Re: [Zope] Resolving ConflictError
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 29 Jan 2007, at 22:30, John Ziniti wrote: I've recently encountered my first ConflictError. I am hosting multiple sites in this ZODB, and each of them is using a LDAPLoginAdapter as an acl_users: You are aware that this product has been deprecated and superceded by the LDAPUserFolder product in October 2001, right? That's about 5 1/2 years ago. jens -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (Darwin) iD8DBQFFvnLsRAx5nvEhZLIRAq9XAKC6U3sffqT5u0UEnI4hIRK5o5VxNACgu7xg CpOU4lE+B1/o4QihkP7vJYA= =2F8Z -END PGP SIGNATURE- ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
[Zope] Resolving ConflictError
I've recently encountered my first ConflictError. I am hosting multiple sites in this ZODB, and each of them is using a LDAPLoginAdapter as an acl_users: Traceback (innermost last): Module Zope2.App.startup, line 167, in zpublisher_exception_hook Module ZPublisher.Publish, line 120, in publish Module Zope2.App.startup, line 233, in commit Module transaction._manager, line 84, in commit Module transaction._transaction, line 381, in commit Module transaction._transaction, line 379, in commit Module transaction._transaction, line 424, in _commitResources Module ZODB.Connection, line 462, in commit Module ZODB.Connection, line 495, in _commit ConflictError: database conflict error (oid 0x013b3f, class Products.LDAPLoginAdapter.LDAPLoginAdapter.LDAPLoginAdapter) Once this error started occurring on one of the acl_users, I've now seen it on several of them. The websites are still useable, as this error only occurs several times per day, out of ~100s of requests. Searching on google, however, doesn't really give me too much insight into figuring out what my next step is. I'd obviously like to figure out what code is causing the ConflictError, and how I can get rid of it and/or fix the code that is causing it. I've read enough from google searching to familiarize myself with the fs* tools (fsrefs, fsdump), but I'm not sure where to go from there. Thanks in advance, John Ziniti ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
[Zope] single sign-on
I have installed Plone with openSUSE 10.2 (working). I have also installed LDAPUserFolder and LDAPMultiPlugins (working). The default installation of Plone is located in "/var/opt/zope/default". I have loaded mod_proxy, mod_proxy_http, mod_rewrite and mod_headers. I have also compiled and load mod_ntlml. I tested mod_ntlm on just an ordinary directory that contained an "index.html" and it worked fine. Mod_ntlm asked for username and password, which authenticated. I set internet explorer to "automatic logon with current username and password" and i was able to get to the web page without typing a username and password. This is my conf, but this does not work. ServerName openSUSE ServerSignature On RewriteEngine On AuthName "Active Directory Domain" AuthType NTLM NTLMAuth on NTLMAuthoritative on NTLMDomain domain NTLMServer ads require valid-user RequestHeader set REMOTE_USER %{REMOTE_USER}e RewriteRule ^/(.*) \ http://localhost:8080/VirtualHostBase/http/%{HTTP_HOST}:80/VirtualHostRoot/hechtburdeshaw/$1 \ [L,P,E= REMOTE_USER:%{LA-U:REMOTE_USER}] Any suggestions _ From predictions to trailers, check out the MSN Entertainment Guide to the Academy Awards® http://movies.msn.com/movies/oscars2007/?icid=ncoscartagline1 ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
RE: [Zope] zope replication
I use ZRS ... I can't report much since it seems to have worked fairly transparently so far (A good thing!). 1 Master + 1 Slave ... When one of the boxes goes down for a reboot/maintenance, service is uninterrupted, since it supports a 99% read web site, I haven't had to work too hard on read/write performance optimization ... We also use a combination of heartbeat + drbd (http://www.drbd.org/) for some filesystem based replication ... Our PostgreSQL server is made highly available that way. In retrospect, I could possibly make the ZEO server highly available that way I think ... I can't say much about the drbd setup since I haven't worked on it. Our corporate IT team takes care of that for me. I take care of our ZRS setup however. J.F. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of patrimith Sent: January 29, 2007 12:18 PM To: zope@zope.org Subject: [Zope] zope replication Has anybody out there had any experience replicating (for the purpose of failover) zope databases, using Zope Replication Services or anything else? Is anyone familiar with the heartbeat, fake or ultramonkey tools? I'm just starting to look at these now and wanted to see what the experience of others was. I assume this is fairly common with Zope and Plone installations. Thanks, Patrick Smith (posting for Brett Kennedy) http://www.caseware.com -- View this message in context: http://www.nabble.com/zope-replication-tf3137117.html#a8693534 Sent from the Zope - General mailing list archive at Nabble.com. ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev ) ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
[Zope] RE: Is there any way to turn off the publishing of externalmethods to the web in Zope?
