Roller is the open source Java blog server that drives blogs.oracle.com, the blogs in IBM Lotus Connections, and others. Read more on the about page.

Site hosted by



Main | Next page »

Upgrading Roller 5.1-SNAPSHOT database instances

07.07.2014 by Glen | 0 Comments

Apache Roller trunk (i.e., 5.1-SNAPSHOT) will automatically upgrade any Roller database that was part of an official release from Roller 3.1 onwards during its install process. Follow the Apache Roller installation guide for more information on this process, including making sure that you do a safety back up of your database prior to running the install.

However, for those who have earlier deployed unreleased 5.1-SNAPSHOT versions, neither later 5.1-SNAPSHOTs nor the future release 5.1 will be able to automatically upgrade your SNAPSHOT database, which will create a incompatibility issue if database changes occurred in development since the snapshot version you deployed. This will necessitate some manual database upgrade changes prior to moving to the later version of Roller.

To determine if any manual database changes are needed, check the revision number located on the footer of the Roller login page, i.e., the (rXXXXXX) value at the end of the "Powered by Apache Roller Weblogger Version 5.1.0-SNAPSHOT" string. Then, using the source control repository of the createdb.vm file, do a comparison (using the "select for diffs" links) between versions of the file immediately preceding that version number and either the latest version of the file (for a future 5.1-SNAPSHOT) or the version just before but no later than the release date of Roller 5.1.

For example, here is a comparison between March 2014 and May 2014 database instances. Note the createdb.vm does not provide the actual SQL statements needed for your particular database instance (as that will vary depending on the database you're using) but just the pseudocode SQL informing you which tables and columns need deletion, creation, modification, etc. Check your database's manuals for information on the necessary SQL statement syntax for table alterations, and of course back up your database first.

Language Support for Upcoming Roller 5.1

07.07.2014 by Glen | 0 Comments

Apache Roller 5.1 is expected to be released "soon" (no fixed date yet available). For the Apache Roller trunk branch (i.e., upcoming 5.1), I recently cleaned out the language resource files of unused strings that have accumulated over the years and also introduced generic.* property strings for common functions (Save, Edit, Delete, etc.) that are used in multiple places to further reduce the number of strings that need translation. As a result, each of the language files shrank 25-35%, with the results browsable online. As one can see, Roller 5.1 will be shipping with support for English, Spanish, French, German, Russian, Chinese - Simplified, Japanese, and Korean. (By language support, I'm referring to the user interface for administering your blog--creating blog entries, managing comments, etc.--and certain boilerplate text within your blog templates. For writing blog articles and customizing your blog templates, Roller supports virtually any written language desired.)

However the non-English languages have only between 30-50% of the total strings (roughly 1800 in all) translated. Any strings missing will appear in the default English. If you're looking to deploy Roller in an office or school and wish to have better support for a given language, now would be a great time to check out Roller trunk from Subversion and submit a patch to our JIRA issue tracker, translating some-to-all of the missing strings of your desired language. IntelliJ IDEA Community Edition provides an easy-to-use editor to identify and translate strings present in the English but missing in the other files, and Eclipse offers similar.

Apache Roller 5.0.4 Released

06.27.2014 by Glen | 0 Comments

The Roller team has made a patch release of the Apache Roller 5 branch, upgrading to the latest 2.3.16.3 release of Struts2 to fix some security issues found in earlier releases of that library. It's recommended to upgrade your Roller installation to this latest version.

Meanwhile, we're getting closer to a new Roller 5.1 release (perhaps within a few weeks), which features fully updated dependencies, a refactored and shrunk code base, and a more modern and simplified user interface. Stay tuned for its release!

New article on coding Apache Roller

04.27.2014 by Glen | 0 Comments

Roller committer Glen Mazza (me!) has written a new article providing tips on how to efficiently work with the Apache Roller source code, helpful for those wishing to contribute to Apache Roller development and/or customize it for their particular needs.

Apache Roller 5.0.3 security fix release now available

01.11.2014 by Dave Johnson | 0 Comments

The Apache Roller project has announced the availability of a new Apache Roller 5.0.3 release. This new release is identical to Apache Roller 5.0.2 but includes an updated Apache XML-RPC library that fixes a security vulnerability in Roller's XML-RPC feature.

All Roller sites are urged to upgrade to Roller 5.0.3 as soon as possible. Download Apache Roller 5.0.3 at the Roller downloads page here.

You can find a little more information about the vulnerabilities at the links below:

Apache Roller 5.0.2 security fix release now available

11.03.2013 by Dave Johnson | 0 Comments

The Apache Roller project has announced the availability of a new Apache Roller 5.0.2 release. This new release is identical to Apache Roller 5.0.1 but with the addition of two security fixes: 1) fix for XSS vulnerability in Roller's search feeds 2) fix for remote code execution vulnerability.

All Roller sites are urged to upgrade to Roller 5.0.2 as soon as possible. Download Apache Roller 5.0.2 at the Roller downloads page here.

You can find a little more information about the vulnerabilities at the links below:

Roller on OpenShift

07.09.2013 by Dave Johnson | 0 Comments

Here's a wonderfully detailed and informative (even if you don't intend to use Roller) blog post from Roller committer Glen Mazza about how to install Roller on Red Hat's Open Shift platform as a service (PAAS) offering: Apache Roller on OpenShift

Apache Roller 5.0.1 security fix release now available

06.24.2012 by Dave Johnson | 0 Comments

The Apache Roller project has announced the availability of a new Apache Roller 5.0.1 release. This new release is identical to Apache Roller 5.0 but with the addition of two security fixes: 1) fix for Cross-Site Scripting (XSS) vulnerabilities and 2) fix for Cross-Site Resource Forgery (XRSF) vulnerabilities.

All Roller sites are urged to upgrade to Roller 5.0.1 as soon as possible. Download Apache Roller 5.0.1 at the Roller downloads page here

The two security vulnerabilities have been reported to the [Full Disclosure mailing-list at grok.org.uk|http://www.grok.org.uk/full-disclosure/] and the [Bugtraq list at SecurityFocus.com|http://www.securityfocus.com/archive/1]. You can find a little more information about the vulnerabilities at the links below:

Main | Next page »