uPortal IRC Logs-2008-07-24

[03:17:40 EDT(-0400)] * higpetter (n=petter@brunte.HIG.SE) has joined ##uportal
[03:18:03 EDT(-0400)] * atpa8a (n=stfu@static-71-249-199-57.nycmny.east.verizon.net) has joined ##uportal
[07:57:28 EDT(-0400)] * atpa8a (n=stfu@static-71-249-199-57.nycmny.east.verizon.net) has joined ##uportal
[08:45:07 EDT(-0400)] * anastasiac (n=team@142.150.154.160) has joined ##uportal
[09:07:24 EDT(-0400)] * colinclark (n=colin@bas1-toronto09-1279621300.dsl.bell.ca) has joined ##uportal
[09:52:59 EDT(-0400)] <dstn> anyone here understand proxy cas well?
[09:59:47 EDT(-0400)] * EricDalquist (n=dalquist@dyn-5-208.doit.wisc.edu) has joined ##uportal
[10:04:55 EDT(-0400)] <athena7> somewhat
[10:05:00 EDT(-0400)] <athena7> what's up?
[10:07:37 EDT(-0400)] <higpetter> nothing much
[10:07:42 EDT(-0400)] <higpetter> most things are down
[10:19:12 EDT(-0400)] <EricDalquist> woohoo .. got the new computer setup
[10:22:21 EDT(-0400)] <lennar1>
[10:34:36 EDT(-0400)] * colinclark (n=colin@142.150.154.101) has joined ##uportal
[10:35:08 EDT(-0400)] <dstn> athena7: on the cas call back url does CAS check for specific hosts that it can call back too or does it just have to be a valid certificate, i.e. verisign?
[10:35:51 EDT(-0400)] <athena7> not sure i know exactly what you mean - got an example?
[10:35:55 EDT(-0400)] <athena7> new computers = yaya
[10:37:29 EDT(-0400)] <athena7> you do have to specified allowed services in the proxied application
[10:37:33 EDT(-0400)] <athena7> there's a spot to do that in the filter
[10:38:30 EDT(-0400)] <dstn> right, but the CAS server, will it make calls back to just any server?
[10:38:49 EDT(-0400)] <athena7> the CAS server should be able to talk to any server, i think
[10:38:56 EDT(-0400)] <athena7> the cas callback url is not on the cas server though
[10:39:03 EDT(-0400)] <dstn> right
[10:39:19 EDT(-0400)] <dstn> our problem is, CAS is never actually calling back to the URL
[10:39:34 EDT(-0400)] <athena7> so you're trying to proxy an application
[10:39:43 EDT(-0400)] <athena7> you make the call out to the application
[10:39:55 EDT(-0400)] <dstn> I was told it has to do with a certificate issue but I wanted to reach out to others to see if indeed is true
[10:39:59 EDT(-0400)] <athena7> and no requests ever get sent to the first application's callback url
[10:40:09 EDT(-0400)] <athena7> it might be
[10:40:17 EDT(-0400)] <athena7> can you turn up logging on both applications?
[10:40:27 EDT(-0400)] <athena7> CAS has quite good logging, especially at the trace level
[10:41:41 EDT(-0400)] <athena7> if it's a security exception, you should see an ssl exception in the logs
[10:41:48 EDT(-0400)] <athena7> if not, it could be something else
[10:42:09 EDT(-0400)] <athena7> like a misconfiguration that's causing the proxied application to hit the wrong callback url or something
[10:42:15 EDT(-0400)] <dstn> right ok
[10:42:42 EDT(-0400)] <dstn> my coworker sent an email for the logs on cas, guess we'll have to wait
[10:44:10 EDT(-0400)] <athena7> i don't think you should need logs from the CAS server
[10:44:14 EDT(-0400)] <athena7> just from the two applications
[10:47:51 EDT(-0400)] * dstn is confused
[10:49:46 EDT(-0400)] * dstn is no longer confused
[10:50:53 EDT(-0400)] <athena7> lol
[11:14:09 EDT(-0400)] * EricDalquist (n=dalquist@bohemia.doit.wisc.edu) has joined ##uportal
[11:25:22 EDT(-0400)] * dstn (n=dstn@unaffiliated/dstn) has left ##uportal
[11:33:44 EDT(-0400)] * dstn (n=dstn@schultz.its.yale.edu) has joined ##uportal
[11:48:58 EDT(-0400)] * holdorph (n=holdorph@wsip-98-174-242-39.ph.ph.cox.net) has joined ##uportal
[11:56:35 EDT(-0400)] * EricDalquist (n=dalquist@dyn-5-208.doit.wisc.edu) has joined ##uportal
[12:12:11 EDT(-0400)] <atpa8a> hmm
[12:12:16 EDT(-0400)] <atpa8a> need help with CAS...
[12:19:01 EDT(-0400)] * awills (n=awills@wsip-98-174-242-39.ph.ph.cox.net) has joined ##uportal
[12:25:44 EDT(-0400)] <dstn> EricDalquist: how far out is 3.1?
