From do-not-reply at jboss.org Mon May 24 04:08:12 2010
Content-Type: multipart/mixed; boundary="===============8853572257044657752=="
MIME-Version: 1.0
From: do-not-reply at jboss.org
To: gatein-commits at lists.jboss.org
Subject: [gatein-commits] gatein SVN: r3183 -
 portal/branches/EPP_5_0_0_Branch_Docs/Enterprise_Portal_Platform_Release_Notes/en-US.
Date: Mon, 24 May 2010 04:08:12 -0400
Message-ID: <201005240808.o4O88CP7001603@svn01.web.mwc.hst.phx2.redhat.com>

--===============8853572257044657752==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable

Author: smumford
Date: 2010-05-24 04:08:11 -0400 (Mon, 24 May 2010)
New Revision: 3183

Modified:
   portal/branches/EPP_5_0_0_Branch_Docs/Enterprise_Portal_Platform_Release=
_Notes/en-US/Release_Notes.xml
Log:
JBEPP-279: Added content to Known Issues section. Requires technical verifi=
cation and further content for autologin issue

Modified: portal/branches/EPP_5_0_0_Branch_Docs/Enterprise_Portal_Platform_=
Release_Notes/en-US/Release_Notes.xml
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
--- portal/branches/EPP_5_0_0_Branch_Docs/Enterprise_Portal_Platform_Releas=
e_Notes/en-US/Release_Notes.xml	2010-05-24 05:29:09 UTC (rev 3182)
+++ portal/branches/EPP_5_0_0_Branch_Docs/Enterprise_Portal_Platform_Releas=
e_Notes/en-US/Release_Notes.xml	2010-05-24 08:08:11 UTC (rev 3183)
@@ -634,52 +634,285 @@
 			Every reasonable effort has been made to address issues with the previo=
us releases of Enterprise Portal Platform. However, since this is a complet=
ely new architecture it is difficult to provide a pure translation of issue=
s from release to release.
 		</para>
 =

-		<formalpara id=3D"form-Release_Notes-_Known_Issues_with_this_release_-Ge=
neral_Known_Issues">
+				<section>
+			<title>Security Issues</title>
+			<variablelist>
+			  <varlistentry>
+				<term><ulink type=3D"http" url=3D"https://jira.jboss.org/browse/JBPAPP=
-3171">https://jira.jboss.org/browse/JBPAPP-3171</ulink></term>
+				<listitem>
+					<para>
+						Cross-site scripting (XSS) vulnerabilities were found in the Enterpr=
ise Application Platform component of &PRODUCT;. While the issue has been a=
ddress, some minor vulnerabilities may linger in this release.
+					</para>
+					<para>
+						This issue will be completely resolved in the next minor release of =
&PRODUCT;
+					</para>
+				</listitem>
+			</varlistentry>
+			<varlistentry>
+				<term><ulink type=3D"http" url=3D"https://jira.jboss.org/browse/JBPAPP=
-4141">https://jira.jboss.org/browse/JBPAPP-4141</ulink></term>
+				<listitem>
+					<para>
+						Some servlets may leak information about a portal's version, running=
 environment, system hardware or Java Virtual Machine setups.
+					</para>
+					<para>
+						This issue will be completely resolved in the next minor release of =
&PRODUCT;
+					</para>
+				</listitem>
+			</varlistentry>
+			<varlistentry>
+				<term> Autologin</term>
+				<listitem>
+					<para>
+						The new autologin feature in &PRODUCT;, could be exploited in produc=
tion environments.
+					</para>
+					<para>
+						To disable autologin ...
+					</para>
+
+
+				</listitem>
+			</varlistentry>
+			<varlistentry>
+				<term>Non-changing Captcha</term>
+				<listitem>
+					<para>
+						The captcha registration feature can be brute-forced to not change, =
which can allow fake users to be created automatically and in bulk.
+					</para>
+					<para>
+						To prevent this a new captcha must be created with every <literal>po=
st</literal> request to the portal user register.
+					</para>
+					<para>
+						This fix will be implemented in the next minor release of &PRODUCT;.
+					</para>
+				</listitem>
+			</varlistentry>	=

