You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@roller.apache.org by jonathan <je...@ryerson.ca> on 2008/09/17 21:23:36 UTC
secured paths and planet aggregations in Roller 4.0
I've been using security.xml to secure various blogs only allowing
certain user types access:
<property name="objectDefinitionSource">
<value>
PATTERN_TYPE_APACHE_ANT
...
/<blogname>/**=register
...
</value>
etc...
However... This is causing big troubles when I attempt to create planet
groups. I get the following error when trying to add a feed
(http://blogs.domain.com/roller/<blogname>/feed/entries/atom) to a
custom aggregation group:
ERROR 2008-09-17 10:34:52,954 PlanetSubscriptions:save - Unexpected
error saving subscription
Error fetching subscription -
http://blogs.domain.com/roller/<blogname>/feed/entries/atom
--- ROOT CAUSE ---
com.sun.syndication.io.ParsingFeedException: Invalid XML: Error on line
1: Content is not allowed in prolog.
If I remove the security configuration, the problem goes away. Is there
a way to do this and keep the security.xml paths secured? I assume the
application is getting denied access to the feed due to lack of credentials?
Any help greatly appreciated, as always.
jonathan.
Re: secured paths and planet aggregations in Roller 4.0
Posted by jonathan <je...@ryerson.ca>.
Dave wrote:
> On Thu, Sep 18, 2008 at 9:41 AM, jonathan <je...@ryerson.ca> wrote:
>> This was apparently not an issue using Roller 3.1. Something is different
>> in the way this is handled in 4.0 (and 4.0.1)?
>>
>> jonathan wrote:
>>> I've been using security.xml to secure various blogs only allowing certain
>>> user types access:
>>>
>>> <property name="objectDefinitionSource">
>>> <value>
>>> PATTERN_TYPE_APACHE_ANT
>>> ...
>>> /<blogname>/**=register
>>> ...
>>> </value>
>>> etc...
>
> Hmm... we may have treated "local" (i.e. feeds on the local Roller
> server) feeds differently before 4.0, but I don't think so.
>
> I thought that we did not use HTTP to fetch local feeds, instead we
> hit the database directly. I'd have to check the code to be sure --
> either way, file a bug so we can revisit this.
>
> - Dave
It seems that the recent entries aggregation still works fine in 4.0
(aggregating content from password-protected blogs without difficulty).
It's just the custom planet aggregations where I'm seeing this error
message.
bug ROL-1748 logged.
Re: secured paths and planet aggregations in Roller 4.0
Posted by Dave <sn...@gmail.com>.
On Thu, Sep 18, 2008 at 9:41 AM, jonathan <je...@ryerson.ca> wrote:
> This was apparently not an issue using Roller 3.1. Something is different
> in the way this is handled in 4.0 (and 4.0.1)?
>
> jonathan wrote:
>>
>> I've been using security.xml to secure various blogs only allowing certain
>> user types access:
>>
>> <property name="objectDefinitionSource">
>> <value>
>> PATTERN_TYPE_APACHE_ANT
>> ...
>> /<blogname>/**=register
>> ...
>> </value>
>> etc...
Hmm... we may have treated "local" (i.e. feeds on the local Roller
server) feeds differently before 4.0, but I don't think so.
I thought that we did not use HTTP to fetch local feeds, instead we
hit the database directly. I'd have to check the code to be sure --
either way, file a bug so we can revisit this.
- Dave
Re: secured paths and planet aggregations in Roller 4.0
Posted by jonathan <je...@ryerson.ca>.
This was apparently not an issue using Roller 3.1. Something is
different in the way this is handled in 4.0 (and 4.0.1)?
jonathan wrote:
> I've been using security.xml to secure various blogs only allowing
> certain user types access:
>
> <property name="objectDefinitionSource">
> <value>
> PATTERN_TYPE_APACHE_ANT
> ...
> /<blogname>/**=register
> ...
> </value>
> etc...
>
> However... This is causing big troubles when I attempt to create planet
> groups. I get the following error when trying to add a feed
> (http://blogs.domain.com/roller/<blogname>/feed/entries/atom) to a
> custom aggregation group:
>
>
> ERROR 2008-09-17 10:34:52,954 PlanetSubscriptions:save - Unexpected
> error saving subscription
> Error fetching subscription -
> http://blogs.domain.com/roller/<blogname>/feed/entries/atom
> --- ROOT CAUSE ---
> com.sun.syndication.io.ParsingFeedException: Invalid XML: Error on line
> 1: Content is not allowed in prolog.
>
>
> If I remove the security configuration, the problem goes away. Is there
> a way to do this and keep the security.xml paths secured? I assume the
> application is getting denied access to the feed due to lack of
> credentials?
>
> Any help greatly appreciated, as always.
>
> jonathan.
>