Daily Log for #alfresco IRC Channel

Alfresco discussion and collaboration. Stick around a few hours after asking a question.

Official support for Enterprise subscribers: support.alfresco.com.

Joining the Channel:

Join in the conversation by getting an IRC client and connecting to #alfresco at Freenode. Our you can use the IRC web chat.

More information about the channel is in the wiki.

Getting Help

More help is available in this list of resources.

Daily Log for #alfresco

2017-07-27 04:50:06 GMT <ashley_> Hi, as discussed i copied alflystics in pentaho 7.0 but in pentaho login console instead of alflystics arrow button "restart server" is there. i restarted the server couple of time even though same issue is occuring. Can you please help on this.

2017-07-27 06:46:09 GMT <ashley_> I have changed pentaho 7.1, now while installing the alflytics selected alfresco version and pentaho credential when i click on installation button error is occuring. i have checked logs as well. Can please help me.

2017-07-27 07:27:34 GMT <DarkStar1> Morning everyone

2017-07-27 07:32:30 GMT <mrks_js> Morning Lanre!

2017-07-27 07:56:34 GMT <ashley_> Hi, can you please help me on alflytics installation.

2017-07-27 08:22:54 GMT *** DragiBus_ is now known as DragiBus

2017-07-27 09:01:37 GMT <fcorti> hi ashley_

2017-07-27 09:01:39 GMT <fcorti> yes sure

2017-07-27 09:01:44 GMT <fcorti> please ask here

2017-07-27 09:01:57 GMT <fcorti> or raise a question in the community prtal

2017-07-27 09:02:04 GMT <fcorti> as you prefer ;-)

2017-07-27 09:07:56 GMT <ashley_> Thank you, i have installed alflytics from pentaho marketplace and while installation from pentaho user console i have selected alfresco version and pentaho user credential but there is "something went wrong" error is occurring. there is no information logs

2017-07-27 09:37:29 GMT <fwu> hi all!

2017-07-27 10:28:52 GMT <fwu> ppl, in 5.2 how can I make a generic search from share ui without the need to enter login credentials and without the need to make a custom webscript?

2017-07-27 10:34:45 GMT <fwu> another one: share is returning only 250 records in search results. I read somewhere that I need to set a different value in share-config-custom, but it still doesnt works...

2017-07-27 10:40:02 GMT <fwu> this is not working: http://docs.alfresco.com/4.1/tasks/controlling_search_results.html

2017-07-27 10:40:03 GMT <alfbot> Title: Controlling search results in Share | Alfresco Documentation (at docs.alfresco.com)

2017-07-27 11:10:36 GMT <fwu> I cant change the 250 limit, not even if I specify 5...

2017-07-27 11:10:44 GMT <fwu> so this setting is being ignored

2017-07-27 11:19:49 GMT <mrks_js> uuhm, where is the code for the jodconverter?

2017-07-27 11:38:55 GMT <fcorti> Sorry ashley_, wa in call... di you take a look at catalina.out in Pentaho's tomcat? There you will find the errors.

2017-07-27 11:44:25 GMT <ashley_> there is information in catalina.out, i have tried couple times but did get.

2017-07-27 11:45:26 GMT <fwu> ppl, forgat my maxresults question... I was writing repalce=true without quotes.

2017-07-27 11:45:35 GMT <fwu> forget

2017-07-27 11:46:01 GMT <fwu> now im only returning 5 results as expected

2017-07-27 14:09:53 GMT <douglascrp> good morning everyone

2017-07-27 14:40:37 GMT <yreg> AFaust, what does a permission tag on a doclib action do ?

2017-07-27 14:40:53 GMT <yreg> is it an evaluator on permission for current user or what ?

2017-07-27 14:41:03 GMT <AFaust> It will further restrict when the action is shown in addition to the evaluator

2017-07-27 14:41:13 GMT <AFaust> Yes, it is just that

2017-07-27 14:41:29 GMT <yreg> alright thanks

2017-07-27 14:41:35 GMT <yreg> http://docs.alfresco.com/5.1/concepts/doclib-web-tier.html

2017-07-27 14:41:37 GMT <alfbot> Title: Alfresco Share Document Library web tier | Alfresco Documentation (at docs.alfresco.com)

2017-07-27 14:41:50 GMT <AFaust> Since permission is one of the most common types of restrictions - though to be honest, they could have included type/aspect support like permission just as well

2017-07-27 14:41:50 GMT <yreg> this paghe was not thgat clear saying Permission config container element

2017-07-27 14:43:54 GMT <yreg> and when multiple evaluators are listed

2017-07-27 14:44:06 GMT <yreg> is it an end or an or ?

2017-07-27 14:48:53 GMT <yreg> s/end/and/

2017-07-27 14:59:55 GMT <douglascrp> guys, any quick tip on how to solve this kind of messages in log?

