uportal-project / uportal Goto Github PK

Enterprise open source portal built by and for the higher education community.

Home Page: https://www.apereo.org/projects/uportal

License: Apache License 2.0

Groovy 0.49% HTML 1.92% Java 91.58% CSS 0.02% XSLT 2.27% JavaScript 2.57% Less 1.15% StringTemplate 0.01%

academic enterprise gradle higher-education java portal portlet soffit spring tomcat

uportal's Introduction

Version	Linux	Windows	Coverage
uPortal 5
uPortal 4.3

Quick links
Join the Conversation

About

uPortal is the leading open source enterprise portal framework built by and for the higher education community. uPortal continues to evolve through contributions from its global community and is supported by resources, grants, donations, and memberships fees from academic institutions, commercial affiliates, and non-profit foundations. uPortal is built on open standards-based technologies such as Java and XML, and enables easy, standards-based integration with authentication and security infrastructures, single sign-on secure access, campus applications, web-based content, and end user customization. uPortal can easily integrate with other enterprise systems and can be customized for specific local needs.

Forever Free!

You may download uPortal and use it on your site at no cost. Unlike our competitors, uPortal is 100% free open source software managed by Apereo. Our community has access to all releases of the uPortal software with absolutely no costs. We welcome contributions from our community of all types and sizes.

Accessible

uPortal strives to conform with Web Content Accessibility Guidelines Version 2.0 Level AA. The most recent accessibility audit results can be seen in UP-4735.

Help and Support

The [email protected] email address is the best place to go with questions related to configuring or deploying uPortal.

The uPortal manual is a collaborative resource which has more detailed documentation for each uPortal release.

Manual

Additional information about uPortal is available in the Manual.

Requirements

JDK 1.8 - The JRE alone is NOT sufficient, a full JDK is required
GIT

uPortal-start

uPortal is now meant to be deployed via uPortal-start, which is responsible for servlet container (ie Tomcat), DB, and portal configurations. uPortal-start deals with the low-level configurations and setup, while letting the adopter focus on the business configuration side of the deployment. However, it is possible to run uPortal without uPortal-start. The uPortal manual explains how.

Building and Deploying

uPortal uses Gradle for its project configuration and build system. uPortal comes with a Gradle wrapper if you don't want to install the build tool (./gradlew in the root directory of the repo).

Gradle tasks

For a full list of Gradle tasks run ./gradlew tasks from the root directory.

uportal's People

Contributors

Stargazers

Watchers

Forkers

joemoorebrk nblair bourey a01fe tuyly bill-brown jdlich landisaurus drewwills crezvani mguerin edomazlicky peterjhart acolebourne sbramhall pointful esupportail rishi-pandey delldsc ejrussel jameswennmacher dmccallum sjungling yupengyan tkofford naenyn edhillis seanrbaker saniyasaifee mwasyou enjoylife gayewalo timlevett harleydude99 auxepaul sailor96 accssp jgribonvald yungkc josecerejo bitted pspaude shawnconnolly vcrowley ahocine christensenb zehmk thachln swiggins83 aclissold apetro hermcsus vertein university-of-manchester jcyoo9454 rfountain daha5 wgthom mgillian garyt jhelmer-unicon mpolizzotti vsocc bjagg sccarthy parkerneff stfukumo jstanley70 raymondbourges doodelicious rafael-oropeza gcarroll alliethedemonhunter jpedraza ajinkyas uoe-is-apps rocketk groybal ediaeducationtechnology jonathanmtran chasegawa codepuppet rogerworkman kyoto-u azizur77 aminemajeur andrewstuart bikashdora jemmy655 cl4r1ty rrglomsk asgrant pengsuyun hy2015 excellence-portal ndotdash dmartign yaoshining prashanti19 eseawind

uportal's Issues

Unable to complete Permissions Administration flow

Describe the bug
When trying to grant a permission, we get the following error
SpelEvaluationException: EL1008E: Property or field 'permissionAdministrationHelper' cannot be found on object of type 'org.springframework.webflow.engine.impl.RequestControlContextImpl' - maybe not public or not valid?

To Reproduce
Steps to reproduce the behavior:

Admin Tools
Permission Administration
Portlet Publishing
Select Portlet Type
Enter and select "CMS" ... any should do
Submit

