jetspeed-2 deployment problem

2004-11-07 Thread Amit Soni
Hi scott,

These three jar files are already deployed in tomcat/shared/lib
directory. But when i tried later at that time deploy time it gives
error like :: 


Nov 8, 2004 11:11:18 AM org.apache.catalina.core.StandardHostDeployer
install
INFO: Installing web application at context path /jetspeed2 from URL
jar:file:/usr/local/jakarta-tomcat-5.0.28/webapps/jetspeed2.war!/
log4j:WARN No appenders could be found for logger
(org.apache.commons.beanutils.ConvertUtils).
log4j:WARN Please initialize the log4j system properly.
JNDI System Property flag false
 WARN: IOException, CatalinaPAM will only function as FileSystemPAM:
java.net.ConnectException: Connection refused
[BOOT] WARN: Could not load properties file 'OJB.properties'. Using
default settings!
/usr/local/jakarta-tomcat-5.0.28/webapps/jetspeed/WEB-INF/conf/OJB.properties 
(No such file or directory)
java.io.FileNotFoundException:
/usr/local/jakarta-tomcat-5.0.28/webapps/jetspeed/WEB-INF/conf/OJB.properties 
(No such file or directory)
at java.io.FileInputStream.open(Native Method)
at java.io.FileInputStream.(FileInputStream.java:106)
at java.io.FileInputStream.(FileInputStream.java:66)
at
sun.net.www.protocol.file.FileURLConnection.connect(FileURLConnection.java:69)
at
sun.net.www.protocol.file.FileURLConnection.getInputStream(FileURLConnection.java:156)
at java.net.URL.openStream(URL.java:913)
at
org.apache.ojb.broker.util.configuration.impl.ConfigurationAbstractImpl.load(ConfigurationAbstractImpl.java:429)
at
org.apache.ojb.broker.util.configuration.impl.OjbConfiguration.load(OjbConfiguration.java:270)
at
org.apache.ojb.broker.util.configuration.impl.ConfigurationAbstractImpl.(ConfigurationAbstractImpl.java:66)
at
org.apache.ojb.broker.util.configuration.impl.OjbConfiguration.(OjbConfiguration.java:107)
at
org.apache.ojb.broker.util.configuration.impl.OjbConfigurator.(OjbConfigurator.java:55)
at
org.apache.ojb.broker.util.configuration.impl.OjbConfigurator.(OjbConfigurator.java:41)
at
org.apache.ojb.broker.core.PersistenceBrokerFactoryFactory.init(PersistenceBrokerFactoryFactory.java:52)
at
org.apache.ojb.broker.core.PersistenceBrokerFactoryFactory.(PersistenceBrokerFactoryFactory.java:36)
at
org.apache.ojb.broker.PersistenceBrokerFactory.createPersistenceBroker(PersistenceBrokerFactory.java:86)
at
org.apache.jetspeed.components.persistence.store.ojb.pb.PBStore.(PBStore.java:84)
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native
Method)
at
sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39)
at
sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
at
java.lang.reflect.Constructor.newInstance(Constructor.java:274)
at
org.springframework.beans.BeanUtils.instantiateClass(BeanUtils.java:73)
at
org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:71)
at
org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.autowireConstructor(AbstractAutowireCapableBeanFactory.java:487)
at
org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:250)
at
org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:205)
at
org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:217)
at
org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:136)
at
org.springframework.aop.target.AbstractPrototypeBasedTargetSource.newPrototypeInstance(AbstractPrototypeBasedTargetSource.java:132)
at
org.springframework.aop.target.ThreadLocalTargetSource.getTarget(ThreadLocalTargetSource.java:78)
at
org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:121)
at $Proxy7.newFilter(Unknown Source)
at
org.apache.jetspeed.prefs.impl.CommonQueries.newNodeQueryByPathAndType(CommonQueries.java:162)
at
org.apache.jetspeed.prefs.impl.PreferencesImpl.getNode(PreferencesImpl.java:229)
at
org.apache.jetspeed.prefs.impl.PreferencesImpl.createPrefNode(PreferencesImpl.java:165)
at
org.apache.jetspeed.prefs.impl.PreferencesImpl.(PreferencesImpl.java:114)
at
org.apache.jetspeed.prefs.impl.PreferencesProviderImpl.start(PreferencesProviderImpl.java:106)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at
org.springframework.beans.factory.s

Portlet output needed help

2004-11-07 Thread Srinivasarao Sri
Hi team,
In jetspeed I login as trubine with id and password.
I created one sample pane.
I added one HelloWorld portlet to my sample pane by addportlets.
I added my sample portlet...and unable to see output
If I look at the out put there is nothing displaying.
If we consider other portlets slashdot or hello velocity..I am able to see the 
output of the portlets.
Any thing do we need to do after adding portlets??
Please help me.
Thanks in advance
Sri


-
Do you Yahoo!?
 Check out the new Yahoo! Front Page. www.yahoo.com

[J2] Security component updated again: table structure changes required!!!

2004-11-07 Thread Ate Douma
Hi All,
I've implemented and checked in a major part of the JS2-151 
(http://issues.apache.org/jira/browse/JS2-151) feature list.
1) storing password encoded
2) requiring a minimum length and a minimum number of numeric characters in a 
password
4) automatically expire password after a configurable time
6) locking a user out when the current password is expired
8) disable a password after a certain number of failures to authenticate, reset 
check after success
The other items below I will hopefully finish soon. Part of it, data and object 
model and some behavior is already in place though.
3) keeping a history (queue) of previously used password and preventing a user 
to reuse one from this queue (with a configurable queue size)
5) warning a user its password is going to be expired (with a configurable time 
before)
7) forcing a user to change a password on first use
9) enable/disable principals: users,groups,roles
As result of the above changes, a two security tables have additional columns:
Table SECURITY_CREDENTIAL:
- column UPDATE_REQUIRED, BIT, NOT NULL
- column IS_ENCODED, BIT, NOT NULL
- column IS_ENABLED, BIT, NOT NULL
- column AUTH_FAILURES, SMALLINT, NOT NULL
- column IS_EXPIRED, BIT, NOT NULL
- column LAST_LOGON_DATE, TIMESTAMP, NULL
- column EXPIRATION_DATE, DATE, NULL
Table SECURITY_PRINCIPAL:
- column IS_ENABLED, BIT, NOT NULL
As default configuration (just temporary, just to let you guys test this) I've 
defined the following:
- 1) a SHA-1 encoder for the passwords: MessageDigestCredentialPasswordEncoder
- 2) no requirements for password length or number of digits, but
 I've supplied a SimpleCredentialPasswordValidator which can do so.
 See: TestPasswordCredentialProvider and its security context definition 
spcpv.xml
- 4) a maxLifeSpanInDays of 60 for password (expiration) and,
  6) a maxNumberOfAuthenticationFailures of 3, and
  8) disable a password after a certain number of failures to authenticate, 
reset check after success
 with: InternalPasswordCredentialStateHandlingInterceptor
Because this configuration will encode passwords, getting the correct values 
into the database from
outside Jetspeed might seem a bit of a problem, but it isn't!
When inserting data in the SECURITY_CREDENTIAL table itself, use the plain text 
value for the VALUE column and
for IS_ENCODED 0 (zero, false). As soon as a credential is loaded by Jetspeed 
it will be encoded.
Same goes for EXPIRATION_DATE: if you leave that null, Jetspeed will fill it in 
on first access.
I've also added a Password tab to the User Details Portlet through which an 
administrator can set new password,
enabled/disable a password and toggle the update password required flag (item 7 
from the list above).
Be warned now: try a wrong password three times in a row and your locked out. 
Lucky, the User Browser Portlet
isn't secured yet, so fixing it (setting the user password enabled again) is 
still easy.
(guys, we have to think about a build in/predefined admin role or permissions 
to secure this thing)
Regards, Ate

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]


RE: Strategy for role based security

2004-11-07 Thread Randy Watler
AFAIK, the role based security/access control in the PageManager is J2
specific, but does utilize the PortletRequest.isUserInRole() checks
available in JSR 168. In that sense, it is compatible and extends the
standard.

There are also permissions based security options available with this new
funcationality.

Randy Watler

-Original Message-
From: niksa_os
To: Jetspeed Users List
Sent: 11/6/04 1:26 AM
Subject: Re: Strategy for role based security

> J2 now supports a variety of role/group profiling features and is
having
> role based access security grafted in today. 

Is it J2 specific feature or is it required in JSR 168 portal/portlet?

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]


VelocityViewServlet

2004-11-07 Thread Herman Reintke
LS,

I downloaded build and deployed the jetspeed2 environment without getting any 
errors.
However when accessing several pages I get an errormessage saying :

VelocityViewServlet Error processing the template, invocation of method 
getTitle

I've seen two entries on the mailing list stating that the VelocityViewServlet 
should be installed manually.
But checking the jetspeed-2 web.xml it seems that this is already in the 
default config.

Does anyone know where to look for more info ?

Kind regards,

Herman Reintke