You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by sm...@apache.org on 2017/07/16 19:21:53 UTC

directory-fortress-core git commit: add section to readme to describe props

Repository: directory-fortress-core
Updated Branches:
  refs/heads/master 6be89d624 -> 5058e2da8


add section to readme to describe props


Project: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/repo
Commit: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/commit/5058e2da
Tree: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/tree/5058e2da
Diff: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/diff/5058e2da

Branch: refs/heads/master
Commit: 5058e2da8d5e95184e5ee586956e348e6ea30a47
Parents: 6be89d6
Author: Shawn McKinney <sm...@apache.org>
Authored: Sun Jul 16 14:21:54 2017 -0500
Committer: Shawn McKinney <sm...@apache.org>
Committed: Sun Jul 16 14:21:54 2017 -0500

----------------------------------------------------------------------
 README.md | 95 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 95 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/5058e2da/README.md
----------------------------------------------------------------------
diff --git a/README.md b/README.md
index b969cfd..bfdf3ab 100644
--- a/README.md
+++ b/README.md
@@ -43,6 +43,7 @@
  * SECTION 13. Instructions to build and test the Apache Fortress samples.
  * SECTION 14. Instructions to performance test.
  * SECTION 15. Instructions to encrypt LDAP passwords used in config files.
+ * SECTION 16. Fortress Core properties
 
 ___________________________________________________________________________________
 ## Document Overview
@@ -830,5 +831,99 @@ use the 'encrypt' ant target.
  cfg.log.root.pw=wApnJUnuYZRBTF1zQNxX/Q==
  ```
 
+___________________________________________________________________________________
+## SECTION 16. Fortress Core properties
+
+This section describes the properties needed to control fortress core.
+
+1. LDAP Hostname coordinates.  The host name can be specified as a fully qualified domain name or IP address.
+
+ ```
+ # Host name and port of LDAP DIT:
+ host=localhost
+ port=10389
+ ```
+
+2. LDAP Server type.  Each LDAP server impl has different behavior on operations like password policies and audit.  If using a 3rd type of server that isn't formally supported, leave blank or type is other.
+
+ ```
+ # If ApacheDS server:
+ ldap.server.type=apacheds
+ ```
+
+ ```
+ # Else if OpenLDAP server:
+ ldap.server.type=slapd
+ ```
+
+ ```
+ # Else leave blank:
+ #ldap.server.type=other
+ ```
+
+3.  Set the credentials of service account.  Must have read/write privileges over the Fortress LDAP DIT:
+
+ ```
+ # If ApacheDS it will look something like this:
+ admin.user=uid=admin,ou=system
+ admin.pw=secret
+ ```
+
+ ```
+ # Else If OpenLDAP it will look something like this:
+ admin.user=cn=Manager,dc=example,dc=com
+ ```
+
+4. Define the number of LDAP connections to use in the pool  This setting will be proportional to the number of concurrent users but won't be one-to-one.  The number of required ldap connections will be much lower than concurrent users:
+
+ ```
+ # This is min/max settings for LDAP connections.  For testing and low-volume instances this will work:
+ min.admin.conn=1
+ max.admin.conn=10
+ ```
+
+5. Give coordinates to the Config node that contains all of the other Fortress properties.  This will match your LDAP's server's config node per Fortress Core setup.
+
+ ```
+ # This node contains fortress properties stored on behalf of connecting LDAP clients:
+ config.realm=DEFAULT
+ config.root=ou=Config,dc=example,dc=com
+ ```
+
+6. If using LDAPS.
+
+ ```
+ # Used for SSL Connection to LDAP Server:
+ enable.ldap.ssl=true
+ enable.ldap.ssl.debug=true
+ trust.store=/fully/qualified/path/and/file/name/to/java/truststore
+ trust.store.password=changeit
+ trust.store.set.prop=true
+ ```
+
+7. To use REST instead of LDAP.  Points to fortress-rest instance.
+
+ ```
+ # This will override default LDAP manager implementations for the RESTful ones:
+ enable.mgr.impl.rest=true
+ ```
+
+8. If using REST, provide the credentials of user that has access to fortress-rest.
+
+ ```
+ # Optional parameters needed when Fortress client is connecting with the En Masse (rather than LDAP) server:
+ http.user=demouser4
+ http.pw=gX9JbCTxJW5RiH+otQEX0Ja0RIAoPBQf
+ http.host=localhost
+ http.port=8080
+ ```
+
+9. If using ApacheDS and setting password policies, point to the correction location.
+
+ ```
+ # ApacheDS stores its password policies objects here by default:
+ apacheds.pwpolicy.root=ou=passwordPolicies,ads-interceptorId=authenticationInterceptor,ou=interceptors,ads-directoryServiceId=default,ou=config
+ ```
+
  ___________________________________________________________________________________
  #### END OF README
\ No newline at end of file