Re: J2 decorators not displayed in IE
Raphael, thanks for your response! It looks like you are right - and the problem is in including .css styles. I checked the source from IE and Firefox - both have a relative link to the Jetspeed's .css styles: link rel=stylesheet type=text/css media=all href=content/tigris/css/styles.css / link rel=stylesheet type=text/css media=all href=content/css/styles.css / and it looks like the stylesheet is not used - no decorations are there, and no images. References to images look like this: a href=http://24.61.4.55:8080/jetspeed/portal/_ns:YURDRVBvcnRhbDo6RXZlbnRzQ2FsZW5kYXJQb3J0bGV0fGMwfGQx/; title=maximized img src=content/images/maximized.gif alt=maximized border=0/a I am also using .css styles for my portlets, and I see that the link to my CSS file is the absolute one, like this: link rel=stylesheet type=text/css href=http://24.61.4.55:8080/DCEPortal/css/dce-portal.css/ When I include this CSS into my JSP I use the ContextPath : link rel=stylesheet type=text/css href=%=renderResponse.encodeURL(renderRequest.getContextPath() + /css/dce-portal.css)%/ An my stylesheet gets included just fine. I thought I would do what you suggested and substitute relative URL with the absolute one, so I took a look at the tigris/decorator-top.vm - however, I don't see where the stylesheets are included (I don't really know Velocity...). I can see this line: #includeStyleSheets() but where is this function? (I'm assuming this is a function ?) Any suggestions on how I could set them? Thanks a lot! Marina --- Raphaël Luta [EMAIL PROTECTED] wrote: Marina wrote: Hi, I have a weird problem here. I've been developing my portal using Firefox only, and have a pretty much complete portal by now. However, when I finally got around to checking it out in IE, I've realized to my horror that it looks completely screwed up there. Basically, no portlet decorators and J2 images (like tabs, borders around portlets, etc.) are displayed there. The content of the portlets is just fine. Even more, this happens when I access my portal through a redirect from my ISP that forwards the requests to my PC's IP address. If I access the portal through localhost:8080 - everything looks fine in both Firefox and IE. to summarize: access portal through IP address: Firefox/Netscape OK, IE - no images/decorators access portal through localhost: both Firefox and IE are OK Did I miss some config parameter for J2 or something like that? Any ideas? Mmmm.. I'd say it's an issue with IE mishandling your ISP reverse proxy behavior. Most of the decorator information is controlled through a CSS stylesheet. It's quite possible that IE resolves URL differently than Firefox when dealing with CSS resources tied to an HTML document. You can check if the CSS file is indeed retrieved by IE and if so, you can try setting absolute URLs to reference the image files in the CSS stylesheet. -- Raphaël Luta - [EMAIL PROTECTED] Apache Portals - Enterprise Portal in Java http://portals.apache.org/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
J2 decorators not displayed in IE
Hi, I have a weird problem here. I've been developing my portal using Firefox only, and have a pretty much complete portal by now. However, when I finally got around to checking it out in IE, I've realized to my horror that it looks completely screwed up there. Basically, no portlet decorators and J2 images (like tabs, borders around portlets, etc.) are displayed there. The content of the portlets is just fine. Even more, this happens when I access my portal through a redirect from my ISP that forwards the requests to my PC's IP address. If I access the portal through localhost:8080 - everything looks fine in both Firefox and IE. to summarize: access portal through IP address: Firefox/Netscape OK, IE - no images/decorators access portal through localhost: both Firefox and IE are OK Did I miss some config parameter for J2 or something like that? Any ideas? Thank you! Marina - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Jetspeed-2: Drop support for Tomcat 4...? Please comment/vote!
--- Ate Douma [EMAIL PROTECTED] wrote: And, if there are no big objections, I'd like to vote on dropping Tomcat 4 support! +1 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: using MySQL with J2 - setup problem
Randy,
I double checked my config files and verified the
following:
Verified:
1.
JVM version used by maven - added 'java -version'
command to the 'show.maven.props' goal:
C:\Marina\Harvard\Projects\jakarta-jetspeed-2-MYSQLmaven
show.maven.props
__ __
| \/ |__ _Apache__ ___
| |\/| / _` \ V / -_) ' \ ~ intelligent projects ~
|_| |_\__,_|\_/\___|_||_| v. 1.0.2
build:start:
show.maven.props:
[echo] maven.home.local = C:/Marina/MyWork/Maven
[echo] maven.repo.local =
C:/Marina/MyWork/Maven/maven_repository
[echo] checking JRE version:
[exec] java version 1.4.2_06
[exec] Java(TM) 2 Runtime Environment, Standard
Edition (build 1.4.2_06-b03)
[exec] Java HotSpot(TM) Client VM (build
1.4.2_06-b03, mixed mode)
BUILD SUCCESSFUL
Total time: 2 seconds
Finished at: Sun Feb 27 11:54:13 EST 2005
2. 'admin' user has rights to the 'j2' and 'j2test'
tables in MySQL:
logged into MySQL as 'admin', created and dropped test
tables in both 'j2' and 'j2test' DBs:
Welcome to the MySQL monitor. Commands end with ; or
\g.
Your MySQL connection id is 3 to server version:
4.1.7. Type 'help;' or '\h' for help. Type '\c' to
clear the buffer.
mysql use j2test
Database changed
mysql create table MyTest( id int );
Query OK, 0 rows affected (0.10 sec)
mysql drop table MyTest;
Query OK, 0 rows affected (0.00 sec)
mysql use j2
Database changed
mysql create table MyTest( id int );
Query OK, 0 rows affected (0.02 sec)
mysql drop table MyTest;
Query OK, 0 rows affected (0.00 sec)
3. jetspeed.xml
there was no jetspeed.xml in the
=TOMCAT_HOME/conf/Catalina/localhost dir
The only jetspeed.xml files in the J2-project-home
directory that I found were:
maven-plugin/target/classes/plugin-resources/jetspeed.xml
portal/src/resources/jetspeed.xml
Should I manually edit one of them and copy into
TOMCAT_HOME/conf/Catalina/localhost dir ?
Is not it supposed to be done by the maven 'allBuild'
goal?
4. I checked the MySQL driver jar file itself - it
does have both com.mysql.jdbc.Driver and
org.gjt.mm.mysql.Driver. It is indeed located in the
TOMCAT_HOME/shared/lib dir.
Any other setup I could have missed?
Thanks!
Marina
--- [EMAIL PROTECTED] wrote:
Marina,
I know you probably have most of this down cold, but
please verify:
- you have a copy of
mysql-connector-java-3.0.16-ga-bin.jar in
TOMCAT_HOME/shared/lib.
- that the com.mysql.jdbc.Driver class exists in
mysql-connector-java-3.0.16-ga-bin.jar.
- if you are manually copying the jetspeed.war into
webapps, make sure
that the jetspeed.xml is edited for your
configuration and is copied to
the correct location:
tomcat5=TOMCAT_HOME/conf/Catalina/localhost or
tomcat4=TOMCAT_HOME/webapps.
- that admin/admin has access to your j2 and j2test
databases.
- that your java implementation is being located
correctly and is a
current 1.4.2 or 1.5 version... I have never seen
those targetting 1.4
messages on Linux.
Randy
Thanks, Randy.
Something very strange is going on here...
I tried different variations of the
build.properties
file and it comes down to the following two
scenarios:
1) if I set properties to:
org.apache.jetspeed.test.database.url =
jdbc:mysql://localhost/j2test
org.apache.jetspeed.test.database.driver =
com.mysql.jdbc.Driver
org.apache.jetspeed.test.database.user = admin
org.apache.jetspeed.test.database.password = admin
org.apache.jetspeed.test.jdbc.drivers.path=${org.apache.jetspeed.server.shared}/mysql-connector-java-3.0.16-ga-bin.jar
org.apache.jetspeed.test.database.default.name=mysql
org.apache.jetspeed.production.database.url =
jdbc:mysql://localhost/j2
org.apache.jetspeed.production.database.driver =
com.mysql.jdbc.Driver
org.apache.jetspeed.production.database.user =
admin
org.apache.jetspeed.production.database.password =
admin
org.apache.jetspeed.production.jdbc.drivers.path=${org.apache.jetspeed.server.shared}/mysql-connector-java-3.0.16-ga-bin.jar
org.apache.jetspeed.production.database.default.name=mysql
then I get errors running maven allBuild target::
jetspeed2:jar:install:
build:start:
java:prepare-filesystem:
[mkdir] Created dir:
C:\Marina\Harvard\Projects\jakarta-jetspeed-2-MYSQL\portlet-api\target\classes
java:compile:
[echo] Compiling to
C:\Marina\Harvard\Projects\jakarta-jetspeed-2-MYSQL\portlet-api/target/classes
[echo]
==
NOTE: Targetting JVM 1.4, classes
will not run on earlier JVMs
==
[javac] Compiling 27 source files to
C:\Marina\Harvard\Projects\jakarta-jetspeed-2-MYSQL\portlet-api\target\classes
BUILD FAILED
File..
