Hello folks,
I've been trying to configure slide to use an ldap server for authentication
purposes.
I've been successful at that, but with a cost of an annoying null pointer
exception when tomcat is starting up:
org.apache.slide.common.ServiceAccessException: Service
TxXMLFileDescriptorsStore at users/store/metadata working on us
ers/work/metadata access error : java.lang.NullPointerException
at
org.apache.slide.store.txfile.AbstractXMLResourceDescriptor.encodeObje
ct(AbstractXMLResourceDescriptor.java:662)
My current setup is the tomcat 5.0.19 / slide 2.1b1 bundle with the attached
domain.xml file.
I suspect that it works well because JNDIPrincipalStore is read-only, so,
maybe it wouldn't need it's corresponding working directory, to witch this
exception relates to. Or perhaps I still didn't found any problem witch
shall occur more soon than later...
Does slide use the 'users working directory' in any of its use-cases? Am I
doing something wrong in the Domain.xml file?
Thanks in advance,
Miguel Figueiredo
<?xml version="1.0"?>
<slide>
<namespace name="slide">
<definition>
<store name="tx">
<parameter name="tlock-timeout">120</parameter>
<nodestore classname="org.apache.slide.store.txfile.TxXMLFileDescriptorsStore">
<parameter name="rootpath">main/store/metadata</parameter>
<parameter name="workpath">main/work/metadata</parameter>
<parameter name="defer-saving">true</parameter>
<parameter name="timeout">120</parameter>
</nodestore>
<sequencestore classname="org.apache.slide.store.txfile.FileSequenceStore">
<parameter name="rootpath">main/store/sequence</parameter>
</sequencestore>
<securitystore>
<reference store="nodestore"/>
</securitystore>
<lockstore>
<reference store="nodestore"/>
</lockstore>
<revisiondescriptorsstore>
<reference store="nodestore"/>
</revisiondescriptorsstore>
<revisiondescriptorstore>
<reference store="nodestore"/>
</revisiondescriptorstore>
<contentstore classname="org.apache.slide.store.txfile.TxFileContentStore">
<parameter name="rootpath">main/store/content</parameter>
<parameter name="workpath">main/work/content</parameter>
<parameter name="defer-saving">true</parameter>
<parameter name="timeout">120</parameter>
</contentstore>
<!-- uncomment if you want to use the sample Indexer -->
<!-- be sure to have Lucene in your classpath -->
<!--
<contentindexer classname="org.apache.slide.index.SampleTxtContainsIndexer">
<parameter name="indexpath">./index</parameter>
</contentindexer>
-->
</store>
<store name="users">
<nodestore classname="org.apache.slide.store.txjndi.JNDIPrincipalStore">
<parameter name="jndi.container">ou=people,dc=dominio,dc=pt</parameter>
<parameter name="jndi.attributes.rdn">uid</parameter>
<parameter name="jndi.search.filter">(objectClass=inetOrgPerson)</parameter>
<parameter name="jndi.search.scope">ONELEVEL_SCOPE</parameter>
<parameter name="jndi.search.attributes">postalCode,initials,givenName,uid,mail,fullName,telephoneNumber,title,facsimileTelephoneNumber,groupMembership,l,sn,cn</parameter>
<parameter name="java.naming.provider.url">ldap://miguel-desktop:389</parameter>
<parameter name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory</parameter>
<parameter name="java.naming.security.principal">cn=Manager,dc=dominio,dc=pt</parameter>
<parameter name="java.naming.security.authentication">simple</parameter>
<parameter name="java.naming.security.credentials">segredo</parameter>
<parameter name="cache.refresh.checkrate">15</parameter>
<parameter name="cache.refresh.rate">800</parameter>
<parameter name="cache.refresh.threshold">15000</parameter>
</nodestore>
<!-- Use a Tx Store to store security and lock information -->
<securitystore classname="org.apache.slide.store.txfile.TxXMLFileDescriptorsStore">
<parameter name="rootpath">users/store/metadata</parameter>
<parameter name="workpath">users/work/metadata</parameter>
</securitystore>
<lockstore>
<reference store="securitystore"/>
</lockstore>
<revisiondescriptorsstore>
<reference store="nodestore"/>
</revisiondescriptorsstore>
<revisiondescriptorstore>
<reference store="nodestore"/>
</revisiondescriptorstore>
<contentstore>
<reference store="nodestore"/>
</contentstore>
</store>
<!-- Use a JNDIPrincipalStore for roles -->
<store name="roles">
