You are viewing a plain text version of this content. The canonical link for it is here.
Posted to derby-commits@db.apache.org by rh...@apache.org on 2022/12/07 16:11:16 UTC
svn commit: r1905842 - in /db/derby/docs/branches/10.16: ./ src/security/cseccsecure863446.dita src/security/csecldapbooting.dita
Author: rhillegas
Date: Wed Dec 7 16:11:16 2022
New Revision: 1905842
URL: http://svn.apache.org/viewvc?rev=1905842&view=rev
Log:
DERBY-7147: Port 1905800 from trunk docs to 10.16 docs.
Modified:
db/derby/docs/branches/10.16/ (props changed)
db/derby/docs/branches/10.16/src/security/cseccsecure863446.dita
db/derby/docs/branches/10.16/src/security/csecldapbooting.dita
Propchange: db/derby/docs/branches/10.16/
------------------------------------------------------------------------------
Merged /db/derby/docs/trunk:r1905800
Modified: db/derby/docs/branches/10.16/src/security/cseccsecure863446.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/branches/10.16/src/security/cseccsecure863446.dita?rev=1905842&r1=1905841&r2=1905842&view=diff
==============================================================================
--- db/derby/docs/branches/10.16/src/security/cseccsecure863446.dita (original)
+++ db/derby/docs/branches/10.16/src/security/cseccsecure863446.dita Wed Dec 7 16:11:16 2022
@@ -25,40 +25,47 @@ use your LDAP directory service</title>
what LDAP server to use.</shortdesc>
<prolog></prolog>
<conbody>
-<p>To connect to the OpenDS LDAP server, add the following lines to your
+<p>To connect to the ApacheDS LDAP server, add the following lines to your
<ph conref="../conrefs.dita#prod/productshortname"></ph> configuration file,
<codeph>derby.properties</codeph>. You may also want to store these properties
in your database and lock them down by setting the
<codeph>derby.database.propertiesOnly</codeph> property (see
<xref href="csecauthorcoarse.dita"/> for an example of how to lock down
database properties):</p>
-<codeblock>derby.connection.requireAuthentication=true
-derby.authentication.server=ldap://127.0.0.1:1389
-derby.authentication.provider=LDAP
-derby.authentication.ldap.searchAuthPW=<i>YOUR_SELECTED_PASSWORD</i>
-derby.authentication.ldap.searchAuthDN=cn=Directory Manager
-derby.authentication.ldap.searchBase=dc=example,dc=com
-derby.authentication.ldap.searchFilter=objectClass=person</codeblock>
+<codeblock>
+ derby.connection.requireAuthentication=true
+ derby.authentication.server=ldaps://127.0.0.1:10389
+ derby.authentication.provider=LDAP
+ derby.authentication.ldap.searchAuthPW=<i>YOUR_SELECTED_PASSWORD</i>
+ derby.authentication.ldap.searchAuthDN=cn=Directory Manager
+ derby.authentication.ldap.searchBase=o=sevenseas
+ derby.authentication.ldap.searchFilter=objectClass=person
+</codeblock>
<p>Finally, start <codeph>ij</codeph> in the directory where you created your
<codeph>derby.properties</codeph> (this ensures that embedded
<ph conref="../conrefs.dita#prod/productshortname"></ph> will come up with the
authentication settings listed above). Run the following commands:</p>
-<codeblock><b>java org.apache.derby.tools.ij</b>
-ij version 10.11
-ij> <b>connect 'jdbc:derby:testdb;create=true;user=tquist;password=tquist';</b></codeblock>
+<codeblock>
+ <b>java org.apache.derby.tools.ij</b>
+ ij version 10.16
+ ij> <b>connect 'jdbc:derby:testdb;create=true;user=cbuckley;password=secret';</b>
+ ij> <b>quit;</b>
+</codeblock>
<p>Verify that authentication works by trying to connect again, this time with
bad credentials:</p>
-<codeblock><b>java org.apache.derby.tools.ij</b>
-ij version 10.11
-ij> <b>connect 'jdbc:derby:testdb;create=true;user=tquist;password=badpassword';</b>
-ERROR 08004: Connection authentication failure occurred. Reason: Invalid authentication...</codeblock>
+<codeblock>
+ <b>java org.apache.derby.tools.ij</b>
+ ij version 10.16
+ ij> <b>connect 'jdbc:derby:testdb;create=true;user=cbuckley;password=badpassword';</b>
+ ERROR 08004: Connection authentication failure occurred. Reason: Invalid authentication...
+ ij> <b>quit;</b>
+</codeblock>
<p>When you set the property <codeph>derby.authentication.server</codeph>, you
can specify the LDAP server using just the server name, the server name and its
port number separated by a colon, or an <codeph>ldap</codeph> URL as shown in
the example. If you do not provide a full URL,
<ph conref="../conrefs.dita#prod/productshortname"></ph> will by default use
-unencrypted LDAP. To use SSL encrypted LDAP, specify a URL that starts with
-<codeph>ldaps://</codeph>. For details on the
+unencrypted LDAP. For details on the
<codeph>derby.authentication.server</codeph> and
<codeph>derby.authentication.provider</codeph> properties, see the
<ph conref="../conrefs.dita#pub/citref"></ph>.</p>
Modified: db/derby/docs/branches/10.16/src/security/csecldapbooting.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/branches/10.16/src/security/csecldapbooting.dita?rev=1905842&r1=1905841&r2=1905842&view=diff
==============================================================================
--- db/derby/docs/branches/10.16/src/security/csecldapbooting.dita (original)
+++ db/derby/docs/branches/10.16/src/security/csecldapbooting.dita Wed Dec 7 16:11:16 2022
@@ -20,30 +20,28 @@ limitations under the License.
-->
<concept id="csecldapbooting" xml:lang="en-us">
<title>Booting an LDAP server</title>
-<shortdesc>To begin, launch the OpenDS QuickSetup JNLP (Java Web Start)
-installer, then follow the installation steps to set up your directory
-server.</shortdesc>
+<shortdesc>These are instructions for installing and booting an Apache LDAP server.</shortdesc>
<prolog><metadata>
<keywords>
<indexterm>LDAP directory service<indexterm>booting</indexterm></indexterm>
</keywords>
</metadata></prolog>
<conbody>
-<p>You can obtain the installer from <xref format="html"
-href="https://opends.java.net/" scope="external"/> by clicking the
-"Install with QuickSetup" link.</p>
-<p>As part of this installation, you will specify a password, which we will
-call <i>YOUR_SELECTED_PASSWORD</i>.</p>
-<p>Next, load some credentials into the directory server. Download this sample
-file of credentials:
-<xref format="txt" href="http://today.java.net/today/2007/03/22/secArticle.LDIF"
-scope="external"/>. Now load it into your directory server using the
-<codeph>import-ldif</codeph> tool in the <codeph>bin</codeph> directory of your
-OpenDS installation. (Make sure that OpenDS is not running when you import
-credentials; otherwise you will receive an error message indicating that the
-import utility cannot acquire a lock over storage.)</p>
-<codeblock><b>import-ldif --backendID userRoot --ldifFile secArticle.LDIF</b></codeblock>
-<p>Now bring up the OpenDS server by running the <codeph>start-ds</codeph>
-script in the <codeph>bin</codeph> directory of your OpenDS installation.</p>
+ <p>
+ Install ApacheDS and ApacheDirectoryStudio by following the instructions at
+ <xref format="html" href="https://directory.apache.org/" scope="external"/>.
+ </p>
+ <p>
+ Boot ApacheDS. On Linux, the command would be something like the following:
+ </p>
+ <codeblock><b>sudo /etc/init.d/apacheds-2.0.0.AM26-default start</b></codeblock>
+ <p>
+ Use ApacheDirectoryStudio to generate a sample database of users by following the instructions at
+ <xref format="html" href="https://directory.apache.org/apacheds/basic-ug/1.5-sample-configuration.html" scope="external"/>.
+ </p>
+ <p>
+ In order to test your installation (see the next section), use ApacheDirectoryStudio
+ to change the password of user Cornelius Buckley to <i>secret</i>.
+ </p>
</conbody>
</concept>