C:\Marina\Harvard\Projects\jakarta-jetspeed-2-MYSQL\maven.xml
Element... maven:reactor
Line.. 133
Column 40
Unable to obtain goal [java:compile] --
C:\Marina\MyWork\Maven\cache\maven-java-plugin-1.5\plugin.jelly:63:48
Re: using MySQL with J2 - setup problem
Thanks, Randy :) I modified jetspeed.xml file using the one from a working HSQL J2M2 installation as an example and copied it into the TOMCAT_HOME/conf/Catalina/localhost dir. I also copied a security.xml file from the HSQLDB J2M2 installation and adjusted the docBase value. Unfortunately, when I started Tomcat, I've got the same error: Caused by: org.apache.jetspeed.prefs.PreferencesException: Failed to initialize prefs api.org.springframework.transaction.CannotCreateTransactionException: Could not create OJB transaction; nested exception is org.apache.ojb.broker.accesslayer.LookupException: SQLException thrown while trying to get Connection from Datasource (java:comp/env/jdbc/jetspeed) at org.apache.jetspeed.prefs.impl.PreferencesFactoryImpl.init(Preference sFactoryImpl.java:70) at sun.reflect.NativeMethodAccessorImpl.invoke0(NativeMethod) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl. ... And in the J2's log file: 2005-02-27 18:24:24 StandardContext[/jetspeed]StandardWrapper.Throwable java.lang.NullPointerException at org.apache.jetspeed.velocity.JetspeedVelocityViewServlet.init(JetspeedVelocityViewServlet.java:137) at org.apache.catalina.core.StandardWrapper.loadServlet(StandardWrapper.java:1044) at org.apache.catalina.core.StandardWrapper.load(StandardWrapper.java:876) at One thing that puzzles me (among others, of course) is that the 'j2' DB did not get populated while 'j2test' did... Here is my jetspeed.xml - lines that I changed: !-- HSQL dB username and password for dB connections -- parameter nameusername/name valueadmin/value /parameter parameter namepassword/name valueadmin/value /parameter !-- Class name for HSQL JDBC driver -- parameter namedriverClassName/name valueorg.gjt.mm.mysql.Driver/value /parameter !-- The JDBC connection url for connecting to your HSQL dB. -- parameter nameurl/name valuejdbc:mysql://127.0.0.1:3306/value /parameter /ResourceParams Thanks for looking into this! Marina --- [EMAIL PROTECTED] wrote: Marina, 3. jetspeed.xml there was no jetspeed.xml in the =TOMCAT_HOME/conf/Catalina/localhost dir The only jetspeed.xml files in the J2-project-home directory that I found were: maven-plugin/target/classes/plugin-resources/jetspeed.xml portal/src/resources/jetspeed.xml Should I manually edit one of them and copy into TOMCAT_HOME/conf/Catalina/localhost dir ? Since you manually copied the jetspeed.war into webapps, I assume you will need to do the same thing with the portal/src/resources/jetspeed.xml file. It is certainly simple enough to try! Is not it supposed to be done by the maven 'allBuild' goal? Well, so is copying jetspeed.war into webapps! :) Something is broken for sure, but I am just interesting in seeing if you can get it to run at all since you have taken it almost this far already. Yes, we are in the weeds at this point! Randy - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: using MySQL with J2 - setup problem
ooh, I feel so bad... :) I knew it was something very stupid - I did not run the 'maven quickStart'. For some reason I thought it was intended for the HSQLDB only... Sorry for wasting so much of your time! Thanks, Randy, Marina --- [EMAIL PROTECTED] wrote: Marina: If your j2 DB is not setup, nothing will work anyway, so we are back to the failing maven build... you did use maven quickStart, no? Also, your DB URL probably needs to be jdbc:mysql://127.0.0.1:3306/j2 or jdbc:mysql://localhost/j2, (mysql can be picky about IP usage and I am not sure about the port you specified). Randy Thanks, Randy :) I modified jetspeed.xml file using the one from a working HSQL J2M2 installation as an example and copied it into the TOMCAT_HOME/conf/Catalina/localhost dir. I also copied a security.xml file from the HSQLDB J2M2 installation and adjusted the docBase value. Unfortunately, when I started Tomcat, I've got the same error: Caused by: org.apache.jetspeed.prefs.PreferencesException: Failed to initialize prefs api.org.springframework.transaction.CannotCreateTransactionException: Could not create OJB transaction; nested exception is org.apache.ojb.broker.accesslayer.LookupException: SQLException thrown while trying to get Connection from Datasource (java:comp/env/jdbc/jetspeed) at org.apache.jetspeed.prefs.impl.PreferencesFactoryImpl.init(Preference sFactoryImpl.java:70) at sun.reflect.NativeMethodAccessorImpl.invoke0(NativeMethod) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl. ... And in the J2's log file: 2005-02-27 18:24:24 StandardContext[/jetspeed]StandardWrapper.Throwable java.lang.NullPointerException at org.apache.jetspeed.velocity.JetspeedVelocityViewServlet.init(JetspeedVelocityViewServlet.java:137) at org.apache.catalina.core.StandardWrapper.loadServlet(StandardWrapper.java:1044) at org.apache.catalina.core.StandardWrapper.load(StandardWrapper.java:876) at One thing that puzzles me (among others, of course) is that the 'j2' DB did not get populated while 'j2test' did... Here is my jetspeed.xml - lines that I changed: !-- HSQL dB username and password for dB connections -- parameter nameusername/name valueadmin/value /parameter parameter namepassword/name valueadmin/value /parameter !-- Class name for HSQL JDBC driver -- parameter namedriverClassName/name valueorg.gjt.mm.mysql.Driver/value /parameter !-- The JDBC connection url for connecting to your HSQL dB. -- parameter nameurl/name valuejdbc:mysql://127.0.0.1:3306/value /parameter /ResourceParams Thanks for looking into this! Marina --- [EMAIL PROTECTED] wrote: Marina, 3. jetspeed.xml there was no jetspeed.xml in the =TOMCAT_HOME/conf/Catalina/localhost dir The only jetspeed.xml files in the J2-project-home directory that I found were: maven-plugin/target/classes/plugin-resources/jetspeed.xml portal/src/resources/jetspeed.xml Should I manually edit one of them and copy into TOMCAT_HOME/conf/Catalina/localhost dir ? Since you manually copied the jetspeed.war into webapps, I assume you will need to do the same thing with the portal/src/resources/jetspeed.xml file. It is certainly simple enough to try! Is not it supposed to be done by the maven 'allBuild' goal? Well, so is copying jetspeed.war into webapps! :) Something is broken for sure, but I am just interesting in seeing if you can get it to run at all since you have taken it almost this far already. Yes, we are in the weeds at this point! Randy - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: using MySQL with J2 - setup problem
Thank you, Hema!
Yes, that was it - the default name had to be set to
'mysql'.
Once I did that, the build script finished all DB
setup work fine but it failed at a later point:
java:compile:
[echo] Compiling to
C:\Marina\Harvard\Projects\jakarta-jetspeed-2-MYSQL\portlet-api/target/classes
[echo]
==
NOTE: Targetting JVM 1.4, classes
will not run on earlier JVMs
==
[javac] Compiling 27 source files to
C:\Marina\Harvard\Projects\jakarta-jetspeed-2-MYSQL\portlet-api\target\classes
BUILD FAILED
File..
C:\Marina\Harvard\Projects\jakarta-jetspeed-2-MYSQL\maven.xml
Element... maven:reactor
Line.. 133
Column 40
Unable to obtain goal [java:compile] --
C:\Marina\MyWork\Maven\cache\maven-java-plugin-1.5\plugin.jelly:63:48:
ant:javac Error running javac.exe compiler
Total time: 37 seconds
Finished at: Fri Feb 25 19:23:20 EST 2005
Any idea what is wrong now?
Thank you!
Marina
--- Hema Menon [EMAIL PROTECTED] wrote:
Marina,
What I meant to say is that, I believe the default
name should be the
type of database name, so in your build script it
should be mysql
instead of j2 and j2test. If you look at the sample
build properties,
it contains hsql for both test and production
default database name.
org.apache.jetspeed.test.database.default.name=hsql
org.apache.jetspeed.test.database.ojb.platform=Hsqldb
Hema
On Thu, 24 Feb 2005 18:37:18 -0800 (PST), Marina
[EMAIL PROTECTED] wrote:
Hi,
I finally got around to switch from HSQLDB to
MySQL
and ran into a build problem.
I setup MySQL DB schema and users per J2
instructions
(created 'j2test' and 'j2' schemas and the
'jetspeed2'
user that has all writes for those schemas). I
have
also modified J2's build.properties to use MySQL
(I'm
including a snippet below).
After that, I do the following:
1. start MySQL DB
2. cd [EMAIL PROTECTED]
maven allClean - OK
maven allBuild - Error:
Attempting to download
maven-torque-plugin-3.2.jar.
2/6K
6/6K
6K downloaded
build:start:
allBuild:
check.required.properties:
torque:init:
db.scripts.gen:
[echo] Generating SQL schema creation
scripts for
HSQLDB
[torque-sql] Using classpath
[torque-sql] Generating to file
C:\Marina\Harvard\Projects\jakarta-jetspeed-2-MYSQL\target\src\sql\hsql\report.portal.sql.generation
[echo] Generating SQL schema creation
scripts for
MySQL
[torque-sql] Using classpath
[torque-sql] Generating to file
C:\Marina\Harvard\Projects\jakarta-jetspeed-2-MYSQL\target\src\sql\mysql\report.portal.sql.generation
[echo] Generating SQL schema creation
scripts for
Oracle
[torque-sql] Using classpath
[torque-sql] Generating to file
C:\Marina\Harvard\Projects\jakarta-jetspeed-2-MYSQL\target\src\sql\oracle\report.portal.sql.generation
[echo] Generating SQL schema creation
scripts for
MS SQL
[torque-sql] Using classpath
[torque-sql] Generating to file
C:\Marina\Harvard\Projects\jakarta-jetspeed-2-MYSQL\target\src\sql\mssql\report.portal.sql.generation
[echo] Generating SQL schema creation
scripts for
Postgres
[torque-sql] Using classpath
[torque-sql] Generating to file
C:\Marina\Harvard\Projects\jakarta-jetspeed-2-MYSQL\target\src\sql\postgres\report.portal.sql.generation
BUILD FAILED
File..
C:\Marina\Harvard\Projects\jakarta-jetspeed-2-MYSQL\maven.xml
Element... sql
Line.. 355
Column 39
Source file does not exist!
Total time: 12 seconds
Finished at: Thu Feb 24 21:27:54 EST 2005
Here is my build.properties (relevant parts):
# Override the database connection and
driverproperties in your
${USER_HOME}/build.properties
appropriately
# See:
#
http://portals.apache.org/jetspeed-2/database.html
org.apache.jetspeed.test.database.url =
jdbc:mysql://localhost/j2test
org.apache.jetspeed.test.database.driver =
com.mysql.jdbc.Driver
org.apache.jetspeed.test.database.user =
jetspeed2
org.apache.jetspeed.test.database.password =
jetspeed2
org.apache.jetspeed.test.jdbc.drivers.path=C:/Marina/MySQL/mysql-connector-java-3.0.16-ga/mysql-connector-java-3.0.16-ga-bin.jar
org.apache.jetspeed.test.database.default.name=j2test
org.apache.jetspeed.test.database.ojb.platform=mysql
org.apache.jetspeed.production.database.url =
jdbc:mysql://localhost/j2
org.apache.jetspeed.production.database.driver =
com.mysql.jdbc.Driver
org.apache.jetspeed.production.database.user =
jetspeed2
org.apache.jetspeed.production.database.password
=
jetspeed2
org.apache.jetspeed.production.jdbc.drivers.path=C:/Marina/MySQL/mysql-connector-java-3.0.16-ga/mysql-connector-java-3.0.16-ga-bin.jar
using MySQL with J2 - setup problem
Hi,
I finally got around to switch from HSQLDB to MySQL
and ran into a build problem.
I setup MySQL DB schema and users per J2 instructions
(created 'j2test' and 'j2' schemas and the 'jetspeed2'
user that has all writes for those schemas). I have
also modified J2's build.properties to use MySQL (I'm
including a snippet below).
After that, I do the following:
1. start MySQL DB
2. cd [EMAIL PROTECTED]
maven allClean - OK
maven allBuild - Error:
Attempting to download maven-torque-plugin-3.2.jar.
2/6K
6/6K
6K downloaded
build:start:
allBuild:
check.required.properties:
torque:init:
db.scripts.gen:
[echo] Generating SQL schema creation scripts for
HSQLDB
[torque-sql] Using classpath
[torque-sql] Generating to file
C:\Marina\Harvard\Projects\jakarta-jetspeed-2-MYSQL\target\src\sql\hsql\report.portal.sql.generation
[echo] Generating SQL schema creation scripts for
MySQL
[torque-sql] Using classpath
[torque-sql] Generating to file
C:\Marina\Harvard\Projects\jakarta-jetspeed-2-MYSQL\target\src\sql\mysql\report.portal.sql.generation
[echo] Generating SQL schema creation scripts for
Oracle
[torque-sql] Using classpath
[torque-sql] Generating to file
C:\Marina\Harvard\Projects\jakarta-jetspeed-2-MYSQL\target\src\sql\oracle\report.portal.sql.generation
[echo] Generating SQL schema creation scripts for
MS SQL
[torque-sql] Using classpath
[torque-sql] Generating to file
C:\Marina\Harvard\Projects\jakarta-jetspeed-2-MYSQL\target\src\sql\mssql\report.portal.sql.generation
[echo] Generating SQL schema creation scripts for
Postgres
[torque-sql] Using classpath
[torque-sql] Generating to file
C:\Marina\Harvard\Projects\jakarta-jetspeed-2-MYSQL\target\src\sql\postgres\report.portal.sql.generation
BUILD FAILED
File..
C:\Marina\Harvard\Projects\jakarta-jetspeed-2-MYSQL\maven.xml
Element... sql
Line.. 355
Column 39
Source file does not exist!
Total time: 12 seconds
Finished at: Thu Feb 24 21:27:54 EST 2005
Here is my build.properties (relevant parts):
# Override the database connection and
driverproperties in your ${USER_HOME}/build.properties
appropriately
# See:
# http://portals.apache.org/jetspeed-2/database.html
org.apache.jetspeed.test.database.url =
jdbc:mysql://localhost/j2test
org.apache.jetspeed.test.database.driver =
com.mysql.jdbc.Driver
org.apache.jetspeed.test.database.user = jetspeed2
org.apache.jetspeed.test.database.password = jetspeed2
org.apache.jetspeed.test.jdbc.drivers.path=C:/Marina/MySQL/mysql-connector-java-3.0.16-ga/mysql-connector-java-3.0.16-ga-bin.jar
org.apache.jetspeed.test.database.default.name=j2test
org.apache.jetspeed.test.database.ojb.platform=mysql
org.apache.jetspeed.production.database.url =
jdbc:mysql://localhost/j2
org.apache.jetspeed.production.database.driver =
com.mysql.jdbc.Driver
org.apache.jetspeed.production.database.user =
jetspeed2
org.apache.jetspeed.production.database.password =
jetspeed2
org.apache.jetspeed.production.jdbc.drivers.path=C:/Marina/MySQL/mysql-connector-java-3.0.16-ga/mysql-connector-java-3.0.16-ga-bin.jar
org.apache.jetspeed.production.database.default.name=j2
org.apache.jetspeed.production.database.ojb.platform=mysql
(I am not sure about the ojb.platform property, there
were no directions on what it should be set to for
MySQL, so I decided to set it to 'mysql' instead of
keeping the default value of 'Hsqldb' ...)
Any idea what I did wrong?
Thanks!
Marina
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
non-scrollable IFramePortlet
Hello! I tried using IFramePortlet to display a content from another URL inside it, and I noticed that the content of the IFramePortlet window is not scrollable. I tried modifying the .../decorations/portlet/html/tigris/decorator.vm as following: ... ## Portlet Content ## #if (!$jetspeed.isHidden($myF) || $jetspeed.WindowState != minimized) tr td class=PContent div style=overflow: auto $myF.renderedContent /div /td /tr #end ... but it did not help. Any idea how I could make it scrollable? Thanks! Marina - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: non-scrollable IFramePortlet
Great, it worked! Thanks, David :) --- David Sean Taylor [EMAIL PROTECTED] wrote: Marina wrote: Hello! I tried using IFramePortlet to display a content from another URL inside it, and I noticed that the content of the IFramePortlet window is not scrollable. Any idea how I could make it scrollable? Try adding this Preference to your portlet.xml and redeploy: preference nameSCROLLING/name valueTRUE/value /preference -- David Sean Taylor Bluesunrise Software [EMAIL PROTECTED] [office] +01 707 773-4646 [mobile] +01 707 529 9194 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: users/roles/groups creation and saving
David, thanks a lot for your help!
After looking more closely at the HSQL DB scripts and
the populate DB scripts I was able to create a bare
minimum custom script for my portal.
I thought I'd share this with the group on case it
might help somebody to do the same:
Here is a minimal script to create a new user, new
role and assign the role to the user:
INSERT INTO SECURITY_PRINCIPAL
VALUES(54,'org.apache.jetspeed.security.InternalRolePrincipalImpl',false,true,'/role/dce-admin-role','2005-02-02
15:02:54.171','2005-02-02 15:02:54.171')
INSERT INTO SECURITY_PRINCIPAL
VALUES(56,'org.apache.jetspeed.security.InternalUserPrincipalImpl',false,true,'/user/dce-admin','2005-02-02
15:03:27.624','2005-02-02 15:03:27.64')
INSERT INTO SECURITY_CREDENTIAL
VALUES(53,56,'some_password',0,'org.apache.jetspeed.security.spi.impl.DefaultPasswordCredentialImpl',false,false,true,0,false,'2005-02-02
15:03:27.64','2005-02-02
15:03:27.64',NULL,NULL,'2005-04-03')
INSERT INTO SECURITY_USER_ROLE VALUES(56,54)
// not necessary if you are OK with a default
profiling rule
INSERT INTO PRINCIPAL_RULE_ASSOC
VALUES('dce-admin','page','role-fallback')
INSERT INTO PRINCIPAL_RULE_ASSOC
VALUES('dce-admin','docset','role-fallback')
One question:
Now that I have a basic SQL script to create a new
user, I thought I could use it in a RegisterPortlet
where a new user could register himself by typing in
his username/password, and , as a result, the portlet
would execute the SQL script on the backend.
