You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@directory.apache.org by David Jencks <da...@yahoo.com> on 2006/12/25 22:09:43 UTC
TRIPLESEC various little problems
I'm running into a few more problems and questions....
1. The wiki page http://cwiki.apache.org/DIRxTRIPLESEC/uuid-
issues.html seems to indicate that some triplesec developers think
that jdk 1.4.2 compatibility should be maintained for a while
longer. Not knowing this my patches have used lots of jdk 1.5
features, mostly generics. I can't find any discussion of this
decision on the mailing list (doesn't mean it's not there :-). So, I
propose we move to jdk 1.5 and ask those wanting to run on 1.4 to use
retrotranslator. BTW I didn't look far but it looks to me as if
apache harmony has a UUID implementation.
2. After lots of successful builds I discovered -Pintegration and
started running into failures. I find the integration tests don't
take very long so I'd recommend reversing the default and having to
use -Pquick or -Pno-integration for a faster build. I've had 2 sets
of problems:
a. The store tests failed AFAICT from mismatched shared-ldap
libraries. The ldif files were not getting read in at all.
Eventually I gave up trying to understand which jars were being used
and debug through those jars and switched to apacheds 1.5.0-SNAPSHOT
and shared 0.9.6-SNAPSHOT at which point these tests started passing.
b. The guardian-ldap LdapApplicationPolicyIntegrationTest tests have
failures. Normally I get 3/7 failures. However if I add a sleep here:
protected void setUp() throws Exception
{
super.setUp();
Thread.sleep(500);
Properties props = new Properties();
I sometimes get more failures: Tests run: 7, Failures: 1, Errors: 6,
Skipped: 0, Time elapsed: 8.809 sec <<< FAILURE!
I've been unable to figure out what is supposed to be happening and
what is happening.
3. I can't say I've looked very hard but it's not at all clear to me
what the embedded jetty instance is doing. Whatever it is, to use
triplesec in an app server, I think we'd want to run under the app
servers web container. Is this currently configurable in some way
that I've missed?
4. The installer build fails for me.... and it's not too clear what's
needed to run triplesec without the installer.
I'd be particularly interested to know if the integration profile
builds for anyone else and if the installer build works for anyone.
Many thanks
david jencks
Re: TRIPLESEC various little problems
Posted by Alex Karasulu <ak...@apache.org>.
Hi David,
Comments in line ...
David Jencks wrote:
> I'm running into a few more problems and questions....
>
> 1. The wiki page http://cwiki.apache.org/DIRxTRIPLESEC/uuid-issues.html
> seems to indicate that some triplesec developers think that jdk 1.4.2
> compatibility should be maintained for a while longer. Not knowing this
> my patches have used lots of jdk 1.5 features, mostly generics. I can't
> find any discussion of this decision on the mailing list (doesn't mean
> it's not there :-). So, I propose we move to jdk 1.5 and ask those
> wanting to run on 1.4 to use retrotranslator. BTW I didn't look far but
> it looks to me as if apache harmony has a UUID implementation.
Yeah don't worry about 1.4 compatibility. The community has moved on to
1.5.
> 2. After lots of successful builds I discovered -Pintegration and
> started running into failures. I find the integration tests don't take
> very long so I'd recommend reversing the default and having to use
> -Pquick or -Pno-integration for a faster build.
Interesting idea. It might catch more of our issues if it is the
default since the integration tests will more thoroughly test the server.
I wonder what others might think of this as well. I know many expresses
their disdain with integration tests taking so long. This is why I did
not run them on the default.
I've had 2 sets of
> problems:
>
> a. The store tests failed AFAICT from mismatched shared-ldap
> libraries. The ldif files were not getting read in at all. Eventually
> I gave up trying to understand which jars were being used and debug
> through those jars and switched to apacheds 1.5.0-SNAPSHOT and shared
> 0.9.6-SNAPSHOT at which point these tests started passing.
Ok we may have a library issue. Currently Tsec is setup to depend on
ApacheDS 1.0 released jars. The ldap and other shared libs are setup to
use 0.9.5.3 release versions for 1.0. You should use this version.
> b. The guardian-ldap LdapApplicationPolicyIntegrationTest tests have
> failures. Normally I get 3/7 failures. However if I add a sleep here:
>
> protected void setUp() throws Exception
> {
> super.setUp();
> Thread.sleep(500);
> Properties props = new Properties();
>
> I sometimes get more failures: Tests run: 7, Failures: 1, Errors: 6,
> Skipped: 0, Time elapsed: 8.809 sec <<< FAILURE!
>
> I've been unable to figure out what is supposed to be happening and
> what is happening.
Hmmm I have to start debugging things to help you here.
> 3. I can't say I've looked very hard but it's not at all clear to me
> what the embedded jetty instance is doing. Whatever it is, to use
> triplesec in an app server, I think we'd want to run under the app
> servers web container. Is this currently configurable in some way that
> I've missed?
