| *** alga has quit IRC | 00:15 | |
| *** tdoggette has joined #schooltool | 00:37 | |
| *** Lumiere has quit IRC | 01:13 | |
| *** didymo has joined #schooltool | 01:35 | |
| *** tdoggette has quit IRC | 02:30 | |
| *** tdoggette has joined #schooltool | 05:02 | |
| *** alga has joined #SchoolTool | 09:12 | |
| *** didymo has quit IRC | 13:54 | |
| *** ignas has joined #schooltool | 14:12 | |
| *** alga has quit IRC | 14:43 | |
| *** alga has joined #SchoolTool | 14:58 | |
| *** ignas has quit IRC | 15:09 | |
| *** wbrady has joined #schooltool | 15:38 | |
| *** wbrady has quit IRC | 15:53 | |
| *** ignas has joined #schooltool | 16:31 | |
| *** mgedmin has joined #schooltool | 16:48 | |
| *** wbrady has joined #schooltool | 17:00 | |
| aelkner__ | hey ignas | 17:54 |
|---|---|---|
| ignas | hi | 17:54 |
| aelkner__ | i found another bug | 17:54 |
| aelkner__ | you see, i was using my sla setup | 17:55 |
| aelkner__ | and it overrides app view | 17:55 |
| aelkner__ | so it never went through the path of calendar | 17:55 |
| aelkner__ | after what you said yesterday i disabled my override | 17:56 |
| aelkner__ | and that cuased the calendar to come up without going to CAS server as you suggested | 17:56 |
| aelkner__ | however | 17:56 |
| aelkner__ | when i the clicked on log in, it took me to the CAS server | 17:56 |
| aelkner__ | but when i filled in the credentials | 17:57 |
| aelkner__ | it returned me to a failed page | 17:57 |
| aelkner__ | that's because the bug was | 17:57 |
| aelkner__ | that url=localhost:7080/auth/login | 17:57 |
| aelkner__ | that page dosen't exist | 17:57 |
| aelkner__ | so i changed the login view to pas CAS url = localhost:7080 | 17:58 |
| aelkner__ | that way it returned with no problem | 17:58 |
| ignas | hmm | 17:58 |
| ignas | i guess it's a sane thing to do | 17:58 |
| aelkner__ | i don't remember what you told me about lyceum using CAS | 17:59 |
| aelkner__ | did you say they are currently using it? | 17:59 |
| ignas | no | 17:59 |
| aelkner__ | oh | 17:59 |
| ignas | i said they were not using it at the moment | 17:59 |
| aelkner__ | ok, never mind | 17:59 |
| aelkner__ | so despite the frustration i have experienced over the past past couple of weeks | 18:00 |
| aelkner__ | i have really learned some great things | 18:00 |
| aelkner__ | and i developed, out of necessity, a great trace debugging tool | 18:00 |
| aelkner__ | i basically wrote a stack trace tool that prints out the stack | 18:01 |
| ignas | cool | 18:01 |
| aelkner__ | with selected local variables under the methods that they belong to | 18:01 |
| ignas | by the way - if you will ever want to add stub CAS server to functional tests - the secret is to make it ++etc++CAS for example, that would go around schooltool authentication utilities | 18:01 |
| ignas | preventing double authentication attempts | 18:01 |
| ignas | or ++cas++ | 18:02 |
| ignas | putting it outside of "site" | 18:02 |
| ignas | just in case you'll ever need that | 18:02 |
| th1a | ignas: Does this look sane? http://bazaar.launchpad.net/~schooltool-owners/schooltool/users-guide/annotate/hoffman%40stone-20080618150023-rv5xmqd4ec6h5k3h?file_id=readme.txt-20080618150011-539eghmspshd9nym-1 | 18:02 |
| ignas | th1a: i have an allergy for lines over 80 characters long | 18:03 |
| th1a | OK, it is an insane URL... | 18:03 |
| ignas | make html is enough | 18:03 |
| ignas | no not url | 18:03 |
| ignas | the text file ;) | 18:03 |
| th1a | Oh, right. | 18:03 |
| ignas | make html will do "bootstrap.py" | 18:03 |
| ignas | if it does not - i'll fix it! ;) | 18:04 |
| th1a | OK. | 18:05 |
| aelkner__ | ignas: sorry, i'm not sure what you meant with the whole ++cas++ thing above | 18:06 |
| ignas | aelkner__: the problem with having CAS stub server as plain views on schooltool is that these views are "in the site" | 18:06 |
| ignas | the site is the schooltool application, so it uses local authentication utilities | 18:07 |
| ignas | which messes things up | 18:07 |
| aelkner__ | ah | 18:07 |
| ignas | if you put the CAS server outside of the site | 18:07 |
| ignas | by using namespaces | 18:07 |
| ignas | you get around the site utilities | 18:07 |
| aelkner__ | how does it authorize? | 18:07 |
| ignas | I had to do the reverse to make ++etc++process views | 18:07 |
