All
Accepted answers
Dmitry Maslennikov · May 10, 2021 go to post

Most of the code related to OAuth2 in IRIS, supposed that you have configured OAuth2 Client, and uses this information to validate and extract data from the token. And this particular method will expect OAuth2 client with the name "demoresource".

I'm not sure how InterSystems supposed to get it worked together with IAM. But I have an example, of extracting data from the JWT token, without any configuration. Look at this code. In this class, I can generate tokens and validate them, as well as pass any data to generating tokens, and extract it. But it also uses a secret phrase to validate the token. And depends on the algorithm, it will require just a simple string as a secret phrase, or a public and private key.

And try the suggested JWT debugger, which may help you in understanding, what's exactly stored in the token and used algorithm for the key.

Dmitry Maslennikov · May 10, 2021 go to post

If you are new to InterSystems, you should start with IRIS, which is the newest product, the replacement for Caché. 

You can download the distributive here or through WRC if you already have access.

The installation process on Windows is quite simple, just run the installer, and press the buttons Next. It will be enough for the evaluation. You may look at the documentation, for the Installation guide.

Dmitry Maslennikov · May 10, 2021 go to post

Management Portal is a part of the default installation. And in windows, should be available from the menu by the InterSystems Cube icon in the tray.

And usually, the URL is something like this. The port can be different if you have more than one instance of Cache installed.

http://localhost:57772/csp/sys/UtilHome.csp

Dmitry Maslennikov · May 7, 2021 go to post

ObjectScript does not have such thing as an Interface.  The only way to get something like this is to use Abstract class, with methods that throw an error, while not overridden.

Dmitry Maslennikov · May 3, 2021 go to post

On the Login page, it does not show IRIS Logo. IRIS just returns 404 for the icon, if it's present, after the first login, it appears in WebGateway cache and became available. And the same for any static files. The Security Audit shows this error.

<PROTECT>%Oid+3^%Stream.Object.1 ^IRIS.SM.Shard,/usr/irissys/mgr/
Dmitry Maslennikov · May 2, 2021 go to post

So, you may have something like this in your CSP file

<csp:class super="%CSP.Page,App.Utils">

By default, it has only %CSP.Page class, but you may have some other class, where you may the logic with method OnPreHTTPafter

Dmitry Maslennikov · May 2, 2021 go to post

Where did you find OnPreHTTPafter? There is only OnPreHTTP method, probably it's a custom method in your application.

<script language=objectscript method=OnPreHTTP arguments="" returntype=%Boolean>
 Quit 1 
</script>
Dmitry Maslennikov · Apr 27, 2021 go to post

Documentation about installation IRIS in macOS.

The easiest way to try it is to start it with docker.

docker run -d --name irishealth -p 52773:52773 store/intersystems/irishealth-community:2021.1.0.205.0

With installed docker when this command will successfully download the image, and starts IRIS for Health, you may try to open it, as usual by URL http://localhost:52773/csp/sys/UtilHome.csp, with default login and password, but will ask to change it.

For Ensemble

docker run -d --name ensemble -p 52772:52772 daimor/intersystems-ensemble:2018.1

But, be aware, that all your changes will disappear when the container will be stopped and deleted.

Dmitry Maslennikov · Apr 26, 2021 go to post

Are you sure, that the process was terminated?

You should check cconsole.log/messages.log

journal records, you should find there where transaction was started, you changed the data, check if change was really in transaction and any other records within the process, it should be commit or rollback. 
In any case, when restart Cache, it should terminate any unfinished processes and rollback data.

Dmitry Maslennikov · Apr 26, 2021 go to post

It’s connected with a process, until it’s alive, transaction will be open. When process will be finished by any reasons, it should rollback any transactions left open.

Dmitry Maslennikov · Apr 24, 2021 go to post

When I replied it was in Dockerfile

Any switch to root in Dockerfile, should return back the original user irisowner back

USER irisowner

Or this way

USER ${ISC_PACKAGE_MGRUSER}

Dmitry Maslennikov · Apr 24, 2021 go to post

That’s interesting, somebody dislike that new ability?

With this language server in fact, it’s possible to add the ability to compile ObjectScript code to any editor which got the support for Language Server Protocol, and it includes even vim/neovim, emacs, and some other editors. If you would like to add this to any supported editor and need help, contact me.

Dmitry Maslennikov · Apr 24, 2021 go to post

Could you explain the term you used, Language Server?

Language Server now used for editors. And I see no reactions to it in your article. And InterSystems already implemented real language server for VSCode, and I have implemented one more for any other editor.

