Operations grimoire/Orbeon

From Nasqueron Agora
< Operations grimoire
Revision as of 18:40, 24 May 2023 by Dereckson (talk | contribs) (Created page with "'''Orbeon Forms CE''' is deployed to provide XForms builder and runner facilities. It allows to build a form, fill it or read forms. Orbeon Forms is deployed on the Docker PaaS and can be accessed at https://forms.nasqueron.org/ Currently in testing mode, it's deployed to Dwellers. If it has been moved elsewhere and this page is not up-to-date, any "dwellers" occurence in procedures below should be replaced by "docker-002" or any other server name. == Concepts == * Fo...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

📕📁📜 Old technical information :: content warning

⌛ This Nasqueron Operations Grimoire page hasn't been updated for a long time.

☣ As our infrastructure evolves quickly, there is a good chance this information is outdated or now inaccurate. Be careful and consider update it.

➡️ To assert the information is still up-to-date or not, you can check the history of the relevant role in our Operations repository.

Orbeon Forms CE is deployed to provide XForms builder and runner facilities. It allows to build a form, fill it or read forms.

Orbeon Forms is deployed on the Docker PaaS and can be accessed at https://forms.nasqueron.org/

Currently in testing mode, it's deployed to Dwellers. If it has been moved elsewhere and this page is not up-to-date, any "dwellers" occurence in procedures below should be replaced by "docker-002" or any other server name.

Concepts

  • Form Runner (/fr) allows you to "run" forms: fill a form, read form replies
  • Form Builder allows you to build form

Authentication

Users are configured at Tomcat level. To add an user:

  • Provide Vault credential
    1. Create Vault credential under ops/secrets/nasqueron/orbeon/users/
    2. Add that credential in pillar/credentials/vault.sls
    3. Deploy new Vault policy sudo salt-call --local state.sls_id salt-node-dwellers roles/vault/policies
  • Declare the user in Tomcat configuration
    1. Edit pillar/paas/docker/dwellers/orbeon.sls
    2. Deploy it with salt dwellers state.sls_id /srv/orbeon/nasqueron_forms/conf/tomcat-users.xml roles/paas-docker/containers/orbeon, where nasqueron_forms is the name of our forms.nasqueron.orf instance
    3. Restart container: docker restart nasqueron_forms

Authentication is known to be rather buggy:

  • if you login at form runner level (e.g. /fr/admin), you can be unlogged at builder level
  • if you login from login form, you'll get a 403
  • if you login from builder, it can't tell you something is wrong

Configuration known issues:

  • If you got a 408 you accessed yourself /fr/login, but web.xml needs to be configured with a <login-config> block using the FORM auth method (that's the default Orbeon web.xml)
  • To enable login/logout menu, you need to add <property as="xs:boolean" name="oxf.fr.authentication.user-menu.enable" value="true" /> to properties-local.xml
Retrieved from "https://agora.nasqueron.org/index.php?title=Operations_grimoire/Orbeon&oldid=1255"