You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by an...@apache.org on 2010/11/26 22:37:20 UTC
svn commit: r1039567 - in /directory/apacheds/branches/antoine:
core/src/main/java/org/apache/directory/server/core/authn/
protocol-ldap/src/main/java/org/apache/directory/server/ldap/handlers/
server-config/src/main/java/org/apache/directory/server/co...
Author: antoine
Date: Fri Nov 26 21:37:20 2010
New Revision: 1039567
URL: http://svn.apache.org/viewvc?rev=1039567&view=rev
Log:
fist shot of implementing delegating authenticator, not tested yet
Added:
directory/apacheds/branches/antoine/core/src/main/java/org/apache/directory/server/core/authn/DelegatingAuthenticator.java (with props)
directory/apacheds/branches/antoine/server-config/src/main/java/org/apache/directory/server/config/beans/AnonymousAuthenticatorBean.java (with props)
directory/apacheds/branches/antoine/server-config/src/main/java/org/apache/directory/server/config/beans/AuthenticationInterceptorBean.java (with props)
directory/apacheds/branches/antoine/server-config/src/main/java/org/apache/directory/server/config/beans/AuthenticatorBean.java (with props)
directory/apacheds/branches/antoine/server-config/src/main/java/org/apache/directory/server/config/beans/DelegatingAuthenticatorBean.java (with props)
directory/apacheds/branches/antoine/server-config/src/main/java/org/apache/directory/server/config/beans/SimpleAuthenticatorBean.java (with props)
directory/apacheds/branches/antoine/server-config/src/main/java/org/apache/directory/server/config/beans/StrongAuthenticatorBean.java (with props)
Modified:
directory/apacheds/branches/antoine/core/src/main/java/org/apache/directory/server/core/authn/AuthenticationInterceptor.java
directory/apacheds/branches/antoine/protocol-ldap/src/main/java/org/apache/directory/server/ldap/handlers/BindHandler.java
directory/apacheds/branches/antoine/server-config/src/main/java/org/apache/directory/server/config/beans/LdapServerBean.java
directory/apacheds/branches/antoine/server-config/src/main/resources/config.ldif
directory/apacheds/branches/antoine/service-builder/src/main/java/org/apache/directory/server/config/ServiceBuilder.java
Modified: directory/apacheds/branches/antoine/core/src/main/java/org/apache/directory/server/core/authn/AuthenticationInterceptor.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/antoine/core/src/main/java/org/apache/directory/server/core/authn/AuthenticationInterceptor.java?rev=1039567&r1=1039566&r2=1039567&view=diff
==============================================================================
--- directory/apacheds/branches/antoine/core/src/main/java/org/apache/directory/server/core/authn/AuthenticationInterceptor.java (original)
+++ directory/apacheds/branches/antoine/core/src/main/java/org/apache/directory/server/core/authn/AuthenticationInterceptor.java Fri Nov 26 21:37:20 2010
@@ -244,6 +244,16 @@ public class AuthenticationInterceptor e
/**
+ * @param authenticators authenticators to be used by this AuthenticationInterceptor
+ */
+ public void setAuthenticators( Authenticator[] authenticators )
+ {
+ this.authenticators.clear();
+ for (Authenticator authenticator : authenticators) {
+ this.authenticators.add( authenticator );
+ }
+ }
+ /**
* Deinitializes and deregisters all {@link Authenticator}s from this service.
*/
public void destroy()
@@ -1484,4 +1494,6 @@ public class AuthenticationInterceptor e
this.newPwd = newPwd;
}
}
+
+
}
Added: directory/apacheds/branches/antoine/core/src/main/java/org/apache/directory/server/core/authn/DelegatingAuthenticator.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/antoine/core/src/main/java/org/apache/directory/server/core/authn/DelegatingAuthenticator.java?rev=1039567&view=auto
==============================================================================
--- directory/apacheds/branches/antoine/core/src/main/java/org/apache/directory/server/core/authn/DelegatingAuthenticator.java (added)
+++ directory/apacheds/branches/antoine/core/src/main/java/org/apache/directory/server/core/authn/DelegatingAuthenticator.java Fri Nov 26 21:37:20 2010
@@ -0,0 +1,118 @@
+package org.apache.directory.server.core.authn;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import org.apache.directory.ldap.client.api.LdapConnection;
+import org.apache.directory.ldap.client.api.LdapConnectionFactory;
+import org.apache.directory.server.core.LdapPrincipal;
+import org.apache.directory.server.core.interceptor.context.BindOperationContext;
+import org.apache.directory.server.i18n.I18n;
+import org.apache.directory.shared.ldap.constants.AuthenticationLevel;
+import org.apache.directory.shared.ldap.entry.Entry;
+import org.apache.directory.shared.ldap.exception.LdapAuthenticationException;
+import org.apache.directory.shared.ldap.exception.LdapException;
+import org.apache.directory.shared.ldap.message.BindResponse;
+import org.apache.directory.shared.ldap.message.ResultCodeEnum;
+import org.apache.directory.shared.ldap.name.DN;
+import org.apache.directory.shared.ldap.util.StringTools;
+
+public class DelegatingAuthenticator extends AbstractAuthenticator
+{
+ /**
+ * Creates a new instance.
+ * @see AbstractAuthenticator
+ */
+ public DelegatingAuthenticator()
+ {
+ super( AuthenticationLevel.SIMPLE );
+ }
+
+ protected DelegatingAuthenticator(AuthenticationLevel type)
+ {
+ super( type );
+ }
+
+ /** A speedup for logger in debug mode */
+ private static final boolean IS_DEBUG = LOG.isDebugEnabled();
+ private String delegateHost;
+ private int delegatePort;
+ private List<String> dnPatterns = new ArrayList<String>();
+
+ public String getDelegateHost()
+ {
+ return delegateHost;
+ }
+
+ public void setDelegateHost( String delegateHost )
+ {
+ this.delegateHost = delegateHost;
+ }
+
+ public int getDelegatePort()
+ {
+ return delegatePort;
+ }
+
+ public void setDelegatePort( int delegatePort )
+ {
+ this.delegatePort = delegatePort;
+ }
+
+ public List<String> getDnPatterns()
+ {
+ return dnPatterns;
+ }
+
+ public void setDnPatterns( List<String> dnPatterns )
+ {
+ this.dnPatterns = dnPatterns;
+ }
+
+ public LdapPrincipal authenticate( BindOperationContext bindContext )
+ throws Exception
+ {
+ LdapPrincipal principal = null;
+ if ( IS_DEBUG )
+ {
+ LOG.debug( "Authenticating {}", bindContext.getDn() );
+ }
+ LdapConnection ldapConnection = LdapConnectionFactory.getNetworkConnection(delegateHost, delegatePort);
+ try {
+ BindResponse bindResponse = ldapConnection.bind(bindContext.getDn(), StringTools.utf8ToString( bindContext.getCredentials() ));
+ if (bindResponse.getLdapResult().getResultCode() != ResultCodeEnum.SUCCESS) {
+ String message = I18n.err( I18n.ERR_230, bindContext.getDn().getName() );
+ LOG.info( message );
+ throw new LdapAuthenticationException( message );
+ }
+ // Create the new principal before storing it in the cache
+ principal = new LdapPrincipal( bindContext.getDn(), AuthenticationLevel.SIMPLE, bindContext.getCredentials() );
+ } catch (LdapException e) {
+ // Bad password ...
+ String message = I18n.err( I18n.ERR_230, bindContext.getDn().getName() );
+ LOG.info( message );
+ throw new LdapAuthenticationException( message );
+ }
+ return principal;
+ }
+
+ public void checkPwdPolicy( Entry userEntry ) throws LdapException
+ {
+ // TODO Auto-generated method stub
+
+ }
+
+
+ public AuthenticationLevel getAuthenticatorType()
+ {
+ return AuthenticationLevel.SIMPLE;
+ }
+
+
+ public void invalidateCache( DN bindDn )
+ {
+ // TODO Auto-generated method stub
+
+ }
+
+}
Propchange: directory/apacheds/branches/antoine/core/src/main/java/org/apache/directory/server/core/authn/DelegatingAuthenticator.java
------------------------------------------------------------------------------
svn:eol-style = native
Modified: directory/apacheds/branches/antoine/protocol-ldap/src/main/java/org/apache/directory/server/ldap/handlers/BindHandler.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/antoine/protocol-ldap/src/main/java/org/apache/directory/server/ldap/handlers/BindHandler.java?rev=1039567&r1=1039566&r2=1039567&view=diff
==============================================================================
--- directory/apacheds/branches/antoine/protocol-ldap/src/main/java/org/apache/directory/server/ldap/handlers/BindHandler.java (original)
+++ directory/apacheds/branches/antoine/protocol-ldap/src/main/java/org/apache/directory/server/ldap/handlers/BindHandler.java Fri Nov 26 21:37:20 2010
@@ -146,14 +146,14 @@ public class BindHandler extends LdapReq
if ( principalEntry == null )
{
LOG.info( "The {} principalDN cannot be found in the server : bind failure.", bindRequest.getName() );
- LdapResult result = bindRequest.getResultResponse().getLdapResult();
- result.setErrorMessage( "cannot bind the principalDn." );
- result.setResultCode( ResultCodeEnum.INVALID_CREDENTIALS );
- ldapSession.getIoSession().write( bindRequest.getResultResponse() );
- return;
+// LdapResult result = bindRequest.getResultResponse().getLdapResult();
+// result.setErrorMessage( "cannot bind the principalDn." );
+// result.setResultCode( ResultCodeEnum.INVALID_CREDENTIALS );
+// ldapSession.getIoSession().write( bindRequest.getResultResponse() );
+// return;
}
- if ( ( ( ClonedServerEntry ) principalEntry ).getOriginalEntry().contains( SchemaConstants.OBJECT_CLASS_AT,
+ if ( principalEntry != null && ( ( ClonedServerEntry ) principalEntry ).getOriginalEntry().contains( SchemaConstants.OBJECT_CLASS_AT,
SchemaConstants.REFERRAL_OC ) )
{
LOG.info( "Bind principalDn points to referral." );
Added: directory/apacheds/branches/antoine/server-config/src/main/java/org/apache/directory/server/config/beans/AnonymousAuthenticatorBean.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/antoine/server-config/src/main/java/org/apache/directory/server/config/beans/AnonymousAuthenticatorBean.java?rev=1039567&view=auto
==============================================================================
--- directory/apacheds/branches/antoine/server-config/src/main/java/org/apache/directory/server/config/beans/AnonymousAuthenticatorBean.java (added)
+++ directory/apacheds/branches/antoine/server-config/src/main/java/org/apache/directory/server/config/beans/AnonymousAuthenticatorBean.java Fri Nov 26 21:37:20 2010
