You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by el...@apache.org on 2014/10/21 01:06:56 UTC
[39/50] git commit: FC-143 - Add SSL to Unbound connection pool
FC-143 - Add SSL to Unbound connection pool
Project: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/repo
Commit: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/commit/35ef63db
Tree: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/tree/35ef63db
Diff: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/diff/35ef63db
Branch: refs/heads/master
Commit: 35ef63dba9b865ed382abcb035a10d5761c7e5a5
Parents: a5443d2
Author: Shawn McKinney <sh...@jts.us>
Authored: Sat Aug 2 22:54:48 2014 -0500
Committer: Shawn McKinney <sh...@jts.us>
Committed: Sat Aug 2 22:54:48 2014 -0500
----------------------------------------------------------------------
README.txt | 12 ++++++------
build.properties | 7 +++++++
build.xml | 10 ++++++++++
config/bootstrap/fortress.properties.src | 7 +++++++
config/fortress.properties.src | 7 +++++++
5 files changed, 37 insertions(+), 6 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/35ef63db/README.txt
----------------------------------------------------------------------
diff --git a/README.txt b/README.txt
index 0b77636..cfb02c8 100755
--- a/README.txt
+++ b/README.txt
@@ -21,17 +21,17 @@ ________________________________________________________________________________
###################################################################################
# Document Overview
# Tips for first-time users of Fortress
-# SECTION 0. Prerequisites for Fortress SDK installation and use with LDAP server
+# SECTION 0. Prerequisites for Fortress SDK installation and usage
# SECTION 1. Options for installing OpenLDAP to target server environment
# SECTION 2. Instructions for Fortress Quickstart builder installation of OpenLDAP
# SECTION 3. Instructions to pull Fortress source code from OpenLDAP GIT
# SECTION 4. Instructions to build software distribution packages using 'dist' target.
# SECTION 5. Instructions to configure SDK for target system using build.properties file.
-# SECTION 6. Instructions for using pre-existing or native OpenLDAP installation using 'load-slapd' target.
+# SECTION 6. Instructions for pre-existing or native OpenLDAP installation using 'load-slapd' target.
# SECTION 7. Instructions for Symas installation of OpenLDAP - using 'init-slapd' target
# SECTION 8. Instructions to integration test using 'test-full' target
# SECTION 9. Instructions to run the command line interpreter (CLI) utility using 'cli' target
-# SECTION 10. Instructions to use Fortress A/P/R/BAC APIs with samples using 'test-samples' target
+# SECTION 10. Instructions to use Fortress A/P/R/BAC APIs with 'test-samples' target
# SECTION 11. Instructions to run the command console using 'console' target
# SECTION 12. Instructions to encrypt LDAP passwords used in config files.
# SECTION 13. Instructions to load data into the default database using 'admin' target.
@@ -78,7 +78,7 @@ ________________________________________________________________________________
http://www.openldap.org/lists/mm/listinfo/openldap-fortress
___________________________________________________________________________________
###################################################################################
-# SECTION 0. Prerequisites for Fortress SDK installation and use with LDAP server
+# SECTION 0. Prerequisites for Fortress SDK installation and usage
###################################################################################
1. Internet access to retrieve source code from OpenLDAP GIT and binary dependencies from online Maven repo.
Fortress installation procedures use Apache Ant & Ivy. Ivy pulls external dependencies from Maven repositories over the Internet.
@@ -273,7 +273,7 @@ user.min.conn=1
user.max.conn=10
___________________________________________________________________________________
###################################################################################
-# SECTION 6. Instructions for using pre-existing or native OpenLDAP installation using 'load-slapd' target.
+# SECTION 6. Instructions for pre-existing or native OpenLDAP installation using 'load-slapd' target.
###################################################################################
a. Install OpenLDAP using preferred method.
@@ -513,7 +513,7 @@ b. follow instructions in the command line interpreter reference manual containe
$FORTRESS_HOME/dist/docs/api/com/jts/fortress/cli/package-summary.html
___________________________________________________________________________________
###################################################################################
-# SECTION 10. Instructions to use Fortress A/P/R/BAC APIs with samples using 'test-samples' target
+# SECTION 10. Instructions to use Fortress A/P/R/BAC APIs with 'test-samples' target
###################################################################################
a. from FORTRESS_HOME enter the following command:
http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/35ef63db/build.properties
----------------------------------------------------------------------
diff --git a/build.properties b/build.properties
index 3d6d916..e8d2777 100644
--- a/build.properties
+++ b/build.properties
@@ -75,6 +75,13 @@ ldap.port=389
#ldap.host=192.168.1.102
#ldap.port=10389
+# These are for setting up SSL with OpenLDAP Server:
