chemistry-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Florentine, George" <George.Florent...@flatironssolutions.com>
Subject RE: cookie support in 0.4.0
Date Fri, 08 Jul 2011 15:59:11 GMT
Yeah, I saw posts around the problems with NTLM. The environment I'm using doesn't support
Basic authentication so for now I'm stuck with NTLM. I'll see if I can get Basic authentication
to work... For now we're not doing any content upload so I hope that NTLM will be ok. We've
done a fair amount of testing and we've seen some issues with NTLM - the OpenCMIS code isn't
always sending authentication creds and since it's not honoring the cookie requests sent by
SP I suspect we may have some issues down the road.

thx,

g
---


George Florentine
 
VP, Engineering
 
+1 (303) 542-2173  |  Office
+1 (303) 669-8628  |  Cell 
+1 (303) 544-0522  |  Fax
 
george.florentine@flatironssolutions.com
 
http://www.flatironssolutions.com
 









-----Original Message-----
From: Florian Müller [mailto:florian.mueller@alfresco.com] 
Sent: Friday, July 08, 2011 9:52 AM
To: Florentine, George
Cc: dev@chemistry.apache.org
Subject: Re: cookie support in 0.4.0

George,

First of all, run away from NTLM if you can! Sooner or later you will encounter intermittent
problems with content upload (createDocument and setContentStream). NTLM and content streaming
are not quite compatible.

Your modification could be the reason for your cookie issue. You are setting up the WebLogic
CookieManager and then forcing the usage of a Sun HttpURLConnection. I have no idea if those
two work together. I would expect some class loading issues.


- Florian


On 08/07/2011 16:02, Florentine, George wrote:
> Florian, thx for the quick reply! Yeah, I saw an e-mail thread where you chatted about
per-session cookie management coming in 0.5.0. For my particular app, the existing cookie
management would be sufficient. I'm familiar with the HttpUtils class and it's interesting
that you mentioned that because it gives me another clue to look at. I was going to post this
in a separate thread but I'll mention it here since it relates to this discussion.
> 
> We're deploying our mid-tier code under WebLogic 10.3 and in that environment, the default
OpenCMIS code in HttpUtils has problems when we try to use NTLM authentication. The code works
ok under Tomcat but under WL some class provided by WL overrides the NTLM authentication class
and it doesn't get loaded (the standard authenticator class ends up getting loaded even though
we specify to use the NTLM authenticator in the parameters we set when we create the CMIS
session). To get around that we made a modification to the OpenCMIS code in HttpUtils to use
a Sun provided HttpHandler. I wonder if this change may be breaking cookie support in some
way?
> 
> Specifically, in the HttpUtils class, the 0.4.0 code base has this line of code (line
89):
> 
>       HttpURLConnection conn = (HttpURLConnection) (new URL(url.toString())).openConnection();
> 
> I changed this to use a specific Http handler:
> 
>              HttpURLConnection conn = (HttpURLConnection) (new URL(null,url.toString(),new
sun.net.www.protocol.http.Handler())).openConnection();
> 
> Perhaps the sun http handler is causing the behavior I'm seeing?
> 
> Thought?
> 
> thx,
> 
> g
> ---
> 
> 
> George Florentine
>   
> VP, Engineering
>   
> +1 (303) 542-2173  |  Office
> +1 (303) 669-8628  |  Cell
> +1 (303) 544-0522  |  Fax
>   
> george.florentine@flatironssolutions.com
>   
> http://www.flatironssolutions.com
>   
> 
> 
> 
> 
> 
> 
> 
> 
> 
> -----Original Message-----
> From: Florian Müller [mailto:florian.mueller@alfresco.com]
> Sent: Friday, July 08, 2011 8:29 AM
> To: Florentine, George
> Cc: dev@chemistry.apache.org
> Subject: Re: cookie support in 0.4.0
> 
> George,
> 
> OpenCMIS relies on the cookie handling that is provided by Java. There is no specific
OpenCMIS code that deals with cookies.
> HttpURLConnections should get hold of the CookieManager from the CookieHandler and then
use it.
> 
> There are some disadvantages to this approach. For example, all sessions share the same
set of cookies and the CookieManager is shared across all connections in the JVM.
> A smarter, session based cookie handling is on the list for 0.5.0 (and I have a good
chunk of the code already done).
> 
> The best place for debugging is probably org.apache.chemistry.opencmis.client.bindings.spi.atompub.HttpUtils
in the chemistry-opencmis-client-bindings package.
> The invoke() method handles the HTTP connections for the AtomPub binding.
> 
> 
> - Florian
> 
> 
> On 08/07/2011 14:51, Florentine, George wrote:
>> Florian, the HTTP Set-Cookie message coming back from SP looks like this:
>>
>> Set-Cookie: WSS_KeepSessionAuthenticated={e5a6caaf-581c-4c26-aa12-0489087b7ec1};
path=/
>>
>> Looks ok to me... Can you point me at the place in OpenCMIS where cookies are set?
I can look at that code in the debugger and see what's going on.  Maybe I've got some setup
in my environment that is preventing the CookieManager class and the OpenCMIS code from playing
nice with each other...
>>
>> thx,
>>
>> g
>> ---
>>
>>
>> George Florentine
>>
>> VP, Engineering
>>
>> +1 (303) 542-2173  |  Office
>> +1 (303) 669-8628  |  Cell
>> +1 (303) 544-0522  |  Fax
>>
>> george.florentine@flatironssolutions.com
>>
>> http://www.flatironssolutions.com
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>> -----Original Message-----
>> From: Florian Müller [mailto:florian.mueller@alfresco.com]
>> Sent: Friday, July 08, 2011 2:47 AM
>> To: Florentine, George
>> Cc: dev@chemistry.apache.org
>> Subject: Re: cookie support in 0.4.0
>>
>> Hi George,
>>
>> I haven't tested SharePoint but it works fine with other repositories.
>> The path might be the cause the problem. What is the value of the path
>> attribute?
>>
>> - Florian
>>
>>
>>
>> On 06/07/2011 18:55, Florentine, George wrote:
>>> I'm building an application that uses the OpenCMIS client to talk to
>>> SharePoint 2010. I'd like to turn on cookie support so I inserted code
>>> to create a CookieManager as described in
>>> http://chemistry.apache.org/java/how-to/how-to-connect.html. When I use
>>> Wireshark to look at traffic between my app and SharePoint I see SP
>>> setting what looks like a reasonable cookie (it does have a path
>>> attribute set) but in subsequent calls, the OpenCMIS code does not send
>>> the cookie back.
>>>
>>> I see a post (https://issues.apache.org/jira/browse/CMIS-366) that
>>> indicates that this works in 0.4.0 but it doesn't seem to be working for
>>> me.
>>>
>>> Any insights?
>>>
>>> thx,
>>>
>>> g
>>>
>>> ---
>>>
>>> email_Graphic_noTag
>>>
>>> 	
>>>
>>> *George Florentine***
>>>
>>> 	
>>>
>>> /VP, Engineering///
>>>
>>> 	
>>>
>>> *+1 (303) 542-2173 | Office***
>>>
>>> *+1 (303) 669-8628 | Cell ***
>>>
>>> *+1 (303) 544-0522 | Fax***
>>>
>>> 	
>>>
>>> george.florentine@flatironssolutions.com
>>> <mailto:george.florentine@flatironssolutions.com>
>>>
>>> 	
>>>
>>> http://www.flatironssolutions.com<http://www.flatironssolutions.com/>
>>>
>>> 	
>>>
>>> 			
>>>
>>
> 


Mime
View raw message