Expected behavior
N/A

Screenshots

Stacktrace

java.util.concurrent.ExecutionException: org.apereo.portal.portlet.PortletDispatchException: The portlet window 'PortletWindow [portletWindowId=20_ctf3_11, delegationParentId=null, portletMode=view, windowState=maximized, expirationCache=null, renderParameters={}, publicRenderParameters={}, portletEntity=PortletEntity [portletEntityId=20_ctf3_11, layoutNodeId=ctf3, userId=11, portletDefinition=org.apereo.portal.portlet.dao.jpa.PortletDefinitionImpl@3f4a22e4[definitionId=20,fname=permissionsmanager,descriptorKey=PortletDescriptorKey [frameworkPortlet=true, webAppName=null, portletName=PermissionsAdministration],type=PortletTypeImpl [internalId=6, name=Portlet, descr=Adapter for JSR-168 and JSR-286 Portlets, cpdUri=/org/apereo/portal/portlets/GenericPortlet.cpd.xml]]]]' threw an exception while executing renderMarkup.
	at java.util.concurrent.FutureTask.report(FutureTask.java:122)
	at java.util.concurrent.FutureTask.get(FutureTask.java:206)
	at org.apereo.portal.portlet.rendering.worker.PortletExecutionWorker.get(PortletExecutionWorker.java:329)
	at org.apereo.portal.portlet.rendering.worker.PortletRenderExecutionWorker.getOutput(PortletRenderExecutionWorker.java:79)
	at org.apereo.portal.portlet.rendering.PortletExecutionManager.getPortletOutput(PortletExecutionManager.java:675)
	at org.apereo.portal.rendering.PortletRenderingIncorporationComponent$PortletIncorporatingEventReader.filterEvent(PortletRenderingIncorporationComponent.java:110)
	at org.apereo.portal.character.stream.FilteringCharacterEventReader.internalNext(FilteringCharacterEventReader.java:66)
	at org.apereo.portal.character.stream.FilteringCharacterEventReader.peek(FilteringCharacterEventReader.java:51)
	at org.apereo.portal.character.stream.FilteringCharacterEventReader.hasNext(FilteringCharacterEventReader.java:34)
	at org.apereo.portal.character.stream.CharacterEventReaderDelegate.hasNext(CharacterEventReaderDelegate.java:38)
	at org.apereo.portal.character.stream.FilteringCharacterEventReader.hasNext(FilteringCharacterEventReader.java:34)
	at org.apereo.portal.rendering.DynamicRenderingPipeline.renderState(DynamicRenderingPipeline.java:81)
	at org.apereo.portal.context.rendering.RenderingPipelineConfiguration$1.renderState(RenderingPipelineConfiguration.java:212)
	at org.apereo.portal.rendering.PortalController.renderRequest(PortalController.java:101)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:498)
	at org.springframework.web.bind.annotation.support.HandlerMethodInvoker.invokeHandlerMethod(HandlerMethodInvoker.java:181)
	at org.springframework.web.servlet.mvc.annotation.AnnotationMethodHandlerAdapter.invokeHandlerMethod(AnnotationMethodHandlerAdapter.java:440)
	at org.springframework.web.servlet.mvc.annotation.AnnotationMethodHandlerAdapter.handle(AnnotationMethodHandlerAdapter.java:428)
	at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:967)
	at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:901)
	at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:970)
	at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:861)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:635)
	at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:846)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:742)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
	at org.apereo.portal.utils.web.CreatePortletCookieFilter.doFilterInternal(CreatePortletCookieFilter.java:48)
	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
	at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:347)
	at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:263)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
	at org.apereo.portal.url.UrlCanonicalizingFilter.doFilterInternal(UrlCanonicalizingFilter.java:178)
	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
	at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:347)
	at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:263)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:101)
	at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:347)
	at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:263)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
	at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:197)
	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
	at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:317)
	at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:127)
	at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:91)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
	at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:114)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
	at org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:137)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
	at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:111)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
	at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:170)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
	at org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:63)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
	at org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilterInternal(BasicAuthenticationFilter.java:158)
	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
	at org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter.doFilter(DefaultLoginPageGeneratingFilter.java:177)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
	at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:200)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
	at org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter.doFilter(AbstractPreAuthenticatedProcessingFilter.java:121)
	at org.apereo.portal.spring.security.preauth.PortalPreAuthenticatedProcessingFilter.doFilter(PortalPreAuthenticatedProcessingFilter.java:180)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
	at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:116)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
	at org.springframework.security.web.csrf.CsrfFilter.doFilterInternal(CsrfFilter.java:100)
	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
	at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:66)
	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
	at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:56)
	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
	at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:105)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
	at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:214)
	at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:177)
	at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:347)
	at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:263)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
	at org.apereo.portal.security.ThreadNamingRequestFilter.doFilterInternal(ThreadNamingRequestFilter.java:66)
	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
	at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:347)
	at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:263)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
	at org.springframework.orm.jpa.support.OpenEntityManagerInViewFilter.doFilterInternal(OpenEntityManagerInViewFilter.java:178)
	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
	at org.apereo.portal.web.ExceptionLoggingFilter.doFilter(ExceptionLoggingFilter.java:47)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
	at org.apereo.portal.security.filter.CorsFilter.handleNonCORS(CorsFilter.java:440)
	at org.apereo.portal.security.filter.CorsFilter.doFilter(CorsFilter.java:163)
	at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:347)
	at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:263)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:198)
	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:493)
	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:140)
	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81)
	at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:650)
	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87)
	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:342)
	at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:800)
	at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
	at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:800)
	at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1471)
	at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
	at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
	at java.lang.Thread.run(Thread.java:748)
Caused by: org.apereo.portal.portlet.PortletDispatchException: The portlet window 'PortletWindow [portletWindowId=20_ctf3_11, delegationParentId=null, portletMode=view, windowState=maximized, expirationCache=null, renderParameters={}, publicRenderParameters={}, portletEntity=PortletEntity [portletEntityId=20_ctf3_11, layoutNodeId=ctf3, userId=11, portletDefinition=org.apereo.portal.portlet.dao.jpa.PortletDefinitionImpl@3f4a22e4[definitionId=20,fname=permissionsmanager,descriptorKey=PortletDescriptorKey [frameworkPortlet=true, webAppName=null, portletName=PermissionsAdministration],type=PortletTypeImpl [internalId=6, name=Portlet, descr=Adapter for JSR-168 and JSR-286 Portlets, cpdUri=/org/apereo/portal/portlets/GenericPortlet.cpd.xml]]]]' threw an exception while executing renderMarkup.
	at org.apereo.portal.portlet.rendering.PortletRendererImpl.doRender(PortletRendererImpl.java:459)
	at org.apereo.portal.portlet.rendering.PortletRendererImpl.doRenderMarkup(PortletRendererImpl.java:275)
	at org.apereo.portal.portlet.rendering.worker.PortletRenderExecutionWorker.callInternal(PortletRenderExecutionWorker.java:69)
	at org.apereo.portal.portlet.rendering.worker.PortletRenderExecutionWorker.callInternal(PortletRenderExecutionWorker.java:33)
	at org.apereo.portal.portlet.rendering.worker.PortletExecutionWorker$1.call(PortletExecutionWorker.java:185)
	at org.apereo.portal.portlet.rendering.worker.PortletExecutionWorker$ExecutionLifecycleCallable.call(PortletExecutionWorker.java:225)
	at org.apereo.portal.portlet.rendering.worker.PortletExecutionCallable.call(PortletExecutionCallable.java:113)
	at java.util.concurrent.FutureTask.run(FutureTask.java:266)
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
	... 1 more
Caused by: javax.portlet.PortletException: Request processing failed
	at org.springframework.web.portlet.FrameworkPortlet.processRequest(FrameworkPortlet.java:559)
	at org.springframework.web.portlet.FrameworkPortlet.doDispatch(FrameworkPortlet.java:483)
	at javax.portlet.GenericPortlet.render(GenericPortlet.java:251)
	at org.apereo.portal.portlet.container.FilterChainImpl.doFilter(FilterChainImpl.java:179)
	at org.apereo.portal.portlet.container.FilterChainImpl.processFilter(FilterChainImpl.java:95)
	at org.apereo.portal.portlet.container.FilterManagerImpl.processFilter(FilterManagerImpl.java:114)
	at org.apache.pluto.container.driver.PortletServlet.dispatch(PortletServlet.java:340)
	at org.apache.pluto.container.driver.PortletServlet.doGet(PortletServlet.java:261)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:635)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:742)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
	at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:728)
	at org.apache.catalina.core.ApplicationDispatcher.doInclude(ApplicationDispatcher.java:591)
	at org.apache.catalina.core.ApplicationDispatcher.include(ApplicationDispatcher.java:527)
	at org.apache.pluto.driver.container.DefaultPortletInvokerService.invoke(DefaultPortletInvokerService.java:233)
	at org.apache.pluto.driver.container.DefaultPortletInvokerService.render(DefaultPortletInvokerService.java:117)
	at sun.reflect.GeneratedMethodAccessor343.invoke(Unknown Source)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:498)
	at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:333)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:190)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:157)
	at org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:92)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)
	at org.springframework.aop.aspectj.MethodInvocationProceedingJoinPoint.proceed(MethodInvocationProceedingJoinPoint.java:84)
	at org.apereo.portal.portlet.dao.jpa.ThreadContextClassLoaderAspect.doThreadContextClassLoaderUpdate(ThreadContextClassLoaderAspect.java:63)
	at sun.reflect.GeneratedMethodAccessor211.invoke(Unknown Source)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:498)
	at org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethodWithGivenArgs(AbstractAspectJAdvice.java:627)
	at org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethod(AbstractAspectJAdvice.java:616)
	at org.springframework.aop.aspectj.AspectJAroundAdvice.invoke(AspectJAroundAdvice.java:70)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)
	at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:213)
	at com.sun.proxy.$Proxy416.render(Unknown Source)
	at org.apache.pluto.container.impl.PortletContainerImpl.doRender(PortletContainerImpl.java:157)
	at org.apereo.portal.portlet.rendering.PortletRendererImpl.doRender(PortletRendererImpl.java:456)
	... 10 more
Caused by: org.springframework.webflow.execution.ActionExecutionException: Exception thrown executing [AnnotatedAction@2815e0ff targetAction = [SetAction@4635a782 name = flashScope.principals, value = permissionAdministrationHelper.getCurrentPrincipals(owner, activity, requestParameters.target)], attributes = map[[empty]]] in state 'edit-permission' of flow 'permissions-administration' -- action execution attributes were 'map[[empty]]'
	at org.springframework.webflow.execution.ActionExecutor.execute(ActionExecutor.java:60)
	at org.springframework.webflow.engine.ActionList.execute(ActionList.java:154)
	at org.springframework.webflow.engine.State.enter(State.java:193)
	at org.springframework.webflow.engine.Transition.execute(Transition.java:228)
	at org.springframework.webflow.engine.impl.FlowExecutionImpl.execute(FlowExecutionImpl.java:395)
	at org.springframework.webflow.engine.impl.RequestControlContextImpl.execute(RequestControlContextImpl.java:214)
	at org.springframework.webflow.engine.TransitionableState.handleEvent(TransitionableState.java:116)
	at org.springframework.webflow.engine.Flow.handleEvent(Flow.java:547)
	at org.springframework.webflow.engine.impl.FlowExecutionImpl.handleEvent(FlowExecutionImpl.java:390)
	at org.springframework.webflow.engine.impl.RequestControlContextImpl.handleEvent(RequestControlContextImpl.java:210)
	at org.springframework.webflow.engine.ViewState.handleEvent(ViewState.java:231)
	at org.springframework.webflow.engine.ViewState.resume(ViewState.java:195)
	at org.springframework.webflow.engine.Flow.resume(Flow.java:537)
	at org.springframework.webflow.engine.impl.FlowExecutionImpl.resume(FlowExecutionImpl.java:259)
	at org.springframework.webflow.executor.FlowExecutorImpl.resumeExecution(FlowExecutorImpl.java:169)
	at org.springframework.webflow.mvc.portlet.FlowHandlerAdapter.handleAction(FlowHandlerAdapter.java:161)
	at org.springframework.web.portlet.DispatcherPortlet.doActionService(DispatcherPortlet.java:666)
	at org.springframework.web.portlet.FrameworkPortlet.processRequest(FrameworkPortlet.java:534)
	at org.springframework.web.portlet.FrameworkPortlet.processAction(FrameworkPortlet.java:473)
	at org.apereo.portal.portlet.container.FilterChainImpl.doFilter(FilterChainImpl.java:125)
	at org.apereo.portal.portlet.container.FilterChainImpl.processFilter(FilterChainImpl.java:86)
	at org.apereo.portal.portlet.container.FilterManagerImpl.processFilter(FilterManagerImpl.java:125)
	at org.apache.pluto.container.driver.PortletServlet.dispatch(PortletServlet.java:359)
	at org.apache.pluto.container.driver.PortletServlet.doPost(PortletServlet.java:267)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:661)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:742)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
	at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:728)
	at org.apache.catalina.core.ApplicationDispatcher.doInclude(ApplicationDispatcher.java:591)
	at org.apache.catalina.core.ApplicationDispatcher.include(ApplicationDispatcher.java:527)
	at org.apache.pluto.driver.container.DefaultPortletInvokerService.invoke(DefaultPortletInvokerService.java:233)
	at org.apache.pluto.driver.container.DefaultPortletInvokerService.action(DefaultPortletInvokerService.java:101)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:498)
	at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:333)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:190)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:157)
	at org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:92)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)
	at org.springframework.aop.aspectj.MethodInvocationProceedingJoinPoint.proceed(MethodInvocationProceedingJoinPoint.java:84)
	at org.apereo.portal.portlet.dao.jpa.ThreadContextClassLoaderAspect.doThreadContextClassLoaderUpdate(ThreadContextClassLoaderAspect.java:63)
	at sun.reflect.GeneratedMethodAccessor211.invoke(Unknown Source)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:498)
	at org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethodWithGivenArgs(AbstractAspectJAdvice.java:627)
	at org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethod(AbstractAspectJAdvice.java:616)
	at org.springframework.aop.aspectj.AspectJAroundAdvice.invoke(AspectJAroundAdvice.java:70)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)
	at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:213)
	at com.sun.proxy.$Proxy416.action(Unknown Source)
	at org.apache.pluto.container.impl.PortletContainerImpl.doAction(PortletContainerImpl.java:251)
	at org.apereo.portal.portlet.rendering.PortletRendererImpl.doAction(PortletRendererImpl.java:141)
	at org.apereo.portal.portlet.rendering.worker.PortletActionExecutionWorker.callInternal(PortletActionExecutionWorker.java:53)
	at org.apereo.portal.portlet.rendering.worker.PortletActionExecutionWorker.callInternal(PortletActionExecutionWorker.java:24)
	... 7 more
Caused by: org.springframework.binding.expression.PropertyNotFoundException: Property not found
	at org.springframework.binding.expression.spel.SpringELExpression.getValue(SpringELExpression.java:87)
	at org.springframework.webflow.action.SetAction.doExecute(SetAction.java:55)
	at org.springframework.webflow.action.AbstractAction.execute(AbstractAction.java:188)
	at org.springframework.webflow.execution.AnnotatedAction.execute(AnnotatedAction.java:145)
	at org.springframework.webflow.execution.ActionExecutor.execute(ActionExecutor.java:51)
	... 63 more
Caused by: org.springframework.expression.spel.SpelEvaluationException: EL1008E: Property or field 'permissionAdministrationHelper' cannot be found on object of type 'org.springframework.webflow.engine.impl.RequestControlContextImpl' - maybe not public or not valid?
	at org.springframework.expression.spel.ast.PropertyOrFieldReference.readProperty(PropertyOrFieldReference.java:229)
	at org.springframework.expression.spel.ast.PropertyOrFieldReference.getValueInternal(PropertyOrFieldReference.java:97)
	at org.springframework.expression.spel.ast.PropertyOrFieldReference.getValueInternal(PropertyOrFieldReference.java:84)
	at org.springframework.expression.spel.ast.CompoundExpression.getValueRef(CompoundExpression.java:51)
	at org.springframework.expression.spel.ast.CompoundExpression.getValueInternal(CompoundExpression.java:87)
	at org.springframework.expression.spel.ast.SpelNodeImpl.getTypedValue(SpelNodeImpl.java:132)
	at org.springframework.expression.spel.standard.SpelExpression.getValue(SpelExpression.java:297)
	at org.springframework.binding.expression.spel.SpringELExpression.getValue(SpringELExpression.java:84)
	... 67 more

Platform:

uPortal Version: uPortal 5.1
OS: (Arch) Linux
Browser: Firefox

Additional context
N/A

permission-set files exported from uP5 fail to re-import

Description

The permission-set files exported from recent uPortal versions (uP5+) do not re-import successfully.

Report

FAIL: permission-set - Authenticated_Users__ADD_TAB__UP_SYSTEM.permission-set.xml
--------------------------------------------------------------------------------
java.lang.IllegalArgumentException: Provided data <permission-set script="classpath://org/apereo/portal/io/import-permission_set_v5-0.crn"> has no registered importer or upgrader support: file:/home/drew/Projects/Apereo/portal/uPortal-start/export/permission-set/Authenticated_Users__ADD_TAB__UP_SYSTEM.permission-set.xml
	at org.apereo.portal.io.xml.JaxbPortalDataHandlerService.importOrUpgradeData(JaxbPortalDataHandlerService.java:839)
	at org.apereo.portal.io.xml.JaxbPortalDataHandlerService.importData(JaxbPortalDataHandlerService.java:726)
	at org.apereo.portal.io.xml.JaxbPortalDataHandlerService.importData(JaxbPortalDataHandlerService.java:759)
	at org.apereo.portal.io.xml.JaxbPortalDataHandlerService$1.callWithoutResult(JaxbPortalDataHandlerService.java:618)
	at org.apereo.portal.concurrency.CallableWithoutResult.call(CallableWithoutResult.java:24)
	at java.util.concurrent.FutureTask.run(FutureTask.java:266)
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
	at java.lang.Thread.run(Thread.java:748)

CSRF/method-mismatch issues in the Permissions Manager

Describe the bug

The Permissions Manager has some (portlet) links that user the wrong HTTP method.

To Reproduce
Steps to reproduce the behavior:

Admin Tools
Permissions Manager
Portlet Subscribing
Browse
Click 'edit' link in any row
Click 'Browse' in the breadcrumb

Error Message

HTTP Status 405 – Method Not Allowed
Type Status Report

Message Request method 'GET' not supported

Description The method received in the request-line is known by the origin server but not supported by the target resource.

Taming polyfills & web components across major browsers

Folks,

We have put a tremendous effort into introducing Web Components as a new standard for content objects in the portal. As expected, there has been a bit of a "learning curve" in this change.

But the time has come where we need to get a firm handle on what we doing. We need to be able to deliver working components -- reliably -- across supported browsers; and we need, furthermore, a component we deliver today still to function properly & look attractive 6, 9, 12 months down the road. (Spoiler: we're not there yet.)

Screenshots

Here are some screen captures of the current header content in uPortal-start/data/quickstart across 4 major browsers. None of them is 100% functional.

Chrome

Firefox

Edge

IE 11

A Good Plan, and Consensus

The most recent plan I am aware of is that (1) uPortal will include polyfills sufficient to take any browser to ES6 support, and (2) uPortal Ecosystem Web Components must "take it from there" if they need further polyfills, CSS applied, etc.

@ChristianMurphy @jgribonvald @cousquer @bjagg @jonathanmtran @leighgordy

Is this a good plan?

Can someone explain what I'm seeing in these screenshots? (I can make some time to pitch in with fixing.)

Remove the concept of a 'template user' in uPortal

Description

uP 2.0 (perhaps earlier) introduced the notion of a Template User: a fake user account upon which new accounts for real users would be based for their (1) group affiliations and (2) layout.

We don't need them anymore, because...

(1) Group affiliations are handled more elegantly by PAGS
(2) Layouts are handled more elegantly by DLM

There's a fair bit of really old code tied up in supporting them; we'd be better off removing it.

Occasional NPEs when RemoteCookieCheckController can't find a REFERER_ATTRIBUTE

The Bug

The RemoteCookieCheckController expects a referer that is supplied by RemoteCookieCheckFilter. Based on log files provided by adopters, it appears that sometimes that referer is not present.

I'm not sure what would cause that phenomenon -- or how to reproduce it --but the entries in the access logs look like this...

[...] "GET /uPortal/api/cookiecheck HTTP/1.1" 500 [...] https://cas-dev.someschool.edu/cas/login?service=https://portal-dev.someschool.edu/uPortal/Login

Perhaps we should add a default referer (like /uPortal) here:

https://github.com/Jasig/uPortal/blob/master/uPortal-api/uPortal-api-rest/src/main/java/org/apereo/portal/rest/RemoteCookieCheckController.java#L49

Stacktrace

27-Jul-2018 14:35:08.305 SEVERE [https-openssl-apr-9051-exec-6] org.apache.catalina.core.StandardWrapperValve.invoke Servlet.service() for servlet [MVCDispatcherServlet] in context with path [/uPortal] threw exception [Request processing failed; nested exception is java.lang.NullPointerException] with root cause 
java.lang.NullPointerException 
at java.util.regex.Matcher.getTextLength(Matcher.java:1283) 
at java.util.regex.Matcher.reset(Matcher.java:309) 
at java.util.regex.Matcher.<init>(Matcher.java:229) 
at java.util.regex.Pattern.matcher(Pattern.java:1093) 
at org.springframework.security.web.firewall.FirewalledResponse.sendRedirect(FirewalledResponse.java:22) 
at javax.servlet.http.HttpServletResponseWrapper.sendRedirect(HttpServletResponseWrapper.java:138) 
at org.springframework.security.web.context.SaveContextOnUpdateOrErrorResponseWrapper.sendRedirect(SaveContextOnUpdateOrErrorResponseWrapper.java:91) 
at javax.servlet.http.HttpServletResponseWrapper.sendRedirect(HttpServletResponseWrapper.java:138) 
at org.jasig.portal.rest.RemoteCookieCheckController.verifyCookiesEnabled(RemoteCookieCheckController.java:57) 
at sun.reflect.GeneratedMethodAccessor425.invoke(Unknown Source) 
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) 
at java.lang.reflect.Method.invoke(Method.java:498) 
at org.springframework.web.bind.annotation.support.HandlerMethodInvoker.invokeHandlerMethod(HandlerMethodInvoker.java:176) 
at org.springframework.web.servlet.mvc.annotation.AnnotationMethodHandlerAdapter.invokeHandlerMethod(AnnotationMethodHandlerAdapter.java:440) 
at org.springframework.web.servlet.mvc.annotation.AnnotationMethodHandlerAdapter.handle(AnnotationMethodHandlerAdapter.java:428) 
at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:919) 
at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:851) 
at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:953) 
at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:844) 
at javax.servlet.http.HttpServlet.service(HttpServlet.java:635) 
at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:829) 
at javax.servlet.http.HttpServlet.service(HttpServlet.java:742) 
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231) 
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) 
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:100) 
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:343) 
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:260) 
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) 
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) 
at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:88) 
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:106) 
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) 
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) 
at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) 
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) 
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) 
at org.springframework.web.filter.ShallowEtagHeaderFilter.doFilterInternal(ShallowEtagHeaderFilter.java:75) 
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:106) 
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) 
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) 
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330) 
at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:118) 
at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:84) 
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) 
at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:113) 
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) 
at org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:103) 
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) 
at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:113) 
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) 
at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:54) 
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) 
at org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:45) 
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) 
at org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilter(BasicAuthenticationFilter.java:150) 
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) 
at org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter.doFilter(DefaultLoginPageGeneratingFilter.java:91) 
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) 
at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:183) 
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) 
at org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter.doFilter(AbstractPreAuthenticatedProcessingFilter.java:94)
at org.jasig.portal.spring.security.preauth.PortalPreAuthenticatedProcessingFilter.doFilter(PortalPreAuthenticatedProcessingFilter.java:201) 
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) 
at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:105) 
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) 
at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:87) 
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) 
at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:192) 
at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:160) 
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:343) 
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:260) 
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) 
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) 
at org.jasig.portal.security.ThreadNamingRequestFilter.doFilterInternal(ThreadNamingRequestFilter.java:76) 
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:106) 
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:343) 
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:260) 
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) 
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) 
at org.springframework.orm.jpa.support.OpenEntityManagerInViewFilter.doFilterInternal(OpenEntityManagerInViewFilter.java:180) 
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:106) 
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) 
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) 
at org.jasig.portal.web.ExceptionLoggingFilter.doFilter(ExceptionLoggingFilter.java:56) 
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) 
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) 
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:198) 
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96) 
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:493) 
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:140) 
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81) 
at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:650) 
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87) 
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:342) 
at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:800) 
at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66) 
at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:800) 
at org.apache.tomcat.util.net.AprEndpoint$SocketProcessor.doRun(AprEndpoint.java:2380) 
at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) 
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) 
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) 
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) 
at java.lang.Thread.run(Thread.java:748)

Add Portlet Preference REST Controller

Is your feature request related to a problem? Please describe.
providing a way for web-components and soffits to store and retrieve preferences for users.

Describe the solution you'd like
Adding a REST controller to allow web-components and soffits to hit to get and store preferences like portlets do.

Describe alternatives you've considered
There are no alternates because web-components have no access to preferences and soffits only have limited access to get defaults

Additional context
Add any other context or screenshots about the feature request here.

Support session-less access to uPortal REST APIs based on the Authorization header (OIDC Id token)

Summary

uPortal 5.1 and above provides a /userinfo endpoint through which content objects may obtain an OAuth2/OIDC Id token from the portal. This token provides the identity, attributes, and group affiliations of the user, and it may be used to secure REST APIs.

The portal's own REST APIs, however, do not support this token. Currently there is no way to invoke the portal's APIs except by presenting a JSESSIONID cookie representing an authenticated browser session.

We need to change that -- we need to provide support for other types of clients (besides JavaScript running on the portal page) to access these APIs as an authenticated user. We need to support session-less access to uPortal REST APIs based on the portal-provided OIDC Id token in the Authorization header.

securing api's documentation code sample broken .anyRequest().permitAll();

In the code example in uPortal/docs/developer/soffits/securing_apis.md .anyRequest().permitAll(); should be .anyRequest().permitAll() (without the semi colon).