+#enable.ldap.ssl=true
+#enable.ldap.ssl.debug=true
+#trust.store=fully / qualified / file / name / to / truststore
+#trust.store.password=changeit
+#trust.store.set.prop=true
+
# These are used to construct suffix for DIT, i.e. dc=example,dc=com.
suffix.name=openldap
suffix.dc=org
http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/35ef63db/build.xml
----------------------------------------------------------------------
diff --git a/build.xml b/build.xml
index 2fb371e..05bb538 100644
--- a/build.xml
+++ b/build.xml
@@ -793,6 +793,11 @@
<replace file="${dst.bootstrap.conf}" token="@GROUP_OBJECT_CLASS@" value="${group.objectclass}"/>
<replace file="${dst.bootstrap.conf}" token="@GROUP_PROTOCOL@" value="${group.protocol}"/>
<replace file="${dst.bootstrap.conf}" token="@GROUP_PROPERTIES@" value="${group.properties}"/>
+ <replace file="${dst.bootstrap.conf}" token="@ENABLE_LDAP_SSL@" value="${enable.ldap.ssl}"/>
+ <replace file="${dst.bootstrap.conf}" token="@ENABLE_LDAP_SSL_DEBUG@" value="${enable.ldap.ssl.debug}"/>
+ <replace file="${dst.bootstrap.conf}" token="@TRUST_STORE@" value="${trust.store}"/>
+ <replace file="${dst.bootstrap.conf}" token="@TRUST_STORE_PW@" value="${trust.store.password}"/>
+ <replace file="${dst.bootstrap.conf}" token="@TRUST_STORE_SET_PROPW@" value="${trust.store.set.prop}"/>
<copy file="${src.remote.conf}" tofile="${dst.remote.conf}"/>
<replace file="${dst.remote.conf}" token="@SUFFIX@" value="${suffix}"/>
@@ -809,6 +814,11 @@
<replace file="${dst.remote.conf}" token="@REST_HTTP_HOST@" value="${http.host}"/>
<replace file="${dst.remote.conf}" token="@REST_HTTP_PORT@" value="${http.port}"/>
<replace file="${dst.remote.conf}" token="@LDAP_CLIENT_TYPE@" value="${ldap.client.type}"/>
+ <replace file="${dst.remote.conf}" token="@ENABLE_LDAP_SSL@" value="${enable.ldap.ssl}"/>
+ <replace file="${dst.remote.conf}" token="@ENABLE_LDAP_SSL_DEBUG@" value="${enable.ldap.ssl.debug}"/>
+ <replace file="${dst.remote.conf}" token="@TRUST_STORE@" value="${trust.store}"/>
+ <replace file="${dst.remote.conf}" token="@TRUST_STORE_PW@" value="${trust.store.password}"/>
+ <replace file="${dst.remote.conf}" token="@TRUST_STORE_SET_PROPW@" value="${trust.store.set.prop}"/>
<echo message="############### Modify fortress load scripts per user settings ###############"/>
<delete file="${dst.load.bootstrap.script}"/>
http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/35ef63db/config/bootstrap/fortress.properties.src
----------------------------------------------------------------------
diff --git a/config/bootstrap/fortress.properties.src b/config/bootstrap/fortress.properties.src
index f5ea519..3698533 100755
--- a/config/bootstrap/fortress.properties.src
+++ b/config/bootstrap/fortress.properties.src
@@ -17,6 +17,13 @@
host=@LDAP_HOST@
port=@LDAP_PORT@
+# Used for SSL Connection to LDAP Server:
+enable.ldap.ssl=@ENABLE_LDAP_SSL@
+enable.ldap.ssl.debug=@ENABLE_LDAP_SSL_DEBUG@
+trust.store=@TRUST_STORE@
+trust.store.password=@TRUST_STORE_PW@
+trust.store.set.prop=@TRUST_STORE_SET_PROPW@
+
# These credentials are used for read/write access to all nodes under suffix:
admin.user=@ROOT_DN@
# LDAP admin root pass is encrypted using 'encrypt' target in build.xml:
http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/35ef63db/config/fortress.properties.src
----------------------------------------------------------------------
diff --git a/config/fortress.properties.src b/config/fortress.properties.src
index ac39a62..30a4593 100755
--- a/config/fortress.properties.src
+++ b/config/fortress.properties.src
@@ -19,6 +19,13 @@
host=@LDAP_HOST@
port=@LDAP_PORT@
+# Used for SSL Connection to LDAP Server:
+enable.ldap.ssl=@ENABLE_LDAP_SSL@
+enable.ldap.ssl.debug=@ENABLE_LDAP_SSL_DEBUG@
+trust.store=@TRUST_STORE@
+trust.store.password=@TRUST_STORE_PW@
+trust.store.set.prop=@TRUST_STORE_SET_PROPW@
+
# These credentials are used for read/write access to all nodes under suffix:
admin.user=@ROOT_DN@
# LDAP admin root pass is encrypted using 'encrypt' target in build.xml: