jasig-cas IRC Logs-2011-10-28

[08:46:35 CDT(-0500)] <foxnesn> i cant seem to break out of this infinite loop problem

[08:47:28 CDT(-0500)] <wgthom> zimbra?

[08:53:10 CDT(-0500)] <foxnesn> moodle,nolijweb

[08:53:18 CDT(-0500)] <foxnesn> im working on redirect in my webflow

[08:53:37 CDT(-0500)] <foxnesn> redirect works to run our password self service

[08:53:57 CDT(-0500)] <foxnesn> but after that it is supposed to forward onto the service and it just sits in an infinite loop

[08:56:43 CDT(-0500)] <wgthom> infinite http loop? or something in the service?

[08:59:33 CDT(-0500)] <foxnesn> http loop

[08:59:55 CDT(-0500)] <foxnesn> loginwebflow runs an evaluation on flowScope.service.id

[09:00:08 CDT(-0500)] <foxnesn> if the requesting service is moodle is tranistions to a view

[09:00:42 CDT(-0500)] <foxnesn> in that view the jsp is a redirect that runs the command that interrupts for password responses

[09:01:05 CDT(-0500)] <foxnesn> and then forwards to the service that was previously requested

[09:01:20 CDT(-0500)] <foxnesn> so the interrupt works

[09:01:48 CDT(-0500)] <foxnesn> but once that is complete it forwards to the service which goes back to cas which goes to the service etc...

[09:07:50 CDT(-0500)] <wgthom> sounds like the final forward does not have a ST….

[09:09:48 CDT(-0500)] <foxnesn> hrm, so the user is authenticated

[09:09:58 CDT(-0500)] <foxnesn> i can see in the logs

[09:10:01 CDT(-0500)] <foxnesn> but then?

[09:10:21 CDT(-0500)] <wgthom> which logs? cas or the service?

[09:10:27 CDT(-0500)] <foxnesn> it says service ticket created in the cas log

[09:10:32 CDT(-0500)] <wgthom> ok. good.

[09:10:45 CDT(-0500)] <wgthom> how about the cas-client side?

[09:11:08 CDT(-0500)] <wgthom> or do you ever see the ST validated in the cas log?

[09:11:36 CDT(-0500)] <wgthom>

[09:11:43 CDT(-0500)] <foxnesn> it only says service ticket created

[09:11:50 CDT(-0500)] <wgthom> how long does the UX interrupt last?

[09:12:00 CDT(-0500)] <wgthom> ST by default is only good for 10 sec

[09:12:07 CDT(-0500)] <wgthom> so….

[09:12:10 CDT(-0500)] <wgthom> I'd check two things.

[09:12:42 CDT(-0500)] <wgthom> 1) that you custom flow is still get the ST on the final redirect to the service (use tamper data for this)

[09:12:53 CDT(-0500)] <wgthom> 2) that ST TTL is long enough for you use case

[09:13:25 CDT(-0500)] <foxnesn> whats the difference between ST and STA ?

[09:13:25 CDT(-0500)] <wgthom> ticketExpirationPolicies.xml

[09:13:30 CDT(-0500)] <wgthom> STA?

[09:13:46 CDT(-0500)] <foxnesn> wgthom> sounds like the final forward does not have a STâ¦.

[09:14:10 CDT(-0500)] <wgthom> hmm. irc bug. Service Ticket.

[09:14:29 CDT(-0500)] <foxnesn> so once the service ticket is created that means the user has been authenticated?

[09:14:52 CDT(-0500)] <wgthom> sort of.

