BarCamp Philly rocked this weekend. Somewhere around 200 people piled into the University of the Arts with amazing amounts of energy to share ideas on tech and community. I met a lot of great people from the local area that I hadn’t met before. There were people from all kinds of backgrounds: development, design, community organization, marketing, and social media. The organizers, Roz Duffy and JP Toto, and all the volunteers deserve lots of credit for making the event a huge success.

Philly is an awesome place to be right now

This was my first BarCamp experience and I’m glad to have had it in Philly. This city is an awesome place to be right now. Sure there’s people interested in technology all over the country. But the really exciting thing about Philly is how excited people here are about sharing: sharing knowledge, sharing experiences, and sharing in projects that improve life for everyone.

By the people, for the people

The really powerful sessions were open discussions led without much direction or format. Judging by the Twitter chatter there were plenty of these great sessions to go around. I didn’t end up in many web development sessions, and I think that’s a good thing. It might be cool to do a more focused DevCamp some other time. But open conversations about the impact of technology on people’s lives were the best things about BarCamp. The sessions ranged from topics like using social media to bring about social change to whether the internet helps or hurts our personal lives.

Be Open

One thing that came up in a few different sessions was a general fear of openness. How open should we be with our ideas? What if someone steals my idea? How open should we be with our opinions? What if somebody disagrees with me?

Something Alex Hillman said in a session resounded with me. I’m paraphrasing here. You can probably imagine 5 to 10 negative side effects that might come from being open. Maybe somebody steals your idea. Or maybe somebody attacks your opinions on the internet. But the potential upside is infinite. Somebody might hear about your idea, reach out to you, and that connection might be the key to getting your idea off the ground. Put yourself out there for what you’re excited about. Make connections with people and your ideas will benefit in ways you never expected.

Do first, worry later

Another powerful thing that came up a few times is to take action whenever you can. If you’re stuck in a job where you feel things could be improved, make a tiny change. Sneak in an improvement. Don’t ask permission to do it. Find like-minded people and tackle the problem. Fly under the radar. Set goals and constantly chip away at them.

If you can’t fulfill yourself at your job, find some way to be creative outside your job and do it. Sort through your passions and find some way to express them. If you spend all your energy being frustrated you are guaranteed to be frustrated a year from now. Take on your frustrations and find ways to solve them. There’s no telling what you will have accomplished in a year.

The first BarCamp Philly was a blast. If you didn’t make it out to this one, make sure you can be at the next one. I’ve got a few more posts kicking around in my head from the day. But for now I’m excited to see everyone keep the energy flowing into all the other community powered projects going on around town.

I’m really excited that Philly will host its first BarCamp “un”conference in just a few weeks. There’s a ton of energy around the event with lots of folks from different backgrounds signed up to attend. The planners have put together a great location for the day in classroom space at the University of the Arts in Center City.

BarCamp is a totally free “un”conference format that has been done many times in cities all over the world. Groups of geeks meet up without any kind of set schedules or planned keynote speakers. Attendees huddle up in the morning around a whiteboard and come up with a day’s worth of sessions and topics. Everybody has a chance to lead a session on any topic of interest and participate in sessions lead by other attendees.

Every city brings its own unique flavor to a BarCamp and I’m sure Philly won’t disappoint. Some of the topics already suggested: Open Source software licenses, technology and the future of music, building iPhone apps, scalable web design, and serial entrepreneurship. I’m really looking forward to hearing about the creative things people are doing all over the city.

If you’re going to be anywhere near Philly on Saturday November 8th, definitely plan to come to BarCamp. There will be some fun things going on before and after the event. Watch the BarCamp Philly web site for details.

And if you are going to come make sure you register. It’s totally free, but registration is required because space is limited.

Craigslist is my goto site for second-hand gear. Concert tickets, computer hardware, gaming systems… No matter what I’m looking for I know eventually someone will put one up for sale.

Scanning through endless listings of unrelated garbage though is boring. That’s why I use Google Alerts to do the boring work for me. Google Alerts keeps an eye on Craigslist and sends me an email whenever keywords that I’m interested in are posted anywhere on the site.

If you’ve never heard of it before, Google Alerts is like Google Search on a schedule. You enter a search term much like you would in Google search. But instead of giving you immediate results, Alerts watches the web for new matches to appear. Whenever new results are posted to the web for your search term Alerts sends you an email. The email includes links to the sites that mention your term along with a snippet of surrounding text for context.

So how does this help you watch Craigslist? Well, one of the cool things about Alerts is that you can use all kinds of Google search operators. For instance, the Site: keyword limits a search to a single domain. So if I put in “Mac mini” site:http://philadelphia.craigslist.org as my alert search, new posts with the phrase “Mac mini” will be emailed to me as they pop up. But only results in the http://philadelphia.craigslist.org domain will be included.

Swap out “Mac mini” for whatever it is you’re looking for and you’ve got yourself a Philly Craigslist Alert. Check out the list of supported Google search operators to refine your own alerts. You don’t even need a Google account to setup an alert. Any email address will do. And if immediate emails aren’t your thing, there’s a daily digest mode for those low-demand things on your wish list.

One of the things I work on at Wharton is a student portal. The portal is a public web site but most features are protected by a web form log in. A common complaint from students is that they’re forced to log in to the web site after they’ve already logged into a school computer lab computer with the same exact account. Shouldn’t the portal already know who they are without another log in?

After doing some experimenting, I’ve found it’s possible to combine anonymous access, web form authentication, and Integrated Windows authentication. I’m throwing out my approach in case anyone needs to do something similar. We run ColdFusion on IIS servers to power our apps but you may be able to adapt this for other platforms.

Our web apps rely on Active Directory domain accounts to authenticate users. And our web environment runs on Windows machines. One of the nice things about Windows IIS web servers is the Integrated Windows authentication security option. Under this setup, any user logged into a machine with their domain account can access a secured web site without reentering a username and password.

One of the drawbacks to integrated auth is that users have to be logged into their computer with an Active Directory domain account to use it. And most browsers won’t support it by default. Anyone that visits a site secured with integrated auth that isn’t setup properly gets an ugly browser popup box asking for a username and password. This isn’t a very elegant option for securing a public web site. But it can be useful for users in a computer lab or a corporate office where you have some control over client computers.

So here’s the general process when a student in a computer lab visits the portal.

• If they’re coming from an ip address in a range used by our labs, the app redirects them from the homepage to a subdirectory of the site. This subdirectory has anonymous access disabled and Integrated Windows Authentication enabled in IIS. The parent site folder has anonymous access enabled.
• A script in the subdirectory detects if integrated auth has been negotiated. In ColdFusion integrated authentication has passed if the cgi.remote_user or cgi.auth_user variables are populated with a username. The value comes through as DOMAIN\username.
• If the username is there then the script logs that username into the portal app and creates a session. Then it redirects them back over to the root of the site as a fully logged in user. All the extended features of the site are accessible without a manual log in.

It sounds like a lot of steps, but the redirects are unnoticeable. The user requests the regular URL for the site and arrives at the site logged in automagically. It’s seamless.

If you’re going to try out integrated auth, you’ll need to tweak your browser a bit. Recent versions of IE require that the URL of the site be added to the Intranet Sites trusted list. Recent versions of Firefox also support this but require a few configuration tweaks. Check out How To: Firefox and Integrated Windows Authentication for more details.