+			</variablelist>
+		</section>
+
+
+		<section id=3D"sect-Release_Notes-_Known_Issues_with_this_release_-Gener=
al_Known_Issues">
 			<title>General Known Issues</title>
-			<para>
-				<itemizedlist>
+				<formalpara>
+					<title><ulink url=3D"https://jira.jboss.org/browse/JBEPP/component/12=
312983">https://jira.jboss.org/browse/JBEPP/component/12312983</ulink></tit=
le>
+							<para>
+								A short list of general issues in this release.
+							</para>
+				</formalpara>
+		</section>
+
+		<section id=3D"sect-Release_Notes-_Known_Issues_with_this_release_-Compo=
nent_Specific_Known_Issues">
+			<title>Specific Known Issues</title>
+				<variablelist>
+				  <varlistentry>
+					<term><ulink type=3D"http" url=3D"">https://jira.jboss.org/browse/JBE=
PP-167</ulink></term>
 					<listitem>
 						<para>
-							<ulink url=3D"https://jira.jboss.org/jira/browse/JBEPP/component/12=
312983">JIRA Link</ulink>
+							Embed jcip-annotations.jar into <filename>/server/default/lib</file=
name>.
 						</para>
 					</listitem>
+				</varlistentry>
+				  <varlistentry>
+					<term><ulink type=3D"http" url=3D"https://jira.jboss.org/browse/JBEPP=
-207">https://jira.jboss.org/browse/JBEPP-207</ulink></term>
 					<listitem>
 						<para>
-							<ulink url=3D"https://jira.jboss.org/jira/browse/JBEPP/component/12=
312983">JIRA Link</ulink>
+							A <literal>NullPointerException</literal> may be encountered when s=
electing a page which has been deleted in Page Management.
 						</para>
 					</listitem>
+				</varlistentry>
+				<varlistentry>
+					<term><ulink type=3D"http" url=3D"https://jira.jboss.org/browse/JBEPP=
-208">https://jira.jboss.org/browse/JBEPP-208</ulink></term>
 					<listitem>
 						<para>
-							<ulink url=3D"https://jira.jboss.org/jira/browse/JBEPP/component/12=
312983">JIRA Link</ulink>
+							An '<emphasis role=3D"bold">Unknown errror</emphasis>' while editin=
g page/layout in Dashboard under certain scenario.
 						</para>
 					</listitem>
-				</itemizedlist>
-			</para>
-		</formalpara>
-		<formalpara id=3D"form-Release_Notes-_Known_Issues_with_this_release_-Co=
mponent_Specific_Known_Issues">
-			<title>Component Specific Known Issues</title>
-			<para>
-				<itemizedlist>
+				</varlistentry>
+				<varlistentry>
+					<term> <ulink type=3D"http" url=3D"https://jira.jboss.org/browse/JBEP=
P-210">https://jira.jboss.org/browse/JBEPP-210</ulink></term>
 					<listitem>
 						<para>
-							<ulink url=3D"https://jira.jboss.org/jira/browse/JBEPP/component/12=
312983">JIRA Link</ulink>
+							An '<emphasis role=3D"bold">Unknown error</emphasis>' may be return=
ed when trying to save an page on which an application has been removed.
 						</para>
 					</listitem>
+				</varlistentry>
+				<varlistentry>
+					<term><ulink type=3D"http" url=3D"https://jira.jboss.org/browse/JBEPP=
-212">https://jira.jboss.org/browse/JBEPP-212</ulink></term>
 					<listitem>
 						<para>
-							<ulink url=3D"https://jira.jboss.org/jira/browse/JBEPP/component/12=
312983">JIRA Link</ulink>
+							Performing concurrent modifications of a dashboard may result in an=
 error.
 						</para>
 					</listitem>
+				</varlistentry>
+				<varlistentry>
+					<term><ulink type=3D"http" url=3D"https://jira.jboss.org/browse/JBEPP=
-226">https://jira.jboss.org/browse/JBEPP-226</ulink></term>
 					<listitem>
 						<para>
-							<ulink url=3D"https://jira.jboss.org/jira/browse/JBEPP/component/12=
312983">JIRA Link</ulink>
+							Uppercase and lowercase characters are not differentiated in the ap=
plication registry.
 						</para>
 					</listitem>
-				</itemizedlist>
-			</para>
-		</formalpara>
+				</varlistentry>
+				<varlistentry>
+					<term><ulink type=3D"http" url=3D"https://jira.jboss.org/browse/JBEPP=
-262">https://jira.jboss.org/browse/JBEPP-262</ulink></term>
+					<listitem>
+						<para>
+							&PRODUCT; requires a one-off patch on EAP to fix the bug <ulink typ=
e=3D"http" url=3D"https://jira.jboss.org/browse/JBPAPP-3977">JBossWS - Time=
out value gets inserted into URLs</ulink>.
+						</para>
+					</listitem>
+				</varlistentry>
+				<varlistentry>
+					<term><ulink type=3D"http" url=3D"https://jira.jboss.org/browse/JBEPP=
-296">https://jira.jboss.org/browse/JBEPP-296</ulink></term>
+					<listitem>
+						<para>
+							The error message "<emphasis role=3D"bold">Page not found</emphasis=
>" is displayed after the layout of any portal page is edited.
+						</para>
+					</listitem>
+				</varlistentry>
+				<varlistentry>
+					<term><ulink type=3D"http" url=3D"https://jira.jboss.org/browse/JBEPP=
-315">https://jira.jboss.org/browse/JBEPP-315</ulink></term>
+					<listitem>
+						<para>
+							Pre-release testing indicated that render parameters in JSR-286 por=
tlets are not replicating in a cluster with 2-nodes.
+						</para>
+					</listitem>
+				</varlistentry>	=

