IQSS logo

IRC log for #dataverse, 2016-08-16

Connect via chat.dataverse.org to discuss Dataverse (dataverse.org, an open source web application for sharing, citing, analyzing, and preserving research data) with users and developers.

| Channels | #dataverse index | Today | | Search | Google Search | Plain-Text | plain, newest first | summary

All times shown according to UTC.

Time S Nick Message
02:57 axfelix joined #dataverse
02:59 axfelix joined #dataverse
03:04 axfelix joined #dataverse
03:51 michbarsinai joined #dataverse
04:44 axfelix joined #dataverse
04:57 axfelix joined #dataverse
05:19 axfelix joined #dataverse
07:21 jri joined #dataverse
13:19 bsilverstein joined #dataverse
13:22 michbarsinai joined #dataverse
13:25 nicholas_ joined #dataverse
13:39 pameyer joined #dataverse
13:44 pdurbin jri: hi! I was just reading through https://github.com/IQSS/dataverse-client-python/issues/35 and just wanted to make sure you saw how http://guides.dataverse.org/en/latest/installation/config.html#blockedapikey says "When calling blocked APIs, add a query parameter of unblock-key=theKeyYouChose to use the key."
13:44 pdurbin nicholas_: mornin'. Any more thoughts on 2FA?
13:45 pdurbin pameyer: last day before your well deserved vacation!
13:45 pameyer pdurbin: thanks!
13:46 jri pdurbin: Yes I saw that. My question is how to add this parameter with the python client
13:49 pdurbin jri: it looks like the value "key" is hard-coded in a few places such as https://github.com/IQSS/dataverse-client-python/blob/e604d98ed76fd46f031c994d02b3f6765a07af44/dataverse/connection.py#L55
13:50 jri pdurbin: hmm, but this is not the user token ?
13:50 nicholas_ Morning. I talked to Original Nick, and he is of the mindset that we'll probably still need 2FA, at least in the short term. The final decision rests with the security folks, so what he and I will do is bring it up with our supervisor, and he'll decide if we want to present the 'disabling dataverseAdmin' option to security.
13:51 nicholas_ ON is not optimistic, because it's possible that there will still be non-Shib people who need admin rights.
13:51 pdurbin It *is* the user token. There are two ways to specify it. The old way is "key" as a query parameter (which I don't like since it shows up in access logs) and the new way is the "X-Dataverse-key" header: http://guides.dataverse.org/en/4.4/api/native-api.html
13:52 pdurbin heh. "ON". That took me a minute
13:54 pdurbin nicholas_: if you still want to implement 2FA please ask your questions about BuiltinAuthenticationProvider and such so michbarsinai can weigh in.
13:55 nicholas_ pdurbin: thanks. I'll do that.
13:55 pdurbin jri: I hope I'm not confusing you! To back up, I guess I'm wondering why you don't want to use the "key" solution that the Python client already supports. Also, you should get in touch with @TomBaxter who is mentioned at https://github.com/CenterForOpenScience/osf.io/pull/5344#issuecomment-225929790
13:57 jri pdurbin: hum, you lost me :) I've two different keys: the user API Token (which we find in the Web GUI) and BlockedAPIKey (which we set) which I set with use "unblock-key"  in BlockedApiKey parameter.
13:59 jri Ah ok, I will try to talk with him
13:59 pdurbin jri: to be honest, I'm not sure I've ever used that "unblock-key" thing. I'm not even sure what we call it.
14:00 pdurbin Rather than "unblock-key" I use user-level API tokens.
14:00 jri I don't know... As I understood from the doc: the API is localhost only by default, and I don't want that. I need to access it from others computers
14:01 jri Oh! the user-level API tokens are not locked to localhost ?
14:01 pdurbin jri: nope. Not locked to localhost.
14:01 jri Ok! good to know
14:02 jri so my problem comes form elsewhere :)
14:02 pdurbin well, hold on
14:02 pdurbin jri: I hope I'm not further confusing you.
14:02 jri Maybe I should close this issue
14:03 jri No this is clear know, and I will use user tokens.
14:03 jri I was thinking that API configuration was a step before using user tokens
14:03 jri "A first door"
14:03 pdurbin jri: ok, just please be sure to block the "admin" and "test" endpoints per http://guides.dataverse.org/en/latest/installation/config.html#blocking-api-endpoints
14:04 jri Ok,
14:04 jri Are needed to create and delete dataverses ?
14:04 jri are they*
14:04 pdurbin nope
14:04 jri Ok
14:05 jri Thanks for your help again !
14:05 pdurbin jri: if you do close that issue (up to you), please link to these IRC logs
14:09 jri done ;)
14:11 pdurbin jri: thanks!
14:17 dataverse-user joined #dataverse
14:17 dataverse-user left #dataverse
14:17 jo-pol joined #dataverse
14:19 jo-pol @pdurbin you wrote "`asadmin stop-domain` (kill -9 if necessary)" but "asadmin help stop-domain" says "[--force={true|false}] [--kill={false|true}]"
14:22 pdurbin jo-pol: hi! Ah, so you are saying that --force=true is probably the same as kill -9
14:23 pdurbin whatever floats your boat :)
