[06:55:09 CDT(-0500)] <fairwinds> apetro: hi, gmorning
[06:55:22 CDT(-0500)] <apetro> morning
[06:56:28 CDT(-0500)] <fairwinds> apetro: I could not resolve my ClassNotFoundException last night. I was up till 3 or so AM
[06:56:42 CDT(-0500)] <apetro> sorry to hear that
[06:57:25 CDT(-0500)] <apetro> your overlay needs to declare the jar library dependencies it requires.
[06:57:41 CDT(-0500)] <apetro> furthermore, those versions need to not conflict with those of your other dependencies
[06:58:07 CDT(-0500)] <apetro> one thing to check is the /WEB-INF/lib directory of your resulting cas.war for conflicts
[06:58:32 CDT(-0500)] <fairwinds> apetro: right. if I remove my own config from deployerConfigContext.xml, CAS fires up fine. It is just having a problem finding my classes
[06:59:12 CDT(-0500)] <apetro> what classes is it not finding?
[06:59:18 CDT(-0500)] <apetro> the custom class you wrote, or some other class?
[06:59:32 CDT(-0500)] <fairwinds> my custom classes
[06:59:35 CDT(-0500)] <apetro> is the class name (and package) of your declaration in deployerConfigContext.xml exactly right?
[06:59:41 CDT(-0500)] <fairwinds> yup
[07:00:29 CDT(-0500)] <apetro> hmm
[07:00:50 CDT(-0500)] <fairwinds> ie. Caused by: org.springframework.beans.factory.CannotLoadBeanClassException: Cannot find class [com.automorpheus.cas.adapters.CouchDBAuthenticationHandler] for bean with name 'com.automorpheus.cas.adapters.CouchDBAuthenticationHandler#316becfe' defined in ServletContext resource [/WEB-INF/deployerConfigContext.xml]; nested exception is java.lang.ClassNotFoundException: com.automorpheus.cas.adapters.CouchDBAuthenticationHandler
[07:01:11 CDT(-0500)] <apetro> k
[07:01:29 CDT(-0500)] <apetro> and that not found class, that class is hanging out in /WEB-INF/classes ?
[07:01:34 CDT(-0500)] <fairwinds> not sure what the #316becfe is at the end of that
[07:01:58 CDT(-0500)] <apetro> dunno
[07:02:05 CDT(-0500)] <fairwinds> if I comment out the handler, I have same issue with connector bean
[07:02:16 CDT(-0500)] <apetro> I'd guess the name was autogenerated from the class="" value if you didn't explicitly provide an ID or a name
[07:02:29 CDT(-0500)] <apetro> that is, it's an anonymous bean that has a generated name.
[07:03:01 CDT(-0500)] <apetro> yeah. first thing to check is if the class is in your deployed .war someplace or another
[07:03:10 CDT(-0500)] <apetro> in a .jar in /WEB-INF/lib , or in classes
[07:03:26 CDT(-0500)] <apetro> if it's not deployed at all, something wrong with your pom.xml
[07:03:44 CDT(-0500)] <apetro> if it's deployed but somehow isn't being found, something's probably still wrong with your pom.xml
[07:03:55 CDT(-0500)] <fairwinds> <bean id="CouchDBConnection"
[07:03:55 CDT(-0500)] <fairwinds> class="com.automorpheus.cas.adaptors.CouchDBConnection">
[07:03:56 CDT(-0500)] <fairwinds> <property name="host" value="localhost" />
[07:03:56 CDT(-0500)] <fairwinds> <property name="port" value="5985" />
[07:03:56 CDT(-0500)] <fairwinds> <property name="user" value="********" />
[07:03:57 CDT(-0500)] <fairwinds> <property name="password" value="********" />
[07:03:57 CDT(-0500)] <fairwinds> <property name="secure" value="true" />
[07:03:57 CDT(-0500)] <fairwinds> </bean>
[07:04:01 CDT(-0500)] <fairwinds> that is my bean
[07:04:04 CDT(-0500)] <apetro> yup
[07:04:06 CDT(-0500)] <apetro> that's fine
[07:04:22 CDT(-0500)] <apetro> so is there a /WEB-INF/classes/com/auto...
[07:04:42 CDT(-0500)] <fairwinds> <bean class="com.automorpheus.cas.adapters.CouchDBAuthenticationHandler"
[07:04:42 CDT(-0500)] <fairwinds> p:CouchDBConnection="CouchDBconnection" />
[07:04:48 CDT(-0500)] <fairwinds> that is the handler
[07:05:03 CDT(-0500)] <apetro> you've got a case mismatch
[07:05:38 CDT(-0500)] <apetro> connection is named CouchDBConnection , but authhandler depends on CouchDB*c*onnection
[07:06:10 CDT(-0500)] <fairwinds> oh crap, my eyes must be weary
[07:06:17 CDT(-0500)] <apetro> yeah
[07:06:28 CDT(-0500)] <fairwinds> I will try that then
[07:06:31 CDT(-0500)] <apetro> I can't see how that would cause your ClassNotFound , but it should still cause problems
[07:06:51 CDT(-0500)] <fairwinds> k, well I will resolve this first
[07:06:52 CDT(-0500)] <apetro> using a reasonable IDE? IntelliJIDE would have caught that for you, for whatever that's worth
[07:07:18 CDT(-0500)] <fairwinds> yeah, I don't use an ide. I am just a programming editor always
[07:07:22 CDT(-0500)] <apetro> k
[07:07:27 CDT(-0500)] <apetro> real men use vi, etc.
