svn commit: r1756305 - in /ofbiz/trunk: README.md build.gradle framework/start/src/main/java/org/apache/ofbiz/base/start/StartupCommandUtil.java

Sun, 14 Aug 2016 00:25:43 -0700 

Author: taher
Date: Sun Aug 14 07:24:42 2016
New Revision: 1756305

URL: http://svn.apache.org/viewvc?rev=1756305&view=rev
Log:
remove the tasks ofbizSecure and ofbizBackgroundSecure from gradle - OFBIZ-7951

Removes the ofbizSecure and ofbizBackgroundSecure and makes all OFBiz server 
tasks
secure by default. Also, update the documentation of README.md and the 
StartupCommandUtil
to remove these entries from the documentation.

This has reference to a thread discussion here -> 
http://markmail.org/message/zbbun7zrzdrtxavv

Modified:
    ofbiz/trunk/README.md
    ofbiz/trunk/build.gradle
    
ofbiz/trunk/framework/start/src/main/java/org/apache/ofbiz/base/start/StartupCommandUtil.java

Modified: ofbiz/trunk/README.md
URL: 
http://svn.apache.org/viewvc/ofbiz/trunk/README.md?rev=1756305&r1=1756304&r2=1756305&view=diff
==============================================================================
--- ofbiz/trunk/README.md (original)
+++ ofbiz/trunk/README.md Sun Aug 14 07:24:42 2016
@@ -95,10 +95,7 @@ There are two types of tasks designed fo
   tasks start with one of the following words:
   - __ofbiz__ : standard server commands
   - __ofbizDebug__ : server commands running in remote debug mode
-  - __ofbizSecure__ : server commands running in secure mode using notsoserial 
API
   - __ofbizBackground__ ; server commands running in a background forked 
process
-  - __ofbizBackgroundSecure__ : server commands running in a background forked
-    process in secure mode using the notsoserial API
 
 Tips: 
 
@@ -120,8 +117,6 @@ Tips:
 
 `gradlew "ofbiz --help"`
 
-`gradlew "ofbizSecure --start --portoffset 10000"`
-
 `gradlew "ofbizDebug --test"`
 
 `gradlew "ofbizBackground --start --portoffset 10000"`
@@ -216,17 +211,6 @@ OR
 
 `gradlew ofbizDebug`
 
-#### Start OFBiz in secure mode
-
-Starts OFBiz in secure mode using the notsoserial API to prevent
-Java serialization security issues
-
-`gradlew "ofbizSecure --start"`
-
-OR
-
-`gradlew ofbizSecure`
-
 #### Start OFBiz on a different port
 
 Start OFBiz of the network port offsetted by the range
@@ -249,17 +233,6 @@ You can also offset the port, for exampl
 
 `gradlew "ofbizBackground --start --portoffset 10000"`
 
-#### Start OFBiz in the background in secure mode
-
-Start OFBiz in secure mode in the background by forking it to a new
-process and redirecting the output to __runtime/logs/console.log__
-
-`gradlew "ofbizBackgroundSecure --start"`
-
-OR
-
-`gradlew ofbizBackgroundSecure`
-
 * * * * * * * * * * * *
 
 ### Data loading tasks

Modified: ofbiz/trunk/build.gradle
URL: 
http://svn.apache.org/viewvc/ofbiz/trunk/build.gradle?rev=1756305&r1=1756304&r2=1756305&view=diff
==============================================================================
--- ofbiz/trunk/build.gradle (original)
+++ ofbiz/trunk/build.gradle Sun Aug 14 07:24:42 2016
@@ -28,7 +28,11 @@ apply plugin: 'eclipse'
 apply from: 'common.gradle'
 
 // java settings
-def jvmArguments = ['-Xms128M', '-Xmx1024M']
+def jvmArguments = ['-Xms128M', '-Xmx1024M',
+    
"-javaagent:${rootDir}/tools/security/notsoserial/notsoserial-1.0-SNAPSHOT.jar",
+    "-Dnotsoserial.whitelist=${rootDir}/tools/security/notsoserial/empty.txt",
+    
"-Dnotsoserial.dryrun=${rootDir}/tools/security/notsoserial/is-deserialized.txt",
+    
"-Dnotsoserial.trace=${rootDir}/tools/security/notsoserial/deserialize-trace.txt"]
 ext.ofbizMainClass = 'org.apache.ofbiz.base.start.Start'
 javadoc.failOnError = false
 sourceCompatibility = '1.8'
@@ -725,30 +729,12 @@ tasks.addRule('Pattern: ofbizDebug <Comm
     }
 }
 