<nodestore classname="org.apache.slide.store.txjndi.JNDIPrincipalStore">
<parameter name="jndi.container">ou=groups,dc=dominio,dc=pt</parameter>
<parameter name="jndi.attributes.rdn">cn</parameter>
<parameter name="jndi.attributes.groupmemberset">uniqueMember</parameter>
<parameter name="jndi.search.filter">(objectClass=groupOfUniqueNames)</parameter>
<parameter name="jndi.search.scope">ONELEVEL_SCOPE</parameter>
<parameter name="jndi.search.attributes">cn</parameter>
<parameter name="java.naming.provider.url">ldap://miguel-desktop:389</parameter>
<parameter name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory</parameter>
<parameter name="java.naming.security.principal">cn=Manager,dc=dominio,dc=pt</parameter>
<parameter name="java.naming.security.authentication">simple</parameter>
<parameter name="java.naming.security.credentials">segredo</parameter>
<parameter name="cache.refresh.checkrate">15</parameter>
<parameter name="cache.refresh.rate">800</parameter>
<parameter name="cache.refresh.threshold">15000</parameter>
</nodestore>
<!-- Use a Tx Store to store security and lock information -->
<securitystore classname="org.apache.slide.store.txfile.TxXMLFileDescriptorsStore">
<parameter name="rootpath">roles/store/metadata</parameter>
<parameter name="workpath">roles/work/metadata</parameter>
</securitystore>
<lockstore>
<reference store="securitystore"/>
</lockstore>
<revisiondescriptorsstore>
<reference store="nodestore"/>
</revisiondescriptorsstore>
<revisiondescriptorstore>
<reference store="nodestore"/>
</revisiondescriptorstore>
<contentstore>
<reference store="nodestore"/>
</contentstore>
</store>
<scope match="/" store="tx"/>
<scope match="/users" store="users"/>
<scope match="/roles" store="roles"/>
</definition>
<configuration>
<parameter name="history-collection-hack">true</parameter>
<!-- Actions mapping -->
<read-object>/actions/read</read-object>
<create-object>/actions/write</create-object>
<remove-object>/actions/write</remove-object>
<grant-permission>/actions/write-acl</grant-permission>
<revoke-permission>/actions/write-acl</revoke-permission>
<read-permissions>/actions/read-acl</read-permissions>
<read-own-permissions>/actions/read-current-user-privilege-set</read-own-permissions>
<lock-object>/actions/write</lock-object>
<kill-lock>/actions/unlock</kill-lock>
<read-locks>/actions/read</read-locks>
<read-revision-metadata>/actions/read</read-revision-metadata>
<create-revision-metadata>/actions/write-properties</create-revision-metadata>
<modify-revision-metadata>/actions/write-properties</modify-revision-metadata>
<remove-revision-metadata>/actions/write-properties</remove-revision-metadata>
<read-revision-content>/actions/read</read-revision-content>
<create-revision-content>/actions/write-content</create-revision-content>
<modify-revision-content>/actions/write-content</modify-revision-content>
<remove-revision-content>/actions/write-content</remove-revision-content>
<bind-member>/actions/bind</bind-member>
<unbind-member>/actions/unbind</unbind-member>
<!-- Paths configuration -->
<userspath>/users</userspath>
<rolespath>/roles</rolespath>
<actionspath>/actions</actionspath>
<filespath>/files</filespath>
<parameter name="dav">true</parameter>
<parameter name="standalone">true</parameter>
<parameter name="acl_inheritance_type">path</parameter>
<!-- Nested roles: 0 means no nesting (default), 1 means one sublevel, etc. -->
<parameter name="nested_roles_maxdepth">0</parameter>
<!-- Can be "off", "write" and "full" -->
<parameter name="sequential-mode">full</parameter>
<!-- "false" lets all read-only methods be executed outside of transactions -->
<parameter name="all-methods-in-transactions">true</parameter>
</configuration>
<data>
<objectnode classname="org.apache.slide.structure.SubjectNode" uri="/">
<!-- Subject can be:
any user "all"
authenticated user "authenticated"
unauthenticated user "unauthenticated"
self "self"
owner of resource "owner"
a user "/users/john"
a role "/roles/admin"
-->
<!-- Make sure the subject here is a valid LDAP group -->
<permission action="all" subject="/roles/root" inheritable="true"/>
<permission action="/actions/read-acl" subject="all" inheritable="true" negative="true"/>
<permission action="/actions/write-acl" subject="all" inheritable="true" negative="true"/>
