pebble-user — Mailing list for Pebble users.

[pebble-user] Next Pebble/Pebble3

[Joachim R. <ma...@jo...>]

Dear Simon Brown,
Dear James Roper,
Dear Olaf Kock,

Hello everybody,

I'm only writing to you because I found your names in the pebble pom.xml 
;-) No, all jokes aside.

I am a software developer from Germany (meanwhile 53) and working as a 
freelancer now for more than 10 years (+X years before as an 
employee/hobbyist ) in a professional Java/JEE context - here:
https://www.xing.com/profile/Joachim_Roesener/

At the moment I have some time to take care of my own projects and 
therefore I have e.g. maintained or modernized my IT infrastructure.

Since about 2005 I had been running pebble on my server and wanted to 
get this great piece of software up and running again. I found out that 
pebble doesn't have a maintainer anymore (and is no longer developed) - 
which is a pity, but I can understand it, because the code base is from 
a completely different time. Times I still know

I am in the process of developing pebble into pebble3 - because I liked 
the project from the beginning and because so much knowledge has already 
gone into the software that it would be a shame to just "throw pebble 
away".

Status:
- I cloned the current master in my own git/private gitlab, you can see 
my last "official" state here:
https://blog.audiotraining.org/
- I am currently doing some work on the code (more on that in a moment). 
I'll push my changes when I see fit. In this context: I don't want to 
become the new maintainer - I have neither time nor nerves for that
- when I'm done with my changes, I will invite you to the code review

About refactoring/consolidation:
It feels like some parts of pebble are still on the Java 1.3 level
Therefore I have already made the following changes:
- Adaptation of the artifacts in pom.xml to current versions
- Implementation of Java 1.5 generics
- Migration from Spring Security3 to Spring Security4 (bcrypt)
- Implementation of ZonedDateTime vs. Date/Calendar
- Elimination of potential resource leaks/implemetation 
try-catch-with-resource
- Increase of code quality by static code analysis (SonarLint is 
merciless ;-))
- Adaptation of tests

About my motivation:
I want to turn pebble (new working title: "pebble3") into a modern 
Spring Boot application, which can also run "in the cloud"/in a container.
- Persistence: Since "in the cloud" there is no file system available to 
begin with (or the application should be stateless), I at least thought 
about implementing an abstract file access layer (Apache VFS2). On the 
other hand, I don't know yet if it would be so cool to store images in a 
database (as BLOBS) (to dispense with a file system) . Otherwise I'm 
thinking about connecting pebble3 to a DBMS via JPA. Maybe you have some 
suggestions for me here?
- MVC paradigm: I will split pebble3 into a backend and a frontend. The 
backend should still be accessible via XML-RPC (with camel xml-rpc), but 
the frontend should be able to communicate with the backend via a 
"modern" REST-API. This would have the smart advantage that new 
(Java/Typescript) user interfaces could access the backend via AJAX.
- Frontend: I still think JSF is cool, but unfortunately it is a bit 
outdated now (keywords: Responsive Design, UX, mobile devices). As an 
intermediate step or because I don't know much about frontend 
technologies, I could imagine Vaadin, for example, with which even a 
Java backend developer like me could implement appealing UIs (I already 
have experience in this). My main concern is to eleminate JSP - that is 
very ugly in 2021 by now . What do you think?

So, 'nuff said No Spam

I am very curious about your answer

Many greetings from Germany,
Joachim Rösener.

Translated with www.DeepL.com/Translator (free version)

Re: [pebble-user] Email Integration Help

[Chris K. (P. User) <peb...@kr...>]

I suspect you are correct.

mail.jar is referring to Javamail which you can download 

https://github.com/javaee/javamail/releases <https://github.com/javaee/javamail/releases>

Pebble has not been tested against tomcat 9. Even the version in master has not been tested against anything newer than Tomcat 7 but it may just work. 

I’m not sure why these were just not bundled via maven. Legacy reasons probably.

Chris K.
@krugerheavyindustries.com


> On 20 Sep 2019, at 9:57 pm, andrew headington <alh...@gm... <mailto:alh...@gm...>> wrote:
> 
> GM I was hoping to get some help with the email integration. I am running Pebble 2.6.4 on a tomcat 9. I have the below error and was trying to implement the instructions to resolve.
> 
> I am looking for the jars in WEB-INF/lib but the only jar I see is activation-1.1.jar and there is no email jar. Can someone point me in the right direction? Also, since this tomcat 9 am I correct to copy the files to /apache-tomcat9.0.24/lib/ ?
> 
> Thanks!
> 
> 
> 20/09/19 00:49	WARN	Error while starting e-mail subscription listener - add mail.jar and activation.jar to the server classpath if you want to enable this listener.
> 
> To enable e-mail integration so that Pebble can send e-mails whenever people leave comments, copy the activation.jar and mail.jar files from the lib directory of the Pebble distribution into $TOMCAT_HOME/common/lib/.  
> _______________________________________________
> Pebble-user mailing list
> Peb...@li... <mailto:Peb...@li...>
> https://lists.sourceforge.net/lists/listinfo/pebble-user



Chris K.
@krugerheavyindustries.com

[pebble-user] Email Integration Help

[andrew h. <alh...@gm...>]

GM I was hoping to get some help with the email integration. I am running
Pebble 2.6.4 on a tomcat 9. I have the below error and was trying to
implement the instructions to resolve.

I am looking for the jars in WEB-INF/lib but the only jar I see is
activation-1.1.jar and there is no email jar. Can someone point me in
the right direction? Also, since this tomcat 9 am I correct to copy the
files to /apache-tomcat9.0.24/lib/ ?

Thanks!


20/09/19 00:49 WARN Error while starting e-mail subscription listener - add
mail.jar and activation.jar to the server classpath if you want to enable
this listener.

To enable e-mail integration so that Pebble can send e-mails whenever
people leave comments, copy the activation.jar and mail.jar files from the
lib directory of the Pebble distribution into $TOMCAT_HOME/common/lib/.

