get server param only when it is expected
check replication table (not keystore) for trusted server host name match
Adding new D1 jars (r5818) with changes to libclient's CNode.setReplicationStatus(). It now sends multipart params rather than files since there's no XML structure to ReplicationStatus.
added note about PermGen space + Geoserver
Fix cast to List<Node> in isNodeAuthorized().
List the correct REST endpoints for replication in the documentation.
upgrade to 1.0.1-SNAPSHOT DataONE jars
check for blank key passwords
started replication unit test
Keep /dirtySystemMetadata as the REST endpoint for systemMetadataChanged() for now.
New D1 libraries, fix for MNode.isNodeAuthorized() and other exception handling.
MockCNode.getSystemMetadata() no longer throws InvalidRequest.
add note about alternative methods for getting cert/key
use prepared statement place holder (?)
use DateTimeMarshaller for all replication date transfers
print the stacktrace when there is an error -- debuggin!
remove catch blocks for unthrown exceptions
use SSL to get content from stream
Update methods in MNodeService to reflect they modifications of the MN API with regard to exceptions being raised. Largely removed InvalidRequest from a number of methods, and instead threw an appropriate NotFound or ServiceFailure instead.
D1NodeService get(), getSystemMetadata(), and isAuthorized() no longer throw InvalidRequest.
Add new D1 jars with 1.0.0 API additions (MNStorage.systemMetadataChanged()) and libclient fixes.
newer seek tag
uses prepared statement instead of plain old statement.deprecated the DBConnection.createStatement() method to discourage direct parameter value use in favor of parameter binding.http://bugzilla.ecoinformatics.org/show_bug.cgi?id=5527
Add a test for systemMetadataChanged. This should be fleshed out more so that the test uses a CN certificate.
Fix getReplica() handling code for getReplica() and systemMetadataChanged(). Calls to getReplica() in MNode were calling get(), so the lack of resource handling was being missed.
Handle multipart params where the libclient methods are using them.
uses prepared statement parameter binding for querieshttp://bugzilla.ecoinformatics.org/show_bug.cgi?id=5527
Add new D1 jars with the new MNStorage.systemMetadataChanged() additions.
Add in the systemMetadataChanged() method in MNodeService to respond to notifications. Only allow subjects from CNs listed in the node list to make the call. Update the local copy of the system metadata document for the given pid.
Include the serialVersion in the call to CN.setReplicationStatus() after replicating data.
correctly set the prepared statement parameters for start and end date
check object format id values since they are not Comparable objects
make MNodeServiceTest pass JUnit testing
http://bugzilla.ecoinformatics.org/show_bug.cgi?id=5527
Update CNodeService test to include serialVersion in it's calls as appropriate.
Update CNodeService to use the serialVersion parameter and compare it to the current serialVersion of the system metadata found in the hzSystemMetadata map. Throw an InvalidRequest exception if they are not equal. This affects updateReplicationMetadata(), setReplicationStatus(), setReplicationPolicy(), setAccessPolicy(), and setOwner().
Handle calls to CNReplication REST services. Modify handle() to field calls to /replicaPolicies, /replicaMetadata, /replicaAuthorizations, and /replicaNotifications. Add the isNodeAuthorized(), setReplicationPolicy(), setReplicationStatus(), and updateReplicationMetadata() methods to parse and pass multipart form data and params on to the CNodeService implementing class....
Add new d1_common jar with the API changes that add serialVersion parameters to CNAuthorization and CNReplication methods.
Add support for the various CNReplication calls. Add collectReplicationPolicy() to parse the policy out of the multipart form, and collectReplicaMetadata() to parse out the replica to be updated.
restore -- apparently this was used with reflection in a test...
change to 2.0.0 releasehttp://bugzilla.ecoinformatics.org/show_bug.cgi?id=5515
skip verification -- remaining TODO
verify certificate
inspect keystore entries for matching client certificate
lookup the correct property for keystore file
drop old identifier when upgrading from 1.9.5 to 2.0.0
use HttpClient to set up SSL connection when doing replication calls -- this will use the server's configured certificate as the client certificate on the request. The server it is calling can then inspect that certificate and decide whether or not it trusts the caller.
use EML style tag for: only show organization when the individual is omittedhttp://bugzilla.ecoinformatics.org/show_bug.cgi?id=5499
newer d1 jar (for good measure)
check client-provided certificate when servicing ReplicationServlet requests.
Add updateReplicationMetadata() to the CN service implementation. This was missing from the API, and likely never called. It fully replaces the given replica item in the list of replicas in system metadata.
MN.setAccessPolicy() is deprecated, commenting out the test.
getReplica() should log replication events as DataONE Types.Event.replicate (vs 'getreplica')
Minor indentation cleanup.
Modify isAuthorized() to get the most up to date system metadata from the hzSystemMetadata map.
Add a placeholder setAccessPolicy() method in MNodeService that throws NotImplemented since this method is being deprecated. Note: need to confirm that this shouldn't be calling D1Client.getCN().setAccessPolicy().
