I've managed to get ODK Aggregate instance deployed into a tomcat
servlet container using a postgres backend. I can see the tables have
been created in postgres, but I am now stuck on some security
settings.
The first time I hit http://localhost:8080/odk/ ... I get redirected
the http://localhost:8080/odk/openid_login.html page, I click on the
"Sign in with Google" button and I am redirected to the Google
accounts "Allow" page. I click allow and am then taken to the main
Aggregate page http://localhost:8080/odk/www/forms with the warning
that "Site Management is NOT SECURE". In the upper right is the link
"Log off anonymous user". I followed those instructions about setting
up the security, but when trying to logout, the link to "log off" goes
to http://localhost:8080/odk/null which is 404.
Seems to me that something is still amiss with the Google OpenID
connection since It looks like I am still an Anonymous user even after
granting permissions. I've tried this with both localhost and
machinename.local .. do I need this on an external IP for OAuth
callback or something similar?
fwiw, this is from an hg checkout and the v1_0 branch
Looking at the code, it looks like the conf/postgres/odk-settings.xml does
not have the correct definition for the user service. The bean definition
should be:
This could explain the odd behavior you're seeing. Please revise that
definition, re-generate the jar file, copy it into the war/WEB-INF
directory, and restart tomcat.
The logout should work fine for OpenID logins, as it invalidates the
session. Interestingly, that does not invalidate the OpenID cookie, which
persists longer. With most operations, I find you just need to log off and
log back in. At least it works for me within Firefox and within the Eclipse
browser. To invalidate the OpenID cookie, you need to clear the cookies in
your browser.
What browser are you using?
Mitch
···
On Thu, Feb 10, 2011 at 10:11 PM, Jeffrey Johnson wrote:
Hi there,
I've managed to get ODK Aggregate instance deployed into a tomcat
servlet container using a postgres backend. I can see the tables have
been created in postgres, but I am now stuck on some security
settings.
The first time I hit http://localhost:8080/odk/ ... I get redirected
the http://localhost:8080/odk/openid_login.html page, I click on the
"Sign in with Google" button and I am redirected to the Google
accounts "Allow" page. I click allow and am then taken to the main
Aggregate page http://localhost:8080/odk/www/forms with the warning
that "Site Management is NOT SECURE". In the upper right is the link
"Log off anonymous user". I followed those instructions about setting
up the security, but when trying to logout, the link to "log off" goes
to http://localhost:8080/odk/null which is 404.
Seems to me that something is still amiss with the Google OpenID
connection since It looks like I am still an Anonymous user even after
granting permissions. I've tried this with both localhost and
machinename.local .. do I need this on an external IP for OAuth
callback or something similar?
fwiw, this is from an hg checkout and the v1_0 branch
Looking at the code, it looks like the conf/postgres/odk-settings.xml does
not have the correct definition for the user service. The bean definition
should be:
This could explain the odd behavior you're seeing. Please revise that
definition, re-generate the jar file, copy it into the war/WEB-INF
directory, and restart tomcat.
The logout should work fine for OpenID logins, as it invalidates the
session. Interestingly, that does not invalidate the OpenID cookie, which
persists longer. With most operations, I find you just need to log off and
log back in. At least it works for me within Firefox and within the Eclipse
browser. To invalidate the OpenID cookie, you need to clear the cookies in
your browser.