[jira] Assigned: (SLING-1758) [explorer] refer to child node instead of sub-node
[ https://issues.apache.org/jira/browse/SLING-1758?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Clemens Wyss reassigned SLING-1758: --- Assignee: Clemens Wyss [explorer] refer to child node instead of sub-node -- Key: SLING-1758 URL: https://issues.apache.org/jira/browse/SLING-1758 Project: Sling Issue Type: Bug Components: Extensions Reporter: Justin Edelson Assignee: Clemens Wyss -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
[jira] Updated: (SLING-1740) Sling Explorer - Displaying/showing server side errors
[ https://issues.apache.org/jira/browse/SLING-1740?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Mike Müller updated SLING-1740: --- Fix Version/s: Sling Explorer 1.0.0 Sling Explorer - Displaying/showing server side errors -- Key: SLING-1740 URL: https://issues.apache.org/jira/browse/SLING-1740 Project: Sling Issue Type: Improvement Components: Extensions Reporter: Clemens Wyss Assignee: Mike Müller Priority: Minor Fix For: Sling Explorer 1.0.0 Attachments: sling-1740-2.patch Almost all operation of Sling Explorer are performed through Ajax. So far any error that occurred was ignored. This patch makes 'em visible through displaying errors in a modal pop-up-dialog. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
[jira] Updated: (SLING-1760) Sling Explorer add property doesn't respect encoding
[ https://issues.apache.org/jira/browse/SLING-1760?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Mike Müller updated SLING-1760: --- Fix Version/s: Sling Explorer 1.0.0 Affects Version/s: (was: Sling Explorer 1.0.0) Sling Explorer add property doesn't respect encoding -- Key: SLING-1760 URL: https://issues.apache.org/jira/browse/SLING-1760 Project: Sling Issue Type: Bug Components: Extensions Reporter: Julian Sedding Fix For: Sling Explorer 1.0.0 Attachments: explorer.js.patch Setting a string property with non-ascii characters garbles the value (e.g. strüng) due to missing UTF-8 encoding. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
[jira] Updated: (SLING-1759) [explorer] logo shouldn't refer to incubator.apache.org
[ https://issues.apache.org/jira/browse/SLING-1759?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Mike Müller updated SLING-1759: --- Fix Version/s: Sling Explorer 1.0.0 [explorer] logo shouldn't refer to incubator.apache.org --- Key: SLING-1759 URL: https://issues.apache.org/jira/browse/SLING-1759 Project: Sling Issue Type: Improvement Components: Extensions Reporter: Justin Edelson Priority: Trivial Fix For: Sling Explorer 1.0.0 -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
[jira] Updated: (SLING-1757) [explorer] can't select root node
[ https://issues.apache.org/jira/browse/SLING-1757?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Mike Müller updated SLING-1757: --- Fix Version/s: Sling Explorer 1.0.0 [explorer] can't select root node - Key: SLING-1757 URL: https://issues.apache.org/jira/browse/SLING-1757 Project: Sling Issue Type: Bug Components: Extensions Reporter: Justin Edelson Priority: Critical Fix For: Sling Explorer 1.0.0 this makes it impossible (AFAICT) to create a new child directly under the root node -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
[jira] Assigned: (SLING-1757) [explorer] can't select root node
[ https://issues.apache.org/jira/browse/SLING-1757?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Clemens Wyss reassigned SLING-1757: --- Assignee: Clemens Wyss [explorer] can't select root node - Key: SLING-1757 URL: https://issues.apache.org/jira/browse/SLING-1757 Project: Sling Issue Type: Bug Components: Extensions Reporter: Justin Edelson Assignee: Clemens Wyss Priority: Critical Fix For: Sling Explorer 1.0.0 this makes it impossible (AFAICT) to create a new child directly under the root node -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
[jira] Assigned: (SLING-1759) [explorer] logo shouldn't refer to incubator.apache.org
[ https://issues.apache.org/jira/browse/SLING-1759?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Clemens Wyss reassigned SLING-1759: --- Assignee: Clemens Wyss [explorer] logo shouldn't refer to incubator.apache.org --- Key: SLING-1759 URL: https://issues.apache.org/jira/browse/SLING-1759 Project: Sling Issue Type: Improvement Components: Extensions Reporter: Justin Edelson Assignee: Clemens Wyss Priority: Trivial Fix For: Sling Explorer 1.0.0 -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
[jira] Resolved: (SLING-1740) Sling Explorer - Displaying/showing server side errors
[ https://issues.apache.org/jira/browse/SLING-1740?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Mike Müller resolved SLING-1740. Resolution: Fixed Commited in r996444 Sling Explorer - Displaying/showing server side errors -- Key: SLING-1740 URL: https://issues.apache.org/jira/browse/SLING-1740 Project: Sling Issue Type: Improvement Components: Extensions Reporter: Clemens Wyss Assignee: Mike Müller Priority: Minor Fix For: Sling Explorer 1.0.0 Attachments: sling-1740-2.patch Almost all operation of Sling Explorer are performed through Ajax. So far any error that occurred was ignored. This patch makes 'em visible through displaying errors in a modal pop-up-dialog. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
[jira] Created: (SLING-1764) Sling Explorer login in IE shows an error
Sling Explorer login in IE shows an error - Key: SLING-1764 URL: https://issues.apache.org/jira/browse/SLING-1764 Project: Sling Issue Type: Bug Reporter: Mike Müller Fix For: Sling Explorer 1.0.0 -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
[jira] Created: (SLING-1765) Problems with authentication if basic auth was used before opening Sling Explorer
Problems with authentication if basic auth was used before opening Sling Explorer - Key: SLING-1765 URL: https://issues.apache.org/jira/browse/SLING-1765 Project: Sling Issue Type: Bug Reporter: Mike Müller Priority: Minor Fix For: Sling Explorer 1.0.0 If you login to /system/console and then go back to /.explorer.html the explorer shows that you're logged in, which is not the case. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
[jira] Commented: (SLING-1623) Update some third party dependencies in the launchpad builder list
[ https://issues.apache.org/jira/browse/SLING-1623?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=12908705#action_12908705 ] Felix Meschberger commented on SLING-1623: -- Updated to Configuration Admin 1.2.8 in Rev. 996481 Update some third party dependencies in the launchpad builder list -- Key: SLING-1623 URL: https://issues.apache.org/jira/browse/SLING-1623 Project: Sling Issue Type: Improvement Components: Launchpad Affects Versions: Launchpad Builder 6 Reporter: Felix Meschberger Assignee: Felix Meschberger Fix For: Launchpad Builder 6 As discussed on the list, some third party bundles might be updated in the launchpad builder list: commons-lang: 2.5 groovy-all: 1.7.4 org.apache.felix.webconsole: 3.0.1-SNAPSHOT (targeting upcoming 3.0.2 release) org.apache.felix.webconsole.plugins.memoryusage: 1.0.1-SNAPSHOT (targeting upcoming 1.0.2 release) org.apache.felix.bundlerepository: 1.6.0 org.apache.felix.eventadmin: 1.2.2 org.apache.felix.scr: 1.4.1-SNAPSHOT (targetting upcoming 1.4.2 release) -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
