[gatein-commits] gatein SVN: r8642 - epp/docs/branches/5.2/Release_Notes/en-US.

Author: jaredmorgs Date: 2012-03-27 00:44:19 -0400 (Tue, 27 Mar 2012) New Revision: 8642 Modified: epp/docs/branches/5.2/Release_Notes/en-US/Book_Info.xml epp/docs/branches/5.2/Release_Notes/en-US/Revision_History.xml epp/docs/branches/5.2/Release_Notes/en-US/known.xml epp/docs/branches/5.2/Release_Notes/en-US/needinfo.xml epp/docs/branches/5.2/Release_Notes/en-US/resolved.xml Log: Cumulative build of RNs, with all changed identified in the filter triaged and included mostly in the NEEDINFO section at this stage Modified: epp/docs/branches/5.2/Release_Notes/en-US/Book_Info.xml =================================================================== --- epp/docs/branches/5.2/Release_Notes/en-US/Book_Info.xml 2012-03-26 19:45:52 UTC (rev 8641) +++ epp/docs/branches/5.2/Release_Notes/en-US/Book_Info.xml 2012-03-27 04:44:19 UTC (rev 8642) @@ -9,7 +9,7 @@ <productname>JBoss Enterprise Portal Platform</productname> <productnumber>5.2</productnumber> <edition>5.2.1</edition> - <pubsnumber>2</pubsnumber> + <pubsnumber>5</pubsnumber> <abstract> <para> These release notes contain important information related to JBoss Enterprise Portal Platform &VZ; that may not be currently available in the Product Manuals. You should read these Release Notes in their entirety before installing the product. Modified: epp/docs/branches/5.2/Release_Notes/en-US/Revision_History.xml =================================================================== --- epp/docs/branches/5.2/Release_Notes/en-US/Revision_History.xml 2012-03-26 19:45:52 UTC (rev 8641) +++ epp/docs/branches/5.2/Release_Notes/en-US/Revision_History.xml 2012-03-27 04:44:19 UTC (rev 8642) @@ -8,6 +8,48 @@ <simpara> <revhistory> <revision> + <revnumber>5.2.1-5</revnumber> + <date>Tue Mar 27 2012</date> + <author> + <firstname>Jared</firstname> + <surname>Morgan</surname> + <email>jmorgan [at] redhat [dot] com</email> + </author> + <revdescription> + <simplelist> + <member>Cumulative draft run of Release Notes doc using BZ extraction script for JBoss Enterprise Portal Platform 5.2.1 GA. Now with Bug status and assigned engineer.</member> + </simplelist> + </revdescription> + </revision> + <revision> + <revnumber>5.2.1-4</revnumber> + <date>Mon Mar 26 2012</date> + <author> + <firstname>Jared</firstname> + <surname>Morgan</surname> + <email>jmorgan [at] redhat [dot] com</email> + </author> + <revdescription> + <simplelist> + <member>Cumulative draft run of Release Notes doc using BZ extraction script for JBoss Enterprise Portal Platform 5.2.1 GA. Now with Bug status and assigned engineer.</member> + </simplelist> + </revdescription> + </revision> + <revision> + <revnumber>5.2.1-3</revnumber> + <date>Fri Mar 23 2012</date> + <author> + <firstname>Jared</firstname> + <surname>Morgan</surname> + <email>jmorgan [at] redhat [dot] com</email> + </author> + <revdescription> + <simplelist> + <member>Cumulative draft run of Release Notes doc using BZ extraction script for JBoss Enterprise Portal Platform 5.2.1 GA.</member> + </simplelist> + </revdescription> + </revision> + <revision> <revnumber>5.2.1-2</revnumber> <date>Wed Mar 21 2012</date> <author> Modified: epp/docs/branches/5.2/Release_Notes/en-US/known.xml =================================================================== --- epp/docs/branches/5.2/Release_Notes/en-US/known.xml 2012-03-26 19:45:52 UTC (rev 8641) +++ epp/docs/branches/5.2/Release_Notes/en-US/known.xml 2012-03-27 04:44:19 UTC (rev 8642) @@ -15,46 +15,73 @@ <variablelist> <varlistentry> - <term><ulink url="https://bugzilla.redhat.com/show_bug.cgi?id=741683" /></term> + <term><ulink url="https://bugzilla.redhat.com/show_bug.cgi?id=794440"><... - Docs: Instructions on how to set up the https connector are incomplete</term> <listitem> + <remark>Status: ASSIGNED</remark> <para> - An issue was found in the Site Publisher Installation Guide regarding the requirement for Site Publisher to have a separate database to Enterprise Portal Platform. A customer identified an issue with the clarity of this information when they encountered a problem with database provisioning for the platform. The Site Publisher Installation Guide has been merged with the Installation Guide. The Database Configuration section has been extensively reworked to specify Site Publisher must have its own IDM and JCR database configured, and matching database connector JNDI name directives specified in gatein-ds.xml + Gadgets require HTTPS to be configured correctly in order to operate. This requirement was not clearly documented in the Installation Guide, which caused configuration issues for customers. Instructions from a KBase article have been incorporated into the Installation Guide, with clarifying links to other JBoss Middleware product documentation for background info on keystore and truststore configuration. </para> </listitem> </varlistentry> <varlistentry> - <term><ulink url="https://bugzilla.redhat.com/show_bug.cgi?id=794386" /></term> + <term><ulink url="https://bugzilla.redhat.com/show_bug.cgi?id=794070"><... - Unable to remove DB users if LDAP store is not read-only</term> <listitem> + <remark>Status: ON_QA</remark> <para> - It was discovered that there was insufficient information in the Installation Guide regarding how to replace the default Hypersonic Database (HSQLDB) with a certified database that Red Hat supports. Detailed steps have