Menu
▾
▴
exist-development — eXist Developer's List
You can subscribe to this list here.
| 2009 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
(22) |
Nov
(85) |
Dec
(20) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2010 |
Jan
(47) |
Feb
(127) |
Mar
(268) |
Apr
(78) |
May
(47) |
Jun
(38) |
Jul
(131) |
Aug
(221) |
Sep
(187) |
Oct
(54) |
Nov
(111) |
Dec
(84) |
| 2011 |
Jan
(152) |
Feb
(106) |
Mar
(94) |
Apr
(90) |
May
(53) |
Jun
(20) |
Jul
(24) |
Aug
(37) |
Sep
(32) |
Oct
(70) |
Nov
(22) |
Dec
(15) |
| 2012 |
Jan
(33) |
Feb
(110) |
Mar
(24) |
Apr
(1) |
May
(11) |
Jun
(8) |
Jul
(12) |
Aug
(37) |
Sep
(39) |
Oct
(81) |
Nov
(38) |
Dec
(50) |
| 2013 |
Jan
(23) |
Feb
(53) |
Mar
(23) |
Apr
(5) |
May
(19) |
Jun
(16) |
Jul
(16) |
Aug
(9) |
Sep
(21) |
Oct
(1) |
Nov
(2) |
Dec
(8) |
| 2014 |
Jan
(16) |
Feb
(6) |
Mar
(27) |
Apr
(1) |
May
(10) |
Jun
(1) |
Jul
(4) |
Aug
(10) |
Sep
(19) |
Oct
(22) |
Nov
(4) |
Dec
(6) |
| 2015 |
Jan
(3) |
Feb
(6) |
Mar
(9) |
Apr
|
May
(11) |
Jun
(23) |
Jul
(14) |
Aug
(10) |
Sep
(10) |
Oct
(9) |
Nov
(18) |
Dec
(4) |
| 2016 |
Jan
(5) |
Feb
(5) |
Mar
|
Apr
(2) |
May
(15) |
Jun
(2) |
Jul
(8) |
Aug
(2) |
Sep
(6) |
Oct
|
Nov
|
Dec
|
| 2017 |
Jan
(2) |
Feb
(12) |
Mar
(22) |
Apr
(6) |
May
|
Jun
|
Jul
(1) |
Aug
(1) |
Sep
(5) |
Oct
(2) |
Nov
|
Dec
|
| 2018 |
Jan
(2) |
Feb
|
Mar
|
Apr
|
May
|
Jun
(5) |
Jul
(3) |
Aug
|
Sep
(7) |
Oct
(19) |
Nov
|
Dec
|
| 2021 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
(1) |
Nov
|
Dec
|
| 2022 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
(3) |
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
|
From: Dmitriy S. <sha...@gm...> - 2010-09-27 16:33:41
|
On Mon, Sep 27, 2010 at 9:26 PM, Adam Retter <ad...@ex...> wrote: > >> Owner or manager really makes no difference to me. In English it would > >> seem to me that 'owner' is the more accurate and succinct term. > > > > By limited I did mean that there are two possible roles: memeber > > list manager (hope that's clear) & group's permisions manager (change > > resource permissions, that change group access level). I'm happy to have > > only group's 'owner' if there only one role under this, but I did show: > it's > > multi-roles defenation, that's why it bad one. > > Okay I think I am not understanding something, because I can only see > that there is one role here? > > >> > >> > (can change members list & > >> > permissions for group, it can be 2 different roles ) & 'member' (use > >> > group's > >> > permissions). It simple to see that there can be person that can > manage, > >> > but > >> > have no access for resources. > >> > >> > >> I am not clear on why a group would have 'permissions'? Surely > >> collections and resources have permissions in terms of owner and > >> group, but not the group object itself. > > > > Mirror your view and you will get my one. > > Can we teleconf about this, as I am afraid that I am not following > you. When is good for you Dmitriy? I did try to contact you today, but ... So, tomorrow 20:00 my time? -- Dmitriy Shabanov |
|
From: Adam R. <ad...@ex...> - 2010-09-27 16:26:28
|
>> Owner or manager really makes no difference to me. In English it would
>> seem to me that 'owner' is the more accurate and succinct term.
