Re: J2 decorators not displayed in IE
Raphael, thanks for your response! It looks like you are right - and the problem is in including .css styles. I checked the source from IE and Firefox - both have a relative link to the Jetspeed's .css styles: and it looks like the stylesheet is not used - no decorations are there, and no images. References to images look like this: http://24.61.4.55:8080/jetspeed/portal/_ns:YURDRVBvcnRhbDo6RXZlbnRzQ2FsZW5kYXJQb3J0bGV0fGMwfGQx/"; title="maximized" > I am also using .css styles for my portlets, and I see that the link to my CSS file is the absolute one, like this: http://24.61.4.55:8080/DCEPortal/css/dce-portal.css"/> When I include this CSS into my JSP I use the ContextPath : "/> An my stylesheet gets included just fine. I thought I would do what you suggested and substitute relative URL with the absolute one, so I took a look at the tigris/decorator-top.vm - however, I don't see where the stylesheets are included (I don't really know Velocity...). I can see this line: #includeStyleSheets() but where is this function? (I'm assuming this is a function ?) Any suggestions on how I could set them? Thanks a lot! Marina --- Raphaël Luta <[EMAIL PROTECTED]> wrote: > Marina wrote: > > Hi, > > I have a weird problem here. > > I've been developing my portal using Firefox only, > and > > have a pretty much complete portal by now. > However, > > when I finally got around to checking it out in > IE, > > I've realized to my horror that it looks > completely > > screwed up there. > > Basically, no portlet decorators and J2 images > (like > > tabs, borders around portlets, etc.) are displayed > > there. The content of the portlets is just fine. > > Even more, this happens when I access my portal > > through a redirect from my ISP that forwards the > > requests to my PC's IP address. > > If I access the portal through localhost:8080 - > > everything looks fine in both Firefox and IE. > > > > to summarize: > > access portal through IP address: > > Firefox/Netscape OK, IE - no images/decorators > > access portal through localhost: > > both Firefox and IE are OK > > > > Did I miss some config parameter for J2 or > something > > like that? Any ideas? > > > > Mmmm.. I'd say it's an issue with IE mishandling > your ISP > reverse proxy behavior. > Most of the decorator information is controlled > through a CSS > stylesheet. > It's quite possible that IE resolves URL differently > than > Firefox when dealing with CSS resources tied to an > HTML > document. > You can check if the CSS file is indeed retrieved by > IE and if so, > you can try setting absolute URLs to reference the > image files in the > CSS stylesheet. > > -- > Raphaël Luta - [EMAIL PROTECTED] > Apache Portals - Enterprise Portal in Java > http://portals.apache.org/ > > - > To unsubscribe, e-mail: > [EMAIL PROTECTED] > For additional commands, e-mail: > [EMAIL PROTECTED] > > - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
J2 decorators not displayed in IE
Hi, I have a weird problem here. I've been developing my portal using Firefox only, and have a pretty much complete portal by now. However, when I finally got around to checking it out in IE, I've realized to my horror that it looks completely screwed up there. Basically, no portlet decorators and J2 images (like tabs, borders around portlets, etc.) are displayed there. The content of the portlets is just fine. Even more, this happens when I access my portal through a redirect from my ISP that forwards the requests to my PC's IP address. If I access the portal through localhost:8080 - everything looks fine in both Firefox and IE. to summarize: access portal through IP address: Firefox/Netscape OK, IE - no images/decorators access portal through localhost: both Firefox and IE are OK Did I miss some config parameter for J2 or something like that? Any ideas? Thank you! Marina - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Jetspeed-2: Drop support for Tomcat 4...? Please comment/vote!
--- Ate Douma <[EMAIL PROTECTED]> wrote: > And, if there are no big objections, I'd like to > vote on dropping Tomcat 4 support! > +1 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: using MySQL with J2 - setup problem
ooh, I feel so bad... :) I knew it was something very stupid - I did not run the 'maven quickStart'. For some reason I thought it was intended for the HSQLDB only... Sorry for wasting so much of your time! Thanks, Randy, Marina --- [EMAIL PROTECTED] wrote: > Marina: > > If your j2 DB is not setup, nothing will work > anyway, so we are back to > the failing maven build... you did use "maven > quickStart", no? > > Also, your DB URL probably needs to be > > jdbc:mysql://127.0.0.1:3306/j2 > > or > > jdbc:mysql://localhost/j2, > > (mysql can be picky about IP usage and I am not sure > about the port you > specified). > > Randy > > > Thanks, Randy :) > > I modified jetspeed.xml file using the one from a > > working HSQL J2M2 installation as an example and > > copied it into the > > /conf/Catalina/localhost dir. > > I also copied a security.xml file from the HSQLDB > J2M2 > > installation and adjusted the docBase value. > > > > Unfortunately, when I started Tomcat, I've got the > > same error: > > > > Caused by: > > org.apache.jetspeed.prefs.PreferencesException: > Failed > > to initialize prefs > > > api.org.springframework.transaction.CannotCreateTransactionException: > > Could not create OJB transaction; nested exception > is > > org.apache.ojb.broker.accesslayer.LookupException: > > SQLException thrown while trying to get Connection > > from Datasource (java:comp/env/jdbc/jetspeed) at > > > org.apache.jetspeed.prefs.impl.PreferencesFactoryImpl.init(Preference > > sFactoryImpl.java:70) at > > > sun.reflect.NativeMethodAccessorImpl.invoke0(NativeMethod) > > at > > > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl. > > ... > > > > And in the J2's log file: > > 2005-02-27 18:24:24 > > > StandardContext[/jetspeed]StandardWrapper.Throwable > > java.lang.NullPointerException > > at > > > org.apache.jetspeed.velocity.JetspeedVelocityViewServlet.init(JetspeedVelocityViewServlet.java:137) > > at > > > org.apache.catalina.core.StandardWrapper.loadServlet(StandardWrapper.java:1044) > > at > > > org.apache.catalina.core.StandardWrapper.load(StandardWrapper.java:876) > > at > > > > > > One thing that puzzles me (among others, of > course) is > > that the 'j2' DB did not get populated while > 'j2test' > > did... > > > > Here is my jetspeed.xml - lines that I changed: > > > > > > username > > admin > > > > > > password > > admin > > > > > > > > > >driverClassName > >org.gjt.mm.mysql.Driver > > > > > > > > > > url > > jdbc:mysql://127.0.0.1:3306 > > > > > > > > Thanks for looking into this! > > Marina > > > > --- [EMAIL PROTECTED] wrote: > > > >> Marina, > >> > >> > 3. jetspeed.xml > >> > there was no jetspeed.xml in the > >> > =/conf/Catalina/localhost dir > >> > The only jetspeed.xml files in the > J2-project-home > >> > directory that I found were: > >> > > >> > > > maven-plugin/target/classes/plugin-resources/jetspeed.xml > >> > portal/src/resources/jetspeed.xml > >> > Should I manually edit one of them and copy > into > >> > /conf/Catalina/localhost dir ? > >> > >> Since you manually copied the jetspeed.war into > >> webapps, I assume you will > >> need to do the same thing with the > >> portal/src/resources/jetspeed.xml file. > >> It is certainly simple enough to try! > >> > >> > Is not it supposed to be done by the maven > >> 'allBuild' > >> > goal? > >> > >> Well, so is copying jetspeed.war into webapps! :) > >> Something is broken for > >> sure, but I am just interesting in seeing if you > can > >> get it to run at all > >> since you have taken it almost this far already. > >> Yes, we are in the weeds > >> at this point! > >> > >> Randy > >> > >> > >> > > > - > >> To unsubscribe, e-mail: > >> [EMAIL PROTECTED] > >> For additional commands, e-mail: > >> [EMAIL PROTECTED] > >> > >> > > > > > > > - > > To unsubscribe, e-mail: > [EMAIL PROTECTED] > > For additional commands, e-mail: > [EMAIL PROTECTED] > > > > > > > - > To unsubscribe, e-mail: > [EMAIL PROTECTED] > For additional commands, e-mail: > [EMAIL PROTECTED] > > - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: using MySQL with J2 - setup problem
Thanks, Randy :) I modified jetspeed.xml file using the one from a working HSQL J2M2 installation as an example and copied it into the /conf/Catalina/localhost dir. I also copied a security.xml file from the HSQLDB J2M2 installation and adjusted the docBase value. Unfortunately, when I started Tomcat, I've got the same error: Caused by: org.apache.jetspeed.prefs.PreferencesException: Failed to initialize prefs api.org.springframework.transaction.CannotCreateTransactionException: Could not create OJB transaction; nested exception is org.apache.ojb.broker.accesslayer.LookupException: SQLException thrown while trying to get Connection from Datasource (java:comp/env/jdbc/jetspeed) at org.apache.jetspeed.prefs.impl.PreferencesFactoryImpl.init(Preference sFactoryImpl.java:70) at sun.reflect.NativeMethodAccessorImpl.invoke0(NativeMethod) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl. ... And in the J2's log file: 2005-02-27 18:24:24 StandardContext[/jetspeed]StandardWrapper.Throwable java.lang.NullPointerException at org.apache.jetspeed.velocity.JetspeedVelocityViewServlet.init(JetspeedVelocityViewServlet.java:137) at org.apache.catalina.core.StandardWrapper.loadServlet(StandardWrapper.java:1044) at org.apache.catalina.core.StandardWrapper.load(StandardWrapper.java:876) at One thing that puzzles me (among others, of course) is that the 'j2' DB did not get populated while 'j2test' did... Here is my jetspeed.xml - lines that I changed: username admin password admin driverClassName org.gjt.mm.mysql.Driver url jdbc:mysql://127.0.0.1:3306 Thanks for looking into this! Marina --- [EMAIL PROTECTED] wrote: > Marina, > > > 3. jetspeed.xml > > there was no jetspeed.xml in the > > =/conf/Catalina/localhost dir > > The only jetspeed.xml files in the J2-project-home > > directory that I found were: > > > maven-plugin/target/classes/plugin-resources/jetspeed.xml > > portal/src/resources/jetspeed.xml > > Should I manually edit one of them and copy into > > /conf/Catalina/localhost dir ? > > Since you manually copied the jetspeed.war into > webapps, I assume you will > need to do the same thing with the > portal/src/resources/jetspeed.xml file. > It is certainly simple enough to try! > > > Is not it supposed to be done by the maven > 'allBuild' > > goal? > > Well, so is copying jetspeed.war into webapps! :) > Something is broken for > sure, but I am just interesting in seeing if you can > get it to run at all > since you have taken it almost this far already. > Yes, we are in the weeds > at this point! > > Randy > > > - > To unsubscribe, e-mail: > [EMAIL PROTECTED] > For additional commands, e-mail: > [EMAIL PROTECTED] > > - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: using MySQL with J2 - setup problem
Randy, I double checked my config files and verified the following: Verified: 1. JVM version used by maven - added 'java -version' command to the 'show.maven.props' goal: C:\Marina\Harvard\Projects\jakarta-jetspeed-2-MYSQL>maven show.maven.props __ __ | \/ |__ _Apache__ ___ | |\/| / _` \ V / -_) ' \ ~ intelligent projects ~ |_| |_\__,_|\_/\___|_||_| v. 1.0.2 build:start: show.maven.props: [echo] maven.home.local = C:/Marina/MyWork/Maven [echo] maven.repo.local = C:/Marina/MyWork/Maven/maven_repository [echo] checking JRE version: [exec] java version "1.4.2_06" [exec] Java(TM) 2 Runtime Environment, Standard Edition (build 1.4.2_06-b03) [exec] Java HotSpot(TM) Client VM (build 1.4.2_06-b03, mixed mode) BUILD SUCCESSFUL Total time: 2 seconds Finished at: Sun Feb 27 11:54:13 EST 2005 2. 'admin' user has rights to the 'j2' and 'j2test' tables in MySQL: logged into MySQL as 'admin', created and dropped test tables in both 'j2' and 'j2test' DBs: >>>>> Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 3 to server version: 4.1.7. Type 'help;' or '\h' for help. Type '\c' to clear the buffer. mysql> use j2test Database changed mysql> create table MyTest( id int ); Query OK, 0 rows affected (0.10 sec) mysql> drop table MyTest; Query OK, 0 rows affected (0.00 sec) mysql> use j2 Database changed mysql> create table MyTest( id int ); Query OK, 0 rows affected (0.02 sec) mysql> drop table MyTest; Query OK, 0 rows affected (0.00 sec) 3. jetspeed.xml there was no jetspeed.xml in the =/conf/Catalina/localhost dir The only jetspeed.xml files in the J2-project-home directory that I found were: maven-plugin/target/classes/plugin-resources/jetspeed.xml portal/src/resources/jetspeed.xml Should I manually edit one of them and copy into /conf/Catalina/localhost dir ? Is not it supposed to be done by the maven 'allBuild' goal? 4. I checked the MySQL driver jar file itself - it does have both com.mysql.jdbc.Driver and org.gjt.mm.mysql.Driver. It is indeed located in the /shared/lib dir. Any other setup I could have missed? Thanks! Marina --- [EMAIL PROTECTED] wrote: > Marina, > > I know you probably have most of this down cold, but > please verify: > > - you have a copy of > mysql-connector-java-3.0.16-ga-bin.jar in > /shared/lib. > - that the com.mysql.jdbc.Driver class exists in > mysql-connector-java-3.0.16-ga-bin.jar. > - if you are manually copying the jetspeed.war into > webapps, make sure > that the jetspeed.xml is edited for your > configuration and is copied to > the correct location: > tomcat5=/conf/Catalina/localhost or > tomcat4=/webapps. > - that admin/admin has access to your j2 and j2test > databases. > - that your java implementation is being located > correctly and is a > current 1.4.2 or 1.5 version... I have never seen > those "targetting 1.4" > messages on Linux. > > Randy > > > Thanks, Randy. > > Something very strange is going on here... > > I tried different variations of the > build.properties > > file and it comes down to the following two > scenarios: > > > > 1) if I set properties to: > > org.apache.jetspeed.test.database.url = > > jdbc:mysql://localhost/j2test > > org.apache.jetspeed.test.database.driver = > > com.mysql.jdbc.Driver > > org.apache.jetspeed.test.database.user = admin > > org.apache.jetspeed.test.database.password = admin > > > > > org.apache.jetspeed.test.jdbc.drivers.path=${org.apache.jetspeed.server.shared}/mysql-connector-java-3.0.16-ga-bin.jar > > > org.apache.jetspeed.test.database.default.name=mysql > > > > org.apache.jetspeed.production.database.url = > > jdbc:mysql://localhost/j2 > > org.apache.jetspeed.production.database.driver = > > com.mysql.jdbc.Driver > > org.apache.jetspeed.production.database.user = > admin > > org.apache.jetspeed.production.database.password = > > admin > > > > > org.apache.jetspeed.production.jdbc.drivers.path=${org.apache.jetspeed.server.shared}/mysql-connector-java-3.0.16-ga-bin.jar > > > org.apache.jetspeed.production.database.default.name=mysql > > > > > > then I get errors running maven allBuild target:: > > jetspeed2:jar:install: > > build:start: > > > > java:prepare-filesystem: > > [mkdir] Created dir: > > > C:\Marina\Harvard\Projects\jakarta-jetspeed-2-MYSQL\portlet-api\target\classes > > > > java:compile: > > [echo] Compiling to > > > C:\Marina\Harvard\Projects\jakarta-jetspeed-2-MYSQL\portlet-api/target/classes > > [echo] &
Re: using MySQL with J2 - setup problem
Thanks, Randy. Something very strange is going on here... I tried different variations of the build.properties file and it comes down to the following two scenarios: 1) if I set properties to: org.apache.jetspeed.test.database.url = jdbc:mysql://localhost/j2test org.apache.jetspeed.test.database.driver = com.mysql.jdbc.Driver org.apache.jetspeed.test.database.user = admin org.apache.jetspeed.test.database.password = admin org.apache.jetspeed.test.jdbc.drivers.path=${org.apache.jetspeed.server.shared}/mysql-connector-java-3.0.16-ga-bin.jar org.apache.jetspeed.test.database.default.name=mysql org.apache.jetspeed.production.database.url = jdbc:mysql://localhost/j2 org.apache.jetspeed.production.database.driver = com.mysql.jdbc.Driver org.apache.jetspeed.production.database.user = admin org.apache.jetspeed.production.database.password = admin org.apache.jetspeed.production.jdbc.drivers.path=${org.apache.jetspeed.server.shared}/mysql-connector-java-3.0.16-ga-bin.jar org.apache.jetspeed.production.database.default.name=mysql then I get errors running maven allBuild target:: jetspeed2:jar:install: build:start: java:prepare-filesystem: [mkdir] Created dir: C:\Marina\Harvard\Projects\jakarta-jetspeed-2-MYSQL\portlet-api\target\classes java:compile: [echo] Compiling to C:\Marina\Harvard\Projects\jakarta-jetspeed-2-MYSQL\portlet-api/target/classes [echo] == NOTE: Targetting JVM 1.4, classes will not run on earlier JVMs == [javac] Compiling 27 source files to C:\Marina\Harvard\Projects\jakarta-jetspeed-2-MYSQL\portlet-api\target\classes BUILD FAILED File.. C:\Marina\Harvard\Projects\jakarta-jetspeed-2-MYSQL\maven.xml Element... maven:reactor Line.. 133 Column 40 Unable to obtain goal [java:compile] -- C:\Marina\MyWork\Maven\cache\maven-java-plugin-1.5\plugin.jelly:63:48: Error running javac.exe compiler 2) if I set driver's name to: org.apache.jetspeed.test.jdbc.drivers.path=${org.apache.jetspeed.server.shared}/mysql-connector-java-3.0.16-ga-bin.jar org.apache.jetspeed.test.database.default.name=mysql org.apache.jetspeed.test.database.url=jdbc:mysql://localhost/j2test org.apache.jetspeed.test.database.driver=org.gjt.mm.mysql.Driver org.apache.jetspeed.test.database.user=admin org.apache.jetspeed.test.database.password=admin org.apache.jetspeed.production.jdbc.drivers.path=${org.apache.jetspeed.server.shared}/mysql-connector-java-3.0.16-ga-bin.jar org.apache.jetspeed.production.database.default.name=mysql org.apache.jetspeed.production.database.url=jdbc:mysql://localhost/j2 org.apache.jetspeed.production.database.driver=org.gjt.mm.mysql.Driver org.apache.jetspeed.production.database.user=admin org.apache.jetspeed.production.database.password=admin then 'maven allBuild' finishes successfully, but: -- no jetspeed.war is created in the Tomcat's webapp/ directory --> when trying to access J2 from a browser - you get 404 error -- no tables are created in the 'j2' DB schema. 'j2test' schema has all tables created and populated. -- the jetspeed.war file is created in the J2 project's .../portal/target/ directory though. I tried copying it manually to the Tomcat's webapp/ dir - but when I started tomcat, the following errors were thrown when Tomcat was trying to deploy jetspeed.war: Caused by: org.springframework.beans.factory.BeanCreationException: Error creati ng bean with name 'java.util.prefs.PreferencesFactory' defined in URL [file:/C:/ Marina/Java/tomcat-5.0.30-j2M2-MYSQL/webapps/jetspeed/WEB-INF/assembly/jetspeed- spring.xml]: Initialization of bean failed; nested exception is org.apache.jetsp eed.prefs.PreferencesException: Failed to initialize prefs api. org.springframe work.transaction.CannotCreateTransactionException: Could not create OJB transact ion; nested exception is org.apache.ojb.broker.accesslayer.LookupException: SQLE xception thrown while trying to get Connection from Datasource (java:comp/env/jdbc/jetspeed) at org.springframework.beans.factory.support.AbstractAutowireCapableBean Factory.createBean(AbstractAutowireCapableBeanFactory.java:300) It hunts me that it must be something very simple and very stupid, since nobody else had these problems using MySQL, but I can't find what that is... Any ideas? Thanks! Marina --- [EMAIL PROTECTED] wrote: > Marina, > > These settings have always worked for me, (note that > I do not set the > ojb.platform property): > > org.apachejetspeed.test.jdbc.drivers.path=${org.apache.jetspeed.server.shared}/mysql-connector-java-3.0.16.jar > org.apache.jetspeed.test.database.default.name=mysql > org.apache.jetspeed.test.database.url=jdbc:mysql://localhost/j2test > org.apache.jetspeed.test.database.driver=org.gjt.mm.mysql.Driver > org.apache.jetspeed.test.database.user=admin
Re: using MySQL with J2 - setup problem
Thank you, Hema! Yes, that was it - the default name had to be set to 'mysql'. Once I did that, the build script finished all DB setup work fine but it failed at a later point: java:compile: [echo] Compiling to C:\Marina\Harvard\Projects\jakarta-jetspeed-2-MYSQL\portlet-api/target/classes [echo] == NOTE: Targetting JVM 1.4, classes will not run on earlier JVMs == [javac] Compiling 27 source files to C:\Marina\Harvard\Projects\jakarta-jetspeed-2-MYSQL\portlet-api\target\classes BUILD FAILED File.. C:\Marina\Harvard\Projects\jakarta-jetspeed-2-MYSQL\maven.xml Element... maven:reactor Line.. 133 Column 40 Unable to obtain goal [java:compile] -- C:\Marina\MyWork\Maven\cache\maven-java-plugin-1.5\plugin.jelly:63:48: Error running javac.exe compiler Total time: 37 seconds Finished at: Fri Feb 25 19:23:20 EST 2005 Any idea what is wrong now? Thank you! Marina --- Hema Menon <[EMAIL PROTECTED]> wrote: > Marina, > > What I meant to say is that, I believe the default > name should be the > type of database name, so in your build script it > should be mysql > instead of j2 and j2test. If you look at the sample > build properties, > it contains hsql for both test and production > default database name. > org.apache.jetspeed.test.database.default.name=hsql > org.apache.jetspeed.test.database.ojb.platform=Hsqldb > > Hema > > > > > On Thu, 24 Feb 2005 18:37:18 -0800 (PST), Marina > <[EMAIL PROTECTED]> wrote: > > > Hi, > > > > > > I finally got around to switch from HSQLDB to > MySQL > > > and ran into a build problem. > > > I setup MySQL DB schema and users per J2 > instructions > > > (created 'j2test' and 'j2' schemas and the > 'jetspeed2' > > > user that has all writes for those schemas). I > have > > > also modified J2's build.properties to use MySQL > (I'm > > > including a snippet below). > > > > > > After that, I do the following: > > > 1. start MySQL DB > > > 2. cd [EMAIL PROTECTED] > > >maven allClean - OK > > >maven allBuild - Error: > > > > > > Attempting to download > maven-torque-plugin-3.2.jar. > > > 2/6K > > > 6/6K > > > 6K downloaded > > > build:start: > > > > > > allBuild: > > > check.required.properties: > > > > > > torque:init: > > > > > > db.scripts.gen: > > > [echo] Generating SQL schema creation > scripts for > > > HSQLDB > > > [torque-sql] Using classpath > > > [torque-sql] Generating to file > > > > C:\Marina\Harvard\Projects\jakarta-jetspeed-2-MYSQL\target\src\sql\hsql\report.portal.sql.generation > > > [echo] Generating SQL schema creation > scripts for > > > MySQL > > > [torque-sql] Using classpath > > > [torque-sql] Generating to file > > > > C:\Marina\Harvard\Projects\jakarta-jetspeed-2-MYSQL\target\src\sql\mysql\report.portal.sql.generation > > > [echo] Generating SQL schema creation > scripts for > > > Oracle > > > [torque-sql] Using classpath > > > [torque-sql] Generating to file > > > > C:\Marina\Harvard\Projects\jakarta-jetspeed-2-MYSQL\target\src\sql\oracle\report.portal.sql.generation > > > [echo] Generating SQL schema creation > scripts for > > > MS SQL > > > [torque-sql] Using classpath > > > [torque-sql] Generating to file > > > > C:\Marina\Harvard\Projects\jakarta-jetspeed-2-MYSQL\target\src\sql\mssql\report.portal.sql.generation > > > [echo] Generating SQL schema creation > scripts for > > > Postgres > > > [torque-sql] Using classpath > > > [torque-sql] Generating to file > > > > C:\Marina\Harvard\Projects\jakarta-jetspeed-2-MYSQL\target\src\sql\postgres\report.portal.sql.generation > > > > > > BUILD FAILED > > > File.. > > > > C:\Marina\Harvard\Projects\jakarta-jetspeed-2-MYSQL\maven.xml > > > Element... sql > > > Line.. 355 > > > Column 39 > > > Source file does not exist! > > > Total time: 12 seconds > > > Finished at: Thu Feb 24 21:27:54 EST 2005 > > > > > > Here is my build.properties (relevant parts): > > > # Override the database connection and > > > driverproperties in your > ${USER_HOME}/build.properties > > > appropriately > > >
using MySQL with J2 - setup problem