However, after looking at the source code of J2's
UserBrowserPortlet and UserDetailsPortlet portlets it
seems like this would not be enough - those portlets
are using J2's objects like
AuthenticationProviderProxy and others.
Could somebody clarify if that's the correct way to
go to implement a RegisterPortlet? Or would execution
of the SQL script be enough?
Thank you!
Marina
--- David Sean Taylor [EMAIL PROTECTED] wrote:
Marina wrote:
Hi!
I'm trying to find an easy way to add new
users/roles/groups to J2 permanently (using HSQL
DB
for now). By that I mean that I want to persist
newly
created objects in the DB between upgrades of J2.
Currently, when you update and rebuild J2 from
CVs,
for example, you have to run the 'maven
quickStart'
goal, otherwise none of the web applications
(/jetspeed, etc.) get deployed into the Tomcat.
Unfortunately, this goal also wipes out your DB
clean
and you have to re-create all your custom
users/groups/roles...
After going through this (painful, if you have
many
users) exercise a few times, I decided to write my
own
version of the populate-default-db.sql - kind of
script.
Ive been using the target maven nodbMinDeploy from
/portal to deploy the
basic Jetspeed portal and security portlet app
without demo apps. Note
that this goal does not populate the database.
After running nodbMinDeploy, I run my own database
scripts to populate
the database, run maven goals to customize J2 to my
components, and then
deploy my portlet app(s).
I think I attached those scripts to another email on
this list a few
days ago. Thus I have a complete custom script for
DDL and default data.
The problem is that I'm not sure what are
dependences
between all tables and it was not that easy to
find
what tables changed after you add, say, a new user
since you don't really know which tables you
should be
monitoring.
Because of that, I have a few questions:
1. could somebody complete my list of tables that
have
to be modified when use create custom users and
roles
and want to tie them together?
So far I have:
to create a new role:
PREFS_NODE
SECURITY_PRINCIPAL
to create a new user and assign the new role to
it:
SECURITY_PRINCIPAL
PRINCIPAL_ROLE_ASSOC
SECURITY_USER_ROLE
SECURITY_USER_GROUP
This actually does not work - I guess I missed a
few
tables...
Yes its not enough, see the email or I can post them
again.
2. Is there a way to save a 'snapshot' of a
working DB
with all new objects and use that in a new J2
installation?
Sure, thats dependent on your database.
For HSQL, simply save the script
3. if all else fails, where is the actual data for
the
HSQL DB stored? Maybe I could use some kind of
'diff'
on it after I add a new user ...
:-)
After seeing the file you will probably never use
HSQL again.
I never use HSQL, not even for development.
Last time I checked it went here:
src/database/hsql/Test.script
src/database/hsql/Production.script
Thank you!
Marina
__
Do you Yahoo!?
Yahoo! Mail - Find what you need with new enhanced
search.
http://info.mail.yahoo.com/mail_250
-
To unsubscribe, e-mail:
[EMAIL PROTECTED]
For additional commands, e-mail:
[EMAIL PROTECTED]
--
David
users/roles/groups creation and saving
Hi! I'm trying to find an easy way to add new users/roles/groups to J2 permanently (using HSQL DB for now). By that I mean that I want to persist newly created objects in the DB between upgrades of J2. Currently, when you update and rebuild J2 from CVs, for example, you have to run the 'maven quickStart' goal, otherwise none of the web applications (/jetspeed, etc.) get deployed into the Tomcat. Unfortunately, this goal also wipes out your DB clean and you have to re-create all your custom users/groups/roles... After going through this (painful, if you have many users) exercise a few times, I decided to write my own version of the populate-default-db.sql - kind of script. The problem is that I'm not sure what are dependences between all tables and it was not that easy to find what tables changed after you add, say, a new user since you don't really know which tables you should be monitoring. Because of that, I have a few questions: 1. could somebody complete my list of tables that have to be modified when use create custom users and roles and want to tie them together? So far I have: to create a new role: PREFS_NODE SECURITY_PRINCIPAL to create a new user and assign the new role to it: SECURITY_PRINCIPAL PRINCIPAL_ROLE_ASSOC SECURITY_USER_ROLE SECURITY_USER_GROUP This actually does not work - I guess I missed a few tables... 2. Is there a way to save a 'snapshot' of a working DB with all new objects and use that in a new J2 installation? 3. if all else fails, where is the actual data for the HSQL DB stored? Maybe I could use some kind of 'diff' on it after I add a new user ... Thank you! Marina __ Do you Yahoo!? Yahoo! Mail - Find what you need with new enhanced search. http://info.mail.yahoo.com/mail_250 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Security web.xml Example
I had the same problem with the 'security' web app disappearing after re-building J2. I've used the same approach as Ate suggested - remove security.war from jetspeed's deploy dir, let J2 undeploy it, then move it back. Worked like a charm :) Marina --- Ate Douma [EMAIL PROTECTED] wrote: Stephen Hatfield wrote: Hello- I have installed J2 on Linux and all is working properly except the login portlet is empty. I saw a previous post on an addition to the web.xml file in security/WEB-INF. I have no files at all in that directory in webapps in Tomcat (5.0.28). Then something went wrong during deployment. You should see numerous files there, all contained within the security.war. There is no need to add anything else. I'd suggest stopping Tomcat and removing the empty folder. Also, remove the security.xml from $TOMCAT/conf/Catalina/localhost. Then, restart Tomcat and once Jetspeed is up and running, move the security.war out of the jetspeed/WEB-INF/deploy in some temporary folder. After a few seconds, Jetspeed will try to undeploy the security application. Once that is done, you can move the security.war back in the deploy folder, and Jetspeed will (try to) deploy it again. Please, check the Tomcat console carefully for error messages. If all goes well the security/WEB-INF shouldn't be empty now. I have a question and a request. Question - what files should be in the security/WEB-INF directory? Request - would someone please post a link to an example web.xml file for security/WEB-INF? Thank you! Stephen Hatfield - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] __ Do you Yahoo!? Meet the all-new My Yahoo! - Try it today! http://my.yahoo.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: CSS and portlets
Hi, Xavier, I'm using CSS in my portlet's JSPs as following: link rel=stylesheet type=text/css href=%=renderResponse.encodeURL(renderRequest.getContextPath() + /css/dce-portal.css)%/ and I package all .css styles in the /css/ dir relative tot he root of the web (portlet) application Marina --- Xavier Lawrence [EMAIL PROTECTED] wrote: Hello, I am currently modifying an existing Struts application so it generates content to a portlet. One question that I have is that the existing application uses custom styles in a CSS file. Is there a way to make the portlet use the styles in the CSS file without copy-paste them in the JSPs ??? Is there a way I could customize jetspeed so it knows about these styles ? Thanks in advance for any help. Regards Xavier -- -=[ xlawrence at jahia dot com ]=- Jahia : A collaborative source CMS and Portal Server www.jahia.org Community and product web site www.jahia.com Commercial services company - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] __ Do you Yahoo!? Yahoo! Mail - now with 250MB free storage. Learn more. http://info.mail.yahoo.com/mail_250 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: How to create a custom profiling rule?
Sorry to bother you all with this again...
Ok, after I've done all these changes, I found a new
problem as well:
no links (*.link files) are displayed on either of the
pages, for neither of the users.
I tried placing them in the / and /dce-portal
directory, but still nothing is displayed.
Is this a problem with my new profiling rule?
What determines whether links are displayed or not?
Thanks!
Marina
--- Marina [EMAIL PROTECTED] wrote:
Randy,
thanks for your help. You are probably right and I
made it more complicated than what it should be.
Basically, what I would like to have in my portal
is:
1. all application-specific portal pages/ docsets/
links should be in a separate directory, say,
.../pages/dce-portal/
2. users ('dce-user', 'dce-admin') with the
'dce-user-role' should be able to see one main page,
dce-main-page.psml, and one additional page as a
tab,
dce-users-page.psml. Both .psml pages are in the
.../pages/dce-portal/ directory
3. a generic (non-logged in, 'guest') user should
see
the ../pages/dce-portal/dce-main-page.psml, and
nothing else
So, to accomplish this, I have created this custom
profiling rule:
insert into PROFILING_RULE values ('dce-generic',
'org.apache.jetspeed.profiler.rules.impl.StandardProfilingRule',
'rule for non-logged in DCE portal users')
insert into RULE_CRITERION values ('100',
'dce-generic', 0, 'path', 'path', '/dce-portal', 0)
and assigned it to the 'guest', 'dce-user' and
'dce-admin' users.
