So this is M23. 3 years old. Hmmm. We should have released more often,
considering it's currently M25.
Regardless, answering to your questions now...
On 23/07/2019 18:00, Philipp Grigoryev wrote:
Hi Emmanuel,
Thank you for replying to my question and providing a thorough explanation. I
tried some recipes based on your response (with partial success) and that’s my
observations.
1) I have to deal with some legacy code developed by a guy who left our
company, so I’m trying not to break things and introduce very granular changes
for the same purpose
I understand...
2) Directory Server created explicitly with the following code as an example:
DefaultDirectoryServiceFactory factory = new DefaultDirectoryServiceFactory()
factory.init(“xxx.ldapgw")
cs = new CacheService()
cs.initialize( null)
directoryService = factory.getDirectoryService()
directoryService.setShutdownHookEnabled(true)
directoryService.setAllowAnonymousAccess(ldapSettings.allowAnonymousAccess)
if ( ldapSettings.schemaLdif.length() > 0 ) {
def fSchema = new File(ldapSettings.schemaLdif)
if ( !fSchema.exists()) {
throw new Exception("LDIF file does not exist:" +
ldapSettings.schemaLdif)
}
auditLog.info "Loading Schemas${new
LdifFileLoader(directoryService.getAdminSession(), fSchema, null).execute()}"
}
directoryService.dnFactory = new DefaultDnFactory(
directoryService.schemaManager, cs.getCache("dnCache"))
// add our bind interceptor to the front of the list
def interceptors = directoryService.getInterceptors()
interceptors.add(0, bindInterceptor)
//
interceptors.add(findNormalizationInterceptorPosition(interceptors) + 1,
crudInterceptor)
bindInterceptor.init(directoryService)
It's not necessary. init() will be called when the addFirst() method
will be called.
directoryService.setInterceptors(interceptors)
directoryService.addFirst(crudInterceptor)
def adminSession = directoryService.getAdminSession()
ldapServer = new LdapServer()
ldapServer.directoryService = directoryService
...
So it’s not declarative like it’s shown in the online documentation, which I
have to admit is quite outdated. Maybe there is a place where it’s in the most
recent state?
No. This is still a work in progress...
As you can see from the file, there is a section related to interceptors, and
while setting server up, I see that my interceptors is in the middle of the
pack. I can also see that while doing “modify(opContext)” in my custom
interceptor, where opContext would reflect total number of interceptors and
current number (though still throwing NPE at next(opContext)). Nevertheless, I
tried to grab the default config.ldif from downloaded DS archive and inserted a
section related to interceptors into schemaLdif file. That didn’t really change
anything for me. I think it might be related to the fact that I can’t see
anything with Directory Browser under ou=config, after server is up. So would
be really nice if you can direct me to how I can use config.ldif while setting
the server up programmatically.
Th ecurrent version, as M23, is now starting the server and configure it
using the LDIF file that is stored on disk. If you look at the
UberJarMain file, which is the starting point of the whole system, it
takes an argument which is the layout (ie, the place where all your
server config/data etc are stored), then call start(), then
ApacheDsService.start(), which load the schema, initialize the config
partition, read it, and create instance of XXXBean:
initSchemaManager( instanceLayout );
DnFactory bootstrapDnFactory = new DefaultDnFactory(
schemaManager, 100 );
initSchemaLdifPartition( instanceLayout, bootstrapDnFactory );
initConfigPartition( instanceLayout, bootstrapDnFactory );
// Read the configuration
ConfigPartitionReader cpReader = new ConfigPartitionReader(
configPartition );
ConfigBean configBean = cpReader.readConfig();
ConfigBean contains the whole config for your server. Then the
initDirectoryService() method is called, which create the DirectoryService:
DirectoryService directoryService =
ServiceBuilder.createDirectoryService( directoryServiceBean,
instanceLayout, schemaManager );
This is where the interceptors get loaded, the Map computed.
If you follow the same steps, you should be good to go. At the end, it's
really all about defining the proper config file.
2) As you can see from the snippet, I tried to do .addFirst(crudInterceptor)
and from a first glance it worked for me, no more NPE, my custom code works
fine, but as you said, I’m not sure if that’s a right way or any complications
can be right around the corner.
It depends :-)
The interceptors order is critical for the server to work well. It would
make no sense for instance to have the SchemaInterceptor be the first
one in the chain, before authent or authz...
As your interceptor deal with Bind, it's probably correct to have it at
first position.
Now, I will ask you what is this interceptor doing ? There are other
means to implement a mechanism that manage authentication, through
Authenticators. But that is another discussion...
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@directory.apache.org
For additional commands, e-mail: users-h...@directory.apache.org