Re: [pebble-user] Thumbnail rotation by 90°

[Damian R. <dam...@ou...>]

Dear Pebble-Users

I found the the reason of my problem. Some programs like Windows Image
Viewer don't really change  the image rotation. These programs
only set the EXIF attribute "Orientation". Most programs(e.g. graphic
programs and web browser) handle this attribute by themself. But the
thumbnail plugin doesn't have an interpretation of EXIF-data. It does
only interpret the raw image data, and these are not rotated.

I have found out by creating an simple Java-Program and disable each
steps of pebble's image conversion.

Here is the link with the essential information:
https://stackoverflow.com/questions/15978809/imageio-read-always-rotates-my-uploaded-picture

Kind regards
Damian



Am 02.01.2016 um 16:13 schrieb Damian Rauchenstein:
> Dear Pebble-Users
>
> This is my first interaction in a Mailing list, so don't be mad, if
> missed something you're used to.
>
> First of all I use Pebble 2.6.4 in combination with Tomcat7 on an local
> Ubuntu machine.
> It mostly works like a charm. My only problem ist the use of the
> ThumbnailDecorator.
> In case of landscape formatted pictures, the thumbnail works perfectly.
> My problem are pictures in upright format, because their thumbnail
> everytime gets automatically rotatet by 90°.
>
> Is this behavior as designed, or did I do something wrong?
>
> Kind regards
> Damian
>
>
>
>

[pebble-user] Thumbnail rotation by 90°

[Damian R. <dam...@ou...>]

Dear Pebble-Users

This is my first interaction in a Mailing list, so don't be mad, if
missed something you're used to.

First of all I use Pebble 2.6.4 in combination with Tomcat7 on an local
Ubuntu machine.
It mostly works like a charm. My only problem ist the use of the
ThumbnailDecorator.
In case of landscape formatted pictures, the thumbnail works perfectly.
My problem are pictures in upright format, because their thumbnail
everytime gets automatically rotatet by 90°.

Is this behavior as designed, or did I do something wrong?

Kind regards
Damian

Re: [pebble-user] Link to older articles

[Emmanuel P. <puy...@et...>]

Hi James,

Sorry for my late answer but thanks for the answer you posted about links to older articles
http://sourceforge.net/p/pebble/mailman/message/33747130/

I made the basic changes you proposed and it worked without any problem :-)
http://www.sweethome3d.com/blog/ <http://www.sweethome3d.com/blog/>

Best regards,
--
Emmanuel PUYBARET
Sweet Home 3D developer
Email  : puy...@et... <mailto:puy...@et...>
Web    : http://www.eteks.com <http://www.eteks.com/>
         http://www.sweethome3d.com <http://www.sweethome3d.com/>

Re: [pebble-user] Problem with Comments in Pebble 2.4

[Ant K. <ant...@gm...>]

Hello,

Previously I had been using Apache and AJP which is why I didn't have this
problem before. Now I have switched over to nginx and it simply forwards
the HTTP request, so the problem is as described below.

James' solution worked for me. More exactly:

in nginx I added:

              proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

In Tomcat, I added:

        <Valve className="org.apache.catalina.valves.RemoteIpValve"
               internalProxies="127.0.0.1" />

(inside the host tags)

Thanks for the swift help,
Ant


On 19 October 2015 at 03:48, James Roper <ja...@ja...> wrote:

> Reverse proxies typically pass the clients IP address by adding additional
> headers to the request.  There is a new standard (RFC7239) called the
> Forwarded header, but not many proxies or servers have support for this,
> most use the old defacto standard of X-Forwarded-For.
>
> So, you need to configure nginx to add an X-Forwarded-For header, and you
> also need to configure the pebble server to read the X-Forwarded-For
> header.  To configure nginx:
>
> proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
>
> Now pebble doesn't out of the box support using the X-Forwarded-For
> header, but the server you run it on may.  If you run it on tomcat for
> example,  you can use the remote IP valve in your tomcat server
> configuration:
>
>
> https://tomcat.apache.org/tomcat-7.0-doc/api/org/apache/catalina/valves/RemoteIpValve.html
>
>
>
> On 18 October 2015 at 00:03, Olaf Kock <pe...@ol...> wrote:
>
>> Hi Ant,
>>
>> I'm not sure about nginx, but this frequently happens with Apache as
>> well. I can tell you how to fix it there, you'll have to do the
>> "translation" to nginx yourself...
>>
>> When you forward from Apache to (e.g.) tomcat through HTTP, you're
>> creating a new HTTP request on Apache, legitimately this comes from
>> 127.0.0.1. Typically this also looses the original Hostname (as it only
>> carries whatever Apache needs to access your tomcat instance). Also tomcat
>> believes it's serving content on port 8080 and generates URLs according to
>> this.
>>
>> One way to fix it is to forward not through HTTP but through AJP - on
>> Apache mod_jk is an option.
>>
>> There are numerous options that carry the original request's properties
>> forward to tomcat, signalling to tomcat that it's behind a proxy.
>> "ProxyPreserveHost On" is one of them, so that Tomcat gets an idea of the
>> original Hostname. There's certainly one that forwards the original host's
>> IP, I'm suspecting something similar to "x-forwarded-for", a typical proxy
>> header.
>>
>> Sorry, not a full solution, but maybe enough food for thought to get you
>> onto the right track. Please report back with the solution if this has
>> helped finding it. Or report back if it hasn't - maybe someone else has the
>> setup ready to go and can share as well.
>>
>> Cheers,
>> Olaf
>>
>>
>> Am 15.10.2015 um 22:12 schrieb Ant Kutschera:
>>
>> Hi,
>>
>> I have come across an interesting problem when pebble is deployed behind
>> a reverse proxy (e.g. nginx).
>>
>> If I log in to my blog and post a comment, then 127.0.0.1 is added to the
>> whitelist, because pebble sees the request coming from localhost (the
>> reverse proxy) rather than from the internet.  That then opens up my blog
>> for anyone in the world to create a comment, because when they do, it too
>> is viewed as coming from localhost, which is now on the whitelist :-)
>>
>> Either I have nginx setup wrong, and it should be passing pebble the
>> outside IP address (help please?) or this is a bug/feature-request in
>> pebble.
>>
>> Has anyone else had this problem? I using Pebble 2.4.
>>
>> Thanks,
>> Ant
>>
>>
>>
>>
>> ------------------------------------------------------------------------------
>>
>>
>>
>> _______________________________________________
>> Pebble-user mailing lis...@li...https://lists.sourceforge.net/lists/listinfo/pebble-user
>>
>>
>>
>>
>> ------------------------------------------------------------------------------
>>
>> _______________________________________________
>> Pebble-user mailing list
>> Peb...@li...
>> https://lists.sourceforge.net/lists/listinfo/pebble-user
>>
>>
>
>
> ------------------------------------------------------------------------------
>
> _______________________________________________
> Pebble-user mailing list
> Peb...@li...
> https://lists.sourceforge.net/lists/listinfo/pebble-user
>
>