The Jetty instance is there for the web based initial configuration of
triplesec. However this need not be used if triplesec is configured
programatically. Only the standalone version should be using this
feature. If it is not doing this now we can correct it.
So you don't even need jetty when embedding.
> 4. The installer build fails for me.... and it's not too clear what's
> needed to run triplesec without the installer.
>
> I'd be particularly interested to know if the integration profile builds
> for anyone else and if the installer build works for anyone.
It used to before the move when we released 0.7.1 which was the last
release of tsec. Things are a bit in shambles right now. I will try to
get things in order sometime within the next few days if you don't beat
me to it.
Alex
Re: TRIPLESEC various little problems
Posted by Alex Karasulu <ak...@apache.org>.
Emmanuel Lecharny wrote:
> Whell, I never heard of -P in maven (even if I've heard a lot of things
> about maven, not all being nice :). -D sounds like any ant or java
> property settings. We usually use mvn -Dintegration test on trunks. -P
> activates profile, but I also guess that -D set the very same
> property... Hmmm. Maven black magic again :)
The -D is just a way to specify a system property for the JVM on the
command line. Maven picks up the system property and uses that for the
switch to determine which profile it will run.
Regards,
Alex
Re: TRIPLESEC various little problems
Posted by Emmanuel Lecharny <el...@gmail.com>.
David Jencks a écrit :
>
> On Dec 25, 2006, at 4:26 PM, Emmanuel Lecharny wrote:
>
>> David Jencks a écrit :
>>
>>> I'm running into a few more problems and questions....
>>>
>>> 1. The wiki page http://cwiki.apache.org/DIRxTRIPLESEC/uuid-
>>> issues.html seems to indicate that some triplesec developers think
>>> that jdk 1.4.2 compatibility should be maintained for a while
>>> longer. Not knowing this my patches have used lots of jdk 1.5
>>> features, mostly generics. I can't find any discussion of this
>>> decision on the mailing list (doesn't mean it's not there :-).
>>
>>
>> We have switched to Java 5 in trunks. Forget about 1.4.2
>> compatibility...
>>
>>> So, I propose we move to jdk 1.5 and ask those wanting to run on
>>> 1.4 to use retrotranslator. BTW I didn't look far but it looks to
>>> me as if apache harmony has a UUID implementation.
>>
>>
>> Already switched :)
>
>
> I thought apacheds was already on 1.5 so I was really wondering about
> triplesec :-)
As Triplesec has been injected after 1.0, and in trunks, I guess it
should be considered as java 5 compatible, like any other projects in
trunks.
>
>>
>>>
>>> 2. After lots of successful builds I discovered -Pintegration and
>>> started running into failures. I find the integration tests don't
>>> take very long so I'd recommend reversing the default and having
>>> to use -Pquick or -Pno-integration for a faster build. I've had 2
>>> sets of problems:
>>
>>
>> You mean, -Dintegration ?
>
>
> -Dintegration has the same effect, much to my surprise. I thought
> the standard way of selecting profiles in mvn was with -P, but -D and
> -P seem to have the same effect in this case.
Whell, I never heard of -P in maven (even if I've heard a lot of things
about maven, not all being nice :). -D sounds like any ant or java
property settings. We usually use mvn -Dintegration test on trunks. -P
activates profile, but I also guess that -D set the very same
property... Hmmm. Maven black magic again :)
Emmanuel
Re: TRIPLESEC various little problems
Posted by Alex Karasulu <ak...@apache.org>.
David Jencks wrote:
>
> I thought apacheds was already on 1.5 so I was really wondering about
> triplesec :-)
>
...
Yeah the new 1.5.x (dev) branch is jdk 1.5 and up. The 1.0.x branch is
1.4.2 compatible. Might not compile with 1.4 but will run on 1.4
without LDAPS support.
We jumped from 1.0 to 1.5 instead of 1.1 to cue the community that
something big like switching the minimal JDK platform we run on has changed.
FYI the 1.5 was not selected because of the JDK version. We merely
skipped a few minor release versions.
> Previously the shared-ldap version was 0.9.5.3 and apacheds version
> 1.0.0. This worked fine until I tried the integration tests.
Oh boy! OK I will need to setup my environment here and start debugging
the problem.
Regards,
Alex
Re: TRIPLESEC various little problems
Posted by David Jencks <da...@yahoo.com>.
On Dec 25, 2006, at 4:26 PM, Emmanuel Lecharny wrote:
> David Jencks a écrit :
>
>> I'm running into a few more problems and questions....
>>
>> 1. The wiki page http://cwiki.apache.org/DIRxTRIPLESEC/uuid-
>> issues.html seems to indicate that some triplesec developers
>> think that jdk 1.4.2 compatibility should be maintained for a
>> while longer. Not knowing this my patches have used lots of jdk
>> 1.5 features, mostly generics. I can't find any discussion of
>> this decision on the mailing list (doesn't mean it's not there :-).
