DataONE Tasks: Issueshttps://redmine.dataone.org/https://redmine.dataone.org/favicon.ico2020-08-06T00:06:07ZDataONE Tasks
Redmine CN REST - Bug #8867 (New): CNCore.listChecksumAlgorithms() returns incorrect listhttps://redmine.dataone.org/issues/88672020-08-06T00:06:07ZMatthew Jonesjones@nceas.ucsb.edu
<p>The definition of the ChecksumAlgorithm type in SystemMetadata allows any checksum algorithm listed in the Library of Congress vocab. But the current CNCore.listChecksumAlgorithms() implementation only returns two, MD5 and SHA-1. Need to correct this to include the full list of supported algorithms (see <a href="http://id.loc.gov/vocabulary/preservation/cryptographicHashFunctions.html">http://id.loc.gov/vocabulary/preservation/cryptographicHashFunctions.html</a>).</p>
<p>The implementation of this is in a property file, which needs to be updated with the correct list. The file (d1_cn_rest/src/test/resources/org/dataone/configuration/node.properties) currently contains:</p>
<p><code>cn.checksumAlgorithmList=SHA-1;MD5</code></p>
<p>But it should contain all of the other valid algorithms as well from the LoC.</p>
CN REST - Task #8469 (In Progress): evaluate if ORCID API will continue to work after 1.2 is depr...https://redmine.dataone.org/issues/84692018-03-02T00:37:55ZMatthew Jonesjones@nceas.ucsb.edu
<p>We use ORCID to authenticate users via OAuth. ORCID has announced that it will completely sunset their version 1.2 API on March 1, 2018 (today). See <a href="https://github.com/ORCID/ORCID-Source/blob/master/orcid-model/src/main/resources/README.md">https://github.com/ORCID/ORCID-Source/blob/master/orcid-model/src/main/resources/README.md</a> The API has been deprecated since early 2017. </p>
<p>We use OAuth portions of the API which do not seem to be affected by the XSD version changes in the ORCID API, but we should evaluate whether this will affect us. In particular, I note that they state that the proper endpoints for OAuth are:</p>
<ul>
<li><a href="http://orcid.org/oauth/authorize">http://orcid.org/oauth/authorize</a></li>
<li><a href="https://orcid.org/oauth/token">https://orcid.org/oauth/token</a></li>
</ul>
<p>However, for the second of these, our configuration file (<a href="https://repository.dataone.org/software/cicore/trunk/d1_portal_servlet/src/main/webapp/WEB-INF/portal.properties">https://repository.dataone.org/software/cicore/trunk/d1_portal_servlet/src/main/webapp/WEB-INF/portal.properties</a>) indicates that we use:</p>
<ul>
<li><a href="https://pub.orcid.org/oauth/token">https://pub.orcid.org/oauth/token</a></li>
</ul>
<p>I think the <code>pub</code> endpoints have been deprecated, and we may need to change our configuration to use the established endpoint. Evaluate and possibly change this if needed.</p>
CN REST - Story #8364 (In Progress): Ensure portal uses correct X509 certificateshttps://redmine.dataone.org/issues/83642018-02-13T20:17:25ZChris Jonescjones@nceas.ucsb.edu
<p>We've run into issues where after an upgrade of the <code>dataone-cn-portal</code> package on the CNs, the properties pointing to the public certificate and private key are incorrectly pointing to the old GeoTrust wildcard files rather than the new Lets Encrypt files:<br>
<br>
cn.server.publiccert.filename=/etc/ssl/certs/<em>.test.dataone.org.crt<br>
cn.server.privatekey.filename=/etc/ssl/private/</em>.test.dataone.org.key</p>
<p>These should be (in STAGE):</p>
<p>/etc/letsencrypt/live/cn-stage.test.dataone.org/cert.pem<br>
/etc/letsencrypt/live/cn-stage.test.dataone.org/privkey.pem</p>