-- 
_______________________
Dr Ant Kutschera

Re: [pebble-user] Problem with Comments in Pebble 2.4

[James R. <ja...@ja...>]

Reverse proxies typically pass the clients IP address by adding additional
headers to the request.  There is a new standard (RFC7239) called the
Forwarded header, but not many proxies or servers have support for this,
most use the old defacto standard of X-Forwarded-For.

So, you need to configure nginx to add an X-Forwarded-For header, and you
also need to configure the pebble server to read the X-Forwarded-For
header.  To configure nginx:

proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

Now pebble doesn't out of the box support using the X-Forwarded-For header,
but the server you run it on may.  If you run it on tomcat for example,
 you can use the remote IP valve in your tomcat server configuration:

https://tomcat.apache.org/tomcat-7.0-doc/api/org/apache/catalina/valves/RemoteIpValve.html



On 18 October 2015 at 00:03, Olaf Kock <pe...@ol...> wrote:

> Hi Ant,
>
> I'm not sure about nginx, but this frequently happens with Apache as well.
> I can tell you how to fix it there, you'll have to do the "translation" to
> nginx yourself...
>
> When you forward from Apache to (e.g.) tomcat through HTTP, you're
> creating a new HTTP request on Apache, legitimately this comes from
> 127.0.0.1. Typically this also looses the original Hostname (as it only
> carries whatever Apache needs to access your tomcat instance). Also tomcat
> believes it's serving content on port 8080 and generates URLs according to
> this.
>
> One way to fix it is to forward not through HTTP but through AJP - on
> Apache mod_jk is an option.
>
> There are numerous options that carry the original request's properties
> forward to tomcat, signalling to tomcat that it's behind a proxy.
> "ProxyPreserveHost On" is one of them, so that Tomcat gets an idea of the
> original Hostname. There's certainly one that forwards the original host's
> IP, I'm suspecting something similar to "x-forwarded-for", a typical proxy
> header.
>
> Sorry, not a full solution, but maybe enough food for thought to get you
> onto the right track. Please report back with the solution if this has
> helped finding it. Or report back if it hasn't - maybe someone else has the
> setup ready to go and can share as well.
>
> Cheers,
> Olaf
>
>
> Am 15.10.2015 um 22:12 schrieb Ant Kutschera:
>
> Hi,
>
> I have come across an interesting problem when pebble is deployed behind a
> reverse proxy (e.g. nginx).
>
> If I log in to my blog and post a comment, then 127.0.0.1 is added to the
> whitelist, because pebble sees the request coming from localhost (the
> reverse proxy) rather than from the internet.  That then opens up my blog
> for anyone in the world to create a comment, because when they do, it too
> is viewed as coming from localhost, which is now on the whitelist :-)
>
> Either I have nginx setup wrong, and it should be passing pebble the
> outside IP address (help please?) or this is a bug/feature-request in
> pebble.
>
> Has anyone else had this problem? I using Pebble 2.4.
>
> Thanks,
> Ant
>
>
>
>
> ------------------------------------------------------------------------------
>
>
>
> _______________________________________________
> Pebble-user mailing lis...@li...https://lists.sourceforge.net/lists/listinfo/pebble-user
>
>
>
>
> ------------------------------------------------------------------------------
>
> _______________________________________________
> Pebble-user mailing list
> Peb...@li...
> https://lists.sourceforge.net/lists/listinfo/pebble-user
>
>

Re: [pebble-user] Problem with Comments in Pebble 2.4

[Olaf K. <pe...@ol...>]

Hi Ant,

I'm not sure about nginx, but this frequently happens with Apache as
well. I can tell you how to fix it there, you'll have to do the
"translation" to nginx yourself...

When you forward from Apache to (e.g.) tomcat through HTTP, you're
creating a new HTTP request on Apache, legitimately this comes from
127.0.0.1. Typically this also looses the original Hostname (as it only
carries whatever Apache needs to access your tomcat instance). Also
tomcat believes it's serving content on port 8080 and generates URLs
according to this.

One way to fix it is to forward not through HTTP but through AJP - on
Apache mod_jk is an option.

There are numerous options that carry the original request's properties
forward to tomcat, signalling to tomcat that it's behind a proxy.
"ProxyPreserveHost On" is one of them, so that Tomcat gets an idea of
the original Hostname. There's certainly one that forwards the original
host's IP, I'm suspecting something similar to "x-forwarded-for", a
typical proxy header.

Sorry, not a full solution, but maybe enough food for thought to get you
onto the right track. Please report back with the solution if this has
helped finding it. Or report back if it hasn't - maybe someone else has
the setup ready to go and can share as well.

Cheers,
Olaf

Am 15.10.2015 um 22:12 schrieb Ant Kutschera:
> Hi,
>
> I have come across an interesting problem when pebble is deployed
> behind a reverse proxy (e.g. nginx).
>
> If I log in to my blog and post a comment, then 127.0.0.1 is added to
> the whitelist, because pebble sees the request coming from localhost
> (the reverse proxy) rather than from the internet.  That then opens up
> my blog for anyone in the world to create a comment, because when they
> do, it too is viewed as coming from localhost, which is now on the
> whitelist :-)
>
> Either I have nginx setup wrong, and it should be passing pebble the
> outside IP address (help please?) or this is a bug/feature-request in
> pebble.
>
> Has anyone else had this problem? I using Pebble 2.4.
>
> Thanks,
> Ant
>
>
>
>
> ------------------------------------------------------------------------------
>
>
> _______________________________________________
> Pebble-user mailing list
> Peb...@li...
> https://lists.sourceforge.net/lists/listinfo/pebble-user

Re: [pebble-user] Problem with Comments in Pebble 2.4

[Ant K. <ant...@gm...>]

Hi,

I have come across an interesting problem when pebble is deployed behind a
reverse proxy (e.g. nginx).

