You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@directory.apache.org by Emmanuel Lécharny <el...@gmail.com> on 2015/06/11 12:28:25 UTC
[Studio] OpenLDAP config editor status
Hi guys,
a quick heads up on what's going on for the OpenLDAP Config editor,
which is scheduled for the next Studio release
o The global configuration design is almsot completed. There are now 4
of the 6 pages that are working :
- 'overview' which deal with general parameters
- 'database' was already working fine
- 'security' has just been completed. It covers all the general security
parameters (SASL, TLS, and a few other parameters)
- 'Tuning' is completed. It covers the parameters that can be tuned
(limits, concurrency, indexes...)
o The Options page has to be added, it covers 15 parameters (currently,
only 4 are covered)
o Some issue has to be fixed when we try to save the config. This is due
to some delta being computed with some modify being sent when they
should not. I will review the full process this week. Hopefully, I'll
get something working soon.
Next steps :
------------
o Have a way to save the configuration into a LDIF file, if we are not
connected to an OpenLDAP server
o Have a way to read the configuration from a LDIF file, if we are not
connected to an OpenLDAP server
o Check the Databases configuration. There are missing parameters
o Check the Overlays configuration. A dedicated page has to be added for
that
o ACLs editor should be accessible in the configuration
Wishes :
--------
o It would be good to be able to save a configuration locally, to be
able to revert to it if necessary (à la SVN)
o A delta between two configurations would be good to have then
o A defautt configuration should exist, so that we can revert back to it
Lot's of thing to do, as you can see, but still, good progress too.
Thanks !
Re: [Studio] OpenLDAP config editor status
Posted by Emmanuel Lécharny <el...@gmail.com>.
Le 16/06/15 00:23, Stefan Seelmann a écrit :
> On 06/16/2015 12:16 AM, Emmanuel Lécharny wrote:
>> Le 15/06/15 23:54, Stefan Seelmann a écrit :
>>> Hi Emmanuel,
>>>
>>> I'm afraid the OpenLDAP plugins are not included in your uploaded
>>> version. For the release I removed the feature from the Studio product.
>>> I'll re-add them now. Sorry.
>> Ah, yep, you are right. Anyway the build was bad, I had to fix an
>> important bug so it's fine if I have to buidl it again. I'll do that
>> tomorrow !
> Added the feature back to the product. The nightly build should include it.
>
> I looked a bit over it. There are really a looooot of config options
> when drilling into each detail. OpenLDAP is a feature beast :)
And I haven't yet drilled down into each one of them.
>
> One error: I played with an old OpenLDAP 2.4.31 (I'll upgrade next
> days), when opening the configuration and switching to "security" page I
> get following stacktrace:
Thanks for the report. It's fixed now (just a bad Integer parsing when
teh parameter is empty) in trunk.
Re: [Studio] OpenLDAP config editor status
Posted by Stefan Seelmann <ma...@stefan-seelmann.de>.
On 06/16/2015 12:16 AM, Emmanuel Lécharny wrote:
> Le 15/06/15 23:54, Stefan Seelmann a écrit :
>> Hi Emmanuel,
>>
>> I'm afraid the OpenLDAP plugins are not included in your uploaded
>> version. For the release I removed the feature from the Studio product.
>> I'll re-add them now. Sorry.
>
> Ah, yep, you are right. Anyway the build was bad, I had to fix an
> important bug so it's fine if I have to buidl it again. I'll do that
> tomorrow !
Added the feature back to the product. The nightly build should include it.