[12:25:56 EDT(-0400)] <EricDalquist> not sure
[12:26:05 EDT(-0400)] <EricDalquist> I need to find a day to check on status from people
[12:26:15 EDT(-0400)] <dstn> its near time though right?
[12:26:17 EDT(-0400)] <EricDalquist> the two big ones is I haven't heard anything from fluid in about a month
[12:26:23 EDT(-0400)] <EricDalquist> and there hasn't been any GAPs work
[12:26:35 EDT(-0400)] <EricDalquist> I would guess september
[12:26:41 EDT(-0400)] * dstn still doesn't know what GAP is
[12:26:43 EDT(-0400)] <EricDalquist> unless someone has a bunch of time
[12:26:48 EDT(-0400)] <EricDalquist> Groups and Permission Service
[12:27:03 EDT(-0400)] <EricDalquist> that is getting moved into a stand-alone lib
[12:27:08 EDT(-0400)] <EricDalquist> similar to what was done with person directory
[12:27:36 EDT(-0400)] <dstn> k, cool
[12:46:59 EDT(-0400)] <colinclark> EricDalquist: September seems reasonable to me.
[12:47:09 EDT(-0400)] <colinclark> Sorry if we have been sort of quiet. We're always lurking here.
[12:47:18 EDT(-0400)] <EricDalquist> colinclark: do you have any status on the layout manager in up3?
[12:47:30 EDT(-0400)] <EricDalquist> I heard a blip about a month ago but haven't seen/heard anything since
[12:48:29 EDT(-0400)] <colinclark> EricDalquist: Yeah, it blipped and then went quiet. I need to sync up with Gary Thompson and Paul about it. Perhaps on-list so we're a bit more visible.
[12:49:01 EDT(-0400)] <colinclark> Infusion 0.4 is on its way out the door next Wednesday, and it's a huge priority for me to get these components into uPortal and our other projects.
[12:49:20 EDT(-0400)] <EricDalquist> thanks, yeah if you want to move this on list we can
[12:49:33 EDT(-0400)] <EricDalquist> but we probably need some actually work being done very soon to make it
[12:49:41 EDT(-0400)] <colinclark> Yes, I totally agree.
[12:49:47 EDT(-0400)] <colinclark> We'll get on it.
[12:49:49 EDT(-0400)] <EricDalquist> I'd like to have it in by the end of august at the latest to be able to manage a release in sept
[12:49:51 EDT(-0400)] <EricDalquist> thanks!
[12:51:42 EDT(-0400)] <colinclark> EricDalquist: That makes sense to me. End of August. I'll make sure it gets onto everyone's radar.
[12:51:54 EDT(-0400)] <EricDalquist> thanks
[13:16:02 EDT(-0400)] * colinclark (n=colin@user147-236.wireless.utoronto.ca) has joined ##uportal
[13:23:24 EDT(-0400)] * EricDalquist (n=dalquist@bohemia.doit.wisc.edu) has joined ##uportal
[13:38:23 EDT(-0400)] <awills> EricDalquist were you working on merging the DLM enhancement – removing unauthorized channels from header/footer – into rel-3-0-patches?
[13:38:50 EDT(-0400)] <EricDalquist> I got busy last night and now I'm getting my new pc setup
[13:38:55 EDT(-0400)] <EricDalquist> so I won't get to it for a few hours
[13:39:05 EDT(-0400)] <EricDalquist> so feel free if you want to
[13:40:11 EDT(-0400)] <awills> ok, i'll post right away if i get to it and take care of it
[13:40:46 EDT(-0400)] <EricDalquist> sounds good
[13:57:50 EDT(-0400)] <awills> EricDalquist I got to it, it's taken care of
[13:58:03 EDT(-0400)] <EricDalquist> thanks
[13:58:18 EDT(-0400)] <awills> np at all
[13:59:36 EDT(-0400)] <awills> lol, oops... there's no IPerson.getUserName() method in rel-3-0-patches
[14:00:10 EDT(-0400)] <EricDalquist> hah
[14:04:58 EDT(-0400)] <awills> k, that's better
[14:15:01 EDT(-0400)] <awills> alright, fragment-admin in 3.0.2, woot
[14:15:08 EDT(-0400)] <EricDalquist> great
[14:16:03 EDT(-0400)] <awills> this afternoon, if i'm lucky, i'll be able to implement the vision of frag-admin for 3.1 and get that in as wwell
[14:16:22 EDT(-0400)] <EricDalquist> sounds good
[14:40:42 EDT(-0400)] * colinclark (n=colin@142.150.154.101) has joined ##uportal
[14:43:29 EDT(-0400)] <dstn> I think it would be cool if you could have multiple configurations of a given portlet. For instance, I find myself deploying one portlet for the guest layout with no edit capabilities and one portlet for users with edit capabilites.
