jasig-cas IRC Logs-2011-10-21
- Apereo Infrastructure
[08:17:05 CDT(-0500)] <foxnesn> morning
[08:18:57 CDT(-0500)] <kickehy> morning
[08:26:51 CDT(-0500)] <foxnesn> how is the wireless project?
[09:28:14 CDT(-0500)] <foxnesn> userdetailsservice is for /cas/services/ login/pass right?
[09:29:09 CDT(-0500)] <kickehy> foxnesn: it's going well....and yes that is correct
[09:35:12 CDT(-0500)] <foxnesn> but in order to get that user/pass to auth for cas/services i need to setup the serviceregistrydao with the jap ticketreg ?
[09:35:25 CDT(-0500)] <foxnesn> jpaticketreg
[09:44:47 CDT(-0500)] <kickehy> ummm
[09:47:51 CDT(-0500)] <kickehy> i don't think you have to
[09:49:08 CDT(-0500)] <foxnesn> weird
[09:49:14 CDT(-0500)] <foxnesn> im doing the default admin/notused
[09:49:20 CDT(-0500)] <kickehy> the ticketing is just for tracking your tickets in a DB and not inmemory
[09:49:50 CDT(-0500)] <kickehy> foxnesn: if you're authenticating against ldap, you must put in a ldap user instead of 'admin'
[09:49:55 CDT(-0500)] <kickehy> unless admin is a username
[09:50:03 CDT(-0500)] <kickehy> in ldap
[09:50:19 CDT(-0500)] <foxnesn> i tried that first and it said that user wasnt authorized to use services
[09:50:44 CDT(-0500)] <foxnesn> so i entered admin/notused and it failed
[09:50:53 CDT(-0500)] <foxnesn> i even tried just admin but you need to enter pass
[09:51:11 CDT(-0500)] <foxnesn> oh wait
[09:52:06 CDT(-0500)] <foxnesn> ha
[09:52:33 CDT(-0500)] <kickehy> figure it out?
[09:53:09 CDT(-0500)] <kickehy> <sec:user-service id="userDetailsService">
[09:53:09 CDT(-0500)] <kickehy> <sec:user name="ldapuser" password="notused" authorities="ROLE_ADMIN" />
[09:53:12 CDT(-0500)] <kickehy> </sec:user-service>
[09:53:24 CDT(-0500)] <foxnesn> yea so in user name= i need to put the name of someone in the ldap
[09:53:31 CDT(-0500)] <kickehy> yes
[09:53:33 CDT(-0500)] <kickehy> exactly
[09:53:36 CDT(-0500)] <foxnesn> i had it backwards ha
[09:53:40 CDT(-0500)] <kickehy> 
[10:22:43 CDT(-0500)] <foxnesn> in the /cas/services/ can the service name be anything?+
[10:24:20 CDT(-0500)] <foxnesn> also after a services is added or edited does tomcat have to be restarted?
[10:31:23 CDT(-0500)] <foxnesn> interesting...a tomcat restart wipes out the changes made in services. which is why setting up the service reg is pretty much required
[10:44:03 CDT(-0500)] <foxnesn> crap i added the cas service to /cas/services/ but im locked out!!111
[10:44:59 CDT(-0500)] <foxnesn> is there a way to reset it?
[10:45:06 CDT(-0500)] <foxnesn> other than restarted tomcat?
[10:48:46 CDT(-0500)] <kickehy> that...i'm not sure about
[10:54:43 CDT(-0500)] <foxnesn> i think only rstartting tomcat will do it
[10:55:02 CDT(-0500)] <foxnesn> or editing something in the deployer somewhere maybe
[10:56:22 CDT(-0500)] <foxnesn> so for the service name did you just put a basic name or is it a url?