This made all pages visible to these three users. To
restrict access to the user-specific page to the
users
with the 'dce-user-role' role, I've added the
following security constraints to the
dce-users-page.psml:
security-constraint
rolesdce-user-role/roles
permissionsview/permissions
/security-constraint
Well, that did work. With the exception of those
problems I mentioned in my previous post (one of
them
was fixed by using #if($site.rootLinks.isEmpty()) as
David suggested)
So, the only problem that is still left is inclusion
of the .ds sets from the '/' directory. I would
rather
like to use the ../pages/dce-portal/ as the root
directory, but my profiling rule does not seem to
accomplish this.
I hope I'm being clear :)
And thanks a lot for looking into this!
Marina
--- Randy Watler [EMAIL PROTECTED] wrote:
Marina,
Using the Profiler effectively is more in my
court,
so let's see if I can
help here.
I think there are three subjects here that need
individual attention:
1. you probably do not need to define a new
profiling rule... there are some
predefined rules that you can use to achieve
role-based profiling,
2. the demo site is just that and you should start
with a clean
WEB-INF/pages directory only adding in what you
need
from the demo site, and
3. the tigris sample decorator is a good starting
place, but most everyone
ends up customizing and deploying their own
flavor.
So, rather than trying to figure out what you have
now, I would like to know
what your objective is. I'll then tell you how I'd
solve it using the M1
release version. We can then compare notes and
take
it from there... ok?
Randy
-Original Message-
From: Marina
To: Jetspeed Users List
Sent: 12/30/04 1:26 PM
Subject: Re: How to create a custom profiling
rule?
David,
Thanks for the clarification. I did find a way to
do
role-based profiling, basically, by restricting
access
to specific PSML pages by roles.
I still have a few problems I was not able to
solve
so
far. The main one is that I still get some
elements
from the '/' directory included into my pages,
even
though I explicitly specified in my profiling rule
that only elements from a specific directory
should
be
used. I think I made some stupid mistakes while
creating custom profiling rules...
Here is how I setup my portal's content and
created
a
new profiling rule using direct SQL (I don't think
it
is possible to that through the Admin portlets
yet):
1. create new directory for my Portal content:
pages/dce-portal
place into this directory:
dce-main-page.psml
dce-user-page.psml
folder.metadata
2. define new role, 'dce-user-role', and assign it
to
the 'dce-user' user
3. define security constraints in the
folder.metadata:
'guest' users can view all pages;
users with 'dce-user-role' role can view all pages
security-constraints
security-constraint
usersguest/users
permissionsview/permissions
/security-constraint
security-constraint
rolesdce-user-role/roles
permissionsview/permissions
/security-constraint
/security-constraints
4. define security constraints in the
dce-main-page.psml:
!-- allow all users to view --
security-constraints
security-constraint
users*/users
Re: errors when loging as 'jetspeed' user
Randy, you were absolutely right - the problems I had were due to some DB inconsistency, I think. I have reinstalled Tomcat and checked out latest version of J2M1 from CVS and I had no problem logging in or changing passwords as any of the users. I was trying to understand what exactly went wrong, though, as I did not feel comfortable loosing my working J2 installation. I looked more into what I've done and I think I found the most likely reason for the problem. In brief, I was mixing DB initialization/startup procedures from the binary and CVS installs - I was running maven start.production.server with the binary install and start_database.bat after I reinstalled J2 from CVS Also, incorrect users were being used as the 'org.apache.jetspeed.services.autodeployment.user' admin' for CVS install, instead of 'j2deployer' (since I was using 'leftovers' in the build.properties file after the binary install) Basically, my guess is, that if you built J2 from a binary distribution, you should always start your Db with the start_database.bat script before starting Tomcat. And if you updated J2 from CVS, you should run 'maven quickStart' once at the build time, and then start the DB with the 'maven start.production.server' all subsequent times you start J2. I may be completely off here... Thanks for your help! Marina --- Randy Watler [EMAIL PROTECTED] wrote: Marina, The last time I had these kinds of problems I was using an out of date database and/or sql files. What version of J2 are you running? Have you run quickStart recently? Randy Marina wrote: Hi, I can't seem to login as the 'jetspeed' user anymore... First time I logged in - I was requested to change my password. So, I changed it, say, from password1 to password2. Then I tried to login using the password2 - and I was getting the following exception: javax.servlet.ServletException: Fatal error encountered while processing portal request: org.apache.jetspeed.pipeline.PipelineException: org.apache.jetspeed.pipeline.PipelineException: org.apache.jetspeed.pipeline.PipelineException: org.apache.jetspeed.aggregator.FailedToRenderFragmentException: Unable to render fragment because: org.apache.jetspeed.container.window.FailedToRetrievePortletWindow: org.apache.jetspeed.container.window.FailedToCreateWindowException: Error generating new PortletEntity: org.apache.jetspeed.components.portletentity.PortletEntityNotGeneratedException: Failed to retrieve Portlet Definition for jetspeed::TwoColumns org.apache.jetspeed.engine.JetspeedServlet.doGet(JetspeedServlet.java:234) I restarted Jetspeed, logged in as 'admin' , and set password for the 'jetspeed' user back to 'password1'. Then I tried to login as 'jetspeed' and neither of the passwords was working anymore... Two questions: 1. how could I cleanup the 'jetspeed' user and reset its password? 2. how could I stop Jetspeed from requiring me to change the passwords all the time ? (drives me crazy to remember all changed passwords :-) ) Thank you! Marina __ Do you Yahoo!? Take Yahoo! Mail with you! Get it on your mobile phone. http://mobile.yahoo.com/maildemo - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] __ Do you Yahoo!? Yahoo! Mail - 250MB free storage. Do more. Manage less. http://info.mail.yahoo.com/mail_250 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: errors when loging as 'jetspeed' user
Randy, thanks for a quick reply! I'm using J2 M1 release - but I built it out of CVS a few days ago. I have just ran 'maven quickStart' (it wiped out all my custom portlets :( - but that's Ok), and tried to login as 'jetspeed'. Again, it asked me to change the password. When I typed in a new password and clicked 'Save' button I've got exactly the same error as below... It seems it is 'jetspeed' user only that has this problem - I was able to log in as other users with no problem. Thanks! Marina --- Randy Watler [EMAIL PROTECTED] wrote: Marina, The last time I had these kinds of problems I was using an out of date database and/or sql files. What version of J2 are you running? Have you run quickStart recently? Randy Marina wrote: Hi, I can't seem to login as the 'jetspeed' user anymore... First time I logged in - I was requested to change my password. So, I changed it, say, from password1 to password2. Then I tried to login using the password2 - and I was getting the following exception: javax.servlet.ServletException: Fatal error encountered while processing portal request: org.apache.jetspeed.pipeline.PipelineException: org.apache.jetspeed.pipeline.PipelineException: org.apache.jetspeed.pipeline.PipelineException: org.apache.jetspeed.aggregator.FailedToRenderFragmentException: Unable to render fragment because: org.apache.jetspeed.container.window.FailedToRetrievePortletWindow: org.apache.jetspeed.container.window.FailedToCreateWindowException: Error generating new PortletEntity: org.apache.jetspeed.components.portletentity.PortletEntityNotGeneratedException: Failed to retrieve Portlet Definition for jetspeed::TwoColumns org.apache.jetspeed.engine.JetspeedServlet.doGet(JetspeedServlet.java:234) I restarted Jetspeed, logged in as 'admin' , and set password for the 'jetspeed' user back to 'password1'. Then I tried to login as 'jetspeed' and neither of the passwords was working anymore... Two questions: 1. how could I cleanup the 'jetspeed' user and reset its password? 2. how could I stop Jetspeed from requiring me to change the passwords all the time ? (drives me crazy to remember all changed passwords :-) ) Thank you! Marina __ Do you Yahoo!? Take Yahoo! Mail with you! Get it on your mobile phone. http://mobile.yahoo.com/maildemo - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] __ Do you Yahoo!? Dress up your holiday email, Hollywood style. Learn more. http://celebrity.mail.yahoo.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: J2 Profiler