[07:08:23 CDT(-0500)] <apetro> personally, I find IntelliJ totally worth it. People with more patience than I probably get all the same benefits from virtuous config of Eclipse. People who are smarter than I probably do just as well in their text editors of chocie.
[07:08:46 CDT(-0500)] <fairwinds> i will check it out
[07:09:08 CDT(-0500)] <fairwinds> just recreating my .war
[07:20:48 CDT(-0500)] <fairwinds> apetro: same issue. btw. Is a capitalized bean id ok ie. <bean id="CouchDBConnection"
[07:22:16 CDT(-0500)] <apetro> a capitalized bean ID is ok
[07:22:29 CDT(-0500)] <apetro> those are XML IDs. Anything that's legal in an XML ID is ok
[07:22:39 CDT(-0500)] <fairwinds> k, good
[07:22:48 CDT(-0500)] <apetro> and iirc even more than that is legal when you use the "name" attribute instead
[07:23:05 CDT(-0500)] <apetro> alright, how 'bout that pom.xml ?
[07:23:15 CDT(-0500)] <fairwinds> k, will paste it
[07:25:00 CDT(-0500)] <fairwinds> apetro: here is my pom.xml https://gist.github.com/0d4266ff397671bdb42e
[07:26:20 CDT(-0500)] <fairwinds> apetro: basically used with instructions provided on web site
[07:26:27 CDT(-0500)] <apetro> yup
[07:26:34 CDT(-0500)] <apetro> I don't see a problem offhand
[07:26:41 CDT(-0500)] <apetro> so, WEB-INF/classes directory?
[07:26:43 CDT(-0500)] <apetro> got anything in it?
[07:26:50 CDT(-0500)] <fairwinds> let me look
[07:27:12 CDT(-0500)] <apetro> and, in particular, what you're looking for is a com/auto../ tree with your custom classes in it
[07:28:58 CDT(-0500)] <fairwinds> no, I only have deployerConfigContext.xml in my WEB-INF, my project is in src/main/java ...
[07:29:20 CDT(-0500)] <fairwinds> apetro: I think that is my problem
[07:29:25 CDT(-0500)] <apetro> yeah
[07:29:28 CDT(-0500)] <apetro> that's a problem
[07:29:33 CDT(-0500)] <apetro> unless
[07:29:42 CDT(-0500)] <apetro> how about in /WEB-INF/lib
[07:29:54 CDT(-0500)] <fairwinds> no, I don't have a lib either
[07:30:06 CDT(-0500)] <fairwinds> just the xml file
[07:30:20 CDT(-0500)] <apetro> um
[07:30:22 CDT(-0500)] <apetro> wait, wait
[07:30:23 CDT(-0500)] <fairwinds> I originally build my project as a jar before adding to it
[07:30:34 CDT(-0500)] <apetro> mmmm
[07:30:39 CDT(-0500)] <fairwinds> so used the mvn command to make
[07:30:40 CDT(-0500)] <apetro> this isn't sounding right
[07:30:49 CDT(-0500)] <apetro> ok
[07:31:05 CDT(-0500)] <apetro> so when I ask about /WEB-INF/whatever
[07:31:09 CDT(-0500)] <fairwinds> so I made need to rearrange
[07:31:12 CDT(-0500)] <apetro> I mean as deployed to Tomcat
[07:31:38 CDT(-0500)] <apetro> in your Tomcat / webapps / automorpheus-cas directory
[07:31:40 CDT(-0500)] <fairwinds> oh, I was looking at project, let me look at tomcat
[07:31:50 CDT(-0500)] <apetro> aha!
[07:31:51 CDT(-0500)] <apetro> excellent
[07:32:19 CDT(-0500)] <apetro> so the idea with mvn war overlay is that you're overlaying your minimal local changes on somebody else's (here, the CAS project's) .war
[07:32:29 CDT(-0500)] <apetro> so your local project just has your XML file and your Java and so forth
[07:32:52 CDT(-0500)] <fairwinds> yup
[07:32:58 CDT(-0500)] <apetro> but when you build it, first Maven downloads the whole Internet, then it grabs that already-built .war, it cracks it open, adds your XML and your code, zipps it back up
[07:33:06 CDT(-0500)] <apetro> then you give it to Tomcat and Tomcat unzips it again
[07:33:41 CDT(-0500)] <apetro> so the resulting .war in tomcat has all of the original CAS except with your changes applied
[07:33:51 CDT(-0500)] <apetro> should have oodles of jars, lots of complicated XML files you haven't touched, etc.
[07:33:52 CDT(-0500)] <fairwinds> right, when I build project. I am just taking .war and putting in webapps to deploy
[07:34:01 CDT(-0500)] <apetro> yup
[07:34:03 CDT(-0500)] <fairwinds> yup I do
[07:34:19 CDT(-0500)] <fairwinds> but not my project jar. there is none there
[07:34:32 CDT(-0500)] <fairwinds> no com.automorpheus ...
[07:34:59 CDT(-0500)] <apetro> (incidentally, I suggest paranoia as regards tomcat actually successfully deploying subsequent .war . As in, it behooves you to manually (or with a script) delete the prior cas.war and exploded cas directory from Tomcat webapps
[07:35:23 CDT(-0500)] <apetro> or else every once in a while you'll be looking at not-the-code-you-think-you're-looking-at when testing in browser)
[07:35:29 CDT(-0500)] <apetro> okay, no jar
[07:35:37 CDT(-0500)] <apetro> how about in /WEB-INF/classes as deployed?