been added to the Database Configuration section of the guide, which explain how to replace HSQLDB, and the requirements JBoss Enterprise Portal Platform has regarding separate databases for JCR and IDM. + CAUSE: Due to error in PicketLink IDM it was trying to remove user in store where it was not present + +FIX: Code and logic was corrected to remove user only in proper identity store (https://issues.jboss.org/browse/PLIDM-36) </para> </listitem> </varlistentry> <varlistentry> - <term><ulink url="https://bugzilla.redhat.com/show_bug.cgi?id=794440" /></term> + <term><ulink url="https://bugzilla.redhat.com/show_bug.cgi?id=794390"><... - List of users in group counts with users from all realms (paging is displayed, but no user)</term> <listitem> + <remark>Status: ON_QA</remark> <para> - Gadgets require HTTPS to be configured correctly in order to operate. This requirement was not clearly documented in the Installation Guide, which caused configuration issues for customers. Instructions from a KBase article have been incorporated into the Installation Guide, with clarifying links to other JBoss Middleware product documentation for background info on keystore and truststore configuration. + In some methods in PicketLink IDM, the correct identity realm information was not used in the hibernate query. This issue was fixed in PicketLink and included in this release of the platform. </para> </listitem> </varlistentry> <varlistentry> - <term><ulink url="https://bugzilla.redhat.com/show_bug.cgi?id=793259" /></term> + <term><ulink url="https://bugzilla.redhat.com/show_bug.cgi?id=794428"><... - Deleting a group causes IdentityException with openldap</term> <listitem> + <remark>Status: ON_QA</remark> <para> + If a nested IDM OpenLDAP child group was deleted from it's parent, an IdentityException occurred because OpenLDAP IDM removed the child group but not the parent-child relationship. The fix improves the logic behind child group deletion to ensure group associations are removed prior to deleting a group. + </para> + </listitem> +</varlistentry> + +<varlistentry> + <term><ulink url="https://bugzilla.redhat.com/show_bug.cgi?id=794436"><... - Duplicated last entry in the user list of the organization portlet</term> + <listitem> + <remark>Status: ON_QA</remark> + <para> + A design limitation in the Organization API caused inefficient paginated user queries. This was identified when user duplication occurred across LDAP and within the database, and there was different user data contained in these databases. The portal displayed the last entry in the returned query several times, which caused confusion when interpreting the query results. The fix introduces a configuration switch "countPaginatedUsers", which is configurable in the idm-configuration.xml file. Set the value to false to activate the switch, and improve query accuracy. + </para> + </listitem> +</varlistentry> + +<varlistentry> + <term><ulink url="https://bugzilla.redhat.com/show_bug.cgi?id=793259"><... - IE6 User Interface problems</term> + <listitem> + <remark>Status: ON_QA</remark> + <para> A problem affecting Microsoft Internet Explorer 6 caused portal javascript module messages to remain in the window status area after the module had successfully loaded. This caused confusion if a customer was not aware a module had loaded, and saw the error message. The fix corrects the issue by clearing the window.status message after a javascript module is loaded. </para> </listitem> </varlistentry> <varlistentry> - <term><ulink url="https://bugzilla.redhat.com/show_bug.cgi?id=793804" /></term> + <term><ulink url="https://bugzilla.redhat.com/show_bug.cgi?id=793804"><... - logged in user's role change doesn't take effect on the UI after a certain amount of "cache" time or user logs out and re-login.</term> <listitem> + <remark>Status: ON_QA</remark> <para> - It was discovered that changing memberships of already authenticated users did not immediately take effect. If a user had administrative membership revoked, and remained logged onto the portal, the privileges were still accessible for up to 30 minutes until the user permissions cache was refreshed. This could permit the user to perform undesirable actions in the portal. The fix introduces a new listener "MembershipUpdateListener" which is configurable from the organization-configuration.xml directive file. The listener immediately updates authenticated user memberships based on information in the ConversationRegistry. Changes to user memberships now take effect immediately, which corrects the originally reported issue. + It was discovered that changing memberships of already authenticated users did not immediately take effect. If a user had administrative membership revoked, and remained logged onto the portal, the privileges were still accessible for up to 30 minutes until the user permissions cache was refreshed. This could permit the user to perform undesirable actions in the portal. The fix introduces a new listener "MembershipUpdateListener" which has been added to <replaceable>JBOSS_HOME</replaceable>/server/<replaceable>PROFILE</replaceable>/deploy/gatein.ear/02portal.war/WEB-INF/conf/organization/organization-configuration.xml directive file. The listener immediately updates authenticated user memberships based on information in the ConversationRegistry. Changes to user memberships now take effect immediately, which corrects the originally reported issue. </para> </listitem> </varlistentry> Modified: epp/docs/branches/5.2/Release_Notes/en-US/needinfo.xml =================================================================== --- epp/docs/branches/5.2/Release_Notes/en-US/needinfo.xml 2012-03-26 19:45:52 UTC (rev 8641) +++ epp/docs/branches/5.2/Release_Notes/en-US/needinfo.xml 2012-03-27 04:44:19 UTC (rev 8642) @@ -16,17 +16,182 @@ <variablelist> <varlistentry> - <term><ulink url="https://bugzilla.redhat.com/show_bug.cgi?id=793639" /></term> + <term><ulink url="https://bugzilla.redhat.com/show_bug.cgi?id=793831"><... - org.oasis.wsrp.v2.InvalidRegistration: Invalid registration: in a load balance scenario</term> <listitem> + <para>The status is ASSIGNED, assigned to claprun(a)redhat.com.