Sakai Integration Chicago

uPortal

Sakai Integration Chicago

Last changed on Sep 07, 2005 by Andrew Petro

This page is for capturing notes from the Sakai integration meeting in Chicago. 6-7 September 2005.

Who

·  Steven Githens, Northwestern

·  Chuck Severance, Sakai

·  Vishal Goenka, SunGard SCT

·  Eric Dalquist, Unicon

·  Michael Ivanov, Unicon

·  Peter Kharchenko, Unicon

·  Andrew Petro, Yale

Integration steps

(See also entry on Chuck's blog).

Sakai and uPortal 3 in Same Tomcat

Set up uPortal deployment so as to eliminate jar conflicts where both Sakai and uPortal deploy the same jars. Make the connection so that uPortal code can "find" Sakai components, APIs, etc. Ultimately allow Spring injections of Sakai components in uPortal Spring configurations.

GAPs and uP3 delivers API-only .jars

Provides integration APIs for Sakai to provide implementations of without Sakai having to import all of uPortal and all its .jar depdenenceies, etc.

uPortal-backed Sakai User Directory Provider implementation

A Sakai user directory provider implementation that's backed by uPortal. Allows a Sakai intance to delegate to uPortal for user attribute, directory provisioning. Potentially for shared username, password in Sakai, uPortal w/o using CAS or another SSO server.

Sakai tab injected into render pipeline

A uP3 render pipeline plugin / hack to replace a particularly named or identified tab (folder) in the layout with a (configurably deep) fragment of layout containing Sakai IFrames.

Sakai tool portlets

First and simplest, just configured instances of the IFrame Portlet. More ambitious, JSR-168 that leverages Vishal's WSRP production work to grab tool content (not using WSRP, but similar approach using direct cross-context dispatching and the portlet.request).

This provides something more interesting to have as the "leaves" of the tree of the injected Sakai tab. It also allows traditional layout management with layouts containing Sakai content.

Sakai tool placements (tools in the context of sites) available from Sakai via the GAPs abstraction (get a group of portlets).

Allows making portlets fronting Sakai tools-in-context available for subscription individually / incluson in layouts.

A Sakai GAP Group Store implementation vending groups of Sakai portlets.

Sakai groups available as GAPs groups

A Sakai GAP Group Store implementation vending groups of Sakai users. This should be done in a nice hierarchical fashion Sakai->Sites->Pages->Tools using the hierarchy available in the GAPS and Channel Subscribe.

Sakai Tools as portlets configurable via the Portlet API

In this situation, we make a virtual portlet for each Sakai tool. WHen a user adds the tool to the layout, it notices that tit does not have a configured pre-existing Sakai placement ID. So it uses the WindowID to create a new placement in Sakai. The key tricky bit here is getting AuthZ to work. This will be done by using the roles available to the portlet - the Portlet will ask if the user is in the "admin" role and for the context of the placement, use that role to pick a realm which confers a set of permissions. This will require some changes to the Sakai framework.

WSRP

Securing Sakai WSRP

Need to secure Sakai WSRP production to at least authenticate the WSRP consumer communicating with it. Should update uPortal WSRP consumer apace with the WSRP producer (make it able to authenticate in the way Sakai comes to require).

·  Sakai filter to assert that request presents localhost / expected IP address as remote address.

·  HTTP Basic authentication as a quick win that covers most of the need.

·  HTTPS Client SSL certificate authentication as a possibility.

·  WS-Security Username, Token profile

o  Could present a traditional username, password pair that Sakai could authenticate as if a login

o  Could present a username, CAS proxy ticket pair.

o  How the "password" is validated should be easily replacable Sakai side; not the hard part.

·  SAML using WS-Security SAML profile. Has nice features as an eventual solution, not realistic near them.

We decided that the highest priority was to do the address filtering, followed by Basic Authentication, followed by WS-Security profiles - we need to look into getting Axis to do the heavy Authorization lifting.

Outstanding Issues

·  Getting the CSS pulled up from the fragments to the top page - can be done ad hoc for a while

·  Delivery of events - may want to hold off until uPortal does some XMLHttpRequest stuff - some of the AJAX ideas.

Go forward plans

Dr. Chuck's Web Log

September 02, 2005

Playing With uPortal Notes

Just some notes trying to get uPortal and Sakai into the same Tomcat.

Quickstart worked. I got source to run in Tomcat 5.0.28 - make sure to get the HSQL database running.

I could not figure out how to make HSQL start from the stock distro. But I cheated and used

ant hsql

From the quickstart.

