Monday, July 28, 2008

Sametime bot for text translations

As I wrote in my previous blog post "LotusScript to translate text between languages", I have created a function in Sametime bot to translate text between languages using Google Translate. Now this bot functionality is available for everyone to test through STWidget-Sametime AJAX web client.

Link to live demo: Sametime translation bot

Quick instructions:
1) type 1 (to choose "Translate between languages" option) and then press Enter or click "Say" button.
2) type 1 (to choose English language) and then press Enter.
3) then type 2 (to choose German language) and Enter.
4) then type text you want to get translated, e.g. "I love programming" and Enter.

To fetch the translation result, Bot makes a web call to Google Translate service, using MSXML2 object in a slightly modified LotusScript code as in the old post. Here is an animated picture of the translation process:

Sametime translation bot animation

Click picture to see animation

Some other funny functions available through the same bot are "joke", "wisdom", "morse" and "random bible quote". The main difference between these small functions and Translation function is that Translation works in multi-step mode, prompting user with available choices, thus eliminating the need for user to remember the syntax of the commands. Another multi-step function is "Company info" where user can get virtually any corporate info through Sametime bot.

All of the example functions above are handled by the same bot instance, so users do not need to add a separate bot to their buddy list for each new function added by developer/admin to bot.

In one of my next posts I will show a screencapture video how to develop a "whois username" function using @Formula language and how to create multi-step "Translation" function.


Wednesday, July 23, 2008

Automated login to Domino by HTTP POST request

In a comment to Joachim Dagerot's blog post "Login in with just url-arguments" I mentioned that it's possible to login without exposing login credentials in the URL. It is done by making a POST request to Domino web server, instead of GET request. User still can see login credentials if he views page's HTML source, but they are at least not shown directly in the URL. Showing login details in URL makes it possible for bypassers to see your password, it's saved in the browser's URL history and it's also logged in the Domino log database, which is not so good as anyone with access to the log database can see them. Such URL might even get indexed by Google and show up in the search results.

To additionally secure automated login, an extra redirect can be used, so the page itself does not contain the password. Or even better and without any password exposure is a page/form which calls an agent which makes login in background and then passes the session cookie back to the initial page. But that's a topic for another blog post. Here i will show the simplest solution.

<form action="/names.nsf?Login" method="POST" name="LogonForm">
<input type="hidden" name="Username" value="myname">
<input type="hidden" name="Password" value="mypassword">
<input type="hidden" name="RedirectTo" value="/anotherdb.nsf/view?OpenView">


When user opens this page, the first form gets automatically submitted to "/names.nsf?Login". User gets logged in to Domino with username and password specified in the form's fields and then redirected to another database according to the value in RedirectTo field.