You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by er...@apache.org on 2006/01/27 21:13:36 UTC
svn commit: r372968 [5/6] - in /directory/trunks/apacheds/src/site: ./
resources/ resources/developers/ resources/images/ resources/users/ xdoc/
xdoc/developers/ xdoc/drafts/ xdoc/images/ xdoc/projects/ xdoc/rfcs/
xdoc/users/
Added: directory/trunks/apacheds/src/site/xdoc/features.xml
URL: http://svn.apache.org/viewcvs/directory/trunks/apacheds/src/site/xdoc/features.xml?rev=372968&view=auto
==============================================================================
--- directory/trunks/apacheds/src/site/xdoc/features.xml (added)
+++ directory/trunks/apacheds/src/site/xdoc/features.xml Fri Jan 27 12:11:10 2006
@@ -0,0 +1,84 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<document>
+ <properties>
+ <author email="akarasulu@apache.org">Alex Karasulu</author>
+
+ </properties>
+
+ <body>
+ <section name="Server's Features">
+ <p>
+ The Apache Directory Server is an embeddable LDAP server implemented in
+ pure Java. It has several features that make it unique amoung LDAP
+ servers. These features are described below:
+ </p>
+
+ <ul>
+ <li>
+ Designed as an LDAP and X.500 experimentation platform. Plugable
+ components and subsystems make ApacheDS extremely modular and ideal
+ for experiments with various aspects of the LDAP protocol.
+ </li>
+
+ <li>
+ The server's frontend is completely separable from its backend and
+ vice-versa making it very flexible for implementing virtual
+ directories, proxy servers and gateways to X.500.
+ </li>
+
+ <li>
+ Several backends can be implemented and plugged into the server's
+ partition nexus. The server supports a BTree based partition out of
+ the box but any backing store can be used to implement a partition so
+ long as it conforms to interfaces.
+ </li>
+
+ <li>
+ The server exposes aspects of administration via a special system
+ backend. LDAP can be used to manage these concerns through the
+ system naming context at <code>ou=system</code>.
+ </li>
+
+ <li>
+ Java based triggers and stored procedures are being implemented.
+ </li>
+
+ <li>
+ Both the backend subsystem and the frontend are separable and
+ independently embeddable.
+ </li>
+
+ <li>
+ The server contains a server side JNDI LDAP provider as the facade
+ for the entire backend subsystem. JNDI operations are directly
+ translated by this provider into operations against the nexus and the
+ target partitions storing server entries.
+ </li>
+
+ <li>
+ The server will use JNDI as the data access API for stored procedures.
+ This will make stored procedures functional within and outside of the
+ server without requiring recompilation.
+ </li>
+
+ <li>
+ The server's networking code, MINA, Multipurpose Infrastructure for
+ Network Applications was designed for pluggable protocol providers,
+ of all sorts and not just LDAP. MINA gives ApacheDS the ability to
+ handle large amounts of concurrency.
+ </li>
+
+ <li>
+ The server uses the Snickers tools and APIs for ASN.1 BER encoding and
+ decoding. These tools are designed for a very small encoding and
+ decoding footprint as well as for use in non-blocking servers. The
+ chunking nature of the BER codec makes the server very efficient while
+ handling encoding and decoding making it more resistant to DoS
+ attacks. This layer is also pluggable with a new experimental Twix
+ provider which is much more efficient. Of course there is the
+ unsupported Snacc4J provider which is no longer maintained.
+ </li>
+ </ul>
+ </section>
+ </body>
+</document>
Added: directory/trunks/apacheds/src/site/xdoc/images/apache-directory-logo.png
URL: http://svn.apache.org/viewcvs/directory/trunks/apacheds/src/site/xdoc/images/apache-directory-logo.png?rev=372968&view=auto
==============================================================================
Binary file - no diff available.
Propchange: directory/trunks/apacheds/src/site/xdoc/images/apache-directory-logo.png
------------------------------------------------------------------------------
svn:mime-type = application/octet-stream
Added: directory/trunks/apacheds/src/site/xdoc/images/apache-incubator-logo.png
URL: http://svn.apache.org/viewcvs/directory/trunks/apacheds/src/site/xdoc/images/apache-incubator-logo.png?rev=372968&view=auto
==============================================================================
Binary file - no diff available.
Propchange: directory/trunks/apacheds/src/site/xdoc/images/apache-incubator-logo.png
------------------------------------------------------------------------------
svn:mime-type = application/octet-stream
Added: directory/trunks/apacheds/src/site/xdoc/images/architecture.png
URL: http://svn.apache.org/viewcvs/directory/trunks/apacheds/src/site/xdoc/images/architecture.png?rev=372968&view=auto
==============================================================================
Binary file - no diff available.
Propchange: directory/trunks/apacheds/src/site/xdoc/images/architecture.png
------------------------------------------------------------------------------
svn:mime-type = application/octet-stream
Added: directory/trunks/apacheds/src/site/xdoc/images/icon.png
URL: http://svn.apache.org/viewcvs/directory/trunks/apacheds/src/site/xdoc/images/icon.png?rev=372968&view=auto
==============================================================================
Binary file - no diff available.
Propchange: directory/trunks/apacheds/src/site/xdoc/images/icon.png
------------------------------------------------------------------------------
svn:mime-type = application/octet-stream
Added: directory/trunks/apacheds/src/site/xdoc/index.xml
URL: http://svn.apache.org/viewcvs/directory/trunks/apacheds/src/site/xdoc/index.xml?rev=372968&view=auto
==============================================================================
--- directory/trunks/apacheds/src/site/xdoc/index.xml (added)
+++ directory/trunks/apacheds/src/site/xdoc/index.xml Fri Jan 27 12:11:10 2006
@@ -0,0 +1,76 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<document>
+ <properties>
+ <title>Apache Directory Server</title>
+ <author email="akarasulu@apache.org">Alex Karasulu</author>
+ </properties>
+
+ <body>
+ <section name="Overview">
+ <p>Welcome to the Apache Directory Server Homepage!</p>
+
+ <p>
+ The Apache Directory Server is an embeddable LDAP server written in
+ Java. It has been designed to introduce triggers, stored procedures,
+ queues and views to the world of LDAP which has lacked these rich
+ constructs.
+ </p>
+
+ <table>
+ <tr>
+ <th>Topic</th>
+ <th>Description</th>
+ </tr>
+
+ <tr>
+ <td>
+ <a href="./features.html">Features</a>
+ </td>
+ <td>
+ Lists existing and planned features.
+ </td>
+ </tr>
+
+ <tr>
+ <td>
+ <a href="./roadmap.html">Roadmap</a>
+ </td>
+ <td>
+ A development roadmap.
+ </td>
+ </tr>
+
+ <tr>
+ <td>
+ <a href="./users/index.html">User's Guide</a>
+ </td>
+ <td>
+ Material that might go into a user's guide or howto section.
+ </td>
+ </tr>
+
+ <tr>
+ <td>
+ <a href="./developers/index.html">Developers's Guide</a>
+ </td>
+ <td>
+ Material that might go into a developer's guide.
+ </td>
+ </tr>
+
+ <tr>
+ <td>
+ <a href="./projects/index.html">Projects</a>
+ </td>
+ <td>
+ The sitedocs for the various maven source code projects containing
+ the usual reports and info are here.
+ </td>
+ </tr>
+
+ </table>
+
+
+ </section>
+ </body>
+</document>
Added: directory/trunks/apacheds/src/site/xdoc/license.xml
URL: http://svn.apache.org/viewcvs/directory/trunks/apacheds/src/site/xdoc/license.xml?rev=372968&view=auto
==============================================================================
--- directory/trunks/apacheds/src/site/xdoc/license.xml (added)
+++ directory/trunks/apacheds/src/site/xdoc/license.xml Fri Jan 27 12:11:10 2006
@@ -0,0 +1,215 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<document>
+ <properties>
+ <author email="akarasulu@apache.org">Alex Karasulu</author>
+
+ </properties>
+
+ <body>
+ <section name="Apache 2.0 License">
+ <source>
+ Apache License
+ Version 2.0, January 2004
+ http://www.apache.org/licenses/
+
+ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+ 1. Definitions.
+
+ "License" shall mean the terms and conditions for use, reproduction,
+ and distribution as defined by Sections 1 through 9 of this document.
+
+ "Licensor" shall mean the copyright owner or entity authorized by
+ the copyright owner that is granting the License.
+
+ "Legal Entity" shall mean the union of the acting entity and all
+ other entities that control, are controlled by, or are under common
+ control with that entity. For the purposes of this definition,
+ "control" means (i) the power, direct or indirect, to cause the
+ direction or management of such entity, whether by contract or
+ otherwise, or (ii) ownership of fifty percent (50%) or more of the
+ outstanding shares, or (iii) beneficial ownership of such entity.
+
+ "You" (or "Your") shall mean an individual or Legal Entity
+ exercising permissions granted by this License.
+
+ "Source" form shall mean the preferred form for making modifications,
+ including but not limited to software source code, documentation
+ source, and configuration files.
+
+ "Object" form shall mean any form resulting from mechanical
+ transformation or translation of a Source form, including but
+ not limited to compiled object code, generated documentation,
+ and conversions to other media types.
+
+ "Work" shall mean the work of authorship, whether in Source or
+ Object form, made available under the License, as indicated by a
+ copyright notice that is included in or attached to the work
+ (an example is provided in the Appendix below).