[07:35:39 CDT(-0500)] <fairwinds> I manually delete the cas folder each time, yup
[07:35:44 CDT(-0500)] <apetro> good call
[07:35:58 CDT(-0500)] <fairwinds> k, let me look
[07:36:27 CDT(-0500)] <fairwinds> no it is not there
[07:36:45 CDT(-0500)] <fairwinds> well, we know tomcat is not lying
[07:37:12 CDT(-0500)] <fairwinds> seriously the class is not there
[07:41:07 CDT(-0500)] <apetro> k
[07:42:19 CDT(-0500)] <apetro> I've done this recently, I'll peek at my pom.xml and see what's different
[07:43:22 CDT(-0500)] <fairwinds> k
[07:45:37 CDT(-0500)] <apetro> add this to your <plugins> element:
[07:45:39 CDT(-0500)] <apetro> <plugin>
[07:45:39 CDT(-0500)] <apetro> <groupId>org.apache.maven.plugins</groupId>
[07:45:39 CDT(-0500)] <apetro> <artifactId>maven-compiler-plugin</artifactId>
[07:45:39 CDT(-0500)] <apetro> <configuration>
[07:45:39 CDT(-0500)] <apetro> <source>1.5</source>
[07:45:42 CDT(-0500)] <apetro> <target>1.5</target>
[07:45:44 CDT(-0500)] <apetro> </configuration>
[07:45:46 CDT(-0500)] <apetro> </plugin>
[07:45:48 CDT(-0500)] <apetro> </plugins>
[07:46:01 CDT(-0500)] <apetro> without introducing the duplicate closing tag for <plugins> , of course
[07:46:16 CDT(-0500)] <apetro> wait, sorry
[07:46:27 CDT(-0500)] <apetro> fairwinds , I'm wrong, you already have that
[07:46:30 CDT(-0500)] <apetro> that's not the problem
[07:47:36 CDT(-0500)] <apetro> rather, on more careful read of your pom.xml , I think this is the problem: it's not declaring any overlay
[07:47:53 CDT(-0500)] <fairwinds> apetro: would it help if I tarred my project and sent to you to see my project folder structure. my main folder is automorpheus-cas and in that I have pom.xml and src folder. In src I have main and test. So src/main/java/com/automorpheus/cas/adaptors
[07:48:59 CDT(-0500)] <fairwinds> oh, that would be problem. maybe I left something out since I built on original pom that mvn created for project
[07:49:01 CDT(-0500)] <apetro> here, I think I appropriately anonymized this: https://gist.github.com/1104048
[07:49:18 CDT(-0500)] <apetro> right
[07:49:24 CDT(-0500)] <apetro> so, in the pom.xml I just posted
[07:49:58 CDT(-0500)] <apetro> notice the <overlays> element configuring the maven-war-plugin
[07:50:09 CDT(-0500)] <apetro> you don't need that clearpass overlay, unless you do
[07:50:18 CDT(-0500)] <apetro> but at the least you need the cas-server-webapp overlay
[07:50:58 CDT(-0500)] <apetro> and then the excludes elements are to cope with conflicting versions of dependency jars that get pulled in on multiple paths
[07:51:15 CDT(-0500)] <apetro> basically, if you end up with duplicate jars in /WEB-INF/lib, that's how you beat that problem into submission
[07:52:01 CDT(-0500)] <apetro> https://wiki.jasig.org/display/CASUM/Best+Practice+-+Setting+Up+CAS+Locally+using+the+Maven2+WAR+Overlay+Method
[07:52:59 CDT(-0500)] <apetro> mmmm
[07:53:06 CDT(-0500)] <fairwinds> k, this give me hope
[07:53:33 CDT(-0500)] <apetro> something's pretty wrong here. As I re-read that very oft-cited documentation I just linked, I don't see where it includes the <overlay> declaration, and therefore I don't see how it would ever work
[07:53:47 CDT(-0500)] <fairwinds> right, I followed this
[07:54:27 CDT(-0500)] <apetro> both Scott and Marvin are more expert on Maven overlays than i am tho. I'll poke them. Entirely possible that I'm misunderstanding and am doing extra unnecessary heroics in my pom.xml from that recent project.
[07:54:45 CDT(-0500)] <apetro> though my pom.xml did work for an entirely successful overlay, so that's worth something
[07:55:44 CDT(-0500)] <fairwinds> well, I am going to try your method now
[07:56:00 CDT(-0500)] <apetro> k
[07:56:12 CDT(-0500)] <apetro> there's a bunch of extra complexity in that example you don't need
[07:56:23 CDT(-0500)] <apetro> in particular, don't start with including clearpass, you probably don't need it ever
[07:56:49 CDT(-0500)] <apetro> leaving that out should greatly reduce the amount of jar conflicts to resolve, etc.
[07:58:31 CDT(-0500)] <fairwinds> yup, I am only including webapp piece
[07:58:35 CDT(-0500)] <fairwinds> overlay
[07:58:53 CDT(-0500)] <apetro> cool
[08:02:27 CDT(-0500)] <apetro> oops. http://www.unicon.net/blog/apetro/cas_aup_checkbox the pom.xml there suggests that what's in your pom.xml ought to have been entirely sufficient.