Dmitry Maslennikov · Apr 23, 2021 go to post

just set it to the local array or global, will sort it

set arr("cba")=""
set arr("abc")=""
zw arr
Dmitry Maslennikov · Apr 21, 2021 go to post

Some example of code in Go

package main

import (
  "fmt"
  "os"
  "strings"

  "github.com/caretdev/go-irisnative/src/connection"
)

func main() {
  var addr = "localhost:1972"
  var namespace = "%SYS"
  var login = "_SYSTEM"
  var password = "SYS"

  connection, err := connection.Connect(addr, namespace, login, password)
  if err != nil {
    println("Connection failed:", err.Error())
    os.Exit(1)
  }
  defer connection.Disconnect()

  // Kill ^A
  connection.GlobalKill("A")
  // Set ^A(1) = 1
  connection.GlobalSet("A", 1, 1)
  // Set ^A(1, 2) = "test"
  connection.GlobalSet("A", "test", 1, 1)
  // Set ^A(1, "2", 3) = "123"
  connection.GlobalSet("A", 123, 1, "a", 3)
  // Set ^A(2, 1) = "21test"
  connection.GlobalSet("A", "21test", 2, 1)
  // Set ^A(3, 1) = "test31"
  connection.GlobalSet("A", "test31", 3, 1)

  var globalFull = func(global string, subs ...interface{}) string {
    return fmt.Sprintf("^A(%v)", strings.Trim(strings.Join(strings.Split(fmt.Sprintf("%+v", subs), " "), ", "), "[]"))
  }
  var queryGlobal func(global string, subs ...interface{})
  queryGlobal = func(global string, subs ...interface{}) {
    for i := ""; ; {
      if hasNext, _ := connection.GlobalNext("A", &i, subs...); !hasNext {
        break
      }
      var allSubs = []interface{}{i}
      allSubs = append(subs, allSubs...)
      hasValue, hasSubNode := connection.GlobalIsDefined("A", allSubs...)
      if hasValue {
        var value string
        connection.GlobalGet("A", &value, allSubs...)
        fmt.Printf("%v = %#v\n", globalFull("A", allSubs...), value)
      }
      if hasSubNode {
        queryGlobal("A", allSubs...)
      }
    }
  }

  queryGlobal("A")

}
Dmitry Maslennikov · Apr 21, 2021 go to post

Btw, this project is written in Go, and uses a freshly developed go-irisnative project, as a connector to IRIS. With Go I can read and change data directly in globals, execute SQL, and work with objects.

Dmitry Maslennikov · Apr 20, 2021 go to post

Those symbols in any way do not exist in Windows-1251 at all. You can store it in CP866 or UTF-8 only

Dmitry Maslennikov · Apr 20, 2021 go to post

Those are special symbols used to draw UI in textual interfaces and no way to get any readable text from it, it can be translated to the same symbols only, just in the different codepage.

Dmitry Maslennikov · Apr 20, 2021 go to post

VSCode and Cache server can be far from each other, on different machines, so, it’s not as easy to implement. And as I said, it’s not a task for VSCode, it’s mostly a deployment task, which have to be done separately.

Dmitry Maslennikov · Apr 18, 2021 go to post

I read the note, somebody will not read and will use it in production.

Again, if you need root access in real-time inside the container, you doing something wrong. If you need to install anything, you have to do it with Dockerfile, if you need to change some system settings you have to do it in Dockerfile. The container is just to run a particular application inside, and it gets permissions to fit its needs. 

Docker containers completely different from Virtual Machines, and it's important to remember. One container one application, in our case it's IRIS. The state of the container does not matter at all, what's matters is what in the image. Container may die at any time for any reason, and its content has to be restored from the image. And your image has to be prepared for this case. If your delete the container and restart it, will break your application, that something wrong with it, and have to be fixed with Dockerfile.

And even, any Dockerfile can be configured with HEALTHCHECK, which has to check periodically the state of the running application inside, and with control from outside, like with Kubernetes, it will sacrifice container with no expected state and will start it the state from the image. And basic IRIS image produced by InterSystems has it as well. So, if you just stop IRIS inside, the container will be destroyed after a while.

Again container it's not a virtual machine, and in any size of organizations, should not be any restrictions to having only direct access inside.

Dmitry Maslennikov · Apr 18, 2021 go to post

This is a completely very bad idea. You have several issues with your Dockerfile, for instance

  • Hardcoded password for irisowner and even for root
  • IRIS starts with root, instead of irisowner user

Administrators of the running instance should always have access from the Docker host, or through Kubernetes.

In container should appear only what supposed to be in a Production environment, no backdoors of any kind.

Pinging @Luca Ravazzolo for comments 

Dmitry Maslennikov · Apr 16, 2021 go to post

Demo server means, that it was already well prepared to be ready for demo. If you need any such changes, you have to change it in the original repo, and it should be re-deployed with new settings.

Consider this technique as Infrastructure as code

Dmitry Maslennikov · Apr 16, 2021 go to post

To be able to restart IRIS from inside, you in any way will need some independent process on the OS level outside of IRIS, which will control stopping and starting.

If saying about doing it in the container. Most of the changes which would need to restart it, have to be prepared in Docker build process, so, it should be as part of the base image.

Docker supports command to restart, and it's doing it as one command, and it will not delete state during the restart. So, I would say it's a preferable way.