I looked a bit over it. There are really a looooot of config options
when drilling into each detail. OpenLDAP is a feature beast :)
One error: I played with an old OpenLDAP 2.4.31 (I'll upgrade next
days), when opening the configuration and switching to "security" page I
get following stacktrace:
java.lang.NumberFormatException: For input string: ""
at
java.lang.NumberFormatException.forInputString(NumberFormatException.java:65)
at java.lang.Integer.parseInt(Integer.java:592)
at java.lang.Integer.valueOf(Integer.java:766)
at
org.apache.directory.studio.openldap.config.editor.pages.SecurityPage$1.modifyText(SecurityPage.java:241)
at
org.eclipse.swt.widgets.TypedListener.handleEvent(TypedListener.java:179)
at org.eclipse.swt.widgets.EventTable.sendEvent(EventTable.java:84)
at org.eclipse.swt.widgets.Display.sendEvent(Display.java:4454)
at org.eclipse.swt.widgets.Widget.sendEvent(Widget.java:1388)
at org.eclipse.swt.widgets.Widget.sendEvent(Widget.java:1412)
at org.eclipse.swt.widgets.Widget.sendEvent(Widget.java:1393)
at org.eclipse.swt.widgets.Text.setText(Text.java:2562)
at org.eclipse.swt.widgets.Text.setText(Text.java:2488)
at
org.apache.directory.studio.openldap.config.editor.pages.SecurityPage.refreshUI(SecurityPage.java:1044)
at
org.apache.directory.studio.openldap.config.editor.OpenLDAPServerConfigurationEditor.pageChanged(OpenLDAPServerConfigurationEditor.java:132)
Re: [Studio] OpenLDAP config editor status
Posted by Emmanuel Lécharny <el...@gmail.com>.
Le 15/06/15 23:54, Stefan Seelmann a écrit :
> Hi Emmanuel,
>
> I'm afraid the OpenLDAP plugins are not included in your uploaded
> version. For the release I removed the feature from the Studio product.
> I'll re-add them now. Sorry.
Ah, yep, you are right. Anyway the build was bad, I had to fix an
important bug so it's fine if I have to buidl it again. I'll do that
tomorrow !
Re: [Studio] OpenLDAP config editor status
Posted by Stefan Seelmann <ma...@stefan-seelmann.de>.
Hi Emmanuel,
I'm afraid the OpenLDAP plugins are not included in your uploaded
version. For the release I removed the feature from the Studio product.
I'll re-add them now. Sorry.
Kind Regards,
Stefan
On 06/15/2015 07:49 PM, Emmanuel Lécharny wrote:
> A quick update...
>
>
> I have fixed the existing pages, to be able to save the data to the
> OpenLDAP server. It now works.
>
> I have pushed the very first version on people.apache.org/~elecharny
>
>
> the options page is not completed yet, but the overlay, tuning, and
> security are ok.
>
> feel free to test them and to report any bug you could find !
>
> Thanks
>
Re: [Studio] OpenLDAP config editor status
Posted by Emmanuel Lécharny <el...@gmail.com>.
A quick update...
I have fixed the existing pages, to be able to save the data to the
OpenLDAP server. It now works.
I have pushed the very first version on people.apache.org/~elecharny
the options page is not completed yet, but the overlay, tuning, and
security are ok.
feel free to test them and to report any bug you could find !
Thanks
Re: [Studio] OpenLDAP config editor status
Posted by Emmanuel Lécharny <el...@gmail.com>.
Le 11/06/15 22:19, Stefan Seelmann a écrit :
> On 06/11/2015 12:28 PM, Emmanuel Lécharny wrote:
>> Hi guys,
>>
>> a quick heads up on what's going on for the OpenLDAP Config editor,
>> which is scheduled for the next Studio release
>>
>> o The global configuration design is almsot completed. There are now 4
>> of the 6 pages that are working :
>> - 'overview' which deal with general parameters
>> - 'database' was already working fine
>> - 'security' has just been completed. It covers all the general security
>> parameters (SASL, TLS, and a few other parameters)
>> - 'Tuning' is completed. It covers the parameters that can be tuned
>> (limits, concurrency, indexes...)
> Phew, this is so much boilerplate code to create all the sections and
> widgets and to listen to modifications and do verifications etc. I
> didn't implement such editors since years, but wonder if there are
> simpler (or elegant) ways like automatic data binding between the model
> and UI elements.
I thought about it - and Pierre-Arnaud before me ;-) -. It's not easy.
