I updated the issue with a patch that works against current svn
trunk. I've appended the current server.xml at the end of this email.
thanks
david jencks
On Aug 18, 2007, at 1:02 AM, David Jencks wrote:
So its been a while and IIUC the config-in-ldap solutions aren't
quite done for 1.5.1. There have been some changes to e.g.
interceptor configs that make this patch as it stands not quite
work but if there's any interest in getting this into 1.5.1 I'm
happy to update the patch so it works again and apply it.
Please take a look at the server.xml below and see what you think.
Even if everyone would prefer to stick with shipping the generic
server.xml what about applying the rest of the patch, adding
javadoc "annotations" and running the maven-xbean plugin on the
code to make it possible to use server.xml of the form below?
thanks
david jencks
On Jun 28, 2007, at 4:17 PM, David Jencks wrote:
A while back there was some discussion of whether server.xml could
be made to be more semantically meaningful with less generic
cruft, and I suggested looking into xbean-spring. So, I spent a
bit of time on it and implemented this. See https://
issues.apache.org/jira/browse/DIRSERVER-984
This was pretty easy to do, after fixing some problems in xbean.
Basically all I did was add some javadoc "annotations" to tell
xbean which classes to look at and what type collections contain,
and change to the xbean application context from the plain spring
one.
xbean generates a schema for the configurable objects so you can
consult the schema to see what can be configured. As you can see,
you can mix regular spring configuration and the xbean style in
the same server.xml.
There's a lot more customization possible, I basically did the
minimum possible to get it to work. Pretty much anything can
have a different name. The main ugliness I see is the handling of
properties that are lists (or sets) of strings.
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN"
"http://www.springframework.org/dtd/spring-beans.dtd";>
<beans>
<!-- bean I didn't convert -->
<bean id="environment"
class="org.springframework.beans.factory.config.PropertiesFactoryBean">
<property name="properties">
<props>
<!-- JNDI security properties used to get initial
contexts. -->
<prop key="java.naming.security.authentication">simple</prop>
<prop
key="java.naming.security.principal">uid=admin,ou=system</prop>
<prop key="java.naming.security.credentials">secret</prop>
</props>
</property>
</bean>
<mutableServerStartupConfiguration id="configuration"
xmlns="http://apacheds.org/config/1.0";
workingDirectory="example.com"
synchPeriodMillis="15000"
maxThreads="8"
allowAnonymousAccess="false"
accessControlEnabled="false"
denormalizeOpAttrsEnabled="false"
>
<changePasswordConfiguration>
<changePasswordConfiguration
enabled="false"
ipPort="464">
</changePasswordConfiguration>
</changePasswordConfiguration>
<ntpConfiguration>
<ntpConfiguration
enabled="false"
ipPort="123">
</ntpConfiguration>
</ntpConfiguration>
<dnsConfiguration>
<dnsConfiguration
enabled="false"
ipPort="53">
</dnsConfiguration>
</dnsConfiguration>
<kdcConfiguration>
<kdcConfiguration
enabled="false"
ipPort="88">
</kdcConfiguration>
</kdcConfiguration>
<ldapsConfiguration>
<ldapConfiguration id="ldapsConfiguration"
enabled="false"
ipPort="636"
enableLdaps="true">
</ldapConfiguration>
</ldapsConfiguration>
<ldapConfiguration>
<ldapConfiguration id="ldapConfiguration"
ipPort="10389"
allowAnonymousAccess="false"
saslHost="ldap.example.com"
saslPrincipal="ldap/[EMAIL PROTECTED]"
searchBaseDn="ou=users,ou=system"
maxTimeLimit="15000"
maxSizeLimit="1000">
<!-- The list of supported authentication
mechanisms. -->
<supportedMechanisms>
<value xmlns="http://www.springframework.org/schema/
beans">SIMPLE</value>
<value xmlns="http://www.springframework.org/schema/