@@ -0,0 +1,32 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+
+package org.apache.directory.server.config.beans;
+
+/**
+ * Anonymous authenticator
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ */
+
+public class AnonymousAuthenticatorBean extends AuthenticatorBean
+{
+
+}
Propchange: directory/apacheds/branches/antoine/server-config/src/main/java/org/apache/directory/server/config/beans/AnonymousAuthenticatorBean.java
------------------------------------------------------------------------------
svn:eol-style = native
Added: directory/apacheds/branches/antoine/server-config/src/main/java/org/apache/directory/server/config/beans/AuthenticationInterceptorBean.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/antoine/server-config/src/main/java/org/apache/directory/server/config/beans/AuthenticationInterceptorBean.java?rev=1039567&view=auto
==============================================================================
--- directory/apacheds/branches/antoine/server-config/src/main/java/org/apache/directory/server/config/beans/AuthenticationInterceptorBean.java (added)
+++ directory/apacheds/branches/antoine/server-config/src/main/java/org/apache/directory/server/config/beans/AuthenticationInterceptorBean.java Fri Nov 26 21:37:20 2010
@@ -0,0 +1,63 @@
+package org.apache.directory.server.config.beans;
+
+import java.util.ArrayList;
+import java.util.List;
+
+public class AuthenticationInterceptorBean extends InterceptorBean
+{
+ /** The list of authenticators */
+ private List<AuthenticatorBean> authenticators = new ArrayList<AuthenticatorBean>();
+
+ public AuthenticationInterceptorBean() {
+ super();
+ }
+ /**
+ * @param authenticators the authenticators to set
+ */
+ public void setAuthenticators( List<AuthenticatorBean> authenticators )
+ {
+ this.authenticators = authenticators;
+ }
+
+
+ /**
+ * @param authenticators the authenticators to add
+ */
+ public void addAuthenticators( AuthenticatorBean... authenticators )
+ {
+ for ( AuthenticatorBean authenticator : authenticators )
+ {
+ this.authenticators.add( authenticator );
+ }
+ }
+
+ /**
+ * @return the extendedOps
+ */
+ public List<AuthenticatorBean> getAuthenticators()
+ {
+ return authenticators;
+ }
+
+ /**
+ * {@inheritDoc}
+ */
+ public String toString( String tabs )
+ {
+ StringBuilder sb = new StringBuilder();
+
+ sb.append( tabs ).append( "AuthenticationInterceptor :\n" );
+ sb.append( super.toString( tabs + " " ) );
+ if ((authenticators != null) && (authenticators.size() > 0))
+ {
+ sb.append( tabs ).append( " authenticator :\n" );
+
+ for (AuthenticatorBean authenticator : authenticators)
+ {
+ sb.append( authenticator.toString( tabs + " " ) );
+ }
+ }
+ return sb.toString();
+ }
+
+}
Propchange: directory/apacheds/branches/antoine/server-config/src/main/java/org/apache/directory/server/config/beans/AuthenticationInterceptorBean.java
------------------------------------------------------------------------------
svn:eol-style = native
Added: directory/apacheds/branches/antoine/server-config/src/main/java/org/apache/directory/server/config/beans/AuthenticatorBean.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/antoine/server-config/src/main/java/org/apache/directory/server/config/beans/AuthenticatorBean.java?rev=1039567&view=auto
==============================================================================
--- directory/apacheds/branches/antoine/server-config/src/main/java/org/apache/directory/server/config/beans/AuthenticatorBean.java (added)
+++ directory/apacheds/branches/antoine/server-config/src/main/java/org/apache/directory/server/config/beans/AuthenticatorBean.java Fri Nov 26 21:37:20 2010
@@ -0,0 +1,24 @@
+package org.apache.directory.server.config.beans;
+
+public abstract class AuthenticatorBean extends AdsBaseBean
+{
+ /** The authenticator id */
+ private String authenticatorId;
+ /**
+ * @return the authenticatorId
+ */
+ public String getAuthenticatorId()
+ {
+ return authenticatorId;
+ }
+
+
+ /**
+ * @param authenticatorId the authenticatorId to set
+ */
+ public void setAuthenticatorId( String authenticatorId )
+ {
+ this.authenticatorId = authenticatorId;
+ }
+
+}
Propchange: directory/apacheds/branches/antoine/server-config/src/main/java/org/apache/directory/server/config/beans/AuthenticatorBean.java
------------------------------------------------------------------------------
svn:eol-style = native
Added: directory/apacheds/branches/antoine/server-config/src/main/java/org/apache/directory/server/config/beans/DelegatingAuthenticatorBean.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/antoine/server-config/src/main/java/org/apache/directory/server/config/beans/DelegatingAuthenticatorBean.java?rev=1039567&view=auto
==============================================================================
--- directory/apacheds/branches/antoine/server-config/src/main/java/org/apache/directory/server/config/beans/DelegatingAuthenticatorBean.java (added)
+++ directory/apacheds/branches/antoine/server-config/src/main/java/org/apache/directory/server/config/beans/DelegatingAuthenticatorBean.java Fri Nov 26 21:37:20 2010
@@ -0,0 +1,102 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.directory.server.config.beans;
+
+/**
+ * A class used to store the Delegating Authenticator configuration.
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ */
+public class DelegatingAuthenticatorBean extends AuthenticatorBean
+{
+
+ /** The delegate host */
+ private String delegateHost;
+
+ /** The delegate port */
+ private int delegatePort;
+
+
+
+
+
+ /**
+ * @return the delegateHost
+ */
+ public String getDelegateHost()
+ {
+ return delegateHost;
+ }
+
+
+ /**
+ * @param delegateHost the delegateHost to set
+ */
+ public void setDelegateHost( String delegateHost )
+ {
+ this.delegateHost = delegateHost;
+ }
+
+
+ /**
+ * @return the delegatePort
+ */
+ public int getDelegatePort()
+ {
+ return delegatePort;
+ }
+
+
+ /**
+ * @param delegatePort the delegatePort to set
+ */
+ public void setDelegatePort( int delegatePort )
+ {
+ this.delegatePort = delegatePort;
+ }
+
+
+ /**
+ * {@inheritDoc}
+ */
+ public String toString( String tabs )
+ {
+ StringBuilder sb = new StringBuilder();
+
+ sb.append( tabs ).append( "Delegating Authenticator :\n" );
+ sb.append( super.toString( tabs + " " ) );
+
+ sb.append( tabs ).append( " delegate host : " ).append( delegateHost ).append( '\n' );
+ sb.append( tabs ).append( " delegate port : " ).append( delegatePort ).append( '\n' );
+
+ return sb.toString();
+ }
+
+
+ /**
+ * {@inheritDoc}
+ */
+ public String toString()
+ {
+ return toString( "" );
+ }
+
+
+}
Propchange: directory/apacheds/branches/antoine/server-config/src/main/java/org/apache/directory/server/config/beans/DelegatingAuthenticatorBean.java
------------------------------------------------------------------------------
svn:eol-style = native
Modified: directory/apacheds/branches/antoine/server-config/src/main/java/org/apache/directory/server/config/beans/LdapServerBean.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/antoine/server-config/src/main/java/org/apache/directory/server/config/beans/LdapServerBean.java?rev=1039567&r1=1039566&r2=1039567&view=diff
==============================================================================
--- directory/apacheds/branches/antoine/server-config/src/main/java/org/apache/directory/server/config/beans/LdapServerBean.java (original)
+++ directory/apacheds/branches/antoine/server-config/src/main/java/org/apache/directory/server/config/beans/LdapServerBean.java Fri Nov 26 21:37:20 2010
@@ -68,7 +68,7 @@ public class LdapServerBean extends DSBa
/** The list of supported extended operation handlers */
private List<ExtendedOpHandlerBean> extendedOpHandlers = new ArrayList<ExtendedOpHandlerBean>();
-
+
/**
* Create a new LdapServerBean instance
*/
@@ -312,6 +312,7 @@ public class LdapServerBean extends DSBa
}
+
/**
* @param extendedOps the extendedOps to set
*/
Added: directory/apacheds/branches/antoine/server-config/src/main/java/org/apache/directory/server/config/beans/SimpleAuthenticatorBean.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/antoine/server-config/src/main/java/org/apache/directory/server/config/beans/SimpleAuthenticatorBean.java?rev=1039567&view=auto
==============================================================================
--- directory/apacheds/branches/antoine/server-config/src/main/java/org/apache/directory/server/config/beans/SimpleAuthenticatorBean.java (added)
+++ directory/apacheds/branches/antoine/server-config/src/main/java/org/apache/directory/server/config/beans/SimpleAuthenticatorBean.java Fri Nov 26 21:37:20 2010
@@ -0,0 +1,32 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+
+package org.apache.directory.server.config.beans;
+
+/**
+ * Simple Authenticator configuration
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ */
+
+public class SimpleAuthenticatorBean extends AuthenticatorBean
+{
+
+}
Propchange: directory/apacheds/branches/antoine/server-config/src/main/java/org/apache/directory/server/config/beans/SimpleAuthenticatorBean.java
------------------------------------------------------------------------------
svn:eol-style = native
Added: directory/apacheds/branches/antoine/server-config/src/main/java/org/apache/directory/server/config/beans/StrongAuthenticatorBean.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/antoine/server-config/src/main/java/org/apache/directory/server/config/beans/StrongAuthenticatorBean.java?rev=1039567&view=auto
==============================================================================
--- directory/apacheds/branches/antoine/server-config/src/main/java/org/apache/directory/server/config/beans/StrongAuthenticatorBean.java (added)
+++ directory/apacheds/branches/antoine/server-config/src/main/java/org/apache/directory/server/config/beans/StrongAuthenticatorBean.java Fri Nov 26 21:37:20 2010
@@ -0,0 +1,32 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+
+package org.apache.directory.server.config.beans;
+
+/**
+ * Strong authenticator bean
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ */
+
+public class StrongAuthenticatorBean extends AuthenticatorBean
+{
+
+}
Propchange: directory/apacheds/branches/antoine/server-config/src/main/java/org/apache/directory/server/config/beans/StrongAuthenticatorBean.java
------------------------------------------------------------------------------
svn:eol-style = native
Modified: directory/apacheds/branches/antoine/server-config/src/main/resources/config.ldif
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/antoine/server-config/src/main/resources/config.ldif?rev=1039567&r1=1039566&r2=1039567&view=diff
==============================================================================
--- directory/apacheds/branches/antoine/server-config/src/main/resources/config.ldif (original)
+++ directory/apacheds/branches/antoine/server-config/src/main/resources/config.ldif Fri Nov 26 21:37:20 2010
@@ -1,750 +1,782 @@
-version: 1
-dn: ou=config
-ou: config
-objectclass: top
-objectclass: organizationalUnit
-
-dn: ou=replProviders,ou=config
-ou: replProviders
-objectclass: organizationalUnit
-objectclass: top
-
-dn: ads-directoryServiceId=default,ou=config
-objectclass: top
-objectclass: ads-base
-objectclass: ads-directoryService
-ads-directoryserviceid: default
-ads-dsreplicaid: 1
-ads-dssyncperiodmillis: 15000
-ads-dsmaxpdusize: 2000000
-ads-dsallowanonymousaccess: true
-ads-dsaccesscontrolenabled: false
-ads-dsdenormalizeopattrsenabled: false
-ads-servers: changepasswordserver
-ads-servers: dns
-ads-servers: httpserver
-ads-servers: kerberos
-ads-servers: ldapserver
-ads-servers: ntp
-ads-partitions: example
-ads-partitions: system
-ads-interceptors: aciAuthorizationInterceptor
-ads-interceptors: authenticationInterceptor
-ads-interceptors: collectiveAttributeInterceptor
-ads-interceptors: defaultAuthorizationInterceptor
-ads-interceptors: eventInterceptor
-ads-interceptors: exceptionInterceptor
-ads-interceptors: keyDerivationInterceptor
-ads-interceptors: normalizationInterceptor
-ads-interceptors: operationalAttributeInterceptor
-ads-interceptors: passwordHashingInterceptor
-ads-interceptors: referralInterceptor
-ads-interceptors: schemaInterceptor
-ads-interceptors: subentryInterceptor
-ads-interceptors: triggerInterceptor
-ads-enabled: true
-
-dn: ads-changeLogId=defaultChangeLog,ads-directoryServiceId=default,ou=config
-objectclass: top
-objectclass: ads-base
-objectclass: ads-changeLog
-ads-changeLogId: defaultChangeLog
-ads-changeLogExposed: FALSE
-
-
-dn: ads-journalId=defaultJournal,ads-directoryServiceId=default,ou=config
-objectclass: top
-objectclass: ads-base
-objectclass: ads-journal
-ads-journalId: defaultJournal
-ads-journalFileName: Journal.txt
-ads-journalWorkingDir: /
-ads-journalRotation: 2
-
-
-dn: ou=interceptors,ads-directoryServiceId=default,ou=config
-ou: interceptors
-objectclass: organizationalUnit
-objectclass: top
-
-dn: ads-interceptorId=aciAuthorizationInterceptor,ou=interceptors,ads-directoryServiceId=default,ou=config
-objectclass: top
-objectclass: ads-base
-objectclass: ads-interceptor
-ads-interceptororder: 4
-ads-interceptorclassname: org.apache.directory.server.core.authz.AciAuthorizationInterceptor
-ads-interceptorid: aciAuthorizationInterceptor
-ads-enabled: true
-
-dn: ads-interceptorId=authenticationInterceptor,ou=interceptors,ads-directoryServiceId=default,ou=config
-objectclass: top
-objectclass: ads-base
-objectclass: ads-interceptor
-ads-interceptororder: 2
-ads-interceptorclassname: org.apache.directory.server.core.authn.AuthenticationInterceptor
-ads-interceptorid: authenticationInterceptor
-ads-enabled: true
-
-dn: ads-interceptorId=collectiveAttributeInterceptor,ou=interceptors,ads-directoryServiceId=default,ou=config
-objectclass: top
-objectclass: ads-base
-objectclass: ads-interceptor
-ads-interceptororder: 12
-ads-interceptorclassname: org.apache.directory.server.core.collective.CollectiveAttributeInterceptor
-ads-interceptorid: collectiveAttributeInterceptor
-ads-enabled: true
-
-dn: ads-interceptorId=defaultAuthorizationInterceptor,ou=interceptors,ads-directoryServiceId=default,ou=config
-objectclass: top
-objectclass: ads-base
-objectclass: ads-interceptor
-ads-interceptororder: 5
-ads-interceptorclassname: org.apache.directory.server.core.authz.DefaultAuthorizationInterceptor
-ads-interceptorid: defaultAuthorizationInterceptor
-ads-enabled: true
-
-dn: ads-interceptorId=eventInterceptor,ou=interceptors,ads-directoryServiceId=default,ou=config
-objectclass: top
-objectclass: ads-base
-objectclass: ads-interceptor
-ads-interceptororder: 13
-ads-interceptorclassname: org.apache.directory.server.core.event.EventInterceptor
-ads-interceptorid: eventInterceptor
-ads-enabled: true
-
-dn: ads-interceptorId=exceptionInterceptor,ou=interceptors,ads-directoryServiceId=default,ou=config
-objectclass: top
-objectclass: ads-base
-objectclass: ads-interceptor
-ads-interceptororder: 6
-ads-interceptorclassname: org.apache.directory.server.core.exception.ExceptionInterceptor
-ads-interceptorid: exceptionInterceptor
-ads-enabled: true
-
-dn: ads-interceptorId=keyDerivationInterceptor,ou=interceptors,ads-directoryServiceId=default,ou=config
-objectclass: top
-objectclass: ads-base
-objectclass: ads-interceptor
-ads-enabled: false
-ads-interceptororder: 8
-ads-interceptorclassname: org.apache.directory.server.core.kerberos.KeyDerivationInterceptor
-ads-interceptorid: keyDerivationInterceptor
-
-dn: ads-interceptorId=normalizationInterceptor,ou=interceptors,ads-directoryServiceId=default,ou=config
-objectclass: top
-objectclass: ads-base
-objectclass: ads-interceptor
-ads-interceptororder: 1
-ads-interceptorclassname: org.apache.directory.server.core.normalization.NormalizationInterceptor
-ads-interceptorid: normalizationInterceptor
-ads-enabled: true
-
-dn: ads-interceptorId=operationalAttributeInterceptor,ou=interceptors,ads-directoryServiceId=default,ou=config
-objectclass: top
-objectclass: ads-base
-objectclass: ads-interceptor
-ads-interceptororder: 7
-ads-interceptorclassname: org.apache.directory.server.core.operational.OperationalAttributeInterceptor
-ads-interceptorid: operationalAttributeInterceptor
-ads-enabled: true
-
-dn: ads-interceptorId=passwordHashingInterceptor,ou=interceptors,ads-directoryServiceId=default,ou=config
-objectclass: top
-objectclass: ads-base
-objectclass: ads-interceptor
-ads-enabled: true
-ads-interceptororder: 9
-ads-interceptorclassname: org.apache.directory.server.core.hash.SshaPasswordHashingInterceptor
-ads-interceptorid: passwordHashingInterceptor
-
-dn: ads-interceptorId=referralInterceptor,ou=interceptors,ads-directoryServiceId=default,ou=config
-objectclass: top
-objectclass: ads-base
-objectclass: ads-interceptor
-ads-interceptororder: 3
-ads-interceptorclassname: org.apache.directory.server.core.referral.ReferralInterceptor
-ads-interceptorid: referralInterceptor
-ads-enabled: true
-
-dn: ads-interceptorId=schemaInterceptor,ou=interceptors,ads-directoryServiceId=default,ou=config
-objectclass: top
-objectclass: ads-base
-objectclass: ads-interceptor
-ads-interceptororder: 10
-ads-interceptorclassname: org.apache.directory.server.core.schema.SchemaInterceptor
-ads-interceptorid: schemaInterceptor
-ads-enabled: true
-
-dn: ads-interceptorId=subentryInterceptor,ou=interceptors,ads-directoryServiceId=default,ou=config
-objectclass: top
-objectclass: ads-base
-objectclass: ads-interceptor
-ads-interceptororder: 11
-ads-interceptorclassname: org.apache.directory.server.core.subtree.SubentryInterceptor
-ads-interceptorid: subentryInterceptor
-ads-enabled: true
-
-dn: ads-interceptorId=triggerInterceptor,ou=interceptors,ads-directoryServiceId=default,ou=config
-objectclass: top
-objectclass: ads-base
-objectclass: ads-interceptor
-ads-interceptororder: 14
-ads-interceptorclassname: org.apache.directory.server.core.trigger.TriggerInterceptor
-ads-interceptorid: triggerInterceptor
-ads-enabled: true
-
-dn: ads-pwdId=pwdPolicy,ads-directoryServiceId=default,ou=config
-objectClass: top
-objectClass: ads-base
-objectClass: ads-passwordPolicy
-ads-pwdId: pwdPolicy
-ads-pwdSafeModify: FALSE
-ads-pwdMaxAge: 0
-ads-pwdFailureCountInterval: 30
-ads-pwdAttribute: userPassword
-ads-pwdMaxFailure: 5
-ads-pwdLockout: TRUE
-ads-pwdMustChange: FALSE
-ads-pwdLockoutDuration: 0
-ads-pwdMinLength: 5
-ads-pwdInHistory: 5
-ads-pwdExpireWarning: 600
-ads-pwdMinAge: 0
-ads-pwdAllowUserChange: TRUE
-ads-pwdGraceAuthNLimit: 5
-ads-pwdCheckQuality: 2
-ads-enabled: true
-
-dn: ou=partitions,ads-directoryServiceId=default,ou=config
-ou: partitions
-objectclass: organizationalUnit
-objectclass: top
-
-dn: ads-partitionId=system,ou=partitions,ads-directoryServiceId=default,ou=config
-objectclass: top
-objectClass: ads-base
-objectclass: ads-partition
-objectclass: ads-jdbmPartition
-ads-partitionSuffix: ou=system
-ads-jdbmpartitionoptimizerenabled: true
-ads-partitioncachesize: 100
-ads-partitionsynconwrite: true
-ads-partitionid: system
-ads-enabled: true
-ads-contextEntry: dn: ou=system\n
- objectClass: top\n
- objectClass: organizationalUnit\n
- ou: system\n
- description: The System context entry
-
-dn: ou=indexes,ads-partitionId=system,ou=partitions,ads-directoryServiceId=default,ou=config
-ou: indexes
-objectclass: organizationalUnit
-objectclass: top
-
-dn: ads-indexAttributeId=1.3.6.1.4.1.18060.0.4.1.2.1,ou=indexes,ads-partitionId=system,ou=partitions,ads-directoryServiceId=default,ou=config
-ads-indexattributeid: 1.3.6.1.4.1.18060.0.4.1.2.1
-ads-indexcachesize: 100
-objectclass: ads-index
-objectclass: ads-jdbmIndex
-objectclass: top
-ads-enabled: true
-
-dn: ads-indexAttributeId=1.3.6.1.4.1.18060.0.4.1.2.2,ou=indexes,ads-partitionId=system,ou=partitions,ads-directoryServiceId=default,ou=config
-ads-indexattributeid: 1.3.6.1.4.1.18060.0.4.1.2.2
-ads-indexcachesize: 100
-objectclass: ads-index
-objectclass: ads-jdbmIndex
-objectclass: top
-ads-enabled: true
-
-dn: ads-indexAttributeId=1.3.6.1.4.1.18060.0.4.1.2.3,ou=indexes,ads-partitionId=system,ou=partitions,ads-directoryServiceId=default,ou=config
-ads-indexattributeid: 1.3.6.1.4.1.18060.0.4.1.2.3
-ads-indexcachesize: 100
-objectclass: ads-index
-objectclass: ads-jdbmIndex
-objectclass: top