There are a few things to consider :
- parameters are stored as attributes, and attributes may be Single
Value (SV) or Multiple-Value (MV)
- if they are MV, we need a table to represente them, but some MV AT are
ordered, some other aren't
- if they are SV, this is not the end of the story : it can store more
than one value, like for the SizeLimit or TimeLimit attributes, which
can be a complex string
- we want to ease the configuration for users, using combo for things
that are well known (paswwordHash, for instance)
etc, etc. Bottom line, many parameters are simple, and can be coded
quickly, but complex ones are a real pain and any binding would be complex.
>
>> o The Options page has to be added, it covers 15 parameters (currently,
>> only 4 are covered)
>>
>> o Some issue has to be fixed when we try to save the config. This is due
>> to some delta being computed with some modify being sent when they
>> should not. I will review the full process this week. Hopefully, I'll
>> get something working soon.
> Not sure if this is helpful, or if they can be combined, but we have 3
> code parts the compute diffs of entires:
> * PartitionsDiffComputer in openldap.config.editor
I'm using this one. I simplified and fixed it (typically, detecting a
deletion requires that all the children get deleted too, *before* the
parent).
> * PartitionsDiffComputer in apacheds.config
I think it's a duplicate of the other one (or the other way out).
We can most certainly merge the two.
> * Utils.computeDiff() in ldapbrowser.core
This can certainly be used as a replacement fo what we do in the two
other impls.
>
>> Next steps :
>> ------------
>>
>> o Have a way to save the configuration into a LDIF file, if we are not
>> connected to an OpenLDAP server
>> o Have a way to read the configuration from a LDIF file, if we are not
>> connected to an OpenLDAP server
>> o Check the Databases configuration. There are missing parameters
>> o Check the Overlays configuration. A dedicated page has to be added for
>> that
>> o ACLs editor should be accessible in the configuration
>>
>>
>> Wishes :
>> --------
>>
>> o It would be good to be able to save a configuration locally, to be
>> able to revert to it if necessary (à la SVN)
> Two ideas:
> * We can include jgit/egit into Studio, that is a full git
> implementation in Java and for Eclipse
Not a bad idea.
> * If Mavibot would support transactions/versions this may also be an
> option to use
Definitively.
Re: [Studio] OpenLDAP config editor status
Posted by Emmanuel Lécharny <el...@gmail.com>.
Le 11/06/15 22:19, Stefan Seelmann a écrit :
> On 06/11/2015 12:28 PM, Emmanuel Lécharny wrote:
>> Hi guys,
>>
>> o Some issue has to be fixed when we try to save the config. This is due
>> to some delta being computed with some modify being sent when they
>> should not. I will review the full process this week. Hopefully, I'll
>> get something working soon.
> Not sure if this is helpful, or if they can be combined, but we have 3
> code parts the compute diffs of entires:
> * PartitionsDiffComputer in openldap.config.editor
> * PartitionsDiffComputer in apacheds.config
> * Utils.computeDiff() in ldapbrowser.core
I had a loo, at the Utils.computeDiff() method, but it's doing a bit too
much for my need. Typically, it requires a connection, when I'm expecing
to be able to work on simple entries.
Looking at this method, I think we could probably improve it a bit. In
the case we are dealing with a server for which we have a schema, the
entries will be schema aware, which means we don't have to take care of
the Syntax and existing MR : it's alreayd handled by the LDAP API.
It definitively needs a review, as it also covers much more than just
doing a basic diff (like, managing the ORDERED flag).
Re: [Studio] OpenLDAP config editor status
Posted by Stefan Seelmann <ma...@stefan-seelmann.de>.
On 06/11/2015 12:28 PM, Emmanuel Lécharny wrote:
> Hi guys,
>
> a quick heads up on what's going on for the OpenLDAP Config editor,
> which is scheduled for the next Studio release
>
> o The global configuration design is almsot completed. There are now 4
> of the 6 pages that are working :
> - 'overview' which deal with general parameters
> - 'database' was already working fine
> - 'security' has just been completed. It covers all the general security
> parameters (SASL, TLS, and a few other parameters)
> - 'Tuning' is completed. It covers the parameters that can be tuned
> (limits, concurrency, indexes...)