[08:02:42 CDT(-0500)] <apetro> well, wait
[08:02:57 CDT(-0500)] <apetro> when are you getting this ClassNotFound stack trace, I should have asked earlier?
[08:03:16 CDT(-0500)] <apetro> are you getting that on an attempt to run "mvn package", or is "mvn package" succeeding and you're getting that on deploy to Tomcat?
[08:03:27 CDT(-0500)] <apetro> I'm assuming the former?
[08:04:08 CDT(-0500)] <apetro> in which case it's not succeeding in generating a .war, so all my questions about what's deployed to tomcat are pointless and aren't about the code you're currently working on, since the .war isn't being updated?
[08:06:11 CDT(-0500)] <apetro> (sigh. My blog post is a bad example since it has no custom Java, of course, so the compile time doesn't have to actually find the CAS dependencies).
[08:07:25 CDT(-0500)] <fairwinds> apetro: my mvn clean package succeeds always
[08:08:04 CDT(-0500)] <apetro> k
[08:08:17 CDT(-0500)] <fairwinds> this is what it looks like https://gist.github.com/384b256e1ffc1d3d91e7
[08:09:35 CDT(-0500)] <fairwinds> apetro: with your overlay, my project is in WEB-INF/classes
[08:09:46 CDT(-0500)] <apetro> ok.
[08:09:49 CDT(-0500)] <apetro> that sounds very promising
[08:10:14 CDT(-0500)] <fairwinds> yeah, except tomcat is barfing. I will post traceback
[08:10:47 CDT(-0500)] <fairwinds> same problem with classes not found except with cas classes
[08:14:23 CDT(-0500)] <fairwinds> apetro: this is traceback I am getting from cas.log
[08:14:26 CDT(-0500)] <fairwinds> https://gist.github.com/d35430c99e6009784662
[08:15:38 CDT(-0500)] <apetro> ok
[08:15:46 CDT(-0500)] <apetro> duplicate .jars in /WEB-INF/lib ?
[08:16:19 CDT(-0500)] <fairwinds> this is my latest pom.xml https://gist.github.com/67e1a0f0e35fe2ef60a4
[08:16:26 CDT(-0500)] <fairwinds> ok, let me check
[08:17:49 CDT(-0500)] <apetro> I'll bet you a frosty beverage at the next Jasig conference that you have a duplicate cas-server-core .jar in your WEB-INF/lib directory
[08:18:36 CDT(-0500)] <apetro> (and, to be excruciatingly clear, that's in the lib directory as deployed to tomcat, that is, from the exploded .war)
[08:21:06 CDT(-0500)] <apetro> back online in a bit
[08:21:08 CDT(-0500)] <fairwinds> hmm. I pasted jars from dir in just
[08:21:11 CDT(-0500)] <fairwinds> gist
[08:21:14 CDT(-0500)] <fairwinds> https://gist.github.com/5c5a9cb531b84e7f93f3
[08:21:24 CDT(-0500)] <fairwinds> no duplicates that I can see
[08:22:17 CDT(-0500)] <apetro> I might owe you a frosty beverage
[08:22:19 CDT(-0500)] <fairwinds> please ignore first entry. this is just the lib folder
[08:22:23 CDT(-0500)] <apetro> but that listing looks wrong
[08:22:24 CDT(-0500)] <fairwinds> heh,
[08:22:26 CDT(-0500)] <apetro> what generated that?
[08:22:31 CDT(-0500)] <apetro> what's with the XML files in it?
[08:22:38 CDT(-0500)] <fairwinds> I cut and pasted from my mac
[08:22:41 CDT(-0500)] <apetro> should be exclusively .jars in that lib directory
[08:23:05 CDT(-0500)] <apetro> anyway, back in a bit
[08:23:42 CDT(-0500)] <fairwinds> there is just jars I caught some directories, ignore after xmsec-1.4.3.jar
[08:24:14 CDT(-0500)] <fairwinds> k, I will bbiab. Going out to grab a coffee
[10:08:31 CDT(-0500)] <fairwinds> apetro: found this - When injecting references to other Spring beans, use the "-ref" suffix, as in "p:house-ref".
[10:08:46 CDT(-0500)] <apetro> oh, yes
[10:08:55 CDT(-0500)] <apetro> sorry, did the -ref get lost track of at some point?
[10:09:07 CDT(-0500)] <fairwinds> yup
[10:09:13 CDT(-0500)] <apetro> you definitely need the -ref if you're referencing a bean name, instead of providing the actual value
[10:09:14 CDT(-0500)] <apetro> okay
[10:09:31 CDT(-0500)] <apetro> that shouldn't cause ClassNotFound , but it will definitely trip you up
[10:09:59 CDT(-0500)] <apetro> in general, to the extent that your AuthHandler depends on a bean (the connection bean) that's used only by the AuthHandler, you can wire it inline as a dependency of that bean
[10:10:15 CDT(-0500)] <apetro> as in <property name="couchDbConnection">
[10:10:40 CDT(-0500)] <apetro> <bean class="com.someone.package.YourCouchDbConnectionImplementation">
[10:10:53 CDT(-0500)] <apetro> <property name="someProperty" value="someValue"/>
[10:10:58 CDT(-0500)] <apetro> </bean>
[10:11:01 CDT(-0500)] <apetro> </bean>
[10:11:15 CDT(-0500)] <apetro> oops. </property>, rather.