I cut and pasted the code into Intellij and I immediately assumed I was using the wrong library rather than a mistake with the syntax.

Upgrade jQuery to 1.12.4

jQuery 1.11.x includes a bug that causes issues for portlets that try to "sub" uPortal's jQuery. jquery/jquery-migrate#84

jQuery 1.12.x includes a fix for this bug (as well as performance improvements). There are no known breaking changes for this version of jQuery. https://blog.jquery.com/2016/01/08/jquery-2-2-and-1-12-released/

z-index cleaning requested

Is your feature request related to a problem? Please describe.
When integrating web-components that overlap some part of the UI I'm facing to some undesirable z-index, and I thing somes are abusive. And so I need sometimes to up my z-index value from code, or to override it to the uPortal defaultSkin. (somes are up to 1000, 900, 800)

Describe the solution you'd like
Some cleaning would be appreciated, and when a such css property is added a comment justifying it should be mandatory (something that say: we need it to overlap this css - css property + css file and line)

Guest user occasionally receives a portal page without a skin when using the dynamic-respondr-skin portlet

Describe the bug

Occasionally (but typically uncommonly) unauthenticated users will start receiving a portal page that does not include the dynamic-respondr-skin portlet and therefore has no skin. The affected page is completely unusable.

This issue has been encountered by several, and has been discussed more than once on the uportal-user list: https://groups.google.com/a/apereo.org/forum/#!topic/uportal-user/JBy0Mp7YvG0

The issue stems from the ThemeNameEqualsIgnoreCaseTester. This PAGS tester requires an active HttpServletRequest to function, otherwise it always returns false (i.e. the user is not a member of the group). The problem is that this tester can be invoked within the Event Aggregation processes, which happen on a worker (non-request) thread.

In a typical data set (since the portlet was introduced), users receive the dynamic-respondr-skin portlet by virtue of their membership in the Respondr Theme Users group -- a PAGS group based on the ThemeNameEqualsIgnoreCaseTester.

Membership evaluations are cached in the portal. When a test for membership in the Respondr Theme Users group for the guest user returns false, that result will be cached for a period. During that period, real guest users will not receive the dynamic-respondr-skin portlet.

How To Fix

Clearly the ThemeNameEqualsIgnoreCaseTester has issues, and (furthermore) we don't need it the way we did when it was introduced. (The Universality theme has been removed.) We should deprecate it, remove all usages of it from data sets in uPortal-start, and publish the solution in the released notes.

Deprecated code on jsTree.js

Describe the bug
Incomming problem with jsTree lib, it won't work anymore on google chrome from around march 2019.
See trace from the browser console:

Stacktrace
[Deprecation] document.registerElement is deprecated and will be removed in M73, around March 2019. Please use window.customElements.define instead. See https://www.chromestatus.com/features/4642138092470272 for more details.

Platform:

uPortal Version: All having jsTree
Browser : Chrome Version 70.0.3538.67 (Build officiel) (64 bits)

Additional context
It's only to put a warning on this incoming problem !

Create a Direct URL item for the Portlet Options menu

There is a desire to have the Portlet Options menu support a 'Direct URL' action.

When a user clicks on the 'Direct URL' action, a modal dialog should popup with the full URL.

If time, having a 'copy to clipboard' button in the dialog would be nice.

PAGS ValueMissingTester throws ClassCastException for any non-String value

Describe the bug

In ancient times user attributes always had to be Strings. That hasn't been the case for a long time, but the ValueMissingTester missed the memo.

To Reproduce

    <test-group>
      <test>
        <attribute-name>communicationPreferencesLastUpdateMillis</attribute-name>
        <tester-class>org.apereo.portal.groups.pags.testers.ValueMissingTester</tester-class>
        <test-value></test-value>
      </test>
    </test-group>

Stack Trace

ERROR [uP-PortletExec-82-admin-RENDER-[user-administration]] o.a.p.g.p.d.EntityPersonAttributesGroupStore 2018-07-10 18:14:30,180 - Exception acquiring attributes for member EntityImpl (org.apereo.portal.security.IPerson) student while checking if group EntityGroupImpl (pags.Must Update Communication Preferences) Must Update Communication Preferences contains this member.
java.lang.ClassCastException: java.lang.Long cannot be cast to java.lang.String
	at org.apereo.portal.groups.pags.testers.ValueMissingTester.test(ValueMissingTester.java:43)
	at org.apereo.portal.groups.pags.TestGroup.test(TestGroup.java:36)
	at org.apereo.portal.groups.pags.PagsGroup.test(PagsGroup.java:79)
	at org.apereo.portal.groups.pags.PagsGroup.contains(PagsGroup.java:72)
	at org.apereo.portal.groups.pags.dao.EntityPersonAttributesGroupStore.contains(EntityPersonAttributesGroupStore.java:145)
	at org.apereo.portal.groups.pags.dao.EntityPersonAttributesGroupStore.findParentGroupsForEntity(EntityPersonAttributesGroupStore.java:257)
	at org.apereo.portal.groups.pags.dao.EntityPersonAttributesGroupStore.findParentGroups(EntityPersonAttributesGroupStore.java:236)
	at org.apereo.portal.groups.ReferenceIndividualGroupService.findParentGroups(ReferenceIndividualGroupService.java:178)
	at org.apereo.portal.groups.ReferenceCompositeGroupService.findParentGroups(ReferenceCompositeGroupService.java:59)
	at org.apereo.portal.groups.GroupMemberImpl.buildParentGroupsSet(GroupMemberImpl.java:105)
	at org.apereo.portal.groups.GroupMemberImpl.getParentGroups(GroupMemberImpl.java:90)
	at org.apereo.portal.groups.GroupMemberImpl.isMemberOf(GroupMemberImpl.java:155)
	at org.apereo.portal.groups.GroupMemberImpl.isDeepMemberOf(GroupMemberImpl.java:138)
	at org.apereo.portal.groups.pags.testers.AdHocGroupTester.test(AdHocGroupTester.java:104)
	at org.apereo.portal.groups.pags.TestGroup.test(TestGroup.java:36)
	at org.apereo.portal.groups.pags.PagsGroup.test(PagsGroup.java:79)
	at org.apereo.portal.groups.pags.PagsGroup.contains(PagsGroup.java:72)
	at org.apereo.portal.groups.pags.dao.EntityPersonAttributesGroupStore.contains(EntityPersonAttributesGroupStore.java:145)
	at org.apereo.portal.groups.pags.dao.EntityPersonAttributesGroupStore.findParentGroupsForEntity(EntityPersonAttributesGroupStore.java:257)
	at org.apereo.portal.groups.pags.dao.EntityPersonAttributesGroupStore.findParentGroups(EntityPersonAttributesGroupStore.java:236)
	at org.apereo.portal.groups.ReferenceIndividualGroupService.findParentGroups(ReferenceIndividualGroupService.java:178)
	at org.apereo.portal.groups.ReferenceCompositeGroupService.findParentGroups(ReferenceCompositeGroupService.java:59)
	at org.apereo.portal.groups.GroupMemberImpl.buildParentGroupsSet(GroupMemberImpl.java:105)
	at org.apereo.portal.groups.GroupMemberImpl.getParentGroups(GroupMemberImpl.java:90)
	at org.apereo.portal.groups.GroupMemberImpl.primGetAncestorGroups(GroupMemberImpl.java:175)
	at org.apereo.portal.groups.GroupMemberImpl.getAncestorGroups(GroupMemberImpl.java:74)
	at org.apereo.portal.portlets.account.UserAccountHelper.getParentGroups(UserAccountHelper.java:184)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:498)
	at org.springframework.expression.spel.support.ReflectiveMethodExecutor.execute(ReflectiveMethodExecutor.java:117)
	at org.springframework.expression.spel.ast.MethodReference.getValueInternal(MethodReference.java:134)
	at org.springframework.expression.spel.ast.MethodReference.access$000(MethodReference.java:52)
	at org.springframework.expression.spel.ast.MethodReference$MethodValueRef.getValue(MethodReference.java:377)
	at org.springframework.expression.spel.ast.CompoundExpression.getValueInternal(CompoundExpression.java:88)
	at org.springframework.expression.spel.ast.SpelNodeImpl.getTypedValue(SpelNodeImpl.java:132)
	at org.springframework.expression.spel.standard.SpelExpression.getValue(SpelExpression.java:297)
	at org.springframework.binding.expression.spel.SpringELExpression.getValue(SpringELExpression.java:84)
	at org.springframework.webflow.action.SetAction.doExecute(SetAction.java:55)
	at org.springframework.webflow.action.AbstractAction.execute(AbstractAction.java:188)
	at org.springframework.webflow.execution.AnnotatedAction.execute(AnnotatedAction.java:145)
	at org.springframework.webflow.execution.ActionExecutor.execute(ActionExecutor.java:51)
	at org.springframework.webflow.engine.ActionList.execute(ActionList.java:154)
	at org.springframework.webflow.engine.State.enter(State.java:193)
	at org.springframework.webflow.engine.Transition.execute(Transition.java:228)
	at org.springframework.webflow.engine.impl.FlowExecutionImpl.execute(FlowExecutionImpl.java:395)
	at org.springframework.webflow.engine.impl.RequestControlContextImpl.execute(RequestControlContextImpl.java:214)
	at org.springframework.webflow.engine.TransitionableState.handleEvent(TransitionableState.java:116)
	at org.springframework.webflow.engine.SubflowState.handleEvent(SubflowState.java:116)
	at org.springframework.webflow.engine.Flow.handleEvent(Flow.java:547)
	at org.springframework.webflow.engine.impl.FlowExecutionImpl.handleEvent(FlowExecutionImpl.java:390)
	at org.springframework.webflow.engine.impl.RequestControlContextImpl.handleEvent(RequestControlContextImpl.java:210)
	at org.springframework.webflow.engine.impl.FlowExecutionImpl.endActiveFlowSession(FlowExecutionImpl.java:414)
	at org.springframework.webflow.engine.impl.RequestControlContextImpl.endActiveFlowSession(RequestControlContextImpl.java:238)
	at org.springframework.webflow.engine.EndState.doEnter(EndState.java:107)
	at org.springframework.webflow.engine.State.enter(State.java:194)
	at org.springframework.webflow.engine.Transition.execute(Transition.java:228)
	at org.springframework.webflow.engine.impl.FlowExecutionImpl.execute(FlowExecutionImpl.java:395)
	at org.springframework.webflow.engine.impl.RequestControlContextImpl.execute(RequestControlContextImpl.java:214)
	at org.springframework.webflow.engine.TransitionableState.handleEvent(TransitionableState.java:116)
	at org.springframework.webflow.engine.Flow.handleEvent(Flow.java:547)
	at org.springframework.webflow.engine.impl.FlowExecutionImpl.handleEvent(FlowExecutionImpl.java:390)
	at org.springframework.webflow.engine.impl.RequestControlContextImpl.handleEvent(RequestControlContextImpl.java:210)
	at org.springframework.webflow.engine.ActionState.doEnter(ActionState.java:105)
	at org.springframework.webflow.engine.State.enter(State.java:194)
	at org.springframework.webflow.engine.Transition.execute(Transition.java:228)
	at org.springframework.webflow.engine.impl.FlowExecutionImpl.execute(FlowExecutionImpl.java:395)
	at org.springframework.webflow.engine.impl.RequestControlContextImpl.execute(RequestControlContextImpl.java:214)
	at org.springframework.webflow.engine.TransitionableState.handleEvent(TransitionableState.java:116)
	at org.springframework.webflow.engine.Flow.handleEvent(Flow.java:547)
	at org.springframework.webflow.engine.impl.FlowExecutionImpl.handleEvent(FlowExecutionImpl.java:390)
	at org.springframework.webflow.engine.impl.RequestControlContextImpl.handleEvent(RequestControlContextImpl.java:210)
	at org.springframework.webflow.engine.ViewState.handleEvent(ViewState.java:231)
	at org.springframework.webflow.engine.ViewState.resume(ViewState.java:195)
	at org.springframework.webflow.engine.Flow.resume(Flow.java:537)
	at org.springframework.webflow.engine.impl.FlowExecutionImpl.resume(FlowExecutionImpl.java:259)
	at org.springframework.webflow.executor.FlowExecutorImpl.resumeExecution(FlowExecutorImpl.java:169)
	at org.springframework.webflow.mvc.portlet.FlowHandlerAdapter.resumeFlowRender(FlowHandlerAdapter.java:299)
	at org.springframework.webflow.mvc.portlet.FlowHandlerAdapter.handleRender(FlowHandlerAdapter.java:128)
	at org.springframework.web.portlet.DispatcherPortlet.doRenderService(DispatcherPortlet.java:764)
	at org.springframework.web.portlet.FrameworkPortlet.processRequest(FrameworkPortlet.java:537)
	at org.springframework.web.portlet.FrameworkPortlet.doDispatch(FrameworkPortlet.java:483)
	at javax.portlet.GenericPortlet.render(GenericPortlet.java:251)
	at org.apereo.portal.portlet.container.FilterChainImpl.doFilter(FilterChainImpl.java:179)
	at org.apereo.portal.portlet.container.FilterChainImpl.processFilter(FilterChainImpl.java:95)
	at org.apereo.portal.portlet.container.FilterManagerImpl.processFilter(FilterManagerImpl.java:114)
	at org.apache.pluto.container.driver.PortletServlet.dispatch(PortletServlet.java:340)
	at org.apache.pluto.container.driver.PortletServlet.doGet(PortletServlet.java:261)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:635)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:742)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
	at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:728)
	at org.apache.catalina.core.ApplicationDispatcher.doInclude(ApplicationDispatcher.java:591)
	at org.apache.catalina.core.ApplicationDispatcher.include(ApplicationDispatcher.java:527)
	at org.apache.pluto.driver.container.DefaultPortletInvokerService.invoke(DefaultPortletInvokerService.java:233)
	at org.apache.pluto.driver.container.DefaultPortletInvokerService.render(DefaultPortletInvokerService.java:117)
	at sun.reflect.GeneratedMethodAccessor371.invoke(Unknown Source)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:498)
	at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:333)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:190)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:157)
	at org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:92)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)
	at org.springframework.aop.aspectj.MethodInvocationProceedingJoinPoint.proceed(MethodInvocationProceedingJoinPoint.java:84)
	at org.apereo.portal.portlet.dao.jpa.ThreadContextClassLoaderAspect.doThreadContextClassLoaderUpdate(ThreadContextClassLoaderAspect.java:63)
	at sun.reflect.GeneratedMethodAccessor215.invoke(Unknown Source)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:498)
	at org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethodWithGivenArgs(AbstractAspectJAdvice.java:627)
	at org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethod(AbstractAspectJAdvice.java:616)
	at org.springframework.aop.aspectj.AspectJAroundAdvice.invoke(AspectJAroundAdvice.java:70)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)
	at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:213)
	at com.sun.proxy.$Proxy474.render(Unknown Source)
	at org.apache.pluto.container.impl.PortletContainerImpl.doRender(PortletContainerImpl.java:157)
	at org.apereo.portal.portlet.rendering.PortletRendererImpl.doRender(PortletRendererImpl.java:456)
	at org.apereo.portal.portlet.rendering.PortletRendererImpl.doRenderMarkup(PortletRendererImpl.java:275)
	at org.apereo.portal.portlet.rendering.worker.PortletRenderExecutionWorker.callInternal(PortletRenderExecutionWorker.java:69)
	at org.apereo.portal.portlet.rendering.worker.PortletRenderExecutionWorker.callInternal(PortletRenderExecutionWorker.java:33)
	at org.apereo.portal.portlet.rendering.worker.PortletExecutionWorker$1.call(PortletExecutionWorker.java:185)
	at org.apereo.portal.portlet.rendering.worker.PortletExecutionWorker$ExecutionLifecycleCallable.call(PortletExecutionWorker.java:225)
	at org.apereo.portal.portlet.rendering.worker.PortletExecutionCallable.call(PortletExecutionCallable.java:113)
	at java.util.concurrent.FutureTask.run(FutureTask.java:266)
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
	at java.lang.Thread.run(Thread.java:748)