Hi, I finally got around to switch from HSQLDB to MySQL and ran into a build problem. I setup MySQL DB schema and users per J2 instructions (created 'j2test' and 'j2' schemas and the 'jetspeed2' user that has all writes for those schemas). I have also modified J2's build.properties to use MySQL (I'm including a snippet below). After that, I do the following: 1. start MySQL DB 2. cd [EMAIL PROTECTED] maven allClean - OK maven allBuild - Error: Attempting to download maven-torque-plugin-3.2.jar. 2/6K 6/6K 6K downloaded build:start: allBuild: check.required.properties: torque:init: db.scripts.gen: [echo] Generating SQL schema creation scripts for HSQLDB [torque-sql] Using classpath [torque-sql] Generating to file C:\Marina\Harvard\Projects\jakarta-jetspeed-2-MYSQL\target\src\sql\hsql\report.portal.sql.generation [echo] Generating SQL schema creation scripts for MySQL [torque-sql] Using classpath [torque-sql] Generating to file C:\Marina\Harvard\Projects\jakarta-jetspeed-2-MYSQL\target\src\sql\mysql\report.portal.sql.generation [echo] Generating SQL schema creation scripts for Oracle [torque-sql] Using classpath [torque-sql] Generating to file C:\Marina\Harvard\Projects\jakarta-jetspeed-2-MYSQL\target\src\sql\oracle\report.portal.sql.generation [echo] Generating SQL schema creation scripts for MS SQL [torque-sql] Using classpath [torque-sql] Generating to file C:\Marina\Harvard\Projects\jakarta-jetspeed-2-MYSQL\target\src\sql\mssql\report.portal.sql.generation [echo] Generating SQL schema creation scripts for Postgres [torque-sql] Using classpath [torque-sql] Generating to file C:\Marina\Harvard\Projects\jakarta-jetspeed-2-MYSQL\target\src\sql\postgres\report.portal.sql.generation BUILD FAILED File.. C:\Marina\Harvard\Projects\jakarta-jetspeed-2-MYSQL\maven.xml Element... sql Line.. 355 Column 39 Source file does not exist! Total time: 12 seconds Finished at: Thu Feb 24 21:27:54 EST 2005 Here is my build.properties (relevant parts): # Override the database connection and driverproperties in your ${USER_HOME}/build.properties appropriately # See: # http://portals.apache.org/jetspeed-2/database.html org.apache.jetspeed.test.database.url = jdbc:mysql://localhost/j2test org.apache.jetspeed.test.database.driver = com.mysql.jdbc.Driver org.apache.jetspeed.test.database.user = jetspeed2 org.apache.jetspeed.test.database.password = jetspeed2 org.apache.jetspeed.test.jdbc.drivers.path=C:/Marina/MySQL/mysql-connector-java-3.0.16-ga/mysql-connector-java-3.0.16-ga-bin.jar org.apache.jetspeed.test.database.default.name=j2test org.apache.jetspeed.test.database.ojb.platform=mysql org.apache.jetspeed.production.database.url = jdbc:mysql://localhost/j2 org.apache.jetspeed.production.database.driver = com.mysql.jdbc.Driver org.apache.jetspeed.production.database.user = jetspeed2 org.apache.jetspeed.production.database.password = jetspeed2 org.apache.jetspeed.production.jdbc.drivers.path=C:/Marina/MySQL/mysql-connector-java-3.0.16-ga/mysql-connector-java-3.0.16-ga-bin.jar org.apache.jetspeed.production.database.default.name=j2 org.apache.jetspeed.production.database.ojb.platform=mysql (I am not sure about the ojb.platform property, there were no directions on what it should be set to for MySQL, so I decided to set it to 'mysql' instead of keeping the default value of 'Hsqldb' ...) Any idea what I did wrong? Thanks! Marina - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: non-scrollable IFramePortlet
Great, it worked! Thanks, David :) --- David Sean Taylor <[EMAIL PROTECTED]> wrote: > Marina wrote: > > Hello! > > > > I tried using IFramePortlet to display a content > from > > another URL inside it, and I noticed that the > content > > of the IFramePortlet window is not scrollable. > > > > Any idea how I could make it scrollable? > > > Try adding this Preference to your portlet.xml and > redeploy: > > > SCROLLING > TRUE > > > > -- > David Sean Taylor > Bluesunrise Software > [EMAIL PROTECTED] > [office] +01 707 773-4646 > [mobile] +01 707 529 9194 > > - > To unsubscribe, e-mail: > [EMAIL PROTECTED] > For additional commands, e-mail: > [EMAIL PROTECTED] > > - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
non-scrollable IFramePortlet
Hello! I tried using IFramePortlet to display a content from another URL inside it, and I noticed that the content of the IFramePortlet window is not scrollable. I tried modifying the .../decorations/portlet/html/tigris/decorator.vm as following: ... ## Portlet Content ## #if (!$jetspeed.isHidden($myF) || $jetspeed.WindowState != "minimized") $myF.renderedContent #end ... but it did not help. Any idea how I could make it scrollable? Thanks! Marina - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: users/roles/groups creation and saving
David, thanks a lot for your help! After looking more closely at the HSQL DB scripts and the populate DB scripts I was able to create a bare minimum custom script for my portal. I thought I'd share this with the group on case it might help somebody to do the same: Here is a minimal script to create a new user, new role and assign the role to the user: INSERT INTO SECURITY_PRINCIPAL VALUES(54,'org.apache.jetspeed.security.InternalRolePrincipalImpl',false,true,'/role/dce-admin-role','2005-02-02 15:02:54.171','2005-02-02 15:02:54.171') INSERT INTO SECURITY_PRINCIPAL VALUES(56,'org.apache.jetspeed.security.InternalUserPrincipalImpl',false,true,'/user/dce-admin','2005-02-02 15:03:27.624','2005-02-02 15:03:27.64') INSERT INTO SECURITY_CREDENTIAL VALUES(53,56,'some_password',0,'org.apache.jetspeed.security.spi.impl.DefaultPasswordCredentialImpl',false,false,true,0,false,'2005-02-02 15:03:27.64','2005-02-02 15:03:27.64',NULL,NULL,'2005-04-03') INSERT INTO SECURITY_USER_ROLE VALUES(56,54) // not necessary if you are OK with a default profiling rule INSERT INTO PRINCIPAL_RULE_ASSOC VALUES('dce-admin','page','role-fallback') INSERT INTO PRINCIPAL_RULE_ASSOC VALUES('dce-admin','docset','role-fallback') One question: Now that I have a basic SQL script to create a new user, I thought I could use it in a "RegisterPortlet" where a new user could register himself by typing in his username/password, and , as a result, the portlet would execute the SQL script on the backend. However, after looking at the source code of J2's UserBrowserPortlet and UserDetailsPortlet portlets it seems like this would not be enough - those portlets are using J2's objects like AuthenticationProviderProxy and others. Could somebody clarify if that's the correct way to go to implement a RegisterPortlet? Or would execution of the SQL script be enough? Thank you! Marina --- David Sean Taylor <[EMAIL PROTECTED]> wrote: > Marina wrote: > > Hi! > > > > I'm trying to find an easy way to add new > > users/roles/groups to J2 permanently (using HSQL > DB > > for now). By that I mean that I want to persist > newly > > created objects in the DB between upgrades of J2. > > > > Currently, when you update and rebuild J2 from > CVs, > > for example, you have to run the 'maven > quickStart' > > goal, otherwise none of the web applications > > (/jetspeed, etc.) get deployed into the Tomcat. > > Unfortunately, this goal also wipes out your DB > clean > > and you have to re-create all your custom > > users/groups/roles... > > > > After going through this (painful, if you have > many > > users) exercise a few times, I decided to write my > own > > version of the populate-default-db.sql - kind of > > script. > > Ive been using the target maven nodbMinDeploy from > /portal to deploy the > basic Jetspeed portal and security portlet app > without demo apps. Note > that this goal does not populate the database. > After running nodbMinDeploy, I run my own database > scripts to populate > the database, run maven goals to customize J2 to my > components, and then > deploy my portlet app(s). > > I think I attached those scripts to another email on > this list a few > days ago. Thus I have a complete custom script for > DDL and default data. > > > > > > The problem is that I'm not sure what are > dependences > > between all tables and it was not that easy to > find > > what tables changed after you add, say, a new user > > since you don't really know which tables you > should be > > monitoring. > > > > Because of that, I have a few questions: > > > > 1. could somebody complete my list of tables that > have > > to be modified when use create custom users and > roles > > and want to tie them together? > > So far I have: > > > > to create a new role: > > PREFS_NODE > > SECURITY_PRINCIPAL > > > > to create a new user and assign the new role to > it: > > SECURITY_PRINCIPAL > > PRINCIPAL_ROLE_ASSOC > > SECURITY_USER_ROLE > > SECURITY_USER_GROUP > > > > This actually does not work - I guess I missed a > few > > tables... > > > Yes its not enough, see the email or I can post them > again. > > > > > 2. Is there a way to save a 'snapshot' of a > working DB > > with all new objects and use that in a new J2 > > installation? > > > Sure, that
Re: Security web.xml Example
I had the same problem with the 'security' web app "disappearing" after re-building J2. I've used the same approach as Ate suggested - remove security.war from jetspeed's deploy dir, let J2 undeploy it, then move it back. Worked like a charm :) Marina --- Ate Douma <[EMAIL PROTECTED]> wrote: > > > Stephen Hatfield wrote: > > Hello- > > > > I have installed J2 on Linux and all is working > properly except the > > login portlet is empty. I saw a previous post on > an addition to the > > web.xml file in security/WEB-INF. I have no files > at all in that > > directory in webapps in Tomcat (5.0.28). > Then something went wrong during deployment. > You should see numerous files there, all contained > within the security.war. > There is no need to add anything else. > > I'd suggest stopping Tomcat and removing the empty > folder. Also, remove > the security.xml from > $TOMCAT/conf/Catalina/localhost. > > Then, restart Tomcat and once Jetspeed is up and > running, move the > security.war out of the jetspeed/WEB-INF/deploy in > some temporary folder. > > After a few seconds, Jetspeed will try to undeploy > the security application. > Once that is done, you can move the security.war > back in the deploy folder, > and Jetspeed will (try to) deploy it again. > Please, check the Tomcat console carefully for error > messages. If all goes > well the security/WEB-INF shouldn't be empty now. > > > I have a question and a request. > > > > Question - what files should be in the > security/WEB-INF directory? > > > > Request - would someone please post a link to an > example web.xml file > > for security/WEB-INF? > > > > Thank you! > > Stephen Hatfield > > > > > - > > To unsubscribe, e-mail: > [EMAIL PROTECTED] > > For additional commands, e-mail: > [EMAIL PROTECTED] > > > > > > > > > > > > > - > To unsubscribe, e-mail: > [EMAIL PROTECTED] > For additional commands, e-mail: > [EMAIL PROTECTED] > > __ Do you Yahoo!? Meet the all-new My Yahoo! - Try it today! http://my.yahoo.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
users/roles/groups creation and saving
Hi! I'm trying to find an easy way to add new users/roles/groups to J2 permanently (using HSQL DB for now). By that I mean that I want to persist newly created objects in the DB between upgrades of J2. Currently, when you update and rebuild J2 from CVs, for example, you have to run the 'maven quickStart' goal, otherwise none of the web applications (/jetspeed, etc.) get deployed into the Tomcat. Unfortunately, this goal also wipes out your DB clean and you have to re-create all your custom users/groups/roles... After going through this (painful, if you have many users) exercise a few times, I decided to write my own version of the populate-default-db.sql - kind of script. The problem is that I'm not sure what are dependences between all tables and it was not that easy to find what tables changed after you add, say, a new user since you don't really know which tables you should be monitoring. Because of that, I have a few questions: 1. could somebody complete my list of tables that have to be modified when use create custom users and roles and want to tie them together? So far I have: to create a new role: PREFS_NODE SECURITY_PRINCIPAL to create a new user and assign the new role to it: SECURITY_PRINCIPAL PRINCIPAL_ROLE_ASSOC SECURITY_USER_ROLE SECURITY_USER_GROUP This actually does not work - I guess I missed a few tables... 2. Is there a way to save a 'snapshot' of a working DB with all new objects and use that in a new J2 installation? 3. if all else fails, where is the actual data for the HSQL DB stored? Maybe I could use some kind of 'diff' on it after I add a new user ... Thank you! Marina __ Do you Yahoo!? Yahoo! Mail - Find what you need with new enhanced search. http://info.mail.yahoo.com/mail_250 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: CSS and portlets
Hi, Xavier, I'm using CSS in my portlet's JSPs as following: "/> and I package all .css styles in the /css/ dir relative tot he root of the web (portlet) application Marina --- Xavier Lawrence <[EMAIL PROTECTED]> wrote: > > Hello, > > I am currently modifying an existing Struts > application so it generates > content to a portlet. > > One question that I have is that the existing > application uses custom > styles in a CSS file. Is there a way to make the > portlet use the styles in > the CSS file without copy-paste them in the JSPs ??? > > Is there a way I could customize jetspeed so it > knows about these styles ? > > Thanks in advance for any help. > > Regards > > Xavier > > -- > -=[ xlawrence at jahia dot com ]=- > Jahia : A collaborative source CMS and Portal Server > www.jahia.org Community and product web site > www.jahia.com Commercial services company > > > > - > To unsubscribe, e-mail: > [EMAIL PROTECTED] > For additional commands, e-mail: > [EMAIL PROTECTED] > > __ Do you Yahoo!? Yahoo! Mail - now with 250MB free storage. Learn more. http://info.mail.yahoo.com/mail_250 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: How to create a custom profiling rule?