[10:11:42 CDT(-0500)] <apetro> anyway, the idea is that the connection bean can be wired up right inside the AuthHandler declaration if that's the only place you're going to use it anyway
[10:11:54 CDT(-0500)] <apetro> saves having to name it or match the names and references to it or any of that.
[10:12:33 CDT(-0500)] <apetro> but look, if you're still getting a ClassNotFound error, none of this Spring configuration should make any difference to that other than if there's an incorrect value of a "class" attribute somewhere.
[10:18:15 CDT(-0500)] <fairwinds> apetro: right, I was reading that about spring this morning
[10:19:05 CDT(-0500)] <fairwinds> I was reading from http://static.springsource.org/spring/docs/1.2.x/reference/beans.html'
[10:20:44 CDT(-0500)] <fairwinds> one thing for sure is that the project builds properly and my com.automorpheus.cas.adaptors is in classes within WEB-INF
[10:21:21 CDT(-0500)] <fairwinds> apetro: the pom.xml also looks fine
[10:21:27 CDT(-0500)] <apetro> k
[10:21:34 CDT(-0500)] <apetro> offhand that looks like a very old version of Spring doco
[10:23:05 CDT(-0500)] <fairwinds> am at a loss why it can be found if in WEB-INF and project builds successfully
[10:24:02 CDT(-0500)] <fairwinds> apetro: do you want to look at handler itself?
[10:24:22 CDT(-0500)] <apetro> sure, happy to eyeball it
[10:25:19 CDT(-0500)] <apetro> exactly what error are you getting at this point, and any chance your class(es) fail at static init?
[10:26:13 CDT(-0500)] <apetro> oh, and tell me again the part where you were manually adding something to a .jar? You still doing that?
[10:26:38 CDT(-0500)] <fairwinds> here is handler
[10:26:40 CDT(-0500)] <fairwinds> https://gist.github.com/748bcfaf5459ae041f9b
[10:28:11 CDT(-0500)] <fairwinds> here is connection
[10:28:14 CDT(-0500)] <fairwinds> https://gist.github.com/691da3aab62898afeea1
[10:30:32 CDT(-0500)] <serac> Sending the password hash to the client for comparison is arguably bad practice from a security perspective.
[10:35:19 CDT(-0500)] <fairwinds> serac: Can you suggest an alternative. I am generating sha1 hash from password + salt as you can see. Comparison has to be made with the hash in some way
[10:35:41 CDT(-0500)] <serac> I realize this is how most database auth handlers work, so I suppose I'm just biased by LDAP's security model which never discloses the password of record in any form to the client.
[10:35:51 CDT(-0500)] <serac> So that would be a no.
[10:36:06 CDT(-0500)] <serac> Just making useless comments I guess
[10:39:59 CDT(-0500)] <fairwinds> serac: nah, not useless. I want to make this as secure as possible. It is the password_sha1 that is compared and not sure if there is any other way to handle. At very least it is a hash being sent. It is all ssl as well.
[10:40:46 CDT(-0500)] <serac> It's a fine implementation. The use of salt for your hash calculation is an added benefit.
[10:42:38 CDT(-0500)] <fairwinds> serac: I am not a Java programmer so if you see anything that could have been done better please let me know
[10:43:08 CDT(-0500)] <fairwinds> I am mostly programming javascript on server but previously primarily python
[10:43:16 CDT(-0500)] <serac> Will do. I reviewed CouchDBAuthenticationHandler and it looks good โ particularly for a non-Java fellow. Kudos.
[10:43:41 CDT(-0500)] <fairwinds> k, great
[10:43:52 CDT(-0500)] <serac> Curious about CalculateHash.
[10:43:59 CDT(-0500)] <fairwinds> oh, will put that up
[10:46:43 CDT(-0500)] <fairwinds> serac: https://gist.github.com/18cc777d8202f2387238
[10:47:41 CDT(-0500)] <fairwinds> serac: it is primarily some code I located as a helper
[10:48:40 CDT(-0500)] <fairwinds> apetro: have you viewed the sources?
[10:48:53 CDT(-0500)] <apetro> not yet
[10:49:08 CDT(-0500)] <fairwinds> k
[10:49:53 CDT(-0500)] <fairwinds> serac: have you implemented custom authentication yourself?
[10:50:21 CDT(-0500)] <serac> I'm the maintainer of the X.509 handler so I guess that's a yes.
[10:50:38 CDT(-0500)] <fairwinds> heh, yeah that is good
[10:51:23 CDT(-0500)] <serac> I don't think your implementation of a salted hash is correct.
[10:51:32 CDT(-0500)] <serac> The way that looks is typically:
[10:51:39 CDT(-0500)] <serac> hash.digest(saltBytes);
[10:52:15 CDT(-0500)] <serac> hash.digest(password.getBytes("encoding"));
[10:53:14 CDT(-0500)] <serac> I believe it would be correct to do hash.digest((salt + password).getBytes("encoding"));
[10:53:25 CDT(-0500)] <serac> But you have password+salt, which is the wrong order.
[10:53:48 CDT(-0500)] <serac> If you control the generation of the salted hashes on the server side, and you don't care about interoperability, then it's no big deal.
[10:53:55 CDT(-0500)] <fairwinds> serac: right. This is the method they use within CouchDB itself
[10:54:13 CDT(-0500)] <serac> So much for standards.