+				<varlistentry>
+					<term><ulink type=3D"http" url=3D"https://jira.jboss.org/browse/JBEPP=
-326">https://jira.jboss.org/browse/JBEPP-326</ulink></term>
+					<listitem>
+						<para>
+							The error message displayed when creating portal which starts with =
number (an illegal character) contains the typographical error '<emphasis r=
ole=3D"bold">contains</emphasis>'.
+						</para>
+						<para>
+							The message should read as: <emphasis role=3D"bold">The "Portal Nam=
e :" field must start with a character and must not contain special charact=
ers</emphasis>.
+						</para>
+					</listitem>
+				</varlistentry>
+				<varlistentry>
+					<term><ulink type=3D"http" url=3D"https://jira.jboss.org/browse/JBEPP=
-331">https://jira.jboss.org/browse/JBEPP-331</ulink></term>
+					<listitem>
+						<para>
+							The logo in the logo portlet on the &PRODUCT; Dashboard has a relat=
ive  URL. This can cause URL validation issues returning the error: <emphas=
is role=3D"bold">The field "logoUrl" must match the format "URL"</emphasis>.
+						</para>
+					</listitem>
+				</varlistentry>
+				<varlistentry>
+					<term><ulink type=3D"http" url=3D"https://jira.jboss.org/browse/JBEPP=
-334">https://jira.jboss.org/browse/JBEPP-334</ulink></term>
+					<listitem>
+						<para>
+							Uppercase lettering does not work with MYSQL databases. This can ca=
use problems when creating pages or portals with the same name.
+						</para>
+						<para>
+							This is caused by MYSQL's <literal>VARCAHR</literal> entry in the <=
literal>JCR_SITEM</literal> table not being case sensitive. A patch has bee=
n written that solves this issue by switching the <literal>VARCHAR</literal=
> entry to use <literal>VARBINARY</literal> which <emphasis role=3D"bold">i=
s</emphasis> case sensitive.
+						</para>
+					</listitem>
+				</varlistentry>
+				<varlistentry>
+					<term><ulink type=3D"http" url=3D"https://jira.jboss.org/browse/JBEPP=
-339">https://jira.jboss.org/browse/JBEPP-339</ulink></term>
+					<listitem>
+						<para>
+							A <literal>NullPointerException</literal> is encountered when attem=
pting to access a Dashboard after a page has been deleted.
+						</para>
+					</listitem>
+				</varlistentry>
+				<varlistentry>
+					<term><ulink type=3D"http" url=3D"https://jira.jboss.org/browse/JBEPP=
-342">https://jira.jboss.org/browse/JBEPP-342</ulink></term>
+					<listitem>
+						<para>
+							Unicode and special characters in some languages (specifically Germ=
an) are badly escaped in the names of navigation nodes.
+						</para>
+					</listitem>
+				</varlistentry>
+				<varlistentry>
+					<term><ulink type=3D"http" url=3D"https://jira.jboss.org/browse/JBEPP=
-343">https://jira.jboss.org/browse/JBEPP-343</ulink></term>
+					<listitem>
+						<para>
+							When creating or deleting new group navigations, changes do not app=
ear in the portal until after a logout/login is undertaken.
+						</para>
+					</listitem>
+				</varlistentry>
+				<varlistentry>
+					<term><ulink type=3D"http" url=3D"https://jira.jboss.org/browse/JBEPP=
-344">https://jira.jboss.org/browse/JBEPP-344</ulink></term>
+					<listitem>
+						<para>
+							There are currently some User Interface display inconsistencies whe=
n using Internet Explorer 6 to edit or view a portal. =

