You are viewing a plain text version of this content. The canonical link for it is here.
Posted to slide-dev@jakarta.apache.org by ma...@apache.org on 2004/08/10 23:07:23 UTC
cvs commit: jakarta-slide/src/conf/webapp JNDI-Domain.xml
masonjm 2004/08/10 14:07:23
Modified: src/conf/webapp JNDI-Domain.xml
Log:
Some cleanup and minor config changes
Revision Changes Path
1.3 +79 -156 jakarta-slide/src/conf/webapp/JNDI-Domain.xml
Index: JNDI-Domain.xml
===================================================================
RCS file: /home/cvs/jakarta-slide/src/conf/webapp/JNDI-Domain.xml,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- JNDI-Domain.xml 24 Jun 2004 14:00:52 -0000 1.2
+++ JNDI-Domain.xml 10 Aug 2004 21:07:23 -0000 1.3
@@ -2,13 +2,11 @@
<slide>
<namespace name="slide">
<definition>
- <!-- Use the Tx Stores for the main store. JNDIPrincipalStore
-*cannot* do this -->
+ <!-- Use the Tx Stores for the main store. JNDIPrincipalStore *cannot* do this -->
<store name="main">
- <nodestore
- classname="org.apache.slide.store.txfile.TxXMLFileDescriptorsStore">
- <parameter name="rootpath">main/store/metadata</parameter>
- <parameter name="workpath">main/work/metadata</parameter>
+ <nodestore classname="org.apache.slide.store.txfile.TxXMLFileDescriptorsStore">
+ <parameter name="rootpath">store/metadata</parameter>
+ <parameter name="workpath">work/metadata</parameter>
</nodestore>
<securitystore>
<reference store="nodestore"/>
@@ -22,43 +20,34 @@
<revisiondescriptorstore>
<reference store="nodestore"/>
</revisiondescriptorstore>
- <contentstore
- classname="org.apache.slide.store.txfile.TxFileContentStore">
- <parameter name="rootpath">main/store/content</parameter>
- <parameter name="workpath">main/work/content</parameter>
+ <contentstore classname="org.apache.slide.store.txfile.TxFileContentStore">
+ <parameter name="rootpath">store/content</parameter>
+ <parameter name="workpath">work/content</parameter>
</contentstore>
</store>
<!-- Use a JNDIPrincipalStore to for users -->
<store name="users">
- <nodestore
- classname="org.apache.slide.store.txjndi.JNDIPrincipalStore"
- >
+ <nodestore classname="org.apache.slide.store.txjndi.JNDIPrincipalStore">
+ <!-- See javadoc for JNDIPrincipalStore for description of parameters -->
+ <parameter name="cache.refresh.checkrate">15</parameter>
+ <parameter name="cache.refresh.rate">600</parameter>
+ <parameter name="cache.refresh.threshold">500</parameter>
<parameter name="jndi.container">ou=XXXXXX,o=XXXXXXXX</parameter>
<parameter name="jndi.attributes.rdn">uid</parameter>
- <parameter name="jndi.search.filter">
- (objectClass=inetOrgPerson)</parameter>
+ <parameter name="jndi.search.filter">(objectClass=inetOrgPerson)</parameter>
<parameter name="jndi.search.scope">ONELEVEL_SCOPE</parameter>
- <parameter name="jndi.search.attributes">
- postalCode,initials,givenName,uid,mail,fullName,telephoneNumber,title,facsimileTelephoneNumber,groupMembership,l,sn,cn</parameter>
- <parameter name="java.naming.provider.url">
- ldap://xxxxxxxxxxxxxxxx</parameter>
- <parameter name="java.naming.factory.initial">
- com.sun.jndi.ldap.LdapCtxFactory</parameter>
- <parameter name="java.naming.security.principal">
- xxxxxxxxxxxxxxxx</parameter>
+ <parameter name="jndi.search.attributes">postalCode,initials,givenName,uid,mail,fullName,telephoneNumber,title,facsimileTelephoneNumber,groupMembership,l,sn,cn</parameter>
+ <parameter name="java.naming.provider.url">ldap://xxxxxxxxxxxxxxxx</parameter>
+ <parameter name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory</parameter>
+ <parameter name="java.naming.security.principal">xxxxxxxxxxxxxxxx</parameter>
<parameter name="java.naming.security.authentication">simple</parameter>
- <parameter name="java.naming.security.credentials">
- xxxxxxxxxxxxxxxxxx</parameter>
+ <parameter name="java.naming.security.credentials">xxxxxxxxxxxxxxxxxx</parameter>
</nodestore>
- <!-- Use a Tx Store to store security and lock information -->
- <securitystore
- classname="org.apache.slide.store.txfile.TxXMLFileDescriptorsStore"
- >
- <parameter name="rootpath">users/store/metadata</parameter>
- <parameter name="workpath">users/work/metadata</parameter>
+ <securitystore>
+ <reference store="nodestore"/>
</securitystore>
<lockstore>