[jira] Created: (SLING-1766) Calling the SlingMainServlet during startup may cause NullPointerException
Calling the SlingMainServlet during startup may cause NullPointerException -- Key: SLING-1766 URL: https://issues.apache.org/jira/browse/SLING-1766 Project: Sling Issue Type: Bug Components: Engine Affects Versions: Engine 2.1.0 Reporter: Felix Meschberger Assignee: Felix Meschberger Fix For: Engine 2.1.2 If during startup the Sling Main Servlet is called, a NullPointerException might be thrown as follows: 10.09.2010 21:25:37.936 *ERROR* [127.0.0.1 [1284146737935] GET /login.html HTTP/1.1] org.apache.sling.engine.impl.SlingMainServlet service: Uncaught Problem handling the request java.lang.NullPointerException at org.apache.sling.engine.impl.SlingHttpServletResponseImpl.flushBuffer(SlingHttpServletResponseImpl.java:131) at org.apache.sling.engine.impl.DefaultErrorHandler.sendError(DefaultErrorHandler.java:161) at org.apache.sling.engine.impl.DefaultErrorHandler.handleError(DefaultErrorHandler.java:79) at org.apache.sling.engine.impl.SlingRequestProcessorImpl.handleError(SlingRequestProcessorImpl.java:318) at org.apache.sling.engine.impl.SlingRequestProcessorImpl.processRequest(SlingRequestProcessorImpl.java:200) at org.apache.sling.engine.impl.SlingMainServlet.service(SlingMainServlet.java:174) ... The reason for this problem is, that the SlingRequestProcessorImpl.processRequest checks for the presence of services required for request processing. If these services are not available, an exception is thrown which is handled in the catch clause. This catch clause uses the Sling request and response object to send the response using the Sling error handling infrastructure. Unfortunately these objects have not been fully prepared at this time and thus a precondition for sending response data is missing in the Sling response. The fix is to use the servlet container error handling infrastructure instead. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
RE: svn commit: r995891 - /sling/trunk/launchpad/builder/src/main/bundles/list.xml
Am 10.09.2010 19:36, schrieb jus...@apache.org: Author: justin Date: Fri Sep 10 17:36:40 2010 New Revision: 995891 URL: http://svn.apache.org/viewvc?rev=995891view=rev Log: SLING-1730 - adding jquery explorer to launchpad bundle list. need to discuss whether this stays in for the sling 6 release. personally, I hope it does I am not sure, whether we really discussed this to the end. But I, too, would be very pleased to have this in Sling 6. Regards Felix I would like to cut a 1.0.0 Sling Explorer release for the Sling 6, and yes I also would be very pleased to have it in Sling 6. What's the estimated timing for the Sling 6 release? best regards mike Modified: sling/trunk/launchpad/builder/src/main/bundles/list.xml Modified: sling/trunk/launchpad/builder/src/main/bundles/list.xml URL: http://svn.apache.org/viewvc/sling/trunk/launchpad/builder/src /main/bundles/list.xml?rev=995891r1=995890r2=995891view=diff == --- sling/trunk/launchpad/builder/src/main/bundles/list.xml (original) +++ sling/trunk/launchpad/builder/src/main/bundles/list.xml Fri Sep 10 17:36:40 2010 @@ -239,6 +239,11 @@ artifactIdorg.apache.sling.extensions.groovy/artifactId version1.0.0-SNAPSHOT/version /bundle +bundle +groupIdorg.apache.sling/groupId +artifactIdorg.apache.sling.extensions.explorer/artifactId +version0.9.0-SNAPSHOT/version +/bundle /startLevel startLevel level=10
[jira] Commented: (SLING-1737) Add state management for resources
[ https://issues.apache.org/jira/browse/SLING-1737?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=12908730#action_12908730 ] Pontus Amberg commented on SLING-1737: -- Is the randomly failing test testSemiRandomInstall in org.apache.sling.osgi.installer.it.BundleInstallStressTest? Add state management for resources -- Key: SLING-1737 URL: https://issues.apache.org/jira/browse/SLING-1737 Project: Sling Issue Type: Improvement Components: Installer Affects Versions: OSGi Installer 3.0.0 Reporter: Carsten Ziegeler Assignee: Carsten Ziegeler Fix For: OSGi Installer 3.0.0 Currently there is no state management, so it is hard to tell if a resource has been installed, should be installed, uninstalled etc. In some situations this leads to endless loops where something is tried over and over again - although nothing needs to be done anymore or can't be done. If we add proper state management to the resources, the installer knows what needs to be done and can act accordingly -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
[jira] Commented: (SLING-1737) Add state management for resources
[ https://issues.apache.org/jira/browse/SLING-1737?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=12908734#action_12908734 ] Carsten Ziegeler commented on SLING-1737: - No, with all the latest changes this one is passing fine on my machine - but very rarely the testBundleStatePreserved test (org.apache.sling.osgi.installer.it.BundleStatePreservedTest) fails now for me Add state management for resources -- Key: SLING-1737 URL: https://issues.apache.org/jira/browse/SLING-1737 Project: Sling Issue Type: Improvement Components: Installer Affects Versions: OSGi Installer 3.0.0 Reporter: Carsten Ziegeler Assignee: Carsten Ziegeler Fix For: OSGi Installer 3.0.0 Currently there is no state management, so it is hard to tell if a resource has been installed, should be installed, uninstalled etc. In some situations this leads to endless loops where something is tried over and over again - although nothing needs to be done anymore or can't be done. If we add proper state management to the resources, the installer knows what needs to be done and can act accordingly -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
Re: svn commit: r995891 - /sling/trunk/launchpad/builder/src/main/bundles/list.xml
On Mon, Sep 13, 2010 at 11:43 AM, Felix Meschberger fmesc...@gmail.com wrote: Am 10.09.2010 19:36, schrieb jus...@apache.org: SLING-1730 - adding jquery explorer to launchpad bundle list. need to discuss whether this stays in for the sling 6 release. personally, I hope it does I am not sure, whether we really discussed this to the end. But I, too, would be very pleased to have this in Sling 6. Same here. The risk is null anyway, even if the explorer is not perfect I don't think it can break anything. -Bertrand
Re: svn commit: r995891 - /sling/trunk/launchpad/builder/src/main/bundles/list.xml
