Thanx James, I'll try that :)
Regards, Miguel _________________ Miguel, This problem cropped up in 2.1b1. I'm not sure what causes it (something changed with the TxFile stores) and I was too lazy to track it down :). If you grab the latest code from CVS the JNDIPrincipalStore now implements SecurityStore and LockStore so that you don't have configure a separate store. The implementations are empty, so you can't actually set ACLs or LOCK resources inside the Store. With your current version you might try using the Memory stores for security and locks. That would be a quicker fix and should work fine. -James Miguel Figueiredo wrote: > Hello folks, > > I've been trying to configure slide to use an ldap server for authentication > purposes. > I've been successful at that, but with a cost of an annoying null pointer > exception when tomcat is starting up: > > org.apache.slide.common.ServiceAccessException: Service > TxXMLFileDescriptorsStore at users/store/metadata working on us > ers/work/metadata access error : java.lang.NullPointerException > at > org.apache.slide.store.txfile.AbstractXMLResourceDescriptor.encodeObje > ct(AbstractXMLResourceDescriptor.java:662) > > My current setup is the tomcat 5.0.19 / slide 2.1b1 bundle with the attached > domain.xml file. > > I suspect that it works well because JNDIPrincipalStore is read-only, so, > maybe it wouldn't need it's corresponding working directory, to witch this > exception relates to. Or perhaps I still didn't found any problem witch > shall occur more soon than later... > > Does slide use the 'users working directory' in any of its use-cases? Am I > doing something wrong in the Domain.xml file? > > > Thanks in advance, > Miguel Figueiredo > > > > > > ------------------------------------------------------------------------ > > <?xml version="1.0"?> > <slide> > <namespace name="slide"> > <definition> > <store name="tx"> > <parameter name="tlock-timeout">120</parameter> > <nodestore classname="org.apache.slide.store.txfile.TxXMLFileDescriptorsStore"> > <parameter name="rootpath">main/store/metadata</parameter> > <parameter name="workpath">main/work/metadata</parameter> > <parameter name="defer-saving">true</parameter> > <parameter name="timeout">120</parameter> > </nodestore> > <sequencestore classname="org.apache.slide.store.txfile.FileSequenceStore"> > <parameter name="rootpath">main/store/sequence</parameter> > </sequencestore> > <securitystore> > <reference store="nodestore"/> > </securitystore> > <lockstore> > <reference store="nodestore"/> > </lockstore> > <revisiondescriptorsstore> > <reference store="nodestore"/> > </revisiondescriptorsstore> > <revisiondescriptorstore> > <reference store="nodestore"/> > </revisiondescriptorstore> > <contentstore classname="org.apache.slide.store.txfile.TxFileContentStore"> > <parameter name="rootpath">main/store/content</parameter> > <parameter name="workpath">main/work/content</parameter> > <parameter name="defer-saving">true</parameter> > <parameter name="timeout">120</parameter> > </contentstore> > <!-- uncomment if you want to use the sample Indexer --> > <!-- be sure to have Lucene in your classpath --> > <!-- > <contentindexer classname="org.apache.slide.index.SampleTxtContainsIndexer"> > <parameter name="indexpath">./index</parameter> > </contentindexer> > --> > </store> > > > <store name="users"> > <nodestore classname="org.apache.slide.store.txjndi.JNDIPrincipalStore"> > <parameter name="jndi.container">ou=people,dc=dominio,dc=pt</parameter> > <parameter name="jndi.attributes.rdn">uid</parameter> > <parameter name="jndi.search.filter">(objectClass=inetOrgPerson)</parameter> > <parameter name="jndi.search.scope">ONELEVEL_SCOPE</parameter> > <parameter name="jndi.search.attributes">postalCode,initials,givenName,uid,mail,fullNam e,telephoneNumber,title,facsimileTelephoneNumber,groupMembership,l,sn,cn</pa rameter> > <parameter