| ignas | actually use schooltool authentication | 18:08 |
| ignas | i think it uses Zope3 authenticatio mechanism, principals in zcml | 18:08 |
| ignas | so if you put zope.Public | 18:08 |
| ignas | as the permission - you just shortcircuit it | 18:08 |
| ignas | to not look for anything anywhere I think | 18:08 |
| aelkner__ | do you think we could hold off on my looking into that for now and look at that together in Vilnius? | 18:09 |
| aelkner__ | i can finish up the unit tests either today or tomorrow | 18:10 |
| ignas | yeah, i know you won't do that now | 18:10 |
| aelkner__ | and then maybe work on the functional tests after Vilnius | 18:10 |
| ignas | i just wanted you to know that there *is* a solution | 18:10 |
| aelkner__ | cool | 18:10 |
| aelkner__ | so can i run a trace by you real quick | 18:10 |
| aelkner__ | verbally, that is | 18:10 |
| aelkner__ | i've saved it in a doc for my sanity and to share it | 18:11 |
| aelkner__ | i can just post it here cause it's only ten or so lines | 18:11 |
| ignas | lisppaste5: url | 18:11 |
| lisppaste5 | To use the lisppaste bot, visit http://paste.lisp.org/new/schooltool and enter your paste. | 18:11 |
| ignas | would be a bit better | 18:11 |
| ignas | :) | 18:11 |
| ignas | it gives syntax hightlighting ;) | 18:12 |
| aelkner__ | it's only words | 18:12 |
| aelkner__ | no code | 18:12 |
| ignas | oh | 18:12 |
| aelkner__ | here goes | 18:12 |
| aelkner__ | i clear the session cookies and visit localhost:7080 for the first time | 18:12 |
| aelkner__ | zope's publisher traverses to app and calls plugin which redirects to CAS, service=localhost:7080?CAS=1 | 18:12 |
| aelkner__ | publisher continues traversing to app/index.html which calls plugin which redirects to CAS, same service | 18:12 |
| aelkner__ | publisher calls index.html view of app which redirects to localhost:7080/calendar | 18:12 |
| aelkner__ | publisher seems to start over traversing to calender view of app | 18:12 |
| aelkner__ | this would seem to be a result of the redirect to localhost:7080/calendar | 18:12 |
| aelkner__ | perhaps last redirect is the one that counts | 18:12 |
| aelkner__ | as a result it ignoring the CAS redirects | 18:12 |
| aelkner__ | anyway, traversal to calender view of app causes plugin to redirect to CAS again, | 18:12 |
| aelkner__ | this time with service = localhost:7080/calendar?CAS=1 | 18:12 |
| aelkner__ | publisher starts over again, but this time for localhost:7080/calendar?CAS=1 | 18:12 |
| aelkner__ | this causes plugin NOT to redirect to CAS, but rather save the None principal in the session | 18:12 |
| aelkner__ | (as ignas explained yesterday) | 18:12 |
| aelkner__ | the calendar is finally rendered in the browser | 18:12 |
| aelkner__ | a couple of questions about this | 18:13 |
| aelkner__ | is it true that a second redirect (or third or fourth) blows away the preceeding one? | 18:14 |
| aelkner__ | it would seem to be the case | 18:14 |
| ignas | yes, the redirect does not "happen" you just set the response to be a redirect, it will only happen when that response will get rendered | 18:14 |
| aelkner__ | when the publisher exist, right? | 18:15 |
| ignas | yes | 18:15 |
| aelkner__ | good, then i understand that better now | 18:15 |
| aelkner__ | second question | 18:15 |
| aelkner__ | you see the part where the publisher starts again with localhost:7080/calendar?CAS= | 18:16 |
| aelkner__ | CAS=1 | 18:16 |
| aelkner__ | how did that happen when the rediret was for the CAS server | 18:16 |
| aelkner__ | it would seem that the CAS server redirected back to use | 18:16 |
| aelkner__ | us | 18:16 |
| aelkner__ | using the service? | 18:16 |
| ignas | the localhost/calendar?CAS=1 was the "parameter" for the CAS server | 18:16 |
| aelkner__ | but why would it not force a log in | 18:17 |
| ignas | that told CAS server where to redirect us *after* the authentication | 18:17 |
| aelkner__ | but i wasn't forced to authenticate | 18:17 |
| ignas | well - because there is "if "CAS" in request: DO NOT AUTHENTICATE" | 18:17 |
| aelkner__ | wait | 18:17 |
| ignas | hmm, oh | 18:17 |
| ignas | yeah | 18:17 |
| ignas | i think there is a way to tell CAS to "just return the token, do not show the form" | 18:18 |
| ignas | can't recall precisely now | 18:18 |