Property 'cas.enable.redirect.guest.to.login' not working because of _CURRENT_SERVER_NAME_ token

Description

The new support for multiple CAS servers breaks the cas.enable.redirect.guest.to.login property.

Some configs (currently)...

portal.protocol.server.context=${portal.protocol}://_CURRENT_SERVER_NAME_${portal.context}
[...]
portal.login.url=${portal.protocol.server.context}/Login
[...]
org.apereo.portal.channels.CLogin.CasLoginUrl=${cas.protocol.server.context}/login?service=${portal.login.url}

To Reproduce

Set cas.enable.redirect.guest.to.login=true.

Deep memberOf in SmartLDAP is broken

Describe the bug
SmartLDAP configuration supports loading a tree of groups. Members of child groups outside the base group DN were not honored.

To Reproduce
Steps to reproduce the behavior:

Set up an LDAP service with memberOf module and optionally logging
Configure a group with member group that has a member group that has 'student' as a member, for example:

dn: uid=student,ou=People,dc=apereo,dc=org
objectClass: inetOrgPerson
objectClass: eduPerson
uid: student
givenName: Steve
sn: Smith
cn: Steve Smith
displayName: Steven Smith
mail: [email protected]
telephoneNumber: (800) 555-1234
eduPersonPrimaryAffiliation: student
ou: People

dn: cn=Sub Sub Special Students,ou=Groups2,dc=apereo,dc=org
objectClass: groupOfNames
cn: Sub Sub Special Students
member: uid=student,ou=People,dc=apereo,dc=org

dn: cn=Sub Special Students,ou=Groups,dc=apereo,dc=org
objectClass: groupOfNames
cn: Sub Special Students
member: cn=Sub Sub Special Students,ou=Groups2,dc=apereo,dc=org

dn: cn=Special Students,ou=Groups,dc=apereo,dc=org
objectClass: groupOfNames
cn: Special Students
member: cn=Sub Special Students,ou=Groups,dc=apereo,dc=org

May need to run ldapmodify to add memberOf values that are the inverse of member, for example:

dn: uid=student,ou=People,dc=apereo,dc=org
changetype: modify
replace: memberOf
memberOf: cn=Sub Sub Special Students,ou=Groups2,dc=apereo,dc=org

Configure uPortal-start to use PR SNAPSHOT of uPortal in gradle.properties

uPortalVersion=5.3.3-SNAPSHOT

Configure uPortal-start to use this LDAP via uPortal.properties

ldap.defaultLdapContext.url=ldap://localhost:389/
ldap.defaultLdapContext.baseDn=ou=People,dc=apereo,dc=org
ldap.defaultLdapContext.user=cn=admin,dc=apereo,dc=org
ldap.defaultLdapContext.password=*****
ldap.smartLdapContext.url=ldap://localhost:389/
ldap.smartLdapContext.baseDn=dc=apereo,dc=org
ldap.smartLdapContext.user=cn=admin,dc=apereo,dc=org
ldap.smartLdapContext.password=*****

Configure uPortal-start with uPortal override overlays/uPortal/src/main/resources/logback.xml with:

<logger name="org.apereo.portal.groups.smartldap" additivity="false" level="DEBUG">
  <appender-ref ref="PORTAL"/>
</logger>
<logger name="org.apereo.portal.groups.ldap" additivity="false" level="DEBUG">
  <appender-ref ref="PORTAL"/>
</logger>

Add overlays/uPortal/src/main/resources/properties/groups/compositeGroupServices.xml from uPortal repo, un-commenting the smartldap service
Add a uPortalLdapAttributeSource bean in overridesContext.xml that uses LDAP to get memberOf values for test uses, like student.
Add smartLdapGroupStore , smartLdapContext and smartLdapContext_target to overridesContext.xml, for example:

<bean id="smartLdapGroupStore" class="org.apereo.portal.groups.smartldap.SmartLdapGroupStore" lazy-init="false" depends-on="smartLdapContext">

  <!--
   | This property is the ContextSource instance that will be used to connect to LDAP.  Uncomment the
   | following to use the LDAP settings in ldapContext.xml for user attributes, or supply your own.
   +-->
  <!--
  -->
  <property name="ldapContext" ref="smartLdapContext"/>

  <!--
   | This property identifies the name of the Person Attribute that
   | lists the SmartLdap groups each person is a member of.
   +-->
  <property name="memberOfAttributeName" value="memberOf"/>

  <!--
   | BaseDn that will be passed to the search (not to the context).
   |
   | WARNING:  If you get an error like this...
   |   ...PartialResultException: [LDAP: error code 10...
   | it probably means your baseGroupDn isn't correct!
   +-->
  <property name="baseGroupDn" value="ou=Groups"/>

