Author: akarasulu Date: Sun Nov 7 01:09:26 2004 New Revision: 56826 Modified: incubator/directory/kerberos/trunk/eve-kerberos/etc/kerberos.properties Log:
Modified: incubator/directory/kerberos/trunk/eve-kerberos/etc/kerberos.properties ============================================================================== --- incubator/directory/kerberos/trunk/eve-kerberos/etc/kerberos.properties (original) +++ incubator/directory/kerberos/trunk/eve-kerberos/etc/kerberos.properties Sun Nov 7 01:09:26 2004 @@ -1,12 +1,14 @@ +# ----------------------------------------------------------------------------- +# Kerberos Specific Properties +# ----------------------------------------------------------------------------- + # these are the minimum required parameters kdc.primary.realm = EXAMPLE.COM kdc.principal = krbtgt/[EMAIL PROTECTED] kdc.keys.location = kerberoskeys.ser kdc.encryption.types = des-cbc-md5 des3-cbc-sha1 des3-cbc-md5 des-cbc-md4 des-cbc-crc -java.naming.provider.url = ldap://ldap.example.com:389/dc=example,dc=com changepw.principal = kadmin/[EMAIL PROTECTED] -ldap.principal = ldap/[EMAIL PROTECTED] # all times in minutes kdc.allowable.clockskew = 5 @@ -22,15 +24,48 @@ tgs.postdate.allowed = true tgs.renewable.allowed = true + +# ----------------------------------------------------------------------------- +# JNDI Properties +# ----------------------------------------------------------------------------- + +# The URL of for the provider: for Eve this is just a DN +java.naming.provider.url = dc=example,dc=com +# The principal will be fixed for the hard system super user in Eve +java.naming.security.principal = uid=admin,ou=system +# Authentication into Eve which is local is kept simple +java.naming.security.authentication = simple # Set up environment for initial context -java.naming.factory.initial = com.sun.jndi.ldap.LdapCtxFactory -# Request the use of SASL-GSSAPI, using already established Kerberos credentials -# This must be uppercase, as required by the Sun JNDI provider -java.naming.security.authentication = GSSAPI -# Request mutual authentication -javax.security.sasl.server.authentication = true -# Request authentication with integrity and privacy protection -javax.security.sasl.qop = auth-conf -# Request high-strength cryptographic protection -javax.security.sasl.strength = high +java.naming.factory.initial = org.apache.eve.jndi.EveContextFactory + + +# ----------------------------------------------------------------------------- +# Eve Provider Properties +# ----------------------------------------------------------------------------- + +# The working directory where Eve stores it's partition database files +eve.wkdir = ./target/eve +# The published LDAP schema's to initialize: all listed are required for example.com +eve.schemas = system,core,cosine,inetorgperson,krb5kdc +# Comma separated name of the partitions to attach/create +eve.db.partitions = example + +# Suffix for the example partition +eve.db.partition.suffix.example = dc=example,dc=com +# User defined indices for the example partition +eve.db.partition.indices.example = ou uid objectClass krb5PrincipalName +# ObjectClass attribute values for the partition root at dc=example,dc=com +eve.db.partition.attribute.example.objectClass = top domain +# Domain component attribute for the root +eve.db.partition.attribute.example.dc = example + + +# ----------------------------------------------------------------------------- +# Eve PrincipalStore Properties +# ----------------------------------------------------------------------------- + +# Base DN to conduct one level searches for kdc entries +kdc.entry.basedn = ou=People,dc=example,dc=com +# Initial LDIF file to import when first started +kdc.entry.ldif.file = ./src/ldif/example.com