name="java.naming.provider.url">ldap://miguel-desktop:389</parameter> > <parameter name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory</paramet er> > <parameter name="java.naming.security.principal">cn=Manager,dc=dominio,dc=pt</parameter > > <parameter name="java.naming.security.authentication">simple</parameter> > <parameter name="java.naming.security.credentials">segredo</parameter> > > > <parameter name="cache.refresh.checkrate">15</parameter> > <parameter name="cache.refresh.rate">800</parameter> > <parameter name="cache.refresh.threshold">15000</parameter> > > > > > </nodestore> > <!-- Use a Tx Store to store security and lock information --> > <securitystore classname="org.apache.slide.store.txfile.TxXMLFileDescriptorsStore"> > <parameter name="rootpath">users/store/metadata</parameter> > <parameter name="workpath">users/work/metadata</parameter> > </securitystore> > <lockstore> > <reference store="securitystore"/> > </lockstore> > <revisiondescriptorsstore> > <reference store="nodestore"/> > </revisiondescriptorsstore> > <revisiondescriptorstore> > <reference store="nodestore"/> > </revisiondescriptorstore> > <contentstore> > <reference store="nodestore"/> > </contentstore> > </store> > > <!-- Use a JNDIPrincipalStore for roles --> > <store name="roles"> > <nodestore classname="org.apache.slide.store.txjndi.JNDIPrincipalStore"> > <parameter name="jndi.container">ou=groups,dc=dominio,dc=pt</parameter> > <parameter name="jndi.attributes.rdn">cn</parameter> > <parameter name="jndi.attributes.groupmemberset">uniqueMember</parameter> > <parameter name="jndi.search.filter">(objectClass=groupOfUniqueNames)</parameter> > <parameter name="jndi.search.scope">ONELEVEL_SCOPE</parameter> > <parameter name="jndi.search.attributes">cn</parameter> > <parameter name="java.naming.provider.url">ldap://miguel-desktop:389</parameter> > <parameter name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory</paramet er> > <parameter name="java.naming.security.principal">cn=Manager,dc=dominio,dc=pt</parameter > > <parameter name="java.naming.security.authentication">simple</parameter> > <parameter name="java.naming.security.credentials">segredo</parameter> > > > > <parameter name="cache.refresh.checkrate">15</parameter> > <parameter name="cache.refresh.rate">800</parameter> > <parameter name="cache.refresh.threshold">15000</parameter> > > > </nodestore> > <!-- Use a Tx Store to store security and lock information --> > <securitystore classname="org.apache.slide.store.txfile.TxXMLFileDescriptorsStore"> > <parameter name="rootpath">roles/store/metadata</parameter> > <parameter name="workpath">roles/work/metadata</parameter> > </securitystore> > <lockstore> > <reference store="securitystore"/> > </lockstore> > <revisiondescriptorsstore> > <reference store="nodestore"/> > </revisiondescriptorsstore> > <revisiondescriptorstore> > <reference store="nodestore"/> > </revisiondescriptorstore> > <contentstore> > <reference store="nodestore"/> > </contentstore> > </store> > > > > <scope match="/" store="tx"/> > <scope match="/users" store="users"/> > <scope match="/roles" store="roles"/> > </definition> > <configuration> > > <parameter name="history-collection-hack">true</parameter> > > <!-- Actions mapping --> > <read-object>/actions/read</read-object> > <create-object>/actions/write</create-object> > <remove-object>/actions/write</remove-object> > <grant-permission>/actions/write-acl</grant-permission> > <revoke-permission>/actions/write-acl</revoke-permission> > <read-permissions>/actions/read-acl</read-permissions> > <read-own-permissions>/actions/read-current-user-privilege-set</read-own-per missions> > <lock-object>/actions/write</lock-object> > <kill-lock>/actions/unlock</kill-lock> > <read-locks>/actions/read</read-locks> > <read-revision-metadata>/actions/read</read-revision-metadata> > <create-revision-metadata>/actions/write-properties</create-revision-metadat a> > <modify-revision-metadata>/actions/write-properties</modify-revision-metadat a> > <remove-revision-metadata>/actions/write-properties</remove-revision-metadat a> > <read-revision-content>/actions/read</read-revision-content> > <create-revision-content>/actions/write-content</create-revision-content> > <modify-revision-content>/actions/write-content</modify-revision-content> > <remove-revision-content>/actions/write-content</remove-revision-content> > <bind-member>/actions/bind</bind-member> > <unbind-member>/actions/unbind</unbind-member> > <!