+
+ "Derivative Works" shall mean any work, whether in Source or Object
+ form, that is based on (or derived from) the Work and for which the
+ editorial revisions, annotations, elaborations, or other modifications
+ represent, as a whole, an original work of authorship. For the purposes
+ of this License, Derivative Works shall not include works that remain
+ separable from, or merely link (or bind by name) to the interfaces of,
+ the Work and Derivative Works thereof.
+
+ "Contribution" shall mean any work of authorship, including
+ the original version of the Work and any modifications or additions
+ to that Work or Derivative Works thereof, that is intentionally
+ submitted to Licensor for inclusion in the Work by the copyright owner
+ or by an individual or Legal Entity authorized to submit on behalf of
+ the copyright owner. For the purposes of this definition, "submitted"
+ means any form of electronic, verbal, or written communication sent
+ to the Licensor or its representatives, including but not limited to
+ communication on electronic mailing lists, source code control systems,
+ and issue tracking systems that are managed by, or on behalf of, the
+ Licensor for the purpose of discussing and improving the Work, but
+ excluding communication that is conspicuously marked or otherwise
+ designated in writing by the copyright owner as "Not a Contribution."
+
+ "Contributor" shall mean Licensor and any individual or Legal Entity
+ on behalf of whom a Contribution has been received by Licensor and
+ subsequently incorporated within the Work.
+
+ 2. Grant of Copyright License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ copyright license to reproduce, prepare Derivative Works of,
+ publicly display, publicly perform, sublicense, and distribute the
+ Work and such Derivative Works in Source or Object form.
+
+ 3. Grant of Patent License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ (except as stated in this section) patent license to make, have made,
+ use, offer to sell, sell, import, and otherwise transfer the Work,
+ where such license applies only to those patent claims licensable
+ by such Contributor that are necessarily infringed by their
+ Contribution(s) alone or by combination of their Contribution(s)
+ with the Work to which such Contribution(s) was submitted. If You
+ institute patent litigation against any entity (including a
+ cross-claim or counterclaim in a lawsuit) alleging that the Work
+ or a Contribution incorporated within the Work constitutes direct
+ or contributory patent infringement, then any patent licenses
+ granted to You under this License for that Work shall terminate
+ as of the date such litigation is filed.
+
+ 4. Redistribution. You may reproduce and distribute copies of the
+ Work or Derivative Works thereof in any medium, with or without
+ modifications, and in Source or Object form, provided that You
+ meet the following conditions:
+
+ (a) You must give any other recipients of the Work or
+ Derivative Works a copy of this License; and
+
+ (b) You must cause any modified files to carry prominent notices
+ stating that You changed the files; and
+
+ (c) You must retain, in the Source form of any Derivative Works
+ that You distribute, all copyright, patent, trademark, and
+ attribution notices from the Source form of the Work,
+ excluding those notices that do not pertain to any part of
+ the Derivative Works; and
+
+ (d) If the Work includes a "NOTICE" text file as part of its
+ distribution, then any Derivative Works that You distribute must
+ include a readable copy of the attribution notices contained
+ within such NOTICE file, excluding those notices that do not
+ pertain to any part of the Derivative Works, in at least one
+ of the following places: within a NOTICE text file distributed
+ as part of the Derivative Works; within the Source form or
+ documentation, if provided along with the Derivative Works; or,
+ within a display generated by the Derivative Works, if and
+ wherever such third-party notices normally appear. The contents
+ of the NOTICE file are for informational purposes only and
+ do not modify the License. You may add Your own attribution
+ notices within Derivative Works that You distribute, alongside
+ or as an addendum to the NOTICE text from the Work, provided
+ that such additional attribution notices cannot be construed
+ as modifying the License.
+
+ You may add Your own copyright statement to Your modifications and
+ may provide additional or different license terms and conditions
+ for use, reproduction, or distribution of Your modifications, or
+ for any such Derivative Works as a whole, provided Your use,
+ reproduction, and distribution of the Work otherwise complies with
+ the conditions stated in this License.
+
+ 5. Submission of Contributions. Unless You explicitly state otherwise,
+ any Contribution intentionally submitted for inclusion in the Work
+ by You to the Licensor shall be under the terms and conditions of
+ this License, without any additional terms or conditions.
+ Notwithstanding the above, nothing herein shall supersede or modify
+ the terms of any separate license agreement you may have executed
+ with Licensor regarding such Contributions.
+
+ 6. Trademarks. This License does not grant permission to use the trade
+ names, trademarks, service marks, or product names of the Licensor,
+ except as required for reasonable and customary use in describing the
+ origin of the Work and reproducing the content of the NOTICE file.
+
+ 7. Disclaimer of Warranty. Unless required by applicable law or
+ agreed to in writing, Licensor provides the Work (and each
+ Contributor provides its Contributions) on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ implied, including, without limitation, any warranties or conditions
+ of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+ PARTICULAR PURPOSE. You are solely responsible for determining the
+ appropriateness of using or redistributing the Work and assume any
+ risks associated with Your exercise of permissions under this License.
+
+ 8. Limitation of Liability. In no event and under no legal theory,
+ whether in tort (including negligence), contract, or otherwise,
+ unless required by applicable law (such as deliberate and grossly
+ negligent acts) or agreed to in writing, shall any Contributor be
+ liable to You for damages, including any direct, indirect, special,
+ incidental, or consequential damages of any character arising as a
+ result of this License or out of the use or inability to use the
+ Work (including but not limited to damages for loss of goodwill,
+ work stoppage, computer failure or malfunction, or any and all
+ other commercial damages or losses), even if such Contributor
+ has been advised of the possibility of such damages.
+
+ 9. Accepting Warranty or Additional Liability. While redistributing
+ the Work or Derivative Works thereof, You may choose to offer,
+ and charge a fee for, acceptance of support, warranty, indemnity,
+ or other liability obligations and/or rights consistent with this
+ License. However, in accepting such obligations, You may act only
+ on Your own behalf and on Your sole responsibility, not on behalf
+ of any other Contributor, and only if You agree to indemnify,
+ defend, and hold each Contributor harmless for any liability
+ incurred by, or claims asserted against, such Contributor by reason
+ of your accepting any such warranty or additional liability.
+
+ END OF TERMS AND CONDITIONS
+
+ APPENDIX: How to apply the Apache License to your work.
+
+ To apply the Apache License to your work, attach the following
+ boilerplate notice, with the fields enclosed by brackets "[]"
+ replaced with your own identifying information. (Don't include
+ the brackets!) The text should be enclosed in the appropriate
+ comment syntax for the file format. We also recommend that a
+ file or class name and description of purpose be included on the
+ same "printed page" as the copyright notice for easier
+ identification within third-party archives.
+
+ Copyright [yyyy] [name of copyright owner]
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+ </source>
+ </section>
+ </body>
+</document>
Added: directory/trunks/apacheds/src/site/xdoc/mailing-lists.xml
URL: http://svn.apache.org/viewcvs/directory/trunks/apacheds/src/site/xdoc/mailing-lists.xml?rev=372968&view=auto
==============================================================================
--- directory/trunks/apacheds/src/site/xdoc/mailing-lists.xml (added)
+++ directory/trunks/apacheds/src/site/xdoc/mailing-lists.xml Fri Jan 27 12:11:10 2006
@@ -0,0 +1,41 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<document>
+ <properties>
+ <author email="akarasulu@apache.org">Alex Karasulu</author>
+
+ </properties>
+
+ <body>
+ <section name="Mailing Lists">
+ <p>
+ These are the mailing lists that have been established for the directory
+ project. For each list, there is a subscribe, unsubscribe, and an
+ archive link.
+ </p>
+ <table>
+ <thead>
+ <tr>
+ <th>List Name</th>
+ <th>Subscribe</th>
+ <th>Unsubscribe</th>
+ <th>Archive</th>
+ </tr>
+ </thead>
+ <tbody>
+ <tr>
+ <td>Apache Directory Developement - use [server] prefix</td>
+ <td>
+ <a href="mailto:dev-subscribe@directory.apache.org">Subscribe</a>
+ </td>
+ <td>
+ <a href="mailto:dev-unsubscribe@directory.apache.org">Unsubscribe</a>
+ </td>
+ <td>
+ <a href="http://mail-archives.apache.org/eyebrowse/SummarizeList?listId=181">Archive</a>
+ </td>
+ </tr>
+ </tbody>
+ </table>
+ </section>
+ </body>
+</document>
Added: directory/trunks/apacheds/src/site/xdoc/notices.xml
URL: http://svn.apache.org/viewcvs/directory/trunks/apacheds/src/site/xdoc/notices.xml?rev=372968&view=auto
==============================================================================
--- directory/trunks/apacheds/src/site/xdoc/notices.xml (added)
+++ directory/trunks/apacheds/src/site/xdoc/notices.xml Fri Jan 27 12:11:10 2006
@@ -0,0 +1,18 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<document>
+ <properties>
+ <author email="akarasulu@apache.org">Alex Karasulu</author>
+
+ </properties>
+
+ <body>
+ <section name="Notices">
+ <subsection name="Apache General Notice">
+ <source>
+This product includes software developed by
+The Apache Software Foundation (http://www.apache.org/).