Sorry to bother you all with this again... Ok, after I've done all these changes, I found a new problem as well: no links (*.link files) are displayed on either of the pages, for neither of the users. I tried placing them in the "/" and /dce-portal directory, but still nothing is displayed. Is this a problem with my new profiling rule? What determines whether links are displayed or not? Thanks! Marina --- Marina <[EMAIL PROTECTED]> wrote: > Randy, > thanks for your help. You are probably right and I > made it more complicated than what it should be. > > Basically, what I would like to have in my portal > is: > > 1. all application-specific portal pages/ docsets/ > links should be in a separate directory, say, > .../pages/dce-portal/ > > 2. users ('dce-user', 'dce-admin') with the > 'dce-user-role' should be able to see one main page, > dce-main-page.psml, and one additional page as a > tab, > dce-users-page.psml. Both .psml pages are in the > .../pages/dce-portal/ directory > > 3. a generic (non-logged in, 'guest') user should > see > the ../pages/dce-portal/dce-main-page.psml, and > nothing else > > So, to accomplish this, I have created this custom > profiling rule: > insert into PROFILING_RULE values ('dce-generic', > 'org.apache.jetspeed.profiler.rules.impl.StandardProfilingRule', > 'rule for non-logged in DCE portal users') > > insert into RULE_CRITERION values ('100', > 'dce-generic', 0, 'path', 'path', '/dce-portal', 0) > > and assigned it to the 'guest', 'dce-user' and > 'dce-admin' users. > This made all pages visible to these three users. To > restrict access to the user-specific page to the > users > with the 'dce-user-role' role, I've added the > following security constraints to the > dce-users-page.psml: > > dce-user-role > view > > > > Well, that did work. With the exception of those > problems I mentioned in my previous post (one of > them > was fixed by using #if($site.rootLinks.isEmpty()) as > David suggested) > > So, the only problem that is still left is inclusion > of the .ds sets from the '/' directory. I would > rather > like to use the ../pages/dce-portal/ as the root > directory, but my profiling rule does not seem to > accomplish this. > > I hope I'm being clear :) > > And thanks a lot for looking into this! > > Marina > > --- Randy Watler <[EMAIL PROTECTED]> wrote: > > > Marina, > > > > Using the Profiler effectively is more in my > court, > > so let's see if I can > > help here. > > > > I think there are three subjects here that need > > individual attention: > > > > 1. you probably do not need to define a new > > profiling rule... there are some > > predefined rules that you can use to achieve > > role-based profiling, > > 2. the demo site is just that and you should start > > with a clean > > WEB-INF/pages directory only adding in what you > need > > from the demo site, and > > 3. the tigris sample decorator is a good starting > > place, but most everyone > > ends up customizing and deploying their own > flavor. > > > > So, rather than trying to figure out what you have > > now, I would like to know > > what your objective is. I'll then tell you how I'd > > solve it using the M1 > > release version. We can then compare notes and > take > > it from there... ok? > > > > Randy > > > > -Original Message- > > From: Marina > > To: Jetspeed Users List > > Sent: 12/30/04 1:26 PM > > Subject: Re: How to create a custom profiling > rule? > > > > David, > > Thanks for the clarification. I did find a way to > do > > role-based profiling, basically, by restricting > > access > > to specific PSML pages by roles. > > > > I still have a few problems I was not able to > solve > > so > > far. The main one is that I still get some > elements > > from the '/' directory included into my pages, > even > > though I explicitly specified in my profiling rule > > that only elements from a specific directory > should > > be > > used. I think I made some stupid mistakes while > > creating custom profiling rules... > > > > Here is how I setup my portal's content and > created > > a > > new profiling rule using direct SQL (I don't think >
RE: How to create a custom profiling rule?
Randy, thanks for your help. You are probably right and I made it more complicated than what it should be. Basically, what I would like to have in my portal is: 1. all application-specific portal pages/ docsets/ links should be in a separate directory, say, .../pages/dce-portal/ 2. users ('dce-user', 'dce-admin') with the 'dce-user-role' should be able to see one main page, dce-main-page.psml, and one additional page as a tab, dce-users-page.psml. Both .psml pages are in the .../pages/dce-portal/ directory 3. a generic (non-logged in, 'guest') user should see the ../pages/dce-portal/dce-main-page.psml, and nothing else So, to accomplish this, I have created this custom profiling rule: insert into PROFILING_RULE values ('dce-generic', 'org.apache.jetspeed.profiler.rules.impl.StandardProfilingRule', 'rule for non-logged in DCE portal users') insert into RULE_CRITERION values ('100', 'dce-generic', 0, 'path', 'path', '/dce-portal', 0) and assigned it to the 'guest', 'dce-user' and 'dce-admin' users. This made all pages visible to these three users. To restrict access to the user-specific page to the users with the 'dce-user-role' role, I've added the following security constraints to the dce-users-page.psml: dce-user-role view Well, that did work. With the exception of those problems I mentioned in my previous post (one of them was fixed by using #if($site.rootLinks.isEmpty()) as David suggested) So, the only problem that is still left is inclusion of the .ds sets from the '/' directory. I would rather like to use the ../pages/dce-portal/ as the root directory, but my profiling rule does not seem to accomplish this. I hope I'm being clear :) And thanks a lot for looking into this! Marina --- Randy Watler <[EMAIL PROTECTED]> wrote: > Marina, > > Using the Profiler effectively is more in my court, > so let's see if I can > help here. > > I think there are three subjects here that need > individual attention: > > 1. you probably do not need to define a new > profiling rule... there are some > predefined rules that you can use to achieve > role-based profiling, > 2. the demo site is just that and you should start > with a clean > WEB-INF/pages directory only adding in what you need > from the demo site, and > 3. the tigris sample decorator is a good starting > place, but most everyone > ends up customizing and deploying their own flavor. > > So, rather than trying to figure out what you have > now, I would like to know > what your objective is. I'll then tell you how I'd > solve it using the M1 > release version. We can then compare notes and take > it from there... ok? > > Randy > > -Original Message- > From: Marina > To: Jetspeed Users List > Sent: 12/30/04 1:26 PM > Subject: Re: How to create a custom profiling rule? > > David, > Thanks for the clarification. I did find a way to do > role-based profiling, basically, by restricting > access > to specific PSML pages by roles. > > I still have a few problems I was not able to solve > so > far. The main one is that I still get some elements > from the '/' directory included into my pages, even > though I explicitly specified in my profiling rule > that only elements from a specific directory should > be > used. I think I made some stupid mistakes while > creating custom profiling rules... > > Here is how I setup my portal's content and created > a > new profiling rule using direct SQL (I don't think > it > is possible to that through the Admin portlets yet): > > 1. create new directory for my Portal content: > pages/dce-portal > place into this directory: > dce-main-page.psml > dce-user-page.psml > folder.metadata > > 2. define new role, 'dce-user-role', and assign it > to > the 'dce-user' user > > 3. define security constraints in the > folder.metadata: > 'guest' users can view all pages; > users with 'dce-user-role' role can view all pages > > > > guest > view > > > dce-user-role > view > > > > 4. define security constraints in the > dce-main-page.psml: > > > > * > view > > > > 5. define security constraints in the > dce-user-page.psml: > > > > dce-user-role > view > > > > 6. create new J2 profiling rule: 'dce-generic' rule: > rule for non-logged in DCE Portal users (by default, &
Re: How to create a custom profiling rule?
David, (#if($site.rootLinks.isEmpty()) worked just fine. I'm not sure how to submit a patch - but if you let me know I would be happy to do that. As to the docsets. Yes, removing them does solve the problem. However, I wanted to be able to have some default .ds in the root directory for generic users and use non-root .ds files from role-specific directories when users login. I was hoping that my custom profiling rule would do just that. I guess it does not, but that's Ok, I can work around that. Thanks for your help, Marina --- David Sean Taylor <[EMAIL PROTECTED]> wrote: > > Marina wrote: > > However, there are a few problems: > > 1. Empty Additional Links area is shown - even > > though there are no *.link files in the > > pages/dce-portal/ dir > > > If there are no links available then the collection > should be empty > I think what is happening is that there is a > collection on > $site.rootLinks however the collection is empty > > Instead of checking for null > > (#if($site.rootLinks) ). My guess (without > > try > > (#if($site.rootLinks.isEmpty()) > > if that works for you please send a patch > > > 2. Empty Top Pages area is shown > > same as above > > > 3. Docsets from the / root directory (*.ds > files) > > are included > > > > Recommend removing any docsets that you are not > using > As part of the build process for the J2 sites I work > on, I will either > replace the the psml directory in the spring > configuration with a new > location, or just delete out all the demo psml, ds, > etc... > > > -- > David Sean Taylor > Bluesunrise Software > [EMAIL PROTECTED] > [office] +01 707 773-4646 > [mobile] +01 707 529 9194 > > > - > To unsubscribe, e-mail: > [EMAIL PROTECTED] > For additional commands, e-mail: > [EMAIL PROTECTED] > > __ Do you Yahoo!? Jazz up your holiday email with celebrity designs. Learn more. http://celebrity.mail.yahoo.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: How to create a custom profiling rule?
