Sprint Team
General
- Daily at 11am ET
- Call-in: Google-hangout at:
Meetings
4/21
4/22
- Kevin
- Working on Tomcat Roles PrincipalProvider
- https://www.pivotaltracker.com/story/show/69444656
- Tested and working outside of Fedora; having some difficulty integrating with Fedora to test
- Working on Tomcat Roles PrincipalProvider
- Eric
- Working on Event audit design
- https://www.pivotaltracker.com/story/show/69811150
- OWL ontology covers 80% of what we need to describe events
- Events that Fedora/JCR generates don't match 1:1 to PREMIS. Might need something other than event machinery.
- Add new events? Attach PREMIS generation to methods in the code?
- Will post a proposal to the wiki
- Will help Kevin with Tomcat Roles PrincipalProvider ticket
- Working on Event audit design
4/23
- Kevin
Re-implemented Tomcat Roles PrincipalProvider based on feedback from Andrew Woods and others
Working on Pick-up fcrepo4 snapshot dependencies in fcrepo-jms-indexer-pluggable today
Will move on to ExecutionError while trying to ingest 500k records
- Eric
Helped Kevin with Tomcat Roles PrincipalProvider
Created plan for Event audit design
Current system may not be adequate (relies on modeshape events)
We need to support other events: Create/Delete object, Start Transaction, etc.
Refactor to trigger on Fedora actions rather than modeshape actions?
- Waiting on proposal feedback
Will look into XACML authorization work that UNC has been doing
Will move to TXNs and Filesystem Federation
4/24
4/25
- Kevin
Running ingest in background for ExecutionError while trying to ingest 500k records
Bash script using cURL
Seems to be running past the point where BenchTool failed
Submitted pull request for Tomcat Roles PrincipalProvider
Will re-submit today
Submitting another pull request related to HTTP API Module fails when not installed with clean
Tests using hard coded IDs failing on second run, changed to UUIDs
Today will look at Distinguish between properties and child nodes in fcr:nodetypes REST API endpoint
- Eric
Working on Test implementation for allowing referencable auth nodes
Using a property to access the node
Pull request submitted
Will verify that it works with federated file systems
Will look at TXNs and Filesystem Federation next
4/28
- Kevin
Working on ExecutionError while trying to ingest 500k records
- https://www.pivotaltracker.com/story/show/69454152
- Successfully ingested 100,000 object last week
All objects loaded with no issues
Will go back and add timer to get an output log similar to BenchTool to see whether we have any performance drop off
Next: Distinguish between properties and child nodes in fcr:nodetypes REST API endpoint
- Eric
- Working on Javadoc build warnings
- https://www.pivotaltracker.com/story/show/69747108
- Most errors are syntax warnings. Will try to eliminate.
- Also working on: Test implementation for allowing referencable auth nodes
- https://www.pivotaltracker.com/story/show/70111766
- Question from Andrew: Does this approach intersect with the UNC XACML work?
- It's an alternate to the XACML implementation, when fine-grained XACML isn't needed
- Question from Andrew: You enable writing authorization rules in system space. In the existing pattern, authorization rules are determined in hierarchy of content nodes. Is there a use case for the new approach? Can we support both models?
- Possible, but why would you want to keep them embedded in the node? The purpose of the new model is reusability.
- We should think about whether or not there is a strong use case here.
- Event audit design
- https://www.pivotaltracker.com/story/show/69811150
- Question from Andrew: How will we actually store the events on an ongoing basis? How will we retrieve event information from the repo? Use fcrepo transform?
- PREMIS kept in container (child) node and use the OWL ontology as RDF properties on the PREMIS container node.
- https://www.pivotaltracker.com/story/show/69811150
- Working on Javadoc build warnings
4/29
- Kevin
Working on ExecutionError while trying to ingest 500k records
Definitely an uptick in ingest time as more objects are added
More data required for an accurate assessment
- Need to set a large target (1 million, 10 million, etc.) to test performance with very large data sets
- Eric
- Working on Test implementation for allowing referencable auth nodes
- https://www.pivotaltracker.com/story/show/70111766
Testing deletes - system ACL nodes cannot have incoming references when deleted (based on Modeshape)
This is desirable - we shouldn't delete something being used by other nodes in the repo
- Working on Test implementation for allowing referencable auth nodes
4/30
- Kevin
- Working on Tomcat Roles PrincipalProvider
- https://www.pivotaltracker.com/story/show/69444656
- Figuring out Spring configurations and getting Tomcat configuration wired correctly
- Then moving to Distinguish between properties and child nodes in fcr:nodetypes REST API endpoint
- https://www.pivotaltracker.com/story/show/69346904
- Will ask Stefano for some clarification
- Working on Tomcat Roles PrincipalProvider
- Eric
Working on Test implementation for allowing referencable auth nodes
https://www.pivotaltracker.com/story/show/70111766
Implemented "referencible" property
If you try to delete an ACL node that is referenced by something else the system will not let you
Need to use UUID instead of path in the reference
Added a ticket: node delete fails silently under access control
Should be some error messaging
Will finish up ACL ticket and more clearly layout PREMIS design
- Andrew
- Looking at 'Support for authentication in JMS indexer' contribution from Nikhil
- Cleaning up Pivotal
- Preparing for Hydra-Fedora authorization meeting
5/01
- Committer Meeting
- Sprint wrap-up