[10:56:30 CDT(-0500)] <foxnesn> i know there is a service url as well
[11:10:30 CDT(-0500)] <kickehy> it's a url
[11:11:20 CDT(-0500)] <kickehy> https://server.domain.edu/cas/services/j_acegi_cas_s
[11:11:23 CDT(-0500)] <kickehy> that was mine
[11:11:40 CDT(-0500)] <kickehy> and i think you can do https://server.domain.edu/cas/services/** too
[11:11:47 CDT(-0500)] <kickehy> but the first one worked fine for me
[11:36:57 CDT(-0500)] <foxnesn> ahh, i excluded the *
[11:44:29 CDT(-0500)] <kickehy> i think you need two *
[11:46:30 CDT(-0500)] <kickehy> I want to change "NetID" on the front page to "Username"
[11:47:49 CDT(-0500)] <foxnesn> hah even both ** doesnt work so i had to do https://server.domain.edu/cas/services/j_acegi_cas_s
[11:48:01 CDT(-0500)] <kickehy> ah
[11:48:04 CDT(-0500)] <kickehy> but that did fix it?
[11:48:06 CDT(-0500)] <foxnesn> if you delete all the http/https/imap/imap before adding anything it tells you that
[11:48:09 CDT(-0500)] <foxnesn> yea
[11:48:12 CDT(-0500)] <kickehy> ok good
[11:48:19 CDT(-0500)] <foxnesn> so the wiki is wrong there
[11:48:36 CDT(-0500)] <foxnesn> if you figure out how to change netif to username let me know
[11:48:43 CDT(-0500)] <kickehy> heh
[11:48:47 CDT(-0500)] <foxnesn> i need to to that AND add a few links
[11:48:56 CDT(-0500)] <kickehy> https://cas01.loras.edu
[11:49:02 CDT(-0500)] <foxnesn> but thankfully i work with some pretty good html people
[11:49:22 CDT(-0500)] <kickehy> that's just me playing with the css.css file
[11:49:26 CDT(-0500)] <foxnesn> wow nice
[11:49:59 CDT(-0500)] <kickehy> not that pretty but it'll work for me
[11:50:02 CDT(-0500)] <kickehy> since i'm not a web dev
[11:50:04 CDT(-0500)] <kickehy> 
[11:50:05 CDT(-0500)] <foxnesn> i think it looks good
[11:50:26 CDT(-0500)] <foxnesn> i was thinking of doing the exact same thing
[11:50:41 CDT(-0500)] <kickehy> chrome's rt-click --> Inspect Element makes it really easy to edit the css
[11:50:46 CDT(-0500)] <foxnesn> do you remember which file you had to edit to make that change?
[11:50:47 CDT(-0500)] <kickehy> so that'll help a lot
[11:50:58 CDT(-0500)] <foxnesn> was it only css or what is html too?
[11:51:12 CDT(-0500)] <kickehy> $tomcathome\webapps\cas\css
[11:51:17 CDT(-0500)] <kickehy> only css
[11:51:23 CDT(-0500)] <foxnesn> cool you added the gif there then i guess
[11:51:28 CDT(-0500)] <kickehy> yes
[11:51:31 CDT(-0500)] <foxnesn> nice
[11:51:34 CDT(-0500)] <foxnesn> maybe ill get to that today
[11:53:22 CDT(-0500)] <kickehy> cool 
[11:53:46 CDT(-0500)] <kickehy> and i made tomcat redirect cas01.loras.edu --> cas01.loras.edu/cas
[12:01:02 CDT(-0500)] <kickehy> anyone know how to edit the front page to change "NetID" to "Username"?
[12:13:00 CDT(-0500)] <apetro> It's in a message bundle, isn't it?
[12:14:08 CDT(-0500)] <apetro> https://github.com/Jasig/cas/blob/v3.4.10/cas-server-webapp/src/main/webapp/WEB-INF/classes/messages_en.properties
[13:01:50 CDT(-0500)] <apetro> checking in
[13:01:53 CDT(-0500)] <wgthom> howdy
[13:01:56 CDT(-0500)] <serac> hello
[13:04:13 CDT(-0500)] <serac> Anyone with agenda items?