2017-07-27 14:59:56 GMT <douglascrp> INFO [org.springframework.extensions.webscripts.connector.RemoteClient] [http-nio-8080-exec-56] Error status 500 java.io.IOException: Broken pipe

2017-07-27 14:59:56 GMT <douglascrp> org.apache.catalina.connector.ClientAbortException: java.io.IOException: Broken pipe

2017-07-27 15:00:08 GMT <douglascrp> I see a lot of these in this customer

2017-07-27 15:00:34 GMT <douglascrp> it has nothing special there, but this is the only one getting this constantly

2017-07-27 15:01:13 GMT <douglascrp> ClientAbort, does it mean the user or the browser stopped the request?

2017-07-27 15:01:30 GMT <douglascrp> it is not that clear for me what is going on here, as everything is working as expected

2017-07-27 15:40:45 GMT <AFaust> yreg: Sorry - I immediately went back to organising my paperwork for month of July. It is an AND with all other evaluators...

2017-07-27 15:42:00 GMT <AFaust> douglascrp: ClientAbort does indeed mean the client to the HTTP connection aborted the call. I have seen that in the past when the Share proxy for calls to Repository-tier web scripts closed the connection due to the configured timeout on the endpoint

2017-07-27 15:42:39 GMT <AFaust> Though usually you should get a different error message with that, something along the line of "client closed socket" or "client closed network connection"

2017-07-27 16:42:19 GMT <eswbitto> Is anyone aware of the new tomcat vulnerability alert that came out today? I was wondering how this would impact a tomcat instance from an alfresco install.

2017-07-27 16:42:27 GMT <eswbitto> https://access.redhat.com/errata/RHSA-2017:1809

2017-07-27 16:42:29 GMT <alfbot> Title: Red Hat Customer Portal (at access.redhat.com)

2017-07-27 16:54:34 GMT <AxelFaust> For most operations, Alfresco does not make use of the default Tomcat error page(s)

2017-07-27 16:54:42 GMT <AxelFaust> or a custom one

2017-07-27 16:55:13 GMT <AxelFaust> i.e. the web script framework should catch most (if not all) errors internally and generate the error response using FTL templates

2017-07-27 16:55:48 GMT <AxelFaust> Only if you call an URL that is not mapped via to any servlet via the web.xml / web fragments would you see a traditional Tomcat error page.

2017-07-27 16:56:13 GMT <AxelFaust> Of course things are a bit different for the SOLR 4 install... there the Tomcat error page(s) are more relevant

2017-07-27 16:56:27 GMT <eswbitto> AxelFaust I have done modifications to my vanilla install, but I have left tomcat alone except for pointing to different config file locations. That's about it.

2017-07-27 16:56:29 GMT <eswbitto> Hmmm

2017-07-27 16:56:37 GMT <AxelFaust> Alfresco is also not run under a SecurityManager, so the second part of the CVE should not affect Alfresco either

2017-07-27 16:56:48 GMT <AxelFaust> Alfresco is already "insecure" by not being able to run with a SecurityManager

2017-07-27 16:56:57 GMT <eswbitto> ok

2017-07-27 16:59:28 GMT <eswbitto> AxelFaust should I see into patching anything with regard to solr4?

2017-07-27 17:00:13 GMT <AxelFaust> Should not be necessary. Ideally you'd have setup your system in such a way that only Alfresco can talk with SOLR 4, so there should be no way for an attacker to even reach it...

2017-07-27 17:01:50 GMT <eswbitto> AxelFaust the only thing that I Have done with solr4 is modified config files to point the solr4 directory to a mounted location rather than the default install location.

2017-07-27 17:03:16 GMT <AxelFaust> You don't have to configure SOLR 4 itself to make it unreachable for any end-user / attacker. Typically you'd use a user-facing proxy or web application firewall to block access to it, or don't expose it in the first place

2017-07-27 17:04:19 GMT <eswbitto> AxelFaust that I have done for sure.

2017-07-27 17:11:42 GMT <eswbitto> AxelFaust Thanks!

2017-07-27 17:12:09 GMT <fwu> back

2017-07-27 17:12:41 GMT <fwu> AxelFaust, regarding the cmis query I show yesterday, does it means Alfresco is not supporting cmis anymore?

2017-07-27 17:13:00 GMT <AxelFaust> Not at all - it is just that the old legacy CMIS web scripts have been removed

2017-07-27 17:13:15 GMT <AxelFaust> All CMIS endpoints are provided via OpenCMIS based servlets now

2017-07-27 17:13:38 GMT <AxelFaust> Just the URL you have been using will no longer work

2017-07-27 17:14:32 GMT <fwu> but what is the new url? I can see that I cant see cmis anymore here: share/proxy/alfresco

2017-07-27 17:16:06 GMT <fwu> this is only new in 5.2, right? because every search I make with google still talks about the old one...

2017-07-27 17:17:43 GMT <AxelFaust> Then you must have a weird google search...

2017-07-27 17:19:07 GMT <AxelFaust> Google search: alfresco cmis new url => 1st, 3rd and 4th results all relate to the new API

2017-07-27 17:22:28 GMT <fwu> ok, for me that seems a old url

2017-07-27 17:23:13 GMT <fwu> can ti convert the /api/-default-/public/ for alfresco proxy?

2017-07-27 17:23:20 GMT <fwu> or this only works for webscripts?