[09:15:23 CDT(-0500)] <wgthom> user is authN to the CAS server prior to TGT or ST creation

[09:15:35 CDT(-0500)] <wgthom> authN is q requirement for ticket creation

[09:16:37 CDT(-0500)] <foxnesn> in my webflow

[09:17:03 CDT(-0500)] <foxnesn> i have the generateserviceticket action state set to go to my checkall view on "sucess"

[09:17:25 CDT(-0500)] <foxnesn> i replace "warn" with "checkall"

[09:17:29 CDT(-0500)] <foxnesn> replaced*

[10:29:54 CDT(-0500)] <atilling> wgthom: Just committed the changes and updated the pull request to include the option of an attribute value that bypasses the password warning check

[10:36:57 CDT(-0500)] <foxnesn> atilling: so PWM requires clearPass to casify

[10:37:02 CDT(-0500)] <foxnesn> which works

[10:37:15 CDT(-0500)] <foxnesn> im wondering if the ticket is getting lost tho after it runs the checkall

[10:37:35 CDT(-0500)] <foxnesn> and so it IS forwarding to the url but there is no ticket for it

[10:38:17 CDT(-0500)] <atilling> that could easily be the case

[10:39:18 CDT(-0500)] <foxnesn> so i perhaps i need to move the checkall in my flow?

[10:39:59 CDT(-0500)] <atilling> when you pass the url through checkall is the st in the url?

[10:40:08 CDT(-0500)] <foxnesn> no

[10:42:39 CDT(-0500)] <foxnesn> the checkall evaluates the flowscope.service.id

[10:43:09 CDT(-0500)] <foxnesn> and transitions on the service url to the view for that check forward url

[10:43:14 CDT(-0500)] <atilling> you probably want to modify the jsp page so the ST sends to checkall with the id so checkall can forward to moodle with the st

[10:43:36 CDT(-0500)] <foxnesn> that sounds right, but how would i do it?

[10:43:39 CDT(-0500)] <atilling> sorry, not checkall

[10:44:14 CDT(-0500)] <atilling> but I'm talking about the place in your jsp when the user forwards to your PWM and has a forwardurl set

[10:44:34 CDT(-0500)] <atilling> that forward url should be the service + the ST

[10:44:41 CDT(-0500)] <foxnesn> ooo

[10:44:50 CDT(-0500)] <atilling> otherwise the service will never recieve the st

[10:45:17 CDT(-0500)] <foxnesn> yea cause right now it isjust checkAll&forwardURL=https://moodle

[10:45:57 CDT(-0500)] <atilling> right you want forwardURL=https://moodle?st=xyz

[10:46:08 CDT(-0500)] <foxnesn> how can i capture that info?

[10:46:30 CDT(-0500)] <atilling> it's all in flowscope

[10:47:41 CDT(-0500)] <foxnesn> so a jsp in a view can refrence flowScope ?

[10:47:58 CDT(-0500)] <foxnesn> meaning a jsp file in /view/jsp/moodlecheckall/moodlecheckall.jsp

[10:48:29 CDT(-0500)] <atilling> yes and no, when you fire the view you can set output variables to pass into the jsp

[10:49:32 CDT(-0500)] <foxnesn> ah

[10:49:50 CDT(-0500)] <foxnesn> <end-state id="moodlecheckAll" view="moodlecheckAll" />

[10:50:10 CDT(-0500)] <foxnesn> so in view i need to add the flowScope that carries the ST

[10:55:38 CDT(-0500)] <atilling> something like: <end-state id="postView" view="postResponseView">

[10:55:38 CDT(-0500)] <atilling> <on-entry>

[10:55:38 CDT(-0500)] <atilling> <set name="requestScope.parameters" value="requestScope.response.attributes" />

[10:55:38 CDT(-0500)] <atilling> <set name="requestScope.originalUrl" value="flowScope.service.id" />

[10:55:38 CDT(-0500)] <atilling> </on-entry>

[10:55:39 CDT(-0500)] <atilling> </end-state>

[11:00:45 CDT(-0500)] <foxnesn> hrm ok i will give it a try

[11:01:31 CDT(-0500)] <foxnesn> is there a spring doc for this?

