Re: multiple Servlets registered for resourceTypes sling/servlet/default
Hi Mike, Mike Müller schrieb: Hi If you register an own Servlet which should be used as default servlet you can register it with sling.servlet.resourceTypes=sling/servlet/default sling.servlet.methods=GET (if it should work only for GET requests) If I upload a bundle with such a Servlet (call it MyServlet) in Sling everything seems to be fine, the GET requests are dispatched by the MyServlet. But after a restart of Sling it's a random luck which Servlet (the DefaultGetServlet or the MyServlet) will dispatch the request. Shouldn't there be a way to mark a Servlet as the one with higher priority. There is the getWeightedResources method on the ResourceCollector, but this doesn't help, because neither Servlet has more weight. In my case I would like to install a Servlet which implements the OptingServlet and gets all requests first to decide if the DefaultGetServlet should handle the request or if it should be handled by the MyServlet itself. Frankly, this ain't gonna work: you cannot reliably register two servlets with the same setup. For this reason you can only replace the DefaultGetServlet by removing the o.a.sling.serlvets.get bundle. I presume, that this is not an option, though ;-) Now my question is: what functionality do you implement in your special generic GET servlet, which is missing from the Sling DefaultGetServlet. Could there be a chance of plugging your required functionality into the DefaultGetServlet ? Another option would be that you create your own servlet extending from the DefaultGetServlet. You then create a bundle with your own code merged with the contents of the o.a.sling.servlets.get bundle and only install your own bundle. But I suggest, we first explore the first option. Regards Felix
[jira] Created: (SLING-938) Refine initiaition of the authentication process
Refine initiaition of the authentication process Key: SLING-938 URL: https://issues.apache.org/jira/browse/SLING-938 Project: Sling Issue Type: Improvement Components: Engine Affects Versions: Engine 2.0.2 Reporter: Felix Meschberger Assignee: Felix Meschberger Fix For: Engine 2.0.4 Currently the authentication process can only be initiated by explicitly calling a login page provided by some AuthenticationHandler implementation bundle. There is no way to initiate the authentication process from within a servlet or script (e.g. to have the user log in a 404/NOT FOUND error handler). To support this kind of functionality the existing SlingAuthenticator.requestAuthentcation method should be publicly accessible through Service interface. Servlets or scripts which want to request authentication from the client for the current request may then call this service method. This method applies the same authentication handler selection algorithm for the given HttpServletRequest object as it does for finding the authentication handler in the authenticate process. This ensures, that for a given request, the appropriate authentication handler is called which is then able to initiate authentication appropriately, for example by drawing a form. For full details refer to http://cwiki.apache.org/SLING/authentication-initiation.html -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
[jira] Created: (SLING-939) Adapt the Http Authenticator to the refined authentication process
Adapt the Http Authenticator to the refined authentication process -- Key: SLING-939 URL: https://issues.apache.org/jira/browse/SLING-939 Project: Sling Issue Type: Sub-task Components: Extensions Affects Versions: Extensions httpauth 2.0.2 Reporter: Felix Meschberger Assignee: Felix Meschberger Adapt the HTTP Header authentication handler to the new refined authenticaiton initiation processing implemented by SLING-938. Tasks: * The LoginServlet calls the new requestAuthentication service method * requestAuthentication method will now draw the login form -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
[jira] Resolved: (SLING-938) Refine initiaition of the authentication process
[ https://issues.apache.org/jira/browse/SLING-938?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Felix Meschberger resolved SLING-938. - Resolution: Fixed Implemented a new Authenticator interface with (currently) a single method: login(HttpServletRequest, HttpServletResponse) which may called to ask the client to login. Note: I renamed the method from the initial proposal requestAuthentication to login, since it sounds more appropriate and any future extension to also support logging out would then just add a logout method. Refine initiaition of the authentication process Key: SLING-938 URL: https://issues.apache.org/jira/browse/SLING-938 Project: Sling Issue Type: Improvement Components: Engine Affects Versions: Engine 2.0.2 Reporter: Felix Meschberger Assignee: Felix Meschberger Fix For: Engine 2.0.4 Currently the authentication process can only be initiated by explicitly calling a login page provided by some AuthenticationHandler implementation bundle. There is no way to initiate the authentication process from within a servlet or script (e.g. to have the user log in a 404/NOT FOUND error handler). To support this kind of functionality the existing SlingAuthenticator.requestAuthentcation method should be publicly accessible through Service interface. Servlets or scripts which want to request authentication from the client for the current request may then call this service method. This method applies the same authentication handler selection algorithm for the given HttpServletRequest object as it does for finding the authentication handler in the authenticate process. This ensures, that for a given request, the appropriate authentication handler is called which is then able to initiate authentication appropriately, for example by drawing a form. For full details refer to http://cwiki.apache.org/SLING/authentication-initiation.html -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
Restricting SlingRepository.loginAdministrative()? (was: Security in Sling)
Hi, On Wed, Apr 22, 2009 at 6:22 PM, Rory Douglas rory.doug...@oracle.com wrote: Bertrand Delacretaz wrote: 2) Prevent legitimate scripts from messing up with the system An variant of 2) just showed up in the Accessing JCR thread. Looks like anyone that can upload a script can do the following: sling:defineObjects/ % SlingRepository repo = sling.getService(SlingRepository.class); Session superSession = repo.loginAdministrative(null); // and then do anything, like superSession.getRootNode().remove(); % loginAdministrative is fine for trusted code, but you're right that we might want to restrict it. Not sure how to best approach this...what do people think? -Bertrand
[jira] Commented: (SLING-939) Adapt the Http Authenticator to the refined authentication process