<permission action="/actions/unlock" subject="all" inheritable="true" negative="true"/>
<permission action="/actions/read" subject="all" inheritable="true"/>
<!-- /users -->
<objectnode classname="org.apache.slide.structure.SubjectNode" uri="/users">
<!-- Make sure the subject here is a valid LDAP group -->
<permission action="all" subject="self" inheritable="true"/>
<permission action="all" subject="/roles/projector" inheritable="true"/>
<permission action="all" subject="unauthenticated" inheritable="true" negative="true"/>
<!-- /users/root represents the administrator -->
<objectnode classname="org.apache.slide.structure.SubjectNode" uri="/users/root">
<revision>
<property namespace="http://jakarta.apache.org/slide/"; name="password">root</property>
</revision>
</objectnode>
<!-- /users/john and /users/john2 represent authenticated users -->
<objectnode classname="org.apache.slide.structure.SubjectNode" uri="/users/john">
<revision>
<property namespace="http://jakarta.apache.org/slide/"; name="password">john</property>
</revision>
</objectnode>
<objectnode classname="org.apache.slide.structure.SubjectNode" uri="/users/john2">
<revision>
<property namespace="http://jakarta.apache.org/slide/"; name="password">john2</property>
</revision>
</objectnode>
<!-- /users/guest represents an authenticated or unauthenticated guest user -->
<objectnode classname="org.apache.slide.structure.SubjectNode" uri="/users/guest">
<revision>
<property namespace="http://jakarta.apache.org/slide/"; name="password">guest</property>
</revision>
</objectnode>
<objectnode classname="org.apache.slide.structure.SubjectNode" uri="/users/projector">
<revision>
<property namespace="http://jakarta.apache.org/slide/"; name="password">projector</property>
</revision>
</objectnode>
</objectnode>
<!-- /roles -->
<objectnode classname="org.apache.slide.structure.SubjectNode" uri="/roles">
<!-- Make sure the subject here is a valid LDAP group -->
<permission action="all" subject="self" inheritable="true"/>
<permission action="all" subject="/roles/projector" inheritable="true"/>
<permission action="all" subject="unauthenticated" inheritable="true" negative="true"/>
<objectnode classname="org.apache.slide.structure.SubjectNode" uri="/roles/root">
<revision>
<property name="group-member-set"><![CDATA[<D:href xmlns:D='DAV:'>/users/root</D:href>]]></property>
</revision>
</objectnode>
<objectnode classname="org.apache.slide.structure.SubjectNode" uri="/roles/user">
<revision>
<property name="group-member-set"><![CDATA[<D:href xmlns:D='DAV:'>/users/john</D:href><D:href xmlns:D='DAV:'>/users/john2</D:href><D:href xmlns:D='DAV:'>/users/root</D:href><D:href xmlns:D='DAV:'>/users/projector</D:href>]]></property>
</revision>
</objectnode>
<objectnode classname="org.apache.slide.structure.SubjectNode" uri="/roles/guest">
<revision>
<property name="group-member-set"><![CDATA[<D:href xmlns:D='DAV:'>/users/guest</D:href>]]></property>
</revision>
</objectnode>
<objectnode classname="org.apache.slide.structure.SubjectNode" uri="/roles/projector">
<revision>
<property name="group-member-set"><![CDATA[<D:href xmlns:D='DAV:'>/users/root</D:href><D:href xmlns:D='DAV:'>/users/projector</D:href>]]></property>
</revision>
</objectnode>
</objectnode>
<!-- action -->
<objectnode classname="org.apache.slide.structure.ActionNode" uri="/actions">
<objectnode classname="org.apache.slide.structure.ActionNode" uri="/actions/read">
<revision>
<property name="privilege-member-set"><![CDATA[<D:href xmlns:D='DAV:'>/actions/read-acl</D:href> <D:href xmlns:D='DAV:'>/actions/read-current-user-privilege-set</D:href>]]></property>
</revision>
</objectnode>
<objectnode classname="org.apache.slide.structure.ActionNode" uri="/actions/read-acl">
<revision>
<property name="privilege-member-set"/>
</revision>
</objectnode>
<objectnode classname="org.apache.slide.structure.ActionNode" uri="/actions/read-current-user-privilege-set">
<revision>
<property name="privilege-member-set"/>
</revision>
</objectnode>
<objectnode classname="org.apache.slide.structure.ActionNode" uri="/actions/write">
<revision>
<property name="privilege-member-set"><![CDATA[<D:href xmlns:D='DAV:'>/actions/write-acl</D:href> <D:href xmlns:D='DAV:'>/actions/write-properties</D:href> <D:href xmlns:D='DAV:'>/actions/write-content</D:href>]]></property>
