Burke, your process seems very coupled to the standalone and that is not what we want, i.e the only step to be done outside the browser in the standalone is choosing if the user wants to go through the init wizard or not. So everything else should be left to the init wizard, meaning that if i downloaded the war file, i should be able to create a test server and test the latest OpenMRS version.
Wyclif On Mon, Nov 7, 2011 at 9:30 PM, Burke Mamlin <[email protected]>wrote: > Here's what I was envisioning... > > 1. User downloads openmrs-standalone-1.9.-beta.zip, unzips, and > double-clicks JAR. > 2. From the standalone startup window that pops up, the user selects a > "I rock! I want to help test 1.9!" option. > 3. The user is directed to install the "Release Testing Helper" module > in their production system if they haven't already (with a link to a wiki > page with more details about the module and how to install it) and then to > enter the URL of their production system into a text field. > 4. If the URL is unreachable or the release testing helper module > isn't detected, the user is returned to step #3 with appropriate tips/hints > based on the error detected. > 5. The user is presented with an OAuth-like screen saying that an > OpenMRS Standalone instance wants to use your production data and, if this > is okay, to authenticate as super user. > 6. Upon successful authentication to the production server, the user > gets a progress bar stating that data and modules are being transferred > from the production machine to the standalone instance for testing (along > with a reassurance like "nothing will be written or changed on your > production system during this process"). > 7. Installation of the standalone continues with metadata, sample > data, and modules from the production system. > > The trick is #5. In the ideal world, this would be a popup window from > the standalone that presented an OAuth-like page on the production server; > however, AFAIK Java fails to provide a decent embedded browser to do this. > So, a suitable proxy would be a *local* JEditorPane that gathered > credentials and then used those credentials without storing them to > authenticate to the production server via the URL provided, doing HTTP(S) > calls to communicate with the release testing helper module on the server. > You could try to invoke a local browser and/or somehow get an embedded > browser working in the standalone to do true OAuth, but I think it'll take > more effort than it's worth. I believe JEditorPane only supports HTML 3.2 > and doesn't support JavaScript, so you're better of using it to display > something that looks like a simple web page and then do the HTTP(S) > conversation underneath rather than trying to make a web page speak AJAX to > a Swing application. > > The Standalone should not persist any credentials to the production system > nor should it try to re-use them – i.e., it gets what it needs in one > authenticated session based on what the user entered. If we need to go > back to the production server after a long time or there's a chance the > conversation might exceed the typical session timeout, then we should > discuss how to create a longer-lasting OAuth-like token up front. > > Just my 2¢. > > Cheers, > > -Burke > > On Mon, Nov 7, 2011 at 8:42 PM, Darius Jazayeri <[email protected]>wrote: > >> Hi Wyclif, >> >> I was wondering if you could give a step-by-step overview of the process >> you're envisioning as our target from this sprint. >> >> 1. User downloads standalone 1.9-beta, unzips it, and double clicks on >> the JAR >> ...(what happens here)... >> N. User sees a login window to a standalone instance whose DB is >> populated with data from an existing install. >> >> -Darius >> > ------------------------------ > Click here to > unsubscribe<[email protected]?body=SIGNOFF%20openmrs-devel-l>from > OpenMRS Developers' mailing list > _________________________________________ To unsubscribe from OpenMRS Developers' mailing list, send an e-mail to [email protected] with "SIGNOFF openmrs-devel-l" in the body (not the subject) of your e-mail. [mailto:[email protected]?body=SIGNOFF%20openmrs-devel-l]