Hi, Am 13.09.2010 13:31, schrieb Mike Müller: Am 10.09.2010 19:36, schrieb jus...@apache.org: Author: justin Date: Fri Sep 10 17:36:40 2010 New Revision: 995891 URL: http://svn.apache.org/viewvc?rev=995891view=rev Log: SLING-1730 - adding jquery explorer to launchpad bundle list. need to discuss whether this stays in for the sling 6 release. personally, I hope it does I am not sure, whether we really discussed this to the end. But I, too, would be very pleased to have this in Sling 6. As it stands, I would estimate towards the end of September. The big blocks we still have to get releases for are scripting and servlets (I am working on the second one of them). Then we will probably have a nother block of releases to fix issues which have been discovered since their last release. Regards Felix Regards Felix I would like to cut a 1.0.0 Sling Explorer release for the Sling 6, and yes I also would be very pleased to have it in Sling 6. What's the estimated timing for the Sling 6 release? best regards mike Modified: sling/trunk/launchpad/builder/src/main/bundles/list.xml Modified: sling/trunk/launchpad/builder/src/main/bundles/list.xml URL: http://svn.apache.org/viewvc/sling/trunk/launchpad/builder/src /main/bundles/list.xml?rev=995891r1=995890r2=995891view=diff == --- sling/trunk/launchpad/builder/src/main/bundles/list.xml (original) +++ sling/trunk/launchpad/builder/src/main/bundles/list.xml Fri Sep 10 17:36:40 2010 @@ -239,6 +239,11 @@ artifactIdorg.apache.sling.extensions.groovy/artifactId version1.0.0-SNAPSHOT/version /bundle +bundle +groupIdorg.apache.sling/groupId +artifactIdorg.apache.sling.extensions.explorer/artifactId +version0.9.0-SNAPSHOT/version +/bundle /startLevel startLevel level=10
[jira] Updated: (SLING-1761) JcrPropertyResource sets incorrect content length for strings containing non-ascii character
[ https://issues.apache.org/jira/browse/SLING-1761?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Carsten Ziegeler updated SLING-1761: Fix Version/s: JCR Resource 2.0.8 Sounds to me like an easy fix, we might want to include into the 2.0.8 release JcrPropertyResource sets incorrect content length for strings containing non-ascii character Key: SLING-1761 URL: https://issues.apache.org/jira/browse/SLING-1761 Project: Sling Issue Type: Bug Components: JCR Affects Versions: JCR Resource 2.0.6 Reporter: Julian Sedding Fix For: JCR Resource 2.0.8 Attachments: SLING-1761-tests.patch, SLING-1761.patch JcrPropertyResource sets the content length of the property in its metadata. To do so, it uses javax.jcr.Property#getLength() to determine the content length. The documentation for javax.jcr.Property#getLength() states [...] Returns the length in bytes if the value is a PropertyType.BINARY, otherwise it returns the number of characters needed to display the value in its string form. [...]. The documentation in ResourceMetadata is not explicit, but from its usage in StreamRendererServlet I conclude that ResourceMetadata.getContentLength() is intended for use in the Content-Length HTTP header. If my assumptions are correct, the content length indicates the number of bytes in the string, while javax.jcr.Property#getLength() returns the number of characters. The effect of this can be observed by the following steps: * create a string property /utf8string with value Bär * access this property using a browser (e.g. http://localhost:/utf8string), so that the property gets rendered by the StreamRendererServlet = the string is rendered incorrectly (due to a missing Content-Type header) = the string is cut off (due to the incorrectly set Content-Length header) -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
[jira] Commented: (SLING-1765) Problems with authentication if basic auth was used before opening Sling Explorer
[ https://issues.apache.org/jira/browse/SLING-1765?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=12908775#action_12908775 ] Mike Müller commented on SLING-1765: In this case switching off HTTP Basic auth should really considered as default. What confuses me a bit is that, even if I can't see credentials be existent in the HTTP header (after clicking logout), Sling Explorer still shows admin as logged in. But either before nor after logout the admin seems to be really logged in into JCR. Problems with authentication if basic auth was used before opening Sling Explorer - Key: SLING-1765 URL: https://issues.apache.org/jira/browse/SLING-1765 Project: Sling Issue Type: Bug Reporter: Mike Müller Priority: Minor Fix For: Sling Explorer 1.0.0 If you login to /system/console and then go back to /.explorer.html the explorer shows that you're logged in, which is not the case. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
Re: svn commit: r995891 - /sling/trunk/launchpad/builder/src/main/bundles/list.xml
On 9/13/10 5:43 AM, Felix Meschberger wrote: Hi, Am 10.09.2010 19:36, schrieb jus...@apache.org: Author: justin Date: Fri Sep 10 17:36:40 2010 New Revision: 995891 URL: http://svn.apache.org/viewvc?rev=995891view=rev Log: SLING-1730 - adding jquery explorer to launchpad bundle list. need to discuss whether this stays in for the sling 6 release. personally, I hope it does I am not sure, whether we really discussed this to the end. But I, too, would be very pleased to have this in Sling 6. Regards Felix I mostly just wanted to get it in launchpad now to get some more eyes on it. We can always remove it later (but I would prefer we didn't have to do that). Justin Modified: sling/trunk/launchpad/builder/src/main/bundles/list.xml Modified: sling/trunk/launchpad/builder/src/main/bundles/list.xml URL: http://svn.apache.org/viewvc/sling/trunk/launchpad/builder/src/main/bundles/list.xml?rev=995891r1=995890r2=995891view=diff == --- sling/trunk/launchpad/builder/src/main/bundles/list.xml (original) +++ sling/trunk/launchpad/builder/src/main/bundles/list.xml Fri Sep 10 17:36:40 2010 @@ -239,6 +239,11 @@ artifactIdorg.apache.sling.extensions.groovy/artifactId version1.0.0-SNAPSHOT/version /bundle +bundle +groupIdorg.apache.sling/groupId +artifactIdorg.apache.sling.extensions.explorer/artifactId +version0.9.0-SNAPSHOT/version +/bundle /startLevel startLevel level=10
[jira] Commented: (SLING-1765) Problems with authentication if basic auth was used before opening Sling Explorer
[ https://issues.apache.org/jira/browse/SLING-1765?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=12908776#action_12908776 ] Justin Edelson commented on SLING-1765: --- I'm confused... how is this a bug? You authenticated and the explorer says you are logged in. That sounds like a good thing. Problems with authentication if basic auth was used before opening Sling Explorer - Key: SLING-1765 URL: https://issues.apache.org/jira/browse/SLING-1765 Project: Sling Issue Type: Bug Reporter: Mike Müller Priority: Minor Fix For: Sling Explorer 1.0.0 If you login to /system/console and then go back to /.explorer.html the explorer shows that you're logged in, which is not the case. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
[jira] Commented: (SLING-1765) Problems with authentication if basic auth was used before opening Sling Explorer