David, Thanks for the clarification. I did find a way to do role-based profiling, basically, by restricting access to specific PSML pages by roles. I still have a few problems I was not able to solve so far. The main one is that I still get some elements from the '/' directory included into my pages, even though I explicitly specified in my profiling rule that only elements from a specific directory should be used. I think I made some stupid mistakes while creating custom profiling rules... Here is how I setup my portal's content and created a new profiling rule using direct SQL (I don't think it is possible to that through the Admin portlets yet): 1. create new directory for my Portal content: pages/dce-portal place into this directory: dce-main-page.psml dce-user-page.psml folder.metadata 2. define new role, 'dce-user-role', and assign it to the 'dce-user' user 3. define security constraints in the folder.metadata: guest users can view all pages; users with dce-user-role role can view all pages guest view dce-user-role view 4. define security constraints in the dce-main-page.psml: * view 5. define security constraints in the dce-user-page.psml: dce-user-role view 6. create new J2 profiling rule: dce-generic rule: rule for non-logged in DCE Portal users (by default, they are all guest users) insert into PROFILING_RULE values ('dce-generic', 'org.apache.jetspeed.profiler.rules.impl.StandardProfilingRule', 'rule for non-logged in DCE portal users') insert into RULE_CRITERION values ('100', 'dce-generic', 0, 'hard.coded', 'page', '/dce-portal/dce-main-page.psml', 0) 7. assign new rule to the 'guest' user delete from PRINCIPAL_RULE_ASSOC where principal_name = 'guest' insert into PRINCIPAL_RULE_ASSOC values ('guest', 'page', 'dce-generic') insert into PRINCIPAL_RULE_ASSOC values ('guest', 'docset', 'dce-generic') 8. do the same for the 'dce-user' user The results of all that: in general , it worked as intended. The pages/dce-portal/dce-main-page.psml is shown whenever a 'guest' user accesses it. When a user logs in with a 'dce-user-role' - he also sees the second page (tab), dce-ser-page.psml. However, there are a few problems: 1. Empty Additional Links area is shown - even though there are no *.link files in the pages/dce-portal/ dir 2. Empty Top Pages area is shown 3. Docsets from the / root directory (*.ds files) are included I also tried to modify the profiling rule this way: insert into RULE_CRITERION values ('100', 'dce-generic', 0, 'path', 'path', '/dce-portal', 0) but it produced the same results. Any idea how to avoid showing root-level elements and empty docsets in the portal page? I checked decorations\layout\html\tigris\decorator-top.vm and it seems like it does try not to show, say, 'Additional Links' label when there are no links (#if($site.rootLinks) ). My guess (without checking the actual code) would be that it is checking the links in the '/' directory, always, and then tries to display links from the real working directory (in my case - there are none). Any insight will be greatly appreciated :-) Marina --- David Sean Taylor <[EMAIL PROTECTED]> wrote: > > On Dec 29, 2004, at 9:25 AM, Marina wrote: > > > Randy, thanks a lot for your answer! > > > > Do you know if there are plans to implement > role-based > > (and group-based) profiling in the future J2 > releases? > > I would think that role-based profiling is very > > critical for real applications. > > > > You can setup the default rule to use a role-based > algorithm, or you > can assigned users to use a specific role algorithm > So its not like there isn't role-based profiling in > the system -- its > pretty well supported, but not in the manner you are > suggesting. > > > > With the default global profiling, does it mean > that > > the profiling rule assigned to '*' users is used > > UNLESS a different rule is assigned to specific > users? > > > yes > take a look at the admin profiling portlet, and the > user admin portlet > you can configure all profiling (no need to edit > the tables) via the > admin portlets although I admit its a bit difficult > without any > documentation > > > Or does it apply to all users regardless of other > > assignments? > > > > Thanks, > > Marina > > > > --- Randy Watler <[EMAIL PROTECTED]> wrote: > > > >>
RE: How to create a custom profiling rule?
Randy, thanks a lot for your answer! Do you know if there are plans to implement role-based (and group-based) profiling in the future J2 releases? I would think that role-based profiling is very critical for real applications. With the default global profiling, does it mean that the profiling rule assigned to '*' users is used UNLESS a different rule is assigned to specific users? Or does it apply to all users regardless of other assignments? Thanks, Marina --- Randy Watler <[EMAIL PROTECTED]> wrote: > Marina, > > David is the Profiler Master, so he is much more > qualified to explain its > configuration and inner workings. The source is in > components/profiler. > > See comments below... > > > It seems that profiling rules are assigned to the > >users based on the user names. > > Yes. > > > At least this is what I > >see in the PRINCIPAL_RULE_ASSOC table - I created a > >new user, 'dce_admin', and assigned a 'security' > >profiling rule to it, and the ("dce_admin", "page", > >"security") values got inserted into the > >PRINCIPAL_RULE_ASSOC table. > > Just FYI, the locator/rule name "security" has > special meaning in J2... you > might want to pick another name for your custom rule > to avoid confusion. The > "security" locator/rule is used when a user has an > expired password and must > select a new one. See details in the archives of the > dev list. > > > Now my question: how could I assign a profiling > rule > >to a rolename, not a username? > >For example, I might want all users with the > >'dce_admin_role' role to use the 'security' rule. > > We have discussed this, but it is not been > implemented yet. There is a > global default mechanism in place: if you specify a > PRINCIPAL_RULE_ASSOC > entry with a username of '*", it will be used for > all users. This feature > may not be implemented in this way in the future, > but there certainly will > be some other way to do the same thing. > > Randy > __ Do you Yahoo!? Read only the mail you want - Yahoo! Mail SpamGuard. http://promotions.yahoo.com/new_mail - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: How to create a custom profiling rule?
One more related question: It seems that profiling rules are assigned to the users based on the user names. At least this is what I see in the PRINCIPAL_RULE_ASSOC table - I created a new user, 'dce_admin', and assigned a 'security' profiling rule to it, and the ("dce_admin", "page", "security") values got inserted into the PRINCIPAL_RULE_ASSOC table. So, I assumed that the 'PRINCIPAL_NAME' in this table is in fact a username. Now my question: how could I assign a profiling rule to a rolename, not a username? For example, I might want all users with the 'dce_admin_role' role to use the 'security' rule. Thanks! Marina --- Marina <[EMAIL PROTECTED]> wrote: > Hi! > > I'm trying to create a new profiling rule for a > user. > From looking at the examples and the DB tables it > seems that all I need to do is to add new entries to > the PRINCIPAL_RULE_ASSOC and RULE_CRITERION tables. > The first table's structure and purpose are quite > clear. If I want to create a new 'dce_rule'(for both > pages and docsets) for the 'dce_admin' user I think > I > should do the following: > > insert into PRINCIPAL_RULE_ASSOC values > ('dce_admin', > page, 'dce_rule'); > insert into PRINCIPAL_RULE_ASSOC values > ('dce_admin', > docset, 'dce_rule'); > > Then, I need to add new rule criteria for the new > rule > into the RULE_CRITERION table. I looked at the > current > values there and I am not sure how they are used to > define profiling rules. More specifically, I see, > for > example, the following entries for the 'role-group' > rule: > > > 11 > role-group > 0 > role > role > > 2 > > > 12 > role-group > 1 > navigation > navigation > / > 2 > > > 13 > role-group > 2 > group > group > > 2 > > > I aslo know (thanks to Randy's explanation) that the > search paths returned by this rule are: > /_role/rolename > /_group/groupname > / > > However, I am not sure how and what fields from the > RULE_CRITERION table are used to construct these > paths. Are 'Name' or 'Value' fields used ? They are > null's for group and role request_type , but '/' > for > the navigation one. What are the 'path.session', > 'navigation', and other REQUEST_TYPEs? And where > does > FALLBACK_TYPE come into play? > > Basically, my question is: what is the meaning of > the > fields of this table and how are they used? > > Thanks! > Marina > > P.S. I think I sent this e-mail to the development > list as well - sorry about that, it was done my > mistake > > > > __ > Do you Yahoo!? > Send holiday email and support a worthy cause. Do > good. > http://celebrity.mail.yahoo.com > > - > To unsubscribe, e-mail: > [EMAIL PROTECTED] > For additional commands, e-mail: > [EMAIL PROTECTED] > > __ Do you Yahoo!? Yahoo! Mail - You care about security. So do we. http://promotions.yahoo.com/new_mail - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
How to create a custom profiling rule?
Hi! I'm trying to create a new profiling rule for a user. >From looking at the examples and the DB tables it seems that all I need to do is to add new entries to the PRINCIPAL_RULE_ASSOC and RULE_CRITERION tables. The first table's structure and purpose are quite clear. If I want to create a new 'dce_rule'(for both pages and docsets) for the 'dce_admin' user I think I should do the following: insert into PRINCIPAL_RULE_ASSOC values ('dce_admin', page, 'dce_rule'); insert into PRINCIPAL_RULE_ASSOC values ('dce_admin', docset, 'dce_rule'); Then, I need to add new rule criteria for the new rule into the RULE_CRITERION table. I looked at the current values there and I am not sure how they are used to define profiling rules. More specifically, I see, for example, the following entries for the 'role-group' rule: 11 role-group 0 role role 2 12 role-group 1 navigation navigation / 2 13 role-group 2 group group 2 I aslo know (thanks to Randy's explanation) that the search paths returned by this rule are: /_role/rolename /_group/groupname / However, I am not sure how and what fields from the RULE_CRITERION table are used to construct these paths. Are 'Name' or 'Value' fields used ? They are null's for group and role request_type , but '/' for the navigation one. What are the 'path.session', 'navigation', and other REQUEST_TYPEs? And where does FALLBACK_TYPE come into play? Basically, my question is: what is the meaning of the fields of this table and how are they used? Thanks! Marina P.S. I think I sent this e-mail to the development list as well - sorry about that, it was done my mistake __ Do you Yahoo!? Send holiday email and support a worthy cause. Do good. http://celebrity.mail.yahoo.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: errors when loging as 'jetspeed' user
David, thanks a lot for the pointers. I was able to fix the problem I was having, but I was still curious to see how user profiles are mapped to the DB structure. > I assume you are using the Hypersonic database. > If so, run the manageProd.bat or manageProd.sh > script found > in the src/database/hsql directory > > From there you can edit or reset your data with SQL > Yes, I use HSQL for now. I looked at the manageProd scripts - they invoke the HSQL DB Manager application. It is useful, but I am not completely sure which tables I should be updating... I looked at the DB tables and the most promising , in my opinion , is the 'SECURITY_CREDENTIAL' table. Is the 'value' field the one that contains passwords? I could not find a 'password' field in any other table ... Also, would setting the 'update_required' field to FALSE be enough to stop password update requests from J2? I did not try it yet, since your next suggestion worked as a quick fix, but I would like to try this approach to exempt only selective users from updating their passwords :) > > 2. how could I stop Jetspeed from requiring me to > > change the passwords all the time ? (drives me > crazy > > to remember all changed passwords :-) ) > > > > I know what you mean with the passwords, > I started just typing in the first 2 characters as > the new password. > > I don't think there's an option for turning off the > feature short of > changing the db population scripts > > A quick fix: remove the password-credential valve > completely from the > jetspeed-pipeline.xml > I assume you meant the portal/src/webapp/WEB-INF/assembly/pipelines.xml file - it did contain the Valve you described. Commenting out the passwordCredentialValve did work - no user is prompted to change his password anymore. Thanks! Marina P.S. just a side note - I use the SQLExplorer plugin for Eclipse to work with DBs directly - it seems to be much more user-friendly than the HSQL Manager :) - IMHO, of course > > class="org.apache.jetspeed.pipeline.JetspeedPipeline" > init-method="initialize" >> > > JetspeedPipeline > > > > > > > > < > REMOVE THIS > > > > > > > > > > > > - > To unsubscribe, e-mail: > [EMAIL PROTECTED] > For additional commands, e-mail: > [EMAIL PROTECTED] > > __ Do you Yahoo!? Jazz up your holiday email with celebrity designs. Learn more. http://celebrity.mail.yahoo.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: errors when loging as 'jetspeed' user