>
> By limited I did mean that there are two possible roles: memeber
> list manager (hope that's clear) & group's permisions manager (change
> resource permissions, that change group access level). I'm happy to have
> only group's 'owner' if there only one role under this, but I did show: it's
> multi-roles defenation, that's why it bad one.
Okay I think I am not understanding something, because I can only see
that there is one role here?
>>
>> > (can change members list &
>> > permissions for group, it can be 2 different roles ) & 'member' (use
>> > group's
>> > permissions). It simple to see that there can be person that can manage,
>> > but
>> > have no access for resources.
>>
>>
>> I am not clear on why a group would have 'permissions'? Surely
>> collections and resources have permissions in terms of owner and
>> group, but not the group object itself.
>
> Mirror your view and you will get my one.
Can we teleconf about this, as I am afraid that I am not following
you. When is good for you Dmitriy?
Cheers Adam.
> --
> Dmitriy Shabanov
>
--
Adam Retter
eXist Developer
{ United Kingdom }
ad...@ex...
irc://irc.freenode.net/existdb
|
|
From: Dmitriy S. <sha...@gm...> - 2010-09-27 16:23:45
|
On Mon, Sep 27, 2010 at 8:12 PM, Adam Retter <ad...@ex...> wrote: > >>2) Any user can remove themselves from any group they choose - I > >>cannot think of a case where downgrading a users rights prevents a > >>security risk. This is the users right! > > I did mail before, we must agree on terms we going to use. 'owner' is > quite > > good, but limited. My offer: group's 'manager' > > Owner or manager really makes no difference to me. In English it would > seem to me that 'owner' is the more accurate and succinct term. > By limited I did mean that there are two possible roles: memeber list manager (hope that's clear) & group's permisions manager (change resource permissions, that change group access level). I'm happy to have only group's 'owner' if there only one role under this, but I did show: it's multi-roles defenation, that's why it bad one. > > (can change members list & > > permissions for group, it can be 2 different roles ) & 'member' (use > group's > > permissions). It simple to see that there can be person that can manage, > but > > have no access for resources. > > > I am not clear on why a group would have 'permissions'? Surely > collections and resources have permissions in terms of owner and > group, but not the group object itself. > Mirror your view and you will get my one. -- Dmitriy Shabanov |
|
From: Adam R. <ad...@ex...> - 2010-09-27 16:22:48
|
On 27 September 2010 17:20, Dannes Wessels <da...@ex...> wrote: > > On 27 Sep 2010, at 17:12 , Adam Retter wrote: > > I am not clear on why a group would have 'permissions'? Surely > collections and resources have permissions in terms of owner and > group, but not the group object itself. > > Probably we want to have a look at the unix permissions model..... Why? I am still not clear on why a group would have permissions itself? > Kind regards > Dannes > -- > eXist-db Native XML Database - http://exist-db.org > Join us on linked-in: http://www.linkedin.com/groups?gid=35624 > > > > > > > > -- Adam Retter eXist Developer { United Kingdom } ad...@ex... irc://irc.freenode.net/existdb |
|
From: Dannes W. <da...@ex...> - 2010-09-27 16:21:00
|
On 27 Sep 2010, at 17:12 , Adam Retter wrote: > I am not clear on why a group would have 'permissions'? Surely > collections and resources have permissions in terms of owner and > group, but not the group object itself. Probably we want to have a look at the unix permissions model..... Kind regards Dannes -- eXist-db Native XML Database - http://exist-db.org Join us on linked-in: http://www.linkedin.com/groups?gid=35624 |
|
From: Evgeny G. <gaz...@gm...> - 2010-09-27 15:23:10
|
Just group/accout object is resource too and already have permissions! -- Evgeny |
|
From: Adam R. <ad...@ex...> - 2010-09-27 15:12:19
|
>>2) Any user can remove themselves from any group they choose - I
>>cannot think of a case where downgrading a users rights prevents a
>>security risk. This is the users right!
> I did mail before, we must agree on terms we going to use. 'owner' is quite
> good, but limited. My offer: group's 'manager'
Owner or manager really makes no difference to me. In English it would
seem to me that 'owner' is the more accurate and succinct term.
> (can change members list &
> permissions for group, it can be 2 different roles ) & 'member' (use group's
> permissions). It simple to see that there can be person that can manage, but
> have no access for resources.
I am not clear on why a group would have 'permissions'? Surely
collections and resources have permissions in terms of owner and
group, but not the group object itself.
