My girlfriend gave me the classic book Don’t Make Me Think by Steve Krug after her trip from Singapore. I’ve been having a hard time finding one here in Manila for the longest time. I love my girlfriend 
Twas short and sweet. Was able to consume it in a few hours. Concise but very meaningful. Nice seeing that there are a couple of things that I designed (or eventually designed) for the site that made sense to a usability expert.
- Less words. Less noise. Be concise. Design like doing a billboard.
- Stick to conventions as much as you can
- Make clickable stuff obvious
I guess a lot things fell into place after I decided to go minimalist. Minimalist noisyheads is my oxymoron for the day.
Except, I guess I need to improve a lot on navigation. My initial plan is to use a flat hierarchy. I guess that’s just being lazy. What should be done is a good way to group related pages and at the same time show where the user is at with respect to the hierarchy. Never ever make the user feel she/he is lost in your site and have no way back. Breadcrumbs as Mr. KrugĀ recommends should be more of a complimenting feature. Nothing beats a strategically functioning web menu. Funny how most of his samples come from Amazon.com. What a fan boy. Tee dee!
The project has been moving extremely slowly. My excuse of course is time. Can’t quite get some to work on it. Then I realized that the biggest culprit really is my focus. I have an ever changing product design. Over the past few times I was able to work on noisyheads, it was more of refactoring and redesigning functionalities. Not really adding features. It’s a fucking loop. Until it dawned on me that there is something fundamentally wrong. I have to write things down! Regardless whether they change every minute. Write the feature set. Write the road map. Just fucking write everything down. I thought a one-person endeavor doesn’t need shit. But it does (surprise!). It would give focus. Offload all that stuff in your head and focus at the current task. And it would give a sense of proximity in relation to where you started and where you are headed.
Advise to self: Write things down!
Just want to reminisce when I was still singing in a band.
Singing a song I wrote with my band 10,000 Pogi Points some years back. Not quite my best singing performance though. 
Hmm.. Should I start forming another one?
I hated the web 2.0 look aka “I’m an Apple product wannabe.” Glossy, gradients, metal, not to mention the ever so ubiquitous mirror shine floor. Can you even tell these sites apart already? I’ve always told myself that when I do create another site, it would fucking scare the lights out (pun intended) of another glossy site. Don’t get me wrong. I admire Apple’s designs. They are iconic. But if I’m Apple, I’d go hunt down all these poor prigs. Making their product look cheap now. I guess comes with the territory.
Rather than go with trends, let your personality bleed through. From the logo I envisioned, you could already grasp the look I (originally) intended. I mean come on, with a name like noisyheads.
Dirty? Disorganized? Puke drunk artist look?! … Grungy! Yeah that’s the word. Had it all made. Until everyone decided to destroy the Web 2.0 look. And how? Grungify everything! I’m the worlds biggest idiot if I think I’m original on this one. I guess it was meant to happen. Web 2.0 is officially out, grunge is in. Though I’m happy the new look has finally dethroned the shiny king. But the fact remains, it’s now a trend.
Yes, a trend. Saw the new James Bond flick ad and it was using, yes, the grungy look. Joss Stone videos, grungy. Fuck, even the local channel promos are grungy. Last.fm went through all the trouble redesigning their site to do what? Ride the trend.
If you want things to last, never ride a trend. As much as I love it, I fired up bluefish and gimp, and started demolishing my site. Maybe tried and tested should be the way to go. MINIMALIST! Or, mix shine and dirt..?
I’ve already pictured a logo in my head when the name noisyheads came up. I imagined dirty old typewriter type font with a headphone image somewhere within the words. So, went surfing for free public domain fonts. For the headphones, I thought I’d do it using vectors to accommodate various sizes. I figured that Inkscape would be perfect. Except of course, I have no previous experience using it. So went to the site. And what do you know, saw there are various public domain images available there by Inkscape users. So Mr. Cheapskate now have all the ingredients. With a little effort, came up with this:
Now that I’ve got OpenID working on noisyheads via the Acegi Security Plugin, time to create a user registration mechanism. Of course this is not your ordinary capture of user name, password, email address, your favorite Chuck Norris movie, stalked celeb address sort of thing. You have to authenticate the url submitted (done!), and get the response coming from the OpenID server that authenticates it. This response is then what you store as identifier for the user who would like to make use of your site. Of course, what’s sweet about this is that you have none of the password hashing and salting (you do hash passwords do you?), email confirmation kung fu. You can always, of course save an authentication response if it’s not yet registered in the db. But you would need some more details from that user rather than displaying “Welcome http://rockstaruser.openidproviderthatrocks.com.” Although OpenID do have some attribute exchange going on. I’d rather show my users a simple form for the first time just to be sure.
Basic scaffolds from the plugin didn’t really offer much (anything) for OpenID registration, so need to go dirty on this one. First, I need to ensure that a session is established as long as a valid OpenID authentication is made. So I need to change my UserDetailsService implementation again. It has to always return a valid user whenever a successful authentication is made. I overridden loadDomainUser method as so:
protected def loadDomainUser(username, session) throws UsernameNotFoundException, DataAccessException
{
def query = session.createQuery(
"from $loginUserDomainClass where
$usernameFieldName=:username")
query.setProperties([username: username])
def users = query.list()
if (users.empty)
{
String queryString = "from $loginUserDomainClass where
$usernameFieldName='$DEFAULT_IDENTIFIER'"
query = session.createQuery(
queryString)
users = query.list()
}
if (!users[0])
{
logger.error("Cannot authenticate user.")
throw new UsernameNotFoundException("User not found.", username)
}
return users[0]
}
Where a DEFAULT_IDENTIFIER (to be declared later) is returned when identifier is not yet in the db. So let’s say I declared this to be “ROLE_NOT_QUITE_THERE.” I added this default role then to my boot strap utility. Gave it a shot. Then what do you know, any one with an OpenID account can now login with a role of “ROLE_NOT_QUITE_THERE.”
