -- from developers and graphic designers to application administrators -- and eases the creation of supervision and monitoring applications. The new release introduces new tools for creating more realistic-looking active symbols representing real-world objects, resulting in richer user displays, and a new feature that allows for easy and rapid creation of dashboards. ILOG JViews 8 also offers deeper support for Asynchronous JavaScript and XML (AJAX) for Maps, and support for direct editing of diagrams and charts from a Web browser. ILOG JViews was the first graphics suite to adopt the AJAX standard earlier this year. The new JViews 8 product suite includes JViews Diagrammer, JViews Charts... (more)

Rich Internet Applications vs AJAX: "2008 Will Be A Crucial Year"

While AJAX, as XML co-inventor Tim Bray puts it, "tries to do everything in the browser using just what the browser ships with," RIA frameworks like Adobe AIR, Microsoft Silverlight, and JavaFX aim to take developers beyond the limitations of the browser. "I'm not brave enough to predict who wins," Bray noted in a SYS-CON.com feature earlier in the year, "but I do predict that 2008 will be a crucial year; either RIAs enter the mainstream, or they start to smell like a red herring left in the sun." Bray's predictions came in the feature "Where's AJAX, SOA and Virtualization Headed in 2008?" - which also included predictions from: Joshua Allen, Microsoft; Dr Adam Kolawa, Parasoft; Eric Newcomer, IONA Technologies; Bill Roth, BEA Systems; Brad Abrams, Microsoft; Kevin Hoffman, iPhone Developer's Journal; Ian Thain, Sybase; Yakov Fain, Farata Systems. Bray is Director of ... (more)

Web Services: XML's Killer App

My hype meter has been revved up lately, and what has pegged it is Web services. Who is hyping up Web services? Hmm...Microsoft, Sun, IBM, HP, BEA, SilverStream, Ariba, BowStreet, webMethods...my aunt Judy. I'm expecting to see this e-mail soon: "Quit your job and make $100,000 a year writing Web services in this groundbreaking business opportunity." Oh...that one might be true . Okay, so what's behind all this hype? Is all this real? My take: absolutely real - or at least it will be very soon. This is my fourth "sea change" in software development. I can recognize a good thing when I see it. In the '80s, the PC computing revolution took off. Snicker, snicker, PCs will never be serious. This revolution networked individual PCs but didn't change how corporate IT was implemented. That evolved from file system-based databases (dBase anyone?) to client/server applic... (more)

Java, .NET, SOA, Web Services, Linux, XML, Open Source and AJAX Predictions for 2006

This is traditionally the time of year for SYS-CON Media's roundup of i-Technology predictions from around the Web and the year's harvest of thoughts and viewpoints. According to our worldwide network of software development activists, evangelists, and executives, 2006 promises to be a vintage year for software development... Take Microsoft, for example: A new client OS is on the way, Microsoft Vista, due late in 2006, giving rise to the obvious question: Will the new cool 3D user interface be enough to move the user to upgrade? We'll see. Maybe the new built-in security, performance features, and integrated search will be enough to convince users - after all, why go to the Web if built-in Web-enabled services and integrated information search allow the Web to come to you? Or consider the world of PDA devices. Everyone is looking for the next killer Palm or BlackB... (more)

.NET Feature — Writing Client Components in .NET

To solve problems DHTML, JavaScript and XML can't handle, you sometimes need so-called "rich" client components for your Web applications. Traditionally, this is the realm of Java (applets) or ActiveX controls. If your clients are using Internet Explorer 5.5 or higher you have another choice: write your client components in .NET and host them in Internet Explorer. This is an interesting and viable choice if the rest of your development work is also in .NET, since you can use a single technology and a single framework for all your needs, both on the client and the server. This is a good thing, since reducing the number of different technologies reduces some of the development risks and associated costs. Writing .NET components to run on the client is called IE Sourcing. It's not very well documented, and there are a lot of traps and pitfalls if your component does no... (more)

JDJ Feature — Java API for XML Web Services (JAX-WS)

WebLogic Server 10 Technology Preview supports JEE 5. A feature of JEE 5 is the Java API for XML Web Services (JAX-WS) used to create Web Services and Web Service clients. WebLogic Server 10 provides the jwsc task to create the Web Service artifacts and the clientgen task to create the artifacts for Web Service clients. In this article we'll create an example JAX-WS 2.0 Web Service in WebLogic Server 10 Technology Preview. JAX-WS is an API to create Web applications and Web Services using the XML-based Web Services functionality. To create a Web Service first create a Service Endpoint Implementation (SEI) class. The implementation class is annotated with javax.jws.WebService annotation. The implementation class must not be abstract or final, and must contain a default public constructor. A Web Service provides operations that are made available to Web Service client... (more)

EDI to XML: A Practical Approach

While EDI transactions account for most worldwide commercial activity, XML-based alternatives are beginning to gain traction. According to Forrester Research, stateful XML, stateless XML, and even flat file exchanges are all projected to grow at a faster rate than EDI over the next few years. The firm predicts stateful XML transactions will be required for a growing number of B2B process-oriented transactions and are projected to exceed the growth of EDI transactions over the next five years. This article discusses how today’s B2B support infrastructures must be designed to take advantage of both new and old technology to meet the full range of an organization’s external integration needs and support process improvement efforts across the entire value chain. This article illustrates how to use XQuery and XSLT on non-XML data – bridging the legacy gap using technolo... (more)

The Neglected Flipside of SOA Security

Joe McKendrick kicks off a thread on the current state of SOA Security. As usual, most discussion of SOA Security applies to "how SOA can be made secure". This is understandable. And, as some commentators have pointed out, there is a body of Best Practice out there on how to secure services in an SOA. For example, Randy Heffner provides lots of good advice on how to secure the services in an SOA) But, there has been relatively little debate on the flipside of SOA Security - how SOA can apply to security. Because, really, "SOA Security" is two separate things, solving two separate problems. The first, most obvious thing, is that it applies security to SOA. The problem it is solving here is "SOA is insecure". Randy Heffner's advice is good here: there are products and procedures for applying security to SOA. But, "SOA Security" also has the meaning of "applying SOA prin... (more)