there is no way to do this using any API
I take this to mean there is no API to do this programmatically.
So it seems like I have two choices.
1) Copy DefaultDirectoryServiceFactory and change the implementation of
initSystemPartition so that the admin user has a non-default password.
Looking at the current implementation of this method it isn't clear how
that would be done.
2) Use LdapConnection.modify request to set the admin's password. I'd
like to see an example of that but I don't think this will solve my
problem as the server needs to come up to service that request and
therefore the WARNing will be output.
So it seems like the only possible solution to both of my issues is
likely to copy and modify DefaultDirectoryServiceFactory. Here I'll say
that the reason I'm in this position now is because the version of this
I had before was based on ApacheDS 1.5.5 and this needs to be totally
rewritten for 2.0.0. I'd really like to be able to use something
maintained by ApacheDS for this use case. I understand that my use case
may not be important to the ApacheDS community.
On 11/26/13 12:47 PM, Kiran Ayyagari wrote:
On Tue, Nov 26, 2013 at 8:28 PM, Kevin Minder
<[email protected]>wrote:
I'm trying to provide a very, very simple demo LDAP server for use with my
project. I've managed to create one that is working using the code at the
bottom. However it emits the following two WARN lines when started.
Ideally I'd like to get rid of these as to not confuse/concern my users.
The first one looks like it could be solved by creating a copy of
DefaultDirectoryServiceFactory and registering a shutdown hook, but I'd
rather not do that.
The second one I really have no idea how to resolve. I'd be fine with
setting an instance specific password but it isn't clear what API should be
used or if that would fit into the way the DefaultDirectoryServiceFactory
handles the DefaultDirectoryService lifecycle.
there is no way to do this using any API
I can provide a very simple maven project to illustrate if that would will
help someone help me. BTW setting the logger level won't work for me
because I do want any bind authentication failures to be output and these
are WARNs too.
[09:47:45] WARN [org.apache.directory.server.core.DefaultDirectoryService]
- ApacheDS shutdown hook has NOT been registered with the runtime. This
default setting for standalone operation has been overriden.
[09:47:46] WARN [org.apache.directory.server.core.DefaultDirectoryService]
- You didn't change the admin password of directory service instance
'ac3a5495-5d28-4e7e-987d-654efa9cb6a9'. Please update the admin password
as soon as possible to prevent a possible security breach.
public SimpleLdapServer( String rootDn, File usersLdif, Transport...
transports ) throws Exception {
factory = new DefaultDirectoryServiceFactory();
factory.init( UUID.randomUUID().toString() );
service = factory.getDirectoryService();
Partition partition = factory.getPartitionFactory().createPartition(
service.getSchemaManager(), "users", rootDn, 500,
service.getInstanceLayout().getInstanceDirectory() );
service.addPartition( partition );
CoreSession session = service.getAdminSession();
LdifFileLoader lfl = new LdifFileLoader( session, usersLdif, null );
lfl.execute();
server = new LdapServer();
server.setTransports( transports );
server.setDirectoryService( service );
service.startup();
server.start();
}
--
CONFIDENTIALITY NOTICE
NOTICE: This message is intended for the use of the individual or entity
to which it is addressed and may contain information that is confidential,
privileged and exempt from disclosure under applicable law. If the reader
of this message is not the intended recipient, you are hereby notified that
any printing, copying, dissemination, distribution, disclosure or
forwarding of this communication is strictly prohibited. If you have
received this communication in error, please contact the sender immediately
and delete it from your system. Thank You.
--
CONFIDENTIALITY NOTICE
NOTICE: This message is intended for the use of the individual or entity to
which it is addressed and may contain information that is confidential,
privileged and exempt from disclosure under applicable law. If the reader
of this message is not the intended recipient, you are hereby notified that
any printing, copying, dissemination, distribution, disclosure or
forwarding of this communication is strictly prohibited. If you have
received this communication in error, please contact the sender immediately
and delete it from your system. Thank You.