Tried to make source work with Tomcat 5.5.9 -

Error creating bean with name 'portletApplDefIncrementer' defined in resource [/WEB-INF/persistence_beans.xml] of ServletContext: Initialization of bean failed; nested exception is java.lang.NoClassDefFoundError: org/apache/commons/collections/CursorableLinkedList

I needed to add this file:

common/lib/commons-collections-3.1.jar

Up comes uPortal 3 in Tomcat 5.5.9

Now trying to make it work in the same Tomcat (5.5.9) as Sakai.

Deploy both.

Found commons-collections-3.1.jar in both shared/lib and common/lib - removed the shared/lib version...

Came up with

Error creating bean with name 'sectionsSessionFactory' defined in ServletContext resource [/WEB-INF/spring-beans.xml]: Initialization of bean failed; nested exception is java.lang.IllegalAccessError: tried to access method org.apache.commons.dbcp.DelegatingConnection.passivate()V from class org.apache.commons.dbcp.SakaiPoolableConnectionFactory
java.lang.IllegalAccessError: tried to access method org.apache.commons.dbcp.DelegatingConnection.passivate()V from class org.apache.commons.dbcp.SakaiPoolableConnectionFactory

uPortal comes up but Sakai does not.

mv commons-collections-3.1.jar commons-dbcp-1.2.1.jar ../../shared/lib/

org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'sectionsSessionFactory' defined in ServletContext resource [/WEB-INF/spring-beans.xml]: Initialization of bean failed; nested exception is java.lang.NoClassDefFoundError: org/apache/commons/collections/CursorableLinkedList

uPortal blows up

WARN: get(org.sakaiproject.service.legacy.site.SiteService): org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.sakaiproject.service.legacy.site.SiteService' defined in file [/Users/csev/dev/jakarta-tomcat-5.5.9/components/sakai-legacy-components/WEB-INF/components.xml]: Can't resolve reference to bean 'org.sakaiproject.service.framework.sql.SqlService' while setting property 'sqlService'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.sakaiproject.service.framework.sql.SqlService' defined in file [/Users/csev/dev/jakarta-tomcat-5.5.9/components/sakai-legacy-components/WEB-INF/components.xml]: Initialization of bean failed; nested exception is java.lang.NoClassDefFoundError: org/apache/commons/collections/CursorableLinkedList (2005-09-02 16:37:12,080 http-8080-Processor24_org.sakaiproject.component.kernel.component.SpringCompMgr)

Sakai blows up.

Start over with a clean Tomcat and deploy Sakai first. Then deploy uPortal. Here is a diff:

dr-charles-severances-powerbook-g4-15:~/dev csev$ diff -r jakarta-tomcat-5.5.9/ tomcat-5.5.9-withsakai/
Only in jakarta-tomcat-5.5.9/common/endorsed: xalan.jar
Only in jakarta-tomcat-5.5.9/common/lib: commons-dbcp-1.2.1.jar
Only in jakarta-tomcat-5.5.9/common/lib: commons-pool-1.2.jar
Only in jakarta-tomcat-5.5.9/common/lib: hsqldb.jar
Only in jakarta-tomcat-5.5.9/conf/Catalina/localhost: uP3.xml
Only in jakarta-tomcat-5.5.9/shared/lib: commons-beanutils-1.7.0.jar
Only in jakarta-tomcat-5.5.9/shared/lib: commons-digester-1.6.jar
Only in jakarta-tomcat-5.5.9/shared/lib: junit.jar
Only in jakarta-tomcat-5.5.9/shared/lib: pluto-1.0.1-rc2.jar
Only in jakarta-tomcat-5.5.9/shared/lib: portlet-api-1.0.jar
Only in jakarta-tomcat-5.5.9/webapps: testWebapp.war
Only in jakarta-tomcat-5.5.9/webapps: uP3

$ find . -name 'xalan.jar'
./common/endorsed/xalan.jar
$ find . -name '*dbcp*.jar'
uPortal: ./common/lib/commons-dbcp-1.2.1.jar
Sakai: ./common/lib/naming-factory-dbcp.jar
Sakai: ./shared/lib/commons-dbcp-1.2.1.jar
$ find . -name 'commons-pool*jar'
uPortal: ./common/lib/commons-pool-1.2.jar
Sakai: ./shared/lib/commons-pool-1.2.jar
$ find . -name 'hsql*jar'
uPortal: ./common/lib/hsqldb.jar
Sakai: ./shared/lib/hsqldb-1.7.3.3.jar
$ find . -name 'commons-beanutils*jar'
Sakai: ./components/sakai-common-components/WEB-INF/lib/commons-beanutils-1.7.0.jar
uPortal: ./shared/lib/commons-beanutils-1.7.0.jar
$ find . -name 'commons-digester*jar'
uPortal: ./shared/lib/commons-digester-1.6.jar
$

Hmmm..