--
Adam Retter
eXist Developer
{ United Kingdom }
ad...@ex...
irc://irc.freenode.net/existdb
|
|
From: Dmitriy S. <sha...@gm...> - 2010-09-27 13:43:43
|
On Mon, Sep 27, 2010 at 5:27 PM, Adam Retter <ad...@ex...> wrote: > > We must think in different strategies: access grant or denied. Very > often, > > better to deny access than grant, so removing must be limited to group's > > managres only. > >> > >> 3) "User A" can also delete "Group 1" when he choose because he is the > >> owner of that group. Again this is a case of downgrading users rights. > > I disagree. If you own the group, then you can choose to the group as > you wish. However there could be the option of co-owners as suggested > by Chris Tomlinson - this is quite a common requirement in my > experience also. > I did commit on: >2) Any user can remove themselves from any group they choose - I >cannot think of a case where downgrading a users rights prevents a >security risk. This is the users right! I did mail before, we must agree on terms we going to use. 'owner' is quite good, but limited. My offer: group's 'manager' (can change members list & permissions for group, it can be 2 different roles ) & 'member' (use group's permissions). It simple to see that there can be person that can manage, but have no access for resources. -- Dmitriy Shabanov |
|
From: Hungerburg <pc...@my...> - 2010-09-27 12:29:43
|
Am 2010-09-27 10:04, schrieb Dannes Wessels: >> Using Natulius as file manager, I get a HTTP not found error when I >> try to access eXist with >> >> dav://admin@localhost:8080/exist/webdav/db/ >> > > I can confirm, In the logging I see some typical logging..... > > dav://admin@localhost:8080/exist/webdav/db/foo/bar/ > dav://admin@localhost:8080/exist/webdav/db/foo/ > dav://admin@localhost:8080/exist/webdav/db/ > dav://admin@localhost:8080/exist/webdav/ > > and for the last PROPFIND does not work..... this seems to stop Nautilus to > work.... > > will check...... hello Dannes, the same happens with the *Bitkinex* webdav client. It gets stuck in an (endless) loop as it tries to "GET /exist/webdav HTTP/1.1". The app displays the headers of the chat nicely in a gui. if I correctly parse http://www.webdav.org/specs/rfc4918.html#collection.resources, quote: > Clients MUST be able to support the case where WebDAV resources are contained inside non-WebDAV resources. For example, if an OPTIONS response from "http://example.com/servlet/dav/collection" indicates WebDAV support, the client cannot assume that "http://example.com/servlet/dav/" or its parent necessarily are WebDAV collections. So, clients are allowed to test, if the parent is a webdav resource. Maybe they are wrong to interpret a 404 on the parent to imply that the full url isnt valid too. BUT maybe if the GET or OPTIONS returned 204 instead of 404 in that case, they would just start to work? Would you give it a try? Regards -- peter |
|
From: Adam R. <ad...@ex...> - 2010-09-27 12:27:59
|
> We must think in different strategies: access grant or denied. Very often,
> better to deny access than grant, so removing must be limited to group's
> managres only.
>>
>> 3) "User A" can also delete "Group 1" when he choose because he is the
>> owner of that group. Again this is a case of downgrading users rights.
I disagree. If you own the group, then you can choose to the group as
you wish. However there could be the option of co-owners as suggested
by Chris Tomlinson - this is quite a common requirement in my
experience also.
--
Adam Retter
eXist Developer
{ United Kingdom }
ad...@ex...
irc://irc.freenode.net/existdb
|
|
From: Adam R. <ad...@ex...> - 2010-09-27 12:26:16
|
> Another side: I'm a user B and I'm owner of me :)
> So I won't be added to group C, for example,
> by owner of group C.
Actually you would be - this is not a security issue. If an owner of a
group invites you into a group that he has created then that is
legitimate. You can then if you wish, remove yourself from that group
which again is a legitimate operation without security leaks.