[ https://issues.apache.org/jira/browse/SLING-939?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=12701850#action_12701850 ] Felix Meschberger commented on SLING-939: - Updated reference to the HTTP Header Authentication Handler bundle in Rev. 767855 of the launchpad/bundles pom Adapt the Http Authenticator to the refined authentication process -- Key: SLING-939 URL: https://issues.apache.org/jira/browse/SLING-939 Project: Sling Issue Type: Sub-task Components: Extensions Affects Versions: Extensions httpauth 2.0.2 Reporter: Felix Meschberger Assignee: Felix Meschberger Adapt the HTTP Header authentication handler to the new refined authenticaiton initiation processing implemented by SLING-938. Tasks: * The LoginServlet calls the new requestAuthentication service method * requestAuthentication method will now draw the login form -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
Re: Restricting SlingRepository.loginAdministrative()? (was: Security in Sling)
Hi, Bertrand Delacretaz schrieb: Hi, On Wed, Apr 22, 2009 at 6:22 PM, Rory Douglas rory.doug...@oracle.com wrote: Bertrand Delacretaz wrote: 2) Prevent legitimate scripts from messing up with the system An variant of 2) just showed up in the Accessing JCR thread. Looks like anyone that can upload a script can do the following: sling:defineObjects/ % SlingRepository repo = sling.getService(SlingRepository.class); Session superSession = repo.loginAdministrative(null); // and then do anything, like superSession.getRootNode().remove(); % loginAdministrative is fine for trusted code, but you're right that we might want to restrict it. Not sure how to best approach this...what do people think? In terms of OPSGi and Java Security, the best approach would probably be to guard this method by the SecurityManager and introduce a Permission for this. Regards Felix
Content Technology track at the ApacheCon US 2009
Hi, [Sorry again for cross-posting, perhaps we should set up a jcr-interest@ mailing list somewhere] The ApacheCon planners are asking for Apache projects to self-organize content for the upcoming ApacheCon US in November this year. It would be cool to have a track related to content repositories and content management. Jackrabbit and Sling would form a nice core for such a track, but we could also include sessions on things like Chemistry and other related projects. The planners would like an indication of interest ASAP, so I will contact them about this if people think it's a good idea. In previous ApacheCons we've typically had a few related presentations and a BoF session or a Meetup. Based on that I think we could well organize something like a half-day track of presentations and workshops followed by a more informal community meetup in the evening. BR, Jukka Zitting
[jira] Commented: (SLING-939) Adapt the Http Authenticator to the refined authentication process
[ https://issues.apache.org/jira/browse/SLING-939?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=12701879#action_12701879 ] Felix Meschberger commented on SLING-939: - No, not at the moment, since you cannot replace bundle content with a fragment, just ammend. In this case it would have to be replacement. What I would envision to make the form for this handler configurable is to actually place it in the repository where it might be modified, replaced, whatever ... But this requires more thinking about the protocol and much more importandly: documentation of the protocol. Adapt the Http Authenticator to the refined authentication process -- Key: SLING-939 URL: https://issues.apache.org/jira/browse/SLING-939 Project: Sling Issue Type: Sub-task Components: Extensions Affects Versions: Extensions httpauth 2.0.2 Reporter: Felix Meschberger Assignee: Felix Meschberger Adapt the HTTP Header authentication handler to the new refined authenticaiton initiation processing implemented by SLING-938. Tasks: * The LoginServlet calls the new requestAuthentication service method * requestAuthentication method will now draw the login form -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
AW: multiple Servlets registered for resourceTypes sling/servlet/default
If you register an own Servlet which should be used as default servlet you can register it with sling.servlet.resourceTypes=sling/servlet/default sling.servlet.methods=GET (if it should work only for GET requests) If I upload a bundle with such a Servlet (call it MyServlet) in Sling everything seems to be fine, the GET requests are dispatched by the MyServlet. But after a restart of Sling it's a random luck which Servlet (the DefaultGetServlet or the MyServlet) will dispatch the request. Shouldn't there be a way to mark a Servlet as the one with higher priority. There is the getWeightedResources method on the ResourceCollector, but this doesn't help, because neither Servlet has more weight. In my case I would like to install a Servlet which implements the OptingServlet and gets all requests first to decide if the DefaultGetServlet should handle the request or if it should be handled by the MyServlet itself. Frankly, this ain't gonna work: you cannot reliably register two servlets with the same setup. For this reason you can only replace the DefaultGetServlet by removing the o.a.sling.serlvets.get bundle. I presume, that this is not an option, though ;-) Now my question is: what functionality do you implement in your special generic GET servlet, which is missing from the Sling DefaultGetServlet. Could there be a chance of plugging your required functionality into the DefaultGetServlet ? Another option would be that you create your own servlet extending from the DefaultGetServlet. You then create a bundle with your own code merged with the contents of the o.a.sling.servlets.get bundle and only install your own bundle. But I suggest, we first explore the first option. Hi Felix What I try tio achieve is run some legacy stuff shoulder to shoulder with new stuff which entirely is built on Sling. So the MyServlet (or call it LegacyServlet) should check (as OptingServlet) if the request is a call to the legacy stuff and handle it in this case. If not, accepts() on the LegacyServlet should return false and the request should be handled by the default Servlets of Sling (or any other registered Servlet for the request). So plugging in the functionality to the existing DefaultGetServlet and the SlingPostServlet is probably not the solution. Extending from the existing default Servlets seems to fit better in this case. Maybe also Filters could help in this case, but as far as I understood filters are not preprocessed in a Sling standalone app, so the solution with filters would be bound to using Sling in a Servlet container (which I do not prefer!). is there any other possability? best regards mike
Re: Content Technology track at the ApacheCon US 2009
Hi, On Thu, Apr 23, 2009 at 11:37 AM, Jukka Zitting jukka.zitt...@gmail.com wrote: It would be cool to have a track related to content repositories and content management I like your idea. This is based on the same idea of the 'Interoperability' one, that I mentioned some days ago. Jackrabbit and Sling would form a nice core for such a track, but we could also include sessions on things like Chemistry and other related projects. POI is often used in CM contexts and products; do you think that such a project could fall within such a track? Cheers, -- Paolo Mottadelli: http://www.paolomottadelli.com Sourcesense - making sense of Open Source: http://www.sourcesense.com
Strange eclipse errors?