[10:54:23 CDT(-0500)] <fairwinds> so in order to get the right value to compare, I had to put in that order
[10:54:29 CDT(-0500)] <serac> Understood.
[10:55:12 CDT(-0500)] <fairwinds> Have you any insight into the problem I am having?
[10:55:31 CDT(-0500)] <serac> Missed the problem.
[10:55:36 CDT(-0500)] <serac> Can you restate briefly?
[10:55:43 CDT(-0500)] <fairwinds> k, will do
[10:57:14 CDT(-0500)] <fairwinds> My project builds correctly and I get cas.war. I deploy in tomcat. My com.automorpheus.cas.adapters class gets generated under WEB-INF/classes
[10:57:42 CDT(-0500)] <fairwinds> but get this problem when I launch tomcat:
[10:58:14 CDT(-0500)] <fairwinds> let me put traceback in a gist
[11:00:46 CDT(-0500)] <fairwinds> serac: https://gist.github.com/d954fd41c0f79234c016
[11:02:47 CDT(-0500)] <fairwinds> serac: this is my deployerConfigContext.xml
[11:02:49 CDT(-0500)] <fairwinds> https://gist.github.com/968921c9d18eba025ba1
[11:03:42 CDT(-0500)] <fairwinds> <bean class="com.automorpheus.cas.adapters.CouchDBAuthenticationHandler"
[11:03:43 CDT(-0500)] <fairwinds> p:CouchDBConnection-ref="CouchDBConnection" />
[11:03:43 CDT(-0500)] <fairwinds> </list>
[11:04:59 CDT(-0500)] <serac> This is a dependency problem.
[11:05:02 CDT(-0500)] <fairwinds> my CouchDBAuthenticationHandler has a setCouchDBConnection method so it should be creating the object and sticking it on the class
[11:05:13 CDT(-0500)] <serac> I need to see the pom.xml for your overlay.
[11:05:24 CDT(-0500)] <fairwinds> k, let me put it up
[11:07:08 CDT(-0500)] <fairwinds> serac: k, here is my pom.xml
[11:07:10 CDT(-0500)] <fairwinds> https://gist.github.com/d5a0b8f8f6531eda04bc
[11:07:38 CDT(-0500)] <apetro> it declares dependency on log4j
[11:07:48 CDT(-0500)] <apetro> but the authhandler implementation is importing slf4j ?
[11:08:18 CDT(-0500)] <apetro> correction, looks like it's just an exclusion on log4j
[11:08:56 CDT(-0500)] <apetro> anyway, I don't see how this import e.g. is being fulfilled by that pom.xml import org.slf4j.Logger;
[11:09:18 CDT(-0500)] <serac> Transitive via cas-server-core likely.
[11:09:25 CDT(-0500)] <apetro> hmm
[11:09:26 CDT(-0500)] <apetro> that works?
[11:09:35 CDT(-0500)] <serac> Transitive dependencies? Yes, indeed.
[11:09:55 CDT(-0500)] <fairwinds> apetro: it builds
[11:10:01 CDT(-0500)] <apetro> right, right.
[11:10:16 CDT(-0500)] <serac> I think I need to see how your source is laid out.
[11:10:27 CDT(-0500)] <serac> I can imagine it, but need to confirm.
[11:11:08 CDT(-0500)] <fairwinds> I will take a picture of my folder. hmm but where to post it?
[11:11:29 CDT(-0500)] <serac> You on osx?
[11:11:33 CDT(-0500)] <fairwinds> yup
[11:12:22 CDT(-0500)] <serac> You should be able to get tree command and generate text listing. Or you can find somewhere to post screenshot.
[11:12:41 CDT(-0500)] <fairwinds> give me a sec
[11:13:50 CDT(-0500)] <serac> MacPorts users could do sudo port install tree if it's not there by default (doubtful).
[11:14:12 CDT(-0500)] <wgthom> not there by default...
[11:14:19 CDT(-0500)] <wgthom> macport worked well tho
[11:15:24 CDT(-0500)] <fairwinds> right I am just installing tree
[11:17:32 CDT(-0500)] <fairwinds> apetro, serac, wgthom: here is tree
[11:17:36 CDT(-0500)] <fairwinds> https://gist.github.com/87a6c97a46f17c29293a
[11:18:32 CDT(-0500)] <fairwinds> this is contained within automorpheus-cas folder that I am building in
[11:18:34 CDT(-0500)] <apetro> conflicting commons-lang .jar versions
[11:18:46 CDT(-0500)] <serac> Looks good โ you have the desired classes under WEB-INF/classes.
[11:19:12 CDT(-0500)] <serac> Multiple jars of same dependency can be problematic, but usually not blockers.
[11:20:01 CDT(-0500)] <fairwinds> well, I like this tree command greatly
[11:20:14 CDT(-0500)] <fairwinds> its handy
[11:20:23 CDT(-0500)] <serac> You misspelled adapters โ class is under adaptors.
[11:20:36 CDT(-0500)] <serac> Fix sp in deployerConfigContext and you should be good.
[11:21:21 CDT(-0500)] <apetro> heh. good catch, serac . I looked at that package path and didn't see that.
[11:21:45 CDT(-0500)] <serac> Easily misspelled word โ it's happened to the best of us.