--
Adam Retter
eXist Developer
{ United Kingdom }
ad...@ex...
irc://irc.freenode.net/existdb
|
|
From: Chris T. <chr...@gm...> - 2010-09-27 12:19:43
|
Unless membership in a group represents a restriction in the user's rights then self-removal can never increase the user's rights and so would seem to be permitted by the principle that no action by a user can increase their rights, only leave them the same or less. Chris On Sep 27, 2010, at 5:49 PM, Dmitriy Shabanov wrote: > 2) Any user can remove themselves from any group they choose - I > cannot think of a case where downgrading a users rights prevents a > security risk. This is the users right! > > We must think in different strategies: access grant or denied. Very often, better to deny access than grant, so removing must be limited to group's managres only. > |
|
From: Dmitriy S. <sha...@gm...> - 2010-09-27 12:04:32
|
On Mon, Sep 27, 2010 at 4:17 PM, Adam Retter <ad...@ex...> wrote:
> At present a lot of the operations around permissions are restricted
> to users in the DBA group. This is a artificial restriction that we
> have imposed to try and keep a high level of security. I think that
> this is a legacy, which in fairness was required, before Dmitriy's
> excellent work to modernise and massively improve the security
> architecture in eXist-db.
>
> However, I have two use cases (and there are probably others), whereby
> I need to decompose the security architecture in eXist-db further to
> allow us to build good web applications, where security can be managed
> by appropriately by authorised and authenticated users.
>
> Use Case 1
> ----------------
> A user creates a group, and then later wishes to remove the group.
>
> Problem - At present anyone can create a group, BUT only users in the
> DBA group can delete a group. It is undesirable to make all users DBA
> as this gives them complete control over the running eXist-db
> instance.
>
>
> Use Case 2
> ----------------
> A user creates a group, and then needs to be able to invite other
> users into his group for the purposes of sharing data.
>
> Problem - At present anyone can create a group, BUT only users in the
> DBA group can add a user to a group.
>
>
>
> Proposed Solution
> --------------------------
> Introduce the concept of ownership of a groups. The user who creates a
> group, is the owner of that group.
>
> e.g. If the user "User A" creates a group "Group 1", he is the owner
> of the group "Group 1".
> 1) "User A" can add any other user to "Group 1", because he is the
> owner of that group.
> 2) Any user can remove themselves from any group they choose - I
> cannot think of a case where downgrading a users rights prevents a
> security risk. This is the users right!
>
We must think in different strategies: access grant or denied. Very often,
better to deny access than grant, so removing must be limited to group's
managres only.
3) "User A" can also delete "Group 1" when he choose because he is the
> owner of that group. Again this is a case of downgrading users rights.
>
> Thanks Adam.
>
> --
> Adam Retter
>
> eXist Developer
> { United Kingdom }
> ad...@ex...
> irc://irc.freenode.net/existdb
>
--
Dmitriy Shabanov
|
|
From: Evgeny G. <gaz...@gm...> - 2010-09-27 11:53:28
|
Another side: I'm a user B and I'm owner of me :) So I won't be added to group C, for example, by owner of group C. :) So where better store the links between groups and accounts? in group doc? or in account doc? -- Evgeny |
|
From: Chris T. <chr...@gm...> - 2010-09-27 11:41:40
|
+1 and I would suggest that a group owner may add other users as owners so that User A can leave the group after User B has been made an owner. Presumably members of group dba will continue to have complete control.
This sort of mechanism obviously will get rid of "business policy" code that checks group membership for a user and then authenticates as a dba user in order to do these sorts of group management functions.
Chris
On Sep 27, 2010, at 5:02 PM, Adam Retter wrote:
> At present a lot of the operations around permissions are restricted
> to users in the DBA group. This is a artificial restriction that we
> have imposed to try and keep a high level of security. I think that
> this is a legacy, which in fairness was required, before Dmitriy's
> excellent work to modernise and massively improve the security
> architecture in eXist-db.
>
> However, I have two use cases (and there are probably others), whereby
> I need to decompose the security architecture in eXist-db further to
> allow us to build good web applications, where security can be managed
> by appropriately by authorised and authenticated users.
>
> Use Case 1
> ----------------
> A user creates a group, and then later wishes to remove the group.
>
> Problem - At present anyone can create a group, BUT only users in the
> DBA group can delete a group. It is undesirable to make all users DBA
> as this gives them complete control over the running eXist-db
> instance.
>
>
> Use Case 2
> ----------------
> A user creates a group, and then needs to be able to invite other
> users into his group for the purposes of sharing data.
>
> Problem - At present anyone can create a group, BUT only users in the
> DBA group can add a user to a group.
>
>
>
> Proposed Solution
> --------------------------
> Introduce the concept of ownership of a groups. The user who creates a
> group, is the owner of that group.