If I log in to my blog and post a comment, then 127.0.0.1 is added to the
whitelist, because pebble sees the request coming from localhost (the
reverse proxy) rather than from the internet.  That then opens up my blog
for anyone in the world to create a comment, because when they do, it too
is viewed as coming from localhost, which is now on the whitelist :-)

Either I have nginx setup wrong, and it should be passing pebble the
outside IP address (help please?) or this is a bug/feature-request in
pebble.

Has anyone else had this problem? I using Pebble 2.4.

Thanks,
Ant

[pebble-user] Upgrade from 2.6.3 to 2.6.5 pebble won't start can't find username.properties

[David B. <da...@da...>]

Howdy, I have upgraded from 2.6.3 to 2.6.5.

2.6.3 is runaway CPU usage.

2.6.5 won't start because the claim is the username.properties file 
cannot be found.

2.6.3 used the same pebble/realm directory and would start as expected.

I have updated pebble.properties the same as always and as needed.

The user is tomcat7

tomcat7 home directory is /var/lib/tomcat7

The permissions and owner are for tomcat7:tomcat7.

Why is pebble so finicky?

Pebble logging follows.

Any suggestions appreciated.

Thanks in advance.

SEVERE: Error while creating security realm
net.sourceforge.pebble.security.SecurityRealmException: 
java.io.FileNotFoundException: 
/var/lib/tomcat7/pebble/realm/username.properties (No such file or 
directory)

[pebble-user] Pebble 2.6.3 gobbling up 35% CPU is 2.6.4 better

[David B. <da...@da...>]

Howdy, my pebble 2.6.3 is gobbling up 35%+ CPU within a minute of class 
loader launch.

Is this fixed in 2.6.4?

Is there release doco on this as a known issue addressed and fixed?

Also, it appears there have been a lot of patches lately from the 
Pieroxy fork of Pebble.

Will these patches find their way into a future version of Pebble?

Please advise, David.

[pebble-user] Secure login page doubles the URI request noun

[David B. <da...@da...>]

Howdy Pebble users, I have a curious situation with a clean new install 
of Pebble 2.6.4.

I built the .war from the download.

Of the standard username.properties is created.

When I attempt to login the 404.jsp page is returned instead (Page not 
found).

When I mouse over the underscored login link in the page footer I get 
this:

http://davidwbrown.xyz:8080/pebble-2.6.4/login.secureaction?redirectUrl=%2Fpebble-2.6.4%2Fpebble-2.6.4%2F

Which translates to this:

http://davidwbrown.xyz:8080/pebble-2.6.4/login.secureaction?redirectUrl=/pebble-2.6.4/pebble-2.6.4/

Understandably the reason for the 404.

Additionally, the login form sidebar page looks like this:

<div id="loginOptionOpenIdArea" class="loginOptionArea">
           <form id="openIdLoginForm" name="openIdloginForm" 
method="post"
                 
action="http://davidwbrown.xyz:8080/pebble-2.6.4/j_spring_openid_security_check">
             <input type="hidden" name="redirectUrl" 
value="/pebble-2.6.4/pebble-2.6.4/"/>

             <div class="field">
               <label for="openIdIdentifier">OpenId</label>
               <input id="openIdIdentifier" type="text" 
name="openid_identifier"/>
             </div>
             <div class="field">
               <label for="openIdRememberMe">Remember me</label>
               <input id="openIdRememberMe" type="checkbox" 
name="_spring_security_remember_me"/>
             </div>
             <div class="loginButtons"><input type="submit" 
value="Login"/></div>
           </form>
         </div>


I have looked at the original code including the bean xml files: 
security etc. but I don't see or understand why pebble is giving this 
response.

This is a new install and I have made no code changes.

If I have the wrong version please advise.

If this is potentially a bug can I get confirmation from those more 
knowledgeable if this is indeed a bug or some configuration issue.

Please advise, David.

Re: [pebble-user] Link to older articles

[James R. <ja...@ja...>]

Hi Emmanuel,

The default theme actually has previous and next links, here's an example
of a blog that I found that is using them:

http://bleaklow.com/

They can be enabled by putting the following in your template.jsp:

<div id="linearNavigation">
    <template:linearNavigation/>
</div>

To see where/how the default theme uses them, see here:

https://github.com/pebbleblog/pebble/blob/master/src/main/webapp/themes/default/template.jsp

If you want a little more control over exactly what is rendered and how
it's rendered, here's the implementation of the linear navigation template
tag:

https://github.com/pebbleblog/pebble/blob/master/src/main/webapp/WEB-INF/fragments/navigation.jspf

Regards,

James

On 30 March 2015 at 05:43, Emmanuel Puybaret <puy...@et...> wrote:

> Hi,
>
> I've been using Pebble during the past 5 years and I'm very happy with it.
> http://www.sweethome3d.com/blog/
>
> Now that there are more and more articles in this blog, I wonder how it's
> possible to add a "Next page" or "More articles" link at the end of the
> main blog page, to let the users discover older articles without using the
> links shown in the "Archives" or Calendar sections.
> Sorry if the question was already answered...
>
> Best regards,
> --
> Emmanuel PUYBARET
> Sweet Home 3D developer
> Email  : puy...@et...
> Web    : http://www.eteks.com
>          http://www.sweethome3d.com
>
>
>
> ------------------------------------------------------------------------------
> Dive into the World of Parallel Programming The Go Parallel Website,
> sponsored
> by Intel and developed in partnership with Slashdot Media, is your hub for
> all
> things parallel software development, from weekly thought leadership blogs
> to
> news, videos, case studies, tutorials and more. Take a look and join the
> conversation now. http://goparallel.sourceforge.net/
> _______________________________________________
> Pebble-user mailing list
> Peb...@li...
> https://lists.sourceforge.net/lists/listinfo/pebble-user
>
>

[pebble-user] Link to older articles

[Emmanuel P. <puy...@et...>]

Hi,

I've been using Pebble during the past 5 years and I'm very happy with it.
http://www.sweethome3d.com/blog/ <http://www.sweethome3d.com/blog/>

Now that there are more and more articles in this blog, I wonder how it's possible to add a "Next page" or "More articles" link at the end of the main blog page, to let the users discover older articles without using the links shown in the "Archives" or Calendar sections.
Sorry if the question was already answered...