Anyone else seeing the following compile errors when viewing sling trunk in eclipse? Description ResourcePathLocationType Constants.FRAMEWORK_BEGINNING_STARTLEVEL cannot be resolved Sling.java sling-trunk/launchpad/base/src/main/java/org/apache/sling/launchpad/base/impl line 406 Java Problem Constants.FRAMEWORK_BEGINNING_STARTLEVEL cannot be resolved Sling.java sling-trunk/launchpad/base/src/main/java/org/apache/sling/launchpad/base/impl line 407 Java Problem Constants.FRAMEWORK_STORAGE cannot be resolved Sling.java sling-trunk/launchpad/base/src/main/java/org/apache/sling/launchpad/base/impl line 396 Java Problem Here is the code where the errors occur (starts line 395): // migrate old properties to new properties migrateProp(staticProps, felix.cache.profiledir, Constants.FRAMEWORK_STORAGE); migrateProp(staticProps, sling.osgi-core-packages, osgi-core-packages); migrateProp(staticProps, sling.osgi-compendium-services, osgi-compendium-services); // migrate initial start level property: Felix used to have // felix.startlevel.framework, later moved to org.osgi.framework.startlevel // and finally now uses org.osgi.framework.startlevel.beginning as // speced in the latest R 4.2 draft (2009/03/10). We first check the // intermediate Felix property, then the initial property, thus allowing // the older (and more probable value) to win migrateProp(staticProps, org.osgi.framework.startlevel, Constants.FRAMEWORK_BEGINNING_STARTLEVEL); migrateProp(staticProps, felix.startlevel.framework, Constants.FRAMEWORK_BEGINNING_STARTLEVEL); The values do not appear to be in the constants file but I don't see any failure when building with maven so I am not sure what is going on here. I am willing to chalk it up to weirdness in my eclipse installation but I thought I might ask if anyone else sees this also before I dig deeper. -AZ -- Aaron Zeckoski (aar...@vt.edu) Senior Research Engineer - CARET - Cambridge University [http://bugs.sakaiproject.org/confluence/display/~aaronz/] Sakai Fellow - [http://aaronz-sakai.blogspot.com/]
Re: AW: multiple Servlets registered for resourceTypes sling/servlet/default
Hi Mike, Mike Müller schrieb: ... snip snap ... What I try tio achieve is run some legacy stuff shoulder to shoulder with new stuff which entirely is built on Sling. So the MyServlet (or call it LegacyServlet) should check (as OptingServlet) if the request is a call to the legacy stuff and handle it in this case. If not, accepts() on the LegacyServlet should return false and the request should be handled by the default Servlets of Sling (or any other registered Servlet for the request). Ok, the crucial point here is any other registered Servlet: If Sling decides to no check for another servlet, your LegacyServlet will never be asked whether it accepts the request or not. So plugging in the functionality to the existing DefaultGetServlet and the SlingPostServlet is probably not the solution. Agreed, but mainly due to how servlet resolution works. Extending from the existing default Servlets seems to fit better in this case. Maybe also Filters could help in this case, but as far as I understood filters are not preprocessed in a Sling standalone app, so the solution with filters would be bound to using Sling in a Servlet container (which I do not prefer!). Filter processing inside Sling is always the same because Sling is managing the filters themselves and does not work with the servlet container filter processing. As such Filters registered as Filter services in Sling always work the same, no matter what. So for your legacy issue, I would suggest you create a request filter (filter.scope=request) which checks whether the request is for a legacy resource or a sling resource. If the request is for a legacy resource, the filter processes the request in the legacy way and terminates the request after that by simply not calling the FilterChain.doFilter method. If the request for a Sling resource (non-legacy), the request is simply passed through to the filter chain calling FilterChain.doFilter. Would that work for you ? Regards Felix PS: I have just written down some more information on filters which should appear on the site in an hour or two, until then the page may already be seen at http://cwiki.apache.org/SLINGxSITE/filters.html
Re: Strange eclipse errors?
I ran into a similar problem, but it was ages (months) ago. My guess is that you tried to use the maven eclipse plugin to import the sling project. Instead I would use the mvn eclipse:eclipse goal first and then import existing projects. The heart of the problem lies in eclipse not really resolving libraries in the order that maven does, so you see these sorts of discontinuities from time to time. Also, there was a change in felix a few months ago that triggered the problem, I forget the details now, but you may see something in the mailing lists about it (with my name on it). I'm not sure if the above suggestion will fix your problem, but it's certainly worth a try. -- Langley On Thu, 2009-04-23 at 06:57 -0400, Aaron Zeckoski wrote: Anyone else seeing the following compile errors when viewing sling trunk in eclipse? Description ResourcePathLocationType Constants.FRAMEWORK_BEGINNING_STARTLEVEL cannot be resolved Sling.java sling-trunk/launchpad/base/src/main/java/org/apache/sling/launchpad/base/impl line 406 Java Problem Constants.FRAMEWORK_BEGINNING_STARTLEVEL cannot be resolved Sling.java sling-trunk/launchpad/base/src/main/java/org/apache/sling/launchpad/base/impl line 407 Java Problem Constants.FRAMEWORK_STORAGE cannot be resolvedSling.java sling-trunk/launchpad/base/src/main/java/org/apache/sling/launchpad/base/impl line 396 Java Problem Here is the code where the errors occur (starts line 395): // migrate old properties to new properties migrateProp(staticProps, felix.cache.profiledir, Constants.FRAMEWORK_STORAGE); migrateProp(staticProps, sling.osgi-core-packages, osgi-core-packages); migrateProp(staticProps, sling.osgi-compendium-services, osgi-compendium-services); // migrate initial start level property: Felix used to have // felix.startlevel.framework, later moved to org.osgi.framework.startlevel // and finally now uses org.osgi.framework.startlevel.beginning as // speced in the latest R 4.2 draft (2009/03/10). We first check the // intermediate Felix property, then the initial property, thus allowing // the older (and more probable value) to win migrateProp(staticProps, org.osgi.framework.startlevel, Constants.FRAMEWORK_BEGINNING_STARTLEVEL); migrateProp(staticProps, felix.startlevel.framework, Constants.FRAMEWORK_BEGINNING_STARTLEVEL); The values do not appear to be in the constants file but I don't see any failure when building with maven so I am not sure what is going on here. I am willing to chalk it up to weirdness in my eclipse installation but I thought I might ask if anyone else sees this also before I dig deeper. -AZ
Re: Content Technology track at the ApacheCon US 2009
Hi, On Thu, Apr 23, 2009 at 11:37 AM, Jukka Zitting jukka.zitt...@gmail.com wrote: ...I think we could well organize something like a half-day track of presentations and workshops followed by a more informal community meetup in the evening +1 I'm sure we can easily fill a half-day track with Jacrkabbit, Sling, Chemistry, and by inviting related projects like POI, Tika, etc. to contribute. -Bertrand
Re: [jira] Commented: (SLING-939) Adapt the Http Authenticator to the refined authentication process
Hi Aaron Taking this to the list... That makes sense. I was thinking something like checking for overrideTemplate before getting the default one but storing in the repo would be good. My only possible issue with that is setting up a new one the first time sling starts up would be annoying (unless there is some way to push things into the repo on startup?). If there is no way to push things into the repo on startup I would recommend doing something like allowing a bundle fragment to control this. Things can be injected into the repository on startup using the initial content feature, which is described at [1]. I could then imagine, that the httpauth bundle just installs the default template using the initial content feature, but in a way, that any existing file is not replaced. This file may then be edited or replaced by other files either in place or by another bundle providing initial content. Regards Felix [1] http://cwiki.apache.org/SLINGxSITE/content-loading.html Adapt the Http Authenticator to the refined authentication process -- Key: SLING-939 URL: https://issues.apache.org/jira/browse/SLING-939 Project: Sling Issue Type: Sub-task Components: Extensions Affects Versions: Extensions httpauth 2.0.2 Reporter: Felix Meschberger Assignee: Felix Meschberger Adapt the HTTP Header authentication handler to the new refined authenticaiton initiation processing implemented by SLING-938. Tasks: * The LoginServlet calls the new requestAuthentication service method * requestAuthentication method will now draw the login form
Re: Strange eclipse errors?