[ https://issues.apache.org/jira/browse/SLING-1765?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=12908780#action_12908780 ] Mike Müller commented on SLING-1765: @Justin: not quite right: you login /system/console (basic auth) go back to .explorer, the Sling Explorer says you are logged in, but you have no rights to do anything than read... after logout it remains the same. Problems with authentication if basic auth was used before opening Sling Explorer - Key: SLING-1765 URL: https://issues.apache.org/jira/browse/SLING-1765 Project: Sling Issue Type: Bug Reporter: Mike Müller Priority: Minor Fix For: Sling Explorer 1.0.0 If you login to /system/console and then go back to /.explorer.html the explorer shows that you're logged in, which is not the case. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
[jira] Assigned: (SLING-1765) Problems with authentication if basic auth was used before opening Sling Explorer
[ https://issues.apache.org/jira/browse/SLING-1765?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Felix Meschberger reassigned SLING-1765: Assignee: Felix Meschberger Problems with authentication if basic auth was used before opening Sling Explorer - Key: SLING-1765 URL: https://issues.apache.org/jira/browse/SLING-1765 Project: Sling Issue Type: Bug Reporter: Mike Müller Assignee: Felix Meschberger Priority: Minor Fix For: Sling Explorer 1.0.0 If you login to /system/console and then go back to /.explorer.html the explorer shows that you're logged in, which is not the case. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
[jira] Commented: (SLING-1765) Problems with authentication if basic auth was used before opening Sling Explorer
[ https://issues.apache.org/jira/browse/SLING-1765?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=12908788#action_12908788 ] Felix Meschberger commented on SLING-1765: -- I think we are hitting two issues; (1) It is not readily expected to be logged in to the Sling Application if you have been logged into the Web Console (2) The explorer declaring the user logged in but not granting rights I think we can solve the first issue by switching HTTP Basic Authentication completely off, instead of leaving it on just in case credentials are presented. I will have to see what's exactly going on for #2, though. Thus taking over thie issue for further inspection. Problems with authentication if basic auth was used before opening Sling Explorer - Key: SLING-1765 URL: https://issues.apache.org/jira/browse/SLING-1765 Project: Sling Issue Type: Bug Reporter: Mike Müller Assignee: Felix Meschberger Priority: Minor Fix For: Sling Explorer 1.0.0 If you login to /system/console and then go back to /.explorer.html the explorer shows that you're logged in, which is not the case. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
[jira] Resolved: (SLING-1762) Improve security of form auth handler cookies
[ https://issues.apache.org/jira/browse/SLING-1762?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Felix Meschberger resolved SLING-1762. -- Resolution: Fixed Implemented support for HttpOnly cookies in Rev. 996543 Improve security of form auth handler cookies - Key: SLING-1762 URL: https://issues.apache.org/jira/browse/SLING-1762 Project: Sling Issue Type: Improvement Components: Authentication Affects Versions: Form Based Authentication 1.0.0 Reporter: Felix Meschberger Assignee: Felix Meschberger Fix For: Form Based Authentication 1.0.2 There is a nice feature of Cookie support in browsers today, which prevents cookies from being accessed in client side Javascript: HttpOnly. This makes using cookies almost as save as HTTP Basic Authentication from the POV of accessing the data from client-side JavaScript. The cookie(s) produced by the Form Authentication Handler should be protected using this attribute. The drawback is, that the Set-Cookie response header must be created manually because the Servlet API Cookie class up to and including 2.5 does not support setting this attribute (Servlet API 3.0 Cookie supports it, but we don't support Servlet API 3.0) See http://www.owasp.org/index.php/HttpOnly for full details and http://www.browserscope.org/?category=security for up to date browser support information. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
Re: [jira] Resolved: (SLING-1752) post-login redirect doesn't include context path
This is perhaps a minor semantic point, but this parameter really shouldn't be called resource if it contains the servlet context path. It might be too late to change it now, but perhaps this is worthy of a comment someplace (although I'm not sure where). Justin On 9/13/10 6:13 AM, Felix Meschberger (JIRA) wrote: [ https://issues.apache.org/jira/browse/SLING-1752?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Felix Meschberger resolved SLING-1752. -- Fix Version/s: Form Based Authentication 1.0.2 Auth Core 1.0.4 Resolution: Fixed Issue is tha tthe redirect based on the resource request parameter and/or attribute has been implemented slightly differently in all kinds of locations in the auth modules. Introducing a new AbstractAuthenticationHandler.setLoginResourceAttribute method which allows to set the resource request attribute as follows: * if the attribute is already set as a non-empty string, do nothing * If the resource request parameter is set as a non-empty string, use that * If a non-empty, non-null default value is given, use that * Otherwise fall back to the servlet context root path (or / if context root path is the empty string for the root context) Implemented in authentication Core, Form, OpenID, and Selector Form in Rev. 996477 post-login redirect doesn't include context path Key: SLING-1752 URL: https://issues.apache.org/jira/browse/SLING-1752 Project: Sling Issue Type: Bug Components: Authentication Reporter: Justin Edelson Assignee: Felix Meschberger Fix For: Form Based Authentication 1.0.2, Auth Core 1.0.4 to reproduce: in launchpad/builder run mvn -Djetty.sling.context=/sling clean jetty:run-war then go to http://localhost:/sling/, try to log in, and then see that you're redirected to /, not /sling/
[jira] Commented: (SLING-1765) Problems with authentication if basic auth was used before opening Sling Explorer
[ https://issues.apache.org/jira/browse/SLING-1765?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=12908799#action_12908799 ] Clemens Wyss commented on SLING-1765: - wouldn't the clean solution be for the explorer to not only check if authType is set, but that authType == 'Form' ? Problems with authentication if basic auth was used before opening Sling Explorer - Key: SLING-1765 URL: https://issues.apache.org/jira/browse/SLING-1765 Project: Sling Issue Type: Bug Reporter: Mike Müller Assignee: Felix Meschberger Priority: Minor Fix For: Sling Explorer 1.0.0 If you login to /system/console and then go back to /.explorer.html the explorer shows that you're logged in, which is not the case. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
[jira] Commented: (SLING-1765) Problems with authentication if basic auth was used before opening Sling Explorer