Step 1: Remove some stuff uPortal puts in common and Sakai puts in shared

rm ./common/lib/commons-dbcp-1.2.1.jar
rm ./common/lib/commons-pool-1.2.jar
rm ./common/lib/hsqldb.jar

Viola! Both come up...

Posted by csev at September 2, 2005 04:40 PM

September 03, 2005

More uPortal Notes

Just some stuff I wanted to write down and come back to months later.

webpages/stylesheets/uP2/adaptedLayoutSample.xml
webpages/stylesheets/uP2/layoutSample.xml
webapp/uP2_static_context.xml

clean build deploy initportal

cvs -d:pserver::2401/home/cvs/jasig login
cvs -d:pserver::2401/home/cvs/jasig co sandbox/up3

ant hsql (in QUickstart directory)

ant clean compile deploy initportal

diff -r jakarta-tomcat-5.5.9/bin/startup.sh tomcat-5.5.9-withsakai/bin/startup.sh
8,13d7
<
< rm ../common/lib/commons-dbcp-1.2.1.jar
< rm ../common/lib/commons-pool-1.2.jar
< rm ../common/lib/hsqldb.jar
<
<
Only in jakarta-tomcat-5.5.9/common/endorsed: xalan-2-6-0-ru-patch-1-0.jar
Only in jakarta-tomcat-5.5.9/common/lib: commons-dbcp-1.2.1.jar
Only in jakarta-tomcat-5.5.9/common/lib: commons-pool-1.2.jar
Only in jakarta-tomcat-5.5.9/common/lib: hsqldb.jar
Only in jakarta-tomcat-5.5.9/conf/Catalina/localhost: uP3.xml
Only in jakarta-tomcat-5.5.9/shared/lib: acegi-security-0.8.3.jar
Only in jakarta-tomcat-5.5.9/shared/lib: commons-beanutils-1.7.0.jar
Only in jakarta-tomcat-5.5.9/shared/lib: commons-digester-1.7.jar
Only in jakarta-tomcat-5.5.9/shared/lib: junit.jar
Only in jakarta-tomcat-5.5.9/shared/lib: pluto-1.0.1-rc2.jar
Only in jakarta-tomcat-5.5.9/shared/lib: portlet-api-1.0.jar
Only in jakarta-tomcat-5.5.9/webapps: testWebapp.war
Only in jakarta-tomcat-5.5.9/webapps: uP3

The rm's in startup are my additions.

Crap!

javax.servlet.ServletException: Unable to resolve portal context
net.sf.acegisecurity.intercept.web.SecurityEnforcementFilter.doFilter(SecurityEnforcementFilter.java:214)

javax.servlet.ServletException: Unable to resolve portal context
org.jasig.portal.core.PortalServlet.service(PortalServlet.java:95)
org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'processorListController' defined in ServletContext resource [/WEB-INF/uP2_static_context.xml]: Can't resolve reference to bean 'acegiUserController' while setting property 'processors[0]'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'acegiUserController' defined in ServletContext resource [/WEB-INF/uP2_static_context.xml]: Can't resolve reference to bean '../persistence/userDao' while setting property 'userDao'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'userDao' defined in ServletContext resource [/WEB-INF/persistence_beans.xml]: Instantiation of bean failed; nested exception is org.springframework.beans.FatalBeanException: Could not instantiate class [org.springframework.transaction.interceptor.TransactionProxyFactoryBean]; constructor threw exception; nested exception is java.lang.ExceptionInInitializerError: null
org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.java:180)
Drat - Back to the drawing board. And me out of time this morning...