Randy, Doug, I'm very happy to see the continuation of the thread - profiling and page layout is exactly what I was trying to figure out next! I followed Randy's advise and tried to investigate more the differences in the portal page layout for different users. Here are some of my notes (sorry, they are long...) - I hope you could correct me where my guesses were too wild and answer some questions: When user is not logged in, he is a guest user by default. According to the j1 profiling rule (???), pages for the guest user should be taken from the \pages\_user\guest\ directory. However, since this directory does not exist, a default fallback (is that right?) rule is used and the default pages/directories are used: \pages\default-page.psml When logged in as a user user: -- Everything from the \pages\ directory is used; stuff from the \pages\_user\user\ is used in addition to that -- user-specific content comes from the \pages\_user\user , for example, new .psml files and corresponding Tabs that are displayed for the user user only: p003.psml -- [USER 003] PSML page tab nested-layout.psml -- Nested Layout tab -- user user also has the user role (I wish the names would be somewhat different :-) ). Additional user-role-specific stuff comes from the \pages\_role\user\ directory. It has only one directory - \top-links\ , which is referenced from the \pages\_user\user\top-pages.ds file: document-set title[USER] Top Pages/title profile-locatordocset/profile-locator document-path regexp=true/top-links/*.*/document-path /document-set (see questions on that below) When logged in as admin user: -- you see everything that the guest user can see, but in addition, you also see the Jetspeed Administrative Portlets link under the Folders and Pages header in the left-side menu -- there is also a top-pages.ds file in the \pages\ dir that defines this: ?xml version=1.0 encoding=UTF-8? document-set titleTop Pages/title metadata name=title xml:lang=frPage haut/metadata profile-locatordocset/profile-locator document-path/Administrative/document-path /document-set In addition, admin user also has the manager role, so the \pages\_role\manager\ dir is used for the manager-specific content: the folder.metadata determines what is included into the page. It has: document-orderAdministrative/document-order My guess: this is why only a user in the manager role can see the Administrative Portlets link (is this right?) But then, the \pages\_role\manager\folder.metadata also has: document-orderGoogle.link/document-order document-orderp001.psml/document-order document-orderp002.psml/document-order document-orderp003.psml/document-order document-orderp004.psml/document-order but none of them (links for .link and tabs for .psml) is displayed on the page. I would guess that all pxxx.psml are not displayed simply because they do not exist in the \pages\_role\manager\ folder. What about the Google.link though? It does exist in the directory Questions: How are .ds files (docset definitions ??) and the role-specific folders (like \pages\_role\manager ) are related? Do top-pages.ds files under a \_user\username or ..\pages\ directories always reference resources in the \_role\rolename directory? Thanks a lot! Marina --- Randy Watler [EMAIL PROTECTED] wrote: Doug Schnelzer wrote: Randy, Thanks for the guidance. Putting the login portlet in a plain page in the guest directory and protecting everything else works well. In the future, it would be nice to dynamically show/hide portlets on a page based on a user's role. It is definitely under consideration... odds are it will be there in M2 if I had to guess, but others need to weigh in. As I dig in further, can you point me in the right direction for learning more about how the profiler works? Should I just follow the Jetspeed2 source code? If so, can you point me at a Java class to start with? First, look and understand the examples shipped with J2. Try logging in as user/user and jetspeed/jetspeed. Compare what you see with the various content pages and other elements in the pages directories. For more detail, check out this document: http://cvs.apache.org/viewcvs.cgi/jakarta-jetspeed-2/design-docs/src/profiler/J2-page-manager-profiling.sxw This is an OpenOffice document. I can email you another format if you'd like. The source code for all of this resides in /components/profiler and /components/page-manager, but it is not trivial. Feel free to ask questions here so that others can read about the profiler and how to configure it! Also as I browse through the WEB-INF/pages directory structure, there seems to be psml files that aren't displayed (e.g. pages/_user/user/p003.psml and pages/_user/user/nested-layout.psml). These are simply user files for 'user', (instead of 'guest')! Login as user/user. I'd like
Re: Jetspeed2 M1 security setup
Thanks, Randy,
I tried adding the new role directly into the HSQL DB
like this:
INSERT INTO SECURITY_PRINCIPAL
VALUES(15,'org.apache.jetspeed.security.JetspeedRolePrincipalImpl',0,1,'/role/dce-admin-role','2004-12-15
16:27:12.572','2004-12-15 16:27:12.572');
I ran this sql query directly on the HSQL DB, without
modifying the populate-userinfo-for-default-psml.sql
and rebuilding J2.
After I restarted J2, though, the new role is still
not displayed in the list of available roles in the
Role Management portlet. And asigning this role to a
user through the User Manegement portlet did not
work either.
Is this the only table I have to update
('security_principal') in order to create a new role,
or are there some other related tables that I missed?
Thanks,
Marina
--- Randy Watler [EMAIL PROTECTED] wrote:
Marina,
There you have it, (thanks David).
It is a simple matter to add users, roles, groups,
etc. directly to the
DB in the interim. See one of the following scripts:
CVS - src/sql/populate-userinfo-for-default-psml.sql
CVS - src/sql/db
name/populate-userinfo-for-default-psml.sql
M1 -
jetspeed-database/scripts/sql/DML/populate-userinfo-for-default-psml.sql
M1 - jetspeed-database/scripts/sql/DML/db
name/populate-userinfo-for-default-psml.sql
Randy
David Le Strat wrote:
Marina,
Implementation of the role management portlet is
not
complete.
Regards,
David Le Strat.
--- Marina [EMAIL PROTECTED] wrote:
Randy, thanks a lot for your help! I was able to
setup
a basic access control to my portlet's view and
Edit
mode.
I do have more questions on the user management in
J2,
though :)
I've created a new user, dce-admin, using the
Administrative Portlets as 'admin' user. This
worked
fine, and I was able to detect this user through
the
PortletResponse.getUserPrincipal().
I've also tried to create a new role, say
dce-admin-role, and assign this role to the new
user.
This , unfortunately, did not work. I entered the
new
role name into the corresponding form (Add Role)
of
the Role Management tab, but it was never added
to
the list of the available roles and when I tried
to
assign this role to the new user I've got an error
from J2 complaining that this role does not exist:
*** New Full Path: /role/dce-admin-role
failed to add user to role: dce-admin,
dce-admin-roleorg.apache.jetspeed.security.SecurityException:
The role does not exist. dce-admin-role
*** New Full Path: /role/dce-admin-role
Any idea why this is not working?
Thanks,
Marina
-
To unsubscribe, e-mail:
[EMAIL PROTECTED]
For additional commands, e-mail:
[EMAIL PROTECTED]
__
Do you Yahoo!?
Yahoo! Mail - Helps protect you from nasty viruses.
http://promotions.yahoo.com/new_mail
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: Jetspeed2 M1 security setup
Yes, it did work!
The original SQL query did not work right away, so I
looked more closely into the DB schema and guessed
that I should be using the '/role' node's node_id as
the 'parent_node_id' (204). That was a lucky guess and
the following query worked fine:
INSERT INTO PREFS_NODE
VALUES(200,204,'dce-admin-role',0,'/role/dce-admin-role','2004-05-22
16:27:12.472','2004-05-22 16:27:12.472');
After that, I was able to see the new role,
'dce-admin-role', in the 'Role Management' portlet's
list, and was able to assign this role to a user and
see it detected correctly by
PortletRequest.isUserInRole(dce-admin-role).
Thanks a lot for your help!
Marina
--- David Le Strat [EMAIL PROTECTED] wrote:
Marina,
If you are doing this manually, you also need to set
up the role hierarchy manager. In SQL terms, this
means something like this:
INSERT INTO PREFS_NODE
VALUES(200,196,'dce-admin-role',0,'/role/dce-admin-role','2004-05-22
16:27:12.472','2004-05-22 16:27:12.472');
You can also use the RoleManager to add the role you
want to set up.
Regards,
David.
--- Marina [EMAIL PROTECTED] wrote:
Thanks, Randy,
I tried adding the new role directly into the HSQL
DB
like this:
INSERT INTO SECURITY_PRINCIPAL
VALUES(15,'org.apache.jetspeed.security.JetspeedRolePrincipalImpl',0,1,'/role/dce-admin-role','2004-12-15
16:27:12.572','2004-12-15 16:27:12.572');
I ran this sql query directly on the HSQL DB,
without
modifying the
populate-userinfo-for-default-psml.sql
and rebuilding J2.
After I restarted J2, though, the new role is
still
not displayed in the list of available roles in
the
Role Management portlet. And asigning this role
to
a
user through the User Manegement portlet did not
work either.
Is this the only table I have to update
('security_principal') in order to create a new
role,
or are there some other related tables that I
missed?
Thanks,
Marina
--- Randy Watler [EMAIL PROTECTED] wrote:
Marina,
There you have it, (thanks David).
It is a simple matter to add users, roles,
groups,
etc. directly to the
DB in the interim. See one of the following
scripts:
CVS -
src/sql/populate-userinfo-for-default-psml.sql
CVS - src/sql/db
name/populate-userinfo-for-default-psml.sql
M1 -
jetspeed-database/scripts/sql/DML/populate-userinfo-for-default-psml.sql
M1 - jetspeed-database/scripts/sql/DML/db
name/populate-userinfo-for-default-psml.sql
Randy
David Le Strat wrote:
Marina,
Implementation of the role management portlet
is
not
complete.
Regards,
David Le Strat.
--- Marina [EMAIL PROTECTED] wrote:
Randy, thanks a lot for your help! I was able
to
setup
a basic access control to my portlet's view
and
Edit
mode.
I do have more questions on the user
management
in
J2,
though :)
I've created a new user, dce-admin, using the
Administrative Portlets as 'admin' user.
This
worked
fine, and I was able to detect this user
through
the
PortletResponse.getUserPrincipal().
I've also tried to create a new role, say
dce-admin-role, and assign this role to the
new
user.