beans">CRAM-MD5</value>
<value xmlns="http://www.springframework.org/schema/
beans">DIGEST-MD5</value>
<!--<value xmlns="http://www.springframework.org/schema/
beans">GSSAPI</value>-->
</supportedMechanisms>
<!-- The desired quality-of-protection, used by DIGEST-MD5
and GSSAPI. -->
<saslQop>
<value xmlns="http://www.springframework.org/schema/
beans">auth</value>
<value xmlns="http://www.springframework.org/schema/
beans">auth-int</value>
<value xmlns="http://www.springframework.org/schema/
beans">auth-conf</value>
</saslQop>
<!-- The realms serviced by this SASL host, used by DIGEST-
MD5 and GSSAPI. -->
<saslRealms>
<value xmlns="http://www.springframework.org/schema/
beans">example.com</value>
<value xmlns="http://www.springframework.org/schema/
beans">apache.org</value>
</saslRealms>
<!-- the collection of extended operation handlers to
install -->
<extendedOperationHandlers>
<!--startTlsHandler/-->
<gracefulShutdownHandler/>
<launchDiagnosticUiHandler/>
<!-- The Stored Procedure Extended Operation is not stable
yet and it may cause security risks.-->
<!--storedProcedureExtendedOperationHandler/-->
</extendedOperationHandlers>
</ldapConfiguration>
</ldapConfiguration>
<systemPartitionConfiguration>
<!-- use the following partitionConfiguration to override
defaults for -->
<!-- the system
partition -->
<mutableBTreePartitionConfiguration
id="systemPartitionConfiguration"
name="system"
cacheSize="100"
suffix="ou=system"
optimizerEnabled="true"
synchOnWrite="true"
partitionClassName="org.apache.directory.server.core.partition.impl.btre
e.jdbm.JdbmPartition">
<indexedAttributes>
<mutableIndexConfiguration
attributeId="1.3.6.1.4.1.18060.0.4.1.2.1"
cacheSize="100"/>
<mutableIndexConfiguration
attributeId="1.3.6.1.4.1.18060.0.4.1.2.2"
cacheSize="100"/>
<mutableIndexConfiguration
attributeId="1.3.6.1.4.1.18060.0.4.1.2.3"
cacheSize="100"/>
<mutableIndexConfiguration
attributeId="1.3.6.1.4.1.18060.0.4.1.2.4"
cacheSize="100"/>
<mutableIndexConfiguration
attributeId="1.3.6.1.4.1.18060.0.4.1.2.5"
cacheSize="10"/>
<mutableIndexConfiguration
attributeId="1.3.6.1.4.1.18060.0.4.1.2.6"
cacheSize="10"/>
<mutableIndexConfiguration
attributeId="1.3.6.1.4.1.18060.0.4.1.2.7"
cacheSize="10"/>
<mutableIndexConfiguration
attributeId="ou"
cacheSize="100"/>
<mutableIndexConfiguration
attributeId="uid"
cacheSize="100"/>
<mutableIndexConfiguration
attributeId="objectClass"
cacheSize="100"/>
</indexedAttributes>
<contextEntry>
<value xmlns="http://www.springframework.org/schema/beans";>
objectClass: top
objectClass: organizationalUnit
objectClass: extensibleObject
ou: system
</value>
</contextEntry>
</mutableBTreePartitionConfiguration>
</systemPartitionConfiguration>
<partitionConfigurations>
<mutableBTreePartitionConfiguration
id="examplePartitionConfiguration"
name="example"
cacheSize="100"
suffix="dc=example,dc=com"
optimizerEnabled="true"
synchOnWrite="true"
partitionClassName="org.apache.directory.server.core.partition.impl.btre
e.jdbm.JdbmPartition">
<indexedAttributes>
<mutableIndexConfiguration
attributeId="1.3.6.1.4.1.18060.0.4.1.2.1"
cacheSize="100"/>
<mutableIndexConfiguration
attributeId="1.3.6.1.4.1.18060.0.4.1.2.2"
cacheSize="100"/>
<mutableIndexConfiguration
attributeId="1.3.6.1.4.1.18060.0.4.1.2.3"
cacheSize="100"/>
<mutableIndexConfiguration
attributeId="1.3.6.1.4.1.18060.0.4.1.2.4"
cacheSize="100"/>
<mutableIndexConfiguration
attributeId="1.3.6.1.4.1.18060.0.4.1.2.5"
cacheSize="10"/>
<mutableIndexConfiguration
attributeId="1.3.6.1.4.1.18060.0.4.1.2.6"
cacheSize="10"/>
<mutableIndexConfiguration
attributeId="1.3.6.1.4.1.18060.0.4.1.2.7"
cacheSize="10"/>
<mutableIndexConfiguration
attributeId="dc"
cacheSize="100"/>
<mutableIndexConfiguration
attributeId="ou"
cacheSize="100"/>
<mutableIndexConfiguration