Best regards,
--
Emmanuel PUYBARET
Sweet Home 3D developer
Email  : puy...@et... <mailto:puy...@et...>
Web    : http://www.eteks.com <http://www.eteks.com/>
         http://www.sweethome3d.com <http://www.sweethome3d.com/>

Re: [pebble-user] Integration with Java Spring website and SEO help

[James R. <ja...@ja...>]

>
> That's interesting experience. I am using mod_jk for about 10 years and
> mod_proxy_ajp for about 4 years
> on production servers and I have never had such problems. I prefer AJP
> because it forwards the request intact with all
> the available information about remote IP, authenticated user, SSL and so
> on. I use various authentication
> schemes heavily - X509 client certificates (mod_ssl), Shibboleth
> (mod_shib), Kerberos (mod_auth_kerb), LDAP (mod_ldap) -
> and for that AJP is better than plain HTTP proxy that replaces the
> original request with a new request.
> AJP even allows me to forward any Apache internal variables like
> SSL_CLIENT_S_DN which is impossible with HTTP proxy.
>

AJP is fantastic in theory, the implementation is just so crummy.  Like I
said, mostly it works.  But I encountered these problems as the maintainer
of Pebble, where there are thousands of different environments out there,
and also working on Atlassian's hosted services, where there were tens of
thousands of tomcat servers behind Apache reverse proxies.  At that scale,
if there are robustness issues, you're likely to encounter them.

All the issues you mentioned there can be worked around by attaching the
additional info to request headers.


> Best regards
>
> Martin
> --
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> CERIT-SC                               Martin Kuba
> Institute of Computer Science    email: ma...@ic...
> Masaryk University             http://www.ics.muni.cz/~makub/
> Botanicka 68a, 60200 Brno, CZ     mobil: +420-603-533775
> --------------------------------------------------------------
>
>
> ------------------------------------------------------------------------------
> Dive into the World of Parallel Programming The Go Parallel Website,
> sponsored
> by Intel and developed in partnership with Slashdot Media, is your hub for
> all
> things parallel software development, from weekly thought leadership blogs
> to
> news, videos, case studies, tutorials and more. Take a look and join the
> conversation now. http://goparallel.sourceforge.net/
> _______________________________________________
> Pebble-user mailing list
> Peb...@li...
> https://lists.sourceforge.net/lists/listinfo/pebble-user
>

Re: [pebble-user] Integration with Java Spring website and SEO help

[Martin K. <ma...@ic...>]

Dne 24.3.2015 v 00:46 James Roper napsal(a):
> On 24 March 2015 at 01:44, Martin Kuba <ma...@ic... <mailto:ma...@ic...>> wrote:
>     Dne 23.3.2015 v 14:27 David Brown napsal(a):
>     > In the case of Apache this link appears to be definitive:https://sites.google.com/a/ci2s.com.ar/wiki/technics/how-to-run-apache-httpd-and-tomcat-on-port-80-using-mod-proxy
>
>     That information is very outdated. The best way how to connect Apache with Tomcat since Apache version 2.2
>     is to use mod_proxy_ajp which is included in Apache by default, see http://httpd.apache.org/docs/2.2/mod/mod_proxy_ajp.html
>
>
> Personally I wouldn't use AJP.  I switched all my sites that used AJP to mod_proxy years ago.  I have encountered so many bugs and issues in AJP in the past, including responses for one request being returned to another, corrupted responses, etc, including issues that have impacted Pebble, and debugging them is very difficult - sometimes it took days deep analysing packet captures in wireshark to debug the issues.
>
> The problem is, AJP is practically an unspecified protocol - for example, the protocol reference doc was written by someone who was trying to work out how the protocol worked, and finishes with a list of questions that they wanted help answering.  For the most part, it works, but around the edge cases, when the client or server are not behaving well, or when there's new HTTP features or some unusual thing being done, rather than handling these situations gracefully like mod_proxy does, AJP
> prefers to blow up in your face, doing the exact opposite of what you would expect it to do, introducing security issues and all sorts of other loveliness along the way.

That's interesting experience. I am using mod_jk for about 10 years and mod_proxy_ajp for about 4 years
on production servers and I have never had such problems. I prefer AJP because it forwards the request intact with all
the available information about remote IP, authenticated user, SSL and so on. I use various authentication
schemes heavily - X509 client certificates (mod_ssl), Shibboleth (mod_shib), Kerberos (mod_auth_kerb), LDAP (mod_ldap) -
and for that AJP is better than plain HTTP proxy that replaces the original request with a new request.
AJP even allows me to forward any Apache internal variables like SSL_CLIENT_S_DN which is impossible with HTTP proxy.

Best regards

Martin
-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
CERIT-SC                               Martin Kuba
Institute of Computer Science    email: ma...@ic...
Masaryk University             http://www.ics.muni.cz/~makub/
Botanicka 68a, 60200 Brno, CZ     mobil: +420-603-533775
--------------------------------------------------------------

Re: [pebble-user] Integration with Java Spring website and SEO help

[James R. <ja...@ja...>]

On 24 March 2015 at 01:44, Martin Kuba <ma...@ic...> wrote:

> Dne 23.3.2015 v 14:27 David Brown napsal(a):
> > Howdy, it appears there will be no immediate response.
> >
> > FWIW: I ran Pebble for many years @ port 8080.
> >
> > I don't know if your SEO research is correct but running Pebble @ say
> port 80 would depend upon which HTTPd your are running.
> >
> > In the case of Apache this link appears to be definitive:
> https://sites.google.com/a/ci2s.com.ar/wiki/technics/how-to-run-apache-httpd-and-tomcat-on-port-80-using-mod-proxy
>
> That information is very outdated. The best way how to connect Apache with
> Tomcat since Apache version 2.2
> is to use mod_proxy_ajp which is included in Apache by default, see
> http://httpd.apache.org/docs/2.2/mod/mod_proxy_ajp.html


Personally I wouldn't use AJP.  I switched all my sites that used AJP to
mod_proxy years ago.  I have encountered so many bugs and issues in AJP in
the past, including responses for one request being returned to another,
corrupted responses, etc, including issues that have impacted Pebble, and
debugging them is very difficult - sometimes it took days deep analysing
packet captures in wireshark to debug the issues.