  <!--
   | This parameter is used to extract the id path of the groups
   | from their dn. The id path is expected to be catched from the first group
   | of the regex.
  <property name="childGroupKeyRegex" value="cn=(.*),ou=Groups,dc=apereo,dc=org"/>
  <property name="childGroupKeyRegex" value="cn=(.*),ou=.*,dc=apereo,dc=org"/>
   +-->

  <!--
   | This parameter is used to avoid performance problems with large people's members groups
   | on groups manager. Default value is false, so comment to disable.
   +-->
  <!--
  -->
  <property name="displayPersonMembers" value="true" />
  <!--
   | Group Tree Separator is used to set the char that is used to compose
   | Group Id in grouper that represent each tree paths.
   | Override it if the default value ":" doesn't match
  -->
  <!--<property name="groupTreeSeparator" value=":" />-->

  <!--
   | LDAP query string that will be passed to the search.
   +-->
  <property name="filter" value="(objectClass=groupOfNames)"/>

  <!--
   | Period, in seconds, after which SmartLdap will drop and re-init the groups
   | tree.  A value of zero or less (negative) disables this feature.
   +-->
  <property name="groupsTreeRefreshIntervalSeconds" value="900"/>

  <!--
   | These next 2 properties tell smartLdap whether to gather additional groups that
   | are members of groups returned by the first baseGroupDn and filter, and where to
   | look if so.
   |
   |   - resolveMemberGroups=[true|false]
   |   - resolveDn={a different, broader baseGroupDn than the one above}
   |
   | Here's how it works:  smartLdap will first collect all groups under the
   | baseGroupDn specified above.  If 'resolveMemberGroups' is enabled, it will
   | also search for additional groups (found within the 'resolveDn' specified
   | here) that are members of groups in the first collection.
   +-->
  <property name="resolveMemberGroups" value="true"/>
  <property name="resolveDn" value="ou=Groups2"/><!--Used with resolveMemberGroups -->

  <!--
   | This property identifies the org.springframework.ldap.core.AttributesMapper
   | implementation used in reading the groups records from LDAP.
   +-->
  <property name="attributesMapper">
    <bean id="attributesMapper" class="org.apereo.portal.groups.smartldap.SimpleAttributesMapper">
      <!--
       | Name of the group attribute that tells you its key.
       +-->
      <property name="keyAttributeName">
        <value>seeAlso</value>
      </property>
      <!--
       | Name of the group attribute that tells you its name.
       +-->
      <property name="groupNameAttributeName">
        <value>cn</value>
      </property>
      <!--
       | Name of the group attribute that lists its members.
       +-->
      <property name="membershipAttributeName">
        <value>member</value>
      </property>
    </bean>
  </property>
</bean>
<bean id="smartLdapContext" class="org.springframework.ldap.pool.factory.PoolingContextSource">
  <property name="contextSource" ref="smartLdapContext_target"/>
  <property name="dirContextValidator">
    <bean class="org.springframework.ldap.pool.validation.DefaultDirContextValidator">
      <property name="searchControls">
        <bean class="javax.naming.directory.SearchControls">
          <property name="searchScope"><util:constant static-field="javax.naming.directory.SearchControls.SUBTREE_SCOPE" /></property>
          <property name="countLimit" value="1" />
          <property name="returningAttributes"><list><value>objectclass</value></list></property>
          <property name="timeLimit" value="500" />
        </bean>
      </property>
    </bean>
  </property>
  <property name="minIdle" value="${ldap.defaultLdapContext.pool.minIdle:1}" />
  <property name="maxActive" value="${ldap.defaultLdapContext.pool.maxActive:32}" />
  <property name="maxIdle" value="${ldap.defaultLdapContext.pool.maxIdle:32}" />
  <property name="maxWait" value="${ldap.defaultLdapContext.pool.maxWait:1000}"/>
  <property name="testOnBorrow" value="${ldap.defaultLdapContext.pool.testOnBorrow:true}"/>
  <property name="testWhileIdle" value="${ldap.defaultLdapContext.pool.testWhileIdle:true}"/>
  <property name="timeBetweenEvictionRunsMillis" value="${ldap.defaultLdapContext.pool.timeBetweenEvictionRunsMillis:120000}"/>
  <property name="minEvictableIdleTimeMillis" value="${ldap.defaultLdapContext.pool.minEvictableIdleTimeMillis:900000}"/>
  <property name="numTestsPerEvictionRun" value="${ldap.defaultLdapContext.pool.numTestsPerEvictionRun:6}"/>
</bean>

<bean id="smartLdapContext_target" class="org.springframework.ldap.core.support.LdapContextSource">
  <property name="url" value="${ldap.smartLdapContext.url:}"/>
  <property name="base" value="${ldap.smartLdapContext.baseDn:}"/>
  <property name="userDn" value="${ldap.smartLdapContext.user:}"/>
  <property name="password" value="${ldap.smartLdapContext.password:}"/>
  <property name="pooled" value="${ldap.smartLdapContext.pooled:false}"/>
</bean>

Expected behavior
Student should be a member of all three groups. This can be confirmed as Admin by reviewing user details in User Administration Portlet.

Screenshots
Expected results

update skinning documentation

Describe the bug
Skinning guide refers to files and paths that don't exist in uPortal 5

To Reproduce
Steps to reproduce the behavior:

Visit https://github.com/Jasig/uPortal/blob/master/docs/implement/frontend/SKINNING_UPORTAL.md

Expected behavior
Documentation should include information on new gradle task and files.

Platform:

uPortal Version: uPortal 5.0+

Portlet Administrator UI modify properties with wrong charset

Describe the bug

The UI doesn't save portlet information with the good charset see animated gif from @ChristianMurphy bellow (reproduction test).
The problems is only in the UI as XML files doesn't have this problem. Also this problem didn't exist before, at least in uP4.3.

To Reproduce

Expected behavior
Saving with UI cause bad charset encoding on UTF-8 chars like [é à ...]

Platform:

uPortal Version: uPortal 5.2.2
Browser: Chrome, Firefox

Google Custom Search support is out of date

Describe the bug
Google has changes the parameters and required values for CSE and API usage. The uPortal implementation needs to be updated to comply with the latest version.

To Reproduce
Steps to reproduce the behavior:

Configure GSE support by providing a searchServices list bean in uPortal override context:

    <util:list id="searchServices">
        <bean class="org.apereo.portal.portlets.search.google.GoogleCustomSearchService">
            <property name="customSearchId" value="" />
        </bean>
        <bean class="org.apereo.portal.portlet.marketplace.MarketplaceSearchService" />
    </util:list>

Set customSearchId to your "cx" value for GSE.
Deploy and start portal.
Visit portal and search for non-portal content that is in GSE.

Expected behavior

uPortal should provide results from GSE with the given cx of customSearchId.

The 'RequestRenderingPipelineUtilsImpl' bean is defined in a servlet (child) context, but may be referenced in the parent context

Describe the bug

The RequestRenderingPipelineUtilsImpl is picked up by component-scan in the renderingServletContext.xml, which defines beans for the rendering servlet (child) context in Spring.

This bean is not picked up by component-scan in the parent context due to the rules defined here: https://github.com/Jasig/uPortal/blob/master/uPortal-webapp/src/main/resources/properties/contexts/applicationContext.xml#L35

The issue is that the bean is referenced via @Autowire in (at a minimum) the RenderOnWebFlagSetPredicate, which is commonly used to configure the Rendering Pipeline for alternative front-ends like uPortal-home & myed-progressive.

This combination of factors produces a BeanCreationException:

Stacktrace

Exception in thread "main" org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.filterChains': Cannot resolve reference to bean 'org.springframework.security.web.DefaultSecurityFilterChai
n#0' while setting bean property 'sourceList' with key [0]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.web.DefaultSecurityFilterChain#0': Cannot resolve reference to be
an 'portalPreAuthenticationFilter' while setting constructor argument with key [5]; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'portalPreAuthenticationFilter': Unsatisfied dependency expres
sed through method 'setIdentitySwapperManager' parameter 0; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'identitySwapperManager': Unsatisfied dependency expressed through method 'setAuthoriz
ationService' parameter 0; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'authorizationService': Unsatisfied dependency expressed through field 'targetProviderRegistry'; nested exception is or
g.springframework.beans.factory.BeanCreationException: Error creating bean with name 'permissionTargetProviderRegistry' defined in file [C:\Workspace\uportal5\vanilla\uPortal-start\.gradle\tomcat\webapps\uPortal\WEB-INF\classes\properties\contexts\servicesContex
t.xml]: Cannot create inner bean 'org.apereo.portal.permission.target.PortalDataTypeTargetProviderImpl#6d7c8a2' of type [org.apereo.portal.permission.target.PortalDataTypeTargetProviderImpl] while setting bean property 'providers' with key [TypedStringValue: val
ue [portalDataTypeTargetProvider], target type [null]]; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'org.apereo.portal.permission.target.PortalDataTypeTargetProviderImpl#6d7c8a2': Unsatisfie
d dependency expressed through field 'portalDataHandlerService'; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'portalDataHandlerService': Unsatisfied dependency expressed through method 'setX
mlUtilities' parameter 0; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'xmlUtilitiesImpl': Unsatisfied dependency expressed through method 'setCachingResourceLoader' parameter 0; nested excep
tion is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'cachingResourceLoaderImpl': Unsatisfied dependency expressed through method 'setResourcesElementsProvider' parameter 0; nested exception is org.springframewo
rk.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'renderingPipelineConfiguration': Unsatisfied dependency expressed through field 'branchPoints'; nested exception is org.springframework.beans.factory.BeanCreationException: Error cre
ating bean with name 'maybeRedirectToExclusive' defined in file [C:\Workspace\uportal5\vanilla\uPortal-start\.gradle\tomcat\webapps\uPortal\WEB-INF\classes\properties\contextOverrides\overridesContext.xml]: Cannot create inner bean 'java.util.function.Predicate#
5effc15d' of type [java.util.function.Predicate] while setting bean property 'predicate'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'java.util.function.Predicate#5effc15d' defined in file [C:\Works
pace\uportal5\vanilla\uPortal-start\.gradle\tomcat\webapps\uPortal\WEB-INF\classes\properties\contextOverrides\overridesContext.xml]: Cannot create inner bean 'java.util.function.Predicate#60666985' of type [java.util.function.Predicate] while setting constructo
r argument; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'java.util.function.Predicate#60666985' defined in file [C:\Workspace\uportal5\vanilla\uPortal-start\.gradle\tomcat\webapps\uPortal\WEB-INF\cla
sses\properties\contextOverrides\overridesContext.xml]: Cannot create inner bean 'org.apereo.portal.rendering.predicates.RenderOnWebFlagSetPredicate#2f6fcc70' of type [org.apereo.portal.rendering.predicates.RenderOnWebFlagSetPredicate] while setting constructor
argument; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'org.apereo.portal.rendering.predicates.RenderOnWebFlagSetPredicate#2f6fcc70': Unsatisfied dependency expressed through method 'setUtils
' parameter 0; nested exception is org.springframework.beans.factory.NoSuchBeanDefinitionException: No qualifying bean of type 'org.apereo.portal.rendering.RequestRenderingPipelineUtils' available: expected at least 1 bean which qualifies as autowire candidate.