+						</para>
+					</listitem>
+				</varlistentry>
+				<varlistentry>
+					<term><ulink type=3D"http" url=3D"https://jira.jboss.org/browse/JBEPP=
-350">https://jira.jboss.org/browse/JBEPP-350</ulink></term>
+					<listitem>
+						<para>
+							An error is encountered when adding a gadget to a portal using a MY=
SQL database if the '<filename>/server/production</filename>' folder has be=
en removed but the database has not been cleaned.
+						</para>
+						<para>
+							In this scenario the error; <emphasis role=3D"bold">Unable to retri=
eve gadget xml. HTTP error 500</emphasis> is returned.
+						</para>
+					</listitem>
+				</varlistentry>
+				<varlistentry>
+					<term><ulink type=3D"http" url=3D"https://jira.jboss.org/browse/JBEPP=
-355">https://jira.jboss.org/browse/JBEPP-355</ulink></term>
+					<listitem>
+						<para>
+							The portal will return a permissions error when trying to add all g=
roups in the group navigation, even if the user is logged in as the portal =
administrator (root). =

+						</para>
+						<para>
+							The error message will read: <emphasis role=3D"bold">This user does=
n't have permissions to add navigation</emphasis>.
+						</para>
+					</listitem>
+				</varlistentry>
+				<varlistentry>
+					<term><ulink type=3D"http" url=3D"https://jira.jboss.org/browse/JBEPP=
-356">https://jira.jboss.org/browse/JBEPP-356</ulink></term>
+					<listitem>
+						<para>
+							Groups listed in the Add Navigation window of the Group navigation =
page are not currently listed in alphabetical order.
+						</para>
+					</listitem>
+				</varlistentry>
+				<varlistentry>
+					<term><ulink type=3D"http" url=3D"https://jira.jboss.org/browse/JBEPP=
-358">https://jira.jboss.org/browse/JBEPP-358</ulink></term>
+					<listitem>
+						<para>
+							When using the portal with the French language and attempting to re=
cover a lost/forgotten password, the recovery window is not translated into=
 French and refers to the portal as eXo, as opposed to &PRODUCT;.
+						</para>
+					</listitem>
+				</varlistentry>
+				<varlistentry>
+					<term><ulink type=3D"http" url=3D"https://jira.jboss.org/browse/JBEPP=
-360">https://jira.jboss.org/browse/JBEPP-360</ulink></term>
+					<listitem>
+						<para>
+							The login page shown after a timed-out session or a failed login at=
tempt is currently branded with the <literal>GateIn</literal> name and logo=
. <literal>GateIn</literal> is the community project that &PRODUCT; is base=
d on.
+						</para>
+					</listitem>
+				</varlistentry>
+				<varlistentry>
+					<term><ulink type=3D"http" url=3D"https://jira.jboss.org/browse/JBEPP=
-362">https://jira.jboss.org/browse/JBEPP-362</ulink></term>
+					<listitem>
+						<para>
+							The JSPHelloWorld portlet example currently returns the line: "<emp=
hasis role=3D"bold">my name is JBoss Portal. What's yours?</emphasis>". The=
 line should read: "<emphasis role=3D"bold">my name is &PRODUCT;. What's yo=
urs?</emphasis>".
+						</para>
+					</listitem>
+				</varlistentry>
+				<varlistentry>
+					<term><ulink type=3D"http" url=3D"https://jira.jboss.org/browse/JBEPP=
-367">https://jira.jboss.org/browse/JBEPP-367</ulink></term>
+					<listitem>
+						<para>
+							The SEAM component used in &PRODUCT; &VERSION; has a bug that makes=
 it generate AS 5 incompatible pages.
+						</para>
+					</listitem>
+				</varlistentry>
+				<varlistentry>
+					<term><ulink type=3D"http" url=3D"https://jira.jboss.org/browse/JBEPP=
-369">https://jira.jboss.org/browse/JBEPP-369</ulink></term>
+					<listitem>
+						<para>
+							The use of two JSR286 portlets that use the same portlet-name but d=
ifferent portlet applications will create an exception in the application r=
egistry.
+						</para>
+					</listitem>
+				</varlistentry>
+				</variablelist>
+		</section>
+
 	</section>
 =

+
 	<section>
 		<title>Migration from JBoss Portal 4.3</title>
 			<para>


--===============8853572257044657752==--