&lt;/para&gt; <para> + ==CUSTOMER ISSUE WHICH REQUIRES RELEASE NOTE== + </para> + </listitem> +</varlistentry> + +<varlistentry> + <term><ulink url="https://bugzilla.redhat.com/show_bug.cgi?id=806965"><... - PortletModes and WindowStates are not properly broadcasting events in webui</term> + <listitem> + <para>The status is ASSIGNED, assigned to ghu(a)redhat.com.&lt;/para&gt; + <para> + PATCH NAME: + 806915 +PRODUCT NAME: + JBoss Enterprise Portal Platform (EPP) +VERSION: + 5.2.0.GA +SHORT DESCRIPTION: + Bug 793905 PortletModes and WindowStates are not properly broadcasting events in webui. +LONG DESCRIPTION: + PortletModes and WindowStates are not properly broadcasting events in webui. Further details can be found in Bug 793905. +MANUAL INSTALL INSTRUCTIONS: + replace the jar +$EPP5_HOME/server/$PROFILE/deploy/gatein.ear/lib/exo.portal.webui.portal-5.2.0.GA.jar + with the patched one. +COMPATIBILITY: + N/A +DEPENDENCIES: + N/A +SUPERSEDES: + N/A +SUPERSEDED BY: + EPP 5.2.GA +CREATOR: + Gary Hu +DATE: + Mar 26, 2012 + </para> + </listitem> +</varlistentry> + +<varlistentry> + <term><ulink url="https://bugzilla.redhat.com/show_bug.cgi?id=798987"><... - Update outdated cache and clustering setup.</term> + <listitem> + <para>The status is MODIFIED, assigned to jbpapp-maint(a)redhat.com.&lt;/para&gt; + <para> + ==IS THIS A RELEASE NOTE, OR A DOCS CHANGE?== + </para> + </listitem> +</varlistentry> + +<varlistentry> + <term><ulink url="https://bugzilla.redhat.com/show_bug.cgi?id=793319"><... - Remove IP addresses from picketlink msad example config files</term> + <listitem> + <para>The status is ON_QA, assigned to hfnukal(a)redhat.com.&lt;/para&gt; + <para> + ==CUSTOMER FACING ISSUE REQUIRES RELEASE NOTE== + +CAUSE: + +CONSEQUENCE: + +FIX: + +RESULT: + </para> + </listitem> +</varlistentry> + +<varlistentry> + <term><ulink url="https://bugzilla.redhat.com/show_bug.cgi?id=793910"><... - GTNPORTAL-1940 calender doesnt disappear if tab is used for navigation</term> + <listitem> + <para>The status is ON_QA, assigned to hfnukal(a)redhat.com.&lt;/para&gt; + <para> + ==HELPDESK TICKET REQUIRES CCFR REVIEW BY SME== + +CAUSE: It was discovered that when users tabbed away from the calendar field, the calendar dialog persisted. + +CONSEQUENCE: Users had to click outside the calendar field to close the calendar dialog. + +FIX: The fix introduces updated behavior to the [component name], which ensures the calendar dialog closes on tab navigation away from the field + +RESULT: This corrects the originally reported issue. + </para> + </listitem> +</varlistentry> + +<varlistentry> + <term><ulink url="https://bugzilla.redhat.com/show_bug.cgi?id=794181"><... - Some first name and last name parameters are reversed in Japanese message bundle of UserInfoPortlet</term> + <listitem> + <para>The status is ON_QA, assigned to hfnukal(a)redhat.com.&lt;/para&gt; + <para> + ==NEEDINFO== + +CAUSE: + +CONSEQUENCE: + +FIX: + +RESULT: + </para> + </listitem> +</varlistentry> + +<varlistentry> + <term><ulink url="https://bugzilla.redhat.com/show_bug.cgi?id=794432"><... - Upgrade eXo JCR to 1.14.6 (and dependencies)</term> + <listitem> + <para>The status is ON_QA, assigned to hfnukal(a)redhat.com.&lt;/para&gt; + <para> + CAUSE: + +CONSEQUENCE: + +FIX: + +RESULT: + </para> + </listitem> +</varlistentry> + +<varlistentry> + <term><ulink url="https://bugzilla.redhat.com/show_bug.cgi?id=794445"><... - Admin console does not display JBoss info: only OS info is shown</term> + <listitem> + <para>The status is ON_QA, assigned to hfnukal(a)redhat.com.&lt;/para&gt; + <para> + ==PARTIAL RELEASE NOTE CONTENT PROVIDED== + +CAUSE: When admin-console is opened in the browser, no JBoss-related info is shown in the console and a JON error message is logged. + +CONSEQUENCE: + +FIX: The fix includes improvements to the console error message, standardizing it with the format used in other Middleware products. + </para> + </listitem> +</varlistentry> + +<varlistentry> + <term><ulink url="https://bugzilla.redhat.com/show_bug.cgi?id=794453"><... - gatein-wcm-extension-5.2.0-exo-2.3.3-CP01.ear should not be signed.</term> + <listitem> + <para>The status is ON_QA, assigned to hfnukal(a)redhat.com.&lt;/para&gt; + <para> + ==DRAFT CCFR PROVIDED FOR REVIEW - JMORGAN == + +It was discovered that the gatein-wcm-extension-5.2.0-exo-2.3.3-CP01.ear was signed with a JBoss signature. This prevented customers from modifying the contents of the archive. The signature is no longer applied to the .ear file, which allows customers to alter the contents and fixes the originally reported issue. + </para> + </listitem> +</varlistentry> + +<varlistentry> + <term><ulink url="https://bugzilla.redhat.com/show_bug.cgi?id=794461"><... - Patch required for CVE-2012-0818</term> + <listitem> + <para>The status is ON_QA, assigned to hfnukal(a)redhat.com.