+ </source>
+ </subsection>
+ </section>
+ </body>
+</document>
Added: directory/trunks/apacheds/src/site/xdoc/projects/index.xml
URL: http://svn.apache.org/viewcvs/directory/trunks/apacheds/src/site/xdoc/projects/index.xml?rev=372968&view=auto
==============================================================================
--- directory/trunks/apacheds/src/site/xdoc/projects/index.xml (added)
+++ directory/trunks/apacheds/src/site/xdoc/projects/index.xml Fri Jan 27 12:11:10 2006
@@ -0,0 +1,169 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<document>
+ <properties>
+ <author email="akarasulu@apache.org">Alex Karasulu</author>
+
+ </properties>
+
+ <body>
+ <section name="Server Projects">
+ <p>
+ The server is composed of several sub-projects. Here is the list of
+ server sub-projects with brief definitions:
+ </p>
+
+ <table>
+ <tr>
+ <th>Project</th>
+ <th>Description</th>
+ </tr>
+
+ <tr>
+ <td>
+ core
+ </td>
+ <td>
+ Explain
+ </td>
+ </tr>
+ <tr>
+ <td>
+ shared
+ </td>
+ <td>
+ Explain
+ </td>
+ </tr>
+ <tr>
+ <td>
+ tools
+ </td>
+ <td>
+ Explain
+ </td>
+ </tr>
+ <tr>
+ <td>
+ standalone/simple/jndi
+ </td>
+ <td>
+ Explain
+ </td>
+ </tr>
+ <tr>
+ <td>
+ standalone/simple/main
+ </td>
+ <td>
+ Explain
+ </td>
+ </tr>
+ <tr>
+ <td>
+ standalone/simple/ssl
+ </td>
+ <td>
+ Explain
+ </td>
+ </tr>
+ <tr>
+ <td>
+ standalone/daemon
+ </td>
+ <td>
+ Explain
+ </td>
+ </tr>
+ <tr>
+ <td>
+ protocol-common
+ </td>
+ <td>
+ Explain
+ </td>
+ </tr>
+ <tr>
+ <td>
+ protocols/dhcp
+ </td>
+ <td>
+ Explain
+ </td>
+ </tr>
+ <tr>
+ <td>
+ protocols/changepw
+ </td>
+ <td>
+ Explain
+ </td>
+ </tr>
+ <tr>
+ <td>
+ protocols/ntp
+ </td>
+ <td>
+ Explain
+ </td>
+ </tr>
+ <tr>
+ <td>
+ protocols/ldap
+ </td>
+ <td>
+ Explain
+ </td>
+ </tr>
+ <tr>
+ <td>
+ protocols/dns
+ </td>
+ <td>
+ Explain
+ </td>
+ </tr>
+ <tr>
+ <td>
+ protocols/kerberos
+ </td>
+ <td>
+ Explain
+ </td>
+ </tr>
+ <tr>
+ <td>
+ protocols/kerberos-common
+ </td>
+ <td>
+ Explain
+ </td>
+ </tr>
+ <tr>
+ <td>
+ core-unit
+ </td>
+ <td>
+ Explain
+ </td>
+ </tr>
+ <tr>
+ <td>
+ standalone/simple/unit
+ </td>
+ <td>
+ Explain
+ </td>
+ </tr>
+ <tr>
+ <td>
+ site
+ </td>
+ <td>
+ Explain
+ </td>
+ </tr>
+ </table>
+
+ </section>
+ </body>
+</document>
Added: directory/trunks/apacheds/src/site/xdoc/rfcs/rfc3642.txt.pdf
URL: http://svn.apache.org/viewcvs/directory/trunks/apacheds/src/site/xdoc/rfcs/rfc3642.txt.pdf?rev=372968&view=auto
==============================================================================
Binary file - no diff available.
Propchange: directory/trunks/apacheds/src/site/xdoc/rfcs/rfc3642.txt.pdf
------------------------------------------------------------------------------
svn:mime-type = application/octet-stream
Added: directory/trunks/apacheds/src/site/xdoc/rfcs/rfc3698.txt.pdf
URL: http://svn.apache.org/viewcvs/directory/trunks/apacheds/src/site/xdoc/rfcs/rfc3698.txt.pdf?rev=372968&view=auto
==============================================================================
Binary file - no diff available.
Propchange: directory/trunks/apacheds/src/site/xdoc/rfcs/rfc3698.txt.pdf
------------------------------------------------------------------------------
svn:mime-type = application/octet-stream
Added: directory/trunks/apacheds/src/site/xdoc/roadmap.xml
URL: http://svn.apache.org/viewcvs/directory/trunks/apacheds/src/site/xdoc/roadmap.xml?rev=372968&view=auto
==============================================================================
--- directory/trunks/apacheds/src/site/xdoc/roadmap.xml (added)
+++ directory/trunks/apacheds/src/site/xdoc/roadmap.xml Fri Jan 27 12:11:10 2006
@@ -0,0 +1,30 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<document>
+ <properties>
+ <author email="akarasulu@apache.org">Alex Karasulu</author>
+
+ </properties>
+
+ <body>
+ <section name="Server Roadmap">
+ <p>
+ Until we pull this together in a nice format you can get an
+ idea of what is going on using these alternative sources of info:
+ </p>
+
+ <ul>
+ <li>
+ Look at the JIRA
+ <a href="http://issues.apache.org/jira/secure/BrowseProject.jspa">here
+ </a> for specific tasks.
+ </li>
+ <li>
+ Look at the release info in the WIKI
+ <a href="http://wiki.apache.org/directory/ReleasesHowto">here
+ </a> for high level roadmap.
+ </li>
+ </ul>
+ </section>
+
+ </body>
+</document>
Added: directory/trunks/apacheds/src/site/xdoc/users/acareas.xml
URL: http://svn.apache.org/viewcvs/directory/trunks/apacheds/src/site/xdoc/users/acareas.xml?rev=372968&view=auto
==============================================================================
--- directory/trunks/apacheds/src/site/xdoc/users/acareas.xml (added)
+++ directory/trunks/apacheds/src/site/xdoc/users/acareas.xml Fri Jan 27 12:11:10 2006
@@ -0,0 +1,150 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<document>
+ <properties>
+ <author email="akarasulu">akarasulu</author>
+
+ </properties>
+ <body>
+ <section heading="h1" name="Introduction">
+ <p>
+This guide will show you how to create an Access Control Specific Area and
+Access Control Inner Areas for administering access controls within ApacheDS.
+Basic knowledge of the X.500 administrative model is presumed along with an
+understanding of the Basic Access Control Scheme in X.501. For quick primers
+please take a look at the following
+documentation:</p>
+ <ul nesting="1">
+ <li>
+ <a href="./subentries.html">Subentries</a>
+and the Administrative
+Model
+ </li>
+ <li>
+ <a href="./authorization.html">Authorization</a>
+ </li>
+ </ul>
+ </section>
+ <section heading="h1" name="Creating Access Control Specific Areas (ACSA)">
+ <p>
+An access control specific area is an Autonomous Administrative Area (AAA) for
+managing access control specific aspects of a subtree within the DIT. Like all
+administrative areas, an access control specific area is rooted at a vertex
+entry called the Administrative Point (AP). The ACSA spans down until leaf
+entries are encountered or until another ACSA is encountered. Access control
+specific areas do not
+overlap.</p>
+ <p>
+Under the AP, you can add subentries that contain prescriptiveACI attributes.
+Zero or more subentries can be added, each with one or more prescriptiveACI.
+These subentries apply access control information (ACI) in these prescriptiveACI
+attributes to collections of entries within the
+ACSA.</p>
+ <subsection heading="h2" name="Adding an 'administrativeRole' Attribute">
+ <p>
+An entry becomes an AP when it has an administrativeRole attribute added to it
+with the appropriate
+value
+ <a href="./s.html">s</a>
+. For an ACSA, we need to add the 'accessControlSpecificArea' value to this
+attribute.
+ </p>
+ <p>
+Most of the time users will create partitions in the server and set the root
+context of the partition (its suffix) to be the AP for a ACSA. For example the
+default server.xml for ApacheDS ships with a partition with the suffix,
+'dc=example,dc=com'. We can use this suffix entry as the AP and our ACSA can
+cover all entries under and including
+'dc=example,dc=com'.</p>
+ <p>
+The code below binds to the server as admin ('uid=admin,ou=system') and modifies
+the suffix entry to become an ACSA. Note that we check to make sure the
+attribute does not already exist before attempting the add
+operation.</p>
+ <source> ...
+ // Get a DirContext on the dc=example,dc=com entry
+ Hashtable env = new Hashtable();
+ env.put( "java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory" );
+ env.put( "java.naming.provider.url", "ldap://localhost:389/dc=example,dc=com" );
+ env.put( "java.naming.security.principal", "uid=admin,ou=system" );
+ env.put( "java.naming.security.credentials", "secret" );
+ env.put( "java.naming.security.authentication", "simple" );
+ ctx = new InitialDirContext( env );
+
+ // Lookup the administrativeRole specifically since it is operational
+ Attributes ap = ctx.getAttributes( "", new String[] { "administrativeRole" } );
+ Attribute administrativeRole = ap.get( "administrativeRole" );
+
+ // If it does not exist or has no ACSA value then add the attribute
+ if ( administrativeRole == null || ! administrativeRole.contains( "accessControlSpecificArea" ) )
+ {
+ Attributes changes = new BasicAttributes( "administrativeRole", "accessControlSpecificArea", true );
+ ctx.modifyAttributes( "", DirContext.ADD_ATTRIBUTE, changes );
+ }
+ ...