-tasks.addRule('Pattern: ofbizSecure <Commands>: Execute OFBiz startup commands 
pre-loading the notsoserial Java agent') { String taskName ->
-    if(taskName ==~ /^ofbizSecure\s.*/ || taskName == 'ofbizSecure') {
-        def arguments = (taskName - 'ofbizSecure').toLowerCase().tokenize(' ')
-        jvmArguments.add('-server')
-        
jvmArguments.add("-javaagent:${rootDir}/tools/security/notsoserial/notsoserial-1.0-SNAPSHOT.jar")
-        
jvmArguments.add("-Dnotsoserial.whitelist=${rootDir}/tools/security/notsoserial/empty.txt")
-        
jvmArguments.add("-Dnotsoserial.dryrun=${rootDir}/tools/security/notsoserial/is-deserialized.txt")
-        
jvmArguments.add("-Dnotsoserial.trace=${rootDir}/tools/security/notsoserial/deserialize-trace.txt")
-        createOfbizCommandTask(taskName, arguments, jvmArguments, false)
-    }
-}
-
 tasks.addRule('Pattern: ofbizBackground <Commands>: Execute OFBiz startup 
commands in background and output to console.log') { String taskName ->
     if(taskName ==~ /^ofbizBackground\s.*/ || taskName == 'ofbizBackground') {
         createOfbizBackgroundCommandTask(taskName)
     }
 }
 
-tasks.addRule('Pattern: ofbizBackgroundSecure <Commands>: Execute OFBiz 
startup commands in background (secure mode) and output to console.log') { 
String taskName ->
-    if(taskName ==~ /^ofbizBackgroundSecure\s.*/ || taskName == 
'ofbizBackgroundSecure') {
-        createOfbizBackgroundCommandTask(taskName)
-    }
-}
-
 /* ========================================================
  * Helper Functions
  * ======================================================== */
@@ -773,24 +759,12 @@ def createOfbizBackgroundCommandTask(tas
     def sourceTask = taskName.tokenize().first()
     def arguments = (taskName - sourceTask)
 
-    def targetTask
-    def gradleRunner
-
-    if(sourceTask == 'ofbizBackground') {
-        targetTask = 'ofbiz'
-    } else if(sourceTask == 'ofbizBackgroundSecure') {
-        targetTask = 'ofbizSecure'
-    }
-
-    if (os.contains("windows")) {
-        gradleRunner = 'gradlew.bat'
-    } else {
-        gradleRunner = './gradlew'
-    }
+    def osName = System.getProperty('os.name').toLowerCase()
+    def gradleRunner = osName.contains('windows') ? 'gradlew.bat' : './gradlew'
 
     task (taskName) {
         doLast {
-            spawnProcess(gradleRunner, "${targetTask} ${arguments}")
+            spawnProcess(gradleRunner, "ofbiz ${arguments}")
         }
     }
 }

Modified: 
ofbiz/trunk/framework/start/src/main/java/org/apache/ofbiz/base/start/StartupCommandUtil.java
URL: 
http://svn.apache.org/viewvc/ofbiz/trunk/framework/start/src/main/java/org/apache/ofbiz/base/start/StartupCommandUtil.java?rev=1756305&r1=1756304&r2=1756305&view=diff
==============================================================================
--- 
ofbiz/trunk/framework/start/src/main/java/org/apache/ofbiz/base/start/StartupCommandUtil.java
 (original)
+++ 
ofbiz/trunk/framework/start/src/main/java/org/apache/ofbiz/base/start/StartupCommandUtil.java
 Sun Aug 14 07:24:42 2016
@@ -157,7 +157,7 @@ final class StartupCommandUtil {
         formatter.printHelp(
                 new PrintWriter(printStream, true),
                 HelpFormatter.DEFAULT_WIDTH + 6,
-                
"ofbiz|ofbizDebug|ofbizSecure|ofbizBackground|ofbizBackgroundSecure",
+                "ofbiz|ofbizDebug|ofbizBackground",
                 System.lineSeparator() + "Executes OFBiz command e.g. start, 
shutdown, check status, etc",
                 getOfbizStartupOptions(),
                 HelpFormatter.DEFAULT_LEFT_PAD,

Reply via email to