The problem is, AJP is practically an unspecified protocol - for example,
the protocol reference doc was written by someone who was trying to work
out how the protocol worked, and finishes with a list of questions that
they wanted help answering.  For the most part, it works, but around the
edge cases, when the client or server are not behaving well, or when
there's new HTTP features or some unusual thing being done, rather than
handling these situations gracefully like mod_proxy does, AJP prefers to
blow up in your face, doing the exact opposite of what you would expect it
to do, introducing security issues and all sorts of other loveliness along
the way.


>
> Best regards
>
> Martin
> --
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> CERIT-SC                               Martin Kuba
> Institute of Computer Science    email: ma...@ic...
> Masaryk University             http://www.ics.muni.cz/~makub/
> Botanicka 68a, 60200 Brno, CZ     mobil: +420-603-533775
> --------------------------------------------------------------
>
>
> ------------------------------------------------------------------------------
> Dive into the World of Parallel Programming The Go Parallel Website,
> sponsored
> by Intel and developed in partnership with Slashdot Media, is your hub for
> all
> things parallel software development, from weekly thought leadership blogs
> to
> news, videos, case studies, tutorials and more. Take a look and join the
> conversation now. http://goparallel.sourceforge.net/
> _______________________________________________
> Pebble-user mailing list
> Peb...@li...
> https://lists.sourceforge.net/lists/listinfo/pebble-user
>

Re: [pebble-user] Integration with Java Spring website and SEO help

[Martin K. <ma...@ic...>]

Dne 23.3.2015 v 14:27 David Brown napsal(a):
> Howdy, it appears there will be no immediate response.
>
> FWIW: I ran Pebble for many years @ port 8080.
>
> I don't know if your SEO research is correct but running Pebble @ say port 80 would depend upon which HTTPd your are running.
>
> In the case of Apache this link appears to be definitive: https://sites.google.com/a/ci2s.com.ar/wiki/technics/how-to-run-apache-httpd-and-tomcat-on-port-80-using-mod-proxy

That information is very outdated. The best way how to connect Apache with Tomcat since Apache version 2.2
is to use mod_proxy_ajp which is included in Apache by default, see http://httpd.apache.org/docs/2.2/mod/mod_proxy_ajp.html

Best regards

Martin
-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
CERIT-SC                               Martin Kuba
Institute of Computer Science    email: ma...@ic...
Masaryk University             http://www.ics.muni.cz/~makub/
Botanicka 68a, 60200 Brno, CZ     mobil: +420-603-533775
--------------------------------------------------------------

Re: [pebble-user] Integration with Java Spring website and SEO help

[David B. <da...@da...>]

Howdy, it appears there will be no immediate response.

FWIW: I ran Pebble for many years @ port 8080.

I don't know if your SEO research is correct but running Pebble @ say
port 80 would depend upon which HTTPd your are running.

In the case of Apache this link appears to be definitive:
https://sites.google.com/a/ci2s.com.ar/wiki/technics/how-to-run-apache-httpd-and-tomcat-on-port-80-using-mod-proxy

The only caveat is previously Apache did not come with mod-proxy
compiled in so if this is still the case you will have to custom compile
Apache before this will work.

If you are using another HTTPd, say, nginx you will have to find the
docs as posted above.

Update this thread if this works for you.

Regards.

On 03/21/2015 01:19 PM, M. Fervil wrote:
> Can someone please help with the following 2 questions:
>
> 1) Will implementing a blog for my existing website with Pebble help with SEO and google ranking of my existing site?
>
> 2) How do I integrate Pebble with my existing Java/Spring website, is there any documentation on this?  Right now I have Pebble deployed as a separate application, but from what I've read, to get the SEO benefits of a blog, the blog needs to exist in the same domain, inside the same application in a sub-folder of that application.  How do I accomplish this?
>
> Thank you much for your help.
>
> Regards,
> Marc
>
>
>
>
> ------------------------------------------------------------------------------
> Dive into the World of Parallel Programming The Go Parallel Website, sponsored
> by Intel and developed in partnership with Slashdot Media, is your hub for all
> things parallel software development, from weekly thought leadership blogs to
> news, videos, case studies, tutorials and more. Take a look and join the 
> conversation now. http://goparallel.sourceforge.net/
>
>
> _______________________________________________
> Pebble-user mailing list
> Peb...@li...
> https://lists.sourceforge.net/lists/listinfo/pebble-user

[pebble-user] Integration with Java Spring website and SEO help

[M. F. <mf...@ya...>]

Can someone please help with the following 2 questions:

1) Will implementing a blog for my existing website with Pebble help with SEO and google ranking of my existing site?

2) How do I integrate Pebble with my existing Java/Spring website, is there any documentation on this?  Right now I have Pebble deployed as a separate application, but from what I've read, to get the SEO benefits of a blog, the blog needs to exist in the same domain, inside the same application in a sub-folder of that application.  How do I accomplish this?

Thank you much for your help.

Regards,
Marc

Re: [pebble-user] A few pull requests to come

[David F. <dav...@zi...>]

Sorry my apologies. You are right. I was confusing Pebble with JForum. The problem was with JForum, not Pebble.