[13:04:38 CDT(-0500)] <wgthom> not me…just getting back from educause.
[13:04:49 CDT(-0500)] <wgthom> catching up etc....
[13:04:51 CDT(-0500)] <serac> Anything to report from ?
[13:04:56 CDT(-0500)] <serac> educause?
[13:05:16 CDT(-0500)] <wgthom> saw an interesting presentation on idm in the cloud
[13:05:26 CDT(-0500)] <serac> head splode
[13:05:43 CDT(-0500)] <battags> status of Release candidate?
[13:05:54 CDT(-0500)] <serac> Looks good from here.
[13:06:02 CDT(-0500)] <battags> can you reply to the thread?
[13:06:06 CDT(-0500)] <serac> Kind of as expected, little to no feedback from community on rc.
[13:06:15 CDT(-0500)] <battags> the community didn't ask for the RCs 
[13:06:41 CDT(-0500)] <serac> Guess we were hoping they'd test them out.
[13:06:54 CDT(-0500)] <serac> I already posted positive feedback on that thread, Scott. What else is needed?
[13:07:00 CDT(-0500)] <wgthom> yes, hoping to get more people engaged...
[13:07:31 CDT(-0500)] <wgthom> lower the distinction between us and them
[13:08:25 CDT(-0500)] <wgthom> first time for an RC in a while so we may have some education to do
[13:08:55 CDT(-0500)] <serac> I'm all for RCs, but the absence of feedback shouldn't be an obstacle to cutting a final RC.
[13:09:03 CDT(-0500)] <serac> Have all of us tested it?
[13:09:13 CDT(-0500)] <battags> @serac thanks. Your feedback must be in my spam folder or something
[13:09:13 CDT(-0500)] <apetro> nope. haven't touched it.
[13:09:37 CDT(-0500)] <serac> Let's eat our own dogfood first before we beat the bushes of the community.
[13:09:52 CDT(-0500)] <serac> I already attempted to encourage testing on the thread scott mentioned.
[13:11:10 CDT(-0500)] <wgthom> so a lazy consensus on the dev list then for GA?
[13:11:24 CDT(-0500)] <serac> +1
[13:11:38 CDT(-0500)] <serac> The only thorny issue is one of reasonable time frames.
[13:11:48 CDT(-0500)] <serac> I know it takes time to test an overlay.
[13:12:00 CDT(-0500)] <serac> Kick the tires, make sure everything is kosher.
[13:12:07 CDT(-0500)] <serac> Is a week enough?
[13:12:09 CDT(-0500)] <wgthom> sure does
[13:12:11 CDT(-0500)] <serac> 10 days?
[13:12:36 CDT(-0500)] <battags> I would say one week min, two weeks max
[13:12:41 CDT(-0500)] <battags> we want to be seen as responsive
[13:12:56 CDT(-0500)] <serac> I can live with those general bounds.
[13:13:17 CDT(-0500)] <battags> I need to get a script to put a countdown into the IRC chat
[13:13:23 CDT(-0500)] <serac> haha
[13:14:48 CDT(-0500)] <serac> So generally we give at least a week to test, and if we don't hear of blockers we can cut GA at our discretion thereafter?
[13:14:55 CDT(-0500)] <wgthom> thoughts on objectives/topics for the unconference
[13:15:42 CDT(-0500)] <wgthom> i'd say we need to use good judgement. are minor or major release would porbably need more time
[13:17:41 CDT(-0500)] <apetro> so what's really happening here is an RC and time for testing it is a tool for getting to that consensus.
[13:18:24 CDT(-0500)] <wgthom> right, and an appeal to adopters to help verify and build confidence
[13:18:43 CDT(-0500)] <serac> We can beg and plead all we want.
[13:18:56 CDT(-0500)] <serac> I'm interested in what we do when we hear deafening silence.