Now that I’ve got that out of the way, time for capture of additional details. Let’s say all i need is a display name. So in my spaghetti controller flow (I fucked it up bad), a user with a role defined above would always get redirected to the registration form. After which, if the value validates, the identifier now gets saved, assigned a new role (typically “ROLE_USER”), and the session updated to accommodated that. To do the session massaging, I needed to talk to SecurityContextHolder. Created a new Authentication (implemented by OpenIDAuthenticationToken), and shoved it in there. Here’s my whacked attempt:
private void updateSpringSecuritySession(accountIdentifier, role)
{
def currentAuthentication = SCH.context.authentication
def status = currentAuthentication.status
def identityUrl = currentAuthentication.identityUrl
def grantedAuthorities = new GrantedAuthorityImpl(role.authority) as GrantedAuthority[]
Authentication newAuthentication = new OpenIDAuthenticationToken(grantedAuthorities, status, identityUrl)
newAuthentication.details = accountIdentifier
SCH.context.authentication = newAuthentication
}
A little adjustment to my request mapping, and voila. Things seems an ounce more hopeful.
Been doing the rounds in the Groovy and Grails discussion groups while doing this project. I realized might as well create a users group for Filipinos as well. Here’s where it’s at:
http://groups.google.com/group/philippine-groovy-users
Paging my fellow Pinoys! Join in
As I’ve previously mentioned, I’m standardizing on OpenID as sole entry point to noisyheads. Using the Acegi Plugin, here’s the story so far..
The OpenID tutorial didn’t offer much (and I guess that’s all to it anyway). Generated my equivalent of User and Role authentication classes. From the tutorial, there was mention of removing the password though didn’t really mention how. Nonetheless, I removed everything in the generated User and ended up with this:
class User
{
static final String DEFAULT_ID = 'DEFAULT_ID'
static hasMany = [authorities: Role]
static belongsTo = Role
String identifier = DEFAULT_ID
boolean enabled = true
static constraints = {
identifier(blank: false, unique: true)
enabled()
}
}
Where ‘identifier’ is the userName counterpart. Also added a Null Object, which came in handy later on (on the next post perhaps ). Edited SecurityConfig.groovy and removed the ‘password’ property. Gave it a shot and obviously failed.
Pfft! Password property is nowhere to be found, me app says. Investigated, and saw that GrailsDaoImpl.groovy, which is the plugin’s implementation of the UserDetailsService so happens to expect a domain class with a password property. Pfft! Specifically located at method: loadUserByUsername(final String username, final boolean loadRoles) where it calls createUserDetails(). Easy enough, I have to create my own version then, which overcomes this issue. Though I would normally compose, I just extended this class just because I’m lazy (hey, prototyping mode) :-p Simply removed the invocation to ‘password’ property and instead passed a blank String. Placed this in src/groovy then edited Spring beans configuration to inject this instead (love the Groovy config version!). The bean id btw is ‘userDetailsService.’ And tried logging in with my Blogger account, and what do you know. It worked!
But then, I realized user registration would be a pain in the ass now…
Started working on the noisyheads Grails app. Nifty JetGroovy. Got the create-app, create-domain, create-everything all worked out. Domain class here, controller there, a little service here. Then installed Acegi (Spring) Security plugin. App’s looking more and more like it has a chance. Then attempted to commit to my DevJavu account. Followed the tutorail for checking in a Grails app in subversion. (Except I was stupid enough to assume that the ignore plugins/core part is deprecated since I don’t see any). Being the nitpicking prig that I am, I have the habit of never committing any IDE descriptor files.
Problem became apparent when I tried loading my shitty codes freshly checked out from my vcs. Open IntelliJ. File > New Project > Create Java Project From Existing Source. Selected the project. And what do you know? It detected Acegi as my app. Ok. Stupid me. Now the smarty pants tactic I pulled off was idiotic. I deleted the plugins directory now (I added svn ignore to it from then on), only then was I able to see some trace of the IDE detecting my app properly. Then invoked the plugin installation again. Tried to search around the forums about this scene. Too bad I only see a thread with me as the last commenter (yes I’m mykol).
So I though I got it all sorted out. Until I committed lots of files under groovy and java directories. I tried to do the same trick again. But I’m totally having a different structure in my IDE. It’s seems it wants to make a separate module out of my src files. Fuck.
So, after a few IntelliJ ninjatsu (I basically re-did everything), I decided to commit all my IntelliJ descriptor files. Yuck.
If only Grails has something like Maven plugins for IDEs (or vice versa). I suggested something in the list. Just got buried. Oh well. Maybe I could scratch this itch some other time. I have an app to work on.
From the get go, I’ve always planned on using OpenID for this site. Now, to go a step further, I am now implementing the sign on and registration process solely via OpenID. Why? Because (A), I’m no Yahoo!, AOL, or Google for me to command another brain cell occupation for username and password credentials. (B), the Acegi (Spring) Security Plugin comes with OpenID support out of the box. And (C), it’s different . Jeff Atwood couldn’t have detailed it any better. As well as how Simon Willison did. So I’ll spare myself and my 3 readers the long (annoying, senseless) text.
I really don’t know if having OpenID as the sole key to this site’s doors would turn away possible users. At the moment, 99% of those supporting OpenID has this dual registration system. I don’t want the extra clutter. I’m choosing one scheme. If OpenID won’t catch fire, let this site attempt a spark.