- <reference store="securitystore"/>
+ <reference store="nodestore"/>
</lockstore>
<revisiondescriptorsstore>
<reference store="nodestore"/>
@@ -72,37 +61,28 @@
</store>
<!-- Use a JNDIPrincipalStore for roles -->
<store name="roles">
- <nodestore
- classname="org.apache.slide.store.txjndi.JNDIPrincipalStore"
- >
- <parameter name="jndi.container">
- ou=XXXXX,ou=XXXXX,o=XXXXXXXXX</parameter>
+ <nodestore classname="org.apache.slide.store.txjndi.JNDIPrincipalStore">
+ <!-- See javadoc for JNDIPrincipalStore for description of parameters -->
+ <parameter name="cache.refresh.checkrate">15</parameter>
+ <parameter name="cache.refresh.rate">600</parameter>
+ <parameter name="cache.refresh.threshold">500</parameter>
+ <parameter name="jndi.container">ou=XXXXX,ou=XXXXX,o=XXXXXXXXX</parameter>
<parameter name="jndi.attributes.rdn">cn</parameter>
- <parameter name="jndi.attributes.groupmemberset">
- uniqueMember</parameter>
- <parameter name="jndi.search.filter">
- objectClass=groupOfNames</parameter>
+ <parameter name="jndi.attributes.groupmemberset">uniqueMember</parameter>
+ <parameter name="jndi.search.filter">objectClass=groupOfNames</parameter>
<parameter name="jndi.search.scope">ONELEVEL_SCOPE</parameter>
<parameter name="jndi.search.attributes">cn</parameter>
- <parameter name="java.naming.provider.url">
- ldap://xxxxxxxxxxxxxx</parameter>
- <parameter name="java.naming.factory.initial">
- com.sun.jndi.ldap.LdapCtxFactory</parameter>
- <parameter name="java.naming.security.principal">
- xxxxxxxxxxxxxxxxxx</parameter>
+ <parameter name="java.naming.provider.url">ldap://xxxxxxxxxxxxxx</parameter>
+ <parameter name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory</parameter>
+ <parameter name="java.naming.security.principal">xxxxxxxxxxxxxxxxxx</parameter>
<parameter name="java.naming.security.authentication">simple</parameter>
- <parameter name="java.naming.security.credentials">
- xxxxxxxxxxxxxxxx</parameter>
+ <parameter name="java.naming.security.credentials">xxxxxxxxxxxxxxxx</parameter>
</nodestore>
- <!-- Use a Tx Store to store security and lock information -->
- <securitystore
- classname="org.apache.slide.store.txfile.TxXMLFileDescriptorsStore"
- >
- <parameter name="rootpath">roles/store/metadata</parameter>
- <parameter name="workpath">roles/work/metadata</parameter>
+ <securitystore>
+ <reference store="nodestore"/>
</securitystore>
<lockstore>
- <reference store="securitystore"/>
+ <reference store="nodestore"/>
</lockstore>
<revisiondescriptorsstore>
<reference store="nodestore"/>
@@ -150,153 +130,96 @@
<parameter name="nested_roles_maxdepth">0</parameter>
</configuration>
<data>
- <objectnode classname="org.apache.slide.structure.SubjectNode"
- uri="/">
+ <objectnode classname="org.apache.slide.structure.SubjectNode" uri="/">
<!-- Make sure the subject here is a valid LDAP group -->
- <permission action="all" subject="/roles/connect users"
- inheritable="true"/>
- <permission action="/actions/read-acl" subject="all"
- inheritable="true" negative="true"/>
- <permission action="/actions/write-acl" subject="all"
- inheritable="true" negative="true"/>
- <permission action="/actions/unlock" subject="all"
- inheritable="true" negative="true"/>
- <permission action="/actions/read" subject="all"
- inheritable="true"/>
- <objectnode classname="org.apache.slide.structure.SubjectNode"
- uri="/users">
+ <permission action="all" subject="/roles/XXXXXXX" inheritable="true"/>
+ <permission action="/actions/read-acl" subject="all" inheritable="true" negative="true"/>
+ <permission action="/actions/write-acl" subject="all" inheritable="true" negative="true"/>
+ <permission action="/actions/unlock" subject="all" inheritable="true" negative="true"/>
+ <permission action="/actions/read" subject="all" inheritable="true"/>
+ <objectnode classname="org.apache.slide.structure.SubjectNode" uri="/users">
<permission action="all" subject="self" inheritable="true"/>
- <permission action="all" subject="unauthenticated"
- inheritable="true" negative="true"/>
+ <permission action="all" subject="unauthenticated" inheritable="true" negative="true"/>
</objectnode>
- <objectnode classname="org.apache.slide.structure.SubjectNode"
- uri="/roles">
+ <objectnode classname="org.apache.slide.structure.SubjectNode" uri="/roles">
