Page History

...

• Kevin

  • Re-implemented Tomcat Roles PrincipalProvider based on feedback from Andrew Woods and others

  • Working on Pick-up fcrepo4 snapshot dependencies in fcrepo-jms-indexer-pluggable today

    • https://www.pivotaltracker.com/story/show/69148052

  • Will move on to ExecutionError while trying to ingest 500k records

    • https://www.pivotaltracker.com/story/show/69454152
• Eric

  • Helped Kevin with Tomcat Roles PrincipalProvider

  • Created plan for Event audit design

    • https://www.pivotaltracker.com/story/show/69811150

    • Current system may not be adequate (relies on modeshape events)

    • We need to support other events: Create/Delete object, Start Transaction, etc.

    • Refactor to trigger on Fedora actions rather than modeshape actions?

    • Waiting on proposal feedback

  • Will look into XACML authorization work that UNC has been doing

  • Will move to TXNs and Filesystem Federation

    • https://www.pivotaltracker.com/story/show/69444336

...

• Kevin

  • Running ingest in background for ExecutionError while trying to ingest 500k records

    • https://www.pivotaltracker.com/story/show/69454152

    • Bash script using cURL

    • Seems to be running past the point where BenchTool failed

  • Submitted pull request for Tomcat Roles PrincipalProvider

    • https://www.pivotaltracker.com/story/show/69444656

    • Will re-submit today

  • Submitting another pull request related to HTTP API Module fails when not installed with clean

    • https://www.pivotaltracker.com/story/show/69740244

    • Tests using hard coded IDs failing on second run, changed to UUIDs

  • Today will look at Distinguish between properties and child nodes in fcr:nodetypes REST API endpoint

    • https://www.pivotaltracker.com/story/show/69346904
• Eric

  • Working on Test implementation for allowing referencable auth nodes

    • https://www.pivotaltracker.com/story/show/70111766

    • Using a property to access the node

    • Pull request submitted

    • Will verify that it works with federated file systems

  • Will look at TXNs and Filesystem Federation next

    • https://www.pivotaltracker.com/story/show/69444336

4/28

• Kevin

  • Working on ExecutionError while trying to ingest 500k records

    • https://www.pivotaltracker.com/story/show/69454152
    • Successfully ingested 100,000 object last week

      • All objects loaded with no issues

      • Will go back and add timer to get an output log similar to BenchTool to see whether we have any performance drop off

    • Next: Distinguish between properties and child nodes in fcr:nodetypes REST API endpoint

      • https://www.pivotaltracker.com/story/show/69346904
• Eric
  • Working on Javadoc build warnings
    • https://www.pivotaltracker.com/story/show/69747108
    • Most errors are syntax warnings. Will try to eliminate.
  • Also working on: Test implementation for allowing referencable auth nodes
    • https://www.pivotaltracker.com/story/show/70111766
    • Question from Andrew: Does this approach intersect with the UNC XACML work?
      • It's an alternate to the XACML implementation, when fine-grained XACML isn't needed
    • Question from Andrew: You enable writing authorization rules in system space. In the existing pattern, authorization rules are determined in hierarchy of content nodes. Is there a use case for the new approach? Can we support both models?
      • Possible, but why would you want to keep them embedded in the node? The purpose of the new model is reusability.
      • We should think about whether or not there is a strong use case here.
  • Event audit design
    
    • https://www.pivotaltracker.com/story/show/69811150
      
    • Question from Andrew: How will we actually store the events on an ongoing basis? How will we retrieve event information from the repo? Use fcrepo transform?
      • PREMIS kept in container (child) node and use the OWL ontology as RDF properties on the PREMIS container node.

4/29

• Kevin

  • Working on ExecutionError while trying to ingest 500k records

    • https://www.pivotaltracker.com/story/show/69454152

    • Definitely an uptick in ingest time as more objects are added

    • More data required for an accurate assessment

    • Need to set a large target (1 million, 10 million, etc.) to test performance with very large data sets
• Eric
  • Working on Test implementation for allowing referencable auth nodes
    • https://www.pivotaltracker.com/story/show/70111766

    • Testing deletes - system ACL nodes cannot have incoming references when deleted (based on Modeshape)

      • This is desirable - we shouldn't delete something being used by other nodes in the repo

4/30

• Kevin
  • Working on Tomcat Roles PrincipalProvider
    • https://www.pivotaltracker.com/story/show/69444656
    • Figuring out Spring configurations and getting Tomcat configuration wired correctly
  • Then moving to Distinguish between properties and child nodes in fcr:nodetypes REST API endpoint
    • https://www.pivotaltracker.com/story/show/69346904
    • Will ask Stefano for some clarification
• Eric

  • Working on Test implementation for allowing referencable auth nodes

    • https://www.pivotaltracker.com/story/show/70111766

      • Implemented "referencible" property

      • If you try to delete an ACL node that is referenced by something else the system will not let you

      • Need to use UUID instead of path in the reference

  • Added a ticket: node delete fails silently under access control

    • • https://www.pivotaltracker.com/story/show/70371220

      • Should be some error messaging

  • Will finish up ACL ticket and more clearly layout PREMIS design

• Andrew
  • Looking at 'Support for authentication in JMS indexer' contribution from Nikhil
  • Cleaning up Pivotal
  • Preparing for Hydra-Fedora authorization meeting

5/01

• Committer Meeting
• Sprint wrap-up