[11:22:16 CDT(-0500)] <fairwinds> heh, man I hope it is this easy
[11:22:27 CDT(-0500)] <serac> Indeed
[11:23:10 CDT(-0500)] <fairwinds> go figure. I spelled it correctly in the first bean but not the second
[11:23:50 CDT(-0500)] <fairwinds> k, building
[11:26:09 CDT(-0500)] <fairwinds> k, deploying
[11:32:54 CDT(-0500)] <fairwinds> apetro, serac: k, well one problem licked. At least class is now found But looks like I have an issue with a property in CouchDBConnection https://gist.github.com/687c2fcdd0b19cf3d9da Am just looking at this now
[11:34:24 CDT(-0500)] <serac> You need set methods for each of those private properties you want to configure.
[11:34:38 CDT(-0500)] <serac> cf
[11:34:39 CDT(-0500)] <serac> ย ย private String protocol;ย ย ย ย private String host;ย ย ย ย private String port;ย ย ย ย private String user;ย ย ย ย private String password;ย ย ย private String secure;
[11:34:55 CDT(-0500)] <serac> so
[11:35:14 CDT(-0500)] <fairwinds> ah ok
[11:35:14 CDT(-0500)] <serac> public void setHost(final String hostname) {
[11:35:14 CDT(-0500)] <serac> this.host = hostname;
[11:35:14 CDT(-0500)] <serac> }
[11:36:06 CDT(-0500)] <fairwinds> k, give me a sec to correct and rebuild
[11:36:09 CDT(-0500)] <apetro> agreed. I do believe I pointed out the need for those setters at some point.
[11:36:39 CDT(-0500)] <fairwinds> apetro: yup you did
[11:52:09 CDT(-0500)] <fairwinds> serac, apetro: sucess, cas is runinng
[11:52:16 CDT(-0500)] <serac> Congrats
[11:52:36 CDT(-0500)] <fairwinds> now to see if I can see what my handler is doing
[11:53:17 CDT(-0500)] <fairwinds> serac, apetro: many thanks for getting me this far along
[11:53:27 CDT(-0500)] <serac> My pleasure
[11:58:15 CDT(-0500)] <fairwinds> serac: myhandler is not authenticating properly yet. What is best way to debug. I initially created logic for my handler in a jar to test before turning into a handler class.
[11:58:40 CDT(-0500)] <serac> You using an IDE for dev?
[11:58:52 CDT(-0500)] <fairwinds> no, just a simple editor
[11:59:02 CDT(-0500)] <serac> Too bad.
[11:59:12 CDT(-0500)] <serac> Best bet, then, is to use debug statements as you've done.
[11:59:32 CDT(-0500)] <serac> Also you can create a unit test that actually hits a running CouchDB instance and does some more meaningful logging.
[12:00:04 CDT(-0500)] <fairwinds> Yeah I have a running couch instance to tail logs there
[12:00:04 CDT(-0500)] <serac> I'll just throw this out:
[12:00:05 CDT(-0500)] <serac> https://www.middleware.vt.edu/doku.php?id=middleware:java#java_remote_debugging
[12:00:47 CDT(-0500)] <serac> It's a complimentary debugging option in any case.
[12:00:51 CDT(-0500)] <fairwinds> sure
[12:03:56 CDT(-0500)] <apetro> yeah. All of that's good, but of it I most recommend abusing junit to write some test code against a running CouchDb instance as your next step.
[12:08:41 CDT(-0500)] <fairwinds> serac: I am going to have to read up on the logger. I set debug statements but these are not usually visible in a log unless set to a mode to obtain them
[12:09:17 CDT(-0500)] <fairwinds> so will have to see how I can set log level
[12:19:26 CDT(-0500)] <serac> https://wiki.jasig.org/display/CASUM/Logging may be helpful
[12:28:28 CDT(-0500)] <fairwinds> serac: ah super, thank for your help. should not be long before I have this working well. I had logic working in a jar prior to sticking in handler class
[12:29:01 CDT(-0500)] <fairwinds> so just need to figure out what is not working here but it should not be too bad.
[12:29:28 CDT(-0500)] <fairwinds> I can see what cas is doing with audit trail running
[12:29:48 CDT(-0500)] <serac> I'd think not too bad, yeah. Just slogging through one problem at a time; hopefully only a few problems deep.
[12:30:02 CDT(-0500)] <fairwinds> yup
[12:30:09 CDT(-0500)] <fairwinds> the worse ones are gone
[12:30:29 CDT(-0500)] <fairwinds> thanks to your help. My eyeballs were really tired.
[12:30:37 CDT(-0500)] <fairwinds> could not see an e from an o
[13:56:29 CDT(-0500)] <fairwinds> serac: my stuff works! yay. there was nothing wrong. Just forgot to turn off secure setting so would go to http on my localhost for couchdb
[13:58:17 CDT(-0500)] <fairwinds> apetro: my handler works fine
[13:58:29 CDT(-0500)] <apetro> nice
[13:58:36 CDT(-0500)] <fairwinds> woo hoo!
[13:58:45 CDT(-0500)] <serac> Woot!
[14:01:58 CDT(-0500)] <fairwinds> my next project now is to create a ticket store for couch also
[14:02:16 CDT(-0500)] <serac> Getting the dependencies working is half the battle, so you're well on your way.