| aelkner__ | i was hoping to not have to look at the ruby code just yet | 18:19 |
| ignas | looking at the code | 18:19 |
| ignas | the parameter is gateway=true | 18:19 |
| ignas | can't tell you exactly what it does | 18:20 |
| ignas | CAS documentation should tell you | 18:20 |
| ignas | but it is "the machine" interface for CAS | 18:20 |
| ignas | so "authenticate" method | 18:20 |
| ignas | only tries to "authenticate" | 18:20 |
| ignas | find out who you are, without enforcing that | 18:20 |
| ignas | while if you are "unauthorized" to see something | 18:20 |
| ignas | then the utility forces you to enter login and password | 18:21 |
| ignas | instead of just "querying" the server | 18:21 |
| aelkner__ | the renew flag | 18:21 |
| aelkner__ | right? | 18:21 |
| ignas | no | 18:22 |
| ignas | just plain login request | 18:22 |
| *** Lumiere has joined #schooltool | 18:22 | |
| ignas | without gateway=true | 18:23 |
| aelkner__ | oh, gateway makes it not force login | 18:23 |
| aelkner__ | but i seem to remember needing to add renew to unauthorized to stop the infinite redirects | 18:24 |
| ignas | well - you can "ask for login" | 18:25 |
| ignas | "ask for login, but if there is none - just make it go back" | 18:25 |
| ignas | and "ask for login forcing it even if there already is a login" | 18:25 |
| aelkner__ | that's the renew | 18:26 |
| aelkner__ | right? | 18:26 |
| ignas | the last one is revew | 18:26 |
| ignas | the second one is "gateway" | 18:26 |
| ignas | the first one is the default mode of operation | 18:27 |
| aelkner__ | where do you find the docs for rubycas? | 18:30 |
| ignas | emm | 18:31 |
| ignas | not sure about rubycas | 18:31 |
| ignas | i used the CAS docs | 18:31 |
| ignas | i mean - rubycas is just an implementation of the standard protocol | 18:31 |
| aelkner__ | could you give me a link to the CAS docs? | 18:32 |
| ignas | http://www.ja-sig.org/products/cas/overview/cas1_architecture/index.html | 18:33 |
| aelkner__ | i just have the google code page | 18:33 |
| aelkner__ | ah that's better | 18:33 |
| aelkner__ | thanks | 18:33 |
| ignas | http://www.ja-sig.org/products/cas/overview/protocol/index.html | 18:34 |
| ignas | http://www.ja-sig.org/products/cas/ is the website of the more or less reference implementation | 18:34 |
| ignas | of CAS | 18:34 |
| aelkner__ | that's a great site | 18:34 |
| aelkner__ | that will prove most helpful | 18:34 |
| aelkner__ | this way i'll understand why you coded it the way you did | 18:35 |
| aelkner__ | ignas: i got dropped off the network | 18:40 |
| aelkner__ | did you send any messages after i said "this way i'll understand why you coded it the way you did" | 18:40 |
| aelkner__ | if you did, i missed them | 18:41 |
| th1a | No. | 18:41 |
| aelkner__ | thatnks th1a | 18:42 |
| aelkner__ | th1a: i | 18:42 |
| aelkner__ | i'm going to study the cas situation another day to try and understand as much as i can | 18:42 |
| aelkner__ | and i'll finish the unit tests either today or tomorrow | 18:43 |
| aelkner__ | at EuroPython, we should talk functional tests | 18:43 |
| aelkner__ | that i could work on when i return | 18:43 |
| aelkner__ | sound like a plan? | 18:43 |
| *** alga_ has joined #SchoolTool | 18:44 | |
| th1a | That sounds reasonable. | 18:45 |
| *** alga has quit IRC | 18:58 | |
| *** alga_ has quit IRC | 19:01 | |
| *** alga has joined #SchoolTool | 19:01 | |
| *** jelkner has joined #schooltool | 19:24 | |
| jelkner | wbrady: u there? | 19:24 |
| jelkner | anybody home? | 19:29 |
| jelkner | the cando meeting starts now, doesn't it? | 19:30 |
| *** wbrady has quit IRC | 20:00 | |
| *** wbrady has joined #schooltool | 20:12 | |
| *** jelkner has quit IRC | 20:27 | |
| *** jelkner has joined #schooltool | 20:53 | |
| *** ignas has quit IRC | 20:55 | |
| wbrady | jelkner: did you need me earlier? | 20:58 |
| *** mgedmin has quit IRC | 20:59 | |
| jelkner | wbrady: 5735 is not answering | 21:18 |
| *** jelkner has quit IRC | 21:19 | |
| *** alga has quit IRC | 21:32 | |
| *** wbrady has quit IRC | 22:06 | |
| *** th1a_ has joined #schooltool | 23:30 | |
| *** th1a has quit IRC | 23:44 | |
| *** tdoggette has quit IRC | 23:47 | |
Generated by irclog2html.py 2.15.1 by Marius Gedminas - find it at mg.pov.lt!