Hi, John Langley schrieb: I ran into a similar problem, but it was ages (months) ago. My guess is that you tried to use the maven eclipse plugin to import the sling project. Instead I would use the mvn eclipse:eclipse goal first and then import existing projects. The heart of the problem lies in eclipse not really resolving libraries in the order that maven does, so you see these sorts of discontinuities from time to time. Also, there was a change in felix a few months ago that triggered the problem, I forget the details now, but you may see something in the mailing lists about it (with my name on it). I'm not sure if the above suggestion will fix your problem, but it's certainly worth a try. Yes, this is the problem. The Felix framework jar file contains updated OSGi interfaces (you ran into an issue with the updated Constants interface). The interfaces contain the updates defined by the upcoming 4.2 release of the OSGi framework API. This contrasts with the osgi-core libraries, which still contain the definitions from the R4.1 specification. To fix this issue in Eclipse, I think it suffices it to ensure the Felix framework libary is listed before the osgi-core library in the Eclipse build configuration. Hope this helps. Regards Felix -- Langley On Thu, 2009-04-23 at 06:57 -0400, Aaron Zeckoski wrote: Anyone else seeing the following compile errors when viewing sling trunk in eclipse? Description ResourcePathLocationType Constants.FRAMEWORK_BEGINNING_STARTLEVEL cannot be resolved Sling.java sling-trunk/launchpad/base/src/main/java/org/apache/sling/launchpad/base/impl line 406 Java Problem Constants.FRAMEWORK_BEGINNING_STARTLEVEL cannot be resolved Sling.java sling-trunk/launchpad/base/src/main/java/org/apache/sling/launchpad/base/impl line 407 Java Problem Constants.FRAMEWORK_STORAGE cannot be resolved Sling.java sling-trunk/launchpad/base/src/main/java/org/apache/sling/launchpad/base/impl line 396 Java Problem Here is the code where the errors occur (starts line 395): // migrate old properties to new properties migrateProp(staticProps, felix.cache.profiledir, Constants.FRAMEWORK_STORAGE); migrateProp(staticProps, sling.osgi-core-packages, osgi-core-packages); migrateProp(staticProps, sling.osgi-compendium-services, osgi-compendium-services); // migrate initial start level property: Felix used to have // felix.startlevel.framework, later moved to org.osgi.framework.startlevel // and finally now uses org.osgi.framework.startlevel.beginning as // speced in the latest R 4.2 draft (2009/03/10). We first check the // intermediate Felix property, then the initial property, thus allowing // the older (and more probable value) to win migrateProp(staticProps, org.osgi.framework.startlevel, Constants.FRAMEWORK_BEGINNING_STARTLEVEL); migrateProp(staticProps, felix.startlevel.framework, Constants.FRAMEWORK_BEGINNING_STARTLEVEL); The values do not appear to be in the constants file but I don't see any failure when building with maven so I am not sure what is going on here. I am willing to chalk it up to weirdness in my eclipse installation but I thought I might ask if anyone else sees this also before I dig deeper. -AZ
Re: Strange eclipse errors?
You're right. That is what I am doing. I like the maven 2 plugin so I will just live with it for now (and give Felix's suggestion a try). Thanks all! -AZ On Thu, Apr 23, 2009 at 12:05 PM, John Langley john.lang...@mathworks.com wrote: I ran into a similar problem, but it was ages (months) ago. My guess is that you tried to use the maven eclipse plugin to import the sling project. Instead I would use the mvn eclipse:eclipse goal first and then import existing projects. The heart of the problem lies in eclipse not really resolving libraries in the order that maven does, so you see these sorts of discontinuities from time to time. Also, there was a change in felix a few months ago that triggered the problem, I forget the details now, but you may see something in the mailing lists about it (with my name on it). I'm not sure if the above suggestion will fix your problem, but it's certainly worth a try. -- Langley On Thu, 2009-04-23 at 06:57 -0400, Aaron Zeckoski wrote: Anyone else seeing the following compile errors when viewing sling trunk in eclipse? Description Resource Path Location Type Constants.FRAMEWORK_BEGINNING_STARTLEVEL cannot be resolved Sling.java sling-trunk/launchpad/base/src/main/java/org/apache/sling/launchpad/base/impl line 406 Java Problem Constants.FRAMEWORK_BEGINNING_STARTLEVEL cannot be resolved Sling.java sling-trunk/launchpad/base/src/main/java/org/apache/sling/launchpad/base/impl line 407 Java Problem Constants.FRAMEWORK_STORAGE cannot be resolved Sling.java sling-trunk/launchpad/base/src/main/java/org/apache/sling/launchpad/base/impl line 396 Java Problem Here is the code where the errors occur (starts line 395): // migrate old properties to new properties migrateProp(staticProps, felix.cache.profiledir, Constants.FRAMEWORK_STORAGE); migrateProp(staticProps, sling.osgi-core-packages, osgi-core-packages); migrateProp(staticProps, sling.osgi-compendium-services, osgi-compendium-services); // migrate initial start level property: Felix used to have // felix.startlevel.framework, later moved to org.osgi.framework.startlevel // and finally now uses org.osgi.framework.startlevel.beginning as // speced in the latest R 4.2 draft (2009/03/10). We first check the // intermediate Felix property, then the initial property, thus allowing // the older (and more probable value) to win migrateProp(staticProps, org.osgi.framework.startlevel, Constants.FRAMEWORK_BEGINNING_STARTLEVEL); migrateProp(staticProps, felix.startlevel.framework, Constants.FRAMEWORK_BEGINNING_STARTLEVEL); The values do not appear to be in the constants file but I don't see any failure when building with maven so I am not sure what is going on here. I am willing to chalk it up to weirdness in my eclipse installation but I thought I might ask if anyone else sees this also before I dig deeper. -AZ -- Aaron Zeckoski (aar...@vt.edu) Senior Research Engineer - CARET - Cambridge University [http://bugs.sakaiproject.org/confluence/display/~aaronz/] Sakai Fellow - [http://aaronz-sakai.blogspot.com/]
Re: Content Technology track at the ApacheCon US 2009
On Thu, Apr 23, 2009 at 1:28 PM, Bertrand Delacretaz bdelacre...@apache.org wrote: I'm sure we can easily fill a half-day track with Jacrkabbit, Sling, Chemistry, and by inviting related projects like POI, Tika, etc. to contribute. +1 I'm forwarding this message to the POI community, which is strongly willing to join some other project. I've also submitted a proposal about 'POI' (besides one about 'CMIS' and another about 'Apache in Open Source ECM') Hope this is going to help. Cheers, -- Paolo Mottadelli: http://www.paolomottadelli.com Sourcesense - making sense of Open Source: http://www.sourcesense.com