[13:19:06 CDT(-0500)] <serac> Which appears to be the case at present.
[13:19:09 CDT(-0500)] <wgthom> we move on.
[13:19:28 CDT(-0500)] <serac> And I want to get a reasonable bound on when we move on. That's all.
[13:19:52 CDT(-0500)] <serac> We give at least a week for feedback, then move on with consensus for release.
[13:22:19 CDT(-0500)] <wgthom> sounds good
[13:22:29 CDT(-0500)] <serac> Cool. Now to unconference.
[13:22:46 CDT(-0500)] <serac> I can't make it, which is a missed opportunity. Sorry.
[13:22:52 CDT(-0500)] <wgthom> bummer
[13:23:23 CDT(-0500)] <apetro> I'll be there.
[13:23:29 CDT(-0500)] <wgthom> Andrew Tillinghast will be there as well
[13:23:41 CDT(-0500)] <wgthom> excited to get lppe in good shape that week
[13:24:01 CDT(-0500)] <kickehy> apetro: thanks, by the way, that's what I needed
[13:24:05 CDT(-0500)] <apetro> https://wiki.jasig.org/display/JCON/Fall+2011+Unconference+Participants
[13:24:17 CDT(-0500)] <serac> We should try to recruit atilling for further dev work.
[13:24:20 CDT(-0500)] <wgthom> i'd like to evagelize a bit on the roadmap, proces, etc
[13:24:39 CDT(-0500)] <wgthom> i would get great if @battags had a change to review and commit to it by then
[13:24:59 CDT(-0500)] <apetro> chance.
[13:25:01 CDT(-0500)] <wgthom> or modify it...etc
[13:25:20 CDT(-0500)] <wgthom> @serac...definately
[13:25:32 CDT(-0500)] <apetro> Evangelizing compelling roadmap at UnConf.
[13:25:36 CDT(-0500)] <wgthom> was thinking likely next committer
[13:25:49 CDT(-0500)] <serac> I'd +1 it.
[13:26:01 CDT(-0500)] <serac> Just to get him more involved if nothing else.
[13:26:03 CDT(-0500)] <wgthom> he already has his lppe patches running in production
[13:26:15 CDT(-0500)] <wgthom> that the kind of committer you want!
[13:26:20 CDT(-0500)] <serac> Indeed.
[13:26:21 CDT(-0500)] <battags> how come my thing only turns red when Andrew mentions me but not Bill
[13:26:50 CDT(-0500)] <serac> Weird. Maybe their clients are different.
[13:26:57 CDT(-0500)] <wgthom> maybe.
[13:27:04 CDT(-0500)] <wgthom> adium here
[13:27:08 CDT(-0500)] <apetro> Reviewing the attendee list, I believe BYU and St Cloud are also significant CAS adopters.
[13:27:18 CDT(-0500)] <wgthom> only have a few more minutes…then off to man camp.
[13:27:25 CDT(-0500)] <serac> man camp?
[13:27:37 CDT(-0500)] <apetro> and John Field / EMC's stated interest in SAML in CAS and proxy tix
[13:27:43 CDT(-0500)] <wgthom> target practice, texas hold em, beer, fire.
[13:27:46 CDT(-0500)] <apetro> anyone know him and what's behind that?
[13:27:55 CDT(-0500)] <wgthom> not in that order
[13:27:58 CDT(-0500)] <serac> haha
[13:28:10 CDT(-0500)] <wgthom> poconos for the weekend
[13:28:25 CDT(-0500)] <serac> I've seen @emc.com in a lot of list mail recently, but not necessarily cas-*.
[13:28:48 CDT(-0500)] <apetro> will be good to check in with John King / SUNY. Last I heard, a quietly happy CAS adopter.
[13:32:06 CDT(-0500)] <apetro> alright. So, update Roadmap wiki page before UnConference, and in all likelihood there will be a fresh 3.4.11 release to discuss there.
