...
- Kevin
Re-implemented Tomcat Roles PrincipalProvider based on feedback from Andrew Woods and others
Working on Pick-up fcrepo4 snapshot dependencies in fcrepo-jms-indexer-pluggable today
Will move on to ExecutionError while trying to ingest 500k records
- Eric
Helped Kevin with Tomcat Roles PrincipalProvider
Created plan for Event audit design
Current system may not be adequate (relies on modeshape events)
We need to support other events: Create/Delete object, Start Transaction, etc.
Refactor to trigger on Fedora actions rather than modeshape actions?
- Waiting on proposal feedback
Will look into XACML authorization work that UNC has been doing
Will move to TXNs and Filesystem Federation
...
- Kevin
Working on ExecutionError while trying to ingest 500k records
- https://www.pivotaltracker.com/story/show/69454152
- Successfully ingested 100,000 object last week
All objects loaded with no issues
Will go back and add timer to get an output log similar to BenchTool to see whether we have any performance drop off
Next: Distinguish between properties and child nodes in fcr:nodetypes REST API endpoint
- Eric
- Working on Javadoc build warnings
- https://www.pivotaltracker.com/story/show/69747108
- Most errors are syntax warnings. Will try to eliminate.
- Also working on: Test implementation for allowing referencable auth nodes
- https://www.pivotaltracker.com/story/show/70111766
- Question from Andrew: Does this approach intersect with the UNC XACML work?
- It's an alternate to the XACML implementation, when fine-grained XACML isn't needed
- Question from Andrew: You enable writing authorization rules in system space. In the existing pattern, authorization rules are determined in hierarchy of content nodes. Is there a use case for the new approach? Can we support both models?
- Possible, but why would you want to keep them embedded in the node? The purpose of the new model is reusability.
- We should think about whether or not there is a strong use case here.
- Event audit design
- https://www.pivotaltracker.com/story/show/69811150
- Question from Andrew: How will we actually store the events on an ongoing basis? How will we retrieve event information from the repo? Use fcrepo transform?
- PREMIS kept in container (child) node and use the OWL ontology as RDF properties on the PREMIS container node.
- https://www.pivotaltracker.com/story/show/69811150
- Working on Javadoc build warnings
...
- Kevin
- Working on Tomcat Roles PrincipalProvider
- https://www.pivotaltracker.com/story/show/69444656
- Figuring out Spring configurations and getting Tomcat configuration wired correctly
- Then moving to Distinguish between properties and child nodes in fcr:nodetypes REST API endpoint
- https://www.pivotaltracker.com/story/show/69346904
- Will ask Stefano for some clarification
- Working on Tomcat Roles PrincipalProvider
- Eric
Working on Test implementation for allowing referencable auth nodes
https://www.pivotaltracker.com/story/show/70111766
Implemented "referencible" property
If you try to delete an ACL node that is referenced by something else the system will not let you
Need to use UUID instead of path in the reference
Added a ticket: node delete fails silently under access control
Should be some error messaging
Will finish up ACL ticket and more clearly layout PREMIS design
- Andrew
- Looking at 'Support for authentication in JMS indexer' contribution from Nikhil
- Cleaning up Pivotal
- Preparing for Hydra-Fedora authorization meeting