+</source>
+ <p>
+This simple modification of adding the value 'accessControlSpecificArea' to the
+administrativeRole makes the suffix entry 'dc=example,dc=com' an AP for an
+access control specific area. Now you can add subentries to your heart's content
+which subordinate to the
+AP.</p>
+ </subsection>
+ </section>
+ <section heading="h1" name="Creating an Access Control Inner Administrative Area">
+ <p>
+Creating an inner area involves the same process. In fact the same code can be
+used by changing the value added to the administrativeRole attribute. To create
+the inner area just add 'accessControlInnerArea' for the administrativeRole
+within the AP: same steps, same code, different value for the
+administrativeRole.</p>
+ </section>
+ <section heading="h1" name="Access Control Subentries">
+ <p>
+After creating the access control area you can create subentries that
+subordinate to this AP for managing access to it and anything below. Access
+control subentries are entries with the objectClasses: 'subentry' and
+'accessControlSubentry'. An access control subentry must contain 3 attributes
+other than the obvious objectClass attribute. These required attributes are
+listed
+below:</p>
+ <table>
+ <tr>
+ <th>
+Attribute</th>
+ <th>
+SINGLE-VALUED</th>
+ <th>
+Description</th>
+ </tr>
+ <tr>
+ <td>
+cn</td>
+ <td>
+no</td>
+ <td>
+The name of the subentry used as its
+RDN</td>
+ </tr>
+ <tr>
+ <td>
+subtreeSpecification</td>
+ <td>
+yes</td>
+ <td>
+The specification for the collection of entries the ACI is to be applied
+to.</td>
+ </tr>
+ <tr>
+ <td>
+prescriptiveACI</td>
+ <td>
+no</td>
+ <td>
+The attribute holding the
+ACIItem</td>
+ </tr>
+ </table>
+ </section>
+ </body>
+</document>
Added: directory/trunks/apacheds/src/site/xdoc/users/allowselfpasswordmodify
URL: http://svn.apache.org/viewcvs/directory/trunks/apacheds/src/site/xdoc/users/allowselfpasswordmodify?rev=372968&view=auto
==============================================================================
--- directory/trunks/apacheds/src/site/xdoc/users/allowselfpasswordmodify (added)
+++ directory/trunks/apacheds/src/site/xdoc/users/allowselfpasswordmodify Fri Jan 27 12:11:10 2006
@@ -0,0 +1,58 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<document>
+ <properties>
+ <author email="akarasulu">akarasulu</author>
+ <title>AllowSelfPasswordModify</title>
+ </properties>
+ <body>
+ <source>{
+ identificationTag "allowSelfAccessAndModification",
+ precedence 14,
+ authenticationLevel none,
+ itemOrUserFirst userFirst:
+ {
+ userClasses { thisEntry },
+ userPermissions
+ {
+ { protectedItems {entry}, grantsAndDenials { grantModify, grantBrowse, grantRead } },
+ { protectedItems {allAttributeValues {userPassword}}, grantsAndDenials { grantAdd, grantRemove } }
+ }
+ }
+}
+</source>
+ <section heading="h2" name="Commentary">
+ <p>
+Note that two different user permissions are used to accurately specify self
+access and self modification of the *userPassword* attribute within the entry.
+So with the first userPermission of this ACI a user would be able to read all
+attributes and values within his/her entry. They also have the ability to
+modify the entry but this is moot since they cannot add, remove or replace any
+attributes within their entry. The second user permission completes the picture
+by granting add and remove permissions to all values of userPassword. This
+means the user can replace the
+password.</p>
+ <table>
+ <tr>
+ <th>
+ <img src="http://docs.safehaus.org/images/icons/emoticons/information.png"/>
+ </th>
+ <th>
+ <center>"grantAdd + grantRemove = grantReplace"</center>
+ </th>
+ </tr>
+ <tr>
+ <td/>
+ <td>
+ <p>
+Modify operations either add, remove or replace attributes and their values in
+LDAP. X.500 seems to have overlooked the replace capability. Hence there is no
+such thing as a *grantReplace* permission. However grantAdd and grantDelete on
+an attribute and its values are both required for a replace operation to take
+place.</p>
+ </td>
+ </tr>
+ </table>
+ </section>
+ </body>
+</document>
Added: directory/trunks/apacheds/src/site/xdoc/users/authentication.xml
URL: http://svn.apache.org/viewcvs/directory/trunks/apacheds/src/site/xdoc/users/authentication.xml?rev=372968&view=auto
==============================================================================
--- directory/trunks/apacheds/src/site/xdoc/users/authentication.xml (added)
+++ directory/trunks/apacheds/src/site/xdoc/users/authentication.xml Fri Jan 27 12:11:10 2006
@@ -0,0 +1,249 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<document>
+ <properties>
+ <author email="akarasulu">akarasulu</author>
+
+ </properties>
+ <body>
+ <section heading="h2" name="Server Authentication">
+ <p>
+This page
+describes:</p>
+ <ol nesting="0">
+ <li>
+the status of
+authentication,</li>
+ <li>
+how to bind (authenticate) as the admin superuser after starting the server the
+first
+time,</li>
+ <li>
+adding non-superusers and binding to the directory as
+them,</li>
+ <li>
+how to protect user
+passwords,</li>
+ <li>
+how to disable anonymous
+binds,</li>
+ <li>
+how to customize the server to use different authentication
+mechanisms.</li>
+ </ol>
+ <subsection heading="h3" name="Status">
+ <p>
+Presently the directory server supports only simple authentication and anonymous
+binds while storing passwords in clear text within userPassword attributes in
+user
+entries.</p>
+ <p>
+Within a short while we'll be able to store passwords using the authPassword
+property which uses strong one way hashes for authentication such as MD5 and
+SHA1. These schemes and the schema used are described in detail here
+in
+ <a href="http://www.faqs.org/rfcs/rfc3112.html">RFC 3112</a>
+.
+ </p>
+ </subsection>
+ <subsection heading="h3" name="How to bind as the admin superuser after initial startup?">
+ <p>
+You just downloaded the server and started it up for the first time. Now you're
+wondering how to bind to the server using an LDAP client like jxplorer, gq, or
+ldapbrowser.</p>
+ <p>
+By default the super user or admin account is created when the system partition
+is created under the 'ou=system' naming context. This occurs when the server is
+started for the first time. The admin user can be found under the following
+DN:</p>
+ <source> uid=admin,ou=system
+</source>
+ <p>
+The password is initially set to 'secret'. You definately want to change this
+after starting the server. For the first time you can bind to the server as this
+user with 'secret' as the
+password.</p>
+ <p>
+To change the password for the admin user you'll have to make changes to two
+places. First you'll have to change the password in the directory for the user.
+Second you'll have to change the password in the server.xml configuration file
+for the java.naming.security.credentials
+property.</p>
+ <p>
+If you did not disable anonymous binds by setting the respective property
+(described below), then you can bind anonymously to the server without any
+username or
+password.</p>
+ <p>
+Even when anonymous binds are disabled anonymous users can still bind to the
+RootDSE as required by the protocol to lookup supported SASL mechanisms before
+attempting a bind. Don't worry the RootDSE is read
+only.</p>
+ </subsection>
+ <subsection heading="h3" name="Adding and authenticating normal users">
+ <p>
+By default a user in the server can be just about any entry with a userPassword
+attribute that contains a clear text password. The DN can be anything reachable
+within one of the directory partitions. So if you add a partition to hang off of
+'dc=example,dc=com' then you can add user entries anywhere under this naming
+context or just add user entries under the 'ou=system' naming context. Below is
+an LDIF of a user you can add to the directory as a test
+user.</p>
+ <source>dn: uid=jdoe,ou=users,ou=system
+cn: John Doe
+sn: Doe
+givenname: John
+objectclass: top
+objectclass: person
+objectclass: organizationalPerson
+objectclass: inetOrgPerson
+ou: Human Resources
+ou: People
+l: Las Vegas
+uid: jdoe
+mail: jdoe@apachecon.comm
+telephonenumber: +1 408 555 5555
+facsimiletelephonenumber: +1 408 555 5556
+roomnumber: 4613
+userpassword: test
+</source>
+ <p>
+You can download
+this
+ <a href="./newuser.ldif.html">newuser.ldif</a>
+file and use it to add the user. Below we use the ldapadd OpenLDAP client to
+import the LDIF file presuming the server was started on port 1024 on the
+localhost:
+ </p>
+ <source>ldapadd -a -D "uid=admin,ou=system" -f newuser.ldif -h localhost -p 1024 -x -w secret
+</source>
+ <p>
+You can confirm the add/import by performing a search for the user. This time
+using the OpenLDAP search client you use the following
+command:</p>
+ <source>ldapsearch -D "uid=admin,ou=system" -h localhost -p 1024 -x -w secret -s one
+ -b "ou=users,ou=system" "(uid=jdoe)"
+</source>
+ <p>
+You can start searching the directory using this new user like
+so:</p>
+ <source>ldapsearch -D "uid=jdoe,ou=users,ou=system" -h localhost -p 1024 -x -w test -s one -b "ou=system" "(objectClass=*)"
+</source>
+ </subsection>
+ <subsection heading="h3" name="Protecting user passwords">
+ <p>
+Without access controls enabled userPasswords and user entries are accessible
+and alterable by all: even anonymous users. There are however some minimal
+built-in rules for protecting users and groups within the server without having
+to turn on the ACI
+subsystem.</p>
+ <p>
+Without ACIs the server automatically protects, hides, the admin user from
+everyone but the admin user. Users cannot see other user entries under the
+'ou=users,ou=system' entry. So placing new users there automatically protects
+them. Placing new users anywhere else exposes them. Groups defined using
+groupOfNames or groupOfUniqueNames under the 'ou=groups,ou=system' are also
+protected from access or alteration by anyone other than the admin user. Again
+this protection is not allowed anywhere else but under these
+entries.</p>
+ <p>
+For simple configurations this should provide adequate protection but it lacks
+flexibility. For advanced configurations users should enable the ACI subsystem.
