incubator-graffito-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christophe Lombart <christophe.lomb...@gmail.com>
Subject Re: Graffito build for Jetspeed-2 M4-SNAPSHOT
Date Thu, 06 Oct 2005 20:02:01 GMT
Hi Randy,

Please send me all the code, scripts, ... for this integration (if possible)
and than I will try to fix thoses issues.
If you want, you can create a new Jira issue.
What is the difference between M3 and M4 in point of view security ? Are
there some changes in the permission management ?

Christophe


On 10/6/05, Randy Watler <watler@wispertel.net> wrote:
>
> Christophe,
>
> I neglected to tell you earlier that this patch does indeed work. Thanks
> again.
>
> Just FYI, the change did appear to break some of the tests:
>
> [junit] Running
> org.apache.portals.graffito.security.impl.AllFilesTestRdbmsPolicy
> [junit] Tests run: 1, Failures: 0, Errors: 1, Time elapsed: 1.912 sec
> [junit] [ERROR] TEST
> org.apache.portals.graffito.security.impl.AllFilesTestRdbmsPolicy FAILED
> [junit] Running org.apache.portals.graffito.security.impl.TestRdbmsPolicy
> [junit] Tests run: 3, Failures: 0, Errors: 3, Time elapsed: 2.221 sec
> [junit] [ERROR] TEST
> org.apache.portals.graffito.security.impl.TestRdbmsPolicy FAILED
> [junit] Running org.apache.portals.graffito.security.impl.TestPermissions
> [junit] Tests run: 2, Failures: 0, Errors: 2, Time elapsed: 2.018 sec
> [junit] [ERROR] TEST
> org.apache.portals.graffito.security.impl.TestPermissions FAILED
> [junit] Running
> org.apache.portals.graffito.security.impl.AllPermissionTestRdbmsPolicy
> [junit] Tests run: 1, Failures: 0, Errors: 1, Time elapsed: 1.786 sec
> [junit] [ERROR] TEST
> org.apache.portals.graffito.security.impl.AllPermissionTestRdbmsPolicy
> FAILED
>
> Do you want me to attempt to fix these or do you want to handle it?
>
> Randy
>
> Randy Watler wrote:
>
> > Christophe,
> >
> > Cool. I will test it tomorrow sometime. Thanks for the quick fix!
> >
> > Randy
> >
> > Christophe Lombart wrote:
> >
> >> Randy,
> >>
> >> I just commit a patch for this issue. Can you check if it is ok on M4.
> >> it was a regression due to my last object model refactoring. Sorry to
> >> use a lot of your time for that. Before testing it, don't forget to
> >> make a db clean-up.
> >>
> >> The permission tab page in the edit mode needs to be review. eg. it is
> >> not possible to edit an existing permission.
> >>
> >> Kind regard,
> >> Christophe
> >>
> >>
> >> On 9/28/05, Christophe Lombart <christophe.lombart@gmail.com> wrote:
> >>
> >>
> >>> Of course, you are welcome to commit directly into the Graffito.
> >>>
> >>> Thanks,
> >>> Christophe
> >>>
> >>> On 9/28/05, Randy Watler <watler@wispertel.net> wrote:
> >>>
> >>>> Christophe,
> >>>>
> >>>> I assumed that M3 would have the same issue, so it is reassuring to
> >>>> hear
> >>>> that it does indeed.
> >>>>
> >>>> I am not sure how you want to encorporate my modifications. I have a
> >>>> small fix in the J2 maven plugin and
> >>>> quite a few patches for the graffito source tree. David seemed to
> >>>> indicate that we could allow me to commit to the
> >>>> graffito project, (I am already a J2 committer as you know).
> >>>> Otherwise,
> >>>> I could send you a few patch files.
> >>>>
> >>>> I plan on fully integrating Graffito into J2, so perhaps we can just