Mark, Jonathan (Integic) wrote: > > As many of us know, BDFL Guido doesn't seem to think much of Zope. He > allegedly feels that Zope forces one to learn Zope instead of Python. > There is some truth to that. My goal is to leverage Zope's ZMI and CMS > features while doing as much work as possible in Python and Python > scripts. > > I thus object philosophically to ZPT and DTML and hope to avoid them in my > product, which should be released on Zope.org to a probably indifferent > Zope world some time later this year. I can use Cheetah as an external > method with Python scripts, instead of ZPT and DTML. > Why do you object philosophically to them? DTML is nasty, I would agree, but I've yet to find a web templating language that works as well in practice as ZPT in terms of separating design and presentation (especially when combined with Zope 3 views; and possibly moving in the direction of something like Pushpage by Tres). I guess it comes down to taste. I found Cheetah horrendously ugly, aesthetically speaking. > My attempt to use Chris's Twiddler templating tool as an external method > instead of Cheetah ran into a problem which I am sure was my fault, > although Twiddler worked great from my Zope instance's Python command > line. I didn't feel like figuring out what my mistake was. The Path of > Least Resistance was to use Cheetah, and I believe that there is great > wisdom in the Path of Least Resistance. Deviate from that path only to > travel on the Path of Greater Wisdom. Twiddler and Cheetah appear equally > wise, so PLR said go with Cheetah. > > I want as much as possible of my Zope 2.10 blogging product (working name, > Aristede, for which I own the Aristede.com domain name) to be visible in > Python scripts and folder properties. External methods should be only a > wrapper to Cheetah and to other Python modules that can't be imported into > Python Scripts. > I'm not sure if this is constructive, but it seems to me that you are trying to use Zope in a way that, at best, people are actively moving away from, or at worst, it wasn't really designed to be used. In particular, it seems strange to me to want to have pyscripts that explicitly call Cheetah templates, and to make extensive use of external methods (why not just use products and filesystem code in custom objects that represent your data model?). Also note that if all you really need is a blog, there are probably existing solutions you could use and build on rather than have to create your own. In truth, you may be interested to learn more about Zope 3 and even grok. They are different ways of programming, but more "pythonic" and very powerful. I can recommend Philipp von Weitershausen's Zope 3 book (http://worldcookery.com) (disclaimer: I helped proof read it), if you want to learn something new and exciting. > My paranoid nature is due to a fear of creating my own product and finding > out that I have left a security hole. By using Eval in my external method > I can avoid coupling the external method which calls Cheetah to the list > of properties which I send Cheetah, and reduce the amount of code which I > need to do it. But Eval is super dangerous to use. It is a trade-off > between code simplicity and security. > > Hence my desire to make certain that no one can pass from inside a URL > parameters which are later Eval'd to my external method. > Eval sounds like a really nasty hack (isn't it always?). You'll probably find it hell to debug as well... I would assume it's possible to write some first-class object in Zope that could act similarly to DTML or ZPT objects but do the rendering using Cheetah, if you really want to use that. Martin -- View this message in context: http://www.nabble.com/Is-there-any-way-to-turn-off-the-publishing-of-external-methods-to-the-web-in-Zope--tf3122776.html#a8693535 Sent from the Zope - General mailing list archive at Nabble.com. ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
[Zope] zope replication
Has anybody out there had any experience replicating (for the purpose of failover) zope databases, using Zope Replication Services or anything else? Is anyone familiar with the heartbeat, fake or ultramonkey tools? I’m just starting to look at these now and wanted to see what the experience of others was. I assume this is fairly common with Zope and Plone installations. Thanks, Patrick Smith (posting for Brett Kennedy) http://www.caseware.com -- View this message in context: http://www.nabble.com/zope-replication-tf3137117.html#a8693534 Sent from the Zope - General mailing list archive at Nabble.com. ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
RE: [Zope] Is there any way to turn off the publishing of externalmethods to the web in Zope?