<p>The issue might be that these are not being set correctly during the <code>postinst</code> script run. Jing pointed out that these values are taken from the debconf database settings that get set when <code>dataon-cn-os-core</code> is installed. So although the <code>postinst</code> script might be setting the correct values, the old cached values might still be in memory in the debconf database. If so, we'll need to clear those values during installations and upgrades.</p>
<p>Also, knowing where to look for these configuration settings can be challenging. These are referenced from <code>/var/lib/tomcat7/webapps/portal/WEB-INF/portal.properties</code>. These settings should be consolidated into <code>/etc/dataone/portal/portal.properties</code> so they also don't get blown away on war file upgrades in Tomcat.</p>
CN REST - Bug #7746 (In Progress): Node registration update fails when <contactSubject> spans mul...https://redmine.dataone.org/issues/77462016-04-19T23:55:09ZMark Servillamark.servilla@gmail.com
<p>Node registration update fails when the string in the node registration document (attached) is on a separate line from the XML element tags. Apparently, parsing this field results in a subject string that does not match the LDAP record correctly, and the result is 401 not authorized exception:</p>
<p>CN=Lisa Stillwell A15851,O=University of North Carolina at Chapel Hill,C=US,DC=cilogon,DC=org<br>
</p>
<p>results in:<br>
<br>
<?xml version="1.0" encoding="UTF-8"?><br>
<br>
<br>
CN=Lisa Stillwell A15851,O=University of North Carolina at Chapel Hill,C=US,DC=cilogon,DC=org<br>
is not a Registered Subject<br>
</p>
<p>Correcting to:<br>
<br>
CN=Lisa Stillwell A15851,O=University of North Carolina at Chapel Hill,C=US,DC=cilogon,DC=org</p>
<p>succeeds.</p>
CN REST - Bug #7489 (New): processing daemon common-logging misconfiguredhttps://redmine.dataone.org/issues/74892015-11-16T16:32:08ZRobert Waltz
<p>the commons-logging.properties file appears misconfigured. It is missing the line:</p>
<p>org.apache.commons.logging.Log=org.apache.commons.logging.impl.Log4JLogger</p>
<p>Hopefully, adding this line will allow all the apache commons logging calls to go to the log4j loggers.</p>
CN REST - Bug #7440 (New): Non-discernable error during synchronization affecting (mostly) urn:no...https://redmine.dataone.org/issues/74402015-10-16T17:40:44ZMark Servillamark.servilla@gmail.com
<p>Multiple (366) non-discernable errors (see attachment) with message only stating "Cline is shutdown" occurred on 14 Oct 2015 on cn-stage.test.dataone.org (cn-stage-ucsb-1); sampling of objects/system metadata indicate all is retrievable from the MN <a href="https://dataone-dev.ecoinformatics.org.au/mn">https://dataone-dev.ecoinformatics.org.au/mn</a>. This error had also occurred (24 events) for urn:node:mnTestLTER.</p>
<p>For example:</p>
<p>cn-synchronization.log.1-[ERROR] 2015-10-14 11:33:02,749 (TransferObjectTask:write:606) Task-urn:node:mnTestAEKOS-aekos.org.au/collection/nsw.gov.au/nsw_atlas/vis_flora_module/ABERBALDIE.20150515<br>
cn-synchronization.log.1:Client is shutdown.</p>
CN REST - Bug #7301 (New): CN-stage allows connections to a MN that is operating a self-signed SS...https://redmine.dataone.org/issues/73012015-08-18T18:12:14ZMark Servillamark.servilla@gmail.com
<p>CN-stage supports connections to a MN that is operating a self-signed SSL server certificate - this should not be allowed since the connection could occur with a rogue non-verified server.</p>
<p>This instance occurred with dataone-dev.ecoinformatics.org.au:443 on 18 August 2015:</p>