[11:01:53 CDT(-0500)] <foxnesn> cause i have questions about what the variables do and how i can affectlivly use them

[11:02:03 CDT(-0500)] <foxnesn> the idea is simple enough

[11:02:07 CDT(-0500)] <atilling> http://static.springsource.org/spring-webflow/docs/2.0.x/reference/html/index.html

[11:06:51 CDT(-0500)] <foxnesn> god, that whiskey is gonna taste good tonight

[11:06:55 CDT(-0500)] <foxnesn> lol

[11:08:26 CDT(-0500)] <atilling> lol

[11:08:45 CDT(-0500)] <foxnesn> i dont see how that can essentially append a ST to a url in a jsp

[11:09:15 CDT(-0500)] <foxnesn> i could change in the jsp the actual forward url to a variable

[11:09:26 CDT(-0500)] <foxnesn> as long as CAS allows for that

[11:10:17 CDT(-0500)] <atilling> in the jsp you should be setting the forwardURL to the requestScope.originalUrl variable

[11:10:45 CDT(-0500)] <foxnesn> that is what i was thinking

[11:11:13 CDT(-0500)] <foxnesn> i didnt know if those variables carried over tho to views like that

[11:11:41 CDT(-0500)] <foxnesn> so requestScope.originalUrl is the service url AND the ST ?

[11:11:42 CDT(-0500)] <atilling> that's the purpose of the <set name="requestScope.originalUrl" value="flowScope.service.id" />

[11:12:15 CDT(-0500)] <atilling> the set creates a variable in the jsp with value x

[11:12:24 CDT(-0500)] <foxnesn> ahh

[11:14:36 CDT(-0500)] <foxnesn> so then it makes more sense to simply edit the jsp and leave the flow simply referencing the view to go to

[11:16:24 CDT(-0500)] <atilling> right

[11:17:39 CDT(-0500)] <foxnesn> https://dknauth1dev.dickinson.edu:8443/pwm/public/$%7BrequestScope.originalUrl%7D

[11:17:47 CDT(-0500)] <foxnesn> heh pahe you requested could not be found

[11:17:50 CDT(-0500)] <foxnesn> page

[11:18:15 CDT(-0500)] <foxnesn> so i guess i cant just stick that variable in the jsp

[11:21:12 CDT(-0500)]

[12:01:49 CDT(-0500)] <foxnesn> http://www.pastie.org/2774146

[12:02:09 CDT(-0500)] <foxnesn> that is my moodlecheckAll.jsp for the view

[12:05:24 CDT(-0500)] <foxnesn> http://www.pastie.org/2774159

[12:05:27 CDT(-0500)] <foxnesn> the webflow

[12:06:10 CDT(-0500)]

[12:06:30 CDT(-0500)]

[12:09:18 CDT(-0500)] <foxnesn> it must not be passing the parameters

[12:09:25 CDT(-0500)] <foxnesn> page not found. here is the url in the browser

[12:09:28 CDT(-0500)]

[12:09:42 CDT(-0500)] <foxnesn> it going by the literal URL

[12:12:34 CDT(-0500)] <atilling> it's a mix match of how you're accessing jsp variables

[12:13:56 CDT(-0500)] <atilling> <%

[12:13:57 CDT(-0500)]

[12:14:04 CDT(-0500)] <atilling> try it that way

[12:14:47 CDT(-0500)] <atilling> with the ${} inside the "" you are making it a literal string value, not a variable

[12:17:40 CDT(-0500)] <foxnesn> ah, like concatenating it

[12:21:39 CDT(-0500)] <foxnesn> An error occurred at line: 2 in the jsp file: /WEB-INF/view/jsp/moodlecheckAll/moodlecheckAll.jsp

[12:21:42 CDT(-0500)] <foxnesn> requestScope.originalUrl cannot be resolved to a type

[12:21:49 CDT(-0500)] <foxnesn> from localhost log

[12:23:12 CDT(-0500)] <atilling> hmm

[12:23:47 CDT(-0500)] <atilling> I haven't tried mixing <% %> and spring ${} syntax