</revision>
</objectnode>
<objectnode classname="org.apache.slide.structure.ActionNode" uri="/actions/write-acl">
<revision>
<property name="privilege-member-set"/>
</revision>
</objectnode>
<objectnode classname="org.apache.slide.structure.ActionNode" uri="/actions/write-properties">
<revision>
<property name="privilege-member-set"/>
</revision>
</objectnode>
<objectnode classname="org.apache.slide.structure.ActionNode" uri="/actions/write-content">
<revision>
<property name="privilege-member-set"><![CDATA[<D:href xmlns:D='DAV:'>/actions/bind</D:href> <D:href xmlns:D='DAV:'>/actions/unbind</D:href>]]></property>
</revision>
</objectnode>
<objectnode classname="org.apache.slide.structure.ActionNode" uri="/actions/bind">
<revision>
<property name="privilege-member-set"/>
</revision>
</objectnode>
<objectnode classname="org.apache.slide.structure.ActionNode" uri="/actions/unbind">
<revision>
<property name="privilege-member-set"/>
</revision>
</objectnode>
<objectnode classname="org.apache.slide.structure.ActionNode" uri="/actions/unlock">
<revision>
<property name="privilege-member-set"/>
</revision>
</objectnode>
</objectnode>
<objectnode classname="org.apache.slide.structure.SubjectNode" uri="/files">
<!-- Make sure the subject here is a valid LDAP group -->
<permission action="all" subject="unauthenticated" inheritable="true"/>
<permission action="/actions/write" subject="/roles/user" inheritable="true"/>
<permission action="/actions/read-acl" subject="owner" inheritable="true"/>
</objectnode>
<objectnode classname="org.apache.slide.structure.SubjectNode" uri="/projector">
<!-- Make sure the subject here is a valid LDAP group -->
<permission action="all" subject="unauthenticated" inheritable="true"/>
<permission action="/actions/write" subject="/roles/projector" inheritable="true"/>
<permission action="/actions/read-acl" subject="owner" inheritable="true"/>
<objectnode classname="org.apache.slide.structure.SubjectNode" uri="/projector/work">
</objectnode>
</objectnode>
<!-- DeltaV: default history and workspace paths -->
<objectnode classname="org.apache.slide.structure.SubjectNode" uri="/history">
<!-- Make sure the subject here is a valid LDAP group -->
<permission action="all" subject="unauthenticated" inheritable="true"/>
<permission action="/actions/write" subject="/roles/user" inheritable="true"/>
<permission action="/actions/read-acl" subject="owner" inheritable="true"/>
</objectnode>
<objectnode classname="org.apache.slide.structure.SubjectNode" uri="/workspace">
<!-- Make sure the subject here is a valid LDAP group -->
<permission action="all" subject="unauthenticated" inheritable="true"/>
<permission action="/actions/write" subject="/roles/user" inheritable="true"/>
<permission action="/actions/read-acl" subject="owner" inheritable="true"/>
</objectnode>
<objectnode classname="org.apache.slide.structure.SubjectNode" uri="/workingresource">
<!-- Make sure the subject here is a valid LDAP group -->
<permission action="all" subject="unauthenticated" inheritable="true"/>
<permission action="/actions/write" subject="/roles/user" inheritable="true"/>
<permission action="/actions/read-acl" subject="owner" inheritable="true"/>
</objectnode>
</objectnode>
</data>
</namespace>
<!--
DeltaV global parameters
========================
* historypath (mandatory=no, default="/history"):
Specifies a Slide path which determines the location where this DeltaV
server stores history data.
* workspacepath (mandatory=no, default="/workspace"):
Specifies a Slide path which determines the location where this DeltaV
server allows workspaces to reside.
* workingresourcepath (mandatory=no, default="/workingresource"):
Specifies a Slide path which determines the location where this DeltaV
server stores working resources.
* auto-version (mandatory=no, default="checkout-checkin"):
Controls the DeltaV auto-version behaviour.
* auto-version-control (mandatory=no, default="false"):
Indicates if a resource just created by a PUT should be set under
version-control.
* versioncontrol-exclude (mandatory=no, default=""):
Specifies a Slide path which determines resources which are excluded from version-control.
