-Donald
Jay D. McHugh wrote:
Hey Joe (and everyone else),I took a look at both the trunk and 1.1.* branches of Pluto and they have not (or at least -appear- to have not) gotten around to implementing the same 'secure portlet page' functionality that was in 1.0.x.But, I tried a suggestion that was on one of the Pluto mailing list of simply commenting out the throwing of the exception (the only thing that the setSecure() method does is throw an exception saying that setSecure is not implemented).In my testing, the https protocol is being carried along to the successive pages though - so until Pluto does implement (or we submit a patch for) secure portlet pages - It seems to me that we at least need a functioning console. Once Pluto trunk or a release begins supporting secure portlet pages - then we can get back onto an unmodified copy.I am in the middle of running through a full build with tests before committing a new pinned version of Pluto.Does anyone have any other thoughts before I do my commit? Jay Joe Bohn wrote:Hi Jay,Do you have a fix in mind for this issue? I had started to look into it. Here's what I discovered so far:1) Pluto has essentially dropped the 1.2 release. This was formerly their trunk. It has now been saved to a tag in favor of a new trunk that is the merger of the 286 portlet work and the 1.1.* base. I do not know if this code base has the necessary infrastructure (ie. spring based portal driver) that we require for the pluggable console.2) The new Pluto trunk (2.0-SNAPSHOT) is substantially different primarily because of the inclusion of the JSR-286 work. A quick attempt to just replace the pluto version in our build resulted in some build failures in Geronimo.3) The issue we are hitting with the PortletSecurityException was discussed on the pluto dev list here: http://www.nabble.com/Pluto-1.1.2-vs-1.1.4-td14194243.htmlSo, one possible fix would be to make some of the changes recommended in on the pluto dev thread above in our private build. However, this now concerns me because it means that we are continuing to build on a base that it seems Pluto has recently abandoned. The other alternative would be to attempt to move to 2.0-SNAPSHOT or 1.1.5-SNAPSHOT assuming we can work out any challenges these releases bring, they have the necessary fix for the PortletSecurityException, and they contain the necessary portal driver structure for our pluggable console support. This is certainly not a quick fix but gets us on a more stable base.Joe Jay D. McHugh (JIRA) wrote:[ https://issues.apache.org/jira/browse/GERONIMO-3855?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]Jay D. McHugh reassigned GERONIMO-3855: --------------------------------------- Assignee: Jay D. McHughPortletSecurityException in Plugins portlet ------------------------------------------- Key: GERONIMO-3855URL: https://issues.apache.org/jira/browse/GERONIMO-3855Project: Geronimo Issue Type: BugSecurity Level: public(Regular issues) Components: consoleAffects Versions: 2.1 Reporter: Paul McMahan Assignee: Jay D. McHugh Cannot take any actions in the Plugins portlet. Recreate: Go to the Plugins portlet in the admin consoleClick any action-- "Update Repository List" or "Add Repository" or "Export a Plugin" or "Assemble a Server"Note the exception:javax.servlet.ServletException: javax.portlet.PortletSecurityException: No Supported org.apache.pluto.driver.PortalDriverServlet.doGet(PortalDriverServlet.java:116) org.apache.pluto.driver.PortalDriverServlet.doPost(PortalDriverServlet.java:158)javax.servlet.http.HttpServlet.service(HttpServlet.java:713) javax.servlet.http.HttpServlet.service(HttpServlet.java:806) root cause javax.portlet.PortletSecurityException: No Supportedorg.apache.pluto.driver.services.container.PortletURLProviderImpl.setSecure(PortletURLProviderImpl.java:67) org.apache.pluto.core.PortletContainerImpl.doAction(PortletContainerImpl.java:261) org.apache.pluto.driver.PortalDriverServlet.doGet(PortalDriverServlet.java:112) org.apache.pluto.driver.PortalDriverServlet.doPost(PortalDriverServlet.java:158)javax.servlet.http.HttpServlet.service(HttpServlet.java:713) javax.servlet.http.HttpServlet.service(HttpServlet.java:806)
smime.p7s
Description: S/MIME Cryptographic Signature