-- Paths configuration --> > <userspath>/users</userspath> > <rolespath>/roles</rolespath> > <actionspath>/actions</actionspath> > <filespath>/files</filespath> > <parameter name="dav">true</parameter> > <parameter name="standalone">true</parameter> > <parameter name="acl_inheritance_type">path</parameter> > <!-- Nested roles: 0 means no nesting (default), 1 means one sublevel, etc. --> > <parameter name="nested_roles_maxdepth">0</parameter> > <!-- Can be "off", "write" and "full" --> > <parameter name="sequential-mode">full</parameter> > <!-- "false" lets all read-only methods be executed outside of transactions --> > <parameter name="all-methods-in-transactions">true</parameter> > </configuration> > <data> > <objectnode classname="org.apache.slide.structure.SubjectNode" uri="/"> > <!-- Subject can be: > any user "all" > authenticated user "authenticated" > unauthenticated user "unauthenticated" > self "self" > owner of resource "owner" > a user "/users/john" > a role "/roles/admin" > --> > <!-- Make sure the subject here is a valid LDAP group --> > <permission action="all" subject="/roles/root" inheritable="true"/> > <permission action="/actions/read-acl" subject="all" inheritable="true" negative="true"/> > <permission action="/actions/write-acl" subject="all" inheritable="true" negative="true"/> > <permission action="/actions/unlock" subject="all" inheritable="true" negative="true"/> > <permission action="/actions/read" subject="all" inheritable="true"/> > <!-- /users --> > <objectnode classname="org.apache.slide.structure.SubjectNode" uri="/users"> > <!-- Make sure the subject here is a valid LDAP group --> > <permission action="all" subject="self" inheritable="true"/> > <permission action="all" subject="/roles/projector" inheritable="true"/> > <permission action="all" subject="unauthenticated" inheritable="true" negative="true"/> > <!-- /users/root represents the administrator --> > <objectnode classname="org.apache.slide.structure.SubjectNode" uri="/users/root"> > <revision> > <property namespace="http://jakarta.apache.org/slide/"; name="password">root</property> > </revision> > </objectnode> > <!-- /users/john and /users/john2 represent authenticated users --> > <objectnode classname="org.apache.slide.structure.SubjectNode" uri="/users/john"> > <revision> > <property namespace="http://jakarta.apache.org/slide/"; name="password">john</property> > </revision> > </objectnode> > <objectnode classname="org.apache.slide.structure.SubjectNode" uri="/users/john2"> > <revision> > <property namespace="http://jakarta.apache.org/slide/"; name="password">john2</property> > </revision> > </objectnode> > <!-- /users/guest represents an authenticated or unauthenticated guest user --> > <objectnode classname="org.apache.slide.structure.SubjectNode" uri="/users/guest"> > <revision> > <property namespace="http://jakarta.apache.org/slide/"; name="password">guest</property> > </revision> > </objectnode> > <objectnode classname="org.apache.slide.structure.SubjectNode" uri="/users/projector"> > <revision> > <property namespace="http://jakarta.apache.org/slide/"; name="password">projector</property> > </revision> > </objectnode> > </objectnode> > <!-- /roles --> > <objectnode classname="org.apache.slide.structure.SubjectNode" uri="/roles"> > <!