The default value "" makes no path being excluded.
* checkout-fork (mandatory=no, default="forbidden"):
Controls the DeltaV check-out behaviour when a version is already
checked-out or has a successor.
* checkin-fork (mandatory=no, default="forbidden"):
Controls the DeltaV check-out behaviour when a version has already a
successor.
* standardLivePropertiesClass (mandatory=no,
default="org.apache.slide.webdav.util.resourcekind.AbstractResourceKind"):
Determines the "agent" knowing about what the standard live properties are.
It should be a loadable class containing the following static methods:
- boolean isLiveProperty(String propName)
- boolean isProtectedProperty(String propName)
- boolean isComputedProperty(String propName)
- Set getAllLiveProperties()
- Set getAllProtectedProperties()
- Set getAllComputedProperties()
* uriRedirectorClass (mandatory=no,
default="org.apache.slide.webdav.util.DeltavUriRedirector"):
Determines the URI redirector class. The DeltaV URI redirector is in
charge of the following redirections:
- version URI to history URI, e.g. /history/2/1.4 to /history/2
- latest revision number for history resource to 0.0
- latest revision number for version resource to last URI token,
e.g. /history/2/1.4 to 1.4
It should be a loadable class containing the following static methods:
- String redirectUri(String uri)
- NodeRevisionNumber redirectLatestRevisionNumber(String uri)
-->
<parameter name="historypath">/history</parameter>
<parameter name="workspacepath">/workspace</parameter>
<parameter name="workingresourcepath">/workingresource</parameter>
<parameter name="auto-version">checkout-checkin</parameter>
<parameter name="auto-version-control">true</parameter>
<parameter name="versioncontrol-exclude"/>
<parameter name="checkout-fork">forbidden</parameter>
<parameter name="checkin-fork">forbidden</parameter>
<!-- Extractor configuration -->
<extractors>
<extractor classname="org.apache.slide.extractor.SimpleXmlExtractor" uri="/files/articles/test.xml">
<configuration>
<instruction property="title" xpath="/article/title/text()" />
<instruction property="summary" xpath="/article/summary/text()" />
</configuration>
</extractor>
<extractor classname="org.apache.slide.extractor.OfficeExtractor" uri="/files/docs/">
<configuration>
<instruction property="author" id="SummaryInformation-0-4" />
<instruction property="application" id="SummaryInformation-0-18" />
</configuration>
</extractor>
</extractors>
<!-- Event configuration -->
<events>
<event classname="org.apache.slide.webdav.event.WebdavEvent" enable="true" />
<event classname="org.apache.slide.event.ContentEvent" enable="true" />
<event classname="org.apache.slide.event.ContentEvent" method="retrieve" enable="false" />
<event classname="org.apache.slide.event.EventCollection" enable="true" />
<event classname="org.apache.slide.event.TransactionEvent" enable="true" />
<event classname="org.apache.slide.event.MacroEvent" enable="true"/>
<!--listener classname="org.apache.slide.util.event.EventLogger" /-->
<listener classname="org.apache.slide.event.VetoableEventCollector" />
<listener classname="org.apache.slide.event.TransientEventCollector" />
<listener classname="org.apache.slide.webdav.event.NotificationTrigger">
<configuration>
<notification include-events="false" />
<persist-subscriptions filename="subscriptions.xml" />
</configuration>
</listener>
<listener classname="org.apache.slide.extractor.PropertyExtractorTrigger" />
<listener classname="org.apache.slide.search.IndexTrigger">
<configuration>
<indexer classname="org.apache.slide.search.LoggingIndexer" synchronous="false" uri="/files/articles" />
</configuration>
</listener>
<!-- Uncomment for cluster support. Be sure to local-host and repository-host -->
<!--
<listener classname="org.apache.slide.cluster.ClusterCacheRefresher">
<configuration>
<node local-host="local.host.domain"
local-port="4444"
repository-host="remote.host.domain"
repository-port="8080"
repository-protocol="http"
username="root"
password="root"
base-uri="/files/"
/>
</configuration>
</listener>
-->
<listener classname="org.apache.slide.macro.MacroPropertyUpdater">
<!-- Listener that updates some properties if resources are
copied or moved. This requires MacroEvents enabled (at
least methods copy and move) -->
<configuration>
<update-displayname>true</update-displayname>
<update-owner-on-move>false</update-owner-on-move>
<update-owner-on-copy>true</update-owner-on-copy>
</configuration>
</listener>
</events>
</slide>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
