You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@directory.apache.org by David Jencks <da...@yahoo.com> on 2007/08/29 01:29:37 UTC
Initializing ldap "applications"
I'm wondering what the recommended method for initializing ldap
applications is. I've been working with my copy of triplesec and
after the new improved integrity constraints in apacheds trunk it
turns out that an "entry" ldif file no longer works: the
dc=example,dc=com "root" needs modification via:
dn: dc=example,dc=com
changetype: modify
add: administrativeRole
administrativeRole: accessControlSpecificArea
before the aci entries can be installed. This creates a problem
trying to load stuff using the LdifFileLoader or the ldifDirectory
feature of the StartupConfiguration.
Currently the LdifFileLoader skips all non-entry content in an .ldif
file. It's easy to modify it so it will process all legal stuff in
an ldif file (i.e. modifications) (I've done this locally) but on IRC
elecharny didn't seem to think this was a good idea.
So, what can I do to set up the basic structure triplesec needs to
work? I need this both for tests and for actually installing a
working system. An "installer" based approach isn't going to be very
useful since I anticipate a major use of triplesec being embedded in
application servers.
thanks
david jencks
Re: Initializing ldap "applications"
Posted by Chris Custine <cc...@apache.org>.
Hi David,
I am running into the exact same problem and I think we have had countless
questions about ldif loading similar to this on the mailing list in the past
couple of months. It is clear that this will become a major issue so we
will definitely need to address this. I will go ahead and create a Jira
issue for it and I will give it a generic subject to improve ldif loading in
general.
Chris
On 8/28/07, David Jencks <da...@yahoo.com> wrote:
>
> I'm wondering what the recommended method for initializing ldap
> applications is. I've been working with my copy of triplesec and
> after the new improved integrity constraints in apacheds trunk it
> turns out that an "entry" ldif file no longer works: the
> dc=example,dc=com "root" needs modification via:
>
> dn: dc=example,dc=com
> changetype: modify
> add: administrativeRole
> administrativeRole: accessControlSpecificArea
>
> before the aci entries can be installed. This creates a problem
> trying to load stuff using the LdifFileLoader or the ldifDirectory
> feature of the StartupConfiguration.
>
> Currently the LdifFileLoader skips all non-entry content in an .ldif
> file. It's easy to modify it so it will process all legal stuff in
> an ldif file (i.e. modifications) (I've done this locally) but on IRC
> elecharny didn't seem to think this was a good idea.
>
> So, what can I do to set up the basic structure triplesec needs to
> work? I need this both for tests and for actually installing a
> working system. An "installer" based approach isn't going to be very
> useful since I anticipate a major use of triplesec being embedded in
> application servers.
>
> thanks
> david jencks
>
>
Re: Initializing ldap "applications"
Posted by Emmanuel Lecharny <el...@gmail.com>.
Hi David,
sorry for the late answer (release ...)
Could you fill a JIRA so that we don't forget to give you an
appropriate answer, or to start a thread of discussion which will
remain on top of a list of know problems?
I'm afraid that if you don't do that, such questions will get totally
lost in the dev ML :(
Emmanuel
On 8/29/07, David Jencks <da...@yahoo.com> wrote:
> I'm wondering what the recommended method for initializing ldap
> applications is. I've been working with my copy of triplesec and
> after the new improved integrity constraints in apacheds trunk it
> turns out that an "entry" ldif file no longer works: the
> dc=example,dc=com "root" needs modification via:
>
> dn: dc=example,dc=com
> changetype: modify
> add: administrativeRole
> administrativeRole: accessControlSpecificArea
>
> before the aci entries can be installed. This creates a problem
> trying to load stuff using the LdifFileLoader or the ldifDirectory
> feature of the StartupConfiguration.
>
> Currently the LdifFileLoader skips all non-entry content in an .ldif
> file. It's easy to modify it so it will process all legal stuff in
> an ldif file (i.e. modifications) (I've done this locally) but on IRC
> elecharny didn't seem to think this was a good idea.
>
> So, what can I do to set up the basic structure triplesec needs to
> work? I need this both for tests and for actually installing a
> working system. An "installer" based approach isn't going to be very
> useful since I anticipate a major use of triplesec being embedded in
> application servers.
>
> thanks
> david jencks
>
>
--
Regards,
Cordialement,
Emmanuel Lécharny
www.iktek.com