[13:32:18 CDT(-0500)] <serac> Yeah.
[13:32:40 CDT(-0500)] <apetro> Git / Git tutorial / Git practices might be a good topic to hit at UnConference.
[13:32:57 CDT(-0500)] <apetro> Of practical interest to both CAS and uPortal, and thereby of interest to most participants.
[13:33:16 CDT(-0500)] <serac> Sounds good.
[13:49:22 CDT(-0500)] <wgthom> adios amigos.
[13:49:33 CDT(-0500)] <serac> Have manly fun!
[13:49:35 CDT(-0500)] <apetro> have a good camping.
[13:49:40 CDT(-0500)] <serac> Just don't put the beer before target practice.
[13:49:51 CDT(-0500)] <wgthom> lol. thx. later.
[13:52:36 CDT(-0500)] <foxnesn> omg, all this knowledge in one room. i must resist bombarding you all with questions lol
[14:12:48 CDT(-0500)] <kickehy> is there a validation url?
[14:12:56 CDT(-0500)] <kickehy> the orgsync guy is asking for it
[14:13:18 CDT(-0500)] <serac> https://cas.example.com/cas/serviceValidate
[14:15:10 CDT(-0500)] <foxnesn> hey serac i spoke with someone who uses that password service i am using with CAS
[14:15:17 CDT(-0500)] <kickehy> i assume that goes hand in hand with services management?
[14:15:17 CDT(-0500)] <foxnesn> he actually does this...
[14:15:39 CDT(-0500)] <foxnesn> Change your service parameter in CAS client from:
[14:15:40 CDT(-0500)] <foxnesn> yourapplication.example.com
[14:15:40 CDT(-0500)] <foxnesn> to:
[14:15:40 CDT(-0500)] <foxnesn> https%3A%2F%2Fpwm.example.com%3A8443%2Fpwm%2Fprivate%2FCommandServlet%3FprocessAction%3DcheckAll%26forwardURL%3Dhttp%3A%2F%2Fyourapplication.example.com
[14:15:43 CDT(-0500)] <foxnesn> Make sure to url encode and everything should be fine.
[14:17:07 CDT(-0500)] <serac> The url I gave above is typically what's meant for validation URL. That's where tickets are validated.
[14:17:14 CDT(-0500)] <serac> Nothing to do with service management.
[14:17:22 CDT(-0500)] <serac> Gotta go for today. See you guys next week.
[14:17:42 CDT(-0500)] <foxnesn> heh seeya
[14:18:21 CDT(-0500)] <kickehy> so, basically what he's saying is i forgot to set something up
[14:19:34 CDT(-0500)] <foxnesn> what does your guy mean by validation url?
[14:19:46 CDT(-0500)] <kickehy> no idea
[14:19:54 CDT(-0500)] <kickehy> didn't even realize there was such a thing
[14:19:56 CDT(-0500)] <foxnesn> i remember going through the web.xml and seeing some info there i think
[14:20:14 CDT(-0500)] <foxnesn> wouldnt the cas root be the validation url/
[14:20:16 CDT(-0500)] <foxnesn> ?
[14:20:39 CDT(-0500)] <kickehy> no, it's what he specified above, but i'm not sure what it does
[14:22:16 CDT(-0500)] <foxnesn> right, but why would that guy need it?
[14:22:29 CDT(-0500)] <kickehy> not sure
[14:26:13 CDT(-0500)] <kickehy> i guess there isn't much setting up with that
[14:26:23 CDT(-0500)] <kickehy> i'm not sure what its function is
[14:39:08 CDT(-0500)] <foxnesn> 2.5. /serviceValidate [CAS 2.0]
[14:39:14 CDT(-0500)] <foxnesn> woops
[14:39:19 CDT(-0500)] <foxnesn> http://www.jasig.org/cas/protocol
[14:39:25 CDT(-0500)] <foxnesn> there is a small section there about it
[14:41:44 CDT(-0500)] <apetro> howdy
[14:42:17 CDT(-0500)] <apetro> the way CAS accomplishes user login to applications is it issues the user a ticket, a short-lived big random number identifier.