[ https://issues.apache.org/jira/browse/SLING-1765?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=12908800#action_12908800 ] Felix Meschberger commented on SLING-1765: -- @Clemens: no, the explorer should not be tied too much into the form authentication and just as well work together with HTTP Basic authentication (and OpenID or whatever). [Though I really like the login popup at the top of the screen, which IMHO is ok to tie into form auth handler] Problems with authentication if basic auth was used before opening Sling Explorer - Key: SLING-1765 URL: https://issues.apache.org/jira/browse/SLING-1765 Project: Sling Issue Type: Bug Reporter: Mike Müller Assignee: Felix Meschberger Priority: Minor Fix For: Sling Explorer 1.0.0 If you login to /system/console and then go back to /.explorer.html the explorer shows that you're logged in, which is not the case. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
Re: [jira] Resolved: (SLING-1752) post-login redirect doesn't include context path
Hi, Am 13.09.2010 16:20, schrieb Justin Edelson: This is perhaps a minor semantic point, but this parameter really shouldn't be called resource if it contains the servlet context path. It might be too late to change it now, but perhaps this is worthy of a comment someplace (although I'm not sure where). Yes, I agree. In fact, I wanted to change this name earlier on but could not do it for backwards compatibility reasons. It is not really a resource in Sling ResourceProvider terms (actually never really has been) but rather kind of an authentication target path, and thus a resource in REST terms. Of course we could introduce a new name and keep on supporting the old name Regards Felix Justin On 9/13/10 6:13 AM, Felix Meschberger (JIRA) wrote: [ https://issues.apache.org/jira/browse/SLING-1752?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Felix Meschberger resolved SLING-1752. -- Fix Version/s: Form Based Authentication 1.0.2 Auth Core 1.0.4 Resolution: Fixed Issue is tha tthe redirect based on the resource request parameter and/or attribute has been implemented slightly differently in all kinds of locations in the auth modules. Introducing a new AbstractAuthenticationHandler.setLoginResourceAttribute method which allows to set the resource request attribute as follows: * if the attribute is already set as a non-empty string, do nothing * If the resource request parameter is set as a non-empty string, use that * If a non-empty, non-null default value is given, use that * Otherwise fall back to the servlet context root path (or / if context root path is the empty string for the root context) Implemented in authentication Core, Form, OpenID, and Selector Form in Rev. 996477 post-login redirect doesn't include context path Key: SLING-1752 URL: https://issues.apache.org/jira/browse/SLING-1752 Project: Sling Issue Type: Bug Components: Authentication Reporter: Justin Edelson Assignee: Felix Meschberger Fix For: Form Based Authentication 1.0.2, Auth Core 1.0.4 to reproduce: in launchpad/builder run mvn -Djetty.sling.context=/sling clean jetty:run-war then go to http://localhost:/sling/, try to log in, and then see that you're redirected to /, not /sling/
[jira] Created: (SLING-1767) Update JCR Resource Import-Package to require o.a.s.c.osgi version 2.0.6
Update JCR Resource Import-Package to require o.a.s.c.osgi version 2.0.6 Key: SLING-1767 URL: https://issues.apache.org/jira/browse/SLING-1767 Project: Sling Issue Type: Bug Components: JCR Reporter: Julian Sedding Fix For: JCR Resource 2.0.8 For JCR Resource 2.0.8 the Import-Package statement in pom.xml needs to be updated to require o.a.s.c.osgi version 2.0.6. RootResourceProviderEntry makes use of OsgiUtil#getComparableForServiceRanking(), which only exists since 2.0.6 -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
[jira] Commented: (SLING-1737) Add state management for resources
[ https://issues.apache.org/jira/browse/SLING-1737?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=12908805#action_12908805 ] Pontus Amberg commented on SLING-1737: -- Strange. For me it's impossible to pass the testSemiRandomInstall. The surefire log contains the following info testSemiRandomInstall [felix](org.apache.sling.osgi.installer.it.BundleInstallStressTest) Time elapsed: 40.201 sec FAILURE! java.lang.AssertionError: All bundles should be installed in cycle 5 : Expected events=[ BundleEvent null, version=null, state=16 BundleEvent null, version=null, state=1 ] received events=[ BundleEvent osgi-installer-testA, version=1.0.0, state=1 BundleEvent osgi-installer-testA, version=1.0.0, state=32 BundleEvent osgi-installer-testA, version=1.0.0, state=128 BundleEvent osgi-installer-testA, version=1.0.0, state=2 ] Add state management for resources -- Key: SLING-1737 URL: https://issues.apache.org/jira/browse/SLING-1737 Project: Sling Issue Type: Improvement Components: Installer Affects Versions: OSGi Installer 3.0.0 Reporter: Carsten Ziegeler Assignee: Carsten Ziegeler Fix For: OSGi Installer 3.0.0 Currently there is no state management, so it is hard to tell if a resource has been installed, should be installed, uninstalled etc. In some situations this leads to endless loops where something is tried over and over again - although nothing needs to be done anymore or can't be done. If we add proper state management to the resources, the installer knows what needs to be done and can act accordingly -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
[jira] Commented: (SLING-1737) Add state management for resources
[ https://issues.apache.org/jira/browse/SLING-1737?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=12908807#action_12908807 ] Justin Edelson commented on SLING-1737: --- FWIW, I'm now getting 19 failures: Failed tests: testRemoveResourceAndRestart [felix](org.apache.sling.osgi.installer.it.RemovedResourceDetectionTest) testContextUpdate [felix](org.apache.sling.osgi.installer.it.ContextBundleUpdateTest) initialRegistrationTest [felix](org.apache.sling.osgi.installer.it.RegisterResourcesTest) removeAndReaddBundlesTest [felix](org.apache.sling.osgi.installer.it.RegisterResourcesTest) reAddZeroResourcesTest [felix](org.apache.sling.osgi.installer.it.RegisterResourcesTest) testSemiRandomInstall [felix](org.apache.sling.osgi.installer.it.BundleInstallStressTest) testPrioritiesUsingSnapshots [felix](org.apache.sling.osgi.installer.it.BundlePrioritiesTest) testInstallUpgradeDowngradeBundle [felix](org.apache.sling.osgi.installer.it.BundleInstallUpgradeDowngradeTest) testRemoveAndReadd [felix](org.apache.sling.osgi.installer.it.BundleInstallUpgradeDowngradeTest) testBundleDependencies [felix](org.apache.sling.osgi.installer.it.BundleDependenciesTest) testInstallAndRemoveConfig [felix](org.apache.sling.osgi.installer.it.ConfigInstallTest) testDeferredConfigInstall [felix](org.apache.sling.osgi.installer.it.ConfigInstallTest) testReinstallSameConfig [felix](org.apache.sling.osgi.installer.it.ConfigInstallTest) testNonSnapshot [felix](org.apache.sling.osgi.installer.it.BundleSnapshotUpdateTest) testSnapshot [felix](org.apache.sling.osgi.installer.it.BundleSnapshotUpdateTest) testSnapshotWithInstallerRestart [felix](org.apache.sling.osgi.installer.it.BundleSnapshotUpdateTest) testRegisterInvalidBundles [felix](org.apache.sling.osgi.installer.it.InvalidBundlesTest) testIndividualInvalidBundles [felix](org.apache.sling.osgi.installer.it.InvalidBundlesTest) testBundleStatePreserved [felix](org.apache.sling.osgi.installer.it.BundleStatePreservedTest) with both Maven 2.2.1 and 3.0-beta-3 on OS X Add state management for resources -- Key: SLING-1737 URL: https://issues.apache.org/jira/browse/SLING-1737 Project: Sling Issue Type: Improvement Components: Installer Affects Versions: OSGi Installer 3.0.0 Reporter: Carsten Ziegeler Assignee: Carsten Ziegeler Fix For: OSGi Installer 3.0.0 Currently there is no state management, so it is hard to tell if a resource has been installed, should be installed, uninstalled etc. In some situations this leads to endless loops where something is tried over and over again - although nothing needs to be done anymore or can't be done. If we add proper state management to the resources, the installer knows what needs to be done and can act accordingly -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
[jira] Commented: (SLING-1752) post-login redirect doesn't include context path
[ https://issues.apache.org/jira/browse/SLING-1752?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=12908808#action_12908808 ] Felix Meschberger commented on SLING-1752: -- Also have to increase the export version of the spi package because I added a public static method to the AbstractAuthenticationHandler class. Done in Rev. 996558 exporting spi now as version 1.0.1 (Incrementing minor version because it provides new API to use, so clients can base their imports. But implementations of the SPI are not broken with this change. post-login redirect doesn't include context path Key: SLING-1752 URL: https://issues.apache.org/jira/browse/SLING-1752 Project: Sling Issue Type: Bug Components: Authentication Affects Versions: OpenID Authentication 1.0.0, Form Based Authentication 1.0.0, Auth Selector 1.0.0, Auth Core 1.0.2 Reporter: Justin Edelson Assignee: Felix Meschberger Fix For: OpenID Authentication 1.0.2, Form Based Authentication 1.0.2, Auth Selector 1.0.2, Auth Core 1.0.4 to reproduce: in launchpad/builder run mvn -Djetty.sling.context=/sling clean jetty:run-war then go to http://localhost:/sling/, try to log in, and then see that you're redirected to /, not /sling/ -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
[jira] Commented: (SLING-1737) Add state management for resources
[ https://issues.apache.org/jira/browse/SLING-1737?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=12908811#action_12908811 ] Carsten Ziegeler commented on SLING-1737: - Finished the state handling implementation with revision 996562. The tasks are now computed by the state of the resources to be installed/uninstalled and the current state of the system. This avoids reinstallation of resources or accidental uninstall etc. Add state management for resources -- Key: SLING-1737 URL: https://issues.apache.org/jira/browse/SLING-1737 Project: Sling Issue Type: Improvement Components: Installer Affects Versions: OSGi Installer 3.0.0 Reporter: Carsten Ziegeler Assignee: Carsten Ziegeler Fix For: OSGi Installer 3.0.0 Currently there is no state management, so it is hard to tell if a resource has been installed, should be installed, uninstalled etc. In some situations this leads to endless loops where something is tried over and over again - although nothing needs to be done anymore or can't be done. If we add proper state management to the resources, the installer knows what needs to be done and can act accordingly -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
[jira] Resolved: (SLING-1769) [explorer] doesn't display non-default workspace nodes correctly
[ https://issues.apache.org/jira/browse/SLING-1769?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Justin Edelson resolved SLING-1769. --- Resolution: Fixed [explorer] doesn't display non-default workspace nodes correctly Key: SLING-1769 URL: https://issues.apache.org/jira/browse/SLING-1769 Project: Sling Issue Type: Bug Components: Extensions Reporter: Justin Edelson Assignee: Justin Edelson Fix For: Sling Explorer 1.0.0 Attachments: screenshot0.png see screenshot -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
[jira] Commented: (SLING-1769) [explorer] doesn't display non-default workspace nodes correctly
[ https://issues.apache.org/jira/browse/SLING-1769?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=12908913#action_12908913 ] Justin Edelson commented on SLING-1769: --- fixed in r996635 [explorer] doesn't display non-default workspace nodes correctly Key: SLING-1769 URL: https://issues.apache.org/jira/browse/SLING-1769 Project: Sling Issue Type: Bug Components: Extensions Reporter: Justin Edelson Assignee: Justin Edelson Fix For: Sling Explorer 1.0.0 Attachments: screenshot0.png see screenshot -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
[jira] Created: (SLING-1770) ResourceUtil.getParent(String) doesn't handle paths with workspace prefixes
ResourceUtil.getParent(String) doesn't handle paths with workspace prefixes --- Key: SLING-1770 URL: https://issues.apache.org/jira/browse/SLING-1770 Project: Sling Issue Type: Bug Components: API Reporter: Justin Edelson Assignee: Justin Edelson ResourceUtil.getParent(otherwsp:/path) should return otherwsp:/. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
[jira] Updated: (SLING-1770) ResourceUtil.getParent(String) doesn't handle paths with workspace prefixes
[ https://issues.apache.org/jira/browse/SLING-1770?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Justin Edelson updated SLING-1770: -- Fix Version/s: API 2.2.0 ResourceUtil.getParent(String) doesn't handle paths with workspace prefixes --- Key: SLING-1770 URL: https://issues.apache.org/jira/browse/SLING-1770 Project: Sling Issue Type: Bug Components: API Reporter: Justin Edelson Assignee: Justin Edelson Fix For: API 2.2.0 ResourceUtil.getParent(otherwsp:/path) should return otherwsp:/. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
Re: Authentication/Authorization and jackrabbit.usermanager functionality