+This however shuts down access to everything by everyone except the admin user
+which bypasses the ACI subsystem. Directory administrators should look at the
+docomentation on how to specify access control information
+here:
+ <a href="./authorization.html">Authorization</a>
+.
+ </p>
+ </subsection>
+ <subsection heading="h3" name="Disabling anonymous binds">
+ <p>
+Anonymous binds come enabled out of the box. So you might want to turn off this
+feature especially if you're not using a version of ApacheDS that is 0.9.3 or
+higher with ACI support. To do so you're going to have to restart the server
+after setting the allowAnonymousAccess property to false in the server.xml
+configuration
+file.</p>
+ </subsection>
+ <subsection heading="h3" name="Using custom authenticators">
+ <p>
+Authenticator SPI provides a way to implement your own authentication mechanism,
+for instance simple mechanism using password encryption such as MD5 or SHA1, or
+SASL mechanism. See the following
+example:</p>
+ <source>import javax.naming.NamingException;
+
+import org.apache.ldap.server.auth.AbstractAuthenticator;
+import org.apache.ldap.server.auth.LdapPrincipal;
+import org.apache.ldap.server.jndi.ServerContext;
+import org.apache.ldap.common.exception.LdapNoPermissionException;
+import org.apache.ldap.common.name.LdapName;
+
+public class MyAuthenticator extends AbstractAuthenticator {
+
+ public MyAuthenticator( )
+ {
+ // create authenticator that will handle "simple" authentication mechanism
+ super( "simple" );
+ }
+
+ public void init() throws NamingException
+ {
+ ...
+ }
+
+ public LdapPrincipal authenticate( ServerContext ctx ) throws NamingException
+ {
+ ...
+
+ // return the authorization id
+ LdapName principalDn = new LdapName( dn );
+ return new LdapPrincipal( principalDn );
+ }
+}
+</source>
+ <p>
+The authenticator class has to extend the
+org.apache.ldap.server.auth.AbstractAuthenticator. This class needs to have a
+no-argument constructor that calls the super() constructor with parameter the
+authentication mechanism it is going to handle. In the above example,
+MyAuthenticator class is going to handle the simple authentication mechanism. To
+implement a SASL mechanism you need to call super() with the name of the SASL
+mechanism, e.g. super( "DIGEST-MD5"
+).</p>
+ <p>
+You can optionally implement the init() method to initialize your authenticator
+class. This will be called when the authenticator is loaded by ApacheDS during
+start-up.</p>
+ <p>
+When a client performs an authentication, ApacheDS will call the authenticate()
+method. You can get the client authentication info from the server context.
+After you authenticate the client, you need to return the authorization id. If
+the authentication fails, you should throw an
+LdapNoPermissionException.</p>
+ <p>
+When there are multiple authenticators registered with the same authentication
+type, ApacheDS will try to use them in the order it was registered. If one fails
+it will use the next one, until it finds one that successfully authenticates the
+client.</p>
+ <p>
+To tell ApacheDS to load your custom authenticators, you need to specify it in
+the server.xml. You can also optionally specify the location of a .properties
+file containing the initialization parameters. See the following
+example:</p>
+ <p>
+EXAMPLE BELOW IS NO LONGER VALID WITH XML
+CONFIGURATION</p>
+ <source>server.authenticators=myauthenticator yourauthenticator
+
+server.authenticator.class.myauthenticator=com.mycompany.MyAuthenticator
+server.authenticator.properties.myauthenticator=myauthenticator.properties
+
+server.authenticator.class.yourauthenticator=com.yourcompany.YourAuthenticator
+server.authenticator.properties.yourauthenticator=yourauthenticator.properties
+</source>
+ </subsection>
+ </section>
+ </body>
+</document>
Added: directory/trunks/apacheds/src/site/xdoc/users/authorization.xml
URL: http://svn.apache.org/viewcvs/directory/trunks/apacheds/src/site/xdoc/users/authorization.xml?rev=372968&view=auto
==============================================================================
--- directory/trunks/apacheds/src/site/xdoc/users/authorization.xml (added)
+++ directory/trunks/apacheds/src/site/xdoc/users/authorization.xml Fri Jan 27 12:11:10 2006
@@ -0,0 +1,232 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<document>
+ <properties>
+ <author email="akarasulu">akarasulu</author>
+
+ </properties>
+ <body>
+ <p>
+ApacheDS uses an adaptation of the X.500 basic access control scheme in
+combination with X.500 subentries to control access to entries and attributes
+within the DIT. This document will show you how to enable the basic access
+control mechanism and how to define access control information to manage access
+to protected
+resources.</p>
+ <section heading="h2" name="Enabling Basic Access Controls">
+ <p>
+By default the access control subsystem is turned off. Once enabled everything
+is tightly locked down. Only the special admin user, '*uid=admin,ou=system*', is
+not affected by permissions. Access to all operations are denied by default
+until enabled using an ACIItem. For this reason enabling basic access controls
+is a configuration
+option.</p>
+ <p>
+To turn on the basic access control mechanism you need to set the
+*accessControlEnabled* property in the configuration to true. This can be set
+programatically on the StartupConfiguration or via the
+server.xml.</p>
+ </section>
+ <section heading="h2" name="Types of ACI (Access Control Information)">
+ <p>
+Three different types of ACI exist. All types use the same specification syntax
+for an ACIITem. These types differ in their placement and manner of use within
+the
+directory.</p>
+ <subsection heading="h3" name="Entry ACI">
+ <p>
+Entry ACI are access controls added to entries to protect that entry
+specifically. Meaning the protoected entry is the entry where the ACI resides.
+When performing an operation on an entry, ApacheDS checks for the presence of
+the multivalued operational attribute, *entryACI*. The values of the entryACI
+attribute contain
+ACIItems.</p>
+ <table>
+ <tr>
+ <td>
+ <img src="http://docs.safehaus.org/images/icons/emoticons/warning.png"/>
+ </td>
+ <td>
+ <p>
+There is one exception to the rule of consulting entryACI attributes within
+ApacheDS: add operations do not consult the entryACI within the entry being
+added. This is a security precaution. If allowed users can arbitrarily add
+entries where they wanted by putting entryACI into the new entry being added.
+This could comprimise the
+DSA.</p>
+ </td>
+ </tr>
+ </table>
+ </subsection>
+ <subsection heading="h3" name="Prescriptive ACI">
+ <p>
+Prescriptive ACI are access controls that are applied to a collection of
+entries, not just to a single entry. Collections of entries are defined by the
+subtreeSpecifications of subentries. Hence prescriptive ACI are added to
+subentries as attributes and are applied by ApacheDS to the entries selected by
+the subentry's subtreeSpecification. ApacheDS uses the *prescriptiveACI*
+multivalued operational attribute within subentries to contain ACIItems that
+apply to the entry
+collection.</p>
+ <p>
+Prescriptive ACI can save much effort when trying to control access to a
+collection of resources. Prescriptive ACI can even be specified to apply access
+controls to entries that do not yet exist within the DIT. They are a very
+powerful mechanism and for this reason they are the prefered mechanism for
+managing access to protected resources. ApacheDS is optimized specifically for
+managing access to collections of entries rather than point entries
+themselves.</p>
+ <p>
+Users should try to avoid entry ACIs whenever possible, and use prescriptive
+ACIs instead. Entry ACIs are more for managing exceptional cases and should not
+be used
+excessively.</p>
+ <table>
+ <tr>
+ <th>
+ <img src="http://docs.safehaus.org/images/icons/emoticons/information.png"/>
+ </th>
+ <th>
+ <center>How it works!</center>
+ </th>
+ </tr>
+ <tr>
+ <td/>
+ <td>
+ <p>
+For every type of LDAP operation ApacheDS checks to see if any access control
+subentries include the protected entry in their collection. The set of
+subentries which include the protected entry are discovered very rapidly by the
+subentry subsystem. The subentry subsystem caches subtreeSpecifications for all
+subentries within the server so inclusion checks are
+fast.</p>
+ <p>
+For each access control subentry in the set, ApacheDS checks within a
+prescriptive ACI cache for ACI tuples. ApacheDS also caches prescriptive ACI
+information in a special form called ACI tuples. This is done so ACIItem parsing
+and conversion to an optimal representations for evaluation is not required at
+access time. This way access based on prescriptive ACIs is determined very
+rapidly.</p>
+ </td>
+ </tr>
+ </table>
+ </subsection>
+ <subsection heading="h3" name="Subentry ACI">
+ <p>
+Access to subentries also needs to be controlled. Subentries are special in
+ApacheDS. Although they subordinate to an administrative entry (entry of an
+Administrative Point), they are technically considered to be in the same context
+as their administrative entry. ApacheDS considers the perscriptive ACI applied
+to the administrative entry, to also apply to its
+subentries.</p>
+ <p>
+This however is not the most intuitive mechanism to use for explicitly
+controlling access to subentries. A more explicit mechanism is used to specify
+ACIs specifically for protecting subentries. ApacheDS uses the multivalued
+operational attribute, *subentryACI*, within administrative entries to control
+access to immediately subordinate
+subentries.</p>
+ <p>
+Protection policies for ACIs themselves can be managed within the entry of an
+administrative
+point.</p>
+ </subsection>
+ </section>
+ <section heading="h2" name="Some Simple Examples">
+ <p>
+The ACIItem syntax is very expressive and that makes it extremely powerful for
+specifying complex access control policies. However the syntax is not very easy
+to grasp for beginners. For this reason we start with simple examples that focus
+on different protection mechanisms offered by the ACIItem syntax. We do this
+instead of specifying the grammar which is not the best way to learn a
+language.</p>
+ <table>
+ <tr>
+ <th>
+ <img src="http://docs.safehaus.org/images/icons/emoticons/forbidden.png"/>
+ </th>
+ <th>
+ <center>Before you go any further...</center>
+ </th>
+ </tr>
+ <tr>
+ <td/>
+ <td>
+ <p>
+Please don't go any further until you have read up on the use
+of
+ <a href="./subentries.html">Subentries</a>
+. Knowledge of subentries, subtreeSpecifications, administrative areas, and
+administrative roles are required to properly digest the following
+matterial.