This , unfortunately, did not work. I entered
the
new
role name into the corresponding form (Add
Role)
of
the Role Management tab, but it was never
added
to
the list of the available roles and when I
tried
to
assign this role to the new user I've got an
error
from J2 complaining that this role does not
exist:
*** New Full Path: /role/dce-admin-role
failed to add user to role: dce-admin,
dce-admin-roleorg.apache.jetspeed.security.SecurityException:
The role does not exist. dce-admin-role
*** New Full Path: /role/dce-admin-role
Any idea why this is not working?
Thanks,
Marina
-
To unsubscribe, e-mail:
[EMAIL PROTECTED]
For additional commands, e-mail:
[EMAIL PROTECTED]
__
Do you Yahoo!?
Yahoo! Mail - Helps protect you from nasty
viruses.
http://promotions.yahoo.com/new_mail
-
To unsubscribe, e-mail:
[EMAIL PROTECTED]
For additional commands, e-mail:
[EMAIL PROTECTED]
__
Do you Yahoo!?
Yahoo! Mail - Find what you need with new enhanced
search.
http://info.mail.yahoo.com/mail_250
-
To unsubscribe, e-mail:
[EMAIL PROTECTED]
=== message truncated ===
__
Do you Yahoo!?
Yahoo! Mail - 250MB free storage. Do more. Manage less
RE: Jetspeed2 M1 security setup
Randy, thanks a lot for your help! I was able to setup a basic access control to my portlet's view and Edit mode. I do have more questions on the user management in J2, though :) I've created a new user, dce-admin, using the Administrative Portlets as 'admin' user. This worked fine, and I was able to detect this user through the PortletResponse.getUserPrincipal(). I've also tried to create a new role, say dce-admin-role, and assign this role to the new user. This , unfortunately, did not work. I entered the new role name into the corresponding form (Add Role) of the Role Management tab, but it was never added to the list of the available roles and when I tried to assign this role to the new user I've got an error from J2 complaining that this role does not exist: *** New Full Path: /role/dce-admin-role failed to add user to role: dce-admin, dce-admin-roleorg.apache.jetspeed.security.SecurityException: The role does not exist. dce-admin-role *** New Full Path: /role/dce-admin-role Any idea why this is not working? Thanks, Marina --- Randy Watler [EMAIL PROTECTED] wrote: Marina, Thanks for using the jetspeed user list! Comments below. Randy -Original Message- From: Marina To: 'Jetspeed Users List ' Sent: 12/6/04 5:06 PM Subject: RE: Jetspeed2 M1 security setup (was: jetspeed-newbie Roles-Groups-Users) Hi, I've successfully built and installed J2 M1 and was looking into the demo applications to figure out how to setup access control for portlets/pages. After checking out some example portlets , like RoleSecurityTest and Login, and their source code, I think I have some idea of how to approach the task but I would like to clarify some topics. First, I'll list my assumptions and then ask questions: 1. tomcat-5.0.30-j2-M1\webapps\jetspeed\WEB-INF\pages\page.security file specifies 'Edit'/'View' permissions for the default Portal's page, defined in default-page.psml The /page.security file defines named security constraints that can be referenced here or in individual page, folder meta data, link, or document set documents. The scope of this file is global across the entire site. References take the form of global-security-constraints-ref/, (which appear only in /page.security), or security-constraints-ref/. Thus, this part : security-constraints-def name=admin security-constraint rolesadmin/roles permissionsview, edit/permissions /security-constraint /security-constraints-def means that only a user with the role 'admin' can edit the layout of the page. Yes, since this fragment is referenced in a global-security-constraints-ref/, it applies to all documents in the site. And this fragment: security-constraints-def name=manager security-constraint rolesmanager/roles permissionsview/permissions /security-constraint /security-constraints-def means that a user with the role 'manager' can view the page. Yes, where used with a security-constraints-ref/. However, anybody can view this default page in reality - even before a user logs in. You don't need any special privileges to access http://localhost:8080/jetspeed to see the page. My assumption is that it is because security constraints are overwritten in the pages/folder.metadata file (see below). Is that true? Not exactly. The override is in the default-page.psml itself, (user=*, permission=view). What is the scope of the page.security definitions and where are they used? See above. 2. each folder under /pages directory (including /pages itself) has a folder.metadata file where more security-constraints are defined for that folder. For example, here is pages/folder.metadata: . security-constraints security-constraint rolesuser/roles permissionsview/permissions /security-constraint security-constraints-refmanager/security-constraints-ref /security-constraints This should be commented out in M1. security-constraints security-constraint users*/users permissionsview/permissions /security-constraint /security-constraints /folder And this is why all users can see the default page. (Is that true?) It would be the case if default-page.psml did not override on its own. To be exact, this allows all users to view the folder and any content within it that does not specify its own security constraints. In effect, this is the site default for global pages because it is defined at the root leve. On the other hand, here is pages\Administrative\folder.metadata : folder titleJetspeed Administrative Portlets/title !-- allow only manager role -- security-constraints security-constraints-refmanager/security-constraints-ref /security-constraints /folder This folder corresponds to the Jetspeed Administrative Portlets menu item in the 'Folder and Pages' menu on the left side
RE: Jetspeed2 M1 security setup (was: jetspeed-newbie Roles-Groups-Users)
of the SSODemoServlet gives some explanation: /** * SSODemoServlet - looks for username, password in the URL for single * signon to this servlet from a SSO portlet. * Username request parameter: ssouser * Password request parameter: ssopw A few questions here: -- how can you use these servlets from your portlets if you want to utilize the Basic authentication mechanism? Should I just call RequestDispatcher.include(/demo/sso-basic)? If not - how else could I use these servlets in portlets? Or, maybe, not use servlets at all but get the Basic authentication working for portlets somehow? -- when supplying incorrect username/password for the SSOBasicDemo servlet, you get an error page in the browser and if you try to reload it it would not work and would not let you to retry login, until you start a new browser session. I checked my browser settings (both Mozilla and IE) and made sure they do not cache pages between requests - still the same problem. I'm sure it's something very simple - but what? Thanks fo rreading this till the end :) Marina __ Do you Yahoo!? Yahoo! Mail - Find what you need with new enhanced search. http://info.mail.yahoo.com/mail_250 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: jetspeed-newbie Roles-Groups-Users
Hi, sorry, I'm still struggling with the user management/ access control. The documentation from J2's profiler directory helped somewhat but now I have even more questions than before :) First, I looked at the jetspeed.xml - and I see --- Randy Watler [EMAIL PROTECTED] wrote: Marina, There are two different Roles/Groups/Users domains in effect: Tomcat's and Jetspeed's. Jetspeed has its own JAAS login/logout that is managed separately from the global Tomcat configuration, (see jetspeed.xml for the JAAS Realm definition). Configuration of Tomcat's Realm is only necessary for running the manager/admin application to deploy portlet webapps. I am not sure why your Tomcat security configuration did not control access to the Jetspeed application as a whole, (I am not an expert there to say the least; I've never had to use that believe it or not). To use the portlet security, you'll probably need to configure the Jetspeed realm correctly or use the demo logins. Like I said, I am not sure portlet security is implemented at this time, YMMV. See the populate-userinfo-for-default-psml.sql script. For page level security, see the demo psml pages under jetspeed/WEB-INF/pages. No document on this stuff yet... it is very new and still settling in. I will mail a PDF version of the profiling document to you in few minutes. Randy Marina wrote: Randy, Thanks a lot for your response. I indeed have more specific question on the security setup in J2. I should note right away that I apologize if these questions are answered in the documentation you mentioned - I was not able to read it as it seems to be in the .sxw format (StarOffice, I think ?). Any idea how to convert them into some other format if I don't have StarOffice readily available? Now to my questions. I'm trying to do a very common thing: require a user to log in when he access the portal for the first time, and then show only those portlets that this user is authorized to see, and give him only those access rights to some functionality (buttons, links in the portlets) that he is authorized to do. First of, I was not sure how to limit access to the portal as a whole - usually you do that kind of thing in the web.xml descriptor of the web application. I guess that would be the $TOMCAT_HOME/webapps/jetspeed/WEB-INF/web.xml But then, would not it be overwritten when Jetspeed is redeployed using the Maven build scripts? And what url-pattern would I have to specify - /jetspeed/* or something like that? Anyway, I decided to try to protect the main portlet as the first step. In my potlet's web.xml I specified: security-constraint web-resource-collection web-resource-nameSecure EventCalendar /web-resource-name url-pattern/EventsCalendarPortlet/* /url-pattern http-methodGET/http-method http-methodPOST/http-method /web-resource-collection auth-constraint role-namedce_admin/role-name /auth-constraint /security-constraint login-config auth-methodBASIC/auth-method /login-config security-role role-namedce_admin/role-name /security-role and I have a corresponding role defined in the tomcat-users.xml: role rolename=dce_admin/ user username=dce_admin password=some_password roles=dce_admin/ Since I could not find any Jetspeed-specific information on specifying security constraints for individual portlets, I just used the Portlet Specification as the guide and added this to the portlet's portlet.xml: security-role-ref role-namedce_admin/role-name role-linkdce_admin/role-link /security-role-ref The EventsCalendarPortlet got deployed into J2 just fine, but it was displayed in the portal without prompting me for any username/password. If you could give me any pointers as to what I'm missing and what would the main steps be to achieve what I'm trying to do it would be great! Sorry for such a long e-mail, thanks! Marina --- Randy Watler [EMAIL PROTECTED] wrote: MP, I am more or less responsible for the J2 profiling and security features. There is some documentation in the J2 design-docs under the profiler directory, (pull from CVS). Also the demo configuration for user/user, (username=user, password=user), uses profiling extensively to customize its view and security to limit its access to the admin pages/portlets. BTW, this functionality is page based, not portlet based. Portlet security constraints can be specified in the portlet.xml, but I am not sure if they are 100% implemented at this point. Feel free to send more specific J2 questions to the list. HTH, Randy Watler -Original Message- From: M P To: Jetspeed Users List Sent: 11/27/04 12:10 PM Subject: Re: jetspeed-newbie Roles-Groups-Users Hi, David, The documentation you mentioned