> On Nov 10, 2014, at 11:49 AM, pieroxy <pi...@pi...> wrote:
> 
> I'm not sure I'm following you... Pebble is a blogging software, not a forum software. Random users from the internet can leave a comment to an entry (even putting their home page in it) but they cannot create an account.
> 
> I was also using a forum soft back in the days (jforum) and was having this problem. With Pebble, there is no such thing as a profile page for other users than the editors. Or I'm missing something ;-)
> 
> On Mon, Nov 10, 2014 at 4:56 PM, David Ferrero <dav...@zi... <mailto:dav...@zi...>> wrote:
> I enabled comment moderation so that wasn't my problem. The problem was that spam bots would create new users programmatically, someone they were able to succeed with the CAPTCHA module, and they could create new users easily. The user's profile is where the spam bots would insert a URL to a web page they wanted other forum users to visit....or to skew Google's search engine results, by having more links to your website, Google ranks your website more popular and thus your website ends up on page one or two of a user's search...   I could not figure out how to prevent the spambots from creating new users, even when my forum software would send an email they would have to clink to activate their membership.   If I could have moderated that, at least I could delete requests that had links in the user profile...
> 
> 
>> On Nov 9, 2014, at 2:53 PM, pieroxy <pi...@pi... <mailto:pi...@pi...>> wrote:
>> 
>> I am lucky I guess that I have few users and I can moderate comments one by one, so I've never run into these issues. Once moderated once on one device, the user can then post again without me worrying about approving his/her comments. Works fine for me so far.
>> 
>> As to spamming, one way could be to only moderate comments with links in them. I don't know if there is a pluggin for that, but it's surely very easy to make one. 
>> 
>> On Sun, Nov 9, 2014 at 8:01 PM, David Ferrero <dav...@zi... <mailto:dav...@zi...>> wrote:
>> I ran pebble for several years but even with captcha enabled for registration it seems boys could create new users and they could post spam links in their profile. Was there ever a way to make it more secure?
>> 
>> > On Nov 9, 2014, at 1:54 PM, pieroxy <pi...@pi... <mailto:pi...@pi...>> wrote:
>> >
>> > Hi,
>> >
>> > I'm back into updating Pebble for my own needs. I already submitted a pull request with a few cleanup I had in my local repo for about a couple of years. I also plan a few things:
>> >
>> > 1. Implementing a bit of OpenGraph for Facebook shares and likes
>> > 2. Probably implementing other rich tagging such as microformats2 or Schema.org <http://schema.org/>, I've not yet decided
>> > 3. Implementing "share/like" buttons for most social networks
>> >
>> > Note that I've already implemented most of this stuff on my own blog instance in the hacky way, so I'll just be pushing back stuff.
>> >
>> > For #3 if you have an implementation preference I'm all ears.
>> >
>> > I hope you have time to review/accept pull requests
>> >
>> > --
>> > -- pieroxy
>> > ------------------------------------------------------------------------------
>> > _______________________________________________
>> > Pebble-user mailing list
>> > Peb...@li... <mailto:Peb...@li...>
>> > https://lists.sourceforge.net/lists/listinfo/pebble-user <https://lists.sourceforge.net/lists/listinfo/pebble-user>
>> 
>> ------------------------------------------------------------------------------
>> _______________________________________________
>> Pebble-user mailing list
>> Peb...@li... <mailto:Peb...@li...>
>> https://lists.sourceforge.net/lists/listinfo/pebble-user <https://lists.sourceforge.net/lists/listinfo/pebble-user>
>> 
>> 
>> 
>> -- 
>> -- pieroxy
>> ------------------------------------------------------------------------------
>> _______________________________________________
>> Pebble-user mailing list
>> Peb...@li... <mailto:Peb...@li...>
>> https://lists.sourceforge.net/lists/listinfo/pebble-user <https://lists.sourceforge.net/lists/listinfo/pebble-user>
> 
> 
> ------------------------------------------------------------------------------
> 
> _______________________________________________
> Pebble-user mailing list
> Peb...@li... <mailto:Peb...@li...>
> https://lists.sourceforge.net/lists/listinfo/pebble-user <https://lists.sourceforge.net/lists/listinfo/pebble-user>
> 
> 
> 
> 
> -- 
> -- pieroxy
> ------------------------------------------------------------------------------
> _______________________________________________
> Pebble-user mailing list
> Peb...@li...
> https://lists.sourceforge.net/lists/listinfo/pebble-user

Re: [pebble-user] A few pull requests to come

[pieroxy <pi...@pi...>]

I'm not sure I'm following you... Pebble is a blogging software, not a
forum software. Random users from the internet can leave a comment to an
entry (even putting their home page in it) but they cannot create an
account.

I was also using a forum soft back in the days (jforum) and was having this
problem. With Pebble, there is no such thing as a profile page for other
users than the editors. Or I'm missing something ;-)

On Mon, Nov 10, 2014 at 4:56 PM, David Ferrero <dav...@zi...>
wrote:

> I enabled comment moderation so that wasn't my problem. The problem was
> that spam bots would create new users programmatically, someone they were
> able to succeed with the CAPTCHA module, and they could create new users
> easily. The user's profile is where the spam bots would insert a URL to a
> web page they wanted other forum users to visit....or to skew Google's
> search engine results, by having more links to your website, Google ranks
> your website more popular and thus your website ends up on page one or two
> of a user's search...   I could not figure out how to prevent the spambots
> from creating new users, even when my forum software would send an email
> they would have to clink to activate their membership.   If I could have
> moderated that, at least I could delete requests that had links in the user
> profile...
>
>
> On Nov 9, 2014, at 2:53 PM, pieroxy <pi...@pi...> wrote:
>
> I am lucky I guess that I have few users and I can moderate comments one
> by one, so I've never run into these issues. Once moderated once on one
> device, the user can then post again without me worrying about approving
> his/her comments. Works fine for me so far.
>
> As to spamming, one way could be to only moderate comments with links in
> them. I don't know if there is a pluggin for that, but it's surely very
> easy to make one.
>
> On Sun, Nov 9, 2014 at 8:01 PM, David Ferrero <dav...@zi...>
> wrote:
>
>> I ran pebble for several years but even with captcha enabled for
>> registration it seems boys could create new users and they could post spam
>> links in their profile. Was there ever a way to make it more secure?
>>
>> > On Nov 9, 2014, at 1:54 PM, pieroxy <pi...@pi...> wrote:
>> >
>> > Hi,
>> >
>> > I'm back into updating Pebble for my own needs. I already submitted a
>> pull request with a few cleanup I had in my local repo for about a couple
>> of years. I also plan a few things:
>> >
>> > 1. Implementing a bit of OpenGraph for Facebook shares and likes
>> > 2. Probably implementing other rich tagging such as microformats2 or
>> Schema.org, I've not yet decided
>> > 3. Implementing "share/like" buttons for most social networks
>> >
>> > Note that I've already implemented most of this stuff on my own blog
>> instance in the hacky way, so I'll just be pushing back stuff.
>> >
>> > For #3 if you have an implementation preference I'm all ears.
>> >
>> > I hope you have time to review/accept pull requests
>> >
>> > --
>> > -- pieroxy
>> >
>> ------------------------------------------------------------------------------
>> > _______________________________________________
>> > Pebble-user mailing list
>> > Peb...@li...
>> > https://lists.sourceforge.net/lists/listinfo/pebble-user
>>
>>
>> ------------------------------------------------------------------------------
>> _______________________________________________
>> Pebble-user mailing list
>> Peb...@li...
>> https://lists.sourceforge.net/lists/listinfo/pebble-user
>>
>
>
>
> --
> -- pieroxy
>
> ------------------------------------------------------------------------------
> _______________________________________________
> Pebble-user mailing list
> Peb...@li...
> https://lists.sourceforge.net/lists/listinfo/pebble-user
>
>
>
>
> ------------------------------------------------------------------------------
>
> _______________________________________________
> Pebble-user mailing list
> Peb...@li...
> https://lists.sourceforge.net/lists/listinfo/pebble-user
>
>