-ads-enabled: true
-
-dn: ads-indexAttributeId=1.3.6.1.4.1.18060.0.4.1.2.4,ou=indexes,ads-partitionId=system,ou=partitions,ads-directoryServiceId=default,ou=config
-ads-indexattributeid: 1.3.6.1.4.1.18060.0.4.1.2.4
-ads-indexcachesize: 100
-objectclass: ads-index
-objectclass: ads-jdbmIndex
-objectclass: top
-ads-enabled: true
-
-dn: ads-indexAttributeId=1.3.6.1.4.1.18060.0.4.1.2.5,ou=indexes,ads-partitionId=system,ou=partitions,ads-directoryServiceId=default,ou=config
-ads-indexattributeid: 1.3.6.1.4.1.18060.0.4.1.2.5
-ads-indexcachesize: 100
-objectclass: ads-index
-objectclass: ads-jdbmIndex
-objectclass: top
-ads-enabled: true
-
-dn: ads-indexAttributeId=1.3.6.1.4.1.18060.0.4.1.2.6,ou=indexes,ads-partitionId=system,ou=partitions,ads-directoryServiceId=default,ou=config
-ads-indexattributeid: 1.3.6.1.4.1.18060.0.4.1.2.6
-ads-indexcachesize: 100
-objectclass: ads-index
-objectclass: ads-jdbmIndex
-objectclass: top
-ads-enabled: true
-
-dn: ads-indexAttributeId=1.3.6.1.4.1.18060.0.4.1.2.7,ou=indexes,ads-partitionId=system,ou=partitions,ads-directoryServiceId=default,ou=config
-ads-indexattributeid: 1.3.6.1.4.1.18060.0.4.1.2.7
-ads-indexcachesize: 100
-objectclass: ads-index
-objectclass: ads-jdbmIndex
-objectclass: top
-ads-enabled: true
-
-dn: ads-indexAttributeId=objectClass,ou=indexes,ads-partitionId=system,ou=partitions,ads-directoryServiceId=default,ou=config
-ads-indexattributeid: objectClass
-ads-indexcachesize: 100
-objectclass: ads-index
-objectclass: ads-jdbmIndex
-objectclass: top
-ads-enabled: true
-
-dn: ads-indexAttributeId=ou,ou=indexes,ads-partitionId=system,ou=partitions,ads-directoryServiceId=default,ou=config
-ads-indexattributeid: ou
-ads-indexcachesize: 100
-objectclass: ads-index
-objectclass: ads-jdbmIndex
-objectclass: top
-ads-enabled: true
-
-dn: ads-indexAttributeId=uid,ou=indexes,ads-partitionId=system,ou=partitions,ads-directoryServiceId=default,ou=config
-ads-indexattributeid: uid
-ads-indexcachesize: 100
-objectclass: ads-index
-objectclass: ads-jdbmIndex
-objectclass: top
-ads-enabled: true
-
-dn: ads-partitionId=example,ou=partitions,ads-directoryServiceId=default,ou=config
-objectclass: top
-objectClass: ads-base
-objectclass: ads-partition
-objectclass: ads-jdbmPartition
-ads-partitionSuffix: dc=example,dc=com
-ads-jdbmpartitionoptimizerenabled: true
-ads-partitioncachesize: 100
-ads-partitionsynconwrite: true
-ads-partitionid: example
-ads-enabled: true
-
-dn: ou=indexes,ads-partitionId=example,ou=partitions,ads-directoryServiceId=default,ou=config
-ou: indexes
-objectclass: organizationalUnit
-objectclass: top
-
-dn: ads-indexAttributeId=1.3.6.1.4.1.18060.0.4.1.2.1,ou=indexes,ads-partitionId=example,ou=partitions,ads-directoryServiceId=default,ou=config
-ads-indexattributeid: 1.3.6.1.4.1.18060.0.4.1.2.1
-ads-indexcachesize: 100
-objectclass: ads-index
-objectclass: ads-jdbmIndex
-objectclass: top
-ads-enabled: true
-
-dn: ads-indexAttributeId=1.3.6.1.4.1.18060.0.4.1.2.2,ou=indexes,ads-partitionId=example,ou=partitions,ads-directoryServiceId=default,ou=config
-ads-indexattributeid: 1.3.6.1.4.1.18060.0.4.1.2.2
-ads-indexcachesize: 100
-objectclass: ads-index
-objectclass: ads-jdbmIndex
-objectclass: top
-ads-enabled: true
-
-dn: ads-indexAttributeId=1.3.6.1.4.1.18060.0.4.1.2.3,ou=indexes,ads-partitionId=example,ou=partitions,ads-directoryServiceId=default,ou=config
-ads-indexattributeid: 1.3.6.1.4.1.18060.0.4.1.2.3
-ads-indexcachesize: 100
-objectclass: ads-index
-objectclass: ads-jdbmIndex
-objectclass: top
-ads-enabled: true
-
-dn: ads-indexAttributeId=1.3.6.1.4.1.18060.0.4.1.2.4,ou=indexes,ads-partitionId=example,ou=partitions,ads-directoryServiceId=default,ou=config
-ads-indexattributeid: 1.3.6.1.4.1.18060.0.4.1.2.4
-ads-indexcachesize: 100
-objectclass: ads-index
-objectclass: ads-jdbmIndex
-objectclass: top
-ads-enabled: true
-
-dn: ads-indexAttributeId=1.3.6.1.4.1.18060.0.4.1.2.5,ou=indexes,ads-partitionId=example,ou=partitions,ads-directoryServiceId=default,ou=config
-ads-indexattributeid: 1.3.6.1.4.1.18060.0.4.1.2.5
-ads-indexcachesize: 100
-objectclass: ads-index
-objectclass: ads-jdbmIndex
-objectclass: top
-ads-enabled: true
-
-dn: ads-indexAttributeId=1.3.6.1.4.1.18060.0.4.1.2.6,ou=indexes,ads-partitionId=example,ou=partitions,ads-directoryServiceId=default,ou=config
-ads-indexattributeid: 1.3.6.1.4.1.18060.0.4.1.2.6
-ads-indexcachesize: 100
-objectclass: ads-index
-objectclass: ads-jdbmIndex
-objectclass: top
-ads-enabled: true
-
-dn: ads-indexAttributeId=1.3.6.1.4.1.18060.0.4.1.2.7,ou=indexes,ads-partitionId=example,ou=partitions,ads-directoryServiceId=default,ou=config
-ads-indexattributeid: 1.3.6.1.4.1.18060.0.4.1.2.7
-ads-indexcachesize: 100
-objectclass: ads-index
-objectclass: ads-jdbmIndex
-objectclass: top
-ads-enabled: true
-
-dn: ads-indexAttributeId=dc,ou=indexes,ads-partitionId=example,ou=partitions,ads-directoryServiceId=default,ou=config
-ads-indexattributeid: dc
-ads-indexcachesize: 100
-objectclass: ads-index
-objectclass: ads-jdbmIndex
-objectclass: top
-ads-enabled: true
-
-dn: ads-indexAttributeId=krb5PrincipalName,ou=indexes,ads-partitionId=example,ou=partitions,ads-directoryServiceId=default,ou=config
-ads-indexattributeid: krb5PrincipalName
-ads-indexcachesize: 100
-objectclass: ads-index
-objectclass: ads-jdbmIndex
-objectclass: top
-ads-enabled: true
-
-dn: ads-indexAttributeId=objectClass,ou=indexes,ads-partitionId=example,ou=partitions,ads-directoryServiceId=default,ou=config
-ads-indexattributeid: objectClass
-ads-indexcachesize: 100
-objectclass: ads-index
-objectclass: ads-jdbmIndex
-objectclass: top
-ads-enabled: true
-
-dn: ads-indexAttributeId=ou,ou=indexes,ads-partitionId=example,ou=partitions,ads-directoryServiceId=default,ou=config
-ads-indexattributeid: ou
-ads-indexcachesize: 100
-objectclass: ads-index
-objectclass: ads-jdbmIndex
-objectclass: top
-ads-enabled: true
-
-dn: ads-indexAttributeId=uid,ou=indexes,ads-partitionId=example,ou=partitions,ads-directoryServiceId=default,ou=config
-ads-indexattributeid: uid
-ads-indexcachesize: 100
-objectclass: ads-index
-objectclass: ads-jdbmIndex
-objectclass: top
-ads-enabled: true
-
-dn: ou=servers,ads-directoryServiceId=default,ou=config
-ou: servers
-objectclass: organizationalUnit
-objectclass: top
-
-dn: ads-serverId=changepasswordserver,ou=servers,ads-directoryServiceId=default,ou=config
-objectclass: ads-server
-objectclass: ads-changePasswordServer
-objectclass: ads-dsBasedServer
-ads-serverid: changepasswordserver
-ads-chgPwdServicePrincipal: kadmin/changepw@EXAMPLE.COM
-ads-enabled: false
-ads-krballowableclockskew: 300000
-ads-krbEmptyAddressesAllowed: true
-ads-krbEncryptionTypes: des-cbc-md5
-ads-krbPrimaryRealm: EXAMPLE.COM
-ads-searchBaseDN: ou=users,dc=example,dc=com
-
-dn: ou=transports,ads-serverId=changepasswordserver,ou=servers,ads-directoryServiceId=default,ou=config
-ou: transports
-objectclass: organizationalUnit
-objectclass: top
-
-dn: ads-transportId=tcp,ou=transports,ads-serverId=changepasswordserver,ou=servers,ads-directoryServiceId=default,ou=config
-ads-systemport: 60464
-ads-transportbacklog: 50
-ads-transportnbthreads: 2
-ads-transportid: tcp
-objectclass: ads-transport
-objectclass: ads-tcpTransport
-objectclass: top
-ads-enabled: true
-
-dn: ads-transportId=udp,ou=transports,ads-serverId=changepasswordserver,ou=servers,ads-directoryServiceId=default,ou=config
-ads-systemport: 60464
-ads-transportbacklog: 50
-ads-transportnbthreads: 2
-ads-transportid: udp
-objectclass: ads-transport
-objectclass: top
-objectclass: ads-udpTransport
-ads-enabled: true
-
-dn: ads-serverId=dns,ou=servers,ads-directoryServiceId=default,ou=config
-ads-serverid: dns
-ads-enabled: false
-objectclass: ads-server
-objectclass: ads-dnsServer
-objectclass: ads-dsBasedServer
-objectclass: top
-
-dn: ou=transports,ads-serverId=dns,ou=servers,ads-directoryServiceId=default,ou=config
-ou: transports
-objectclass: organizationalUnit
-objectclass: top
-
-dn: ads-transportId=tcp,ou=transports,ads-serverId=dns,ou=servers,ads-directoryServiceId=default,ou=config
-ads-systemport: 8053
-ads-transportid: tcp
-objectclass: ads-transport
-objectclass: ads-tcpTransport
-objectclass: top
-ads-enabled: true
-
-dn: ads-transportId=udp,ou=transports,ads-serverId=dns,ou=servers,ads-directoryServiceId=default,ou=config
-ads-systemport: 8053
-ads-transportid: udp
-objectclass: ads-transport
-objectclass: ads-udpTransport
-objectclass: top
-ads-enabled: true
-
-dn: ads-serverId=httpserver,ou=servers,ads-directoryServiceId=default,ou=config
-ads-serverid: httpserver
-ads-enabled: false
-objectclass: ads-server
-objectclass: ads-httpserver
-objectclass: top
-
-dn: ou=transports,ads-serverId=httpserver,ou=servers,ads-directoryServiceId=default,ou=config
-ou: transports
-objectclass: organizationalUnit
-objectclass: top
-
-dn: ads-transportid=http,ou=transports,ads-serverId=httpserver,ou=servers,ads-directoryServiceId=default,ou=config
-objectclass: top
-objectclass: ads-base
-objectclass: ads-transport
-objectclass: ads-tcpTransport
-ads-transportid: http
-ads-systemport: 8080
-ads-transportaddress: 0.0.0.0
-ads-enabled: true
-
-dn: ads-transportid=https,ou=transports,ads-serverId=httpserver,ou=servers,ads-directoryServiceId=default,ou=config
-objectclass: top
-objectclass: ads-base
-objectclass: ads-transport
-objectclass: ads-tcpTransport
-ads-transportid: https
-ads-transportaddress: 0.0.0.0
-ads-systemport: 8443
-ads-enabled: true
-
-dn: ou=httpWebapps,ads-serverId=httpserver,ou=servers,ads-directoryServiceId=default,ou=config
-objectclass: organizationalUnit
-objectclass: top
-ou: httpWebapps
-
-dn: ads-Id=testapp,ou=httpWebapps,ads-serverId=httpserver,ou=servers,ads-directoryServiceId=default,ou=config
-ads-httpwarfile: /path/to/foo/war
-ads-httpappctxpath: /foo
-ads-id: testapp
-objectclass: ads-httpWebApp
-objectclass: top
-ads-enabled: false
-
-dn: ads-serverId=kerberos,ou=servers,ads-directoryServiceId=default,ou=config
-objectclass: ads-server
-objectclass: ads-kdcServer
-objectclass: ads-dsBasedServer
-objectclass: top
-ads-serverid: kerberos
-ads-enabled: false
-ads-krbAllowableClockSkew: 300000
-ads-krbBodyChecksumVerified: true
-ads-krbEmptyAddressesAllowed: true