Re: jetspeed-newbie Roles-Groups-Users
Sorry, I hit Send button before I finished the mail :) What I meant was: I see there is some relationship between directory names under the WEB-INF/pages directory and user like: WEB-INF/pages/_role manager/ user/ WEB-INF/pages/_user user/ So, for me to create a new user, should I use the same naming convention? For example, to add a new user scott with the role admin should I create corresponding directories WEB-INF/pages/_role/admin WEB-INF/pages/_user/scott ?? And then, will the pages (.psml) in the scott/ directory be what is shown in the portal when 'scott' logs in? By the way, where is the login takes place? I tried login through the Login portlet - but it did not change content of the portal window accordingly (I logged in as 'user') Another question: How do you add new users programmatically? Do I have to create those new directories every time I add a new user? What if I want users to be able to register themselves, how would all this directory/files setup work? Or do I have to write my own code to insert new users into the DB (by the way, I'm assuming that's what the populate-userinfo-for-default-psml.sql does, is it?) ? Sorry, I do feel somewhat confused here. Did anybody succeed in setting up the user management in J2? It's hard to believe I'm the first one struggling with this :) Thanks a lot! Marina --- Randy Watler [EMAIL PROTECTED] wrote: Marina, There are two different Roles/Groups/Users domains in effect: Tomcat's and Jetspeed's. Jetspeed has its own JAAS login/logout that is managed separately from the global Tomcat configuration, (see jetspeed.xml for the JAAS Realm definition). Configuration of Tomcat's Realm is only necessary for running the manager/admin application to deploy portlet webapps. I am not sure why your Tomcat security configuration did not control access to the Jetspeed application as a whole, (I am not an expert there to say the least; I've never had to use that believe it or not). To use the portlet security, you'll probably need to configure the Jetspeed realm correctly or use the demo logins. Like I said, I am not sure portlet security is implemented at this time, YMMV. See the populate-userinfo-for-default-psml.sql script. For page level security, see the demo psml pages under jetspeed/WEB-INF/pages. No document on this stuff yet... it is very new and still settling in. I will mail a PDF version of the profiling document to you in few minutes. Randy Marina wrote: Randy, Thanks a lot for your response. I indeed have more specific question on the security setup in J2. I should note right away that I apologize if these questions are answered in the documentation you mentioned - I was not able to read it as it seems to be in the .sxw format (StarOffice, I think ?). Any idea how to convert them into some other format if I don't have StarOffice readily available? Now to my questions. I'm trying to do a very common thing: require a user to log in when he access the portal for the first time, and then show only those portlets that this user is authorized to see, and give him only those access rights to some functionality (buttons, links in the portlets) that he is authorized to do. First of, I was not sure how to limit access to the portal as a whole - usually you do that kind of thing in the web.xml descriptor of the web application. I guess that would be the $TOMCAT_HOME/webapps/jetspeed/WEB-INF/web.xml But then, would not it be overwritten when Jetspeed is redeployed using the Maven build scripts? And what url-pattern would I have to specify - /jetspeed/* or something like that? Anyway, I decided to try to protect the main portlet as the first step. In my potlet's web.xml I specified: security-constraint web-resource-collection web-resource-nameSecure EventCalendar /web-resource-name url-pattern/EventsCalendarPortlet/* /url-pattern http-methodGET/http-method http-methodPOST/http-method /web-resource-collection auth-constraint role-namedce_admin/role-name /auth-constraint /security-constraint login-config auth-methodBASIC/auth-method /login-config security-role role-namedce_admin/role-name /security-role and I have a corresponding role defined in the tomcat-users.xml: role rolename=dce_admin/ user username=dce_admin password=some_password roles=dce_admin/ Since I could not find any Jetspeed-specific information on specifying security constraints for individual portlets, I just used the Portlet Specification as the guide and added this to the portlet's portlet.xml: security-role-ref role-namedce_admin/role-name role-linkdce_admin/role-link /security-role-ref The EventsCalendarPortlet got deployed into J2 just fine, but it was displayed in the portal without prompting me for any
RE: jetspeed-newbie Roles-Groups-Users
Randy, Thanks a lot for your response. I indeed have more specific question on the security setup in J2. I should note right away that I apologize if these questions are answered in the documentation you mentioned - I was not able to read it as it seems to be in the .sxw format (StarOffice, I think ?). Any idea how to convert them into some other format if I don't have StarOffice readily available? Now to my questions. I'm trying to do a very common thing: require a user to log in when he access the portal for the first time, and then show only those portlets that this user is authorized to see, and give him only those access rights to some functionality (buttons, links in the portlets) that he is authorized to do. First of, I was not sure how to limit access to the portal as a whole - usually you do that kind of thing in the web.xml descriptor of the web application. I guess that would be the $TOMCAT_HOME/webapps/jetspeed/WEB-INF/web.xml But then, would not it be overwritten when Jetspeed is redeployed using the Maven build scripts? And what url-pattern would I have to specify - /jetspeed/* or something like that? Anyway, I decided to try to protect the main portlet as the first step. In my potlet's web.xml I specified: security-constraint web-resource-collection web-resource-nameSecure EventCalendar /web-resource-name url-pattern/EventsCalendarPortlet/* /url-pattern http-methodGET/http-method http-methodPOST/http-method /web-resource-collection auth-constraint role-namedce_admin/role-name /auth-constraint /security-constraint login-config auth-methodBASIC/auth-method /login-config security-role role-namedce_admin/role-name /security-role and I have a corresponding role defined in the tomcat-users.xml: role rolename=dce_admin/ user username=dce_admin password=some_password roles=dce_admin/ Since I could not find any Jetspeed-specific information on specifying security constraints for individual portlets, I just used the Portlet Specification as the guide and added this to the portlet's portlet.xml: security-role-ref role-namedce_admin/role-name role-linkdce_admin/role-link /security-role-ref The EventsCalendarPortlet got deployed into J2 just fine, but it was displayed in the portal without prompting me for any username/password. If you could give me any pointers as to what I'm missing and what would the main steps be to achieve what I'm trying to do it would be great! Sorry for such a long e-mail, thanks! Marina --- Randy Watler [EMAIL PROTECTED] wrote: MP, I am more or less responsible for the J2 profiling and security features. There is some documentation in the J2 design-docs under the profiler directory, (pull from CVS). Also the demo configuration for user/user, (username=user, password=user), uses profiling extensively to customize its view and security to limit its access to the admin pages/portlets. BTW, this functionality is page based, not portlet based. Portlet security constraints can be specified in the portlet.xml, but I am not sure if they are 100% implemented at this point. Feel free to send more specific J2 questions to the list. HTH, Randy Watler -Original Message- From: M P To: Jetspeed Users List Sent: 11/27/04 12:10 PM Subject: Re: jetspeed-newbie Roles-Groups-Users Hi, David, The documentation you mentioned is for Jetspeed 1. Is it also true for Jetspeed2? If not - could you point me to where I could find it for J2? I looked through all documentation on the J2 home page and Wikis and could not find anything on how to control access to specific portlets based on user roles/ groups. Thank you! Marina --- David Sean Taylor [EMAIL PROTECTED] wrote: Thilina wrote: Hi, I need to do following thing using the jetspeed, Creating.. 3 roles - Admin, Executive, Developer 2 Groups - Administration, Users 100 of users - CEO,CFO,admin, aaa, bbb, ccc, etc Setting Admin and Executive belongs to Administrative Group Developer belongs to Users Group CEO and CFO are Executive Roles admin user is belongs to Admin role aaa, bbb, ccc, etc belongs to Developer role Users group only have rights to view the information. Admin role have all the control except viewing some confidential information such as Banking and Finance information. Only CEO and CFO have rights to access those information. Admin could lock and unlock account except CEO and CFO. Is this kind of activity achieve using jetspeed 1.5? Yes. To see the User Admin, go here: http://.bluesunrise.com/jetspeed login as user = admin, pw = (sendme an email personally to get it) Go to the security tab, and then Security Browser Here you can see how to setup security constraints You will also see