14:27 jo-pol you might have meant kill as shell command, so just asked
14:27 pdurbin jo-pol: yeah, I meant https://github.com/IQSS/dataverse/blob/v4.4/scripts/database/homebrew/kill9glassfish
15:35 pdurbin call starts in half an hour: http://dataverse.org/community-calls
15:36 pdurbin nicholas_: I've been encouraging TDL to call in
16:18 nicholas_ pdurbin: Sorry about that. I just joined a few minutes ago. I'm so new here I didn't know how to get an outside line. Sad!
16:19 pdurbin nicholas_: heh, no worries. We do these calls every two weeks
16:19 pdurbin you can read the notes so far at https://docs.google.com/document/d/1ACzoQa78yGMGS4ogrXISPVcsajw9B6HiWnRGUP_mCyM/edit?usp=sharing
16:19 nicholas_ I'm there.
16:35 donsizemore joined #dataverse
17:19 pdurbin donsizemore: hi! I haven't forgotten about #239603: question about Shibboleth password conversion - https://help.hmdc.harvard.edu/Ticket/Display.html?id=239603
18:08 donsizemore @pdurbin thank you! it's kind of a blocker on this end. akio is looking at augmenting the shib page code temporarily but we weren't sure if you all had seen it before
18:10 pdurbin donsizemore: I'm in the middle of https://github.com/IQSS/dataverse/issues/3203 but I may have some questions for you in a bit.
19:04 pdurbin shoot, he's gone
19:19 pdurbin ah, https://github.com/IQSS/dataverse/pull/2922#issuecomment-190818688 has what I need about passwordencryptionversion etc.
19:21 michbarsinai joined #dataverse
19:27 donsizemore joined #dataverse
19:33 donsizemore @pdurbin i'm back!
19:33 pdurbin donsizemore: I'm getting a different error than you reported.
19:33 pdurbin you're on 4.4 right?
19:34 donsizemore @pdurbin: correct.
19:34 pdurbin dunno if you saw the last link I dropped in here but that's how I'm simulating a user who hasn't upgraded their password to bcrypt yet
19:35 donsizemore @pdurbin akio and i are reading through the ticket
19:36 pdurbin which? 239603 or pull request 2922?
19:37 donsizemore @pdurbin we're seeing 4.4's shib page consistently reject password hashes from 3.6. the builtinuser page recognizes the old hash and asks the user to change passwords. we were reading 2922 but we're more interested in 239603
19:42 pdurbin donsizemore: yes, I agree there's a bug. At the very least the Shib conversion page should tell the user to go change their password first (to be encrypted with bcrypt) and then try again. Obviously, this is a poor user experience.
19:43 donsizemore @pdurbin: it's a minor dealy but if we can re-use/inject the old-style password auth into the shib page i think we're good
19:44 pdurbin yeah, I wonder why it doesn't work...
19:44 pdurbin I'll see if I can figure it out without help from michbarsinai who did all the bcrypt stuff.
19:47 michbarsinai I'm here
19:48 donsizemore does IQSS accept deliveries from the cheesecake factory
19:49 pdurbin heh
20:05 pdurbin michbarsinai: AuthenticationResponse is showing "BREAKOUT"
20:09 donsizemore joined #dataverse
20:21 michbarsinai joined #dataverse
20:21 michbarsinai That's what it's supposed to show when it requires the users to update their passwords.
20:30 pdurbin michbarsinai: so I'll have to drop to a lower level: PasswordEncryption.getVersion(builtinUser.get​PasswordEncryptionVersion()).check(password, builtinUser.getEncryptedPassword())
20:33 axfelix joined #dataverse
20:34 jamie joined #dataverse
20:35 Guest49527 does anyone know of any use cases where a dataverse repository has been integrated into an existing institutional repository?
20:40 pdurbin Guest49527: such as Archivematica? There's an integration effort between them and Dataverse: https://wiki.archivematica.org/Dataverse
20:40 pdurbin donsizemore michbarsinai: again, I agree it's a bug. I gotta run but here are some thoughts: Upgraded (Bcrypt) password required for conversion from local to Shibboleth account · Issue #3287 · IQSS/dataverse - https://github.com/IQSS/dataverse/issues/3287 (I created a new issue).
20:44 Guest49527 pdurbin: I didn't know about that - thank you. I was thinking about universities who might be branding dataverse as an extension of their institutional repo and capturing dataverse metadata in the metadata record for, for example, a paper deposited in the IR
20:46 pdurbin Guest49527: I gotta run but would you be able to ask at https://groups.google.com/forum/#!forum/dataverse-community ? You'll reach more people there. Lots of integration work is going on in general.
20:47 Guest49527 thanks!
21:03 donsizemore @pdurbin: sophia and i are in agreement -- all they got in the web page (last week) was "password failed"
23:24 michbarsinai joined #dataverse

| Channels | #dataverse index | Today | | Search | Google Search | Plain-Text | plain, newest first | summary

Connect via chat.dataverse.org to discuss Dataverse (dataverse.org, an open source web application for sharing, citing, analyzing, and preserving research data) with users and developers.