Oh... I get it. There's no ACL on the user and group nodes in the security workspace. But trying to apply an ACL to / or /rep:security returns an exception $ curl-FprincipalId=anonymous -fprivil...@jcr:all=denied http://admin:ad...@localhost:/rep:security.modifyAce.html?sling.workspace=security html head titleError while processing security:/rep:security/title /head body h1Error while processing security:/rep:security/h1 table tbody tr tdStatus/td tddiv id=Status500/div/td /tr tr tdMessage/td tddiv id=Messagejavax.jcr.RepositoryException: Failed to create ace./div/td /tr tr tdLocation/td tda href=/_rep_security id=Location/_rep_security/a/td /tr tr tdParent Location/td tda href=/ id=ParentLocation//a/td /tr tr tdPath/td tddiv id=Pathsecurity:/rep:security/div/td /tr tr tdReferer/td tda href= id=Referer/a/td /tr tr tdChangeLog/td tddiv id=ChangeLogpre/pre/div/td /tr /tbody /table pa href=Go Back/a/p pa href=/_rep_securityModified Resource/a/p pa href=/Parent of Modified Resource/a/p /body /html On 9/11/10 10:25 AM, Felix Meschberger wrote: Hi, Unless I am completely mistaken, the usermanager uses the request's session to get at the Jackrabbit UserManager to do any tasks, which is the absolutely correct thing IMHO. We should definitely leave this kind of access control to Jackrabbit (resp. the configured functionality of Jackrabbit) and not impose our own idea ontop of it. There is one situation where an admin session is always retrieved: The CreeateUser servlet. This is probably a bug and should only use an admin session for self-registration. Regards Felix Am 10.09.2010 00:47, schrieb Mike Moulton: I recently had the need to get a list of users from an AJAX style client and found the jackrabbit usermanager exposes this functionality at system/userManager/user. As a part of this discovery, I noticed the listing of JCR users is not restricted in any way. If the usermanager bundle is installed, the following endpoint is open to the public: http://localhost:8080/system/userManager/user.tidy.1.json, providing a complete user list to anyone digging around. Any usermanager command that allows modifications to the JCR first checks if the user is an admin, but it seems all the read-only commands skip this check. Is this by intention, or was this simply missed? In addition, what are the thoughts on adding some sort of authorization component beyond just the isAdmin check? Maybe inspecting the jcr:readAccessControl / jcr:modifyAccessControl for the root node? -- Mike
[jira] Resolved: (SLING-1770) ResourceUtil.getParent(String) doesn't handle paths with workspace prefixes
[ https://issues.apache.org/jira/browse/SLING-1770?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Justin Edelson resolved SLING-1770. --- Resolution: Fixed ResourceUtil.getParent(String) doesn't handle paths with workspace prefixes --- Key: SLING-1770 URL: https://issues.apache.org/jira/browse/SLING-1770 Project: Sling Issue Type: Bug Components: API Reporter: Justin Edelson Assignee: Justin Edelson Fix For: API 2.2.0 ResourceUtil.getParent(otherwsp:/path) should return otherwsp:/. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
[jira] Resolved: (SLING-1771) Build failure / BundleInstallStressTest
[ https://issues.apache.org/jira/browse/SLING-1771?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Justin Edelson resolved SLING-1771. --- Resolution: Duplicate Build failure / BundleInstallStressTest --- Key: SLING-1771 URL: https://issues.apache.org/jira/browse/SLING-1771 Project: Sling Issue Type: Bug Reporter: Andreas Kuckartz Priority: Critical Failed tests: testSemiRandomInstall [felix](org.apache.sling.osgi.installer.it.BundleInstallStressTest) -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
[jira] Commented: (SLING-1771) Build failure / BundleInstallStressTest
[ https://issues.apache.org/jira/browse/SLING-1771?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=12908961#action_12908961 ] Justin Edelson commented on SLING-1771: --- being discussed in SLING-1737 Build failure / BundleInstallStressTest --- Key: SLING-1771 URL: https://issues.apache.org/jira/browse/SLING-1771 Project: Sling Issue Type: Bug Reporter: Andreas Kuckartz Priority: Critical Failed tests: testSemiRandomInstall [felix](org.apache.sling.osgi.installer.it.BundleInstallStressTest) -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
[jira] Created: (SLING-1772) [explorer] right pane doesn't expand fully in Chrome (at least on OS X)
[explorer] right pane doesn't expand fully in Chrome (at least on OS X) --- Key: SLING-1772 URL: https://issues.apache.org/jira/browse/SLING-1772 Project: Sling Issue Type: Bug Components: Extensions Reporter: Justin Edelson Attachments: screenshot0.png see screenshot -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
[jira] Updated: (SLING-1772) [explorer] right pane doesn't expand fully in Chrome (at least on OS X)
[ https://issues.apache.org/jira/browse/SLING-1772?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Justin Edelson updated SLING-1772: -- Attachment: screenshot0.png [explorer] right pane doesn't expand fully in Chrome (at least on OS X) --- Key: SLING-1772 URL: https://issues.apache.org/jira/browse/SLING-1772 Project: Sling Issue Type: Bug Components: Extensions Reporter: Justin Edelson Attachments: screenshot0.png see screenshot -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
Re: Authentication/Authorization and jackrabbit.usermanager functionality
IIRC the security workspace is not set up with access controllable nodes, so you cant use a policy on a node. We did [1] for the securty workspace. 1 http://github.com/sakaiproject/nakamura/blob/master/bundles/server/src/main/java/org/apache/jackrabbit/core/security/user/DelegatedUserAccessControlProvider.java On 14 Sep 2010, at 05:34, Justin Edelson wrote: Oh... I get it. There's no ACL on the user and group nodes in the security workspace. But trying to apply an ACL to / or /rep:security returns an exception $ curl-FprincipalId=anonymous -fprivil...@jcr:all=denied http://admin:ad...@localhost:/rep:security.modifyAce.html?sling.workspace=security html head titleError while processing security:/rep:security/title /head body h1Error while processing security:/rep:security/h1 table tbody tr tdStatus/td tddiv id=Status500/div/td /tr tr tdMessage/td tddiv id=Messagejavax.jcr.RepositoryException: Failed to create ace./div/td /tr tr tdLocation/td tda href=/_rep_security id=Location/_rep_security/a/td /tr tr tdParent Location/td tda href=/ id=ParentLocation//a/td /tr tr tdPath/td tddiv id=Pathsecurity:/rep:security/div/td /tr tr tdReferer/td tda href= id=Referer/a/td /tr tr tdChangeLog/td tddiv id=ChangeLogpre/pre/div/td /tr /tbody /table pa href=Go Back/a/p pa href=/_rep_securityModified Resource/a/p pa href=/Parent of Modified Resource/a/p /body /html On 9/11/10 10:25 AM, Felix Meschberger wrote: Hi, Unless I am completely mistaken, the usermanager uses the request's session to get at the Jackrabbit UserManager to do any tasks, which is the absolutely correct thing IMHO. We should definitely leave this kind of access control to Jackrabbit (resp. the configured functionality of Jackrabbit) and not impose our own idea ontop of it. There is one situation where an admin session is always retrieved: The CreeateUser servlet. This is probably a bug and should only use an admin session for self-registration. Regards Felix Am 10.09.2010 00:47, schrieb Mike Moulton: I recently had the need to get a list of users from an AJAX style client and found the jackrabbit usermanager exposes this functionality at system/userManager/user. As a part of this discovery, I noticed the listing of JCR users is not restricted in any way. If the usermanager bundle is installed, the following endpoint is open to the public: http://localhost:8080/system/userManager/user.tidy.1.json, providing a complete user list to anyone digging around. Any usermanager command that allows modifications to the JCR first checks if the user is an admin, but it seems all the read-only commands skip this check. Is this by intention, or was this simply missed? In addition, what are the thoughts on adding some sort of authorization component beyond just the isAdmin check? Maybe inspecting the jcr:readAccessControl / jcr:modifyAccessControl for the root node? -- Mike