<p>Certificate chain<br>
0 s:/CN=dataone-dev.ecoinformatics.org.au<br>
i:/CN=dataone-dev.ecoinformatics.org.au</p>
<p>Issuer: CN=dataone-dev.ecoinformatics.org.au<br>
Validity<br>
Not Before: Aug 11 04:56:19 2015 GMT<br>
Not After : Aug 8 04:56:19 2025 GMT<br>
Subject: CN=dataone-dev.ecoinformatics.org.au</p>
CN REST - Task #7096 (New): Unexpectedly closed streams / disconnects on UNM networkhttps://redmine.dataone.org/issues/70962015-05-12T17:49:44ZAndrei Buiumandreib@epscor.unm.edu
<p>When testing, making any CN or MN API call would occasionally yield an exception (randomly but very often) :</p>
<p>Could not resolve multipart files: Processing of multipart/form-data request failed. Stream ended unexpectedly</p>
<p>I was making CN.create() calls from UNM to the UCSB Dev CN. <br>
(It also happened for MN.create() calls from UNM to mnDemo6 when it was up. Not sure where mnDemo6 is physically located though.)<br>
This seems to happen when the connection is terminated while metacat is reading the object from the multipart files.</p>
CN REST - Bug #5739 (New): LDAP upgrades fail with purge of dataone-cn-os-corehttps://redmine.dataone.org/issues/57392014-07-16T20:47:31ZRobert Waltz
<p>open ldap should continue to function normally on a host after dataone-cn-os-core has been purged (apt-get remove --purge dataone-cn-os-core)</p>
<p>We should wipe out /etc/ldap/slapd.d, restore it to a simpler configuration, backup and then remove the dataone entries from the openldap database.</p>
<p>We will need to complete this before migrating to 14.04 of ubuntu</p>
CN REST - Task #2487 (New): How does a CN handle the failure of MN replica to receive MNStorage.s...https://redmine.dataone.org/issues/24872012-03-14T19:04:58ZRobert Waltz
<p>There are multiple places that may trigger the CN to call MNStorage.sytemMetadataChanged() across all the membernode replicas of an object. </p>
<p>How does the system Handle the case when a replica (or even the authoritativeMemberNode) is offline for an extended period and should receive the update when it comes back online.</p>
CN REST - Task #2415 (New): Implement exceptions for log endpointhttps://redmine.dataone.org/issues/24152012-02-27T21:56:12ZSkye Roseboomsroseboo@dataone.unm.edu
<p><a href="http://mule1.dataone.org/ArchitectureDocs-current/apis/CN_APIs.html#CNCore.getLogRecords">http://mule1.dataone.org/ArchitectureDocs-current/apis/CN_APIs.html#CNCore.getLogRecords</a></p>
<p>not currently provided by mod_rewrite</p>
CN REST - Task #2414 (New): Implement exceptions for search/solr endointhttps://redmine.dataone.org/issues/24142012-02-27T21:55:19ZSkye Roseboomsroseboo@dataone.unm.edu
<p><a href="http://mule1.dataone.org/ArchitectureDocs-current/apis/CN_APIs.html#CNRead.search">http://mule1.dataone.org/ArchitectureDocs-current/apis/CN_APIs.html#CNRead.search</a></p>
<p>Not currently provided with mod_rewrite</p>
CN REST - Task #2168 (New): Design UI for identity validationhttps://redmine.dataone.org/issues/21682012-01-06T03:18:46ZDave Vieglaisdave.vieglais@gmail.comCN REST - Task #1479 (In Progress): Design web UI for validating newly created identitieshttps://redmine.dataone.org/issues/14792011-04-06T18:01:34ZMatthew Jonesjones@nceas.ucsb.eduCN REST - Task #1412 (New): MN health check performed by CNhttps://redmine.dataone.org/issues/14122011-03-08T17:04:39ZRoger Dahldahl@unm.edu
<ul>
<li>How will CN represent, in the NodeList, the results of what it finds by doing health checks on MN endpoints?</li>
<li>How will MN represent what it believes to be the state of its endpoints?</li>
</ul>