&lt;/para&gt; + <para> + INCLUDE CVE TEXT FOR THIS ISSUE + </para> + </listitem> +</varlistentry> + +<varlistentry> + <term><ulink url="https://bugzilla.redhat.com/show_bug.cgi?id=793639"><... - Create additional portal objects for external groups</term> + <listitem> + <para>The status is ON_QA, assigned to mposolda(a)redhat.com.&lt;/para&gt; + <para> If a user manually added users or groups into a Java Content Repository or LDAP, the required objects were not created because some necessary listeners were not called as they would be if the Organization API was used. This could result in exceptions in some situations, because the required JCR objects for a particular user or group were not correctly initialized. The fix introduces the CoreOrganizationInitializer plugin (exo.portal.component.initializer), which monitors the JCR and LDAP for changes and initiates the listeners when required. The plugin is disabled by default, but can be enabled by a portal administrator by uncommenting the block in JBOSS_HOME/server/[PROFILE]/deploy/gatein.ear/02portal.war/WEB-INF/conf/configuration.xml, which imports the configuration stored in the initializer-configuration.xml file. </para> </listitem> </varlistentry> <varlistentry> - <term><ulink url="https://bugzilla.redhat.com/show_bug.cgi?id=794235" /></term> + <term><ulink url="https://bugzilla.redhat.com/show_bug.cgi?id=794235"><... - The display name of login user should be configurable in UIUserInfoPortlet</term> <listitem> + <para>The status is ON_QA, assigned to mposolda(a)redhat.com.&lt;/para&gt; <para> The way the display name of authenticated users presented in portal screens used the firstName lastName format (commonly referred to as Western Order). Customers in regions where Eastern Order is prevalent reported issues with configuring upper-name requirements in portal UI screens. The fix introduces the Display Name (displayName) field, which is available in all UI screens. When configuring a user account, the user can specify their preferred display name, which overrides the fullName value retrieved by default. </para> @@ -34,13 +199,371 @@ </varlistentry> <varlistentry> - <term><ulink url="https://bugzilla.redhat.com/show_bug.cgi?id=793838" /></term> + <term><ulink url="https://bugzilla.redhat.com/show_bug.cgi?id=794394"><... - Invalid page title of page causes unability to edit node</term> <listitem> + <para>The status is ON_QA, assigned to mstrukel(a)redhat.com.&lt;/para&gt; <para> + CAUSE: Entered text becomes part of portal page HTML as-is, including special characters like angle brackets +CONSEQUENCE: Entered text can break a portal page +FIX: Prevent entry of angle brackets using NoHTMLTagValidator +RESULT: Text that could break a portal page can't be entered any more. If angle brackets are desired in the output, character references can be used - &lt; and &gt; + </para> + </listitem> +</varlistentry> + +<varlistentry> + <term><ulink url="https://bugzilla.redhat.com/show_bug.cgi?id=794395"><... - invalid page title causes the edit node dialog to disappear</term> + <listitem> + <para>The status is ON_QA, assigned to mstrukel(a)redhat.com.&lt;/para&gt; + <para> + CAUSE: Entered text becomes part of portal page HTML as-is, including special characters like angle brackets +CONSEQUENCE: Entered text can break a portal page +FIX: Prevent entry of angle brackets using NoHTMLTagValidator +RESULT: Text that could break a portal page can't be entered any more. If angle brackets are desired in the output, character references can be used - &lt; and &gt; + </para> + </listitem> +</varlistentry> + +<varlistentry> + <term><ulink url="https://bugzilla.redhat.com/show_bug.cgi?id=794376"><... - Navigation labels are shortened but not looking good in multibyte languages</term> + <listitem> + <para>The status is ON_QA, assigned to theute(a)redhat.com.&lt;/para&gt; + <para> + == HELPDESK ISSUE THAT REQUIRES CCFR == + +CAUSE: + +CONSEQUENCE: + +FIX: + +RESULT: + </para> + </listitem> +</varlistentry> + +<varlistentry> + <term><ulink url="https://bugzilla.redhat.com/show_bug.cgi?id=793571"><... - GTNPORTAL-1673 make UI validation regular expressions configurable by users</term> + <listitem> + <para>The status is CLOSED, assigned to claprun(a)redhat.com.&lt;/para&gt; + <para> + Several fields requiring user names where previously +validated using hardcoded logic, thus preventing users from easily changing +which user names were acceptable for their requirements. A new configurable +validator has been implemented that can be configured by users without having +to modify the source code thus allowing users to more easily change the format +for valid user names. + </para> + </listitem> +</varlistentry> + +<varlistentry> + <term><ulink url="https://bugzilla.redhat.com/show_bug.cgi?id=794350"><... - Breadcrumb Portlet doesn't update when a language change occurs</term> + <listitem> + <para>The status is CLOSED, assigned to hfnukal(a)redhat.com.