IDempiere/FullMeeting20150318

⇐ Table of Contents | Full Meeting Minutes | Full Meeting 2015-03-18

ocurieles: Good Morning guys
nmicoud: Hi
aguerra: hello everybody!!!!
Deepak_: Hello All
CarlosRuiz: Good Morning
nmicoud: Bonjour
aguerra: hello CarlosRuiz
Deepak_: Hello Carlos
Deepak_: Carlos, In pricelist, currently vendorbreak supports break per BPartner only
Deepak_: As BPartner is mandatory field
Deepak_: Do you know why qty break for all BPartner not supported?
CarlosRuiz: Deepak_, AFAIK not supported with price list break
Deepak_: See pricelist break work for a BPartner
Deepak_: But not for all BPartner by providing null BPartner
Deepak_: BPartner is mandatory field on price list break
octavian_: Hello. Is it possible to run process from model validator ?
Deepak_: CarlosRuiz, and following question is it good idea to make BPartner non mandatory and supporting qty break from price list break?
Deepak_: octavian, Yes it is possible
Deepak_: You can look at how InOutGen.generate method launch process
octavian_: Thank you
red1: Hello everyone..
red1: hi Hideaki
Hideaki: Hi red1
red1: Konnichiwa
Hideaki: Hello :D
tbayen: Daarestiet from Krefeld! :-)
aguerra: buenos dias red1
red1: buenos aires aguerra
CarlosRuiz: Hi Thomas / Hi Alejandro
hieplq: hi CarlosRuiz, i and nmicoud test IDEMPIERE-2244 and see some issue, also fixed it. please help me review it.
CarlosRuiz: ok hieplq - testing
Deepak_: Sorry may my session got Zombie
Deepak_: CarlosRuiz, and following question is it good idea to make BPartner non mandatory and supporting qty break from price list break?
Deepak_: If you answered above question, please repost
Deepak_: As I can't see
CarlosRuiz: Deepak, for me sounds like a good idea - maybe check in forums what others think
Deepak_: ohk
Deepak_: We already started work on same
tbayen: Hi all! We think about an extension of the login. We want to allow authentication through BasicAuth and through client certificates. If anyone is interested we can discuss that.
CarlosRuiz: Hi tbayen sounds interesting
CarlosRuiz: I saw something on Chuck's side about connecting BasicAuth with AD_User - but don't know the details
CarlosRuiz: Another topic that I see interesting would be to authenticate using google apps
CarlosRuiz: I was wondering about that - and I think it can be good to make the "authenticator" pluggable
CarlosRuiz: and maybe the LDAP implementation on idempiere would be moved as a plugin
tbayen: One of the ideas is to install a client certificate on an phone and give the user access without a need to give him a password. You can allow access to a single device (not a user).
CarlosRuiz: but - in my research it didn't see as an easy task - there are several services to authenticate and manage things in different ways
CarlosRuiz: if we make the authentication pluggable - then you can have a plugin that checks the certificate and correlates it with a user
CarlosRuiz: or maybe the certificate brings the user information within and you just need to move ahead in the login process as authenticated
CarlosRuiz: I think if we isolate the LDAP implementation to be a plugin (in beta status) we could evolve the plugin interface to cope with other authentication services
CarlosRuiz: tbayen, there was also something tricky in the research I made for multi-tenant environments
tbayen: My idea was that the certificate is checked by an apache proxy. It adds a new header that contains the user name.
CarlosRuiz: if different tenants wants different authentication services - then you would need a way to identify the tenant on the login page
tbayen: Then my idea was that the standard login process can use that header information to automatically fill the user and password field.
CarlosRuiz: not password - just user - and a way to know that the user was authenticated with the certificate
tbayen: Yes, that was the idea.
tbayen: I hope with a right proxy configuration I can guarantee that the header is guaranteed to be only there when the user is authenticated. So the pure existence of the header is like having a password.
hieplq: please investigate, we can rewrite login module with http://shiro.apache.org/
CarlosRuiz: hieplq, that looks great
CarlosRuiz: at the moment we have two ways of authentication - ad_user and LDAP - seems like shiro can make it pluggable
hieplq: seem shiro is skeleton, but it's good design for pluggable other authenticate method
tbayen: My thought was that the apache authentication is used by very many people and is very stable. And apache can use many different auth modules too. I have a greater trust to apache.
norbertbede: hi all
CarlosRuiz: Hi norbertbede
hieplq_: hi CarlosRuiz, i will test IDEMPIERE-2244 when i has strong network. wdyt about IDEMPIERE-2523?
CarlosRuiz: hieplq, if you and nmicoud tell me that 2244 is ready I can integrate it / so, please make your tests thorough :)
CarlosRuiz: ah 2523 - :DDD the lazy patch
norbertbede: in interesting issue we found - related to peformance
hieplq__: sure, next day i will test script, and material to sure parameter update to eclipse
norbertbede: we have locally PG91 on amazon 93 same task tooks locally 3 sec on amazon 90 sec
norbertbede: we found a difference setup - parameter - enable_material
norbertbede: this was locally disabled on server 93 enabled
norbertbede: lot discussion arounds
norbertbede: will test night change parameter
norbertbede: any experience ?
norbertbede: more info: http://www.postgresql.org/docs/9.3/static/runtime-config-query.html
CarlosRuiz: nope - not experience with that parameter here
norbertbede: your setup is true or false, maybe just for curious
CarlosRuiz: it says there the default is on
CarlosRuiz: let me check - I haven't touched defaults
norbertbede: sure. thanks
norbertbede: suggest this tool http://explain.depesz.com/ for everybody
norbertbede: for analysing queries
CarlosRuiz: in my postgresql - checked with "show all" command
CarlosRuiz: is not showing any value for enable_material
CarlosRuiz: not in 8.4 neither in 9.4
norbertbede: this "explain" us materialisation tooks on server 1. 0sec from query time AND second server 47% from query time
norbertbede: strange
norbertbede: but thanks. i will share our experiences with that
norbertbede: CarlosRuiz, @tomassvikruha update our favorite topic :) theme "Make iDempiere themes definable on different levels"
norbertbede: we move forward 1 step
norbertbede: means we want to find out how we can switch client theme when login
norbertbede: tomas made some java early stage classes but he describe our problem
norbertbede: would be helpful if you can advice Tomas direction
norbertbede: thanks well
norbertbede: we are online now both so can interact if required
CarlosRuiz: thanks norbertbede / tomassvikruha - I was struggling here with an eclipse issue
CarlosRuiz: I don't know about the resources not refreshed - sounds like some cached resources issue
CarlosRuiz: but on the issue about login page with a default system-wide theme
CarlosRuiz: in several tickets we've found the need to have a way to identify a tenant from the login page
CarlosRuiz: maybe something like http://url/webui?AD_Client_ID=1000000 could make the trick
tomassvikruha: Maybe its related to cached resource, or login page is loaded with header css styles, and after login only body of page is changes…WDYT? Because when I inspect page in chrome there was still linked old css styles
CarlosRuiz: I think if you push F5 it will reload the correct
norbertbede: can be this forced by login without F5 ?
norbertbede: by code i mean
tomassvikruha: yes, F5 will reload browser page
tomassvikruha: after it is everything correct
CarlosRuiz: don't know if that refresh can be forced programatically
norbertbede: ok thanks well we will try again with hieplq
norbertbede: to sort out