>
> e.g. If the user "User A" creates a group "Group 1", he is the owner
> of the group "Group 1".
> 1) "User A" can add any other user to "Group 1", because he is the
> owner of that group.
> 2) Any user can remove themselves from any group they choose - I
> cannot think of a case where downgrading a users rights prevents a
> security risk. This is the users right!
> 3) "User A" can also delete "Group 1" when he choose because he is the
> owner of that group. Again this is a case of downgrading users rights.
>
> Thanks Adam.
>
> --
> Adam Retter
>
> eXist Developer
> { United Kingdom }
> ad...@ex...
> irc://irc.freenode.net/existdb
>
> ------------------------------------------------------------------------------
> Start uncovering the many advantages of virtual appliances
> and start using them to simplify application deployment and
> accelerate your shift to cloud computing.
> http://p.sf.net/sfu/novell-sfdev2dev
> _______________________________________________
> Exist-development mailing list
> Exi...@li...
> https://lists.sourceforge.net/lists/listinfo/exist-development
|
|
From: Adam R. <ad...@ex...> - 2010-09-27 11:17:51
|
At present a lot of the operations around permissions are restricted
to users in the DBA group. This is a artificial restriction that we
have imposed to try and keep a high level of security. I think that
this is a legacy, which in fairness was required, before Dmitriy's
excellent work to modernise and massively improve the security
architecture in eXist-db.
However, I have two use cases (and there are probably others), whereby
I need to decompose the security architecture in eXist-db further to
allow us to build good web applications, where security can be managed
by appropriately by authorised and authenticated users.
Use Case 1
----------------
A user creates a group, and then later wishes to remove the group.
Problem - At present anyone can create a group, BUT only users in the
DBA group can delete a group. It is undesirable to make all users DBA
as this gives them complete control over the running eXist-db
instance.
Use Case 2
----------------
A user creates a group, and then needs to be able to invite other
users into his group for the purposes of sharing data.
Problem - At present anyone can create a group, BUT only users in the
DBA group can add a user to a group.
Proposed Solution
--------------------------
Introduce the concept of ownership of a groups. The user who creates a
group, is the owner of that group.
e.g. If the user "User A" creates a group "Group 1", he is the owner
of the group "Group 1".
1) "User A" can add any other user to "Group 1", because he is the
owner of that group.
2) Any user can remove themselves from any group they choose - I
cannot think of a case where downgrading a users rights prevents a
security risk. This is the users right!
3) "User A" can also delete "Group 1" when he choose because he is the
owner of that group. Again this is a case of downgrading users rights.
Thanks Adam.
--
Adam Retter
eXist Developer
{ United Kingdom }
ad...@ex...
irc://irc.freenode.net/existdb
|
|
From: Dannes W. <da...@ex...> - 2010-09-27 08:04:41
|
Hi, On Sat, Sep 25, 2010 at 4:36 PM, Wolfgang Meier <wol...@ex...>wrote: > Using davfs2 1.4.5, I get the following exception when trying to cp a > resource into a collection: > > java.lang.NullPointerException > at > com.bradmcevoy.http.webdav.LockHandler.processCreateAndLock(LockHandler.java:173) > > This should be fixed now > This happens for XML as well as binary resources. As Peter already > reported, you can list the contents of existing collections, but not > view any resource. > I fixed that as well.... > Using Natulius as file manager, I get a HTTP not found error when I > try to access eXist with > > dav://admin@localhost:8080/exist/webdav/db/ > I can confirm, In the logging I see some typical logging..... dav://admin@localhost:8080/exist/webdav/db/foo/bar/ dav://admin@localhost:8080/exist/webdav/db/foo/ dav://admin@localhost:8080/exist/webdav/db/ dav://admin@localhost:8080/exist/webdav/ and for the last PROPFIND does not work..... this seems to stop Nautilus to work.... will check...... D. -- eXist-db Native XML Database - http://exist-db.org Join us on linked-in: http://www.linkedin.com/groups?gid=35624 |
|
From: Dannes W. <da...@ex...> - 2010-09-26 19:51:22
|