-- Make sure the subject here is a valid LDAP group --> > <permission action="all" subject="self" inheritable="true"/> > <permission action="all" subject="/roles/projector" inheritable="true"/> > <permission action="all" subject="unauthenticated" inheritable="true" negative="true"/> > <objectnode classname="org.apache.slide.structure.SubjectNode" uri="/roles/root"> > <revision> > <property name="group-member-set"><![CDATA[<D:href xmlns:D='DAV:'>/users/root</D:href>]]></property> > </revision> > </objectnode> > <objectnode classname="org.apache.slide.structure.SubjectNode" uri="/roles/user"> > <revision> > <property name="group-member-set"><![CDATA[<D:href xmlns:D='DAV:'>/users/john</D:href><D:href xmlns:D='DAV:'>/users/john2</D:href><D:href xmlns:D='DAV:'>/users/root</D:href><D:href xmlns:D='DAV:'>/users/projector</D:href>]]></property> > </revision> > </objectnode> > <objectnode classname="org.apache.slide.structure.SubjectNode" uri="/roles/guest"> > <revision> > <property name="group-member-set"><![CDATA[<D:href xmlns:D='DAV:'>/users/guest</D:href>]]></property> > </revision> > </objectnode> > <objectnode classname="org.apache.slide.structure.SubjectNode" uri="/roles/projector"> > <revision> > <property name="group-member-set"><![CDATA[<D:href xmlns:D='DAV:'>/users/root</D:href><D:href xmlns:D='DAV:'>/users/projector</D:href>]]></property> > </revision> > </objectnode> > </objectnode> > <!-- action --> > <objectnode classname="org.apache.slide.structure.ActionNode" uri="/actions"> > <objectnode classname="org.apache.slide.structure.ActionNode" uri="/actions/read"> > <revision> > <property name="privilege-member-set"><![CDATA[<D:href xmlns:D='DAV:'>/actions/read-acl</D:href> <D:href xmlns:D='DAV:'>/actions/read-current-user-privilege-set</D:href>]]></propert y> > </revision> > </objectnode> > <objectnode classname="org.apache.slide.structure.ActionNode" uri="/actions/read-acl"> > <revision> > <property name="privilege-member-set"/> > </revision> > </objectnode> > <objectnode classname="org.apache.slide.structure.ActionNode" uri="/actions/read-current-user-privilege-set"> > <revision> > <property name="privilege-member-set"/> > </revision> > </objectnode> > <objectnode classname="org.apache.slide.structure.ActionNode" uri="/actions/write"> > <revision> > <property name="privilege-member-set"><![CDATA[<D:href xmlns:D='DAV:'>/actions/write-acl</D:href> <D:href xmlns:D='DAV:'>/actions/write-properties</D:href> <D:href xmlns:D='DAV:'>/actions/write-content</D:href>]]></property> > </revision> > </objectnode> > <objectnode classname="org.apache.slide.structure.ActionNode" uri="/actions/write-acl"> > <revision> > <property name="privilege-member-set"/> > </revision> > </objectnode> > <objectnode classname="org.apache.slide.structure.ActionNode" uri="/actions/write-properties"> > <revision> > <property name="privilege-member-set"/> > </revision> > </objectnode> > <objectnode classname="org.apache.slide.structure.ActionNode" uri="/actions/write-content"> > <revision> > <property name="privilege-member-set"><![CDATA[<D:href xmlns:D='DAV:'>/actions/bind</D:href> <D:href xmlns:D='DAV:'>/actions/unbind</D:href>]]></property> > </revision> > </objectnode> > <objectnode classname="org.apache.slide.structure.ActionNode" uri="/actions/bind"> > <revision> > <property name="privilege-member-set"/> > </revision> > </objectnode> > <objectnode classname="org.apache.slide.structure.ActionNode" uri="/actions/unbind"> > <revision> > <property name="privilege-member-set"/> > </revision> > </objectnode> > <objectnode classname="org.apache.slide.structure.ActionNode" uri="/actions/unlock"> > <revision> > <property name="privilege-member-set"/> > </revision> > </objectnode> > </objectnode> > <objectnode classname="org.apache.slide.structure.SubjectNode" uri="/files"> > <!