Re: Restricting SlingRepository.loginAdministrative()? (was: Security in Sling)
Hello For sure not the easiest solution, but what about storing the application in a separate workspace from the content. If scripts were only executable in the application workspace, malicious attackers could maybe create a script in the content workspace, but it would not be possible to execute it. Regards Julian On Thu, Apr 23, 2009 at 10:51 AM, Felix Meschberger fmesc...@gmail.com wrote: Hi, Bertrand Delacretaz schrieb: Hi, On Wed, Apr 22, 2009 at 6:22 PM, Rory Douglas rory.doug...@oracle.com wrote: Bertrand Delacretaz wrote: 2) Prevent legitimate scripts from messing up with the system An variant of 2) just showed up in the Accessing JCR thread. Looks like anyone that can upload a script can do the following: sling:defineObjects/ % SlingRepository repo = sling.getService(SlingRepository.class); Session superSession = repo.loginAdministrative(null); // and then do anything, like superSession.getRootNode().remove(); % loginAdministrative is fine for trusted code, but you're right that we might want to restrict it. Not sure how to best approach this...what do people think? In terms of OPSGi and Java Security, the best approach would probably be to guard this method by the SecurityManager and introduce a Permission for this. Regards Felix -- Julian Sedding, Solution Engineer, Day Software AG email: julian.sedd...@day.com office: +41 61 226 98 92 http://www.day.com/ -- This message is a private communication. If you are not the intended recipient, please do not read, copy, or use it, and do not disclose it to others. Please notify the sender of the delivery error by replying to this message, and then delete it from your system. Thank you. The sender does not assume any liability for timely, trouble-free, complete, virus free, secure, error free or uninterrupted arrival of this e-mail. For verification please request a hard-copy version.
Re: [jira] Commented: (SLING-939) Adapt the Http Authenticator to the refined authentication process
That seems like a nice way to do it from my perspective. -AZ On Thu, Apr 23, 2009 at 12:40 PM, Felix Meschberger fmesc...@gmail.com wrote: Hi Aaron Taking this to the list... That makes sense. I was thinking something like checking for overrideTemplate before getting the default one but storing in the repo would be good. My only possible issue with that is setting up a new one the first time sling starts up would be annoying (unless there is some way to push things into the repo on startup?). If there is no way to push things into the repo on startup I would recommend doing something like allowing a bundle fragment to control this. Things can be injected into the repository on startup using the initial content feature, which is described at [1]. I could then imagine, that the httpauth bundle just installs the default template using the initial content feature, but in a way, that any existing file is not replaced. This file may then be edited or replaced by other files either in place or by another bundle providing initial content. Regards Felix [1] http://cwiki.apache.org/SLINGxSITE/content-loading.html Adapt the Http Authenticator to the refined authentication process -- Key: SLING-939 URL: https://issues.apache.org/jira/browse/SLING-939 Project: Sling Issue Type: Sub-task Components: Extensions Affects Versions: Extensions httpauth 2.0.2 Reporter: Felix Meschberger Assignee: Felix Meschberger Adapt the HTTP Header authentication handler to the new refined authenticaiton initiation processing implemented by SLING-938. Tasks: * The LoginServlet calls the new requestAuthentication service method * requestAuthentication method will now draw the login form -- Aaron Zeckoski (aar...@vt.edu) Senior Research Engineer - CARET - Cambridge University [http://bugs.sakaiproject.org/confluence/display/~aaronz/] Sakai Fellow - [http://aaronz-sakai.blogspot.com/]
[jira] Created: (SLING-940) UserManager and Authorization rest services documentation.
UserManager and Authorization rest services documentation. -- Key: SLING-940 URL: https://issues.apache.org/jira/browse/SLING-940 Project: Sling Issue Type: Improvement Components: JCR Affects Versions: JCR Jackrabbit Server 2.0.2 Reporter: Ian Boston Patch to follow that adds some Javadoc describing the details of the REST services in the user manager and acl servlets. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
Re: Content Technology track at the ApacheCon US 2009
Hi, On Thu, Apr 23, 2009 at 2:58 PM, Paolo Mottadelli paolo@gmail.com wrote: I'm forwarding this message to the POI community, which is strongly willing to join some other project. I've just had a first positive feedback for POI joining the Content Track. Which is the time frame we have to manage in designing the proposal? -- Paolo Mottadelli: http://www.paolomottadelli.com Sourcesense - making sense of Open Source: http://www.sourcesense.com
[jira] Updated: (SLING-940) UserManager and AccessManager rest services documentation.
[ https://issues.apache.org/jira/browse/SLING-940?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Ian Boston updated SLING-940: - Attachment: SLING-940.patch Patch that adds javadoc so that a description of the services appears somewhere a UI developer might be able to read it. Ideally a set of links or perhapse something that introspected the javadoc so that its available at runtime. UserManager and AccessManager rest services documentation. -- Key: SLING-940 URL: https://issues.apache.org/jira/browse/SLING-940 Project: Sling Issue Type: Improvement Components: JCR Affects Versions: JCR Jackrabbit Server 2.0.2 Reporter: Ian Boston Attachments: SLING-940.patch Patch to follow that adds some Javadoc describing the details of the REST services in the user manager and acl servlets. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
Mixed line endings.
I am seeing files of different line ending types in the code base. This could be an artifact of using the Apache Git mirror to work from, but it could also be as a result of some misconfiguration somewhere. I find bundles/jcr/jackrabbit-accessmanager/src/main/java/org/apache/ sling/jcr/jackrabbit/accessmanager/post/DeleteAcesServlet.java is MSDOS and bundles/jcr/jackrabbit-usermanager/src/main/java/org/apache/sling/ jackrabbit/usermanager/post/ChangeUserPasswordServlet.java is unix. does anyone else see the same in SVN or is this an issue with the git mirror ? Ian
Re: Mixed line endings.
Hi, On Thu, Apr 23, 2009 at 4:43 PM, Ian Boston i...@tfd.co.uk wrote: does anyone else see the same in SVN [...] Yes, the files don't have svn:eol-style settings. BR, Jukka Zitting
Re: Mixed line endings.
