Christophe,
Hmmmmmm. I was thinking that this was not specific to the integration
work I did, but you have a point :).
I need to get these updates into SVN for you. I'll speak with
David/Santiago to get that done ASAP.
Randy
Christophe Lombart wrote:
Hi Randy,
Please send me all the code, scripts, ... for this integration (if possible)
and than I will try to fix thoses issues.
If you want, you can create a new Jira issue.
What is the difference between M3 and M4 in point of view security ? Are
there some changes in the permission management ?
Christophe
On 10/6/05, Randy Watler <[EMAIL PROTECTED]> wrote:
Christophe,
I neglected to tell you earlier that this patch does indeed work. Thanks
again.
Just FYI, the change did appear to break some of the tests:
[junit] Running
org.apache.portals.graffito.security.impl.AllFilesTestRdbmsPolicy
[junit] Tests run: 1, Failures: 0, Errors: 1, Time elapsed: 1.912 sec
[junit] [ERROR] TEST
org.apache.portals.graffito.security.impl.AllFilesTestRdbmsPolicy FAILED
[junit] Running org.apache.portals.graffito.security.impl.TestRdbmsPolicy
[junit] Tests run: 3, Failures: 0, Errors: 3, Time elapsed: 2.221 sec
[junit] [ERROR] TEST
org.apache.portals.graffito.security.impl.TestRdbmsPolicy FAILED
[junit] Running org.apache.portals.graffito.security.impl.TestPermissions
[junit] Tests run: 2, Failures: 0, Errors: 2, Time elapsed: 2.018 sec
[junit] [ERROR] TEST
org.apache.portals.graffito.security.impl.TestPermissions FAILED
[junit] Running
org.apache.portals.graffito.security.impl.AllPermissionTestRdbmsPolicy
[junit] Tests run: 1, Failures: 0, Errors: 1, Time elapsed: 1.786 sec
[junit] [ERROR] TEST
org.apache.portals.graffito.security.impl.AllPermissionTestRdbmsPolicy
FAILED
Do you want me to attempt to fix these or do you want to handle it?
Randy
Randy Watler wrote:
Christophe,
Cool. I will test it tomorrow sometime. Thanks for the quick fix!
Randy
Christophe Lombart wrote:
Randy,
I just commit a patch for this issue. Can you check if it is ok on M4.
it was a regression due to my last object model refactoring. Sorry to
use a lot of your time for that. Before testing it, don't forget to
make a db clean-up.
The permission tab page in the edit mode needs to be review. eg. it is
not possible to edit an existing permission.
Kind regard,
Christophe
On 9/28/05, Christophe Lombart <[EMAIL PROTECTED]> wrote:
Of course, you are welcome to commit directly into the Graffito.
Thanks,
Christophe
On 9/28/05, Randy Watler <[EMAIL PROTECTED]> wrote:
Christophe,
I assumed that M3 would have the same issue, so it is reassuring to
hear
that it does indeed.
I am not sure how you want to encorporate my modifications. I have a
small fix in the J2 maven plugin and
quite a few patches for the graffito source tree. David seemed to
indicate that we could allow me to commit to the
graffito project, (I am already a J2 committer as you know).
Otherwise,
I could send you a few patch files.
I plan on fully integrating Graffito into J2, so perhaps we can just
skip this step alltogether. Your call.
Randy
Christophe Lombart wrote:
Randy,
Same issue on M3. As you explained in your mail,
org.apache.portals.graffito.security.impl.CmsPermissionImpl is not
set
into the DB (in SECURITY_PERMISSION). If you replace the wrong value
by this classname, it will be better.
I have more time now. So, I can try to fix this issue. Can give me
an
access to your M4 deployment stuff ? Do you plan to add it in the
Graffito project or directly into J2 ?
Thanks,
Christophe
On 9/27/05, Christophe Lombart <[EMAIL PROTECTED]> wrote:
On 9/26/05, Randy Watler <[EMAIL PROTECTED]> wrote:
Christophe Lombart wrote:
Maybe it is a regression. Are you using the subproject
'jetspeed2-deploy' to deploy into J2 ? See in this subproject,
there
are some xml file uses to deploy the application.
Yes, I am using this project to deploy, albeit modified for M4.
Let me know if you need help. I don't know if I can access to
your
modifications somewhere.
Here is the deal:
The Graffito Browser is adding these objects to the RdbmsPolicy
store:
org.apache.portals.graffito.model.pemission.impl.CmsPermissionImpl
While these appear to be correctly specified and stored by the
browser,
the Graffito
security implementation is creating permission instances of this
class
type and
sending these to the AccessController.checkPermission():
org.apache.portals.graffito.security.impl.CmsPermissionImpl
See
components/src/java/org/apache/portals/graffito/security/impl/GraffitoAction.java.
Unless I am missing something, the new permissions will not be
seen by
java security because the class types do not match. Of course,
the initial
setup/deploy has permissions granted to /role/admin using the
org.apache.portals.graffito.security.impl.CmsPermissionImpl
class and
these work as expected.
Did I miss some configuration that tells the Graffito Browser to
use the
security vs. model implementations?
no
Am I missing some nuance of java
security that would allow the model implementations to be read?
No (following my limited knowledge of JAAS)
Tomorow, I will review the code.
What's the behavior with J2 M3 ?