[14:42:29 CDT(-0500)] <apetro> the user presents it to the application he'd like to log in to
[14:42:41 CDT(-0500)] <apetro> the application validates it against e.g. the /serviceValidate endpoint
[14:43:06 CDT(-0500)] <apetro> so, the validation URL is essential to applications relying upon a CAS server, so they know where to validate tickets presented to them.
[14:43:36 CDT(-0500)] <kickehy> ohhhh
[14:44:02 CDT(-0500)] <kickehy> apetro: that's twice you've helped me today
[14:44:07 CDT(-0500)] <foxnesn> haha nice
[14:44:10 CDT(-0500)] <foxnesn> good explanation
[14:44:19 CDT(-0500)] <kickehy> I think I owe everyone in this channel a drink of their choice
[14:44:28 CDT(-0500)] <kickehy>
[14:44:41 CDT(-0500)] <apetro> come to the UnConference in Shrewsbury and I'll gladly take you up on it.
[14:44:44 CDT(-0500)] <foxnesn> me too
[14:44:51 CDT(-0500)] <kickehy> haha
[14:44:57 CDT(-0500)] <apetro> or, there should be a more formal real Jasig-Sakai conference sometime next spring
[14:46:02 CDT(-0500)] <kickehy> also, do you know if tomcat cleans out its logs every once in a while?
[14:47:18 CDT(-0500)] <foxnesn> shrewsbury in what state?
[14:49:00 CDT(-0500)] <foxnesn> er, WHICH state
[14:49:03 CDT(-0500)] <foxnesn> not what
[14:54:46 CDT(-0500)] <apetro> https://wiki.jasig.org/display/JCON/Fall+2011+Unconference+-+Shrewsbury+-+UMassOnline
[14:57:20 CDT(-0500)] <kickehy> mmmm that's a bit of a drive
[14:57:58 CDT(-0500)] <foxnesn> omg lol
[14:58:04 CDT(-0500)] <foxnesn> too bad i wasn't heading home
[14:58:13 CDT(-0500)] <foxnesn> im from new hampshire not far from boston
[14:58:22 CDT(-0500)] <foxnesn> and i know a bunch of people who went to umass
[14:59:49 CDT(-0500)] <foxnesn> darn. well maybe once i get this all off the ground i will have a paid excuse to go to it next year
[15:00:43 CDT(-0500)] <foxnesn> currently, im one problem away from having it setup the way i want except for HA
[15:04:08 CDT(-0500)] <kickehy> i love boston...only have been there once
[15:04:14 CDT(-0500)] <kickehy> but it was cool
[15:04:35 CDT(-0500)] <foxnesn> yea, it is a nice city
[15:12:44 CDT(-0500)] <kickehy> not much here in iowa
[15:12:54 CDT(-0500)] <kickehy> except corn
[15:12:56 CDT(-0500)] <kickehy> and pigs
[15:13:11 CDT(-0500)] <foxnesn> ha
[15:22:19 CDT(-0500)] <kickehy> anyone have any suggestions for a firewall? favorite os and application?
[15:22:36 CDT(-0500)] <foxnesn> smoothwall
[15:22:42 CDT(-0500)] <foxnesn> centos
[15:32:33 CDT(-0500)] <kickehy> neat
[15:32:37 CDT(-0500)] <kickehy> i shall try it
[15:32:48 CDT(-0500)] <foxnesn> alright im out
[15:32:52 CDT(-0500)] <kickehy> later
[15:32:55 CDT(-0500)] <foxnesn> im usually hovering on the weekends tho
[15:33:04 CDT(-0500)] <foxnesn> you guys seem to actually know how to leave your work tho ha
[15:35:00 CDT(-0500)] <kickehy>