Hi Petr, I assume you wanted to post this to -devel, so I'll fullquote it here:
On Wed, Jun 13, 2007 at 01:16:20PM +0400, Peter Grigoriev wrote: > > Also, I'd appreciate some manual testing - I've tested some things for > > which we do not have automated tests, such as LDAP publication (although > > I believe it should be possible to address that using Net::Server::LDAP) > > but I just might have missed something ... > > > > Hi All , > > Just after the first version of LDAP publication workflow has been added > (tested manually) I tried to outline the things to be improved and write a > little draft (looks like the time to check it in came - see rev.934). Thanks for the work! I'll need some time to read it completely, which might not happen this week ... > The main thing was to write a stand-alone package performing the > ldap operations and call it from workflow actions. > This way all main ldap operations can be tested automatically. Sounds good. But what LDAP server do you want to test it against? I believe it is possible to set up a test server using Net::LDAP::Server, but it seems like it involves a good amount of work ... > I am working in this direction at the moment and hope > to finish the stand-alone part in a week and check-in > the stuff (package and tests for it) after discussing on mail-list. > Next step is to rewrite workflow actions - they will be significantly > simplified after moving all ldap interactions to the separate module. > > Ldap automatic testing on the workflow level will probably meet the problem > described in the bug #1699848. > I tested ldap-publishing workflow using some kind of hack - > increasing the time of "waiting for child finished" in: > > workflow_activity_certificate_issuance.xml > workflow_activity_certificate_signing_request.xml So, if I get you correctly, I believe your problem is that (depending on how fast the publication goes), your certificate issuance workflow either ends up in 'CHECK_CHILD_FINISHED' or 'SUCCESS'? I've introduced the 'CHECK_CHILD_FINISHED' thing for the CSR workflow, where it can be used in a way that a user that looks at the state of a CSR workflow can automatically execute the null action (if present) if the state is 'CHECK_CHILD_FINISHED'. There is not really a possibility to do this in the certificate issuance case as there is no user available that can do this manual check (unless you'd want to stack these checks on the web interface, but that doesn't sound right to me). As an immediate solution, I'd suggest you use looping and sleeping until the child finishes (which was in earlier workflow definitions, see for example http://openxpki.svn.sourceforge.net/viewvc/openxpki/trunk/deployment/etc/templates/default/workflow_def_certificate_signing_request.xml?revision=646&view=markup This should be combined with a check whether the child fails (see SCEP workflow). Still, this might lead to an infinitely looping workflow if the child does not end up in state 'SUCCESS' or 'FAILURE' for some reason ... The correct solution would IMHO be executing the workflow synchronously instead of forking it off and looking for its state, but I believe we don't have code for that (yet) ... As for your other problems mentioned in your document, about 1) and 2): are you sure you have a recent Workflow.pm? I believe I solved these exact problems in 0.25/0.26 ... If so, can you please set the Workflow log level to DEBUG and send me a copy of your openxpki.log so that I can try and debug it? As for 3), I had a similar problem on the web interface. There, the cause was that someone (possibly Mason itself?) converted the UTF8 into Perl Unicode characters. This meant that the serialized datastructure had UTF8 in it but that was converted to Perl Unicode characters, which meant that the length of all the things where then completely messed up and the deserialization messed everything up because there is nearly no sanity checking in there (there is a feature request for that and Florian will be working on it soon, to at least solve this part of the problem). Maybe you have a similar case (although I wouldn't know who is the implicit UTF8 decoder)? Best regards, Alex -- Dipl.-Math. Alexander Klink | IT-Security Engineer [EMAIL PROTECTED] | working @ urn:oid:1.3.6.1.4.1.11417 ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ _______________________________________________ OpenXPKI-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openxpki-devel