+ </p>
+ </td>
+ </tr>
+ </table>
+ <p>
+Before going on to these trails you might want to set up an Administrative Area
+for managing access control via prescriptiveACI. Both subentryACI and
+prescriptiveACI require the presence of an Administrative Point entry. For more
+information and code examples
+see
+ <a href="./acareas.html">ACAreas</a>
+.
+ </p>
+ <subsection heading="h3" name="ACI Trails">
+ <p>
+Here are some trails that resemble simple HOWTO guides. They're ordered with
+the most pragmatic usage first. We will add to these trails over
+time.</p>
+ <table>
+ <tr>
+ <th>
+Trail</th>
+ <th>
+Description</th>
+ </tr>
+ <tr>
+ <td>
+ <a href="./enablesearchforallusers.html">EnableSearchForAllUsers</a>
+ </td>
+ <td>
+Enabling access to browse and read all entries and their attributes by
+authenticated
+users.</td>
+ </tr>
+ <tr>
+ <td>
+ <a href="./denysubentryaccess.html">DenySubentryAccess</a>
+ </td>
+ <td>
+Protecting access to subentries
+themselves.</td>
+ </tr>
+ <tr>
+ <td>
+ <a href="./allowselfpasswordmodify.html">AllowSelfPasswordModify</a>
+ </td>
+ <td>
+Granting users the rights needed to change their own
+passwords.</td>
+ </tr>
+ <tr>
+ <td>
+ <a href="./grantadddelmodtogroup.html">GrantAddDelModToGroup</a>
+ </td>
+ <td>
+Granting add, delete, and modify permissions to a group of
+users.</td>
+ </tr>
+ <tr>
+ <td>
+ <a href="./grantmodtoentry.html">GrantModToEntry</a>
+ </td>
+ <td>
+Applying ACI to a single
+entry.</td>
+ </tr>
+ </table>
+ </subsection>
+ </section>
+ </body>
+</document>
Added: directory/trunks/apacheds/src/site/xdoc/users/building.xml
URL: http://svn.apache.org/viewcvs/directory/trunks/apacheds/src/site/xdoc/users/building.xml?rev=372968&view=auto
==============================================================================
--- directory/trunks/apacheds/src/site/xdoc/users/building.xml (added)
+++ directory/trunks/apacheds/src/site/xdoc/users/building.xml Fri Jan 27 12:11:10 2006
@@ -0,0 +1,97 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<document>
+ <properties>
+ <author email="akarasulu">akarasulu</author>
+
+ </properties>
+ <body>
+ <section heading="h2" name="Building and Running the Apache Directory Server">
+ <p>
+All directory projects
+use
+ <a href="http://maven.apache.org">Maven</a>
+as the default build tool. We try to remain current with the production version
+of Maven. As of 12/04 we use Maven 1.0.2 on JDK 1.4 and
+up.
+ </p>
+ <p>
+The multiproject plugin is used to build all the maven projects associated with
+the server. After checking out the server trunk from subversion, cd into it and
+run the following multiproject
+command:</p>
+ <source>maven multiproject:install
+</source>
+ <p>
+Once you've built the server you'll find an executable jar file under the
+main/target directory labeled apacheds-main-$version.jar which can be fired up
+like
+so:</p>
+ <source>java -jar main/target/apacheds-main-$version.jar server.xml
+</source>
+ <p>
+When you start the server without a xml conf file arguement default settings are
+used. It tries to bind to 389 but this non-root user does not have the needed
+priviledges so it tries to bind on the next available port which is 1024. You
+may like a conf file that can be used to override and set server specific
+properties to control its behavoir. Below we use
+the
+ <a href="http://valpithy.notlong.com/">xml configuration</a>
+file that comes preconfigured for Apache under the server/trunk/main
+directory:
+ </p>
+ <source>java -jar main/target/apacheds-main-${version}.jar main/server.xml
+</source>
+ </section>
+ <section heading="h2" name="Apache Directory Server's Maven Modules">
+ <p>
+The server is composed of 4 separate maven projects. These projects are
+summarized
+below:</p>
+ <table>
+ <tr>
+ <th>
+Project</th>
+ <th>
+Summary</th>
+ </tr>
+ <tr>
+ <td>
+core</td>
+ <td>
+The heart of the server which contains the JNDI Provider, interceptors,
+partitions and
+schema.</td>
+ </tr>
+ <tr>
+ <td>
+shared</td>
+ <td>
+Contains shared classes between modules to prevent cyclic
+deps.</td>
+ </tr>
+ <tr>
+ <td>
+plugin</td>
+ <td>
+Contains a maven plugin used while developing with/for the directory
+server.</td>
+ </tr>
+ <tr>
+ <td>
+main</td>
+ <td>
+Contains the ApacheDS application main() along with a special
+InitialContextFactory implemenation that extends the CoreContextFactory which is
+an InitialContextFactory implementation (ICF). This ICF is the
+ServerContextFactory and it initializes MINA adding the LDAP protocol provider
+as well as the other providers for protocols like Kerberos, Change Password,
+NTP, DNS and DHCP. Of course the configuration determines if these protocols are
+started or not. All protocols with the exception of NTP use the core LDAP store
+as their backing store with custom
+schema.</td>
+ </tr>
+ </table>
+ </section>
+ </body>
+</document>
Added: directory/trunks/apacheds/src/site/xdoc/users/collective.xml
URL: http://svn.apache.org/viewcvs/directory/trunks/apacheds/src/site/xdoc/users/collective.xml?rev=372968&view=auto
==============================================================================
--- directory/trunks/apacheds/src/site/xdoc/users/collective.xml (added)
+++ directory/trunks/apacheds/src/site/xdoc/users/collective.xml Fri Jan 27 12:11:10 2006
@@ -0,0 +1,239 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<document>
+ <properties>
+ <author email="akarasulu">akarasulu</author>
+
+ </properties>
+ <body>
+ <section heading="h2" name="Introduction">
+ <p>
+Collective attributes are attributes whose values are shared across a collection
+of entries. It's very common to encounter situations where a bunch of entries
+have the same value for an attribute. Collective attributes for LDAP are defined
+in
+ <a href="http://www.faqs.org/rfcs/rfc3671.html">RFC 3671</a>
+. ApacheDS implements this
+RFC.
+ </p>
+ <subsection heading="h3" name="Use Case">
+ <p>
+For example one might organize everyone in an engineering department under an
+ou, 'ou=engineering'. If the engineering team is located in the same area and
+building then several attributes in each user entry within engineering will have
+the same value. An example of such an attribute would be the locale. If
+engineering is located in Sunnyvale CA then all locale attributes of entries
+under 'ou=engineering' would be set to
+Sunnyvale.</p>
+ <p>
+Rather than manage the value for this attribute in each entry a single
+collective attribute can be used in a subentry. Changes to the value of this
+attribute would immediately be reflected to those entries selected by the
+subtreeSpecification of subentry. For more information on specifying subtrees
+take
+at
+ <a href="./subentries.html">Subentries</a>
+.
+ </p>
+ </subsection>
+ </section>
+ <section heading="h2" name="Setting up a Collective Attribute Administration Area (AA)">
+ <p>
+To manage collective attributes for a collection of entries you must add
+collective subentries to the Administrative Point (AP) of the collective AA. For
+more information on AAs
+see
+ <a href="./subentries.html">Subentries</a>
+. These collective subentries must have the objectClass subentry as well as
+collectiveAttributeSubentry. Also the AP, of the AA, must have an
+administrativeRole value of collectiveAttributeSpecificArea (2.5.23.5) or
+collectiveAttributeInnerArea
+(2.5.23.6).