-ads-krbEncryptionTypes: des-cbc-md5
-ads-krbForwardableAllowed: true
-ads-krbKdcPrincipal: krbtgt/EXAMPLE.COM@EXAMPLE.COM
-ads-krbmaximumrenewablelifetime: 604800000
-ads-krbMaximumTicketLifetime: 86400000
-ads-krbPaEncTimestampRequired: true
-ads-krbPostdatedAllowed: true
-ads-krbPrimaryRealm: EXAMPLE.COM
-ads-krbProxiableAllowed: true
-ads-krbRenewableAllowed: true
-ads-searchBaseDN: ou=users,dc=example,dc=com
-
-dn: ou=transports,ads-serverId=kerberos,ou=servers,ads-directoryServiceId=default,ou=config
-ou: transports
-objectclass: organizationalUnit
-objectclass: top
-
-dn: ads-transportid=tcp,ou=transports,ads-serverId=kerberos,ou=servers,ads-directoryServiceId=default,ou=config
-ads-systemport: 60088
-ads-transportbacklog: 50
-ads-transportnbthreads: 4
-ads-transportaddress: 0.0.0.0
-ads-transportid: tcp
-objectclass: ads-transport
-objectclass: ads-tcpTransport
-objectclass: top
-ads-enabled: true
-
-dn: ads-transportid=udp,ou=transports,ads-serverId=kerberos,ou=servers,ads-directoryServiceId=default,ou=config
-ads-systemport: 60088
-ads-transportbacklog: 50
-ads-transportnbthreads: 4
-ads-transportaddress: 0.0.0.0
-ads-transportid: udp
-objectclass: ads-transport
-objectclass: ads-udpTransport
-objectclass: top
-ads-enabled: true
-
-dn: ads-serverId=ldapServer,ou=servers,ads-directoryServiceId=default,ou=config
-objectclass: ads-server
-objectclass: ads-ldapServer
-objectclass: ads-dsBasedServer
-objectclass: top
-ads-serverId: ldapServer
-ads-confidentialityRequired: false
-ads-maxSizeLimit: 1000
-ads-maxTimeLimit: 15000
-ads-saslHost: ldap.example.com
-ads-saslPrincipal: ldap/ldap.example.com@EXAMPLE.COM
-ads-saslRealms: example.com
-ads-saslRealms: apache.org
-ads-searchBaseDN: ou=users,ou=system
-ads-enabled: true
-ads-enableReplProvider: false
-
-dn: ou=transports,ads-serverId=ldapServer,ou=servers,ads-directoryServiceId=default,ou=config
-ou: transports
-objectclass: organizationalUnit
-objectclass: top
-
-dn: ads-transportid=ldap,ou=transports,ads-serverId=ldapServer,ou=servers,ads-directoryServiceId=default,ou=config
-ads-systemport: 10389
-ads-transportenablessl: false
-ads-transportbacklog: 50
-ads-transportnbthreads: 8
-ads-transportaddress: 0.0.0.0
-ads-transportid: ldap
-objectclass: ads-transport
-objectclass: ads-tcpTransport
-objectclass: top
-ads-enabled: true
-
-dn: ads-transportid=ldaps,ou=transports,ads-serverId=ldapServer,ou=servers,ads-directoryServiceId=default,ou=config
-ads-systemport: 10636
-ads-transportenablessl: true
-ads-transportaddress: 0.0.0.0
-ads-transportid: ldaps
-objectclass: ads-transport
-objectclass: ads-tcpTransport
-objectclass: top
-ads-enabled: true
-
-dn: ou=extendedophandlers,ads-serverId=ldapServer,ou=servers,ads-directoryServiceId=default,ou=config
-ou: extendedophandlers
-objectclass: organizationalUnit
-objectclass: top
-
-dn: ads-extendedOpId=gracefulShutdownHandler,ou=extendedophandlers,ads-serverId=ldapServer,ou=servers,ads-directoryServiceId=default,ou=config
-ads-extendedOpId: gracefulShutdownHandler
-ads-extendedOpHandlerclass: org.apache.directory.server.ldap.handlers.extended.GracefulShutdownHandler
-objectclass: ads-extendedOpHandler
-objectclass: top
-ads-enabled: true
-
-dn: ads-extendedOpId=starttlshandler,ou=extendedophandlers,ads-serverId=ldapServer,ou=servers,ads-directoryServiceId=default,ou=config
-ads-extendedOpId: starttlshandler
-ads-extendedOpHandlerclass: org.apache.directory.server.ldap.handlers.extended.StartTlsHandler
-objectclass: ads-extendedOpHandler
-objectclass: top
-ads-enabled: true
-
-dn: ads-extendedOpId=storedprochandler,ou=extendedophandlers,ads-serverId=ldapServer,ou=servers,ads-directoryServiceId=default,ou=config
-ads-enabled: false
-ads-extendedOpId: storedprochandler
-ads-extendedOpHandlerclass: org.apache.directory.server.ldap.handlers.extended.StoredProcedureExtendedOperationHandler
-objectclass: ads-extendedOpHandler
-objectclass: top
-
-dn: ou=saslmechhandlers,ads-serverId=ldapServer,ou=servers,ads-directoryServiceId=default,ou=config
-ou: saslmechhandlers
-objectclass: organizationalUnit
-objectclass: top
-
-dn: ads-saslMechName=cram-md5,ou=saslmechhandlers,ads-serverId=ldapServer,ou=servers,ads-directoryServiceId=default,ou=config
-ads-saslMechClassName: org.apache.directory.server.ldap.handlers.bind.cramMD5.CramMd5MechanismHandler
-objectclass: ads-saslMechHandler
-objectclass: top
-ads-saslMechName: CRAM-MD5
-ads-enabled: true
-
-dn: ads-saslMechName=digest-md5,ou=saslmechhandlers,ads-serverId=ldapServer,ou=servers,ads-directoryServiceId=default,ou=config
-ads-saslMechClassName: org.apache.directory.server.ldap.handlers.bind.digestMD5.DigestMd5MechanismHandler
-objectclass: ads-saslMechHandler
-objectclass: top
-ads-saslMechName: DIGEST-MD5
-ads-enabled: true
-
-dn: ads-saslMechName=gss-spnego,ou=saslmechhandlers,ads-serverId=ldapServer,ou=servers,ads-directoryServiceId=default,ou=config
-ads-saslMechClassName: org.apache.directory.server.ldap.handlers.bind.ntlm.NtlmMechanismHandler
-objectclass: ads-saslMechHandler
-objectclass: top
-ads-saslMechName: GSS-SPNEGO
-ads-ntlmMechProvider: com.foo.Bar
-ads-enabled: true
-
-dn: ads-saslMechName=gssapi,ou=saslmechhandlers,ads-serverId=ldapServer,ou=servers,ads-directoryServiceId=default,ou=config
-ads-saslMechClassName: org.apache.directory.server.ldap.handlers.bind.gssapi.GssapiMechanismHandler
-objectclass: ads-saslMechHandler
-objectclass: top
-ads-saslMechName: GSSAPI
-ads-enabled: true
-
-dn: ads-saslMechName=ntlm,ou=saslmechhandlers,ads-serverId=ldapServer,ou=servers,ads-directoryServiceId=default,ou=config
-ads-saslMechClassName: org.apache.directory.server.ldap.handlers.bind.ntlm.NtlmMechanismHandler
-objectclass: ads-saslMechHandler
-objectclass: top
-ads-saslMechName: NTLM
-ads-ntlmMechProvider: com.foo.Bar
-ads-enabled: true
-
-dn: ads-saslMechName=simple,ou=saslmechhandlers,ads-serverId=ldapServer,ou=servers,ads-directoryServiceId=default,ou=config
-ads-saslMechClassName: org.apache.directory.server.ldap.handlers.bind.SimpleMechanismHandler
-objectclass: ads-saslMechHandler
-objectclass: top
-ads-saslMechName: SIMPLE
-ads-enabled: true
-
-dn: ads-serverId=ntp,ou=servers,ads-directoryServiceId=default,ou=config
-ads-serverid: ntp
-ads-enabled: false
-objectclass: ads-server
-objectclass: ads-ntpServer
-objectclass: top
-
-dn: ou=transports,ads-serverId=ntp,ou=servers,ads-directoryServiceId=default,ou=config
-ou: transports
-objectclass: organizationalUnit
-objectclass: top
-
-dn: ads-transportId=tcp,ou=transports,ads-serverId=ntp,ou=servers,ads-directoryServiceId=default,ou=config
-ads-systemport: 60123
-ads-transportid: tcp
-objectclass: ads-transport
-objectclass: ads-tcpTransport
-objectclass: top
-ads-enabled: true
-
-dn: ads-transportId=udp,ou=transports,ads-serverId=ntp,ou=servers,ads-directoryServiceId=default,ou=config
-ads-systemport: 60123
-ads-transportnbthreads: 1
-ads-transportid: udp
-objectclass: ads-transport
-objectclass: ads-udpTransport
-objectclass: top
-ads-enabled: true
+version: 1
+dn: ou=config
+ou: config
+objectclass: top
+objectclass: organizationalUnit
+
+dn: ou=replProviders,ou=config
+ou: replProviders
+objectclass: organizationalUnit
+objectclass: top
+
+dn: ads-directoryServiceId=default,ou=config
+objectclass: top
+objectclass: ads-base
+objectclass: ads-directoryService
+ads-directoryserviceid: default
+ads-dsreplicaid: 1
+ads-dssyncperiodmillis: 15000
+ads-dsmaxpdusize: 2000000
+ads-dsallowanonymousaccess: true
+ads-dsaccesscontrolenabled: false
+ads-dsdenormalizeopattrsenabled: false
+ads-servers: changepasswordserver
+ads-servers: dns
+ads-servers: httpserver
+ads-servers: kerberos
+ads-servers: ldapserver
+ads-servers: ntp
+ads-partitions: example
+ads-partitions: system
+ads-interceptors: aciAuthorizationInterceptor
+ads-interceptors: authenticationInterceptor
+ads-interceptors: collectiveAttributeInterceptor
+ads-interceptors: defaultAuthorizationInterceptor
+ads-interceptors: eventInterceptor
+ads-interceptors: exceptionInterceptor
+ads-interceptors: keyDerivationInterceptor
+ads-interceptors: normalizationInterceptor
+ads-interceptors: operationalAttributeInterceptor
+ads-interceptors: passwordHashingInterceptor
+ads-interceptors: referralInterceptor
+ads-interceptors: schemaInterceptor
+ads-interceptors: subentryInterceptor
+ads-interceptors: triggerInterceptor
+ads-enabled: true
+
+dn: ads-changeLogId=defaultChangeLog,ads-directoryServiceId=default,ou=config
+objectclass: top
+objectclass: ads-base
+objectclass: ads-changeLog
+ads-changeLogId: defaultChangeLog
+ads-changeLogExposed: FALSE
+
+
+dn: ads-journalId=defaultJournal,ads-directoryServiceId=default,ou=config
+objectclass: top
+objectclass: ads-base
+objectclass: ads-journal
+ads-journalId: defaultJournal
+ads-journalFileName: Journal.txt
+ads-journalWorkingDir: /
+ads-journalRotation: 2
+
+
+dn: ou=interceptors,ads-directoryServiceId=default,ou=config
+ou: interceptors
+objectclass: organizationalUnit
+objectclass: top
+
+dn: ads-interceptorId=aciAuthorizationInterceptor,ou=interceptors,ads-directoryServiceId=default,ou=config
+objectclass: top
+objectclass: ads-base
+objectclass: ads-interceptor
+ads-interceptororder: 4
+ads-interceptorclassname: org.apache.directory.server.core.authz.AciAuthorizationInterceptor
+ads-interceptorid: aciAuthorizationInterceptor
+ads-enabled: true
+
+dn: ads-interceptorId=authenticationInterceptor,ou=interceptors,ads-directoryServiceId=default,ou=config
+objectclass: top
+objectclass: ads-base
+objectclass: ads-interceptor
+objectclass: ads-authenticationInterceptor
+ads-interceptororder: 2
+ads-interceptorclassname: org.apache.directory.server.core.authn.AuthenticationInterceptor
+ads-interceptorid: authenticationInterceptor
+ads-enabled: true
+
+dn: ou=authenticators,ads-interceptorId=authenticationInterceptor,ou=interceptors,ads-directoryServiceId=default,ou=config
+ou: authenticators
+objectclass: organizationalUnit
+objectclass: top
+
+dn: ads-authenticatorid=anonymousauthenticator,ou=authenticators,ads-interceptorId=authenticationInterceptor,ou=interceptors,ads-directoryServiceId=default,ou=config
+ads-authenticatorid: anonymousauthenticator
+objectClass: ads-authenticator
+objectClass: ads-anonymousAuthenticator
+objectclass: top
+
+dn: ads-authenticatorid=simpleauthenticator,ou=authenticators,ads-interceptorId=authenticationInterceptor,ou=interceptors,ads-directoryServiceId=default,ou=config
+ads-authenticatorid: simpleauthenticator
+objectClass: ads-authenticator
+objectClass: ads-simpleAuthenticator
+objectclass: top
+
+dn: ads-authenticatorid=delegatingauthenticator,ou=authenticators,ads-interceptorId=authenticationInterceptor,ou=interceptors,ads-directoryServiceId=default,ou=config
+ads-authenticatorid: delegatingauthenticator
+ads-delegateHost: nyc.com
+ads-delelegatePort: 389
+objectClass: ads-authenticator
+objectClass: ads-delegatingAuthenticator
+objectclass: top
+
+dn: ads-authenticatorid=strongauthenticator,ou=authenticators,ads-interceptorId=authenticationInterceptor,ou=interceptors,ads-directoryServiceId=default,ou=config
+ads-authenticatorid: strongauthenticator
+objectClass: ads-authenticator
+objectClass: ads-strongAuthenticator
+objectclass: top
+
+dn: ads-interceptorId=collectiveAttributeInterceptor,ou=interceptors,ads-directoryServiceId=default,ou=config
+objectclass: top
+objectclass: ads-base
+objectclass: ads-interceptor
+ads-interceptororder: 12
+ads-interceptorclassname: org.apache.directory.server.core.collective.CollectiveAttributeInterceptor
+ads-interceptorid: collectiveAttributeInterceptor
+ads-enabled: true
+
+dn: ads-interceptorId=defaultAuthorizationInterceptor,ou=interceptors,ads-directoryServiceId=default,ou=config
+objectclass: top
+objectclass: ads-base
+objectclass: ads-interceptor
+ads-interceptororder: 5
+ads-interceptorclassname: org.apache.directory.server.core.authz.DefaultAuthorizationInterceptor
+ads-interceptorid: defaultAuthorizationInterceptor
+ads-enabled: true
+
+dn: ads-interceptorId=eventInterceptor,ou=interceptors,ads-directoryServiceId=default,ou=config
+objectclass: top
+objectclass: ads-base
+objectclass: ads-interceptor
+ads-interceptororder: 13
+ads-interceptorclassname: org.apache.directory.server.core.event.EventInterceptor
+ads-interceptorid: eventInterceptor
+ads-enabled: true
+
+dn: ads-interceptorId=exceptionInterceptor,ou=interceptors,ads-directoryServiceId=default,ou=config
+objectclass: top
+objectclass: ads-base
+objectclass: ads-interceptor
+ads-interceptororder: 6
+ads-interceptorclassname: org.apache.directory.server.core.exception.ExceptionInterceptor
+ads-interceptorid: exceptionInterceptor
+ads-enabled: true
+
+dn: ads-interceptorId=keyDerivationInterceptor,ou=interceptors,ads-directoryServiceId=default,ou=config
+objectclass: top
+objectclass: ads-base
+objectclass: ads-interceptor
+ads-enabled: false
+ads-interceptororder: 8
+ads-interceptorclassname: org.apache.directory.server.core.kerberos.KeyDerivationInterceptor
+ads-interceptorid: keyDerivationInterceptor
+
+dn: ads-interceptorId=normalizationInterceptor,ou=interceptors,ads-directoryServiceId=default,ou=config
+objectclass: top
+objectclass: ads-base
+objectclass: ads-interceptor
+ads-interceptororder: 1
+ads-interceptorclassname: org.apache.directory.server.core.normalization.NormalizationInterceptor
+ads-interceptorid: normalizationInterceptor
+ads-enabled: true
+
+dn: ads-interceptorId=operationalAttributeInterceptor,ou=interceptors,ads-directoryServiceId=default,ou=config
+objectclass: top
+objectclass: ads-base
+objectclass: ads-interceptor
+ads-interceptororder: 7
+ads-interceptorclassname: org.apache.directory.server.core.operational.OperationalAttributeInterceptor
+ads-interceptorid: operationalAttributeInterceptor
+ads-enabled: true
+
+dn: ads-interceptorId=passwordHashingInterceptor,ou=interceptors,ads-directoryServiceId=default,ou=config
+objectclass: top
+objectclass: ads-base
+objectclass: ads-interceptor
+ads-enabled: true
+ads-interceptororder: 9
+ads-interceptorclassname: org.apache.directory.server.core.hash.SshaPasswordHashingInterceptor
+ads-interceptorid: passwordHashingInterceptor
+
+dn: ads-interceptorId=referralInterceptor,ou=interceptors,ads-directoryServiceId=default,ou=config
+objectclass: top
+objectclass: ads-base
+objectclass: ads-interceptor
+ads-interceptororder: 3
+ads-interceptorclassname: org.apache.directory.server.core.referral.ReferralInterceptor
+ads-interceptorid: referralInterceptor
+ads-enabled: true
+
+dn: ads-interceptorId=schemaInterceptor,ou=interceptors,ads-directoryServiceId=default,ou=config
+objectclass: top
+objectclass: ads-base
+objectclass: ads-interceptor
+ads-interceptororder: 10
+ads-interceptorclassname: org.apache.directory.server.core.schema.SchemaInterceptor
+ads-interceptorid: schemaInterceptor
+ads-enabled: true
+
+dn: ads-interceptorId=subentryInterceptor,ou=interceptors,ads-directoryServiceId=default,ou=config
+objectclass: top
+objectclass: ads-base
+objectclass: ads-interceptor
+ads-interceptororder: 11
+ads-interceptorclassname: org.apache.directory.server.core.subtree.SubentryInterceptor
+ads-interceptorid: subentryInterceptor
+ads-enabled: true
+
+dn: ads-interceptorId=triggerInterceptor,ou=interceptors,ads-directoryServiceId=default,ou=config
+objectclass: top
+objectclass: ads-base
+objectclass: ads-interceptor
+ads-interceptororder: 14
+ads-interceptorclassname: org.apache.directory.server.core.trigger.TriggerInterceptor
+ads-interceptorid: triggerInterceptor
+ads-enabled: true
+
+dn: ads-pwdId=pwdPolicy,ads-directoryServiceId=default,ou=config
+objectClass: top
+objectClass: ads-base
+objectClass: ads-passwordPolicy
+ads-pwdId: pwdPolicy
+ads-pwdSafeModify: FALSE
+ads-pwdMaxAge: 0
+ads-pwdFailureCountInterval: 30
+ads-pwdAttribute: userPassword
+ads-pwdMaxFailure: 5
+ads-pwdLockout: TRUE
+ads-pwdMustChange: FALSE
+ads-pwdLockoutDuration: 0
+ads-pwdMinLength: 5
+ads-pwdInHistory: 5
+ads-pwdExpireWarning: 600
+ads-pwdMinAge: 0
+ads-pwdAllowUserChange: TRUE
+ads-pwdGraceAuthNLimit: 5
+ads-pwdCheckQuality: 2
+ads-enabled: true
+
+dn: ou=partitions,ads-directoryServiceId=default,ou=config
+ou: partitions
+objectclass: organizationalUnit
+objectclass: top
+
+dn: ads-partitionId=system,ou=partitions,ads-directoryServiceId=default,ou=config
+objectclass: top
+objectClass: ads-base
+objectclass: ads-partition
+objectclass: ads-jdbmPartition
+ads-partitionSuffix: ou=system
+ads-jdbmpartitionoptimizerenabled: true
+ads-partitioncachesize: 100
+ads-partitionsynconwrite: true
+ads-partitionid: system
+ads-enabled: true
+ads-contextEntry: dn: ou=system\n
+ objectClass: top\n
+ objectClass: organizationalUnit\n
+ ou: system\n
+ description: The System context entry
+
+dn: ou=indexes,ads-partitionId=system,ou=partitions,ads-directoryServiceId=default,ou=config
+ou: indexes
+objectclass: organizationalUnit
+objectclass: top
+
+dn: ads-indexAttributeId=1.3.6.1.4.1.18060.0.4.1.2.1,ou=indexes,ads-partitionId=system,ou=partitions,ads-directoryServiceId=default,ou=config
+ads-indexattributeid: 1.3.6.1.4.1.18060.0.4.1.2.1
+ads-indexcachesize: 100
+objectclass: ads-index
+objectclass: ads-jdbmIndex
+objectclass: top
+ads-enabled: true
+
+dn: ads-indexAttributeId=1.3.6.1.4.1.18060.0.4.1.2.2,ou=indexes,ads-partitionId=system,ou=partitions,ads-directoryServiceId=default,ou=config
+ads-indexattributeid: 1.3.6.1.4.1.18060.0.4.1.2.2
+ads-indexcachesize: 100
+objectclass: ads-index
+objectclass: ads-jdbmIndex
+objectclass: top
+ads-enabled: true
+
+dn: ads-indexAttributeId=1.3.6.1.4.1.18060.0.4.1.2.3,ou=indexes,ads-partitionId=system,ou=partitions,ads-directoryServiceId=default,ou=config
+ads-indexattributeid: 1.3.6.1.4.1.18060.0.4.1.2.3
+ads-indexcachesize: 100
+objectclass: ads-index
+objectclass: ads-jdbmIndex
+objectclass: top
+ads-enabled: true
+
+dn: ads-indexAttributeId=1.3.6.1.4.1.18060.0.4.1.2.4,ou=indexes,ads-partitionId=system,ou=partitions,ads-directoryServiceId=default,ou=config
+ads-indexattributeid: 1.3.6.1.4.1.18060.0.4.1.2.4
+ads-indexcachesize: 100
+objectclass: ads-index
+objectclass: ads-jdbmIndex
+objectclass: top
+ads-enabled: true
+
+dn: ads-indexAttributeId=1.3.6.1.4.1.18060.0.4.1.2.5,ou=indexes,ads-partitionId=system,ou=partitions,ads-directoryServiceId=default,ou=config
+ads-indexattributeid: 1.3.6.1.4.1.18060.0.4.1.2.5
+ads-indexcachesize: 100
+objectclass: ads-index
+objectclass: ads-jdbmIndex
+objectclass: top
+ads-enabled: true
+
+dn: ads-indexAttributeId=1.3.6.1.4.1.18060.0.4.1.2.6,ou=indexes,ads-partitionId=system,ou=partitions,ads-directoryServiceId=default,ou=config
+ads-indexattributeid: 1.3.6.1.4.1.18060.0.4.1.2.6
+ads-indexcachesize: 100
+objectclass: ads-index
+objectclass: ads-jdbmIndex
+objectclass: top
+ads-enabled: true
+
+dn: ads-indexAttributeId=1.3.6.1.4.1.18060.0.4.1.2.7,ou=indexes,ads-partitionId=system,ou=partitions,ads-directoryServiceId=default,ou=config
+ads-indexattributeid: 1.3.6.1.4.1.18060.0.4.1.2.7
+ads-indexcachesize: 100
+objectclass: ads-index
+objectclass: ads-jdbmIndex
+objectclass: top
+ads-enabled: true
+
+dn: ads-indexAttributeId=objectClass,ou=indexes,ads-partitionId=system,ou=partitions,ads-directoryServiceId=default,ou=config
+ads-indexattributeid: objectClass
+ads-indexcachesize: 100
+objectclass: ads-index
+objectclass: ads-jdbmIndex
+objectclass: top
+ads-enabled: true
+
+dn: ads-indexAttributeId=ou,ou=indexes,ads-partitionId=system,ou=partitions,ads-directoryServiceId=default,ou=config
+ads-indexattributeid: ou
+ads-indexcachesize: 100
+objectclass: ads-index
+objectclass: ads-jdbmIndex
+objectclass: top
+ads-enabled: true
+
+dn: ads-indexAttributeId=uid,ou=indexes,ads-partitionId=system,ou=partitions,ads-directoryServiceId=default,ou=config
+ads-indexattributeid: uid
+ads-indexcachesize: 100
+objectclass: ads-index
+objectclass: ads-jdbmIndex
+objectclass: top
+ads-enabled: true
+
+dn: ads-partitionId=example,ou=partitions,ads-directoryServiceId=default,ou=config
+objectclass: top
+objectClass: ads-base
+objectclass: ads-partition
+objectclass: ads-jdbmPartition
+ads-partitionSuffix: dc=example,dc=com
+ads-jdbmpartitionoptimizerenabled: true
+ads-partitioncachesize: 100
+ads-partitionsynconwrite: true
+ads-partitionid: example
+ads-enabled: true
+
+dn: ou=indexes,ads-partitionId=example,ou=partitions,ads-directoryServiceId=default,ou=config
+ou: indexes
+objectclass: organizationalUnit
+objectclass: top
+
+dn: ads-indexAttributeId=1.3.6.1.4.1.18060.0.4.1.2.1,ou=indexes,ads-partitionId=example,ou=partitions,ads-directoryServiceId=default,ou=config
+ads-indexattributeid: 1.3.6.1.4.1.18060.0.4.1.2.1
+ads-indexcachesize: 100
+objectclass: ads-index
+objectclass: ads-jdbmIndex
+objectclass: top
+ads-enabled: true
+
+dn: ads-indexAttributeId=1.3.6.1.4.1.18060.0.4.1.2.2,ou=indexes,ads-partitionId=example,ou=partitions,ads-directoryServiceId=default,ou=config
+ads-indexattributeid: 1.3.6.1.4.1.18060.0.4.1.2.2
+ads-indexcachesize: 100
+objectclass: ads-index
+objectclass: ads-jdbmIndex
+objectclass: top
+ads-enabled: true
+
+dn: ads-indexAttributeId=1.3.6.1.4.1.18060.0.4.1.2.3,ou=indexes,ads-partitionId=example,ou=partitions,ads-directoryServiceId=default,ou=config
+ads-indexattributeid: 1.3.6.1.4.1.18060.0.4.1.2.3
+ads-indexcachesize: 100
+objectclass: ads-index
+objectclass: ads-jdbmIndex
+objectclass: top
+ads-enabled: true
+
+dn: ads-indexAttributeId=1.3.6.1.4.1.18060.0.4.1.2.4,ou=indexes,ads-partitionId=example,ou=partitions,ads-directoryServiceId=default,ou=config
+ads-indexattributeid: 1.3.6.1.4.1.18060.0.4.1.2.4
+ads-indexcachesize: 100
+objectclass: ads-index
+objectclass: ads-jdbmIndex
+objectclass: top
+ads-enabled: true
+
+dn: ads-indexAttributeId=1.3.6.1.4.1.18060.0.4.1.2.5,ou=indexes,ads-partitionId=example,ou=partitions,ads-directoryServiceId=default,ou=config
+ads-indexattributeid: 1.3.6.1.4.1.18060.0.4.1.2.5
+ads-indexcachesize: 100
+objectclass: ads-index
+objectclass: ads-jdbmIndex
+objectclass: top
+ads-enabled: true
+
+dn: ads-indexAttributeId=1.3.6.1.4.1.18060.0.4.1.2.6,ou=indexes,ads-partitionId=example,ou=partitions,ads-directoryServiceId=default,ou=config
+ads-indexattributeid: 1.3.6.1.4.1.18060.0.4.1.2.6
+ads-indexcachesize: 100
+objectclass: ads-index
+objectclass: ads-jdbmIndex
+objectclass: top
+ads-enabled: true
+
+dn: ads-indexAttributeId=1.3.6.1.4.1.18060.0.4.1.2.7,ou=indexes,ads-partitionId=example,ou=partitions,ads-directoryServiceId=default,ou=config
+ads-indexattributeid: 1.3.6.1.4.1.18060.0.4.1.2.7
+ads-indexcachesize: 100
+objectclass: ads-index
+objectclass: ads-jdbmIndex
+objectclass: top
+ads-enabled: true
+
+dn: ads-indexAttributeId=dc,ou=indexes,ads-partitionId=example,ou=partitions,ads-directoryServiceId=default,ou=config
+ads-indexattributeid: dc
+ads-indexcachesize: 100
+objectclass: ads-index
+objectclass: ads-jdbmIndex
+objectclass: top
+ads-enabled: true
+
+dn: ads-indexAttributeId=krb5PrincipalName,ou=indexes,ads-partitionId=example,ou=partitions,ads-directoryServiceId=default,ou=config
+ads-indexattributeid: krb5PrincipalName
+ads-indexcachesize: 100
+objectclass: ads-index
+objectclass: ads-jdbmIndex
+objectclass: top
+ads-enabled: true
+
+dn: ads-indexAttributeId=objectClass,ou=indexes,ads-partitionId=example,ou=partitions,ads-directoryServiceId=default,ou=config
+ads-indexattributeid: objectClass
+ads-indexcachesize: 100
+objectclass: ads-index
+objectclass: ads-jdbmIndex
+objectclass: top
+ads-enabled: true
+
+dn: ads-indexAttributeId=ou,ou=indexes,ads-partitionId=example,ou=partitions,ads-directoryServiceId=default,ou=config
+ads-indexattributeid: ou
+ads-indexcachesize: 100
+objectclass: ads-index
+objectclass: ads-jdbmIndex
+objectclass: top
+ads-enabled: true
+
+dn: ads-indexAttributeId=uid,ou=indexes,ads-partitionId=example,ou=partitions,ads-directoryServiceId=default,ou=config
+ads-indexattributeid: uid
+ads-indexcachesize: 100
+objectclass: ads-index
+objectclass: ads-jdbmIndex
+objectclass: top
+ads-enabled: true
+
+dn: ou=servers,ads-directoryServiceId=default,ou=config
+ou: servers
+objectclass: organizationalUnit
+objectclass: top
+
+dn: ads-serverId=changepasswordserver,ou=servers,ads-directoryServiceId=default,ou=config
+objectclass: ads-server
+objectclass: ads-changePasswordServer
+objectclass: ads-dsBasedServer
+ads-serverid: changepasswordserver
+ads-chgPwdServicePrincipal: kadmin/changepw@EXAMPLE.COM
+ads-enabled: false
+ads-krballowableclockskew: 300000
+ads-krbEmptyAddressesAllowed: true
+ads-krbEncryptionTypes: des-cbc-md5
+ads-krbPrimaryRealm: EXAMPLE.COM
+ads-searchBaseDN: ou=users,dc=example,dc=com
+
+dn: ou=transports,ads-serverId=changepasswordserver,ou=servers,ads-directoryServiceId=default,ou=config
+ou: transports
+objectclass: organizationalUnit
+objectclass: top
+
+dn: ads-transportId=tcp,ou=transports,ads-serverId=changepasswordserver,ou=servers,ads-directoryServiceId=default,ou=config
+ads-systemport: 60464
+ads-transportbacklog: 50
+ads-transportnbthreads: 2
+ads-transportid: tcp
+objectclass: ads-transport
+objectclass: ads-tcpTransport
+objectclass: top
+ads-enabled: true
+
+dn: ads-transportId=udp,ou=transports,ads-serverId=changepasswordserver,ou=servers,ads-directoryServiceId=default,ou=config
+ads-systemport: 60464
+ads-transportbacklog: 50
+ads-transportnbthreads: 2
+ads-transportid: udp
+objectclass: ads-transport
+objectclass: top
+objectclass: ads-udpTransport
+ads-enabled: true
+
+dn: ads-serverId=dns,ou=servers,ads-directoryServiceId=default,ou=config
+ads-serverid: dns
+ads-enabled: false
+objectclass: ads-server
+objectclass: ads-dnsServer
+objectclass: ads-dsBasedServer
+objectclass: top
+
+dn: ou=transports,ads-serverId=dns,ou=servers,ads-directoryServiceId=default,ou=config
+ou: transports
+objectclass: organizationalUnit
+objectclass: top
+
+dn: ads-transportId=tcp,ou=transports,ads-serverId=dns,ou=servers,ads-directoryServiceId=default,ou=config
+ads-systemport: 8053
+ads-transportid: tcp
+objectclass: ads-transport
+objectclass: ads-tcpTransport
+objectclass: top
+ads-enabled: true
+
+dn: ads-transportId=udp,ou=transports,ads-serverId=dns,ou=servers,ads-directoryServiceId=default,ou=config
+ads-systemport: 8053
+ads-transportid: udp
+objectclass: ads-transport
+objectclass: ads-udpTransport
+objectclass: top
+ads-enabled: true
+
+dn: ads-serverId=httpserver,ou=servers,ads-directoryServiceId=default,ou=config
+ads-serverid: httpserver
+ads-enabled: false
+objectclass: ads-server
+objectclass: ads-httpserver
+objectclass: top
+
+dn: ou=transports,ads-serverId=httpserver,ou=servers,ads-directoryServiceId=default,ou=config
+ou: transports
+objectclass: organizationalUnit
+objectclass: top
+
+dn: ads-transportid=http,ou=transports,ads-serverId=httpserver,ou=servers,ads-directoryServiceId=default,ou=config
+objectclass: top
+objectclass: ads-base
+objectclass: ads-transport
+objectclass: ads-tcpTransport
+ads-transportid: http
+ads-systemport: 8080
+ads-transportaddress: 0.0.0.0
+ads-enabled: true
+
+dn: ads-transportid=https,ou=transports,ads-serverId=httpserver,ou=servers,ads-directoryServiceId=default,ou=config
+objectclass: top
+objectclass: ads-base
+objectclass: ads-transport
+objectclass: ads-tcpTransport
+ads-transportid: https
+ads-transportaddress: 0.0.0.0
+ads-systemport: 8443
+ads-enabled: true
+
+dn: ou=httpWebapps,ads-serverId=httpserver,ou=servers,ads-directoryServiceId=default,ou=config
+objectclass: organizationalUnit
+objectclass: top
+ou: httpWebapps
+
+dn: ads-Id=testapp,ou=httpWebapps,ads-serverId=httpserver,ou=servers,ads-directoryServiceId=default,ou=config
+ads-httpwarfile: /path/to/foo/war
+ads-httpappctxpath: /foo
+ads-id: testapp
+objectclass: ads-httpWebApp
+objectclass: top
+ads-enabled: false
+
+dn: ads-serverId=kerberos,ou=servers,ads-directoryServiceId=default,ou=config
+objectclass: ads-server
+objectclass: ads-kdcServer
+objectclass: ads-dsBasedServer
+objectclass: top
+ads-serverid: kerberos
+ads-enabled: false
+ads-krbAllowableClockSkew: 300000
+ads-krbBodyChecksumVerified: true
+ads-krbEmptyAddressesAllowed: true
+ads-krbEncryptionTypes: des-cbc-md5
+ads-krbForwardableAllowed: true
+ads-krbKdcPrincipal: krbtgt/EXAMPLE.COM@EXAMPLE.COM
+ads-krbmaximumrenewablelifetime: 604800000
+ads-krbMaximumTicketLifetime: 86400000
+ads-krbPaEncTimestampRequired: true
+ads-krbPostdatedAllowed: true
+ads-krbPrimaryRealm: EXAMPLE.COM
+ads-krbProxiableAllowed: true
+ads-krbRenewableAllowed: true
+ads-searchBaseDN: ou=users,dc=example,dc=com
+
+dn: ou=transports,ads-serverId=kerberos,ou=servers,ads-directoryServiceId=default,ou=config
+ou: transports
+objectclass: organizationalUnit
+objectclass: top
+
+dn: ads-transportid=tcp,ou=transports,ads-serverId=kerberos,ou=servers,ads-directoryServiceId=default,ou=config
+ads-systemport: 60088
+ads-transportbacklog: 50
+ads-transportnbthreads: 4
+ads-transportaddress: 0.0.0.0
+ads-transportid: tcp
+objectclass: ads-transport
+objectclass: ads-tcpTransport
+objectclass: top
+ads-enabled: true
+
+dn: ads-transportid=udp,ou=transports,ads-serverId=kerberos,ou=servers,ads-directoryServiceId=default,ou=config
+ads-systemport: 60088
+ads-transportbacklog: 50
+ads-transportnbthreads: 4
+ads-transportaddress: 0.0.0.0
+ads-transportid: udp
+objectclass: ads-transport
+objectclass: ads-udpTransport
+objectclass: top
+ads-enabled: true
+
+dn: ads-serverId=ldapServer,ou=servers,ads-directoryServiceId=default,ou=config
+objectclass: ads-server
+objectclass: ads-ldapServer
+objectclass: ads-dsBasedServer
+objectclass: top
+ads-serverId: ldapServer
+ads-confidentialityRequired: false
+ads-maxSizeLimit: 1000
+ads-maxTimeLimit: 15000
+ads-saslHost: ldap.example.com
+ads-saslPrincipal: ldap/ldap.example.com@EXAMPLE.COM
+ads-saslRealms: example.com
+ads-saslRealms: apache.org
+ads-searchBaseDN: ou=users,ou=system
+ads-enabled: true
+ads-enableReplProvider: false
+
+dn: ou=transports,ads-serverId=ldapServer,ou=servers,ads-directoryServiceId=default,ou=config
+ou: transports
+objectclass: organizationalUnit
+objectclass: top
+
+dn: ads-transportid=ldap,ou=transports,ads-serverId=ldapServer,ou=servers,ads-directoryServiceId=default,ou=config
+ads-systemport: 10389
+ads-transportenablessl: false
+ads-transportbacklog: 50
+ads-transportnbthreads: 8
+ads-transportaddress: 0.0.0.0
+ads-transportid: ldap
+objectclass: ads-transport
+objectclass: ads-tcpTransport
+objectclass: top
+ads-enabled: true
+
+dn: ads-transportid=ldaps,ou=transports,ads-serverId=ldapServer,ou=servers,ads-directoryServiceId=default,ou=config
+ads-systemport: 10636
+ads-transportenablessl: true
+ads-transportaddress: 0.0.0.0