"""Excuse me for saying, but this is all slightly nuts. Is there some reason you're being so (overly) paranoid? Chris""" I don't know Zope well, even though I have been using Chris's excellent Squishdot product for three years at Goodbyejim.com. Chris has moved on to other Zope activities and has not upgraded Squishdot since 2001. That is a blessing in disguise, because it is time to write my own Zope 2.10 blogging product that relies on Web 2.0 concepts of using third parties and web standards (Haloscan, Atom, CSS ZenGarden, Cheetah templating) to provide what was built in to Squishdot. As many of us know, BDFL Guido doesn't seem to think much of Zope. He allegedly feels that Zope forces one to learn Zope instead of Python. There is some truth to that. My goal is to leverage Zope's ZMI and CMS features while doing as much work as possible in Python and Python scripts. I thus object philosophically to ZPT and DTML and hope to avoid them in my product, which should be released on Zope.org to a probably indifferent Zope world some time later this year. I can use Cheetah as an external method with Python scripts, instead of ZPT and DTML. My attempt to use Chris's Twiddler templating tool as an external method instead of Cheetah ran into a problem which I am sure was my fault, although Twiddler worked great from my Zope instance's Python command line. I didn't feel like figuring out what my mistake was. The Path of Least Resistance was to use Cheetah, and I believe that there is great wisdom in the Path of Least Resistance. Deviate from that path only to travel on the Path of Greater Wisdom. Twiddler and Cheetah appear equally wise, so PLR said go with Cheetah. I want as much as possible of my Zope 2.10 blogging product (working name, Aristede, for which I own the Aristede.com domain name) to be visible in Python scripts and folder properties. External methods should be only a wrapper to Cheetah and to other Python modules that can't be imported into Python Scripts. My paranoid nature is due to a fear of creating my own product and finding out that I have left a security hole. By using Eval in my external method I can avoid coupling the external method which calls Cheetah to the list of properties which I send Cheetah, and reduce the amount of code which I need to do it. But Eval is super dangerous to use. It is a trade-off between code simplicity and security. Hence my desire to make certain that no one can pass from inside a URL parameters which are later Eval'd to my external method. I accept Chris's assurance that the Proxy tab in the ZMI is robust. And that if someone is able to crack it I could get Zope developers to fix it. That is sufficient for a blog application. It may not be sufficient for a medical records or a banking application, but I am not writing one of those. Therefore I will use the ZMI to restrict my external method to authenticated users. I will use the ZMI to proxy-as-authenticated the Python Script which calls the external user. That will be sufficient. ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] Client Disconnected
On Mon, Jan 29, 2007 at 11:25:20AM -0500, Brian Brinegar wrote: > Occasionally a client in our ZEO setup will lose it's connection to the > ZEO Server. I suspect some user is trying to commit something that is > taking excessively long, perhaps uploading a very large file. > > Anyway, when a client is disconnected should it not try to reconnect? > The min-disconnect-poll and max-disconnect-poll are set to the default. > > It seems that the clients NEVER reconnect until Zope is restarted. Any > suggestions on how to automate this? Sounds like it might be the old "firewall decided to drop your connection without letting you know" problem. http://aspn.activestate.com/ASPN/Mail/Message/zope-list/2916870 -- Paul Winkler http://www.slinkp.com ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
[Zope] Client Disconnected
Occasionally a client in our ZEO setup will lose it's connection to the ZEO Server. I suspect some user is trying to commit something that is taking excessively long, perhaps uploading a very large file. Anyway, when a client is disconnected should it not try to reconnect? The min-disconnect-poll and max-disconnect-poll are set to the default. It seems that the clients NEVER reconnect until Zope is restarted. Any suggestions on how to automate this? -- Brian Brinegar Web Systems Developer Engineering Computer Network ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] Is there any way to turn off the publishing of externalmethods to the web in Zope?
Mark, Jonathan (Integic) wrote: I will add the URL test. In addition, I will pass a long symettric 64 bit key to the external method as a parameter, and require the external method to confirm that the correct key was passed. Since only I have access to my file system and to my ZMI this is sufficient. Excuse me for saying, but this is all slightly nuts. Is there some reason you're being so (overly) paranoid? Chris -- Simplistix - Content Management, Zope & Python Consulting - http://www.simplistix.co.uk ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] Is there any way to turn off the publishing of externalmethods to the web in Zope?
Mark, Jonathan (Integic) wrote: Using a proxy role on the calling Python Script worked. My guess is that a clever hacker could call the Python Script continually and then create a race condition that would permit him to call the External Method Why would calling a python script continuously set up a race condition? However, for now Proxy is sufficient. Thanks. If you can find a security hole, it'd be addressed pretty fast... Chris -- Simplistix - Content Management, Zope & Python Consulting - http://www.simplistix.co.uk ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] Is there any way to turn off the publishing of externalmethods to the web in Zope?
Jonathan wrote: if string.find(self.REQUEST['ACTUAL_URL'], 'ExtMethodName') != -1: return self.REQUEST.RESPONSE.redirect('BadUserURL') This is a pretty weak and silly way of going about this... Chris -- Simplistix - Content Management, Zope & Python Consulting - http://www.simplistix.co.uk ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )