You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by ak...@apache.org on 2004/11/07 10:09:27 UTC
svn commit: rev 56826 - incubator/directory/kerberos/trunk/eve-kerberos/etc
Author: akarasulu
Date: Sun Nov 7 01:09:26 2004
New Revision: 56826
Modified:
incubator/directory/kerberos/trunk/eve-kerberos/etc/kerberos.properties
Log:
Modified: incubator/directory/kerberos/trunk/eve-kerberos/etc/kerberos.properties
==============================================================================
--- incubator/directory/kerberos/trunk/eve-kerberos/etc/kerberos.properties (original)
+++ incubator/directory/kerberos/trunk/eve-kerberos/etc/kerberos.properties Sun Nov 7 01:09:26 2004
@@ -1,12 +1,14 @@
+# -----------------------------------------------------------------------------
+# Kerberos Specific Properties
+# -----------------------------------------------------------------------------
+
# these are the minimum required parameters
kdc.primary.realm = EXAMPLE.COM
kdc.principal = krbtgt/EXAMPLE.COM@EXAMPLE.COM
kdc.keys.location = kerberoskeys.ser
kdc.encryption.types = des-cbc-md5 des3-cbc-sha1 des3-cbc-md5 des-cbc-md4 des-cbc-crc
-java.naming.provider.url = ldap://ldap.example.com:389/dc=example,dc=com
changepw.principal = kadmin/changepw@EXAMPLE.COM
-ldap.principal = ldap/ldap.example.com@EXAMPLE.COM
# all times in minutes
kdc.allowable.clockskew = 5
@@ -22,15 +24,48 @@
tgs.postdate.allowed = true
tgs.renewable.allowed = true
+
+# -----------------------------------------------------------------------------
+# JNDI Properties
+# -----------------------------------------------------------------------------
+
+# The URL of for the provider: for Eve this is just a DN
+java.naming.provider.url = dc=example,dc=com
+# The principal will be fixed for the hard system super user in Eve
+java.naming.security.principal = uid=admin,ou=system
+# Authentication into Eve which is local is kept simple
+java.naming.security.authentication = simple
# Set up environment for initial context
-java.naming.factory.initial = com.sun.jndi.ldap.LdapCtxFactory
-# Request the use of SASL-GSSAPI, using already established Kerberos credentials
-# This must be uppercase, as required by the Sun JNDI provider
-java.naming.security.authentication = GSSAPI
-# Request mutual authentication
-javax.security.sasl.server.authentication = true
-# Request authentication with integrity and privacy protection
-javax.security.sasl.qop = auth-conf
-# Request high-strength cryptographic protection
-javax.security.sasl.strength = high
+java.naming.factory.initial = org.apache.eve.jndi.EveContextFactory
+
+
+# -----------------------------------------------------------------------------
+# Eve Provider Properties
+# -----------------------------------------------------------------------------
+
+# The working directory where Eve stores it's partition database files
+eve.wkdir = ./target/eve
+# The published LDAP schema's to initialize: all listed are required for example.com
+eve.schemas = system,core,cosine,inetorgperson,krb5kdc
+# Comma separated name of the partitions to attach/create
+eve.db.partitions = example
+
+# Suffix for the example partition
+eve.db.partition.suffix.example = dc=example,dc=com
+# User defined indices for the example partition
+eve.db.partition.indices.example = ou uid objectClass krb5PrincipalName
+# ObjectClass attribute values for the partition root at dc=example,dc=com
+eve.db.partition.attribute.example.objectClass = top domain
+# Domain component attribute for the root
+eve.db.partition.attribute.example.dc = example
+
+
+# -----------------------------------------------------------------------------
+# Eve PrincipalStore Properties
+# -----------------------------------------------------------------------------
+
+# Base DN to conduct one level searches for kdc entries
+kdc.entry.basedn = ou=People,dc=example,dc=com
+# Initial LDIF file to import when first started
+kdc.entry.ldif.file = ./src/ldif/example.com