+ </p>
+ <subsection heading="h3" name="Example">
+ <p>
+For the use case above we can presume a partition at the namingContext
+'dc=example,dc=com' with an 'ou=engineering' entry below containing users from
+the engineering team in Sunnyvale. Let's presume no AA has yet been defined so
+we have to create one. We'll set the partition root 'dc=example,dc=com' as the
+AP of an AA that spans the entire subtree. For this simple example the AA will
+be autonomous for the collective aspect. Setting this up is just a matter of
+modifying the 'dc=example,dc=com' entry so it contains the operational attribute
+administrativeRole with the value collectiveAttributeSpecificArea. The code
+below sets up this AAA for collective attribute
+administration.</p>
+ <source> // Get a DirContext on the dc=example,dc=com entry
+ Hashtable env = new Hashtable();
+ env.put( "java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory" );
+ env.put( "java.naming.provider.url", "ldap://localhost:" + port + "/dc=example,dc=com" );
+ env.put( "java.naming.security.principal", "uid=admin,ou=system" );
+ env.put( "java.naming.security.credentials", "secret" );
+ env.put( "java.naming.security.authentication", "simple" );
+ ctx = new InitialDirContext( env );
+
+ // Modify the entry to make it an AAA for collective attribute administration
+ Attributes mods = new BasicAttributes( "administrativeRole", "collectiveAttributeSpecificArea", true );
+ ctx.modifyAttributes( "", DirContext.ADD_ATTRIBUTE, mods );
+</source>
+ <p>
+Now 'dc=example,dc=com' is the AP for a collective attribute AAA that spans the
+entire subtree under and including it down to every leaf entry. All that remains
+is the addition of the subentry with the collective attributes we want included
+in the entries of all engineering users. Here's what the LDIF would look like
+for this subentry given that its commonName is
+'engineeringLocale'.</p>
+ <source>dn: cn=engineeringLocale,dc=example,dc=com
+objectClass: top
+objectClass: subentry
+objectClass: collectiveAttributeSubentry
+cn: engineeringLocale
+c-l: Sunnyvale
+subtreeSpecification: {base "ou=engineering", minimum 4}
+</source>
+ <p>
+A couple points regarding this subentry's
+LDIF:</p>
+ <ol nesting="0">
+ <li>
+It subordinates to the AP
+('dc=example,dc=com')</li>
+ <li>
+It contains the objectClasses: subentry and
+collectiveAttributeSubentry</li>
+ <li>
+It contains the collective version of locale (l):
+c-l</li>
+ <li>
+Its subtreeSpecification excludes entries whose number of DN name components is
+is less than
+4</li>
+ </ol>
+ <p>
+Note that the minimum value of 4 is used in the subtreeSpecification to make
+sure that the entry 'ou=engineering,dc=example,dc=com' does not have c-l:
+Sunnyvale added to it. It's got 3 components to the DN so minimum 4 chops it out
+of the
+collection.</p>
+ </subsection>
+ </section>
+ <section heading="h2" name="Collective Attribute Types">
+ <p>
+As one can see from the example above, special collective attributes are used
+for regular attributes: c-l for l. These attributes are derived from the
+original attribute and are marked as COLLECTIVE. RFC 3671 defines a bunch of
+these which are listed below. If you don't find what you're looking for just add
+it to your own schema using this
+pattern.</p>
+ <p>
+We have included this list from RFC 3671 into the collective.schema which comes
+standard with
+ApacheDS.</p>
+ <source>3.1. Collective Locality Name
+
+ The c-l attribute type specifies a locality name for a collection of
+ entries.
+
+ ( 2.5.4.7.1 NAME 'c-l'
+ SUP l COLLECTIVE )
+
+3.2. Collective State or Province Name
+
+ The c-st attribute type specifies a state or province name for a
+ collection of entries.
+
+ ( 2.5.4.8.1 NAME 'c-st'
+ SUP st COLLECTIVE )
+
+3.3. Collective Street Address
+
+ The c-street attribute type specifies a street address for a
+ collection of entries.
+
+ ( 2.5.4.9.1 NAME 'c-street'
+ SUP street COLLECTIVE )
+
+3.4. Collective Organization Name
+
+ The c-o attribute type specifies an organization name for a
+ collection of entries.
+
+ ( 2.5.4.10.1 NAME 'c-o'
+ SUP o COLLECTIVE )
+
+3.5. Collective Organizational Unit Name
+
+ The c-ou attribute type specifies an organizational unit name for a
+ collection of entries.
+
+ ( 2.5.4.11.1 NAME 'c-ou'
+ SUP ou COLLECTIVE )
+
+3.6. Collective Postal Address
+
+ The c-PostalAddress attribute type specifies a postal address for a
+ collection of entries.
+
+ ( 2.5.4.16.1 NAME 'c-PostalAddress'
+ SUP postalAddress COLLECTIVE )
+
+3.7. Collective Postal Code
+
+ The c-PostalCode attribute type specifies a postal code for a
+ collection of entries.
+
+ ( 2.5.4.17.1 NAME 'c-PostalCode'
+ SUP postalCode COLLECTIVE )
+
+3.8. Collective Post Office Box
+
+ The c-PostOfficeBox attribute type specifies a post office box for a
+ collection of entries.
+
+ ( 2.5.4.18.1 NAME 'c-PostOfficeBox'
+ SUP postOfficeBox COLLECTIVE )
+
+3.9. Collective Physical Delivery Office Name
+
+ The c-PhysicalDeliveryOfficeName attribute type specifies a physical
+ delivery office name for a collection of entries.
+
+ ( 2.5.4.19.1 NAME 'c-PhysicalDeliveryOfficeName'
+ SUP physicalDeliveryOfficeName COLLECTIVE )
+
+3.10. Collective Telephone Number
+
+ The c-TelephoneNumber attribute type specifies a telephone number for
+ a collection of entries.
+
+ ( 2.5.4.20.1 NAME 'c-TelephoneNumber'
+ SUP telephoneNumber COLLECTIVE )
+
+3.11. Collective Telex Number
+
+ The c-TelexNumber attribute type specifies a telex number for a
+ collection of entries.
+
+ ( 2.5.4.21.1 NAME 'c-TelexNumber'
+ SUP telexNumber COLLECTIVE )
+
+3.13. Collective Facsimile Telephone Number
+
+ The c-FacsimileTelephoneNumber attribute type specifies a facsimile
+ telephone number for a collection of entries.
+
+ ( 2.5.4.23.1 NAME 'c-FacsimileTelephoneNumber'
+
+ SUP facsimileTelephoneNumber COLLECTIVE )
+
+3.14. Collective International ISDN Number
+
+ The c-InternationalISDNNumber attribute type specifies an
+ international ISDN number for a collection of entries.
+
+ ( 2.5.4.25.1 NAME 'c-InternationalISDNNumber'
+ SUP internationalISDNNumber COLLECTIVE )
+
+</source>
+ </section>
+ </body>
+</document>
Added: directory/trunks/apacheds/src/site/xdoc/users/configuration.xml
URL: http://svn.apache.org/viewcvs/directory/trunks/apacheds/src/site/xdoc/users/configuration.xml?rev=372968&view=auto
==============================================================================
--- directory/trunks/apacheds/src/site/xdoc/users/configuration.xml (added)
+++ directory/trunks/apacheds/src/site/xdoc/users/configuration.xml Fri Jan 27 12:11:10 2006
@@ -0,0 +1,258 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<document>
+ <properties>
+ <author email="trustin">trustin</author>
+
+ </properties>
+ <body>
+ <p>
+The Apache Directory team introduced new configuration interface of ApacheDS
+from the version 0.9.1. This page introduces
+it.</p>
+ <section heading="h1" name="The Configuration API">
+ <p>
+ApacheDS provides its configuration API in the
+org.apache.ldap.server.configuration package. This package contains concrete
+configuration instruction classes that you can instantiate and specify in your
+JNDI environment variable. To put your configuration instruction class into the
+JNDI environment
+variable:</p>
+ <source>Properties env = new Properties();
+env.setProperty( Context.INITIAL_CONTEXT_FACTORY, CoreContextFactory.class.getName() );
+...
+
+// Create a configuration instruction.
+Configuration cfg = new MutableStartupConfiguration();
+...
+
+// Put the configuration instruction to the environment variable.
+env.putAll( cfg.toJndiEnvironment() );
+
+// Execute the instruction you've specified.
+new InitialContext( env );
+</source>
+ <p>
+Now let's find out what kind of instruction you can give to
+ApacheDS.</p>
+ <subsection heading="h2" name="StartupConfiguration">
+ <p>
+This instruction starts up the ApacheDS if it is not started. Here's the list of
+known
+properties:</p>
+ <ul nesting="1">
+ <li>
+authenticatorConfigurations - a collection of AuthenticatorConfigurations.
+AuthenticatorConfiguration specifies Authenticators that authenticate a user who
+accesses the ApacheDS DIT. (Default: <all default
+authenticators>)</li>
+ <li>
+bootstrapSchemas - a set of BootstrapSchemas which are loaded at the first time
+ApacheDS starts up (Default: <all default
+schemas>)</li>
+ <li>
+contextPartitionConfigurations - A collection of ContextPartitionConfigurations.
+ContextPartitionConfiguration specified ContextPartitions that consist the
+ApacheDS DIT. (Default: no context partitions except system
+partition)</li>
+ <li>
+accessControl - Set to true if you want to enable access control support of the
+ApacheDS. (Default:
+false)</li>
+ <li>
+allowAnonymousAccess - Set to true if you want to enable anonymous access.