2017-07-27 17:23:36 GMT <fwu> because I dont want to authenticate again inside Alfresco

2017-07-27 17:26:59 GMT <AxelFaust> CMIS is not available via the proxy in Alfresco Share, which is only designed to reach web scripts. Of course you can simply define another endpoint via the Spring Surf configuration and use that to call the OpenCMIS endpoints. It should also be possible to setup a configuration (potentally with a custom connector/authenticator) that allows you to reuse the same authentication for CMIS calls.

2017-07-27 17:27:49 GMT <AxelFaust> I just wonder why you even have to call the CMIS API from Share. Why not just create a custom web script on the Repository tier that performs a) the search itself and b) any kind of post-processing you would likely have to do on the client-side anyway

2017-07-27 17:32:50 GMT <fwu> AxelFaust, it is the same reason from the past... if Im inside a document management system why should I need to create anything to perform a query?

2017-07-27 17:33:20 GMT <AxelFaust> In 5.2 you also have the new ReST API including a generic search API

2017-07-27 17:33:22 GMT <fwu> that is a basic feature one should have

2017-07-27 17:33:33 GMT <AxelFaust> Though I have not checked how this would be called from Share.

2017-07-27 17:33:58 GMT <AxelFaust> Also, there always is the web script that serves up the data for the search UI in Share

2017-07-27 17:34:47 GMT <fwu> AxelFaust, but that rest api, if called inside share: do I need to authenticate?

2017-07-27 17:34:59 GMT <AxelFaust> It's just that rarely are two use cases alike and even if there is a generic search, you might want to condense the search with some post processing to provide a better / faster experience...

2017-07-27 17:35:06 GMT <fwu> I think alfresco/proxy is used for that

2017-07-27 17:35:13 GMT <AxelFaust> I just said I have not tried calling it from Share.

2017-07-27 17:35:32 GMT <AxelFaust> No - not for the new v1 ReST API because that runs on a different servlet.

2017-07-27 17:35:56 GMT <AxelFaust> But for the search web script that serves results for Share UI, yes

2017-07-27 17:36:52 GMT <fwu> so, for the rest api, I will never be able to call it from share without explicit authentication?

2017-07-27 17:37:13 GMT <fwu> so I will always need a webscript...

2017-07-27 17:37:33 GMT <fwu> the cmis are gone. does for a generic query I need to create my own webscript

2017-07-27 17:38:44 GMT <AxelFaust> Where did you read "never be able to call"? I said you might have to configure an endpoint, and that it should be possible...

2017-07-27 17:39:43 GMT <fwu> I didnt read... I just thought :)

2017-07-27 17:40:26 GMT <AxelFaust> I wonder why I write if it isn't read...

2017-07-27 17:40:36 GMT <AxelFaust> And in the meantime, I checked the pre-defined endpoints

2017-07-27 17:41:01 GMT <AxelFaust> You should be able to use share/proxy/alfresco-api/ to call the v1 ReST API as well as the CMIS endpoints

2017-07-27 17:41:20 GMT <fwu> where did you saw that?

2017-07-27 17:41:37 GMT <fwu> where are those predefined endpoints?

2017-07-27 17:41:38 GMT <AxelFaust> This endpoint was added in 5.1 if I am not mistaken and should automatically share the authentication.

2017-07-27 17:41:53 GMT <fwu> well, I can try that

2017-07-27 17:42:03 GMT <AxelFaust> Well, for one you can find that in the primary documentation source: the source code

2017-07-27 17:42:04 GMT <fwu> and I will let you know

2017-07-27 17:43:08 GMT <AxelFaust> And it is even included in the official docs, although not explicitly explained what you can use it for...

2017-07-27 17:43:09 GMT <AxelFaust> http://docs.alfresco.com/5.1/tasks/share-change-port.html

2017-07-27 17:43:10 GMT <alfbot> Title: Configuring the Share default port | Alfresco Documentation (at docs.alfresco.com)

2017-07-27 17:47:47 GMT <fwu> there was a jira open to make those links accessible via proxy

2017-07-27 17:48:33 GMT <fwu> so I believe that hare/proxy/alfresco-api/ may come from that

2017-07-27 18:15:31 GMT <douglascrp> AxelFaust, thank you for your answer

2017-07-27 20:18:51 GMT <jpotts> I've got an SDK 3.0.1 project for a 4.2.7 customization. Everything works great, except there are some custom JSPs being used to override the old Explorer client. Those JSPs make it into the AMP but they don't make it into the platform WAR. Has anyone seen that work?

2017-07-27 20:19:28 GMT <jpotts> (I'm talking about when I do mvn clean install alfresco:run, not when I install the AMP using MMT into a real Alfresco WAR

2017-07-27 20:19:31 GMT <jpotts> )

2017-07-27 23:10:51 GMT <AxelFaust> ~later tell jpotts: Still having to keep Explorer customizations alive? Sounds like the walking dead...

2017-07-27 23:10:51 GMT <alfbot> AxelFaust: The operation succeeded.

End of Daily Log

The other logs are at http://esplins.org/hash_alfresco