[14:44:45 EDT(-0400)] <EricDalquist> you can
[14:44:56 EDT(-0400)] <EricDalquist> that's a great use for portlet prefs
[14:45:15 EDT(-0400)] <EricDalquist> oh
[14:45:16 EDT(-0400)] <EricDalquist> wait
[14:45:16 EDT(-0400)] <EricDalquist> sorry
[14:45:27 EDT(-0400)] <EricDalquist> one instance in channel manager
[14:45:36 EDT(-0400)] <EricDalquist> but different config when added to a layout?
[14:46:07 EDT(-0400)] <EricDalquist> just an FYI for anyone that wants to use eclipse 3.4: http://bugs.sun.com/view_bug.do;jsessionid=8ff002db3ad8d00953ca37de?bug_id=6614100
[14:46:20 EDT(-0400)] <EricDalquist> it crashes using the JDK6 shipping w/ubuntu
[14:46:37 EDT(-0400)] <dstn> ya, sorry, different configs for the same portlet
[14:46:46 EDT(-0400)] <EricDalquist> ah yeah
[14:46:50 EDT(-0400)] <dstn> I am the king of messing up terminology
[14:47:00 EDT(-0400)] <EricDalquist> so there was(is) a feature for channels like that
[14:47:05 EDT(-0400)] <EricDalquist> subscribe-time channel parameters
[14:47:10 EDT(-0400)] <EricDalquist> it is doable with prefs too
[14:47:15 EDT(-0400)] <EricDalquist> just add another layer in there
[14:47:19 EDT(-0400)] <EricDalquist> and the UI to handle it
[14:50:22 EDT(-0400)] <awills> what table do thse go on?
[14:50:27 EDT(-0400)] <awills> those*
[14:50:59 EDT(-0400)] <EricDalquist> ?
[14:51:17 EDT(-0400)] <awills> subscribe-time channel parameters.. i'm thinking this is something you could maybe manage
[14:51:25 EDT(-0400)] <awills> ... manage w/ import/export
[14:51:52 EDT(-0400)] <awills> wouldn't be feasible for regular users, but if the only user w/ a difference were the guest user, you could manage it
[14:52:00 EDT(-0400)] <EricDalquist> they are layout parameters
[14:52:01 EDT(-0400)] <EricDalquist> I think
[14:52:07 EDT(-0400)] <EricDalquist> and they are completely ignored for portlets
[14:52:52 EDT(-0400)] <awills> hmmm... alright, my mental picture of this part of the platform is too fuzzy to comment atm
[14:53:05 EDT(-0400)] <awills> got to run for now anyway
[14:53:09 EDT(-0400)] <EricDalquist> later
[15:59:01 EDT(-0400)] <atpa8a> hmm
[15:59:15 EDT(-0400)] <atpa8a> does CAS require SSL certs in the JVM?
[16:20:06 EDT(-0400)] <holdorph> Java requires SSL certs in the keystore for the JVM to use HTTPS.
[16:20:58 EDT(-0400)] <holdorph> unless the cert is signed by verisign (not sure if any other CA can be used, that's the only one I know for sure)
[16:33:04 EDT(-0400)] <atpa8a> right
[16:34:08 EDT(-0400)] <atpa8a> the plan is to use valid certs on the apache (or f5) but all CAS requests will be over http
[16:34:21 EDT(-0400)] <atpa8a> would i have any problems with that?
[16:35:11 EDT(-0400)] <holdorph> You'd have to ask the CAS experts. I don't believe they hang out on this uportal irc channel.
[16:36:09 EDT(-0400)] <atpa8a> i know
[16:36:16 EDT(-0400)] <atpa8a> thank you much tho
[16:36:45 EDT(-0400)] <atpa8a> do they hang out on any other irc channel?
[16:37:31 EDT(-0400)] <holdorph> I don't know.
[16:38:18 EDT(-0400)] <holdorph> I only know Scott's the main lead. Unicon has quite a bit of CAS knowledge in Andrew Petro and a couple others, so I generally have an internal resource to go find.
[16:39:13 EDT(-0400)] <atpa8a> can you show them the great resource of irc?
[16:40:25 EDT(-0400)] <holdorph> andrew petro is on here occassionally. not sure why he's not on more. even so, the uportal channel wouldn't be the best place to discuss CAS. there should be a CAS channel instead.
[16:40:45 EDT(-0400)] <holdorph> that's something that should be brought up on the CAS lists
[16:41:18 EDT(-0400)] <atpa8a> agree
[16:41:50 EDT(-0400)] <atpa8a> really sorry to bug people here with CAS questions
[16:42:05 EDT(-0400)] <atpa8a> but some parts of it are so misterious
[16:42:22 EDT(-0400)] * dstn agrees that CAS is mysterious
[16:44:26 EDT(-0400)] <atpa8a> right now i'm stuck on those userDetails bean and friends
[17:00:39 EDT(-0400)] * awills (n=awills@wsip-98-174-242-39.ph.ph.cox.net) has joined ##uportal
[19:55:22 EDT(-0400)] * apetro-_ (n=apetro@wsip-98-174-242-39.ph.ph.cox.net) has joined ##uportal