Accessibility issue -- skipnav includes role='button' (but shouldn't?)

Describe the bug

This item was reported by a long-standing uPortal community institution that performed an accessibility audit:

Skip link includes role="button" but shouldn't (semantically not a button); https://github.com/Jasig/uPortal/blob/master/uPortal-webapp/src/main/resources/layout/theme/respondr/navigation.xsl#L375

Thoughts @ChristianMurphy, @cousquer, @asgrant, @jgribonvald?

A "health check" endpoint to enable deploying on cloud servers

Is your feature request related to a problem? Please describe.
To deploy to cloud servers, for example Amazon Web Services (AWS), a load balancer requires an endpoint on the application server that it can ping at regular intervals.

Describe the solution you'd like
As a developer and administrator, I want a simple health check endpoint, for example /uPortal/health-check, that I can provide to an AWS load balancer that it can ping every few seconds. It should be outside the uPortal security filters and other filter chains so it returns a result quickly and isn't dependent on authentication or authorization. It should just respond to HTTP GET requests and return an HTTP 200 status (OK), nothing else.

Describe alternatives you've considered
I considered using an existing uPortal REST API endpoint like the /api/session.json which returns a result with HTTP 200 status even if not logged in. Unfortunately, because it returns JSON, it's much more complicated to configure with the load balancer. More importantly, because it's in a filter chain, several other things must get loaded before it returns a result, which can take a lot of time (10 seconds or more) on the first ping. I tried this and the load balancer never achieved a "healthy" status because of the amount of time it took for that first ping. For these reasons, a simple JSP page would also be impractical. I looked at the health check strategy for the approved Docker container in the uPortal-start project but it would not work for this.

Additional context
I'm only familiar with AWS, but a health check is a common need for load balancers in general. It seems this would be beneficial for others who want to deploy a cluster of Tomcat servers running uPortal, hosted on their own servers or on cloud servers. The health check facilitates automatically spinning up new servers if there is a problem with an existing one, simplifying administration of the servers.

unable to load sitemap on max rendering

Describe the bug
The sitemap return an error when accessing to a portlet in maximized rendering

To Reproduce
Steps to reproduce the behavior:

Go to a portlet, like portlet Amdinitration
See error at the bottom unable to load sitemap

Stacktrace
here is the console.log

Unable to load sitemap. ReferenceError: pathCeck is not defined
    at render.uP:855
    at aY (lodash.min.js:1)
    at Function.mh (lodash.min.js:6)
    at sitemapJsonCheck (render.uP:853)
    at render.uP:896
    at aY (lodash.min.js:1)
    at Function.mh (lodash.min.js:6)
    at render.uP:895
    at aY (lodash.min.js:1)
    at Function.mh (lodash.min.js:6)

I think it's more a misspelling than ohter thing

Platform:

uPortal Version: 5.x (Not tested with 5.2)
Browser: Chrome and Firefox

Lower-case IDs in fragments are not processed, causing subtle layout errors

Describe the bug
Channel and folder entries in fragment-layouts will not have ID values persisted to database tables if they are lower-case. This causes subtle errors as the portlet/folder entry is still created and somehow used.

To Reproduce
Steps to reproduce the behavior:

Load Quickstart dataset with a fragment layout where folder/channel IDs are changed to lower case
Build, deploy and test uPortal
Check logs for errors related to layouts

Again, this issue is hard to track as it has affected "channels" and folders adjacent to ones with lowercase IDs rather than those seemingly involved with errors.

Expected behavior
Fail loading of data files where ID is lowercase.

Platform:

uPortal Version: uPortal 4.3, uPortal 5.1

Additional context
See https://github.com/Jasig/uPortal-start/blob/master/data/quickstart/fragment-layout/all-lo.fragment-layout.xml#L48

The 'systemPropertySetter' bean sets standard hibernate settings as system properties that may interfere with other webapps

Describe the bug

With a recent update to the jGroups dependency, we changed the way jGroups is configured to make it more compatible with Spring and uPortal generally. The DB connection info referenced in jgroups.xml becomes system properties (one of the few things jgroups.xml can read) when the app context starts. We used the standard names for these properties, e.g. hibernate.connection.driver_class, etc.

But system properties are JVM-wide. Within Tomcat, there may be other webapps that really don't want the standard Hibernate connection settings configured in System properties (which Hibernate may attempt to use by default.) In particular, these settings wreak havoc with Spring Boot 2.

We should change the names from hibernate.connection.* to jgroups.connection.*.

Where to fix

5.2.x
5.3.x

Support Gradle 5+

Is your feature request related to a problem? Please describe.

Gradle 5 adds support for Java 11 LTS.
Getting Gradle 5+ supported will unblock uPortal's path toward adopting Java 11 LTS.

Describe the solution you'd like
Build system that remains as close to the current setup as possible, but with Gradle 5.

Describe alternatives you've considered
Trying to run use Java 8 to run Gradle, and have Gradle try to compile with a separate JDK 11.

Additional context
This could then be merged into the ongoing #1007 work.

Implement an example config to disable JGroups

Adopters would like to disable JGroups with minimal effort.

The plan is to create an example file alongside /uPortal-webapp/src/main/resources/properties/jgroups.xml (jgroups.xml.disable) that will turn off all JGroups features in uPortal, and then another ticket in uPortal-start with documentation on how use that file to disable JGroups.

Action Required: Fix Renovate Configuration

There is an error with this repository's Renovate configuration that needs to be fixed. As a precaution, Renovate will stop PRs until it is resolved.

File: renovate.json
Error type: Invalid JSON (parsing failed)
Message: Syntax error near }, ] }

Login failure with uPortal 5.3.0 + CAS

Describe the bug

Upgrading to uPortal 5.3.0, I'm unable to successfully log in using CAS authentication

Using the bundled CAS with uPortal-start, I increased the logging level and saw the following

<cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'>
        <cas:authenticationFailure code='INVALID_SERVICE'>
                ticket &#039;ST-1-JTrOtMpLdXOFzIcfnp7J-cas01.example.org&#039; does not match supplied service.  The original service was &#039;http://localhost:8080/uPortal/Login&#039; and the supplied service
was &#039;http://localhost:8080 /uPortal/Login&#039;.
        </cas:authenticationFailure>
</cas:serviceResponse>

It seems that there is a whitespace after http://localhost:8080 but I can't seem to find where the whitepace is coming from

To Reproduce

Deploy HEAD of uPortal-start
Attempt to log in

Platform:

uPortal Version: uPortal 5.3.0

Enhance '/v4-3/dlm/portletRegistry.json' REST API with additional options 'category' and 'favorite'

We are planning/expecting to use the existing /v4-3/dlm/portletRegistry.json API with new web components-based content like the Browse Carousel and Waffle Menu. We need additional ways to filter the items returned by this API.

Examples

/v4-3/dlm/portletRegistry.json
/v4-3/dlm/portletRegistry.json?category=academics
/v4-3/dlm/portletRegistry.json?favorite=true
/v4-3/dlm/portletRegistry.json?category=academics&favorite=true

uportal-start failed in error - branch master

Hello , Download the latest version of uportal using git , when trying to run the gradle command portalInit , if failed in error . Can you please help for this issue . I am doing the test of raberryPi . Here is the stacktrace .
./gradlew portalInit
Starting a Gradle Daemon (subsequent builds will be faster)
Parallel execution is an incubating feature.

Task :buildSrc:compileJava NO-SOURCE
Task :buildSrc:compileGroovy
Task :buildSrc:compileGroovy UP-TO-DATE
Task :buildSrc:processResources UP-TO-DATE
Task :buildSrc:classes UP-TO-DATE
Task :buildSrc:jar UP-TO-DATE
Task :buildSrc:assemble UP-TO-DATE
Task :buildSrc:compileTestJava NO-SOURCE
Task :buildSrc:compileTestGroovy NO-SOURCE
Task :buildSrc:processTestResources NO-SOURCE
Task :buildSrc:testClasses UP-TO-DATE
Task :buildSrc:test NO-SOURCE
Task :buildSrc:check UP-TO-DATE
Task :buildSrc:build UP-TO-DATE

Configure project :overlays:uPortal
Skipping prepareSkinResources; no custom skin files defined in /home/pi/uPortal-start/overlays/uPortal/src/main/webapp/media/skins/respondr

Task :tomcatInstall FAILED

Task :overlays:basiclti-portlet:plutoAssemble
Processing archive basiclti-portlet.war into destination directory /home/pi/uPortal-start/overlays/basiclti-portlet/build/pluto with the Apache Pluto Assembler

Task :overlays:BookmarksPortlet:war
Task :overlays:Announcements:war

FAILURE: Build failed with an exception.

Where:
Script '/home/pi/uPortal-start/gradle/tasks/tomcat.gradle' line: 57
What went wrong:
Execution failed for task ':tomcatInstall'.

Problem expanding gzip /home/pi/uPortal-start/build/tmp/tomcat/tomcat-gunziped.tar

Aggregation doesn't aggregate past "now"

Describe the bug
Aggregation doesn't appear to aggregate past "now". The numbers in the Portal Activity portlet for "today" and "yesterday" remain at 0 and there are no search terms.