Jukka, Isn't that normally put in ~/.subversion/config or does its presence there add it to the file of first commit ? and should I be doing anything in git locally ? My patches contain ^M which doesn't look great :) Ian On 23 Apr 2009, at 15:50, Jukka Zitting wrote: Hi, On Thu, Apr 23, 2009 at 4:43 PM, Ian Boston i...@tfd.co.uk wrote: does anyone else see the same in SVN [...] Yes, the files don't have svn:eol-style settings. BR, Jukka Zitting
AccessControlManager question.
Hi, I've spent the last few days looking at the impl of the AccessControlManager and I have noticed several things. ACL's contain , multiple ACE's mapped by a Principal which must resolve by the UserManager to an Authorizable. (the ModifyAceServlet indicates this) The set of Authorizables that a user is a member of must be pre- determined at jcr session time so the privileges can be compiled. --- I want to add 2 concepts to AuthZ, but keep the DefaultAccessControlManager and the accessmanger servlet bundle if possible. The additions are, owner and dynamic group. Owner. Permissions are granted to a sub tree on the basis that the user owns the node in question. There may be many nodes, owned by different users, and the ownership (denoted by a jcr property xyz:owner) may change. Dynamic Group: Non determinable. There is a class of memberships that can only be determined by querying. eg The resource is only readable between 10:00 and 12:00 on 23/04/2009 to members of First Year Physics class accessing the resource from the IP range 131.111.21.0/128 (although *if* you knew this group existed, you could test on every request, but that could become expensive when only 1 resource out of millions needed this sophistication) Is there a better way of implementing Owner and a Dynamic membership which wont generate huge load at session initiation ? Ian
Re: Content Technology track at the ApacheCon US 2009
Hi, See below for the proposal that I sent to the conference planners. BR, Jukka Zitting The Jackrabbit and Sling projects would like to organize a Content Technology track at the ApacheCon US 2009. The track would be focused on content repositories and content management based on the JCR and CMIS standards. We estimate that we could do something like a half-day track followed by a more informal meetup in the evening. This would be a natural extension to the meetups and normal sessions we've had in previous ApacheCons. We could also enlarge the scope of the track to cover a wider range of projects like Cocoon, Lenya, Portals, POI, etc. in which case the track could cover even something like 1-2 days. However, such plans are mostly speculative at the moment. The target audience of this track would mostly consist of web developers and CMS (both web and enterprise) developers and integrators. We might also do a more business-oriented session on the current status of standardization in the content management industry.
AW: multiple Servlets registered for resourceTypes sling/servlet/default
Hi Felix That seems to be exactly what I'm searching for. Thank you very much, also for the docu page on the Sling site itself. I was a little bit confused concerning the Filter implementation because of the thread [1] on the list a year ago... BTW there's a little mistake on the docu on top, instead of javax.servlet.Filter you wrote javax.jcr.Filter. [1] http://markmail.org/message/okmvvgs5ff64i3xa best regards mike ... snip snap ... What I try tio achieve is run some legacy stuff shoulder to shoulder with new stuff which entirely is built on Sling. So the MyServlet (or call it LegacyServlet) should check (as OptingServlet) if the request is a call to the legacy stuff and handle it in this case. If not, accepts() on the LegacyServlet should return false and the request should be handled by the default Servlets of Sling (or any other registered Servlet for the request). Ok, the crucial point here is any other registered Servlet: If Sling decides to no check for another servlet, your LegacyServlet will never be asked whether it accepts the request or not. So plugging in the functionality to the existing DefaultGetServlet and the SlingPostServlet is probably not the solution. Agreed, but mainly due to how servlet resolution works. Extending from the existing default Servlets seems to fit better in this case. Maybe also Filters could help in this case, but as far as I understood filters are not preprocessed in a Sling standalone app, so the solution with filters would be bound to using Sling in a Servlet container (which I do not prefer!). Filter processing inside Sling is always the same because Sling is managing the filters themselves and does not work with the servlet container filter processing. As such Filters registered as Filter services in Sling always work the same, no matter what. So for your legacy issue, I would suggest you create a request filter (filter.scope=request) which checks whether the request is for a legacy resource or a sling resource. If the request is for a legacy resource, the filter processes the request in the legacy way and terminates the request after that by simply not calling the FilterChain.doFilter method. If the request for a Sling resource (non-legacy), the request is simply passed through to the filter chain calling FilterChain.doFilter. Would that work for you ? Regards Felix PS: I have just written down some more information on filters which should appear on the site in an hour or two, until then the page may already be seen at http://cwiki.apache.org/SLINGxSITE/filters.html
Public wiki site is not updated correctly
Hi It seems that the public wiki space is not properly updated, at least the index page at [1] is not. For sure you see the actual content at [2], but if someone new to Slings looks at [1] he maybe gets the sinking feeling that the project is orphaned because the most recently updated page is from 14th July a year ago... [1] http://cwiki.apache.org/SLING/ [2] http://cwiki.apache.org/confluence/display/SLING/Index best regards mike
Re: ModifyAceServlet.