Update getSystemMetadata() to lock(); get(); unlock() to ensure we have the latest version of system metadata from the hzSystemMetadata map. Remove the setAccessPolicy() method since it is being deprecated in the MNAuthorization API.change insertSystemMetadata() to use a finer grained Date object on insertion. Locking of the pid happens in the subclass prior to the insert.
Add setAccessPolicy() to CNodeService since the CN should only make changes to access policies for objects registered with the D1 system. Increment the serial version after locling and getting the most up to fdate system metadata. Note: CCIT meeting decision says the serial version of the system metadata (during the change) should equal the current serial version, but setAccessPolicy() does not pass in the entire system metadata object, so there's no way to check. For now, increment the latest system metadata from the hzSystemMetadata map.
In CNodeService, separate the CN.create() functionality from the MN.create() functionality while still using the superclass to call create(). Deal with Hazelcast locks and setting serial versions only in the CN implementation.
Change updateSystemMetadata() to evaluate the incoming system metadata serial version against that found in the hzSystemMetadata map. If they are the same, do the update. If not, throw an InvalidRequest explaining that they need the most current version.
Modify CNodeService's registerSystemMetadata() with support for SystemMetadata's serialVersion field. Also, use the hzSystemMetadata map for all system metadata reads using a lock on the pid in order to get the very latest version. This affected isNodeAuthorized(), getChecksum(), and assertRelation(). Since we're using Hazelcast, exceptions are masked as RuntimeException, so throw a ServiceFailure with the underlying message.
Modify CNodeService's updateSystemMetadata(), setReplicationStatus(), setReplicationPolicy(), and setOwner() with support for SystemMetadata's serialVersion field. Other methods still pending an update. Use the hzSystemMetadata map for all system metadata reads using a lock on the pid in order to get the very latest version.
removing non-junit file from the test area
load hazelcast test files from the classpath rather than from rob's personal directory.
SystemMetadataManager's functionality is handled by IdentifierManager. Removing it and it's test.
MetadataTypeRegister is now replaced by ObjectFormatService. Removing it and it's test.
include clearer error message when UPDATE action is requested on a replicated document and we fail to successfully get a lock from the source Metacat serverhttp://bugzilla.ecoinformatics.org/show_bug.cgi?id=4907
move the DataONE 1.0.0-SNAPSHOT
correctly check for missing config values during geoserver configuration
call the web.xml tomcat6 not tomcat5
remove reference to tomcat5.5 in favor of tomcat6. including the "custom" start up script that used the sun jdk -- this can be configured rather than coded into the script.
remove reference to the "custom" /etc/init.d/tomcat6 script -- this should not be used since there are now better ways to customize the tomcat start up
use 2.0.0
-use 2.0.0 version-use tomcat6-use /var/lib/tomcat6 as the example tomcat home directory
use 2.0.0 -- stub out the release notes
Configure and use CertificateManager in order to act as the MN when performing replicate() and getReplica() mthods.
use logging, not system.out
change upgrade scripts/routines to use 2.0.0 version number instead of 1.10.0
make sure we close the prepared statement always
The incoming source node param is just a string, not XML, so don't attempt to deserialize it. Rather, just make a new NodeReference object and set it's value to the value of the incoming param.
include CILogon link and more explanation about what is going on with the mapping.
Change the version from 1.9.4 to 1.9.5.
correctly check that user is logged into metacat before proceeding
use null session for now
draft of legacy-to-d1 account mapping interface
add User-Agent logging to support D1 requirements
remove old RestServlet handler -- not used now
Add debugging output to MNodeService.
use default fmtid if we can't find the user-supplied data mime type in our list
including newer d1 libclient that uses Foresite (and Jena) to construct/parse ORE resource maps for DataONE
delete the xml access rules by either docid or guid to make sure we have the most up to date information
Fix a data-typing issue when pulling replicationAllowed from postgres. Use getBoolean(), not getString().
cleaned up to use for populating a DataONE MN using the D1 api. Retrieves packages from a Metacat and generates system metadata for them before calling MN.create() for both data and metadata.NOTE: you need a client certificate that the target server accepts (either DataONE-generated for testing or a CILogon one for more official use). I was only able to get the former certificate type to work with our existing MN servers
IdentifierManager.getSystemMetadata() was missing the number_replicas and replication_allowed fields when building a ReplicationPolicy section of a SystemMetadata document being returned. Add in these two attributes.
update D1 jars to include recent SubjectList -> SubjectInfo refactoring and the SUBJECT_PUBLIC constant
include SystemMetadata when replicating data and metadata documents -- this allows us to establish the guid-to-docid mapping that is crucial for being able to read the replicated document by guid (d1 api)
throw InvalidToken when the Session parameter is null for create()https://redmine.dataone.org/issues/1850
Fix service versioning in metacat.properties so that when Metacat nodes are registered they report the correct service version for use in resolve() -- i.e., use "v1" instead of "0.6.4" in resolve urls.
Once a CN calls replicate() on an MN, the MN needs to call getReplica() on the source MN (not get()). Once the bytes are retrieved, the MN must then call back to the CN with setReplicationStatus() to indicate that the replication status is complete. Modify MNodeService to do so.