+(Default:
+true)</li>
+ <li>
+interceptorConfigurations - a list of InterceptorConfigurations which will
+configure the initial interceptor chain of the ApacheDS (Default: <all default
+interceptors>)</li>
+ <li>
+testEntries - a list of javax.naming.directory.Attributes which will be added to
+the DIT while the ApacheDS is started up (Default: no test
+entries)</li>
+ <li>
+workingDirectory - a working directory the content of DIT will be stored to
+(Default:
+./server-work/)</li>
+ </ul>
+ <p>
+You don't need to specify any properties because all properties have the
+default. Please use MutableStartupConfiguration to modify any properties
+above.</p>
+ </subsection>
+ <subsection heading="h2" name="ShutdownConfiguration">
+ <p>
+This instruction shuts down the ApacheDS if it is not already shut down. There's
+no property to
+configure.</p>
+ </subsection>
+ <subsection heading="h2" name="SyncConfiguration">
+ <p>
+This instruction flushes out any I/O buffer or write cache. There's no property
+to
+configure.</p>
+ </subsection>
+ <subsection heading="h2" name="AddContextPartitionConfiguration">
+ <p>
+This instruction adds a new context partition on-the-fly while the ApacheDS is
+running. There is only one property, 'contextPartitionConfiguration'. You can
+specify an appropriate ContextPartitionConfiguration to plug a context partition
+into the
+ApacheDS.</p>
+ </subsection>
+ <subsection heading="h2" name="RemoveContextPartitionConfiguration">
+ <p>
+This instruction removes an existing context partition on-the-fly while the
+ApacheDS is running. There is only one property, 'suffix'. You can specify the
+suffix of the partition you want to remove from the
+ApacheDS.</p>
+ </subsection>
+ <subsection heading="h2" name="Running and Choosing Multiple Instances">
+ <p>
+You can run multiple instances of ApacheDS by specifying {{instanceId}} to all
+Configuration instructions. InstanceId can be specified as a constructor
+parameter. Please take a look at the API documentation (JavaDoc) for more
+details.</p>
+ <source>// Create a configuration instruction that affects an ApacheDS instance 'instance4'.
+Configuration cfg = new MutableStartupConfiguration( "instance4" );
+...
+
+// Put the configuration instruction to the environment variable.
+env.putAll( cfg.toJndiEnvironment() );
+
+// Execute the instruction you've specified for an ApacheDS instance 'instance4'.
+new InitialContext( env );
+</source>
+ </subsection>
+ </section>
+ <section heading="h1" name="Using Spring Framework">
+ <p>
+The configuration API is designed to fit tightly
+with
+ <a href="http://www.springframework.org/">Spring Framework</a>
+. Here is an example beans xml
+file:
+ </p>
+ <source><?xml version="1.0" encoding="UTF-8"?>
+
+<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN"
+ "http://www.springframework.org/dtd/spring-beans.dtd">
+
+<beans>
+ <!-- JNDI environment variable -->
+ <bean id="environment" class="org.springframework.beans.factory.config.PropertiesFactoryBean">
+ <property name="properties">
+ <props>
+ <prop key="asn.1.berlib.provider">org.apache.ldap.common.berlib.asn1.SnickersProvider</prop>
+ <!--prop key="asn.1.berlib.provider">org.apache.ldap.common.TwixProvider</prop-->
+ <prop key="java.naming.security.authentication">simple</prop>
+ <prop key="java.naming.security.principal">uid=admin,ou=system</prop>
+ <prop key="java.naming.security.credentials">secret</prop>
+ <prop key="java.naming.ldap.attributes.binary">
+ photo personalSignature audio jpegPhoto javaSerializedData userPassword
+ userCertificate cACertificate authorityRevocationList certificateRevocationList
+ crossCertificatePair x500UniqueIdentifier krb5Key
+ </prop>
+ </props>
+ </property>
+ </bean>
+
+ <!-- StartupConfiguration to start ApacheDS -->
+ <bean id="configuration" class="org.apache.ldap.server.configuration.MutableServerStartupConfiguration">
+ <property name="workingDirectory"><value>apache.org</value></property>
+ <property name="allowAnonymousAccess"><value>false</value></property>
+ <property name="accessControlEnabled"><value>false</value></property>
+ <property name="ldapPort"><value>10389</value></property>
+ <property name="contextPartitionConfigurations">
+ <set>
+ <ref bean="apachePartitionConfiguration"/>
+ </set>
+ </property>
+
+ <!-- Bootstrap schemas -->
+ <property name="bootstrapSchemas">
+ <set>
+ <bean class="org.apache.ldap.server.schema.bootstrap.AutofsSchema"/>
+ <bean class="org.apache.ldap.server.schema.bootstrap.CorbaSchema"/>
+ <bean class="org.apache.ldap.server.schema.bootstrap.CoreSchema"/>
+
+ ......
+
+ </set>
+ </property>
+
+ <!-- Interceptor configurations -->
+ <property name="interceptorConfigurations">
+ <list>
+ <bean class="org.apache.ldap.server.configuration.MutableInterceptorConfiguration">
+ <property name="name"><value>normalizationService</value></property>
+ <property name="interceptor">
+ <bean class="org.apache.ldap.server.normalization.NormalizationService" />
+ </property>
+ </bean>
+ <bean class="org.apache.ldap.server.configuration.MutableInterceptorConfiguration">
+ <property name="name"><value>authenticationService</value></property>
+ <property name="interceptor">
+ <bean class="org.apache.ldap.server.authn.AuthenticationService" />
+ </property>
+ </bean>
+
+ ......
+
+ </list>
+ </property>
+ </bean>
+
+ <!-- Additional ContextPartitionConfiguration -->
+ <bean id="apachePartitionConfiguration" class="org.apache.ldap.server.configuration.MutableContextPartitionConfiguration">
+ <property name="name"><value>apache</value></property>
+ <property name="suffix"><value>dc=apache,dc=org</value></property>
+ <property name="indexedAttributes">
+ <set>
+ <value>objectClass</value>
+ <value>ou</value>
+ <value>uid</value>
+ </set>
+ </property>
+ <property name="contextEntry">
+ <value>
+ objectClass: top
+ objectClass: domain
+ objectClass: extensibleObject
+ dc: apache
+ </value>
+ </property>
+ </bean>
+
+ <!-- Custom editors required to launch ApacheDS -->
+ <bean class="org.springframework.beans.factory.config.CustomEditorConfigurer">
+ <property name="customEditors">
+ <map>
+ <entry key="javax.naming.directory.Attributes">
+ <bean class="org.apache.ldap.server.configuration.AttributesPropertyEditor"/>
+ </entry>
+ </map>
+ </property>
+ </bean>
+</beans>
+</source>
+ <p>
+With the XML file above, you can start up the ApacheDS with this
+code:</p>
+ <source>Properties env;
+ServerStartupConfiguration cfg;
+
+ApplicationContext factory = new FileSystemXmlApplicationContext( args[0] );
+cfg = ( StartupConfiguration ) factory.getBean( "configuration" );
+env = ( Properties ) factory.getBean( "environment" );
+
+env.setProperty( Context.PROVIDER_URL, "" );
+env.setProperty( Context.INITIAL_CONTEXT_FACTORY, CoreContextFactory.class.getName() );
+env.putAll( cfg.toJndiEnvironment() );
+
+new InitialDirContext( env );
+</source>
+ </section>
+ </body>
+</document>
Added: directory/trunks/apacheds/src/site/xdoc/users/denysubentryaccess.xml
URL: http://svn.apache.org/viewcvs/directory/trunks/apacheds/src/site/xdoc/users/denysubentryaccess.xml?rev=372968&view=auto
==============================================================================
--- directory/trunks/apacheds/src/site/xdoc/users/denysubentryaccess.xml (added)
+++ directory/trunks/apacheds/src/site/xdoc/users/denysubentryaccess.xml Fri Jan 27 12:11:10 2006
@@ -0,0 +1,11 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<document>
+ <properties>
+ <author email="akarasulu">akarasulu</author>
+
+ </properties>
+ <body>
+ <section heading="h1" name="Coming soon ..."/>
+ </body>
+</document>
Added: directory/trunks/apacheds/src/site/xdoc/users/deploying.xml
URL: http://svn.apache.org/viewcvs/directory/trunks/apacheds/src/site/xdoc/users/deploying.xml?rev=372968&view=auto
==============================================================================
--- directory/trunks/apacheds/src/site/xdoc/users/deploying.xml (added)
+++ directory/trunks/apacheds/src/site/xdoc/users/deploying.xml Fri Jan 27 12:11:10 2006
@@ -0,0 +1,30 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<document>
+ <properties>
+ <author email="akarasulu@apache.org">Alex Karasulu</author>
+
+ </properties>
+
+ <body>
+ <section name="TODO">
+ <ul>
+ <li>
+ Figure out what deployment will take but this is way out there.
+ </li>
+
+ <li>
+ Perhaps there will be some deployment tools we can build to help
+ configure server components as the server is deployed along with
+ an installer.
+ </li>
+ </ul>
+ </section>
+
+ <section name="Deploying the Server">
+ <p>
+ Coming later ...
+ </p>
+ </section>
+
+ </body>
+</document>