[14:03:00 CDT(-0500)] <fairwinds> serac, apetro: the ticket store will be easier since I already have my connection logic
[14:03:42 CDT(-0500)] <fairwinds> I am pumped. Can't wait to get this on a server
[14:04:17 CDT(-0500)] <fairwinds> have a bit of customization to do first with templates
[18:26:40 CDT(-0500)] <fairwinds> apetro: hi. I am working on a ticket registry now. I separated my CalculateHash my CouchDBConnection into a util module so I can use it generally. I will be using same configured connection for tickets.
[18:27:42 CDT(-0500)] <apetro> sounds good to me
[18:29:51 CDT(-0500)] <fairwinds> apetro: I have been reading the memcached TicketRegistry and will attempt to use a bit of a blueprint
[18:30:33 CDT(-0500)] <fairwinds> it extends AbstractDistributedTicketRegistry
[18:31:37 CDT(-0500)] <apetro> yup
[18:38:04 CDT(-0500)] <fairwinds> apetro: CouchDB is by nature distributed and easy to replicate. I will be setting up initially to replicate between instances with a DNS balancer so if I loose an instance it keeps working on the other nodes. I will be moving this over to a large sharded setup in a few months down the road.
[18:40:16 CDT(-0500)] * yann_ interested in a couchdb ticket backend
[18:40:35 CDT(-0500)] <fairwinds> yann_: cool
[18:40:42 CDT(-0500)] <fairwinds> I am making one
[18:41:07 CDT(-0500)] <yann_> at the moment my theory is, if one server dies, then users will have to login again, which ain't that bad already
[18:41:24 CDT(-0500)] <yann_> (using keepalived for HA)
[18:41:45 CDT(-0500)] <yann_> but always open for improvements
[18:41:55 CDT(-0500)] <fairwinds> it is possible for really no failure to occur with loss of nodes
[18:44:37 CDT(-0500)] <fairwinds> yann_: on a sharded cluster, you can sustain all sorts of failure. Generally set it up for n +2 copies of the data so it is always available
[18:46:44 CDT(-0500)] <yann_> just using CAS in a small company
[18:47:04 CDT(-0500)] <yann_> did some sort of HA just because so many services depend on it, but most aren't that available
[18:47:46 CDT(-0500)] <fairwinds> yann_: sure. I haven't yet launched my stuff. I have got a bunch of things coming out for first time within the month
[18:48:26 CDT(-0500)] <fairwinds> yann_: all SaaS stuff
[18:48:47 CDT(-0500)] <fairwinds> yann_: So I need to serve at scale to make it work well
[18:49:35 CDT(-0500)] <fairwinds> yann_: what sort of data store are you currently working with
[18:49:58 CDT(-0500)] <yann_> cant remember, simple, default, non replicated one
[18:50:25 CDT(-0500)] <yann_> don't mind asking my users to log in again once a year when it breaks or is under maintenance
[18:50:36 CDT(-0500)] <yann_> and not big enough so it could put any load on the server
[18:51:13 CDT(-0500)] <fairwinds> heh, I am not big or small, I am not anything until I have customers
[18:51:56 CDT(-0500)] <fairwinds> yann_: I just have big ideas and little time to do all the fun stuff I want to do
[18:52:49 CDT(-0500)] <fairwinds> yann_: but have a couple of interesting things coming with some good prospects
[18:58:16 CDT(-0500)] <fairwinds> yann_: actually redis would make a nice ticket registry also
[18:58:30 CDT(-0500)] <fairwinds> and very easy to set up redis also
[18:59:59 CDT(-0500)] <fairwinds> yann_: are you a java programmer?
[19:00:13 CDT(-0500)] <yann_> not really
[19:00:36 CDT(-0500)] <fairwinds> no me either, what do you use?
[19:02:14 CDT(-0500)] <fairwinds> yann_: I am mostly javascript on server these days with nodejs. I was python for a number of years. And throw in a bit of ObjC and erlang.
[19:02:30 CDT(-0500)] <yann_> I'm a sysadmin
[19:02:37 CDT(-0500)] <fairwinds> ah.
[19:03:00 CDT(-0500)] <fairwinds> I am both. I am highly automated
[19:03:18 CDT(-0500)] <yann_> I do program as well but not that much in java
[19:04:01 CDT(-0500)] <fairwinds> no, the authentication handler I have been working on was first thing I did in Java for quite some time.
[19:04:40 CDT(-0500)] <fairwinds> yann_: do you use puppet or other configuration automation?
[19:05:30 CDT(-0500)] <yann_> puppet yes
[19:07:52 CDT(-0500)] <fairwinds> yann_: I am using something in javascript now. I set out almost a year ago to move completely into asynchronous programming in js and almost there. Couch is heavily async and highly parallel also (written in erlang)
[19:10:01 CDT(-0500)] <fairwinds> So outside of a few things, like this CAS stuff or writing bits of things in other langs, its js all the way
[19:10:36 CDT(-0500)] <fairwinds> I am using same models and templates on client and server both for example which really works well
[19:11:16 CDT(-0500)] <fairwinds> yann_: and my libs are portable. I write them using commonJS
[19:12:36 CDT(-0500)] <fairwinds> yann_: what do you like to use for monitoring?
[19:12:53 CDT(-0500)] <yann_> collectd & nagios
[19:13:01 CDT(-0500)] <fairwinds> collectd is very nice
[19:13:24 CDT(-0500)] <yann_> does its job well
[19:15:23 CDT(-0500)] <fairwinds> I am using munin and monit at present. But I want to get back to collectd for my own front end to this stuff.
General
Content
Integrations