security-procs-postgresql.xql

  • last updated 3 hours ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates
New feature: cookie namespaces

So far, all OpenACS versions used "ad_" as a prefix for cookies (such

as ad_login, ad_session_id, ...). In certain situations this can lead

to confusion, since cookies are managed by browsers via domain names,

and running multiple OpenACS instances in the same domain will cause

overwriting of such cookies by these instances. The can happen e.g.

when running multiple instances on the same machine, or using

port-forwarding to virtual machines/containers, using reverse proxies,

etc. Note that the cookie overwriting problem does not exist for

host-node-mapped subsites, since host-node-mapping depends on domain

names.

One could consider using the port in the cookie name (as

sometimes noted as an option), but this would not work, in case the

same server should be reachable over multiple ports.

Therefore, one can now specify a "CookieNamespace" in the OpenACS

configuration file, which is per default "ad_", which is sufficient

for the majority of installations. In cases, where it is needed, a

different CookieNamespace can now be configured.

To manage the cookie names internally, OpenACS provides a new API call

security::cookie_name to derive the namespaced cookie name from a stem.

Snippet of the OpenACS configuration file for setting the CookieNamespace

#---------------------------------------------------------------------

# OpenACS specific settings (per server)

#---------------------------------------------------------------------

ns_section ns/server/${server}/acs {

ns_param CookieNamespace "ad_"

...

}

  1. … 2 more files in changeset.
Whitespace cleanup

  1. … 2 more files in changeset.
Reintroduce :num_count variable in postgres query, as for oracle counterpart (for postgres, 15 was hardcoded)

Notes:

- :num_count comes from a parameter, defaulting to 100, instead of 15

- postgres 9.5 introduced table sampling, similar to what oracle does (but with different syntax)

- this postgres query would be portable, except for random()... maybe the random value could come from tcl...

moved "populate_secrect" to "sec_*" prefix to reduce clobbering of global namespace

  1. … 6 more files in changeset.
Reduce divergency between oracke and postgres codebase

  1. … 2 more files in changeset.
merged changes from the oacs-5-9 branch and resolved conflicts

  1. … 7834 more files in changeset.
- use shortcut for "select" in db_exec_plsql to bypass anonymous function creation

.xql-file reform of acs-tcl (part 3)

- remove obsolete queries

ad_acs_admin_id.acs_admin_id_get

ad_db_select_widget.currency_info

ad_maybe_redirect_for_registration.sql_test_1

ad_maybe_redirect_for_registration.sql_test_2

ad_permission_p.n_privs

ad_user_class_query.sql_post_select_for_user_class

apm_file_add.apm_file_add

apm_file_remove.apm_file_remove

apm_package_install.version_exists_p

site_node::get_url_from_object_id.select_url_from_object_id

user_search

- remove obsolete files

tcl/00-database-procs-postgresql-postgresql.xql

tcl/00-database-procs-postgresql.tcl

tcl/defs-procs-oracle.xql

tcl/defs-procs-postgresql.xql

tcl/deprecated-utilities-procs.xql

tcl/request-processor-init.xql

tcl/request-processor-procs-oracle.xql

tcl/request-processor-procs-postgresql.xql

tcl/widgets-procs.xql

  1. … 22 more files in changeset.
- use stored procedure sec_session_property__upsert

  1. … 2 more files in changeset.
Get rid of the postgres warning "adding missing FROM-clause entry " on sequences

Make "db_nextval acs_object_id_seq" more than twice as fast (from 948 microseconds to 378 microseconds)

  1. … 9 more files in changeset.
Merged 4.6.4d1 (unreleased) to HEAD. This marks the end of the life of the oacs-4-6 branch.

  1. … 816 more files in changeset.
Update the password_changed_date whenever the user's password is changed

  1. … 3 more files in changeset.

Fixed this stuff so it works with Oracle and Postgres both, sharing as much

code as possible (or at least as I can make possible).

  1. … 3 more files in changeset.

Fixed the 4K character limit on session properties for Oracle by making an

optional "clob" value available. The APM wouldn't let me load any packages

when I added all the dotLRN packages plus standard packages over to a new

"dotlrn" user from my normal "acs" user - the list of packages grew to

> 4KB in size! Grrrr!

  1. … 6 more files in changeset.

Renamed a column named "timestamp" in the security package because this is

now a reserved word in PG (correctly). I changed the Oracle version, too,

because I know that 9i has added the "timestamp" datatype and even if it

will accept it as a column name it's confusing.

I also changes postgresql.sql to load correctly under PG 7.1 and 7.2.

  1. … 8 more files in changeset.
query extractor output for acs-tcl

  1. … 41 more files in changeset.

applied patches from Steve Woodcock that port a few more queries, fix a few data model PL/SQL quirks, and generally allow us to get further into a working OpenACS!

  1. … 6 more files in changeset.

1. Removed acs_source (which Ben had already removed, I think he just forgot

to commit)

2. Wrote a PG semi-replacement query for an Oracle query containing "sample()"

  1. … 2 more files in changeset.
new version of QD with better handling of absolute/relative paths

  1. … 10 more files in changeset.
added acs_source to wrap the source command, and changed the QD to recognize scripts called by acs_source

  1. … 5 more files in changeset.
initial import

    • -0
    • +13
    ./security-procs-postgresql.xql