Updating our private copy as a stop-gap sounds like a good solution for
now. +1
-Donald
Jay D. McHugh wrote:
> Hey Joe (and everyone else),
>
> I took a look at both the trunk and 1.1.* branches of Pluto and they
> have not (or at least -appear- to have not) gotten around to
> implementing the same 'secure portlet page' functionality that was in
> 1.0.x.
>
> But, I tried a suggestion that was on one of the Pluto mailing list of
> simply commenting out the throwing of the exception (the only thing that
> the setSecure() method does is throw an exception saying that setSecure
> is not implemented).
>
> In my testing, the https protocol is being carried along to the
> successive pages though - so until Pluto does implement (or we submit a
> patch for) secure portlet pages - It seems to me that we at least need a
> functioning console. Once Pluto trunk or a release begins supporting
> secure portlet pages - then we can get back onto an unmodified copy.
>
> I am in the middle of running through a full build with tests before
> committing a new pinned version of Pluto.
>
> Does anyone have any other thoughts before I do my commit?
>
> Jay
>
>
> Joe Bohn wrote:
>> Hi Jay,
>>
>> Do you have a fix in mind for this issue? I had started to look into
>> it. Here's what I discovered so far:
>>
>> 1) Pluto has essentially dropped the 1.2 release. This was formerly
>> their trunk. It has now been saved to a tag in favor of a new trunk
>> that is the merger of the 286 portlet work and the 1.1.* base. I do
>> not know if this code base has the necessary infrastructure (ie.
>> spring based portal driver) that we require for the pluggable console.
>>
>> 2) The new Pluto trunk (2.0-SNAPSHOT) is substantially different
>> primarily because of the inclusion of the JSR-286 work. A quick
>> attempt to just replace the pluto version in our build resulted in
>> some build failures in Geronimo.
>>
>> 3) The issue we are hitting with the PortletSecurityException was
>> discussed on the pluto dev list here:
>> http://www.nabble.com/Pluto-1.1.2-vs-1.1.4-td14194243.html
>>
>> So, one possible fix would be to make some of the changes
>> recommended in on the pluto dev thread above in our private build.
>> However, this now concerns me because it means that we are continuing
>> to build on a base that it seems Pluto has recently abandoned.
>> The other alternative would be to attempt to move to 2.0-SNAPSHOT
>> or 1.1.5-SNAPSHOT assuming we can work out any challenges these
>> releases bring, they have the necessary fix for the
>> PortletSecurityException, and they contain the necessary portal driver
>> structure for our pluggable console support. This is certainly not a
>> quick fix but gets us on a more stable base.
>>
>> Joe
>>
>>
>>
>> Jay D. McHugh (JIRA) wrote:
>>> [
>>> https://issues.apache.org/jira/browse/GERONIMO-3855?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
>>> ]
>>>
>>> Jay D. McHugh reassigned GERONIMO-3855:
>>> ---------------------------------------
>>>
>>> Assignee: Jay D. McHugh
>>>
>>>> PortletSecurityException in Plugins portlet
>>>> -------------------------------------------
>>>>
>>>> Key: GERONIMO-3855
>>>> URL:
>>>> https://issues.apache.org/jira/browse/GERONIMO-3855
>>>> Project: Geronimo
>>>> Issue Type: Bug
>>>> Security Level: public(Regular issues) Components:
>>>> console
>>>> Affects Versions: 2.1
>>>> Reporter: Paul McMahan
>>>> Assignee: Jay D. McHugh
>>>>
>>>> Cannot take any actions in the Plugins portlet.
>>>> Recreate:
>>>> Go to the Plugins portlet in the admin console
>>>> Click any action-- "Update Repository List" or "Add Repository" or
>>>> "Export a Plugin" or "Assemble a Server"
>>>> Note the exception:
>>>> javax.servlet.ServletException:
>>>> javax.portlet.PortletSecurityException: No Supported
>>>>
>>>> org.apache.pluto.driver.PortalDriverServlet.doGet(PortalDriverServlet.java:116)
>>>>
>>>>
>>>> org.apache.pluto.driver.PortalDriverServlet.doPost(PortalDriverServlet.java:158)
>>>>
>>>> javax.servlet.http.HttpServlet.service(HttpServlet.java:713)
>>>> javax.servlet.http.HttpServlet.service(HttpServlet.java:806)
>>>> root cause
>>>> javax.portlet.PortletSecurityException: No Supported
>>>>
>>>> org.apache.pluto.driver.services.container.PortletURLProviderImpl.setSecure(PortletURLProviderImpl.java:67)
>>>>
>>>>
>>>> org.apache.pluto.core.PortletContainerImpl.doAction(PortletContainerImpl.java:261)
>>>>
>>>>
>>>> org.apache.pluto.driver.PortalDriverServlet.doGet(PortalDriverServlet.java:112)
>>>>
>>>>
>>>> org.apache.pluto.driver.PortalDriverServlet.doPost(PortalDriverServlet.java:158)
>>>>
>>>> javax.servlet.http.HttpServlet.service(HttpServlet.java:713)
>>>> javax.servlet.http.HttpServlet.service(HttpServlet.java:806)
>>>
>>
>
>
|