+ads-transportid: ldaps
+objectclass: ads-transport
+objectclass: ads-tcpTransport
+objectclass: top
+ads-enabled: true
+
+dn: ou=extendedophandlers,ads-serverId=ldapServer,ou=servers,ads-directoryServiceId=default,ou=config
+ou: extendedophandlers
+objectclass: organizationalUnit
+objectclass: top
+
+dn: ads-extendedOpId=gracefulShutdownHandler,ou=extendedophandlers,ads-serverId=ldapServer,ou=servers,ads-directoryServiceId=default,ou=config
+ads-extendedOpId: gracefulShutdownHandler
+ads-extendedOpHandlerclass: org.apache.directory.server.ldap.handlers.extended.GracefulShutdownHandler
+objectclass: ads-extendedOpHandler
+objectclass: top
+ads-enabled: true
+
+dn: ads-extendedOpId=starttlshandler,ou=extendedophandlers,ads-serverId=ldapServer,ou=servers,ads-directoryServiceId=default,ou=config
+ads-extendedOpId: starttlshandler
+ads-extendedOpHandlerclass: org.apache.directory.server.ldap.handlers.extended.StartTlsHandler
+objectclass: ads-extendedOpHandler
+objectclass: top
+ads-enabled: true
+
+dn: ads-extendedOpId=storedprochandler,ou=extendedophandlers,ads-serverId=ldapServer,ou=servers,ads-directoryServiceId=default,ou=config
+ads-enabled: false
+ads-extendedOpId: storedprochandler
+ads-extendedOpHandlerclass: org.apache.directory.server.ldap.handlers.extended.StoredProcedureExtendedOperationHandler
+objectclass: ads-extendedOpHandler
+objectclass: top
+
+dn: ou=saslmechhandlers,ads-serverId=ldapServer,ou=servers,ads-directoryServiceId=default,ou=config
+ou: saslmechhandlers
+objectclass: organizationalUnit
+objectclass: top
+
+dn: ads-saslMechName=cram-md5,ou=saslmechhandlers,ads-serverId=ldapServer,ou=servers,ads-directoryServiceId=default,ou=config
+ads-saslMechClassName: org.apache.directory.server.ldap.handlers.bind.cramMD5.CramMd5MechanismHandler
+objectclass: ads-saslMechHandler
+objectclass: top
+ads-saslMechName: CRAM-MD5
+ads-enabled: true
+
+dn: ads-saslMechName=digest-md5,ou=saslmechhandlers,ads-serverId=ldapServer,ou=servers,ads-directoryServiceId=default,ou=config
+ads-saslMechClassName: org.apache.directory.server.ldap.handlers.bind.digestMD5.DigestMd5MechanismHandler
+objectclass: ads-saslMechHandler
+objectclass: top
+ads-saslMechName: DIGEST-MD5
+ads-enabled: true
+
+dn: ads-saslMechName=gss-spnego,ou=saslmechhandlers,ads-serverId=ldapServer,ou=servers,ads-directoryServiceId=default,ou=config
+ads-saslMechClassName: org.apache.directory.server.ldap.handlers.bind.ntlm.NtlmMechanismHandler
+objectclass: ads-saslMechHandler
+objectclass: top
+ads-saslMechName: GSS-SPNEGO
+ads-ntlmMechProvider: com.foo.Bar
+ads-enabled: true
+
+dn: ads-saslMechName=gssapi,ou=saslmechhandlers,ads-serverId=ldapServer,ou=servers,ads-directoryServiceId=default,ou=config
+ads-saslMechClassName: org.apache.directory.server.ldap.handlers.bind.gssapi.GssapiMechanismHandler
+objectclass: ads-saslMechHandler
+objectclass: top
+ads-saslMechName: GSSAPI
+ads-enabled: true
+
+dn: ads-saslMechName=ntlm,ou=saslmechhandlers,ads-serverId=ldapServer,ou=servers,ads-directoryServiceId=default,ou=config
+ads-saslMechClassName: org.apache.directory.server.ldap.handlers.bind.ntlm.NtlmMechanismHandler
+objectclass: ads-saslMechHandler
+objectclass: top
+ads-saslMechName: NTLM
+ads-ntlmMechProvider: com.foo.Bar
+ads-enabled: true
+
+dn: ads-saslMechName=simple,ou=saslmechhandlers,ads-serverId=ldapServer,ou=servers,ads-directoryServiceId=default,ou=config
+ads-saslMechClassName: org.apache.directory.server.ldap.handlers.bind.SimpleMechanismHandler
+objectclass: ads-saslMechHandler
+objectclass: top
+ads-saslMechName: SIMPLE
+ads-enabled: true
+
+dn: ads-serverId=ntp,ou=servers,ads-directoryServiceId=default,ou=config
+ads-serverid: ntp
+ads-enabled: false
+objectclass: ads-server
+objectclass: ads-ntpServer
+objectclass: top
+
+dn: ou=transports,ads-serverId=ntp,ou=servers,ads-directoryServiceId=default,ou=config
+ou: transports
+objectclass: organizationalUnit
+objectclass: top
+
+dn: ads-transportId=tcp,ou=transports,ads-serverId=ntp,ou=servers,ads-directoryServiceId=default,ou=config
+ads-systemport: 60123
+ads-transportid: tcp
+objectclass: ads-transport
+objectclass: ads-tcpTransport
+objectclass: top
+ads-enabled: true
+
+dn: ads-transportId=udp,ou=transports,ads-serverId=ntp,ou=servers,ads-directoryServiceId=default,ou=config
+ads-systemport: 60123
+ads-transportnbthreads: 1
+ads-transportid: udp
+objectclass: ads-transport
+objectclass: ads-udpTransport
+objectclass: top
+ads-enabled: true
Modified: directory/apacheds/branches/antoine/service-builder/src/main/java/org/apache/directory/server/config/ServiceBuilder.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/antoine/service-builder/src/main/java/org/apache/directory/server/config/ServiceBuilder.java?rev=1039567&r1=1039566&r2=1039567&view=diff
==============================================================================
--- directory/apacheds/branches/antoine/service-builder/src/main/java/org/apache/directory/server/config/ServiceBuilder.java (original)
+++ directory/apacheds/branches/antoine/service-builder/src/main/java/org/apache/directory/server/config/ServiceBuilder.java Fri Nov 26 21:37:20 2010
@@ -33,8 +33,12 @@ import java.util.Set;
import java.util.TreeSet;
import org.apache.directory.server.changepw.ChangePasswordServer;
+import org.apache.directory.server.config.beans.AnonymousAuthenticatorBean;
+import org.apache.directory.server.config.beans.AuthenticationInterceptorBean;
+import org.apache.directory.server.config.beans.AuthenticatorBean;
import org.apache.directory.server.config.beans.ChangeLogBean;
import org.apache.directory.server.config.beans.ChangePasswordServerBean;
+import org.apache.directory.server.config.beans.DelegatingAuthenticatorBean;
import org.apache.directory.server.config.beans.DirectoryServiceBean;
import org.apache.directory.server.config.beans.ExtendedOpHandlerBean;
import org.apache.directory.server.config.beans.HttpServerBean;
@@ -50,6 +54,8 @@ import org.apache.directory.server.confi
import org.apache.directory.server.config.beans.PartitionBean;
import org.apache.directory.server.config.beans.PasswordPolicyBean;
import org.apache.directory.server.config.beans.SaslMechHandlerBean;
+import org.apache.directory.server.config.beans.SimpleAuthenticatorBean;
+import org.apache.directory.server.config.beans.StrongAuthenticatorBean;
import org.apache.directory.server.config.beans.TcpTransportBean;
import org.apache.directory.server.config.beans.TransportBean;
import org.apache.directory.server.config.beans.UdpTransportBean;
@@ -58,6 +64,12 @@ import org.apache.directory.server.core.
import org.apache.directory.server.core.InstanceLayout;
import org.apache.directory.server.core.PasswordPolicyConfiguration;
import org.apache.directory.server.core.PpolicyConfigContainer;
+import org.apache.directory.server.core.authn.AnonymousAuthenticator;
+import org.apache.directory.server.core.authn.AuthenticationInterceptor;
+import org.apache.directory.server.core.authn.Authenticator;
+import org.apache.directory.server.core.authn.DelegatingAuthenticator;
+import org.apache.directory.server.core.authn.SimpleAuthenticator;
+import org.apache.directory.server.core.authn.StrongAuthenticator;
import org.apache.directory.server.core.changelog.ChangeLog;
import org.apache.directory.server.core.changelog.DefaultChangeLog;
import org.apache.directory.server.core.interceptor.Interceptor;
@@ -150,6 +162,12 @@ public class ServiceBuilder
{
LOG.debug( "loading the interceptor class {} and instantiating", interceptorBean.getInterceptorClassName() );
Interceptor interceptor = ( Interceptor ) Class.forName( interceptorBean.getInterceptorClassName() ).newInstance();
+ if (interceptorBean instanceof AuthenticationInterceptorBean) {
+ // Transports
+ Authenticator[] authenticators = createAuthenticators( ((AuthenticationInterceptorBean)interceptorBean).getAuthenticators() );
+ ((AuthenticationInterceptor) interceptor).setAuthenticators( authenticators );
+
+ }
interceptors.add( interceptor );
}
catch ( Exception e )
@@ -388,7 +406,37 @@ public class ServiceBuilder
return handler;
}
-
+ /**
+ * Creates a Authenticator from the configuration
+ *
+ * @param authenticatorBean The created instance of authenticator
+ * @return An instance of authenticator
+ */
+ public static Authenticator createAuthenticator(
+ AuthenticatorBean authenticatorBean )
+ {
+ Authenticator authenticator = null;
+ if (authenticatorBean instanceof SimpleAuthenticatorBean)
+ {
+ authenticator = new SimpleAuthenticator();
+ }
+ else if (authenticatorBean instanceof AnonymousAuthenticatorBean)
+ {
+ authenticator = new AnonymousAuthenticator();
+ }
+ else if (authenticatorBean instanceof StrongAuthenticatorBean)
+ {
+ authenticator = new StrongAuthenticator();
+ }
+ else if (authenticatorBean instanceof DelegatingAuthenticatorBean)
+ {
+ authenticator = new DelegatingAuthenticator();
+ ((DelegatingAuthenticator)authenticator).setDelegateHost( ((DelegatingAuthenticatorBean) authenticatorBean).getDelegateHost() );
+ ((DelegatingAuthenticator)authenticator).setDelegatePort( ((DelegatingAuthenticatorBean) authenticatorBean).getDelegatePort() );
+ }
+ return authenticator;
+ }
+
/**
* Creates a Transport from the configuration
*
@@ -429,6 +477,25 @@ public class ServiceBuilder
* @param transportBeans The array of Transport configuration
* @return An arry of Transport instance
*/
+ public static Authenticator[] createAuthenticators( List<AuthenticatorBean> list )
+ {
+ Authenticator[] authenticators = new Authenticator[ list.size() ];
+ int i = 0;
+
+ for ( AuthenticatorBean authenticatorBean : list )
+ {
+ authenticators[i++] = createAuthenticator( authenticatorBean );
+ }
+
+ return authenticators;
+ }
+
+ /**
+ * Creates the array of transports read from the DIT
+ *
+ * @param transportBeans The array of Transport configuration
+ * @return An arry of Transport instance
+ */
public static Transport[] createTransports( TransportBean[] transportBeans )
{
Transport[] transports = new Transport[ transportBeans.length ];
@@ -444,8 +511,6 @@ public class ServiceBuilder
return transports;
}
-
-
/**
* Helper method to create an Array of EncryptionTypes from an array of Strings
*/