Operations grimoire/Orbeon: Difference between revisions

From Nasqueron Agora
(Created page with "'''Orbeon Forms CE''' is deployed to provide XForms builder and runner facilities. It allows to build a form, fill it or read forms. Orbeon Forms is deployed on the Docker PaaS and can be accessed at https://forms.nasqueron.org/ Currently in testing mode, it's deployed to Dwellers. If it has been moved elsewhere and this page is not up-to-date, any "dwellers" occurence in procedures below should be replaced by "docker-002" or any other server name. == Concepts == * Fo...")
 
No edit summary
Line 6: Line 6:


== Concepts ==
== Concepts ==
Orbeon Forms is divided in several applications:
* Form Runner (/fr) allows you to "run" forms: fill a form, read form replies
* Form Runner (/fr) allows you to "run" forms: fill a form, read form replies
* Form Builder allows you to build form
* Form Builder allows you to build form
A form on Orbeon Forms can be accessed:
* directly on the form runner
* by creating a form on the webpage, and posting result to the form runner
* by creating a form on the webpage, and posting result to the persistence API to directly store data
== Publish a form ==
An access to the form builder is required. Browse:
* https://forms.nasqueron.org/fr/orbeon/builder/new to create a new form
* https://forms.nasqueron.org/fr/orbeon/builder/summary to view and edit current forms
Forms source code should be published to {{repo|forms}} repository under <application name>/<form name>.xml (without nasqueron- prefix for app name), so we can recreate them if we reinstall Orbeon Forms.


== Authentication ==
== Authentication ==

Revision as of 18:47, 24 May 2023

Orbeon Forms CE is deployed to provide XForms builder and runner facilities. It allows to build a form, fill it or read forms.

Orbeon Forms is deployed on the Docker PaaS and can be accessed at https://forms.nasqueron.org/

Currently in testing mode, it's deployed to Dwellers. If it has been moved elsewhere and this page is not up-to-date, any "dwellers" occurence in procedures below should be replaced by "docker-002" or any other server name.

Concepts

Orbeon Forms is divided in several applications:

  • Form Runner (/fr) allows you to "run" forms: fill a form, read form replies
  • Form Builder allows you to build form

A form on Orbeon Forms can be accessed:

  • directly on the form runner
  • by creating a form on the webpage, and posting result to the form runner
  • by creating a form on the webpage, and posting result to the persistence API to directly store data

Publish a form

An access to the form builder is required. Browse:

Forms source code should be published to forms repository under <application name>/<form name>.xml (without nasqueron- prefix for app name), so we can recreate them if we reinstall Orbeon Forms.

Authentication

Users are configured at Tomcat level. To add an user:

  • Provide Vault credential
    1. Create Vault credential under ops/secrets/nasqueron/orbeon/users/
    2. Add that credential in pillar/credentials/vault.sls
    3. Deploy new Vault policy sudo salt-call --local state.sls_id salt-node-dwellers roles/vault/policies
  • Declare the user in Tomcat configuration
    1. Edit pillar/paas/docker/dwellers/orbeon.sls
    2. Deploy it with salt dwellers state.sls_id /srv/orbeon/nasqueron_forms/conf/tomcat-users.xml roles/paas-docker/containers/orbeon, where nasqueron_forms is the name of our forms.nasqueron.orf instance
    3. Restart container: docker restart nasqueron_forms

Authentication is known to be rather buggy:

  • if you login at form runner level (e.g. /fr/admin), you can be unlogged at builder level
  • if you login from login form, you'll get a 403
  • if you login from builder, it can't tell you something is wrong

Configuration known issues:

  • If you got a 408 you accessed yourself /fr/login, but web.xml needs to be configured with a <login-config> block using the FORM auth method (that's the default Orbeon web.xml)
  • To enable login/logout menu, you need to add <property as="xs:boolean" name="oxf.fr.authentication.user-menu.enable" value="true" /> to properties-local.xml