Yes, the jackrabbit implementation does not allow denying privileges on a group. The ModifyAcesServlet mirrors that behavior. I don't know the exact reasoning behind that, I'd suggest posting your question to the jackrabbit list. Denying privileges is not part of the JCR spec, so this is a jackrabbit extension. On Apr 23, 2009 3:28 AM, Ian Boston i...@tfd.co.uk wrote: Hi, I am looking at the ModifyAceServlet. in the o.a.s.jackrabbit.accessmanager bundle I notice that if a requests privileges are denied from a principal that references a group, then the request to deny privileges is ignored. Does this mean its not possible to deny a privilege from a group ? If so, I would like to understand the reasoning. Thanks Ian
Unified system for tags
These are just some loose thoughts that have been brewing in my mind lately, after reading Richardson/Ruby: RESTful Web Services [1]. In order to make Sling (even) more buzzword compliant, I have been thinking about a system for tags. Yes, I'm talking about those keywords that you label your bookmarks with on del.icio.us, photos on Flickr and so on. Of course, a tag could just be a (multi-value) string property on a node. But a tag could also be considered to be a resource in its own right, with its own URL (e.g. /tags/tagname). (The concept of tags as resources is very much present in [1]). Accessing a tag's URL would output nodes that have the given tag. The list could of course be rendered in different formats (json, xml, etc). Accessing /tags would give a list of tags that are in use. That list would be useful when a user is applying tags to nodes (in auto-complete fields etc). In its simplest form, this could be implemented with a servlet or two. But, Sling being a WEB framework, maybe tags should be a more integrated part of the framework. In what way, though, I'm not sure. Perhaps we could do some tricks with indexing or observation, so that retrieving a tag (and its resources) could be speedier. As I hope I made clear, this is not something I've thought through in any way, and I'm not even sure if it's such a generic usecase that it should be included in Sling - maybe it's just specific to certain applications. WDYT? [1] http://oreilly.com/catalog/9780596529260/ -- Vidar S. Ramdal vi...@idium.no - http://www.idium.no Akersgata 16, N-0158 Oslo, Norway +47 21 531941, ext 2070
[jira] Commented: (SLING-902) add java annotation support for sling scr components/servlets
[ https://issues.apache.org/jira/browse/SLING-902?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=12702086#action_12702086 ] Stefan Seifert commented on SLING-902: -- i've refactored the slingservlet annotation support to match the latest felix implementation of annotations in the trunk and submitted it as patch to the felix project: FELIX-1056 if accepted there, this ticket becomes obsolete. add java annotation support for sling scr components/servlets - Key: SLING-902 URL: https://issues.apache.org/jira/browse/SLING-902 Project: Sling Issue Type: New Feature Components: Servlets Resolver Reporter: Stefan Seifert Attachments: 090329_sling_scr_annotations.zip please note: this proposal depends on a felix-scr-plugin proposal described in https://issues.apache.org/jira/browse/FELIX-1010 with the described scr plugin enhancement it is possible to define SCR component definitions via annotations. furthermore it is possible for felix/SCR based projects to define their own and less verbose annotations for specific need, together with a provider class mapping them to the SCR tags needed by the plugin internally. the attached zip file provides such a implemented for one new annotation SlingServlet, see example below. i was not sure into which project and classpath this classes should be placed, so i attached a ZIP file for discussion and try-out. the best solution would be to split them up into two projects - one project containing only the annotation, and the other containing the provider and tag mapping. the first project has no dependencies and can be referenced by any other project needing the annotation. the second has to import the felix-scr-plugin as dependency, this results in a lot of transitive dependency not to be wished in a normal project. Example --- QDox version: /** * Sample servlet with sling mappings. * * @scr.component immediate=true * @scr.service interface=javax.servlet.Servlet * @scr.property name=sling.servlet.methods value=GET * @scr.property name=sling.servlet.resourceTypes * value=/apps/test/components/samplecomponent * @scr.property name=sling.servlet.extensions values.0=html values.1=json */ public class SlingServletQDox implements Servlet { Annotation version: /** * Sample servlet with sling mappings. */ @SlingServlet(methods = GET, resourceTypes = /apps/test/components/samplecomponent, extensions = { html, json }) public class SlingServletAnnotation implements Servlet { Custom annotation mappings can be integrated by defining a class implementing org.apache.felix.scrplugin.tags.annotation.AnnotationTagProvider for the new plugin property annotationTagProviders in the pom. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
Re: AccessControlManager question.
2009/4/23 Ian Boston i...@tfd.co.uk: Hi, I've spent the last few days looking at the impl of the AccessControlManager and I have noticed several things. ACL's contain , multiple ACE's mapped by a Principal which must resolve by the UserManager to an Authorizable. (the ModifyAceServlet indicates this) The set of Authorizables that a user is a member of must be pre-determined at jcr session time so the privileges can be compiled. --- I want to add 2 concepts to AuthZ, but keep the DefaultAccessControlManager and the accessmanger servlet bundle if possible. The additions are, owner and dynamic group. Owner. Permissions are granted to a sub tree on the basis that the user owns the node in question. There may be many nodes, owned by different users, and the ownership (denoted by a jcr property xyz:owner) may change. Dynamic Group: Non determinable. There is a class of memberships that can only be determined by querying. eg The resource is only readable between 10:00 and 12:00 on 23/04/2009 to members of First Year Physics class accessing the resource from the IP range 131.111.21.0/128 (although *if* you knew this group existed, you could test on every request, but that could become expensive when only 1 resource out of millions needed this sophistication) Is there a better way of implementing Owner and a Dynamic membership which wont generate huge load at session initiation ? I have been doing some stuff with dynamic policies myself, and ended up with writing a PluggableAccessManager. This way you can supply your access control logic in your own bundle, and have Sling using it, without touching the default bundles in Sling. The only thing you need to change is the AccessManager element in your repository.xml. The PluggableAccessManager extends DefaultAccessManager, and provides an interface for you to implement your own access control logic. To be able to plugin an access manager, I had to make some minor changes in the Jackrabbit Server bundle. These changes are waiting in a patch at SLING-880 [1]. I'll see if I can get consensus on applying that patch. [1] https://issues.apache.org/jira/browse/SLING-880 -- Vidar S. Ramdal vi...@idium.no - http://www.idium.no Akersgata 16, N-0158 Oslo, Norway +47 21 531941, ext 2070
SLING-880
Being a new committer, I'm not sure how everything is supposed to be done. Can we (that is, I) apply the patch in SLING-880 [1], or does it need a review or a vote or something first? [1] https://issues.apache.org/jira/browse/SLING-880 -- Vidar S. Ramdal vi...@idium.no - http://www.idium.no Akersgata 16, N-0158 Oslo, Norway +47 21 531941, ext 2070
Re: SLING-880
Hi, On Thu, Apr 23, 2009 at 10:59 PM, Vidar Ramdal vi...@idium.no wrote: Being a new committer, I'm not sure how everything is supposed to be done. Can we (that is, I) apply the patch in SLING-880 [1], or does it need a review or a vote or something first? Sling uses the CTR policy (commit-then-review, [1]) so you're free to commit anything that you think is good for the project. If people disagree, they may then ask you to revert or revise the change (don't worry if this happens to you, it's just a sign that people pay attention and that you're pushing the limits :-). If you're working on some part of the code that you're not yet very familiar with or you're otherwise not sure whether a change you're about to make really works as expected, then you can voluntarily ask people to review the patch before you commit it. If you don't hear from anyone in a few days, then you can typically just assume lazy consensus and go forward with the commit. [1] http://www.apache.org/foundation/glossary.html#CommitThenReview BR, Jukka Zitting