[jira] Created: (SLING-1773) Possible to store newly install bundle digests into bundle-digests.properties immediately after the bundle is installed successfully
Possible to store newly install bundle digests into bundle-digests.properties immediately after the bundle is installed successfully Key: SLING-1773 URL: https://issues.apache.org/jira/browse/SLING-1773 Project: Sling Issue Type: Improvement Components: Installer Affects Versions: JCR Installer 3.0.0 Environment: CQ5.3 Reporter: zhangchunlong Priority: Minor Bundle slinginstall:org.apache.sling.osgi.installer-3.0.0-R900409.jar in CQ5.3 only try to store the bundle digests into bundle-digests.properties when the server is shutting down. In case some bundles are installed and the server is not shutdown properly. eg. crash, being killed, next time when CQ5.3 starts, will try to re-install those bundles and leave the bundle status as installed. It might be good to store such information immediately after any bundle is being installed successfully if possible. To reproduce the issue: 1. create some test bundle 2. start the CQ5.3 instance, install the test bundle into some /install folder. 3. kill the CQ5.3 instance. 4. start the CQ5.3 instance again. 5. from the crx-quickstart/logs/error.log, could see the test bundle is being installed again. 6. from Felix console, the test bundle status is installed. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
Build failed in Hudson: sling-samples-1.5 #171
See https://hudson.apache.org/hudson/job/sling-samples-1.5/171/changes Changes: [justin] committing simple sample workspace picking filter. necessary in order to test explorer in non-default workspace -- [...truncated 757 lines...] [INFO] [resources:resources {execution: default-resources}] [INFO] Using 'UTF-8' encoding to copy filtered resources. [INFO] Copying 3 resources [INFO] Copying 3 resources [INFO] [antrun:run {execution: default}] [INFO] Executing tasks [echo] ** WARNING (SLING-443) ** [echo] On most platforms, you'll get OutOfMemoryErrors when building unless you set [echo] MAVEN_OPTS=-Xmx256M -XX:MaxPermSize=128M, see SLING-443. [echo] * [INFO] Executed tasks [INFO] [compiler:compile {execution: default-compile}] [INFO] No sources to compile [INFO] [scr:scr {execution: generate-scr-scrdescriptor}] [INFO] [resources:testResources {execution: default-testResources}] [INFO] Using 'UTF-8' encoding to copy filtered resources. [INFO] skip non existing resourceDirectory https://hudson.apache.org/hudson/job/sling-samples-1.5/ws/contrib-1.5/webloader/ui/src/test/resources [INFO] Copying 3 resources [INFO] [compiler:testCompile {execution: default-testCompile}] [INFO] No sources to compile [INFO] [surefire:test {execution: default-test}] [INFO] Surefire report directory: https://hudson.apache.org/hudson/job/sling-samples-1.5/ws/contrib-1.5/webloader/ui/target/surefire-reports --- T E S T S --- There are no tests to run. Results : Tests run: 0, Failures: 0, Errors: 0, Skipped: 0 [HUDSON] Recording test results[INFO] [bundle:bundle {execution: default-bundle}] [WARNING] Warning building bundle org.apache.sling.samples:org.apache.sling.samples.webloader.ui:bundle:2.0.3-SNAPSHOT : Did not find matching referal for * [INFO] Preparing source:jar [WARNING] Removing: jar from forked lifecycle, to prevent recursive invocation. [HUDSON] Archiving https://hudson.apache.org/hudson/job/sling-samples-1.5/ws/contrib-1.5/webloader/ui/pom.xml to /home/hudson/hudson/jobs/sling-samples-1.5/modules/org.apache.sling.samples$org.apache.sling.samples.webloader.ui/builds/2010-09-14_03-38-48/archive/org.apache.sling.samples/org.apache.sling.samples.webloader.ui/2.0.3-SNAPSHOT/pom.xml [HUDSON] Archiving https://hudson.apache.org/hudson/job/sling-samples-1.5/ws/contrib-1.5/webloader/ui/target/org.apache.sling.samples.webloader.ui-2.0.3-SNAPSHOT.jar to /home/hudson/hudson/jobs/sling-samples-1.5/modules/org.apache.sling.samples$org.apache.sling.samples.webloader.ui/builds/2010-09-14_03-38-48/archive/org.apache.sling.samples/org.apache.sling.samples.webloader.ui/2.0.3-SNAPSHOT/org.apache.sling.samples.webloader.ui-2.0.3-SNAPSHOT.jar [INFO] [enforcer:enforce {execution: enforce-java}] [INFO] [source:jar {execution: attach-sources}] [INFO] Building jar: https://hudson.apache.org/hudson/job/sling-samples-1.5/ws/contrib-1.5/webloader/ui/target/org.apache.sling.samples.webloader.ui-2.0.3-SNAPSHOT-sources.jar [INFO] [ianal:verify-legal-files {execution: default}] [INFO] Checking legal files in: org.apache.sling.samples.webloader.ui-2.0.3-SNAPSHOT.jar [INFO] Checking legal files in: org.apache.sling.samples.webloader.ui-2.0.3-SNAPSHOT-sources.jar [INFO] [install:install {execution: default-install}] [INFO] Installing https://hudson.apache.org/hudson/job/sling-samples-1.5/ws/contrib-1.5/webloader/ui/target/org.apache.sling.samples.webloader.ui-2.0.3-SNAPSHOT.jar to /home/hudson/.m2/repository/org/apache/sling/samples/org.apache.sling.samples.webloader.ui/2.0.3-SNAPSHOT/org.apache.sling.samples.webloader.ui-2.0.3-SNAPSHOT.jar [INFO] Installing https://hudson.apache.org/hudson/job/sling-samples-1.5/ws/contrib-1.5/webloader/ui/target/org.apache.sling.samples.webloader.ui-2.0.3-SNAPSHOT-sources.jar to /home/hudson/.m2/repository/org/apache/sling/samples/org.apache.sling.samples.webloader.ui/2.0.3-SNAPSHOT/org.apache.sling.samples.webloader.ui-2.0.3-SNAPSHOT-sources.jar [INFO] [bundle:install {execution: default-install}] [INFO] Parsing file:/home/hudson/.m2/repository/repository.xml [Fatal Error] :-1:-1: Premature end of file. org.xml.sax.SAXParseException: Premature end of file. at com.sun.org.apache.xerces.internal.parsers.DOMParser.parse(DOMParser.java:264) at com.sun.org.apache.xerces.internal.jaxp.DocumentBuilderImpl.parse(DocumentBuilderImpl.java:292) at javax.xml.parsers.DocumentBuilder.parse(DocumentBuilder.java:172) at org.apache.felix.obrplugin.ObrUpdate.parseFile(ObrUpdate.java:347) at org.apache.felix.obrplugin.ObrUpdate.parseRepositoryXml(ObrUpdate.java:324) at org.apache.felix.obrplugin.ObrInstall.execute(ObrInstall.java:140) at
Hudson build is still unstable: sling-trunk-1.6 #573
See https://hudson.apache.org/hudson/job/sling-trunk-1.6/changes
Hudson build is still unstable: sling-trunk-1.6 » Apache Sling OSGi Installer Integration Tests #573
See https://hudson.apache.org/hudson/job/sling-trunk-1.6/org.apache.sling$org.apache.sling.osgi.installer.it/changes
Hudson build is unstable: sling-trunk-1.5 #885
See https://hudson.apache.org/hudson/job/sling-trunk-1.5/885/changes
Hudson build is still unstable: sling-trunk-1.5 » Apache Sling OSGi Installer Integration Tests #885
See https://hudson.apache.org/hudson/job/sling-trunk-1.5/org.apache.sling$org.apache.sling.osgi.installer.it/changes