-- Make sure the subject here is a valid LDAP group --> > <permission action="all" subject="unauthenticated" inheritable="true"/> > <permission action="/actions/write" subject="/roles/user" inheritable="true"/> > <permission action="/actions/read-acl" subject="owner" inheritable="true"/> > </objectnode> > <objectnode classname="org.apache.slide.structure.SubjectNode" uri="/projector"> > <!-- Make sure the subject here is a valid LDAP group --> > <permission action="all" subject="unauthenticated" inheritable="true"/> > <permission action="/actions/write" subject="/roles/projector" inheritable="true"/> > <permission action="/actions/read-acl" subject="owner" inheritable="true"/> > <objectnode classname="org.apache.slide.structure.SubjectNode" uri="/projector/work"> > </objectnode> > </objectnode> > <!-- DeltaV: default history and workspace paths --> > <objectnode classname="org.apache.slide.structure.SubjectNode" uri="/history"> > <!-- Make sure the subject here is a valid LDAP group --> > <permission action="all" subject="unauthenticated" inheritable="true"/> > <permission action="/actions/write" subject="/roles/user" inheritable="true"/> > <permission action="/actions/read-acl" subject="owner" inheritable="true"/> > </objectnode> > <objectnode classname="org.apache.slide.structure.SubjectNode" uri="/workspace"> > <!-- Make sure the subject here is a valid LDAP group --> > <permission action="all" subject="unauthenticated" inheritable="true"/> > <permission action="/actions/write" subject="/roles/user" inheritable="true"/> > <permission action="/actions/read-acl" subject="owner" inheritable="true"/> > </objectnode> > <objectnode classname="org.apache.slide.structure.SubjectNode" uri="/workingresource"> > <!-- Make sure the subject here is a valid LDAP group --> > <permission action="all" subject="unauthenticated" inheritable="true"/> > <permission action="/actions/write" subject="/roles/user" inheritable="true"/> > <permission action="/actions/read-acl" subject="owner" inheritable="true"/> > </objectnode> > </objectnode> > </data> > </namespace> > <!-- > DeltaV global parameters > ======================== > * historypath (mandatory=no, default="/history"): > Specifies a Slide path which determines the location where this DeltaV > server stores history data. > > * workspacepath (mandatory=no, default="/workspace"): > Specifies a Slide path which determines the location where this DeltaV > server allows workspaces to reside. > > * workingresourcepath (mandatory=no, default="/workingresource"): > Specifies a Slide path which determines the location where this DeltaV > server stores working resources. > > * auto-version (mandatory=no, default="checkout-checkin"): > Controls the DeltaV auto-version behaviour. > > * auto-version-control (mandatory=no, default="false"): > Indicates if a resource just created by a PUT should be set under > version-control. > > * versioncontrol-exclude (mandatory=no, default=""): > Specifies a Slide path which determines resources which are excluded from version-control. > The default value "" makes no path being excluded. > > * checkout-fork (mandatory=no, default="forbidden"): > Controls the DeltaV check-out behaviour when a version is already > checked-out or has a successor. > > * checkin-fork (mandatory=no, default="forbidden"): > Controls the DeltaV check-out behaviour when a version has already a > successor. > > * standardLivePropertiesClass (mandatory=no, > default="org.apache.slide.webdav.util.resourcekind.AbstractResourceKind"): > Determines the "agent" knowing about what the standard live properties are. > It should be a loadable class containing the following static methods: > - boolean isLiveProperty(String propName) > - boolean isProtectedProperty(String propName) > - boolean isComputedProperty(String propName) > - Set getAllLiveProperties() > - Set getAllProtectedProperties() > - Set getAllComputedProperties() > > * uriRedirectorClass (mandatory=no, > default="org.apache.slide.webdav.util.DeltavUriRedirector"): > Determines