To Reproduce

Log in, browse, etc to generate events
Wait at least 5 minutes
Review Portal Activity portlet

Expected behavior
Updated numbers and search terms

Out of memory from high NodeInfo/Precedence object counts

Describe the bug
Out of memory crash due to very high NodeInfo/Precedence object counts.

TAMU seeing counts like:

org.jasig.portal.layout.dlm.NodeInfo: ~200 million objects
org.jasig.portal.layout.dlm.Precedence: ~100 million objects

To Reproduce
Steps to reproduce the behavior:

Check running server object counts (dev VM tool -- which?)

Expected behavior

org.jasig.portal.layout.dlm.NodeInfo: <500 objects
org.jasig.portal.layout.dlm.Precedence: <250 objects

Additional context
this has not been observed or reported in other installations. It is worth noting that most installations do not monitor at this level.

Db create fails on databases that do not support CLOB types

Error caused by Oracle supporting change that introduced setting a column to CLOB type.

Not all user attributes are available in `userInfo` in JSPs

Describe the bug
Additional user attributes are not available in in JSPs via userInfo.

To Reproduce
Steps to reproduce the behavior:

Configure an external user attribute source
For testing, modify greetings.jsp and add ${userInfo} near name
Log in with user that has extra attributes
See that attributes are missing in output but are present in uPortal

confirm through logs or as admin using User Portlet tool

Expected behavior
Additional attributes should be present in ${userInfo}

Additional context
Default user attributes, displayName, user.login.id, impersonating are usually present
There may be some hidden configuration that filters attributes in userInfo, but it is not apparent from documentation, reviewing context files, or searching source.
Consider adding the following to logback.xml for debugging:

 <logger name="org.apereo.services.persondir.support" additivity="false" level="TRACE">
    <appender-ref ref="PORTAL"/>
  </logger>

Document Import/Export in the uP5 Manual

Import/Export is an immensely important tool for working with uPortal. Previous versions of the Manual (in Confluence) had documentation for using it, but the new (markdown-based) Manual doesn't appear to have any.

The previous documentation is here, but the commands have changed, and it can't be copied forward (to uP5) verbatim.

Enhance scheduling for events-related jobs

Is your feature request related to a problem? Please describe.
Texas A&M is experience issues with events jobs. With a cluster size greater than 10 there are several servers vying to run these jobs. This is causing occasional deadlocks.

Describe the solution you'd like
I would like to see the selection strategy for when a server attempts to run a job to consider which server was the last (captured in the UP_MUTEX table). The strategy would prefer the same server do the work by having servers other than the last to run the job wait twice as long as scheduled to own the job. This should allow the last server time to take the job. If the server is out of service, that is when another server is likely to take over.

Describe alternatives you've considered
Another alternative is to leverage the database to pin these jobs to a specific server that is active. If the server does not run the job within 2x or 3x the schedule, then another server owns the jobs. This can prevent server contention but does require more change in the related code.

Additional context
The purpose of cluster scheduler is to make sure one server in the cluster is performing the configured jobs. This avoids configuring a single server to run jobs which may go offline. Spreading the work across the cluster is a secondary consideration.

Allow REST-based searches to filter by type

There is a REST controller for searching in the portal. This controller can (potentially) return different types of result:

Portal content (portlets)
People (person-directory)
Web content (integration with a GSA)

It would be great if this controller could allow clients to filter by type. We could implement an optional query string parameter -- type -- that allows callers to specify what they want.

Un-comment the o.a.p.PortalSessionManager.unauthenticatedUserSessionTimeout property of GuestSessionExpirationInterceptor?

Describe the bug
There's a seldom-used feature called GuestSessionExpirationInterceptor that relies on a setting called org.apereo.portal.PortalSessionManager.unauthenticatedUserSessionTimeout.

Currently the way that setting is applied to the bean is commented-out (2 places)...

It looks like...

The GuestSessionExpirationInterceptor component will not work as it stands (baring an overlay of a Spring context file)
Un-commenting the <property> element will do no harm to those who don't use the feature.

Needs to be tried & tested.

Content Editor for CMS portlets has a broken "Return without saving" button

Describe the bug
The content editor for CMS portlets has a link "Return without saving" that acts as a cancel button. This link does not work in Portlet Administration.

To Reproduce
Steps to reproduce the behavior:

Go to Portlet Administration as an admin
Edit a CMS portlet.
Scroll down to bottom of page.
Click on Save and Configure Button
Click on Return without saving link at bottom of edit window

Expected behavior
Navigates back to edit CMS portlet

Screenshots

Add CRUD REST APIs for DLM fragments

Is your feature request related to a problem? Please describe.
Currently there is no API for managing DLM fragments remotely.
This is one of the last remaining core pieces of uPortal that still needs to be managing via the CLI.

Describe the solution you'd like
Off an API for CRUD (Create Read Update Delete) operations on DLM fragments

Additional context
This is a piece that is needed to move the uPortal SaaS (software as a service) initiative forward.

CAS from bean configuration in proxy mode isn't working

Describe the bug
CAS configuration from bean isn't working for proxy mode.
Only configuring it into the web.xml is working, The CAS client is initializing the conf correctly from servlet mapping but not from bean. The bug is on the CAS-client library.

See the related topic about it : https://groups.google.com/a/apereo.org/forum/#!topic/uportal-dev/vZ1Ot0uVjU8

Platform:

uPortal Version: 5

Additional context
When the bug will be solved into CAS-client, we will be able to be back from the bean configuration
Else in waiting, to work follow these steps:

Replace CAS Validation Filter definition in web.xml (a spring proxy)
with the actual definition from uP4.3.

Replace variables with actual values.

Remove CAS Validation Filter bean from securityContext.xml (optional).

uPortal 5 does not filter web.xml, so the variables will not be
substituted for values in properties files. This was the reason the
filter configuration was moved to Spring. Unfortunately, the Spring
configuration does not seem to support proxying configuration completely.

One thing to enable cas proxy mode you should add this bean in your custom deployment:
<bean id="casTicketUserInfoService" class="org.apereo.portal.portlet.container.services.CasTicketUserInfoService" />

Multiple text columns not supported by older Oracle versions.

Older Oracle versions, more accurately the Hibernate dialects, do not support multiple text (LONG) columns in a single table. Only PortletPerferenceImpl.java currently defines such a thing.

Using uPortal 5 with Oracle 12 causes import errors related to PREF_NAME & PREF_VALUE in PortletPreferenceImpl

Describe the bug
When initialising uPortal 5 against an Oracle 12 database, fragment layout import fails with "java.sql.SQLException: Stream has already been closed" in org.apereo.portal.portlet.dao.jpa.PortletDefinitionImpl.

This was discussed on the uportal-user list. It was found that columns PREF_NAME & PREF_VALUE in PortletPreferenceImpl were causing the problem because they were being created as LONG in Oracle due to a default mapping in the version of Hibernate that uPortal is using.

Originally this problem was raised as an issue #1217 and fixed in pull request #1218, but the change to force the PREF_NAME and PREF_VALUE columns to CLOB was not compatible with all databases.

Longer-term, the Hibernate version used by uPortal should be updated to one that correctly handles Oracle 12 mappings, but this is a wider ranging change. We need a fix in the meantime.

I have a local solution that is working which I'll submit in a pull request for review.

To Reproduce
Run portalInit in uPortal 5.3 using an Oracle 12 database.

Expected behavior
Import of fragment layouts is successful and does not result in errors. The initialisation completes successfully.

Stacktrace
See stacktrace on forum question

Platform:

uPortal Version: uPortal 5.3
DB: Oracle 12

Create an open id connect compatible API for favorites

Is the favorites management can be part of a such feature ?
Favorites are managed only from ajax call (from portletController) and are not protected by oidc.

Originally posted by @jgribonvald in #1285 (comment)

Use an auto dependency updater

Is your feature request related to a problem? Please describe.

Dependency updates are currently a manual process.
With js packages the process is run npm outdated and copy the new versions into package.json
With gradle the process is lookup each dependency on maven central to see if a new version has been published.

Describe the solution you'd like

On a regular basis, have pull requests automatically opened with new version numbers.

Add search to documentation

Is your feature request related to a problem? Please describe.

As a developer I'd like an easier way to find answers in the documentation.
Currently the only option is to use the site map or do a selective google search.

Describe the solution you'd like

As a developer I'd like to be able to enter some terms and find related content in the documentation.
Discussing with @mindblender on what CAS does, Algolia docs search came up as a possible solution.
https://community.algolia.com/docsearch/

Describe alternatives you've considered

Google custom search https://cse.google.com/cse/

Additional context

See example setup at CAS https://apereo.github.io/cas/5.3.x/index.html

JGROUPSPING table is not created for Oracle

Describe the bug
JGROUPSPING table is not created when using an Oracle database.

To Reproduce
Steps to reproduce the behavior:

Set up an Oracle database
Configure uPortal-start to use Oracle database
./gradlew clean portalInit portalOpen
Look for JGROUPSPING table

Expected behavior
JGROUPSPING table exists in the Oracle database.

Stacktrace
The Catalina log file has these errors:
08-Nov-2018 13:59:51.877 SEVERE [localhost-startStop-2] org.jgroups.protocols.JDBC_PING.delete JGRP000145: Error updating JDBC_PING table
java.sql.SQLSyntaxErrorException: ORA-00942: table or view does not exist

Platform:

uPortal Version: uPortal 5
Database: Oracle

Additional context
https://github.com/Jasig/uPortal/blob/master/uPortal-webapp/src/main/resources/properties/db/tables.xml#L431

Sitemap in the footer does not honor alternativeMaximizedLink

Describe the bug
The footer sitemap is not honoring the alternativeMaximizedLink publishing parameter.

Expected behavior
When the item is clicked in the sitemap, you should go to the alternativeMaximizedLink.

uportal-project / uportal Goto Github PK

uportal's Introduction

About

Forever Free!

Accessible

Help and Support

Manual

Requirements

uPortal-start

Building and Deploying

Gradle tasks

uportal's People

Contributors

Stargazers

Watchers

Forkers

uportal's Issues

Description

Report

Describe the bug

Error Message

Screenshots

Chrome

Firefox

Edge

IE 11

A Good Plan, and Consensus

Description

The Bug

Stacktrace

Summary

Describe the bug

How To Fix

Description

To Reproduce

Describe the bug

Stacktrace

Describe the bug

Describe the bug

Where to fix

Examples

Recommend Projects

Recommend Topics

Recommend Org