>
> We have switched to Java 5 in trunks. Forget about 1.4.2
> compatibility...
>
>> So, I propose we move to jdk 1.5 and ask those wanting to run on
>> 1.4 to use retrotranslator. BTW I didn't look far but it looks
>> to me as if apache harmony has a UUID implementation.
>
> Already switched :)
I thought apacheds was already on 1.5 so I was really wondering about
triplesec :-)
>
>>
>> 2. After lots of successful builds I discovered -Pintegration and
>> started running into failures. I find the integration tests
>> don't take very long so I'd recommend reversing the default and
>> having to use -Pquick or -Pno-integration for a faster build.
>> I've had 2 sets of problems:
>
> You mean, -Dintegration ?
-Dintegration has the same effect, much to my surprise. I thought
the standard way of selecting profiles in mvn was with -P, but -D and
-P seem to have the same effect in this case.
>
>>
>> a. The store tests failed AFAICT from mismatched shared-ldap
>> libraries. The ldif files were not getting read in at all.
>
> I would be interested to know which shared-ldap you are using. The
> LdifReader has been totally rewritten for 1.0
>
Previously the shared-ldap version was 0.9.5.3 and apacheds version
1.0.0. This worked fine until I tried the integration tests.
Many thanks!
david jencks
>> Eventually I gave up trying to understand which jars were being
>> used and debug through those jars and switched to apacheds 1.5.0-
>> SNAPSHOT and shared 0.9.6-SNAPSHOT at which point these tests
>> started passing.
>
> Ahhh. Make sense. The pom.xml must be cleaned in triplesec, it
> seems...
>
>>
>> b. The guardian-ldap LdapApplicationPolicyIntegrationTest tests
>> have failures. Normally I get 3/7 failures. However if I add a
>> sleep here:
>>
>> protected void setUp() throws Exception
>> {
>> super.setUp();
>> Thread.sleep(500);
>> Properties props = new Properties();
>>
>> I sometimes get more failures: Tests run: 7, Failures: 1, Errors:
>> 6, Skipped: 0, Time elapsed: 8.809 sec <<< FAILURE!
>>
>> I've been unable to figure out what is supposed to be happening
>> and what is happening.
>
> Starting here, I have no answer to your questions ... Alex ?
>
>>
>> Many thanks
>> david jencks
>>
> Emmanuel
>
Re: TRIPLESEC various little problems
Posted by Emmanuel Lecharny <el...@gmail.com>.
David Jencks a écrit :
> I'm running into a few more problems and questions....
>
> 1. The wiki page http://cwiki.apache.org/DIRxTRIPLESEC/uuid-
> issues.html seems to indicate that some triplesec developers think
> that jdk 1.4.2 compatibility should be maintained for a while
> longer. Not knowing this my patches have used lots of jdk 1.5
> features, mostly generics. I can't find any discussion of this
> decision on the mailing list (doesn't mean it's not there :-).
We have switched to Java 5 in trunks. Forget about 1.4.2 compatibility...
> So, I propose we move to jdk 1.5 and ask those wanting to run on 1.4
> to use retrotranslator. BTW I didn't look far but it looks to me as
> if apache harmony has a UUID implementation.
Already switched :)
>
> 2. After lots of successful builds I discovered -Pintegration and
> started running into failures. I find the integration tests don't
> take very long so I'd recommend reversing the default and having to
> use -Pquick or -Pno-integration for a faster build. I've had 2 sets
> of problems:
You mean, -Dintegration ?
>
> a. The store tests failed AFAICT from mismatched shared-ldap
> libraries. The ldif files were not getting read in at all.
I would be interested to know which shared-ldap you are using. The
LdifReader has been totally rewritten for 1.0
> Eventually I gave up trying to understand which jars were being used
> and debug through those jars and switched to apacheds 1.5.0-SNAPSHOT
> and shared 0.9.6-SNAPSHOT at which point these tests started passing.
Ahhh. Make sense. The pom.xml must be cleaned in triplesec, it seems...
>
> b. The guardian-ldap LdapApplicationPolicyIntegrationTest tests have
> failures. Normally I get 3/7 failures. However if I add a sleep here:
>
> protected void setUp() throws Exception
> {
> super.setUp();
> Thread.sleep(500);
> Properties props = new Properties();
>
> I sometimes get more failures: Tests run: 7, Failures: 1, Errors: 6,
> Skipped: 0, Time elapsed: 8.809 sec <<< FAILURE!
>
> I've been unable to figure out what is supposed to be happening and
> what is happening.
Starting here, I have no answer to your questions ... Alex ?
>
> Many thanks
> david jencks
>
Emmanuel