Phew, this is so much boilerplate code to create all the sections and
widgets and to listen to modifications and do verifications etc. I
didn't implement such editors since years, but wonder if there are
simpler (or elegant) ways like automatic data binding between the model
and UI elements.
> o The Options page has to be added, it covers 15 parameters (currently,
> only 4 are covered)
>
> o Some issue has to be fixed when we try to save the config. This is due
> to some delta being computed with some modify being sent when they
> should not. I will review the full process this week. Hopefully, I'll
> get something working soon.
Not sure if this is helpful, or if they can be combined, but we have 3
code parts the compute diffs of entires:
* PartitionsDiffComputer in openldap.config.editor
* PartitionsDiffComputer in apacheds.config
* Utils.computeDiff() in ldapbrowser.core
> Next steps :
> ------------
>
> o Have a way to save the configuration into a LDIF file, if we are not
> connected to an OpenLDAP server
> o Have a way to read the configuration from a LDIF file, if we are not
> connected to an OpenLDAP server
> o Check the Databases configuration. There are missing parameters
> o Check the Overlays configuration. A dedicated page has to be added for
> that
> o ACLs editor should be accessible in the configuration
>
>
> Wishes :
> --------
>
> o It would be good to be able to save a configuration locally, to be
> able to revert to it if necessary (à la SVN)
Two ideas:
* We can include jgit/egit into Studio, that is a full git
implementation in Java and for Eclipse
* If Mavibot would support transactions/versions this may also be an
option to use
> o A delta between two configurations would be good to have then
> o A defautt configuration should exist, so that we can revert back to it
>
> Lot's of thing to do, as you can see, but still, good progress too.
>
> Thanks !
>
Thanks for the update.
Re: [Studio] OpenLDAP config editor read and write as LDIF
Posted by Kiran Ayyagari <ka...@apache.org>.
On Wed, Jun 17, 2015 at 12:06 AM, Emmanuel Lécharny <el...@gmail.com>
wrote:
> Le 11/06/15 12:28, Emmanuel Lécharny a écrit :
> > Hi guys,
> >
> > a quick heads up on what's going on for the OpenLDAP Config editor,
> > which is scheduled for the next Studio release
> >
> > o Some issue has to be fixed when we try to save the config. This is due
> > to some delta being computed with some modify being sent when they
> > should not. I will review the full process this week. Hopefully, I'll
> > get something working soon.
> >
> >
> > Next steps :
> > ------------
> >
> > o Have a way to save the configuration into a LDIF file, if we are not
> > connected to an OpenLDAP server
> It is now possible to save the configuration as a LDIF file : select
> 'save as', pick an empty directory, and you are done.
>
> There are two things I'd like to change here :
> - first, there is no reason we should pick an empty directory, as it is
> currently required in the Save As dialog.
> - second, it might be good to be able to open a dialog when the user
> type ctrl-s, to ask if the config should be injected into the OpenLDAP
> connection, or saved on the disk (or even saved into a local version).
>
> Here, I'd like to have your input :
>
> - should we use ctrl-s as a default to store the config in the
> associated connection (ie, sent into the running LDAP server)
> - or should we ask the user where to save the config ?
>
by default it should store in the source from where it came before loading
> In the first case, as the connection might be off, we might have to ask
> what to do : should we connect to the server, or save to the disk.
>
> but isn't it already open if it was loaded from server, otherwise
ya it should ask
> > o Have a way to read the configuration from a LDIF file, if we are not
> > connected to an OpenLDAP server
> Regarding this feature, I think it's critical to associate it to a
> OpenLDAP connection (even if it's not connected). Creating a new
> connection from scratch should be a matter of creating a new OpenLDAP
> connection, and when one right-click on this connection, an option would
> be to create a configuration stored on disk.
>
my preference would be not to do this, just save it back to the file unless
user really wants to apply it on a server, in that case a menu option to do
that is ideal
>
> Last, not least, I'd like to add a feature that export a delta-LDIF
> instead of injecting it into a running LDAP server. Tht could be useful
> to propagate a modification to many servers (dev, tests, pre-production,
> production). It may be done later, but I'm quite sure that would be a
>
what if two instances are running on the same host and user changed a port
in one instance's config, likewise there must be many more options, how do
we handle this case?