> >>>> skip this step alltogether. Your call.
> >>>>
> >>>> Randy
> >>>>
> >>>> Christophe Lombart wrote:
> >>>>
> >>>>
> >>>>> Randy,
> >>>>>
> >>>>> Same issue on M3. As you explained in your mail,
> >>>>> org.apache.portals.graffito.security.impl.CmsPermissionImpl is not
> >>>>> set
> >>>>> into the DB (in SECURITY_PERMISSION). If you replace the wrong value
> >>>>> by this classname, it will be better.
> >>>>>
> >>>>> I have more time now. So, I can try to fix this issue. Can give
me
> an
> >>>>> access to your M4 deployment stuff ? Do you plan to add it in the
> >>>>> Graffito project or directly into J2 ?
> >>>>>
> >>>>> Thanks,
> >>>>> Christophe
> >>>>>
> >>>>>
> >>>>>
> >>>>> On 9/27/05, Christophe Lombart <christophe.lombart@gmail.com>
wrote:
> >>>>>
> >>>>>
> >>>>>
> >>>>>> On 9/26/05, Randy Watler <watler@wispertel.net> wrote:
> >>>>>>
> >>>>>>
> >>>>>>
> >>>>>>> Christophe Lombart wrote:
> >>>>>>>
> >>>>>>>
> >>>>>>>
> >>>>>>>
> >>>>>>>> Maybe it is a regression. Are you using the subproject
> >>>>>>>> 'jetspeed2-deploy' to deploy into J2 ? See in this subproject,
> >>>>>>>> there
> >>>>>>>> are some xml file uses to deploy the application.
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>> Yes, I am using this project to deploy, albeit modified
for M4.
> >>>>>>>
> >>>>>>>
> >>>>>>>
> >>>>>>>
> >>>>>>>> Let me know if you need help. I don't know if I can
access to
> your
> >>>>>>>> modifications somewhere.
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>> Here is the deal:
> >>>>>>>
> >>>>>>> The Graffito Browser is adding these objects to the RdbmsPolicy
> >>>>>>> store:
> >>>>>>>
> >>>>>>> org.apache.portals.graffito.model.pemission.impl.CmsPermissionImpl
> >>>>>>>
> >>>>>>> While these appear to be correctly specified and stored
by the
> >>>>>>> browser,
> >>>>>>> the Graffito
> >>>>>>> security implementation is creating permission instances
of this
> >>>>>>> class
> >>>>>>> type and
> >>>>>>> sending these to the AccessController.checkPermission():
> >>>>>>>
> >>>>>>> org.apache.portals.graffito.security.impl.CmsPermissionImpl
> >>>>>>>
> >>>>>>> See
> >>>>>>>
> components/src/java/org/apache/portals/graffito/security/impl/GraffitoAction.java.
> >>>>>>>
> >>>>>>> Unless I am missing something, the new permissions will
not be
> >>>>>>> seen by
> >>>>>>> java security because the class types do not match. Of course,
> >>>>>>> the initial
> >>>>>>> setup/deploy has permissions granted to /role/admin using
the
> >>>>>>> org.apache.portals.graffito.security.impl.CmsPermissionImpl
> >>>>>>> class and
> >>>>>>> these work as expected.
> >>>>>>>
> >>>>>>> Did I miss some configuration that tells the Graffito Browser
to
> >>>>>>> use the
> >>>>>>> security vs. model implementations?
> >>>>>>>
> >>>>>>>
> >>>>>>>
> >>>>>> no
> >>>>>>
> >>>>>>
> >>>>>>
> >>>>>>
> >>>>>>> Am I missing some nuance of java
> >>>>>>> security that would allow the model implementations to be
read?
> >>>>>>>
> >>>>>>>
> >>>>>>>
> >>>>>>>
> >>>>>> No (following my limited knowledge of JAAS)
> >>>>>> Tomorow, I will review the code.
> >>>>>> What's the behavior with J2 M3 ?
> >>>>>>
> >>>>>>
> >>>>>>
> >>>>>>
> >>>>>
> >>>>>
> >>>>>
> >>>>
> >>>>
> >>
> >>
> >>
> >>
> >
> >
> >
> >
>
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message