All, On 26 Sep 2010, at 20:12 , Dannes Wessels wrote: > at this moment I am repairing some issues I found with the implementation. XML documents were stored as..... BINARY resources. In trunk I fixed this glitch, but as a consequence (Anton pointed to the right direction) download of files does not work anymore. Due to this bug (fixed in trunk) all files were stored as BINARY resources, meaning that if you inserted XML documents, you'll not be able to query these. Probably you need to delete these files and re-insert them again. Sorry for the inconvenience, But I overlooked just 3 characters... - MimeType mime = MimeTable.getInstance().getContentType(newName); + MimeType mime = MimeTable.getInstance().getContentTypeFor(newName); SIGH :-) Kind regards Dannes -- eXist-db Native XML Database - http://exist-db.org Join us on linked-in: http://www.linkedin.com/groups?gid=35624 |
|
From: Dannes W. <da...@ex...> - 2010-09-26 19:39:45
|
On 26 Sep 2010, at 17:41 , Anton Kolev wrote: > On 26.09.2010 17:53, Dannes Wessels wrote: >> when I login as admin ..... I cannot create any resources. (e.g. create >> a txt file using vi). There is nothing in the logging server side... so > > With WebDAVServlet or with milton? With milton I have the same result. ah ok. I assumed it worked for you with milton. the WebDAVServlet is a dead end... there will be no mainenance on that code, and when the new implementation is stable enough (it is for windows/macosx already!) it will be removed. > > tshark -i/dev/eth0 -w/tmp/milton-write.pcap tcp port 8080 and host 192.168.1.10 > > and wireshark on /tmp/milton-write.pcap (Follow TCP sream on right button over packets). Wireshark can be installed on Windows too. As I wrote in an other mail, the target of using a framework like Milton is that it is not required to dive into the webdav details for each client..... thnx for your ideas... and input. Kind regards Dannes -- eXist-db Native XML Database - http://exist-db.org Join us on linked-in: http://www.linkedin.com/groups?gid=35624 |
|
From: Dannes W. <da...@ex...> - 2010-09-26 19:35:05
|
Hi, On 26 Sep 2010, at 18:23 , Hungerburg wrote: > I did supply the URL including "/db" when mounting, nevertheless the gvfs webdav implementation does an OPTIONS call to the > parent of "/db" in order to find the topmost "root" of the share. I do not know what it expects to get, just not a 404. maybe a plain 200 or > 204 without any webdav headers. this might also remedy certain problems with older windows implementations. in nautilus I see basically the same behaviour. This is what I like of webdav... the webdav specs are soo unclear that all clients behave differently. > I have used davfs2 with the jackrabbit server successfully. I consider this a stable implementation. Ok, good to know > A quick way to get some debugging information out of davfs2: Thnx! I hoped by using a framework that I would not need to dive in to each client specific logging.... thnx for your input! Kind regards Dannes -- eXist-db Native XML Database - http://exist-db.org Join us on linked-in: http://www.linkedin.com/groups?gid=35624 |
|
From: Dannes W. <da...@ex...> - 2010-09-26 18:12:17
|
All, at this moment I am repairing some issues I found with the implementation. XML documents were stored as..... BINARY resources. In trunk I fixed this glitch, but as a consequence (Anton pointed to the right direction) download of files does not work anymore. I am working on it.... D. |
|
From: Hungerburg <pc...@my...> - 2010-09-26 16:23:17
|
Am 2010-09-26 17:05, schrieb Dannes Wessels: > > On 25 Sep 2010, at 17:01 , Hungerburg wrote: > >>> 2010-09-25 16:57:29,256 [eXistThread-23] DEBUG (HttpManager.java [process]:143) - OPTIONS :: http://server.local:8080/exist/webdav/ - http://http://server.local:8080/exist/webdav/ >>> 2010-09-25 16:57:29,256 [eXistThread-23] ERROR (ExistResourceFactory.java [getResource]:76) - path should at least contain /db > > this suggests that a wrong URL is supplied, there must actually be a "/db" in the path., like http://http://server.local:8080/exist/webdav/db When handling the URL in a request i see no other way to search for the URL part that represents a path in the database. Hello Dannes, I did supply the URL including "/db" when mounting, nevertheless the gvfs webdav implementation does an OPTIONS call to the parent of "/db" in order to find the topmost "root" of the share. I do not know what it expects to get, just not a 404. maybe a plain 200 or 204 without any webdav