Randy, you were absolutely right - the problems I had were due to some DB inconsistency, I think. I have reinstalled Tomcat and checked out latest version of J2M1 from CVS and I had no problem logging in or changing passwords as any of the users. I was trying to understand what exactly went wrong, though, as I did not feel comfortable loosing my working J2 installation. I looked more into what I've done and I think I found the most likely reason for the problem. In brief, I was mixing DB initialization/startup procedures from the binary and CVS installs - I was running maven start.production.server with the binary install and start_database.bat after I reinstalled J2 from CVS Also, incorrect users were being used as the 'org.apache.jetspeed.services.autodeployment.user' admin' for CVS install, instead of 'j2deployer' (since I was using 'leftovers' in the build.properties file after the binary install) Basically, my guess is, that if you built J2 from a binary distribution, you should always start your Db with the start_database.bat script before starting Tomcat. And if you updated J2 from CVS, you should run 'maven quickStart' once at the build time, and then start the DB with the 'maven start.production.server' all subsequent times you start J2. I may be completely off here... Thanks for your help! Marina --- Randy Watler <[EMAIL PROTECTED]> wrote: > Marina, > > The last time I had these kinds of problems I was > using an out of date > database and/or sql files. What version of J2 are > you running? Have you > run "quickStart" recently? > > Randy > > Marina wrote: > > >Hi, > >I can't seem to login as the 'jetspeed' user > >anymore... > >First time I logged in - I was requested to change > my > >password. So, I changed it, say, from password1 to > >password2. Then I tried to login using the > password2 - > >and I was getting the following exception: > > > >javax.servlet.ServletException: Fatal error > >encountered while processing portal request: > >org.apache.jetspeed.pipeline.PipelineException: > >org.apache.jetspeed.pipeline.PipelineException: > >org.apache.jetspeed.pipeline.PipelineException: > >org.apache.jetspeed.aggregator.FailedToRenderFragmentException: > >Unable to render fragment because: > >org.apache.jetspeed.container.window.FailedToRetrievePortletWindow: > >org.apache.jetspeed.container.window.FailedToCreateWindowException: > >Error generating new PortletEntity: > >org.apache.jetspeed.components.portletentity.PortletEntityNotGeneratedException: > >Failed to retrieve Portlet Definition for > >jetspeed::TwoColumns > > > >org.apache.jetspeed.engine.JetspeedServlet.doGet(JetspeedServlet.java:234) > > > >I restarted Jetspeed, logged in as 'admin' , and > set > >password for the 'jetspeed' user back to > 'password1'. > >Then I tried to login as 'jetspeed' and neither of > the > >passwords was working anymore... > > > >Two questions: > >1. how could I cleanup the 'jetspeed' user and > reset > >its password? > >2. how could I stop Jetspeed from requiring me to > >change the passwords all the time ? (drives me > crazy > >to remember all changed passwords :-) ) > > > >Thank you! > >Marina > > > > > > > >__ > >Do you Yahoo!? > >Take Yahoo! Mail with you! Get it on your mobile > phone. > >http://mobile.yahoo.com/maildemo > > > >- > >To unsubscribe, e-mail: > [EMAIL PROTECTED] > >For additional commands, e-mail: > [EMAIL PROTECTED] > > > > > > > > - > To unsubscribe, e-mail: > [EMAIL PROTECTED] > For additional commands, e-mail: > [EMAIL PROTECTED] > > __ Do you Yahoo!? Yahoo! Mail - 250MB free storage. Do more. Manage less. http://info.mail.yahoo.com/mail_250 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: errors when loging as 'jetspeed' user
Randy, thanks for a quick reply! I'm using J2 M1 release - but I built it out of CVS a few days ago. I have just ran 'maven quickStart' (it wiped out all my custom portlets :( - but that's Ok), and tried to login as 'jetspeed'. Again, it asked me to change the password. When I typed in a new password and clicked 'Save' button I've got exactly the same error as below... It seems it is 'jetspeed' user only that has this problem - I was able to log in as other users with no problem. Thanks! Marina --- Randy Watler <[EMAIL PROTECTED]> wrote: > Marina, > > The last time I had these kinds of problems I was > using an out of date > database and/or sql files. What version of J2 are > you running? Have you > run "quickStart" recently? > > Randy > > Marina wrote: > > >Hi, > >I can't seem to login as the 'jetspeed' user > >anymore... > >First time I logged in - I was requested to change > my > >password. So, I changed it, say, from password1 to > >password2. Then I tried to login using the > password2 - > >and I was getting the following exception: > > > >javax.servlet.ServletException: Fatal error > >encountered while processing portal request: > >org.apache.jetspeed.pipeline.PipelineException: > >org.apache.jetspeed.pipeline.PipelineException: > >org.apache.jetspeed.pipeline.PipelineException: > >org.apache.jetspeed.aggregator.FailedToRenderFragmentException: > >Unable to render fragment because: > >org.apache.jetspeed.container.window.FailedToRetrievePortletWindow: > >org.apache.jetspeed.container.window.FailedToCreateWindowException: > >Error generating new PortletEntity: > >org.apache.jetspeed.components.portletentity.PortletEntityNotGeneratedException: > >Failed to retrieve Portlet Definition for > >jetspeed::TwoColumns > > > >org.apache.jetspeed.engine.JetspeedServlet.doGet(JetspeedServlet.java:234) > > > >I restarted Jetspeed, logged in as 'admin' , and > set > >password for the 'jetspeed' user back to > 'password1'. > >Then I tried to login as 'jetspeed' and neither of > the > >passwords was working anymore... > > > >Two questions: > >1. how could I cleanup the 'jetspeed' user and > reset > >its password? > >2. how could I stop Jetspeed from requiring me to > >change the passwords all the time ? (drives me > crazy > >to remember all changed passwords :-) ) > > > >Thank you! > >Marina > > > > > > > >__ > >Do you Yahoo!? > >Take Yahoo! Mail with you! Get it on your mobile > phone. > >http://mobile.yahoo.com/maildemo > > > >- > >To unsubscribe, e-mail: > [EMAIL PROTECTED] > >For additional commands, e-mail: > [EMAIL PROTECTED] > > > > > > > > - > To unsubscribe, e-mail: > [EMAIL PROTECTED] > For additional commands, e-mail: > [EMAIL PROTECTED] > > __ Do you Yahoo!? Dress up your holiday email, Hollywood style. Learn more. http://celebrity.mail.yahoo.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
errors when loging as 'jetspeed' user
Hi, I can't seem to login as the 'jetspeed' user anymore... First time I logged in - I was requested to change my password. So, I changed it, say, from password1 to password2. Then I tried to login using the password2 - and I was getting the following exception: javax.servlet.ServletException: Fatal error encountered while processing portal request: org.apache.jetspeed.pipeline.PipelineException: org.apache.jetspeed.pipeline.PipelineException: org.apache.jetspeed.pipeline.PipelineException: org.apache.jetspeed.aggregator.FailedToRenderFragmentException: Unable to render fragment because: org.apache.jetspeed.container.window.FailedToRetrievePortletWindow: org.apache.jetspeed.container.window.FailedToCreateWindowException: Error generating new PortletEntity: org.apache.jetspeed.components.portletentity.PortletEntityNotGeneratedException: Failed to retrieve Portlet Definition for jetspeed::TwoColumns org.apache.jetspeed.engine.JetspeedServlet.doGet(JetspeedServlet.java:234) I restarted Jetspeed, logged in as 'admin' , and set password for the 'jetspeed' user back to 'password1'. Then I tried to login as 'jetspeed' and neither of the passwords was working anymore... Two questions: 1. how could I cleanup the 'jetspeed' user and reset its password? 2. how could I stop Jetspeed from requiring me to change the passwords all the time ? (drives me crazy to remember all changed passwords :-) ) Thank you! Marina __ Do you Yahoo!? Take Yahoo! Mail with you! Get it on your mobile phone. http://mobile.yahoo.com/maildemo - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: J2 Profiler
Randy, Doug, I'm very happy to see the continuation of the thread - profiling and page layout is exactly what I was trying to figure out next! I followed Randy's advise and tried to investigate more the differences in the portal page layout for different users. Here are some of my notes (sorry, they are long...) - I hope you could correct me where my guesses were too wild and answer some questions: When user is not logged in, he is a guest user by default. According to the j1 profiling rule (???), pages for the guest user should be taken from the \pages\_user\guest\ directory. However, since this directory does not exist, a default fallback (is that right?) rule is used and the default pages/directories are used: \pages\default-page.psml When logged in as a user user: -- Everything from the \pages\ directory is used; stuff from the \pages\_user\user\ is used in addition to that -- user-specific content comes from the \pages\_user\user , for example, new .psml files and corresponding Tabs that are displayed for the user user only: p003.psml --> [USER 003] PSML page tab nested-layout.psml --> Nested Layout tab -- user user also has the user role (I wish the names would be somewhat different :-) ). Additional user-role-specific stuff comes from the \pages\_role\user\ directory. It has only one directory - \top-links\ , which is referenced from the \pages\_user\user\top-pages.ds file: [USER] Top Pages docset /top-links/*.* (see questions on that below) When logged in as admin user: -- you see everything that the guest user can see, but in addition, you also see the Jetspeed Administrative Portlets link under the Folders and Pages header in the left-side menu -- there is also a top-pages.ds file in the \pages\ dir that defines this: Top Pages Page haut docset /Administrative In addition, admin user also has the manager role, so the \pages\_role\manager\ dir is used for the manager-specific content: the folder.metadata determines what is included into the page. It has: Administrative My guess: this is why only a user in the manager role can see the Administrative Portlets link (is this right?) But then, the \pages\_role\manager\folder.metadata also has: Google.link p001.psml p002.psml p003.psml p004.psml but none of them (links for .link and tabs for .psml) is displayed on the page. I would guess that all pxxx.psml are not displayed simply because they do not exist in the \pages\_role\manager\ folder. What about the Google.link though? It does exist in the directory Questions: How are .ds files (docset definitions ??) and the role-specific folders (like \pages\_role\manager ) are related? Do top-pages.ds files under a \_user\username or ..\pages\ directories always reference resources in the \_role\rolename directory? Thanks a lot! Marina --- Randy Watler <[EMAIL PROTECTED]> wrote: > Doug Schnelzer wrote: > > >Randy, > > > >Thanks for the guidance. Putting the login portlet > in a plain page in the > >guest directory and protecting everything else > works well. In the future, > >it would be nice to dynamically show/hide portlets > on a page based on a > >user's role. > > > It is definitely under consideration... odds are it > will be there in M2 > if I had to guess, but others need to weigh in. > > > > >As I dig in further, can you point me in the right > direction for learning > >more about how the profiler works? Should I just > follow the Jetspeed2 > >source code? If so, can you point me at a Java > class to start with? > > > First, look and understand the examples shipped with > J2. Try logging in > as user/user and jetspeed/jetspeed. Compare what you > see with the > various content pages and other elements in the > pages directories. For > more detail, check out this document: > > http://cvs.apache.org/viewcvs.cgi/jakarta-jetspeed-2/design-docs/src/profiler/J2-page-manager-profiling.sxw > > This is an OpenOffice document. I can email you > another format if you'd > like. The source code for all of this resides in > /components/profiler > and /components/page-manager, but it is not trivial. > Feel free to ask > questions here so that others can read about the > profiler and how to > configure it! > > > > > > >Also as I browse through the WEB-INF/pages > directory structure, there seems > >to be psml files that aren't displayed (e.g. > pages/_user/user/p003.psml and > >pages/_user/user/nested-layout.psml). > > > These are simply user files for 'user', (instead of > 'guest')! Login as > user/user. > > > I'd like to learn more about how this > >works. Is the psml documentation for
Re: Jetspeed2 M1 security setup
