geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joe Bohn <joe.b...@earthlink.net>
Subject Re: [jira] Assigned: (GERONIMO-3855) PortletSecurityException in Plugins portlet
Date Wed, 20 Feb 2008 01:51:03 GMT
Yes, I think this is a good short-term solution (as I mentioned below). 
  However I think we still need a longer term solution since it appears 
that pluto is building on a new base.

Are you planning to pull in additional fixes or are you building the 
same level of Pluto that I built earlier?  ...  I'm not sure if they 
even applied any additional maintenance to the old trunk before they 
created the tag ... have you checked?

Joe


Jay D. McHugh wrote:
> Hey Joe (and everyone else),
> 
> I took a look at both the trunk and 1.1.* branches of Pluto and they 
> have not (or at least -appear- to have not) gotten around to 
> implementing the same 'secure portlet page' functionality that was in 
> 1.0.x.
> 
> But, I tried a suggestion that was on one of the Pluto mailing list of 
> simply commenting out the throwing of the exception (the only thing that 
> the setSecure() method does is throw an exception saying that setSecure 
> is not implemented).
> 
> In my testing, the https protocol is being carried along to the 
> successive pages though - so until Pluto does implement (or we submit a 
> patch for) secure portlet pages - It seems to me that we at least need a 
> functioning console.  Once Pluto trunk or a release begins supporting 
> secure portlet pages - then we can get back onto an unmodified copy.
> 
> I am in the middle of running through a full build with tests before 
> committing a new pinned version of Pluto.
> 
> Does anyone have any other thoughts before I do my commit?
> 
> Jay
> 
> 
> Joe Bohn wrote:
>> Hi Jay,
>>
>> Do you have a fix in mind for this issue?  I had started to look into 
>> it.  Here's what I discovered so far:
>>
>> 1)  Pluto has essentially dropped the 1.2 release.  This was formerly 
>> their trunk.  It has now been saved to a tag in favor of a new trunk 
>> that is the merger of the 286 portlet work and the 1.1.* base.  I do 
>> not know if this code base has the necessary infrastructure (ie. 
>> spring based portal driver) that we require for the pluggable console.
>>
>> 2) The new Pluto trunk (2.0-SNAPSHOT) is substantially different 
>> primarily because of the inclusion of the JSR-286 work.  A quick 
>> attempt to just replace the pluto version in our build resulted in 
>> some build failures in Geronimo.
>>
>> 3) The issue we are hitting with the PortletSecurityException was 
>> discussed on the pluto dev list here: 
>> http://www.nabble.com/Pluto-1.1.2-vs-1.1.4-td14194243.html
>>
>>    So, one possible fix would be to make some of the changes 
>> recommended in on the pluto dev thread above in our private build. 
>> However, this now concerns me because it means that we are continuing 
>> to build on a base that it seems Pluto has recently abandoned.
>>    The other alternative would be to attempt to move to 2.0-SNAPSHOT 
>> or 1.1.5-SNAPSHOT assuming we can work out any challenges these 
>> releases bring, they have the necessary fix for the 
>> PortletSecurityException, and they contain the necessary portal driver 
>> structure for our pluggable console support.  This is certainly not a 
>> quick fix but gets us on a more stable base.
>>
>> Joe
>>
>>
>>
>> Jay D. McHugh (JIRA) wrote:
>>>      [ 
>>> https://issues.apache.org/jira/browse/GERONIMO-3855?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel

>>> ]
>>>
>>> Jay D. McHugh reassigned GERONIMO-3855:
>>> ---------------------------------------
>>>
>>>     Assignee: Jay D. McHugh
>>>
>>>> PortletSecurityException in Plugins portlet
>>>> -------------------------------------------
>>>>
>>>>                 Key: GERONIMO-3855
>>>>                 URL: 
>>>> https://issues.apache.org/jira/browse/GERONIMO-3855
>>>>             Project: Geronimo
>>>>          Issue Type: Bug
>>>>      Security Level: public(Regular issues)          Components: 
>>>> console
>>>>    Affects Versions: 2.1
>>>>            Reporter: Paul McMahan
>>>>            Assignee: Jay D. McHugh
>>>>
>>>> Cannot take any actions in the Plugins portlet.
>>>> Recreate:
>>>> Go to the Plugins portlet in the admin console
>>>> Click any action-- "Update Repository List" or "Add Repository" or 
>>>> "Export a Plugin" or "Assemble a Server"
>>>> Note the exception:
>>>> javax.servlet.ServletException: 
>>>> javax.portlet.PortletSecurityException: No Supported
>>>>     
>>>> org.apache.pluto.driver.PortalDriverServlet.doGet(PortalDriverServlet.java:116)

>>>>
>>>>     
>>>> org.apache.pluto.driver.PortalDriverServlet.doPost(PortalDriverServlet.java:158)

>>>>
>>>>     javax.servlet.http.HttpServlet.service(HttpServlet.java:713)
>>>>     javax.servlet.http.HttpServlet.service(HttpServlet.java:806)
>>>> root cause
>>>> javax.portlet.PortletSecurityException: No Supported
>>>>     
>>>> org.apache.pluto.driver.services.container.PortletURLProviderImpl.setSecure(PortletURLProviderImpl.java:67)

>>>>
>>>>     
>>>> org.apache.pluto.core.PortletContainerImpl.doAction(PortletContainerImpl.java:261)

>>>>
>>>>     
>>>> org.apache.pluto.driver.PortalDriverServlet.doGet(PortalDriverServlet.java:112)

>>>>
>>>>     
>>>> org.apache.pluto.driver.PortalDriverServlet.doPost(PortalDriverServlet.java:158)

>>>>
>>>>     javax.servlet.http.HttpServlet.service(HttpServlet.java:713)
>>>>     javax.servlet.http.HttpServlet.service(HttpServlet.java:806)
>>>
>>
> 
> 


Mime
View raw message