headers. this might also remedy certain problems with older windows implementations. Regarding davfs2: I have used davfs2 with the jackrabbit server successfully. I consider this a stable implementation. The only gotcha is, that it delays uploads ten seconds by default, which is not good if editing html eg. A quick way to get some debugging information out of davfs2: $ sudo -i # echo "debug most" >> ~/.davfs2/davfs2.conf # mount -t davfs http://192.168.1.10:8080/exist/webdav/db LOCALDIR # tailf /var/log/syslog this page lists alle debugging options http://manpages.ubuntu.com/manpages/intrepid/de/man5/davfs2.conf.5.html#toptoc8 its the same as $ man davfs2.conf if you do # echo "use_locks 0" >> ~/.davfs2/davfs2.conf then you can create and modify binary files, you also can create xml "files", but not view them. this rids you of the upload delay # echo "delay_upload 0" >> ~/.davfs2/davfs2.conf Yours -- peter |
|
From: Anton K. <ak...@de...> - 2010-09-26 15:41:21
|
Hi Dannes, On 26.09.2010 17:53, Dannes Wessels wrote: > interesting suggestion. Did you try this yourself already, it does > actually work? I need to check it with other clients first.... Yes (limited testing, just cat-ing some xml documents on console). > > btw; > I fired up ubuntu (with davfs2), but I am not sure I use it the correct way: > > sudo mount -t davfs http://192.168.1.10:8080/exist/webdav/db my_share_point In may setup, I am using /etc/fstab for mount definition and /etc/davfs2/secrets for password, but your command is equilvalent. Also, I always change delay_upload to 0 in /etc/davfs2/davfs2.conf > > when I login as admin ..... I cannot create any resources. (e.g. create > a txt file using vi). There is nothing in the logging server side... so With WebDAVServlet or with milton? With milton I have the same result. > I have no clue what is happening. davfs logging can be configured I think, but instead, for debugging I use jetty logs plus exist logs plus: tshark -i/dev/eth0 -w/tmp/milton-write.pcap tcp port 8080 and host 192.168.1.10 and wireshark on /tmp/milton-write.pcap (Follow TCP sream on right button over packets). Wireshark can be installed on Windows too. optionally for small flows tshark can be used with -V (immediate render packets tree on console) instead of -w (writing flow to file) I am checking simultaneously: <forward pattern="/webdav/" servlet="WebDAVServlet"/> <forward pattern="/webdav2/" servlet="milton"/> > > I am not familiar with this davfs, how good is it? > I have not tested closed source alternatives (like WebDrive for windows), but except them, in productive environment davfs2 is most reliable solution for me. Kind regards, Anton |
|
From: Dannes W. <da...@ex...> - 2010-09-26 15:05:52
|
On 25 Sep 2010, at 17:01 , Hungerburg wrote: >> 2010-09-25 16:57:29,256 [eXistThread-23] DEBUG (HttpManager.java [process]:143) - OPTIONS :: http://server.local:8080/exist/webdav/ - http://http://server.local:8080/exist/webdav/ >> 2010-09-25 16:57:29,256 [eXistThread-23] ERROR (ExistResourceFactory.java [getResource]:76) - path should at least contain /db this suggests that a wrong URL is supplied, there must actually be a "/db" in the path., like http://http://server.local:8080/exist/webdav/db When handling the URL in a request i see no other way to search for the URL part that represents a path in the database. Kind regards Dannes -- eXist-db Native XML Database - http://exist-db.org Join us on linked-in: http://www.linkedin.com/groups?gid=35624 |
|
From: Dannes W. <da...@ex...> - 2010-09-26 14:53:14
|
Hi, On 26 Sep 2010, at 16:23 , Anton Kolev wrote: > (this will produce the same behavior as old implementation - x*4k in PROPFIND, chunked in GET) interesting suggestion. Did you try this yourself already, it does actually work? I need to check it with other clients first.... btw; I fired up ubuntu (with davfs2), but I am not sure I use it the correct way: sudo mount -t davfs http://192.168.1.10:8080/exist/webdav/db my_share_point when I login as admin ..... I cannot create any resources. (e.g. create a txt file using vi). There is nothing in the logging server side... so I have no clue what is happening. I am not familiar with this davfs, how good is it? Kind regards Dannes -- eXist-db Native XML Database - http://exist-db.org Join us on linked-in: http://www.linkedin.com/groups?gid=35624 |
64 messages has been excluded from this view by a project administrator.