[jira] Assigned: (SLING-880) Pluggable AccessManager
[ https://issues.apache.org/jira/browse/SLING-880?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Vidar S. Ramdal reassigned SLING-880: - Assignee: Vidar S. Ramdal (was: Felix Meschberger) Pluggable AccessManager --- Key: SLING-880 URL: https://issues.apache.org/jira/browse/SLING-880 Project: Sling Issue Type: New Feature Components: JCR Affects Versions: JCR Jackrabbit Server 2.0.2 Reporter: Vidar S. Ramdal Assignee: Vidar S. Ramdal Fix For: JCR Jackrabbit Server 2.0.4 Attachments: SLING-880.patch Provide a way to plug in a custom AccessManager, just as you can plug in a custom LoginModule or AuthenticationPlugin, using a delegate. This way we don't have to export the jackrabbit.core packages. See http://markmail.org/thread/wlqm3yjpbyokwcvy and http://markmail.org/thread/myaieenaelot4y66 for background. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
[jira] Resolved: (SLING-880) Pluggable AccessManager
[ https://issues.apache.org/jira/browse/SLING-880?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Vidar S. Ramdal resolved SLING-880. --- Resolution: Fixed Tidied the patch up a bit, added license headers, and applied it in rev#768086 Pluggable AccessManager --- Key: SLING-880 URL: https://issues.apache.org/jira/browse/SLING-880 Project: Sling Issue Type: New Feature Components: JCR Affects Versions: JCR Jackrabbit Server 2.0.2 Reporter: Vidar S. Ramdal Assignee: Vidar S. Ramdal Fix For: JCR Jackrabbit Server 2.0.4 Attachments: SLING-880.patch Provide a way to plug in a custom AccessManager, just as you can plug in a custom LoginModule or AuthenticationPlugin, using a delegate. This way we don't have to export the jackrabbit.core packages. See http://markmail.org/thread/wlqm3yjpbyokwcvy and http://markmail.org/thread/myaieenaelot4y66 for background. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
Re: SLING-880
On Thu, Apr 23, 2009 at 10:59 PM, Vidar Ramdal vi...@idium.no wrote: Being a new committer, I'm not sure how everything is supposed to be done. Can we (that is, I) apply the patch in SLING-880 [1], or does it need a review or a vote or something first? 2009/4/23 Jukka Zitting jukka.zitt...@gmail.com: Sling uses the CTR policy (commit-then-review, [1]) so you're free to commit anything that you think is good for the project. If people disagree, they may then ask you to revert or revise the change (don't worry if this happens to you, it's just a sign that people pay attention and that you're pushing the limits :-). Cool. I applied SLING-880 then. -- Vidar S. Ramdal vi...@idium.no - http://www.idium.no Akersgata 16, N-0158 Oslo, Norway +47 21 531941, ext 2070
Re: AW: multiple Servlets registered for resourceTypes sling/servlet/default
Hi Mike, Mike Müller schrieb: That seems to be exactly what I'm searching for. Thank you very much, also for the docu page on the Sling site itself. I was a little bit confused concerning the Filter implementation because of the thread [1] on the list a year ago... That was something slightly different: The use case was to be able to work around a limitation of the resource resolver at that time (virtual host support). The proposal was to register a regular servlet filter, which would of course only have worked with sling running as a web application. BTW there's a little mistake on the docu on top, instead of javax.servlet.Filter you wrote javax.jcr.Filter. Thanks for reporting. If just fixed this. Regards Felix [1] http://markmail.org/message/okmvvgs5ff64i3xa best regards mike ... snip snap ... What I try tio achieve is run some legacy stuff shoulder to shoulder with new stuff which entirely is built on Sling. So the MyServlet (or call it LegacyServlet) should check (as OptingServlet) if the request is a call to the legacy stuff and handle it in this case. If not, accepts() on the LegacyServlet should return false and the request should be handled by the default Servlets of Sling (or any other registered Servlet for the request). Ok, the crucial point here is any other registered Servlet: If Sling decides to no check for another servlet, your LegacyServlet will never be asked whether it accepts the request or not. So plugging in the functionality to the existing DefaultGetServlet and the SlingPostServlet is probably not the solution. Agreed, but mainly due to how servlet resolution works. Extending from the existing default Servlets seems to fit better in this case. Maybe also Filters could help in this case, but as far as I understood filters are not preprocessed in a Sling standalone app, so the solution with filters would be bound to using Sling in a Servlet container (which I do not prefer!). Filter processing inside Sling is always the same because Sling is managing the filters themselves and does not work with the servlet container filter processing. As such Filters registered as Filter services in Sling always work the same, no matter what. So for your legacy issue, I would suggest you create a request filter (filter.scope=request) which checks whether the request is for a legacy resource or a sling resource. If the request is for a legacy resource, the filter processes the request in the legacy way and terminates the request after that by simply not calling the FilterChain.doFilter method. If the request for a Sling resource (non-legacy), the request is simply passed through to the filter chain calling FilterChain.doFilter. Would that work for you ? Regards Felix PS: I have just written down some more information on filters which should appear on the site in an hour or two, until then the page may already be seen at http://cwiki.apache.org/SLINGxSITE/filters.html
Re: Public wiki site is not updated correctly
Hi Mike, Hmm, yes. This is a problem of the autoexport plugin, which not allways takes into account changes on dependent pages. Most notably we include the {recently-updated} and {children} tags, which seem to not be updated (ie page re-exported) on changes. I just exported this page again, so this should be fixed. Regards Felix Mike Müller schrieb: Hi It seems that the public wiki space is not properly updated, at least the index page at [1] is not. For sure you see the actual content at [2], but if someone new to Slings looks at [1] he maybe gets the sinking feeling that the project is orphaned because the most recently updated page is from 14th July a year ago... [1] http://cwiki.apache.org/SLING/ [2] http://cwiki.apache.org/confluence/display/SLING/Index best regards mike
Re: Unified system for tags
Hi Vidar, We have implemented such a feature exactly as you describe it in our Communiqué 5 product and incidentally, Betrand Delacretaz just yesterday wrote an informative blog entry about it [2] Regards Felix [2] http://dev.day.com/microsling/content/blogs/main/cq5tags.html Vidar Ramdal schrieb: These are just some loose thoughts that have been brewing in my mind lately, after reading Richardson/Ruby: RESTful Web Services [1]. In order to make Sling (even) more buzzword compliant, I have been thinking about a system for tags. Yes, I'm talking about those keywords that you label your bookmarks with on del.icio.us, photos on Flickr and so on. Of course, a tag could just be a (multi-value) string property on a node. But a tag could also be considered to be a resource in its own right, with its own URL (e.g. /tags/tagname). (The concept of tags as resources is very much present in [1]). Accessing a tag's URL would output nodes that have the given tag. The list could of course be rendered in different formats (json, xml, etc). Accessing /tags would give a list of tags that are in use. That list would be useful when a user is applying tags to nodes (in auto-complete fields etc). In its simplest form, this could be implemented with a servlet or two. But, Sling being a WEB framework, maybe tags should be a more integrated part of the framework. In what way, though, I'm not sure. Perhaps we could do some tricks with indexing or observation, so that retrieving a tag (and its resources) could be speedier. As I hope I made clear, this is not something I've thought through in any way, and I'm not even sure if it's such a generic usecase that it should be included in Sling - maybe it's just specific to certain applications. WDYT? [1] http://oreilly.com/catalog/9780596529260/