-- 
-- pieroxy

Re: [pebble-user] A few pull requests to come

[David F. <dav...@zi...>]

I enabled comment moderation so that wasn't my problem. The problem was that spam bots would create new users programmatically, someone they were able to succeed with the CAPTCHA module, and they could create new users easily. The user's profile is where the spam bots would insert a URL to a web page they wanted other forum users to visit....or to skew Google's search engine results, by having more links to your website, Google ranks your website more popular and thus your website ends up on page one or two of a user's search...   I could not figure out how to prevent the spambots from creating new users, even when my forum software would send an email they would have to clink to activate their membership.   If I could have moderated that, at least I could delete requests that had links in the user profile...


> On Nov 9, 2014, at 2:53 PM, pieroxy <pi...@pi...> wrote:
> 
> I am lucky I guess that I have few users and I can moderate comments one by one, so I've never run into these issues. Once moderated once on one device, the user can then post again without me worrying about approving his/her comments. Works fine for me so far.
> 
> As to spamming, one way could be to only moderate comments with links in them. I don't know if there is a pluggin for that, but it's surely very easy to make one. 
> 
> On Sun, Nov 9, 2014 at 8:01 PM, David Ferrero <dav...@zi... <mailto:dav...@zi...>> wrote:
> I ran pebble for several years but even with captcha enabled for registration it seems boys could create new users and they could post spam links in their profile. Was there ever a way to make it more secure?
> 
> > On Nov 9, 2014, at 1:54 PM, pieroxy <pi...@pi... <mailto:pi...@pi...>> wrote:
> >
> > Hi,
> >
> > I'm back into updating Pebble for my own needs. I already submitted a pull request with a few cleanup I had in my local repo for about a couple of years. I also plan a few things:
> >
> > 1. Implementing a bit of OpenGraph for Facebook shares and likes
> > 2. Probably implementing other rich tagging such as microformats2 or Schema.org, I've not yet decided
> > 3. Implementing "share/like" buttons for most social networks
> >
> > Note that I've already implemented most of this stuff on my own blog instance in the hacky way, so I'll just be pushing back stuff.
> >
> > For #3 if you have an implementation preference I'm all ears.
> >
> > I hope you have time to review/accept pull requests
> >
> > --
> > -- pieroxy
> > ------------------------------------------------------------------------------
> > _______________________________________________
> > Pebble-user mailing list
> > Peb...@li... <mailto:Peb...@li...>
> > https://lists.sourceforge.net/lists/listinfo/pebble-user <https://lists.sourceforge.net/lists/listinfo/pebble-user>
> 
> ------------------------------------------------------------------------------
> _______________________________________________
> Pebble-user mailing list
> Peb...@li... <mailto:Peb...@li...>
> https://lists.sourceforge.net/lists/listinfo/pebble-user <https://lists.sourceforge.net/lists/listinfo/pebble-user>
> 
> 
> 
> -- 
> -- pieroxy
> ------------------------------------------------------------------------------
> _______________________________________________
> Pebble-user mailing list
> Peb...@li...
> https://lists.sourceforge.net/lists/listinfo/pebble-user

Re: [pebble-user] A few pull requests to come

[pieroxy <pi...@pi...>]

I am lucky I guess that I have few users and I can moderate comments one by
one, so I've never run into these issues. Once moderated once on one
device, the user can then post again without me worrying about approving
his/her comments. Works fine for me so far.

As to spamming, one way could be to only moderate comments with links in
them. I don't know if there is a pluggin for that, but it's surely very
easy to make one.

On Sun, Nov 9, 2014 at 8:01 PM, David Ferrero <dav...@zi...>
wrote:

> I ran pebble for several years but even with captcha enabled for
> registration it seems boys could create new users and they could post spam
> links in their profile. Was there ever a way to make it more secure?
>
> > On Nov 9, 2014, at 1:54 PM, pieroxy <pi...@pi...> wrote:
> >
> > Hi,
> >
> > I'm back into updating Pebble for my own needs. I already submitted a
> pull request with a few cleanup I had in my local repo for about a couple
> of years. I also plan a few things:
> >
> > 1. Implementing a bit of OpenGraph for Facebook shares and likes
> > 2. Probably implementing other rich tagging such as microformats2 or
> Schema.org, I've not yet decided
> > 3. Implementing "share/like" buttons for most social networks
> >
> > Note that I've already implemented most of this stuff on my own blog
> instance in the hacky way, so I'll just be pushing back stuff.
> >
> > For #3 if you have an implementation preference I'm all ears.
> >
> > I hope you have time to review/accept pull requests
> >
> > --
> > -- pieroxy
> >
> ------------------------------------------------------------------------------
> > _______________________________________________
> > Pebble-user mailing list
> > Peb...@li...
> > https://lists.sourceforge.net/lists/listinfo/pebble-user
>
>
> ------------------------------------------------------------------------------
> _______________________________________________
> Pebble-user mailing list
> Peb...@li...
> https://lists.sourceforge.net/lists/listinfo/pebble-user
>



-- 
-- pieroxy