Is this a typo?

webapps/uP3/login.jsp:%@ page session="true" import="net.sf.acegisecurity.ui.AbstractProcessingFilter,java.util.*"%

Back to clean 5.5.9 - Seeing this

org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'portletParameterProcessor' defined in ServletContext resource [/WEB-INF/uP2_static_context.xml]: Can't resolve reference to bean 'portletWindowManager' while setting property 'windowManager'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'portletWindowManager' defined in ServletContext resource [/WEB-INF/uP2_static_context.xml]: Can't resolve reference to bean 'portletErrorHandler' while setting property 'portletErrorHandler'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'portletErrorHandler' defined in ServletContext resource [/WEB-INF/uP2_static_context.xml]: Can't resolve reference to bean '../registries/portletDefinitionRegistry' while setting property 'portletDefinitionRegistry'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'portletDefinitionRegistry' defined in ServletContext resource [/WEB-INF/registry_beans.xml]: Can't resolve reference to bean '../persistence/portletApplicationDefinitionDao' while setting property 'portletApplicationDefinitionDao'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'portletApplicationDefinitionDao' defined in ServletContext resource [/WEB-INF/persistence_beans.xml]: Can't resolve reference to bean 'sessionFactory' while setting property 'sessionFactory'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'sessionFactory' defined in ServletContext resource [/WEB-INF/persistence_beans.xml]: Initialization of bean failed; nested exception is java.lang.NoClassDefFoundError: org/apache/commons/collections/CursorableLinkedList
~/dev/jakarta-tomcat-5.5.9/common/lib csev$ cp ~/.maven/repository/commons-collections/jars/commons-collections-3.1.jar .

Start back up...

Viola! uPortal comes up in 5.5.9 with a login, admin, and more than one portlet!

Logged in as admin admin (just like Sakai) and it worked too.

Now I really have to go to the the family picnic...

When I come back it will be time to make Sakai and up3 (head) work in the same Tomcat ...

Hey - while everyone else was getting ready, I came back for a while..

dr-charles-severances-powerbook-g4-15:~/dev/jakarta-tomcat-5.5.9/webapps/uP3/WEB-INF/lib csev$ cat /tmp/b
OkiOSID-2.0.jar
acegi-security-0.8.3.jar
activation-1.0.2.jar
aopalliance-1.0.jar
cglib-full-2.0.2.jar
commons-beanutils-1.7.0.jar
commons-collections-3.1.jar
commons-dbcp-1.2.1.jar
commons-digester-1.7.jar
commons-fileupload-1.0.jar
commons-logging-1.0.4.jar
commons-pool-1.2.jar
dom4j-1.4.jar
ehcache-1.1.jar
hibernate-2.1.8.jar
hsqldb-1.7.3.3.jar
jdbc2_0-stdext-h2.1.8.jar
jdom-1.0.jar
jstl-1.1.2.jar
jta-h2.1.8.jar
junit.jar
mail-1.3.1.jar
odmg-3.0.jar
pluto-1.0.1-rc2.jar
portlet-api-1.0.jar
spring-1.1.5.jar
xalan-2.6.0.jar
dr-charles-severances-powerbook-g4-15:~/dev/jakarta-tomcat-5.5.9/webapps/uP3/WEB-INF/lib csev$ ls
acegi-security-0.8.3.jar axis.jar commons-io-1.0.jar hibernate3.jar jta.jar wsdl4j.jar
activation.jar backport-util-concurrent.jar commons-lang-2.1.jar jakarta-oro-2.0.8.jar log4j-1.2.9.jar wsrp4j-consumer-0.3.jar
antlr-2.7.5H3.jar castor-0.9.6-xml.jar commons-logging.jar jaxrpc.jar proxyportlet.jar wsrp4j-shared-0.3.jar
aopalliance.jar cglib-2.1.jar dom4j-1.6.jar jpox-enhancer.jar saaj.jar
asm-attrs.jar commons-collections-3.1.jar ehcache-1.1.jar jpox.jar spring.jar
asm.jar commons-discovery.jar gap-full.jar jstl.jar standard.jar
dr-charles-severances-powerbook-g4-15:~/dev/jakarta-tomcat-5.5.9/webapps/uP3/WEB-INF/lib csev$ rm activation.jar aopalliance.jar cglib-2.1.jar commons-collections-3.1.jar commons-logging.jar dom4j-1.6.jar ehcache-1.1.jar jstl.jar jta.jar
dr-charles-severances-powerbook-g4-15:~/dev/jakarta-tomcat-5.5.9/webapps/uP3/WEB-INF/lib csev$
INFO: XML validation disabled
0.000: [GC 0.000: [DefNew: 46591K->3965K(52416K), 0.0998399 secs] 46591K->3965K(518464K), 0.1004229 secs]
log4j:ERROR A "org.apache.log4j.RollingFileAppender" object is not assignable to a "org.apache.log4j.Appender" variable.
log4j:ERROR The class "org.apache.log4j.Appender" was loaded by
log4j:ERROR [org.apache.catalina.loader.StandardClassLoader@66bfd8] whereas object of type
log4j:ERROR "org.apache.log4j.RollingFileAppender" was loaded by [WebappClassLoader
delegate: false
repositories:
/WEB-INF/classes/
------> Parent Classloader:
org.apache.catalina.loader.StandardClassLoader@af84e
].
log4j:ERROR Could not instantiate appender named "R".
log4j:ERROR A "org.apache.log4j.RollingFileAppender" object is not assignable to a "org.apache.log4j.Appender" variable.
log4j:ERROR The class "org.apache.log4j.Appender" was loaded by
log4j:ERROR [org.apache.catalina.loader.StandardClassLoader@66bfd8] whereas object of type
log4j:ERROR "org.apache.log4j.RollingFileAppender" was loaded by [WebappClassLoader
delegate: false
repositories:
/WEB-INF/classes/
------> Parent Classloader:
org.apache.catalina.loader.StandardClassLoader@af84e
].
log4j:ERROR Could not instantiate appender named "R".
log4j:WARN No appenders could be found for logger (org.jasig.portal.spring.ContextResolvingXmlWebApplicationContext).
log4j:WARN Please initialize the log4j system properly.