&lt;/para&gt; + <para> + ==PARTIAL CCFR TEXT PROVIDED TO BE VERIFIED BY SME== + +CAUSE: A problem with [INSERT FAULTY PART OF THE BREADCRUMB PORTLET] + +CONSEQUENCE: caused the breadcrumb menu in portal screens to remain in the originally selected language after users selected their preferred language. + +FIX: The fix introduces [what specific changes to the breadcrumb portlet] that refresh the breadcrumb menu when a users selects their preferred language + +RESULT: This fixes the originally reported issue. + </para> + </listitem> +</varlistentry> + +<varlistentry> + <term><ulink url="https://bugzilla.redhat.com/show_bug.cgi?id=793938"><... - Replicated seesion is corrupted in Portlet Bridge Seam application</term> + <listitem> + <para>The status is CLOSED, assigned to kfinniga(a)redhat.com.&lt;/para&gt; + <para> + Cause: +Clustered Seam Booking demo Portlet throws exception when node that user session was using fails, or is shutdown, and is transferred to remaining node + +Consequence: +Portlet ceases to work due to org.gatein.pc.api.PortletInvokerException + +Fix: +Call defaultReadObject() when de-serializing PortalIdentity + +Result: +Session correctly restored for Seam Booking portlet after failover to remaining node + </para> + </listitem> +</varlistentry> + +<varlistentry> + <term><ulink url="https://bugzilla.redhat.com/show_bug.cgi?id=793999"><... - PBR-284: rich:simpleTogglePanel does not work when placing two portlets in a page</term> + <listitem> + <para>The status is CLOSED, assigned to kfinniga(a)redhat.com.&lt;/para&gt; + <para> + ==MIXED RELEASE NOTE CONTENT - HANDLE KNOWN ISSUE IN ANOTHER TICKET? == + +Issue 1) LoadScriptStrategy ALL does not work in all +browsers when WRAP_SCRIPTS is true: + +CAUSE +JavaScript file from RichFaces are not correctly wrapped +CONSEQUENCE +The portlets don't function correctly due to JavaScript errors +FIX +Correctly identify the JavaScript files that need to be wrapped by +PortletBridge +RESULT +RichFaces portlets function correctly on IE and Chrome with LoadScriptStrategy +ALL and WRAP_SCRIPTS true + +Issue 2) LoadScriptStrategy DEFAULT and ALL when WRAP_SCRIPTS true do not work +on FF +CAUSE +FF seems to have a different method of recognising JavaScript functions than IE +and Chrome +CONSEQUENCE +JavaScript errors saying $A() not defined for a RichFaces portlet when +WRAP_SCRIPTS true +FIX +None (Fix can't be applied to PortletBridge). It is possible to resolve it by +moving the $A function in the JavaScript to the top of the file, but this would +require a patch to RichFaces +RESULT +Known Issue - https://issues.jboss.org/browse/RF-11975 + </para> + </listitem> +</varlistentry> + +<varlistentry> + <term><ulink url="https://bugzilla.redhat.com/show_bug.cgi?id=793651"><... - Authenticated credentials are stored as attribute in HTTP session during clustered setup</term> + <listitem> + <para>The status is CLOSED, assigned to mposolda(a)redhat.com.&lt;/para&gt; + <para> + Release notes docs status: Not Yet Documented + +NOTE: I am not sure how to proceed with Release Notes because this issue has not been reported by any customer and it's security issue visible only by RedHat and eXo. + +CAUSE: Previously we had credentials of authenticated user stored as attribute in Http Session + +FIX: Now credentials are not stored in HttpSession but in separate component AuthenticationRegistry. It is safer and it means that there is no chance that Credentials will be replicated to different cluster node during authentication process. + </para> + </listitem> +</varlistentry> + +<varlistentry> + <term><ulink url="https://bugzilla.redhat.com/show_bug.cgi?id=793838"><... - Provide support for a newer JOSSO version</term> + <listitem> + <para>The status is CLOSED, assigned to mposolda(a)redhat.com.&lt;/para&gt; + <para> Due to a changed Java Open Single Sign On JOSSO agent API, it was only possible to upgrade JOSSO to v1.8.1. An upstream fix was applied to JBoss Enterprise Portal Platform which allows later JOSSO versions to be applied after v1.8.1. A changed JOSSO agent API between JOSSO versions v1.8.1 and v1.8.2 requires different packaging, which has changed some procedures. Refer to the updated procedures in the <citetitle>Reference Guide</citetitle> "Java Open Single Sign-On Project" section for more details. </para> </listitem> </varlistentry> +<varlistentry> + <term><ulink url="https://bugzilla.redhat.com/show_bug.cgi?id=794129"><... - Log level improvement in FallbackIdentityStoreRepository class (PicketLink IDM)</term> + <listitem> + <para>The status is CLOSED, assigned to mposolda(a)redhat.com.&lt;/para&gt; + <para> + CAUSE: Class FallbackIdentityStoreRepository from library Picketlink IDM was using insufficient logging in some places, because some errors were reported into log with log level INFO, which may cause that customer can miss some important error messages. + +FIX: It's fixed in library Picketlink IDM. I added SEVERE logging +instead of INFO for all exceptions, which are not propagated to the caller. For +those, which are propagated there is FINER logging, but it seems to be +sufficient since the exception should be processed and logged by the caller. + +btw. I used SEVERE category instead of ERROR, because Picketlink IDM is using +JDK logging and it does not support ERROR category (categories are SEVERE, +WARN, INFO, FINE, FINER, FINEST) + </para> + </listitem> +</varlistentry> + +<varlistentry> + <term><ulink url="https://bugzilla.redhat.com/show_bug.cgi?id=794356"><... - Clicking on User management tabs can cause the "no results found" popup</term> + <listitem> + <para>The status is CLOSED, assigned to mposolda(a)redhat.com.