?

Log in

No account? Create an account

slowly sharing calendars via chandler+cosmo+tomcat+apache

« previous entry | next entry »
Oct. 22nd, 2008 | 12:29 am

Some time ago I tried using chandler desktop and it was kind of neat, so I setup their server Cosmo.

Recently I was tempted to move back to kde4's kontact as chandler desktop is slow with my fairly large collection of events. (And the wx widgets are ugly compared to my KDE4 theme). However, since Chandler Server supports a wide variety of calendar sharing protocols I thought I'd try to continue use it to share my calendar between all my computers.

So I thought it would be interesting to try prototyping a KDE resource for talking to Cosmo's relatively quick to synchronization protocol, MorseCode in PyQt4.

I was able to get the Qt4 to authenticate, but I couldn't get it to download the first "collection" page. I was able to download other pages, just not the collection index. QHttp kept failing with "Invalid HTTP Response".

As far as I can tell, apache+tomcat wasn't setting the content-length via AJP, and QHttp really wanted it. I can easily download the index using pythons http modules, but I wanted to figure out something that could be moved to C++ code easily.

I just figured out that tomcat's built in http server does set the content-length, so I can continue.

Additional, as far as I can tell I'm also the only person who's bothering to try to get chandler server to work under the java security manager, as it took quite a while to figure out the policy file for tomcat. When I upgraded to chandler server 1.1, the WebUI broke because the jasper-compiler.jar in the tomcat5.5 common directory needed read privileges to the webapps directory. (I don't know why it worked under 1.0?)

Here's the tomcat5.5 security policy file I'm using (for an install of cosmo into a standard ubuntu install. And no, java's not scoring any points with me.

grant codeBase "file:${catalina.home}/bin/tomcat-juli.jar" {
  permission java.io.FilePermission "${catalina.base}${file.separator}webapps${file.separator}chandler${file.separator}WEB-INF${file.separator}classes${file.separator}logging.properties", "read";                                             
};                                                                              

grant codeBase "file:/var/lib/tomcat5.5/webapps/chandler/-" {
   permission java.io.FilePermission "${catalina.base}/webapps/chander/-", "read";                                                                              
   permission java.io.FilePermission "${catalina.base}/conf/cosmo.properties", "read";                                                                          
   permission java.io.FilePermission "${catalina.base}${file.separator}temp", "read";                                                                           
   permission java.io.FilePermission "${catalina.base}${file.separator}temp/-", "read,write,delete";                                                            
   permission java.io.FilePermission "/var/lib/tomcat5.5/logs/-", "read";       
   permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
   permission java.lang.RuntimePermission "accessDeclaredMembers";
   permission java.lang.RuntimePermission "createClassLoader";
   permission java.lang.RuntimePermission "getProtectionDomain";
   permission java.lang.RuntimePermission "accessClassInPackage.org.apache.jasper.security";
   permission java.util.PropertyPermission "*", "read";
   // needed for postgres
   // permission java.net.SocketPermission "localhost:5432", "connect";
   // for mysql
   permission java.net.SocketPermission "localhost:3306", "connect";

   permission javax.management.MBeanServerPermission "findMBeanServer";
   permission javax.management.MBeanPermission "org.osaf.cosmo.*", "registerMBean";
   permission javax.management.MBeanPermission "org.osaf.cosmo.*", "unregisterMBean";
   permission javax.management.MBeanTrustPermission "register";
   // Abdera needed to change permissions when logging in via the WebUI
   // (when trying to access the ATOM server
   permission javax.security.auth.AuthPermission "modifyPrincipals";
};

grant {
    permission java.lang.RuntimePermission "accessClassInPackage.org.apache.catalina.*";
    permission java.lang.RuntimePermission "accessClassInPackage.org.apache.catalina";
  //permission java.security.AllPermission "org.apache.jasper.*";
};

grant codeBase "file:/usr/share/tomcat5.5/common/lib/jasper-compiler.jar" {
   permission java.io.FilePermission "${catalina.base}/webapps/chander/-", "read";
};

Link | Leave a comment | Share

Comments {0}