[12:24:33 CDT(-0500)] <atilling> maybe try String redirectURL = "https://dknauth1dev.dickinson.edu:8443/pwm/private/CommandServlet?processAction=checkAll&forwardURL=" + requestScope.originalUrl

[12:27:18 CDT(-0500)] <foxnesn> hrm same error

[12:27:32 CDT(-0500)] <foxnesn> cant resolve requestScope.originalUrl to a stype

[12:28:25 CDT(-0500)] <foxnesn> ok the only thing limiting me is that i cannot include that checkAll&forwardURL in the action loginwebflow.xml file because forwardURL is a reserved word

[12:28:36 CDT(-0500)] <atilling> oh, because in your flow you don't have the set statements

[12:28:36 CDT(-0500)] <foxnesn> actual no action

[12:28:42 CDT(-0500)] <foxnesn> yea

[12:28:43 CDT(-0500)] <foxnesn> o

[12:28:48 CDT(-0500)] <atilling> <end-state id="moodlecheckAll" view="moodlecheckAll" />

[12:29:09 CDT(-0500)] <atilling> <end-state id="moodlecheckAll" view="moodlecheckAll" >

[12:29:09 CDT(-0500)] <atilling> <atilling> <on-entry>

[12:29:09 CDT(-0500)] <atilling> <atilling> <set name="requestScope.parameters" value="requestScope.response.attributes" />

[12:29:09 CDT(-0500)] <atilling> <atilling> <set name="requestScope.originalUrl" value="flowScope.service.id" />

[12:29:09 CDT(-0500)] <atilling> <atilling> </on-entry>

[12:29:10 CDT(-0500)] <atilling> <atilling> </end-state>

[12:30:54 CDT(-0500)] <atilling> I have to run out for a bit - i may be back later on

[12:30:58 CDT(-0500)] <atilling> good luck

[13:00:21 CDT(-0500)] <serac> It's that time.

[13:00:50 CDT(-0500)] <apetro_> checking in

[13:01:06 CDT(-0500)] <serac> Agenda items?

[13:01:22 CDT(-0500)] <wgthom> yowzers….cas time again

[13:01:32 CDT(-0500)] <serac> Time flies when you're having fun

[13:01:35 CDT(-0500)] <apetro_> fair warning that: 1) I'm likely to be pulled away at 2:30 Eastern to handle a CAS support case, and 2) I'm multi-tasking prepping to provide value in that support case.

[13:01:55 CDT(-0500)] <serac> ack apetro

[13:01:58 CDT(-0500)] <apetro_> agenda: preview of next rev of Markdown doco build

[13:02:07 CDT(-0500)] <serac> Got a link?

[13:02:15 CDT(-0500)] <apetro_> that'll be the preview

[13:02:22 CDT(-0500)] <serac> heh

[13:02:29 CDT(-0500)] <apetro_> anything else on agenda?

[13:02:44 CDT(-0500)] <serac> +1 to release 3.4.11 final

[13:03:00 CDT(-0500)] <wgthom> roadmap presentation at unconfernce

[13:03:00 CDT(-0500)] <apetro_> gushing about awesome phpCAS list post? http://www.unicon.net/blog/apetro/phpcas-to-github-excellent-list-post

[13:03:31 CDT(-0500)] <wgthom> yes. well done by Adam.

[13:03:38 CDT(-0500)] <serac> Indeed.

[13:03:39 CDT(-0500)] <apetro_> unconference more generally

[13:05:25 CDT(-0500)] <serac> Let's get going on the items we have so far.

[13:05:40 CDT(-0500)] <apetro_> sounds like fine agenda. So, : 1) markdown build preview, 2) 3.4.11 , 3) roadmap at UnConf, 4) UnConf more generally

[13:05:49 CDT(-0500)] <apetro_> 1: Markdown preview

[13:06:04 CDT(-0500)] <apetro_> https://github.com/jdlich/cas-docs

[13:06:28 CDT(-0500)] <apetro_> uses nanoc (Ruby) to build to HTML and PDF

[13:06:40 CDT(-0500)] <apetro_> things to like: cross platform insofar as Ruby is cross-platform

[13:06:56 CDT(-0500)] <serac> Things not to like: another totally different build platform than maven.