&lt;/para&gt; + <para> + PROBLEM: An issue with the No Result Found pop-up causes it to display +after first searching for a non-existent user string, then searching for a +string that is known to exist. + +FIX: This was UI issue and it has been fixed in particular UI components +related to OrganizationManagementPortlet. Now popup "No results found" is +displayed only in valid situations, when really no results are found. + +This issue has same cause like GateIn issue GTNPORTAL-1517, which has been +fixed in GateIn longer time ago. So we fixed it in EPP by backport related +source files from GateIn. + </para> + </listitem> +</varlistentry> + +<varlistentry> + <term><ulink url="https://bugzilla.redhat.com/show_bug.cgi?id=794454"><... - Images are processed by PortalRequestHandler</term> + <listitem> + <para>The status is CLOSED, assigned to mposolda(a)redhat.com.&lt;/para&gt; + <para> + CAUSE: Problem is caused by incorrect mapping of staticResource handler in +controller.xml . StaticResource handler is mapped after PortalRequestHandler, +which means that all images are firstly processed by PortalRequestHandler. This +is non-sense and it results that incorrect HTTP header "Cache-control: +no-cache" is used for images and some non-sense operations are called (like +calling DataStorage.getPortalConfig with argument "favicon.ico" ). + +FIX: Thing is that images should be processed only by +StaticResourceHandler and not by PortalRequestHandler at all. So I changed the +order in controller.xml configuration, and I've added StaticResourceHandler +before PortalRequestHandler (it was opposite before). + </para> + </listitem> +</varlistentry> + +<varlistentry> + <term><ulink url="https://bugzilla.redhat.com/show_bug.cgi?id=794456"><... - WebAppController needs to start RequestLifeCycle for every processing (including static resource processing)</term> + <listitem> + <para>The status is CLOSED, assigned to mposolda(a)redhat.com.&lt;/para&gt; + <para> + CAUSE: WebAppController needs to start +RequestLifeCycle for every processing (including static resource processing). +And starting of requestLifeCycle is quite expensive as it requires starting of +Hibernate transaction among other things. This means that we need to start +Hibernate transaction for processing of images and other static resources, +which does not makes sense and it's not ideal from performance perspective. + +FIX: Adding new method to WebRequestHandler class, so handlers can decide +if they need to start RequestLifeCycle or not. Handlers for sending requests to +portal (like PortalRequestHandler) needs to start transaction, but handlers for +processing static resources (like StaticResourceHandler) don't need it. So now +we are not starting Hibernate transaction anymore for processing images. + </para> + </listitem> +</varlistentry> + +<varlistentry> + <term><ulink url="https://bugzilla.redhat.com/show_bug.cgi?id=794320"><... - Enable customization of LocalConfig service by extending existing implementations</term> + <listitem> + <para>The status is CLOSED, assigned to mstrukel(a)redhat.com.&lt;/para&gt; + <para> + CAUSE: Many methods in LocaleConfigImpl, and +LocaleConfigServiceImpl were final or private. + +CONSEQUENCE: Users were unable to reuse existing implementation by extending +and overriding - they were forced to copy-paste in order to implement +alternative behaviour. + +FIX: Remove final from methods, make private method protected. + +RESULT: Users should now be able to extend, and override the default +LocaleConfig implementation. + </para> + </listitem> +</varlistentry> + +<varlistentry> + <term><ulink url="https://bugzilla.redhat.com/show_bug.cgi?id=793959"><... - Richfaces portlet after session expiration generates incorrect request (resource)</term> + <listitem> + <para>The status is CLOSED, assigned to mwringe(a)redhat.com.&lt;/para&gt; + <para> + == IS THIS INCLUDED IN EPP 5.2.1, AND DOES IT REQUIRE RN? == + </para> + </listitem> +</varlistentry> + +<varlistentry> + <term><ulink url="https://bugzilla.redhat.com/show_bug.cgi?id=794349"><... - Application Registry has double entries for some applications</term> + <listitem> + <para>The status is CLOSED, assigned to mwringe(a)redhat.com.&lt;/para&gt; + <para> + == IS THIS INCLUDED IN EPP 5.2.1, AND DOES IT REQUIRE RN? == + </para> + </listitem> +</varlistentry> + +<varlistentry> + <term><ulink url="https://bugzilla.redhat.com/show_bug.cgi?id=794402"><... - Consistent initialization order of servlets/portlets at deploy and hot-deploy</term> + <listitem> + <para>The status is CLOSED, assigned to mwringe(a)redhat.com.&lt;/para&gt; + <para> + == HELPDESK CASE THAT WILL REQUIRE CCFR == + +CAUSE: + +CONSEQUENCE: + +FIX: + +RESULT: + </para> + </listitem> +</varlistentry> + +<varlistentry> + <term><ulink url="https://bugzilla.redhat.com/show_bug.cgi?id=794463"><... - ResourceIDs are sometimes lost when serving portlet resources</term> + <listitem> + <para>The status is CLOSED, assigned to mwringe(a)redhat.com.&lt;/para&gt; + <para> + == IS THIS ISSUE FOR EPP 5.2.1, AND DOES IT REQUIRE RN == + </para> + </listitem> +</varlistentry> + +<varlistentry> + <term><ulink url="https://bugzilla.redhat.com/show_bug.cgi?id=794357"><... - possible to clone or copy system nodes in edit navigation</term> + <listitem> + <para>The status is CLOSED, assigned to nscavell(a)redhat.com.