attributeId="krb5PrincipalName"
cacheSize="100"/>
<mutableIndexConfiguration
attributeId="uid"
cacheSize="100"/>
<mutableIndexConfiguration
attributeId="objectClass"
cacheSize="100"/>
</indexedAttributes>
<contextEntry>
<value xmlns="http://www.springframework.org/schema/beans";>
objectClass: top
objectClass: domain
objectClass: extensibleObject
dc: example
</value>
</contextEntry>
</mutableBTreePartitionConfiguration>
</partitionConfigurations>
<interceptorConfigurations>
<mutableInterceptorConfiguration
name="normalizationService"
interceptorClassName="org.apache.directory.server.core.normalization.Nor
malizationService"/>
<mutableInterceptorConfiguration
name="authenticationService"
interceptorClassName="org.apache.directory.server.core.authn.Authenticat
ionService"/>
<mutableInterceptorConfiguration
name="referralService"
interceptorClassName="org.apache.directory.server.core.referral.Referral
Service"/>
<mutableInterceptorConfiguration
name="authorizationService"
interceptorClassName="org.apache.directory.server.core.authz.Authorizati
onService"/>
<mutableInterceptorConfiguration
name="defaultAuthorizationService"
interceptorClassName="org.apache.directory.server.core.authz.DefaultAuth
orizationService"/>
<mutableInterceptorConfiguration
name="exceptionService"
interceptorClassName="org.apache.directory.server.core.exception.Excepti
onService"/>
<mutableInterceptorConfiguration
name="operationalAttributeService"
interceptorClassName="org.apache.directory.server.core.operational.Opera
tionalAttributeService"/>
<!-- Uncomment to enable the password policy service
<mutableInterceptorConfiguration
name="passwordPolicyService"
interceptorClassName="org.apache.directory.server.core.kerberos.Password
PolicyService"/>
<mutableInterceptorConfiguration
name="keyDerivationService"
interceptorClassName="org.apache.directory.server.core.kerberos.KeyDeriv
ationService"/>
-->
<mutableInterceptorConfiguration
name="schemaService"
interceptorClassName="org.apache.directory.server.core.schema.SchemaServ
ice"/>
<mutableInterceptorConfiguration
name="subentryService"
interceptorClassName="org.apache.directory.server.core.subtree.SubentryS
ervice"/>
<mutableInterceptorConfiguration
name="collectiveAttributeService"
interceptorClassName="org.apache.directory.server.core.collective.Collec
tiveAttributeService"/>
<mutableInterceptorConfiguration
name="eventService"
interceptorClassName="org.apache.directory.server.core.event.EventServic
e"/>
<mutableInterceptorConfiguration
name="triggerService"
interceptorClassName="org.apache.directory.server.core.trigger.TriggerSe
rvice"/>
<!-- Uncomment to enable replication service
<bean xmlns="http://www.springframework.org/schema/beans";
class="org.apache.directory.mitosis.configuration.MutableReplicationInte
rceptorConfiguration">
<property name="name" value="replicationService" />
<property name="interceptorClassName"
value="org.apache.directory.mitosis.service.ReplicationService" />
<property name="replicationConfiguration">
<bean
class="org.apache.directory.mitosis.configuration.ReplicationConfigurati
on">
<property name="replicaId">
<bean
class="org.apache.directory.mitosis.common.ReplicaId">
<constructor-arg>
<value>instance_a</value>
</constructor-arg>
</bean>
</property>
<property name="serverPort" value="10390" />
<property name="peerReplicas"
value="[EMAIL PROTECTED]:10392" />
</bean>
</property>
</bean>
-->
</interceptorConfigurations>
</mutableServerStartupConfiguration>
<!-- another bean I didn't convert -->
<bean
class="org.springframework.beans.factory.config.CustomEditorConfigurer">
<property name="customEditors">
<map>
<entry key="javax.naming.directory.Attributes">
<bean
class="org.apache.directory.server.core.configuration.AttributesProperty
Editor"/>
</entry>
</map>
</property>
</bean>
</beans>