[13:07:00 CDT(-0500)] <apetro_> things not to like: still rough. Something weird with order of chapters. Lichner working on fixing.

[13:07:12 CDT(-0500)] <serac> I really don't like having a totally different build chain.

[13:07:24 CDT(-0500)] <serac> But I'll give it a shot just to be fair.

[13:07:35 CDT(-0500)] <apetro_> yup. Haven't had a Maven-driven build since DocBook.

[13:08:03 CDT(-0500)] <serac> This looks like a non-starter to me.

[13:08:10 CDT(-0500)] <serac> ruby > 1.9.2?

[13:08:45 CDT(-0500)] <apetro_> latest Ruby available via apt-get in Ubuntu worked for me

[13:08:54 CDT(-0500)] <apetro_> Lichner's got it working in MacOSX

[13:09:22 CDT(-0500)] <serac> I'm still on 11.04 where default is 1.8 and 1.9 latest is 1.9.1. I'll try with what's available to me in any case.

[13:09:35 CDT(-0500)] <apetro_> ah

[13:09:42 CDT(-0500)] <apetro_> is 1.9.1 really 1.9.1?

[13:09:58 CDT(-0500)] <apetro_> there's some weirdness in Ruby versioning wherein it's called 1.9.1 cuz that's the API compat version, but the impl is 1.9.2

[13:10:17 CDT(-0500)] <serac> I see some hint of that now. I'll just try it.

[13:10:31 CDT(-0500)] <apetro_> anyway, this is fewer dependencies than before (less with the requiring LaTeX).

[13:11:22 CDT(-0500)] <apetro_> preview. Still fighting with the technology.

[13:11:24 CDT(-0500)] <apetro_> Moving on?

[13:11:37 CDT(-0500)] <serac> Yes.

[13:11:59 CDT(-0500)] <apetro_> 3.4.11. RC hanging out. Feedback? Feeling it's time to roll forward into a release?

[13:12:15 CDT(-0500)] <wgthom> yep...

[13:12:17 CDT(-0500)] <serac> +1

[13:12:34 CDT(-0500)] <serac> Folks have had ample time to test and provide feedback.

[13:12:54 CDT(-0500)] <serac> I'll take an item to recommend release on list.

[13:13:00 CDT(-0500)] <apetro_> which is different from testing and providing feedback

[13:13:11 CDT(-0500)] <serac> All we can do is encourage.

[13:13:14 CDT(-0500)] <serac> I did my part.

[13:13:26 CDT(-0500)] <apetro_> yup

[13:13:29 CDT(-0500)] <serac> Which is both to test and to encourage others to do so.

[13:13:55 CDT(-0500)] <apetro_> so, I think where we were at last week was proposing release via lazy consensus on cas-dev?

[13:14:36 CDT(-0500)] <apetro_> and you're taking item to recommend release on list, serac, so that fulfills that next step

[13:14:38 CDT(-0500)] <serac> Yes.

[13:14:38 CDT(-0500)] <apetro_> sounds fine to me

[13:14:59 CDT(-0500)] <serac> apetro, correct on the action item.

[13:15:38 CDT(-0500)] <apetro_> k. Anything else to discuss on 3.4.11 ?

[13:15:55 CDT(-0500)] <wgthom> nope

[13:16:06 CDT(-0500)] <wgthom> release notes?

[13:16:42 CDT(-0500)] <apetro_> release notes, announcement text, all that good stuff.

[13:16:57 CDT(-0500)] <wgthom> some resembling Adam's fine email

[13:17:09 CDT(-0500)] <wgthom> something...

[13:17:30 CDT(-0500)] <serac> I can think of some highlights off the top of my head.

[13:17:43 CDT(-0500)] <apetro_> https://issues.jasig.org/secure/ReleaseNote.jspa?projectId=10007&amp;version=11380

[13:17:51 CDT(-0500)] <serac> Pick out some highlights from the changelog, then point to the changelog itself.