>
>
> Thanks !
>
>
--
Kiran Ayyagari
http://keydap.com
[Studio] OpenLDAP config editor read and write as LDIF
Posted by Emmanuel Lécharny <el...@gmail.com>.
Le 11/06/15 12:28, Emmanuel Lécharny a écrit :
> Hi guys,
>
> a quick heads up on what's going on for the OpenLDAP Config editor,
> which is scheduled for the next Studio release
>
> o Some issue has to be fixed when we try to save the config. This is due
> to some delta being computed with some modify being sent when they
> should not. I will review the full process this week. Hopefully, I'll
> get something working soon.
>
>
> Next steps :
> ------------
>
> o Have a way to save the configuration into a LDIF file, if we are not
> connected to an OpenLDAP server
It is now possible to save the configuration as a LDIF file : select
'save as', pick an empty directory, and you are done.
There are two things I'd like to change here :
- first, there is no reason we should pick an empty directory, as it is
currently required in the Save As dialog.
- second, it might be good to be able to open a dialog when the user
type ctrl-s, to ask if the config should be injected into the OpenLDAP
connection, or saved on the disk (or even saved into a local version).
Here, I'd like to have your input :
- should we use ctrl-s as a default to store the config in the
associated connection (ie, sent into the running LDAP server)
- or should we ask the user where to save the config ?
In the first case, as the connection might be off, we might have to ask
what to do : should we connect to the server, or save to the disk.
> o Have a way to read the configuration from a LDIF file, if we are not
> connected to an OpenLDAP server
Regarding this feature, I think it's critical to associate it to a
OpenLDAP connection (even if it's not connected). Creating a new
connection from scratch should be a matter of creating a new OpenLDAP
connection, and when one right-click on this connection, an option would
be to create a configuration stored on disk.
Last, not least, I'd like to add a feature that export a delta-LDIF
instead of injecting it into a running LDAP server. Tht could be useful
to propagate a modification to many servers (dev, tests, pre-production,
production). It may be done later, but I'm quite sure that would be a
Thanks !
Re: [Studio] OpenLDAP config editor status
Posted by Emmanuel Lécharny <el...@gmail.com>.
Le 11/06/15 12:28, Emmanuel Lécharny a écrit :
> Hi guys,
>
> a quick heads up on what's going on for the OpenLDAP Config editor,
> which is scheduled for the next Studio release
>
> o The global configuration design is almsot completed. There are now 4
> of the 6 pages that are working :
> - 'overview' which deal with general parameters
> - 'database' was already working fine
> - 'security' has just been completed. It covers all the general security
> parameters (SASL, TLS, and a few other parameters)
> - 'Tuning' is completed. It covers the parameters that can be tuned
> (limits, concurrency, indexes...)
>
> o The Options page has to be added, it covers 15 parameters (currently,
> only 4 are covered)
>
> o Some issue has to be fixed when we try to save the config. This is due
> to some delta being computed with some modify being sent when they
> should not. I will review the full process this week. Hopefully, I'll
> get something working soon.
To be clear, there are some corner casesthat are not handled correctly.
Typically, in the Ldap Server I'm testing with, a partition has some
overlays, thus some entries, and deleting this partiton does not work
because the Partition's entry is deleted *before* the Overlays' entries,
whcih is not supported.
One more missing piece (or to be clear, something that I forgot when I
modified the existing pages I have modified), I have to add the
listeners for each parameter in order to save the modified fields into
teh new partition. It was present in the old code, and I just forgot to
add it. It's not a big burden, mainly a single line of code to add for
each single value parameter, and an loop for each MV parameter.
>
>
> Next steps :
> ------------
>
> o Have a way to save the configuration into a LDIF file, if we are not
> connected to an OpenLDAP server
> o Have a way to read the configuration from a LDIF file, if we are not
> connected to an OpenLDAP server
FTR, the code exists, it's just a question to map it to the menus.