Yes, it did work! The original SQL query did not work right away, so I looked more closely into the DB schema and guessed that I should be using the '/role' node's node_id as the 'parent_node_id' (204). That was a lucky guess and the following query worked fine: INSERT INTO PREFS_NODE VALUES(200,204,'dce-admin-role',0,'/role/dce-admin-role','2004-05-22 16:27:12.472','2004-05-22 16:27:12.472'); After that, I was able to see the new role, 'dce-admin-role', in the 'Role Management' portlet's list, and was able to assign this role to a user and see it detected correctly by PortletRequest.isUserInRole("dce-admin-role"). Thanks a lot for your help! Marina --- David Le Strat <[EMAIL PROTECTED]> wrote: > Marina, > > If you are doing this manually, you also need to set > up the role hierarchy manager. In SQL terms, this > means something like this: > > INSERT INTO PREFS_NODE > VALUES(200,196,'dce-admin-role',0,'/role/dce-admin-role','2004-05-22 > 16:27:12.472','2004-05-22 16:27:12.472'); > > You can also use the RoleManager to add the role you > want to set up. > > Regards, > > David. > > --- Marina <[EMAIL PROTECTED]> wrote: > > > Thanks, Randy, > > > > I tried adding the new role directly into the HSQL > > DB > > like this: > > INSERT INTO SECURITY_PRINCIPAL > > > VALUES(15,'org.apache.jetspeed.security.JetspeedRolePrincipalImpl',0,1,'/role/dce-admin-role','2004-12-15 > > 16:27:12.572','2004-12-15 16:27:12.572'); > > > > I ran this sql query directly on the HSQL DB, > > without > > modifying the > populate-userinfo-for-default-psml.sql > > and rebuilding J2. > > > > After I restarted J2, though, the new role is > still > > not displayed in the list of available roles in > the > > "Role Management" portlet. And asigning this role > to > > a > > user through the "User Manegement" portlet did not > > work either. > > > > Is this the only table I have to update > > ('security_principal') in order to create a new > > role, > > or are there some other related tables that I > > missed? > > > > Thanks, > > Marina > > > > --- Randy Watler <[EMAIL PROTECTED]> wrote: > > > > > Marina, > > > > > > There you have it, (thanks David). > > > > > > It is a simple matter to add users, roles, > groups, > > > etc. directly to the > > > DB in the interim. See one of the following > > scripts: > > > > > > CVS - > > src/sql/populate-userinfo-for-default-psml.sql > > > CVS - src/sql/ > > name>/populate-userinfo-for-default-psml.sql > > > M1 - > > > > > > jetspeed-database/scripts/sql/DML/populate-userinfo-for-default-psml.sql > > > M1 - jetspeed-database/scripts/sql/DML/ > > name>/populate-userinfo-for-default-psml.sql > > > > > > Randy > > > > > > David Le Strat wrote: > > > > > > >Marina, > > > > > > > >Implementation of the role management portlet > is > > > not > > > >complete. > > > > > > > >Regards, > > > > > > > >David Le Strat. > > > >--- Marina <[EMAIL PROTECTED]> wrote: > > > > > > > > > > > > > > > >>Randy, thanks a lot for your help! I was able > to > > > >>setup > > > >>a basic access control to my portlet's view > and > > > Edit > > > >>mode. > > > >>I do have more questions on the user > management > > in > > > >>J2, > > > >>though :) > > > >> > > > >>I've created a new user, dce-admin, using the > > > >>"Administrative Portlets" as 'admin' user. > This > > > >>worked > > > >>fine, and I was able to detect this user > through > > > the > > > >>PortletResponse.getUserPrincipal(). > > > >>I've also tried to create a new role, say > > > >>dce-admin-role, and assign this role to the > new > > > >>user. > > > >>This , unfortunately, did not work. I entered > > the > > > >>new > > > >>role name into the corresponding form ("Add > > Role") > > > >>of > >
Re: Jetspeed2 M1 security setup
Thanks, Randy, I tried adding the new role directly into the HSQL DB like this: INSERT INTO SECURITY_PRINCIPAL VALUES(15,'org.apache.jetspeed.security.JetspeedRolePrincipalImpl',0,1,'/role/dce-admin-role','2004-12-15 16:27:12.572','2004-12-15 16:27:12.572'); I ran this sql query directly on the HSQL DB, without modifying the populate-userinfo-for-default-psml.sql and rebuilding J2. After I restarted J2, though, the new role is still not displayed in the list of available roles in the "Role Management" portlet. And asigning this role to a user through the "User Manegement" portlet did not work either. Is this the only table I have to update ('security_principal') in order to create a new role, or are there some other related tables that I missed? Thanks, Marina --- Randy Watler <[EMAIL PROTECTED]> wrote: > Marina, > > There you have it, (thanks David). > > It is a simple matter to add users, roles, groups, > etc. directly to the > DB in the interim. See one of the following scripts: > > CVS - src/sql/populate-userinfo-for-default-psml.sql > CVS - src/sql/ name>/populate-userinfo-for-default-psml.sql > M1 - > jetspeed-database/scripts/sql/DML/populate-userinfo-for-default-psml.sql > M1 - jetspeed-database/scripts/sql/DML/ name>/populate-userinfo-for-default-psml.sql > > Randy > > David Le Strat wrote: > > >Marina, > > > >Implementation of the role management portlet is > not > >complete. > > > >Regards, > > > >David Le Strat. > >--- Marina <[EMAIL PROTECTED]> wrote: > > > > > > > >>Randy, thanks a lot for your help! I was able to > >>setup > >>a basic access control to my portlet's view and > Edit > >>mode. > >>I do have more questions on the user management in > >>J2, > >>though :) > >> > >>I've created a new user, dce-admin, using the > >>"Administrative Portlets" as 'admin' user. This > >>worked > >>fine, and I was able to detect this user through > the > >>PortletResponse.getUserPrincipal(). > >>I've also tried to create a new role, say > >>dce-admin-role, and assign this role to the new > >>user. > >>This , unfortunately, did not work. I entered the > >>new > >>role name into the corresponding form ("Add Role") > >>of > >>the "Role Management" tab, but it was never added > to > >>the list of the available roles and when I tried > to > >>assign this role to the new user I've got an error > >>from J2 complaining that this role does not exist: > >> > >>*** New Full Path: /role/dce-admin-role > >>failed to add user to role: dce-admin, > >> > >> > >> > >dce-admin-roleorg.apache.jetspeed.security.SecurityException: > > > > > >>The role does not exist. dce-admin-role > >>*** New Full Path: /role/dce-admin-role > >> > >> > >>Any idea why this is not working? > >> > >>Thanks, > >>Marina > >> > >> > >> > > > > > > - > To unsubscribe, e-mail: > [EMAIL PROTECTED] > For additional commands, e-mail: > [EMAIL PROTECTED] > > __ Do you Yahoo!? Yahoo! Mail - Helps protect you from nasty viruses. http://promotions.yahoo.com/new_mail - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Jetspeed2 M1 security setup
Randy, thanks a lot for your help! I was able to setup a basic access control to my portlet's view and Edit mode. I do have more questions on the user management in J2, though :) I've created a new user, dce-admin, using the "Administrative Portlets" as 'admin' user. This worked fine, and I was able to detect this user through the PortletResponse.getUserPrincipal(). I've also tried to create a new role, say dce-admin-role, and assign this role to the new user. This , unfortunately, did not work. I entered the new role name into the corresponding form ("Add Role") of the "Role Management" tab, but it was never added to the list of the available roles and when I tried to assign this role to the new user I've got an error from J2 complaining that this role does not exist: *** New Full Path: /role/dce-admin-role failed to add user to role: dce-admin, dce-admin-roleorg.apache.jetspeed.security.SecurityException: The role does not exist. dce-admin-role *** New Full Path: /role/dce-admin-role Any idea why this is not working? Thanks, Marina --- Randy Watler <[EMAIL PROTECTED]> wrote: > Marina, > > Thanks for using the jetspeed user list! > > Comments below. > > Randy > > >-Original Message- > >From: Marina > >To: 'Jetspeed Users List ' > >Sent: 12/6/04 5:06 PM > >Subject: RE: Jetspeed2 M1 security setup (was: > jetspeed-newbie > Roles-Groups-Users)> > > > >Hi, > > > > I've successfully built and installed J2 M1 and > was > >looking into the demo applications to figure out > how > >to setup access control for portlets/pages. > >After checking out some example portlets , like > >RoleSecurityTest and Login, and their source code, > I > >think I have some idea of how to approach the task > but > >I would like to clarify some topics. > > > >First, I'll list my assumptions and then ask > >questions: > > > >1. > >tomcat-5.0.30-j2-M1\webapps\jetspeed\WEB-INF\pages\page.security > > file specifies 'Edit'/'View' permissions for the > >default Portal's page, defined in default-page.psml > > The /page.security file defines named security > constraints that can be > referenced here or in individual page, folder meta > data, link, or document > set documents. The scope of this file is global > across the entire site. > References take the form of > , (which > appear only in /page.security), or > . > > >Thus, this part : > > > > > > admin > > view, edit > > > > > >means that only a user with the role 'admin' can > edit > >the layout of the page. > > Yes, since this fragment is referenced in a > , it applies to > all documents in the site. > > >And this fragment: > > > > > > manager > > view > > > > > >means that a user with the role 'manager' can view > the > >page. > > Yes, where used with a . > > >However, anybody can view this default page in > reality > >- even before a user logs in. You don't need any > >special privileges to access > >http://localhost:8080/jetspeed to see the page. > >My assumption is that it is because security > >constraints are "overwritten" in the > >pages/folder.metadata file (see below). > >Is that true? > > Not exactly. The override is in the > default-page.psml itself, (user=*, > permission=view). > > >What is the scope of the page.security definitions > and > >where are they used? > > See above. > > >2. each folder under /pages directory (including > >/pages itself) has a folder.metadata file where > more > > are defined for that folder. > >For example, here is pages/folder.metadata: > >. > > > > > > user > > view > > > > > >manager > > > > This should be commented out in M1. > > > > > > > > > * > > view > > > > > > > >And this is why all users can see the default page. > >(Is that true?) > > It would be the case if default-page.psml did not > override on its own. To be > exact, this allows all users to view the folder and > any content within it > that does not specify its own security constraints. > In effect, this is the > site default for global pages because it is defined > at the root leve. > > >On the other hand, here is > >pages\Administrative\folder.metadata : > > >
RE: Jetspeed2 M1 security setup (was: jetspeed-newbie Roles-Groups-Users)
Hi, I've successfully built and installed J2 M1 and was looking into the demo applications to figure out how to setup access control for portlets/pages. After checking out some example portlets , like RoleSecurityTest and Login, and their source code, I think I have some idea of how to approach the task but I would like to clarify some topics. First, I'll list my assumptions and then ask questions: 1. tomcat-5.0.30-j2-M1\webapps\jetspeed\WEB-INF\pages\page.security file specifies 'Edit'/'View' permissions for the default Portal's page, defined in default-page.psml Thus, this part : admin view, edit means that only a user with the role 'admin' can edit the layout of the page. And this fragment: manager view means that a user with the role 'manager' can view the page. However, anybody can view this default page in reality - even before a user logs in. You don't need any special privileges to access http://localhost:8080/jetspeed to see the page. My assumption is that it is because security constraints are "overwritten" in the pages/folder.metadata file (see below). Is that true? What is the scope of the page.security definitions and where are they used? 2. each folder under /pages directory (including /pages itself) has a folder.metadata file where more are defined for that folder. For example, here is pages/folder.metadata: . user view manager * view And this is why all users can see the default page. (Is that true?) On the other hand, here is pages\Administrative\folder.metadata : Jetspeed Administrative Portlets manager This folder corresponds to the "Jetspeed Administrative Portlets" menu item in the 'Folder and Pages' menu on the left side of the Portal window. However, it is displayed only when a user with the 'manager' role logged in. 3. There also are security-constraints in the .psml files themselves. For example, pages/default-page.psml has: * view 4. Also, there are defined in the portlet.xml files of individual portlets. For example: . Administrator admin Manager manager User user and corresponding are defined in the web.xml file of the portlet application: The admin role admin The manager role manager The user role user Questions: -- How do all the security declarations in #1, 2, 3 and 4 relate to each other? -- What declarations take precedence? -- what declarations are mandatory for others to work? 5. By looking at the jakarta-jetspeed-2-M1\applications\demo\src\webapp\WEB-INF\web.xml file I noticed that there were two example SSO servlets registered - SSODemoServlet and SSOBasicDemoServlet, and they were mapped to /sso-demo and /sso-basic URLs respectively. Here is how /sso-basic is protected: HTTPBasicDemo /sso-basic/* tomcat BASIC Jetspeed When I access this servlet as http://localhost:8080/demo/sso-basic I am getting a login screen that prompts me to enter username and password, as expected. The /sso-demo is not protected in the web.xml and when accessing it as http://localhost:8080/demo/sso-demo you just get an authentication error. Source code of the SSODemoServlet gives some explanation: /** * SSODemoServlet - looks for username, password in the URL for single * signon to this servlet from a SSO portlet. * Username request parameter: ssouser * Password request parameter: ssopw A few questions here: -- how can you use these servlets from your portlets if you want to utilize the Basic authentication mechanism? Should I just call RequestDispatcher.include("/demo/sso-basic")? If not - how else could I use these servlets in portlets? Or, maybe, not use servlets at all but get the Basic authentication working for portlets somehow? -- when supplying incorrect username/password for the SSOBasicDemo servlet, you get an error page in the browser and if you try to reload it it would not work and would not let you to retry login, until you start a new browser session. I checked my browser settings (both Mozilla and IE) and made sure they do not cache pages between requests - still the same problem. I'm sure it's something very simple - but what? Thanks fo rreading this till the end :) Marina __ Do you Yahoo!? Yahoo! Mail - Find what you need with new enhanced search. http://info.mail.yahoo.com/mail_250 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: jetspeed-newbie Roles-Groups-Users
Sorry, I hit "Send " button before I finished the mail :) What I meant was: I see there is some relationship between directory names under the WEB-INF/pages directory and user like: WEB-INF/pages/_role manager/ user/ WEB-INF/pages/_user user/ So, for me to create a new user, should I use the same naming convention? For example, to add a new user "scott" with the role "admin" should I create corresponding directories WEB-INF/pages/_role/admin WEB-INF/pages/_user/scott ?? And then, will the pages (.psml) in the scott/ directory be what is shown in the portal when 'scott' logs in? By the way, where is the login takes place? I tried login through the "Login" portlet - but it did not change content of the portal window accordingly (I logged in as 'user') Another question: How do you add new users programmatically? Do I have to create those new directories every time I add a new user? What if I want users to be able to register themselves, how would all this directory/files setup work? Or do I have to write my own code to insert new users into the DB (by the way, I'm assuming that's what the populate-userinfo-for-default-psml.sql does, is it?) ? Sorry, I do feel somewhat confused here. Did anybody succeed in setting up the user management in J2? It's hard to believe I'm the first one struggling with this :) Thanks a lot! Marina --- Randy Watler <[EMAIL PROTECTED]> wrote: > Marina, > > There are two different Roles/Groups/Users domains > in effect: Tomcat's > and Jetspeed's. Jetspeed has its own JAAS > login/logout that is managed > separately from the global Tomcat configuration, > (see jetspeed.xml for > the JAAS Realm definition). Configuration of > Tomcat's Realm is only > necessary for running the manager/admin application > to deploy portlet > webapps. > > I am not sure why your Tomcat security configuration > did not control > access to the Jetspeed application as a whole, (I am > not an expert there > to say the least; I've never had to use that believe > it or not). > > To use the portlet security, you'll probably need to > configure the > Jetspeed realm correctly or use the demo logins. > Like I said, I am not > sure portlet security is implemented at this time, > YMMV. See the > populate-userinfo-for-default-psml.sql script. > > For page level security, see the demo psml pages > under > jetspeed/WEB-INF/pages. No document on this stuff > yet... it is very new > and still settling in. > > I will mail a PDF version of the profiling document > to you in few minutes. > > Randy > > Marina wrote: > > >Randy, > >Thanks a lot for your response. > > > >I indeed have more specific question on the > security > >setup in J2. > >I should note right away that I apologize if these > >questions are answered in the documentation you > >mentioned - I was not able to read it as it seems > to > >be in the .sxw format (StarOffice, I think ?). Any > >idea how to convert them into some other format if > I > >don't have StarOffice readily available? > > > >Now to my questions. > >I'm trying to do a very common thing: require a > user > >to log in when he access the portal for the first > >time, and then show only those portlets that this > user > >is authorized to see, and give him only those > access > >rights to some functionality (buttons, links in > the > >portlets) that he is authorized to do. > > > >First of, I was not sure how to limit access to the > >portal as a whole - usually you do that kind of > thing > >in the web.xml descriptor of the web application. I > >guess that would be the > >$TOMCAT_HOME/webapps/jetspeed/WEB-INF/web.xml > >But then, would not it be overwritten when Jetspeed > is > >redeployed using the Maven build scripts? And what > > would I have to specify - /jetspeed/* > or > >something like that? > > > >Anyway, I decided to try to protect the main > portlet > >as the first step. In my potlet's web.xml I > specified: > > > > > > Secure EventCalendar > > > > /EventsCalendarPortlet/* > > > > GET > > POST > > > > > > dce_admin > > > > > > > >BASIC > > > > > >dce_admin > > > > > >and I have a corresponding role defined in the > >tomcat-users.xml: > > > > password="some_password" > >roles="dce_admin"/> > > > >Since I c
Re: jetspeed-newbie Roles-Groups-Users
Hi, sorry, I'm still struggling with the user management/ access control. The documentation from J2's profiler directory helped somewhat but now I have even more questions than before :) First, I looked at the jetspeed.xml - and I see --- Randy Watler <[EMAIL PROTECTED]> wrote: > Marina, > > There are two different Roles/Groups/Users domains > in effect: Tomcat's > and Jetspeed's. Jetspeed has its own JAAS > login/logout that is managed > separately from the global Tomcat configuration, > (see jetspeed.xml for > the JAAS Realm definition). Configuration of > Tomcat's Realm is only > necessary for running the manager/admin application > to deploy portlet > webapps. > > I am not sure why your Tomcat security configuration > did not control > access to the Jetspeed application as a whole, (I am > not an expert there > to say the least; I've never had to use that believe > it or not). > > To use the portlet security, you'll probably need to > configure the > Jetspeed realm correctly or use the demo logins. > Like I said, I am not > sure portlet security is implemented at this time, > YMMV. See the > populate-userinfo-for-default-psml.sql script. > > For page level security, see the demo psml pages > under > jetspeed/WEB-INF/pages. No document on this stuff > yet... it is very new > and still settling in. > > I will mail a PDF version of the profiling document > to you in few minutes. > > Randy > > Marina wrote: > > >Randy, > >Thanks a lot for your response. > > > >I indeed have more specific question on the > security > >setup in J2. > >I should note right away that I apologize if these > >questions are answered in the documentation you > >mentioned - I was not able to read it as it seems > to > >be in the .sxw format (StarOffice, I think ?). Any > >idea how to convert them into some other format if > I > >don't have StarOffice readily available? > > > >Now to my questions. > >I'm trying to do a very common thing: require a > user > >to log in when he access the portal for the first > >time, and then show only those portlets that this > user > >is authorized to see, and give him only those > access > >rights to some functionality (buttons, links in > the > >portlets) that he is authorized to do. > > > >First of, I was not sure how to limit access to the > >portal as a whole - usually you do that kind of > thing > >in the web.xml descriptor of the web application. I > >guess that would be the > >$TOMCAT_HOME/webapps/jetspeed/WEB-INF/web.xml > >But then, would not it be overwritten when Jetspeed > is > >redeployed using the Maven build scripts? And what > > would I have to specify - /jetspeed/* > or > >something like that? > > > >Anyway, I decided to try to protect the main > portlet > >as the first step. In my potlet's web.xml I > specified: > > > > > > Secure EventCalendar > > > > /EventsCalendarPortlet/* > > > > GET > > POST > > > > > > dce_admin > > > > > > > >BASIC > > > > > >dce_admin > > > > > >and I have a corresponding role defined in the > >tomcat-users.xml: > > > > password="some_password" > >roles="dce_admin"/> > > > >Since I could not find any Jetspeed-specific > >information on specifying security constraints for > >individual portlets, I just used the Portlet > >Specification as the guide and added this to the > >portlet's portlet.xml: > > > > > >dce_admin > >dce_admin > > > > > >The EventsCalendarPortlet got deployed into J2 just > >fine, but it was displayed in the portal without > >prompting me for any username/password. > > > >If you could give me any pointers as to what I'm > >missing and what would the main steps be to achieve > >what I'm trying to do it would be great! > > > >Sorry for such a long e-mail, > > > >thanks! > >Marina > > > >--- Randy Watler <[EMAIL PROTECTED]> wrote: > > > > > > > >>MP, > >> > >>I am more or less responsible for the J2 profiling > >>and security features. > >> > >>There is some documentation in the J2 design-docs > >>under the profiler > >>directory, (pull from CVS). > >> > >&g
RE: jetspeed-newbie Roles-Groups-Users
Randy, Thanks a lot for your response. I indeed have more specific question on the security setup in J2. I should note right away that I apologize if these questions are answered in the documentation you mentioned - I was not able to read it as it seems to be in the .sxw format (StarOffice, I think ?). Any idea how to convert them into some other format if I don't have StarOffice readily available? Now to my questions. I'm trying to do a very common thing: require a user to log in when he access the portal for the first time, and then show only those portlets that this user is authorized to see, and give him only those access rights to some functionality (buttons, links in the portlets) that he is authorized to do. First of, I was not sure how to limit access to the portal as a whole - usually you do that kind of thing in the web.xml descriptor of the web application. I guess that would be the $TOMCAT_HOME/webapps/jetspeed/WEB-INF/web.xml But then, would not it be overwritten when Jetspeed is redeployed using the Maven build scripts? And what would I have to specify - /jetspeed/* or something like that? Anyway, I decided to try to protect the main portlet as the first step. In my potlet's web.xml I specified: Secure EventCalendar /EventsCalendarPortlet/* GET POST dce_admin BASIC dce_admin and I have a corresponding role defined in the tomcat-users.xml: Since I could not find any Jetspeed-specific information on specifying security constraints for individual portlets, I just used the Portlet Specification as the guide and added this to the portlet's portlet.xml: dce_admin dce_admin The EventsCalendarPortlet got deployed into J2 just fine, but it was displayed in the portal without prompting me for any username/password. If you could give me any pointers as to what I'm missing and what would the main steps be to achieve what I'm trying to do it would be great! Sorry for such a long e-mail, thanks! Marina --- Randy Watler <[EMAIL PROTECTED]> wrote: > MP, > > I am more or less responsible for the J2 profiling > and security features. > > There is some documentation in the J2 design-docs > under the profiler > directory, (pull from CVS). > > Also the demo configuration for user/user, > (username=user, password=user), > uses profiling extensively to customize its view and > security to limit its > access to the admin pages/portlets. > > BTW, this functionality is page based, not portlet > based. Portlet security > constraints can be specified in the portlet.xml, but > I am not sure if they > are 100% implemented at this point. > > Feel free to send more specific J2 questions to the > list. > > HTH, > > Randy Watler > > -Original Message- > From: M P > To: Jetspeed Users List > Sent: 11/27/04 12:10 PM > Subject: Re: jetspeed-newbie Roles-Groups-Users > > Hi, David, > > The documentation you mentioned is for Jetspeed 1. > Is > it also true for Jetspeed2? If not - could you point > me to where I could find it for J2? I looked > through > all documentation on the J2 home page and Wikis and > could not find anything on how to control access to > specific portlets based on user roles/ groups. > > Thank you! > Marina > > --- David Sean Taylor <[EMAIL PROTECTED]> wrote: > > > Thilina wrote: > > > > > Hi, > > > I need to do following thing using the jetspeed, > > > > > > Creating.. > > > 3 roles - Admin, Executive, Developer > > > 2 Groups - Administration, Users > > > 100 of users - CEO,CFO,admin, aaa, bbb, ccc, > > etc > > > > > > Setting > > > Admin and Executive belongs to Administrative > > Group > > > Developer belongs to Users Group > > > > > > CEO and CFO are Executive Roles > > > admin user is belongs to Admin role > > > aaa, bbb, ccc, etc belongs to Developer role > > > > > > Users group only have rights to view the > > information. > > > Admin role have all the control except viewing > > some confidential > > > information such as Banking and Finance > > information. Only CEO and CFO > > > have rights to access those information. > > > > > > Admin could lock and unlock account except CEO > and > > CFO. > > > > > > Is this kind of activity achieve using jetspeed > > 1.5? > > > > > Yes. > > To see the User Admin, go here: > > > > http://.bluesunrise.com/jetspeed > > > > login as user = admin,