&lt;/para&gt; + <para> + == ISSUE SEEMS TO BE RESOLVED. ISSUE WAS KNOWN BEFORE. DRAFTED RESOLVE ISSUE RN FOR SME REVIEW == + +An issue with node copy or clone behavior allowed users to copy or clone a system node but not delete the node. This was caused by the node already being a system node, and therefore could not be deleted based on context. This issue has been fixed and included in this release of the product. + </para> + </listitem> +</varlistentry> + +<varlistentry> + <term><ulink url="https://bugzilla.redhat.com/show_bug.cgi?id=794396"><... - Deleting created subnode populates NPE and parent node is not properly deleted</term> + <listitem> + <para>The status is CLOSED, assigned to nscavell(a)redhat.com.&lt;/para&gt; + <para> + == IS RELEASE NOTE REQUIRED FOR THIS ISSUE? == + </para> + </listitem> +</varlistentry> + +<varlistentry> + <term><ulink url="https://bugzilla.redhat.com/show_bug.cgi?id=793701"><... - XSD NS references have bad URL in organization-configuration.xml</term> + <listitem> + <para>The status is CLOSED, assigned to hfnukal(a)redhat.com.&lt;/para&gt; + <para> + ==NEEDINFO== + +The XMLNS URLs +in the 02portal.war/WEB-INF/conf/organization/organization-configuration.xml file's namespace declaration contained an incorrect namespace URL. The fix corrects the issue for new installations. If you have created a custom server profile, ensure you manually change www.<replaceable>exoplaform</replaceable>.org to www.<replaceable>exoplatform</replaceable>.org in the +namespace declaration of the file. + </para> + </listitem> +</varlistentry> + +<varlistentry> + <term><ulink url="https://bugzilla.redhat.com/show_bug.cgi?id=793909"><... - PicketLink fails to match identity object type due to whitespaces in its DN</term> + <listitem> + <para>The status is CLOSED, assigned to mposolda(a)redhat.com.&lt;/para&gt; + <para> + CAUSE: PicketLink does not account for spaces in domain +names when it verifies identity. If the user enters spaces in the domain name, +the following exception is thrown: +"org.picketlink.idm.common.exception.IdentityException: Cannot recognize +identity object type by its DN". There is no workaround for this issue, apart +from ensuring no spaces are included in domain names. + +FIX: It's fixed only in Picketlink IDM library. Now it supports comparison of Ldap DN, so DN are considered +equal even if these DN have some whitespaces in path. +LDAPIdentityStoreRepository is refactored according to it. + +TestCase is also added for it into Picketlink IDM library. + </para> + </listitem> +</varlistentry> + </variablelist> </chapter> Modified: epp/docs/branches/5.2/Release_Notes/en-US/resolved.xml =================================================================== --- epp/docs/branches/5.2/Release_Notes/en-US/resolved.xml 2012-03-26 19:45:52 UTC (rev 8641) +++ epp/docs/branches/5.2/Release_Notes/en-US/resolved.xml 2012-03-27 04:44:19 UTC (rev 8642) @@ -10,9 +10,73 @@ <variablelist> <varlistentry> - <term><ulink url="https://bugzilla.redhat.com/show_bug.cgi?id=793956" /></term> + <term><ulink url="https://bugzilla.redhat.com/show_bug.cgi?id=794466"><... - LOGIN_URL contains a line break in CAS integration document</term> <listitem> + <remark>Status: VERIFIED</remark> <para> + A problem was identified with an important file path in the "Redirect to CAS" procedure of the Reference Guide. A break in the LOGIN_URL parameter value caused issues when the code sample was copied, causing the code sample to be invalid when used verbatim in actual configuration. The LOGIN_URL value has been reformatted to a single line, which removes the space and corrects the originally reported issue. + </para> + </listitem> +</varlistentry> + +<varlistentry> + <term><ulink url="https://bugzilla.redhat.com/show_bug.cgi?id=794400"><... - able to save wsrp producer property with non-valid name</term> + <listitem> + <remark>Status: CLOSED</remark> + <para> + Values input in the registration properties field in +the Producer configuration part of the WSRP administration portlet were not properly validated. This resulted in errors further down the stack (in particular at the persistence level), an inconsistent user interface, and possible XSS vulnerabilities. Input is now properly validated and errors should now be caught much earlier, rherefore avoiding invalid values to propagate to lower levels of the WSRP service. + </para> + </listitem> +</varlistentry> + +<varlistentry> + <term><ulink url="https://bugzilla.redhat.com/show_bug.cgi?id=794369"><... - Gadgets without titles not handled properly in Application Registry</term> + <listitem> + <remark>Status: CLOSED</remark> + <para> + ==REWORKED AS RESOLVED ISSUE. IS THIS OK??== +It was discovered that a Gadget could be added with an empty title. This caused the gadget to become unusable because all gadgets must have a title. The fix ensures that the title field is completed correctly prior to the gadget being saved, therefore fixing the issue. + </para> + </listitem> +</varlistentry> + +<varlistentry> + <term><ulink url="https://bugzilla.redhat.com/show_bug.cgi?id=794392"><... - EPP-SP Broken portalsite template</term> + <listitem> + <remark>Status: CLOSED</remark> + <para> + When Site publisher was installed on top of Enterprise Portal Platform, picking a site layout would not create a working +site. The problem has been fixed so that the new sites are created properly. + </para> + </listitem> +</varlistentry> + +<varlistentry> + <term><ulink url="https://bugzilla.redhat.com/show_bug.cgi?id=794384"><... - Unicode