[13:17:59 CDT(-0500)] <wgthom> sounds good.

[13:19:29 CDT(-0500)] <apetro_> k. further discussion on cas-dev.

[13:20:12 CDT(-0500)] <apetro_> 3: Roadmap at UnConf?

[13:21:31 CDT(-0500)] <apetro_> wgthom, vision is a lightning talk helping cas folks at conference understand roadmap / vision, get on same page on stuff to work on in hours avail at UnConf?

[13:22:18 CDT(-0500)] <wgthom> yep

[13:22:53 CDT(-0500)] <wgthom> that's it. also, a friendly reminder to review the committed work…was hoping to nudge scott

[13:23:26 CDT(-0500)] <apetro_> k

[13:23:47 CDT(-0500)] <apetro_> Tillinghast @ UnConf is opportunity to collab on LPPE

[13:23:51 CDT(-0500)] <wgthom> i'll rather not caveat my comments at Jasig…but will unless I hear concretely from him

[13:24:14 CDT(-0500)] <wgthom> yes. i'm hoping to have LPPE pretty much ready to go

[13:24:22 CDT(-0500)] <wgthom> at the end of the unconference

[13:24:30 CDT(-0500)] <apetro_> neat

[13:24:49 CDT(-0500)] <apetro_> will also be opp to look together at code Mazurek posted going even further with functionality

[13:25:14 CDT(-0500)] <wgthom> yes….i think it's likely to an outcome to further go in that direction

[13:25:29 CDT(-0500)] <wgthom> i'd like to keep scope of lppe and get it in 3.5

[13:26:04 CDT(-0500)] <apetro_> yup. Incremental progress.

[13:26:40 CDT(-0500)] <apetro_> that bled into 4: UnConf more generally

[13:26:56 CDT(-0500)] <wgthom> go for it

[13:27:11 CDT(-0500)] <apetro_> that was most of it

[13:27:31 CDT(-0500)] <serac> I will do my best to do some code review of lppe before unconf.

[13:27:38 CDT(-0500)] <serac> And provide feedback.

[13:27:48 CDT(-0500)] <wgthom> excellent

[13:27:49 CDT(-0500)] <apetro_> perhaps a little prep around, John Field of EMC coming with stated interest in SAML support in CAS, worth reaching out to him and figuring out what that interest is in advance of UnConf?

[13:28:26 CDT(-0500)] <wgthom> sure if you have the cycles

[13:30:41 CDT(-0500)] <apetro_> k

[13:31:02 CDT(-0500)] <wgthom> sounds like a wrap

[13:31:04 CDT(-0500)] <apetro_> anything else?

[13:31:12 CDT(-0500)] <apetro_> otherwise I'll go fight with SSL certs

[13:31:25 CDT(-0500)] <wgthom> i've got logs to tail

[13:32:46 CDT(-0500)] <serac> Later.

[13:32:49 CDT(-0500)] <apetro_> you just like thinking of yourself as a Matrix Operator

[13:33:16 CDT(-0500)] <apetro_> multiple monitors, tailing logs. Green text on black backround?

[13:39:46 CDT(-0500)] <serac> Does anyone here us any color scheme?

[13:39:55 CDT(-0500)] <serac> Other than green on black, that is?

[13:54:24 CDT(-0500)] <foxnesn> i posted my question on the cas user forum btw

[13:54:36 CDT(-0500)] <foxnesn> just to widen the scope of ideas

[13:54:48 CDT(-0500)] <foxnesn> 'i may just go with atillings custom job

[13:55:01 CDT(-0500)] <foxnesn> and then have password reset and forgot password modules in PWM

[14:19:41 CDT(-0500)] <foxnesn> does anyone here know if objects like flowScope.service.id can be referenced from a jsp in the view/jsp dir?

[14:54:36 CDT(-0500)] <foxnesn> also, what's LPPE?