Time
S
Nick
Message
04:01 metamattj joined #dataverse
12:18 donsizemore joined #dataverse
13:07 bencomp joined #dataverse
13:36 donsizemore joined #dataverse
14:47 axfelix joined #dataverse
14:50 donsizemore
good morning -- is there a preferred / documented way to enable md5 password encryption in the jdbc connection pool? i see the install script hashing it
14:58 bencomp
pdurbin: did you know you can show code coverage with https://coveralls.io/ ? :)
14:58 pdurbin
donsizemore: I'm not familiar with this but I think you mean this create_pg_hash stuff: https://github.com/IQSS/dataverse/blob/v4.1/scripts/installer/install#L625
15:00 donsizemore
pdurbin: yes sir =) i'm hoping to enable the md5 password in postgres. or possibly making a feature request?
15:01 pdurbin
donsizemore: are you saying it isn't working?
15:01 pdurbin
bencomp: do you have this enabled on any java projects?
15:02 bencomp
no
15:02 donsizemore
pdurbin: the installation guide suggests using the "password" method for postgresql, but i'd like to change it to md5
15:02 donsizemore
pdurbin: looks like it would be the digest-algorithm setting in Glassfish, but that's from an ooooooold page
15:03 bencomp
donsizemore: I'm pretty sure md5 is considered insecure
15:03 pdurbin
bencomp: looks like I heard about coveralls quite a while ago. I may have dismissed it as a Ruby thing: http://irclog.perlgeek.de/crimsonfu/2013-08-15#i_7454580
15:05 pdurbin
here's a java project: https://coveralls.io/github/trautonen/jersey-mustache
15:05 pdurbin
and they seem to be using jacoco like us: https://github.com/trautonen/jersey-mustache/blob/master/pom.xml
15:06 pdurbin
donsizemore: so right now it's using the "password" method? what does that do? sorry, I'm new to this.
15:07 pdurbin
hmm. "after_success: - mvn jacoco:report coveralls:jacoco" https://github.com/trautonen/jersey-mustache/blob/master/.travis.yml
15:07 pdurbin
finding some of these links at http://blog.eluder.org/2013/06/code-coverage-for-github-hosted-java-projects-with-coveralls/
15:08 pdurbin
via https://coveralls.zendesk.com/hc/en-us/articles/201342829-Java
15:08 pdurbin
bencomp: yeah, this looks great. thanks
15:11 donsizemore
bencomp: the installation guide suggests using the "password" method, which sends it in clear text
15:12 donsizemore
pdurbin: "password" is fine for localhost and trusted networks.
15:13 bencomp
donsizemore: oh, didn't know that. md5 is more secure than clear text, naturally :)
15:14 donsizemore
bencomp: pg_shadow stores an md5 of the password from the install script, but domain.xml stores in in plain text. again, all fine.
15:14 donsizemore
bencomp: we at odum have a couple archivists who need direct access to the database, and i'd like to tell glassfish/dataverse to use md5 password hashing if possible
15:15 pdurbin
donsizemore: but aren't you saying the script is trying to set it as md5 rather than clear text? the installer script, I mean
15:16 chrisseto joined #dataverse
15:16 pdurbin
chrisseto: ohai!
15:16 chrisseto
pdurbin: Hey!
15:17 chrisseto
I come bearing possibly bad news
15:17 pdurbin
chrisseto: thanks for that bug report the other day
15:17 chrisseto
It looks like one of your servers is on the fritz again, we're getting a redirect loop sometimes
15:18 chrisseto
I'll dump what I have into a pastebin if you'd like
15:18 pdurbin
uh oh
15:19 pdurbin
chrisseto: sure. please pastebin it. I can't tell from here what you're seeing
15:20 chrisseto
http://pastebin.com/FvHtCpcV
15:20 chrisseto
I'm just getting a 302 to the same URL I got the 302 from orignally
15:21 pdurbin
huh. sure looks that way
15:22 chrisseto
Our servers were running into some issues and about ~15 requests later, locally, I began seeing the same thing.
15:22 pdurbin
chrisseto: so you think this is a recent change?
15:24 chrisseto
pdurbin: I've never encountered it before today and as far as I know none of our code has changed. It looks like it might be apache acting weird?
15:25 chrisseto
And its happening with unauthorized requests
15:38 pdurbin
chrisseto: with an invalid API token, you mean. yeah. It never gets past Apache. Auth happens inside of Glassfish
15:44 chrisseto
pdurbin: Even requests without auth. So it sounds like it is apache?
15:46 pdurbin
chrisseto: yeah, seems like apache. I think I'm seeing the problem on "kirk" but not "picard".
15:50 chrisseto
pdurbin: If you don't mind me asking how is load balancing done?
15:53 pdurbin
chrisseto: I'm a little fuzzy on it but I think it's a Cisco hardware device.
15:58 chrisseto
pdurbin: That makes sense, I ask because it looks like we get the same server every time
16:02 pdurbin
chrisseto: it's probably sticky or something
16:31 chrisseto joined #dataverse
16:31 pdurbin
chrisseto: should be fixed. can you please try again?
16:32 chrisseto
pdurbin: It is! Thanks! Sorry to always be the bearer of bad news
16:32 pdurbin
chrisseto: no worries! I appreciate you letting us know!
16:34 metamattj joined #dataverse
21:11 garnett joined #dataverse
22:24 axfelix joined #dataverse
22:24 metamattj joined #dataverse
23:50 axfelix joined #dataverse