characters handling problem</term> + <listitem> + <remark>Status: CLOSED</remark> + <para> + HTTP Request parameters were retrieved before the character encoding was set to UTF-8. The default character encoding of ISO-8859-1 was used instead, leading to corrupted characters. The fix ensures character encoding is set to UTF-8 before Request parameters are accessed. Correct unicode characters are now returned in form posts. + </para> + </listitem> +</varlistentry> + +<varlistentry> + <term><ulink url="https://bugzilla.redhat.com/show_bug.cgi?id=793387"><... - Administration portlets not accessible when reconnection to LDAP from another instance</term> + <listitem> + <remark>Status: CLOSED</remark> + <para> + A problem with the logic in OrganizationDatabaseInitializer caused issues with LDAP group mapping and permissions when the platform was executed for the first time. The fix introduces updated logic in NewPortalConfigListener, which ensures LDAP groups are correctly initialized, with all permission fields properly assigned. + </para> + </listitem> +</varlistentry> + +<varlistentry> + <term><ulink url="https://bugzilla.redhat.com/show_bug.cgi?id=793956"><... - Support for system property substitution in PicketLink IDM configuration</term> + <listitem> + <remark>Status: CLOSED</remark> + <para> Picketlink IDM did not support system property substitution in the configuration files. The fix implements parameters that allow system property substitution. Substitution is supported for every String element in the Picketlink IDM configuration file. The substitution operates in the same way as JBoss Enterprise Application Platform substitution. Usage examples follow. @@ -32,5 +96,67 @@ </listitem> </varlistentry> +<varlistentry> + <term><ulink url="https://bugzilla.redhat.com/show_bug.cgi?id=794437"><... - NullPointerException upgrading EPP from 5.1 to 5.2</term> + <listitem> + <remark>Status: CLOSED</remark> + <para> + After upgrading from EPP 5.1 to 5.2 with existing +data and a custom portal, a "Cannot convert null to primitive type org.chromattic.core.vt2.ValueDefinition" Null Pointer Exception was thrown at the second server startup. This fix upgrades the NewPortalConfigListener to correctly handle such data. + </para> + </listitem> +</varlistentry> + +<varlistentry> + <term><ulink url="https://bugzilla.redhat.com/show_bug.cgi?id=794331"><... - Text encoding is lost in serveResources</term> + <listitem> + <remark>Status: CLOSED</remark> + <para> + It was discovered that when content was served from a portlet, the resource encoding was being rewritten with the default encoding of the running JVM. To work around the issue, users had to serve the resource as a binary, or set the system encoding to ISO-8859-1. The fix implements improved resource handling, which honors the mime type encoding when outputting byte array data. + </para> + </listitem> +</varlistentry> + +<varlistentry> + <term><ulink url="https://bugzilla.redhat.com/show_bug.cgi?id=794341"><... - imported gadgets can have more than max characters which causes problems</term> + <listitem> + <remark>Status: CLOSED</remark> + <para> + It was discovered that an imported remote gadget title could contain more than 255 characters. If a user tried to edit a gadget with more than 255 characters in the title, an error message will appear on save: "The length of the text in field "Description :" must be between "0" and "255" characters.". The fix allows gadgets to have an unrestricted title length, which fixes the originally reported issue. + </para> + </listitem> +</varlistentry> + +<varlistentry> + <term><ulink url="https://bugzilla.redhat.com/show_bug.cgi?id=793246"><... - Logo portlet on Dashboard - url validation</term> + <listitem> + <remark>Status: CLOSED</remark> + <para> + URLs provided to the logo portlets were improperly +validated, excluding absolute URLs when they should have been allowed. This caused an error with the default URL. The URL validation scheme has been modified to allow absolute URLs, which corrects the issue. + </para> + </listitem> +</varlistentry> + +<varlistentry> + <term><ulink url="https://bugzilla.redhat.com/show_bug.cgi?id=794319"><... - Upgrade openid4java to resolve CVE-2011-4314</term> + <listitem> + <remark>Status: CLOSED</remark> + <para> + It was found that the Attribute Exchange (AX) extension of OpenID4Java was not checking to ensure attributes were signed. If AX was being used to receive information that an application only trusts the identity provider to assert, a remote attacker could use this flaw to conduct man-in-the-middle attacks and compromise the integrity of the information via a specially-crafted request. By default, only the JBoss Seam openid example application uses OpenID4Java. (CVE-2011-4314) + </para> + </listitem> +</varlistentry> + +<varlistentry> + <term><ulink url="https://bugzilla.redhat.com/show_bug.cgi?id=794385"><... - Czech localization labels for navigation nodes are missing</term> + <listitem> + <remark>Status: CLOSED</remark> + <para> + Root portal navigation nodes did not have access to localized menu content. If a user selected their local language from the available portal language selector, the portal language would default to English. The fix includes the missing localization files, which corrects the originally reported issue. + </para> + </listitem> +</varlistentry> + </variablelist> </chapter>