Looks like I need to move commons-logging back.

But Viola! Sakai and Uportal from head are in the same Tomcat

Note to self - need to get uP3 to name jars in the maven convention.

~/dev/jakarta-tomcat-5.5.9/webapps/uP3/WEB-INF/lib csev$ cp ~/dev/jakarta-tomcat-5.5.9/shared/lib/commons-logging-1.0.4.jar .
~/dev/jakarta-tomcat-5.5.9/webapps/uP3/WEB-INF/lib csev$ ls
acegi-security-0.8.3.jar backport-util-concurrent.jar commons-logging-1.0.4.jar jpox-enhancer.jar spring.jar
antlr-2.7.5H3.jar castor-0.9.6-xml.jar gap-full.jar jpox.jar standard.jar
asm-attrs.jar commons-discovery.jar hibernate3.jar log4j-1.2.9.jar wsdl4j.jar
asm.jar commons-io-1.0.jar jakarta-oro-2.0.8.jar proxyportlet.jar wsrp4j-consumer-0.3.jar
axis.jar commons-lang-2.1.jar jaxrpc.jar saaj.jar wsrp4j-shared-0.3.jar

Coming back up...

No Log4 complaints and Both Sakai and uPortal 3 from head run from head.

Next up, add a property to uP3 "deploy.with.sakai" so that the deploy puts the right jars in the right places. Time to re-learn ant :(

Posted by csev at September 3, 2005 09:33 AM

September 04, 2005

uPortal Part III

Continued Activity

Today the goal is to make sure uP3 can work with all of Sakai and try to do all the patches with changes to the uP3 build.xml rather than patches to my tomcat instance after the fact.

Start with clean Tomcat, deploy full Sakai - modify build.xml in uPortal - deploy uP, Drat - forgot "ant hsql" in my quickstart - I must figure out how to do this without my quickstart crutch.

Sweet - both come up with nothing more than uP3 build.xml changes commenting out jar deployments.

vi webpages/stylesheets/uP2/adaptedLayoutSample.xml
cp webpages/stylesheets/uP2/adaptedLayoutSample.xml ~/dev/jakarta-tomcat-5.5.9/webapps/uP3/WEB-INF/classes/uP2/adaptedLayoutSample.xml

oops - layout is now in a database.

vi properties/db/data.xml

Sweet - admin now has a Sakai folder... Now what to do about it?

- Stick in the Sakai-168 portlet?

- Stick in a iframe to Charon

- Build a peer to Charon?

- Modify the 168 portlet to short-circuit web services when in the same JVM

- What about making worksites dynamically appear as possible channels...

- What about making registered Sakai tools appear as uPortal channels and when placed they get context that is completely unique.

And how to do all this without adding hard Sakai dependencies throughout uPortal. (i.e. how to best factor all of this stuff??) Hmmm.

Posted by csev at September 4, 2005 10:46 AM

September 07, 2005

uPortal Task Notes

Just some notes...

Make Sakai/uPortal run in the same Tomcat

Build two portlets: Sakai/iFrame and Sakai/JSR-168 - both effectively take a tool placement ID and render properly.

Sakai/JSR-168 makes "request.portlet.fragement" calls

Sakai/Iframe simply puts in the Charon URL into an iFrame

Make sakai "fragment source" which populates the structure under a tab based on the Sakai site/page/tool structure.

Make API-Only jars for uPortal and GAPs integration APIs

Make Sakai User Directory Provider which reads from uPortal's Person Attribute DAO in uPortal (person.jar)