the URI redirector class. The DeltaV URI redirector is in > charge of the following redirections: > - version URI to history URI, e.g. /history/2/1.4 to /history/2 > - latest revision number for history resource to 0.0 > - latest revision number for version resource to last URI token, > e.g. /history/2/1.4 to 1.4 > It should be a loadable class containing the following static methods: > - String redirectUri(String uri) > - NodeRevisionNumber redirectLatestRevisionNumber(String uri) > --> > <parameter name="historypath">/history</parameter> > <parameter name="workspacepath">/workspace</parameter> > <parameter name="workingresourcepath">/workingresource</parameter> > <parameter name="auto-version">checkout-checkin</parameter> > <parameter name="auto-version-control">true</parameter> > <parameter name="versioncontrol-exclude"/> > <parameter name="checkout-fork">forbidden</parameter> > <parameter name="checkin-fork">forbidden</parameter> > > > <!-- Extractor configuration --> > <extractors> > <extractor classname="org.apache.slide.extractor.SimpleXmlExtractor" uri="/files/articles/test.xml"> > <configuration> > <instruction property="title" xpath="/article/title/text()" /> > <instruction property="summary" xpath="/article/summary/text()" /> > </configuration> > </extractor> > <extractor classname="org.apache.slide.extractor.OfficeExtractor" uri="/files/docs/"> > <configuration> > <instruction property="author" id="SummaryInformation-0-4" /> > <instruction property="application" id="SummaryInformation-0-18" /> > </configuration> > </extractor> > </extractors> > > <!-- Event configuration --> > <events> > <event classname="org.apache.slide.webdav.event.WebdavEvent" enable="true" /> > <event classname="org.apache.slide.event.ContentEvent" enable="true" /> > <event classname="org.apache.slide.event.ContentEvent" method="retrieve" enable="false" /> > <event classname="org.apache.slide.event.EventCollection" enable="true" /> > <event classname="org.apache.slide.event.TransactionEvent" enable="true" /> > > <event classname="org.apache.slide.event.MacroEvent" enable="true"/> > > <!--listener classname="org.apache.slide.util.event.EventLogger" /--> > <listener classname="org.apache.slide.event.VetoableEventCollector" /> > <listener classname="org.apache.slide.event.TransientEventCollector" /> > <listener classname="org.apache.slide.webdav.event.NotificationTrigger"> > <configuration> > <notification include-events="false" /> > <persist-subscriptions filename="subscriptions.xml" /> > </configuration> > </listener> > <listener classname="org.apache.slide.extractor.PropertyExtractorTrigger" /> > <listener classname="org.apache.slide.search.IndexTrigger"> > <configuration> > <indexer classname="org.apache.slide.search.LoggingIndexer" synchronous="false" uri="/files/articles" /> > </configuration> > </listener> > > <!-- Uncomment for cluster support. Be sure to local-host and repository-host --> > <!-- > <listener classname="org.apache.slide.cluster.ClusterCacheRefresher"> > <configuration> > <node local-host="local.host.domain" > local-port="4444" > repository-host="remote.host.domain" > repository-port="8080" > repository-protocol="http" > username="root" > password="root" > base-uri="/files/" > /> > </configuration> > </listener> > --> > > <listener classname="org.apache.slide.macro.MacroPropertyUpdater"> > <!-- Listener that updates some properties if resources are > copied or moved. This requires MacroEvents enabled (at > least methods copy and move) --> > <configuration> > <update-displayname>true</update-displayname> > <update-owner-on-move>false</update-owner-on-move> > <update-owner-on-copy>true</update-owner-on-copy> > </configuration> > </listener> > </events> > </slide> > > > ------------------------------------------------------------------------ > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
