You are viewing a plain text version of this content. The canonical link for it is here.

Posted to jetspeed-user@portals.apache.org by David Sean Taylor <da...@bluesunrise.com> on 2003/01/06 08:11:01 UTC

Re: Possible data integrity fault: Removed 'user' role kills admin

On Friday, December 27, 2002, at 09:29  AM, Gary Lawrence Murphy wrote:

>
> This appears to be a data-integrity problem where deleting a role
> has not been properly propagated or protected against:  Seeking to
> refactor the role of "user" to "member" and "guest", I removed the
> role of "user" and now jetspeed refuses to assign any roles to
> any users returning instead errors like
>
>    Failed update role+permission:
>    org.apache.jetspeed.services.security.GroupException: Unjoin group
>    'Jetspeed' to user 'anon' failed: : Unknown role 'user'
>
> Adding the 'user' role back in corrects the problem.  My guess is that
> you have to manually ensure that the role is no longer used before you
> remove it, but this should be detected when someone tries to delete
> a role.
> -- 
> Gary Lawrence Murphy - garym@teledyn.com - TeleDynamics Communications
>    - blog: http://www.teledyn.com/mt/ - biz: http://teledyn.com/ -
>   "Computers are useless. They can only give you answers." (Picasso)
>
> --
> To unsubscribe, e-mail:   
> <ma...@jakarta.apache.org>
> For additional commands, e-mail: 
> <ma...@jakarta.apache.org>
>
>
>

Not sure how much time Im going to have to work on the tutorial. Anyway 
  I think its configured here:

  http://www.quicktopic.com/18/D/JP9GLWfctwr.html

--
David Sean Taylor
Bluesunrise Software
david@bluesunrise.com
+01 707 773-4646




--
To unsubscribe, e-mail:   <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>

Re: Quicktopic Tutorial

Posted by Gary Lawrence Murphy <ga...@canada.com>.

Beautiful --- now when we discover issues in the tutorial, all we
need do is place the comment inline; it's unfortunate that QuickTopic
does not support images as that means you still have to read the
original edition and then cross-ref to place your comments.

-- 
Gary Lawrence Murphy - garym@teledyn.com - TeleDynamics Communications
   - blog: http://www.teledyn.com/mt/ - biz: http://teledyn.com/ -
  "Computers are useless. They can only give you answers." (Picasso)

--
To unsubscribe, e-mail:   <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>

Re: Possible data integrity fault: Removed 'user' role kills admin

Posted by David Sean Taylor <da...@bluesunrise.com>.

On Sunday, January 5, 2003, at 11:11  PM, David Sean Taylor wrote:

>
> On Friday, December 27, 2002, at 09:29  AM, Gary Lawrence Murphy wrote:
>
>>
>> This appears to be a data-integrity problem where deleting a role
>> has not been properly propagated or protected against:  Seeking to
>> refactor the role of "user" to "member" and "guest", I removed the
>> role of "user" and now jetspeed refuses to assign any roles to
>> any users returning instead errors like
>>
>>    Failed update role+permission:
>>    org.apache.jetspeed.services.security.GroupException: Unjoin group
>>    'Jetspeed' to user 'anon' failed: : Unknown role 'user'
>>
>> Adding the 'user' role back in corrects the problem.  My guess is that
>> you have to manually ensure that the role is no longer used before you
>> remove it, but this should be detected when someone tries to delete
>> a role.
>> -- 


Have a look at JetspeedSecurity.properties:

services.JetspeedSecurity.programmatic.cascade.delete=false

If you are using Hypersonic or another database that doesn't support 
cascading deletes, then this setting should be true


--
David Sean Taylor
Bluesunrise Software
david@bluesunrise.com
+01 707 773-4646




--
To unsubscribe, e-mail:   <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>

Re: Possible data integrity fault: Removed 'user' role kills admin

Posted by Gary Lawrence Murphy <ga...@canada.com>.

>>>>> "b" == bluesunrise  <bl...@mac.com> writes:

    >>  On Friday, December 27, 2002, at 09:29 AM, Gary Lawrence
    >> Murphy wrote:
    >>>  This appears to be a data-integrity problem where deleting a
    >>> role has not been properly propagated or protected against:
    >>> Seeking to refactor the role of "user" to "member" and
    >>> "guest", I removed the role of "user" and now jetspeed refuses
    >>> to assign any roles to any users returning instead errors like

    b> Have a look at JetspeedSecurity.properties:
    b> services.JetspeedSecurity.programmatic.cascade.delete=false

    b> If you are using Hypersonic or another database that doesn't
    b> support cascading deletes, then this setting should be true

Yes, I have that set true, but the database still becomes corrupted
by a delete.

-- 
Gary Lawrence Murphy - garym@teledyn.com - TeleDynamics Communications
   - blog: http://www.teledyn.com/mt/ - biz: http://teledyn.com/ -
  "Computers are useless. They can only give you answers." (Picasso)

--
To unsubscribe, e-mail:   <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>

Re: Possible data integrity fault: Removed 'user' role kills admin

Posted by bl...@mac.com.

On Sunday, January 5, 2003, at 11:11  PM, David Sean Taylor wrote:

>
> On Friday, December 27, 2002, at 09:29  AM, Gary Lawrence Murphy wrote:
>
>>
>> This appears to be a data-integrity problem where deleting a role
>> has not been properly propagated or protected against:  Seeking to
>> refactor the role of "user" to "member" and "guest", I removed the
>> role of "user" and now jetspeed refuses to assign any roles to
>> any users returning instead errors like
>>
>>    Failed update role+permission:
>>    org.apache.jetspeed.services.security.GroupException: Unjoin group
>>    'Jetspeed' to user 'anon' failed: : Unknown role 'user'
>>
>> Adding the 'user' role back in corrects the problem.  My guess is that
>> you have to manually ensure that the role is no longer used before you
>> remove it, but this should be detected when someone tries to delete
>> a role.
>> -- 
>> Gary Lawrence Murphy - garym@teledyn.com - TeleDynamics Communications
>>    - blog: http://www.teledyn.com/mt/ - biz: http://teledyn.com/ -
>>   "Computers are useless. They can only give you answers." (Picasso)
>>
>> --
>> To unsubscribe, e-mail:   
>> <ma...@jakarta.apache.org>
>> For additional commands, e-mail: 
>> <ma...@jakarta.apache.org>
>>
>>
>>

Have a look at JetspeedSecurity.properties:

services.JetspeedSecurity.programmatic.cascade.delete=false

If you are using Hypersonic or another database that doesn't support 
cascading deletes, then this setting should be true

--
David Sean Taylor
Bluesunrise Software
david@bluesunrise.com
+01 707 773-4646


--
To unsubscribe, e-mail:   <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>