<permission action="all" subject="self" inheritable="true"/>
- <permission action="all" subject="unauthenticated"
- inheritable="true" negative="true"/>
+ <permission action="all" subject="unauthenticated" inheritable="true" negative="true"/>
</objectnode>
- <objectnode classname="org.apache.slide.structure.ActionNode"
- uri="/actions">
- <objectnode
- classname="org.apache.slide.structure.ActionNode"
- uri="/actions/read">
+ <objectnode classname="org.apache.slide.structure.ActionNode" uri="/actions">
+ <objectnode classname="org.apache.slide.structure.ActionNode" uri="/actions/read">
<revision>
- <property name="privilege-member-set"><![CDATA[<D:href
-xmlns:D='DAV:'>/actions/read-acl</D:href> <D:href
-xmlns:D='DAV:'>/actions/read-current-user-privilege-set</D:href>]]></property>
+ <property name="privilege-member-set"><![CDATA[<D:href xmlns:D='DAV:'>/actions/read-acl</D:href> <D:href xmlns:D='DAV:'>/actions/read-current-user-privilege-set</D:href>]]></property>
</revision>
</objectnode>
- <objectnode
- classname="org.apache.slide.structure.ActionNode"
- uri="/actions/read-acl">
+ <objectnode classname="org.apache.slide.structure.ActionNode" uri="/actions/read-acl">
<revision>
<property name="privilege-member-set"/>
</revision>
</objectnode>
- <objectnode
- classname="org.apache.slide.structure.ActionNode"
- uri="/actions/read-current-user-privilege-set">
+ <objectnode classname="org.apache.slide.structure.ActionNode" uri="/actions/read-current-user-privilege-set">
<revision>
<property name="privilege-member-set"/>
</revision>
</objectnode>
- <objectnode
- classname="org.apache.slide.structure.ActionNode"
- uri="/actions/write">
+ <objectnode classname="org.apache.slide.structure.ActionNode" uri="/actions/write">
<revision>
- <property name="privilege-member-set"><![CDATA[<D:href
-xmlns:D='DAV:'>/actions/write-acl</D:href> <D:href
-xmlns:D='DAV:'>/actions/write-properties</D:href> <D:href
-xmlns:D='DAV:'>/actions/write-content</D:href>]]></property>
+ <property name="privilege-member-set"><![CDATA[<D:href xmlns:D='DAV:'>/actions/write-acl</D:href> <D:href xmlns:D='DAV:'>/actions/write-properties</D:href> <D:href xmlns:D='DAV:'>/actions/write-content</D:href>]]></property>
</revision>
</objectnode>
- <objectnode
- classname="org.apache.slide.structure.ActionNode"
- uri="/actions/write-acl">
+ <objectnode classname="org.apache.slide.structure.ActionNode" uri="/actions/write-acl">
<revision>
<property name="privilege-member-set"/>
</revision>
</objectnode>
- <objectnode
- classname="org.apache.slide.structure.ActionNode"
- uri="/actions/write-properties">
+ <objectnode classname="org.apache.slide.structure.ActionNode" uri="/actions/write-properties">
<revision>
<property name="privilege-member-set"/>
</revision>
</objectnode>
- <objectnode
- classname="org.apache.slide.structure.ActionNode"
- uri="/actions/write-content">
+ <objectnode classname="org.apache.slide.structure.ActionNode" uri="/actions/write-content">
<revision>
- <property name="privilege-member-set"><![CDATA[<D:href
-xmlns:D='DAV:'>/actions/bind</D:href> <D:href
-xmlns:D='DAV:'>/actions/unbind</D:href>]]></property>
+ <property name="privilege-member-set"><![CDATA[<D:href xmlns:D='DAV:'>/actions/bind</D:href> <D:href xmlns:D='DAV:'>/actions/unbind</D:href>]]></property>
</revision>
</objectnode>
- <objectnode
- classname="org.apache.slide.structure.ActionNode"
- uri="/actions/bind">
+ <objectnode classname="org.apache.slide.structure.ActionNode" uri="/actions/bind">
<revision>
<property name="privilege-member-set"/>
</revision>
</objectnode>
- <objectnode
- classname="org.apache.slide.structure.ActionNode"
- uri="/actions/unbind">
+ <objectnode classname="org.apache.slide.structure.ActionNode" uri="/actions/unbind">
<revision>
<property name="privilege-member-set"/>
</revision>
</objectnode>
- <objectnode
- classname="org.apache.slide.structure.ActionNode"
- uri="/actions/unlock">
+ <objectnode classname="org.apache.slide.structure.ActionNode" uri="/actions/unlock">
<revision>
<property name="privilege-member-set"/>
</revision>
</objectnode>
</objectnode>
- <objectnode classname="org.apache.slide.structure.SubjectNode"
- uri="/files">
- <permission action="all" subject="unauthenticated"
- inheritable="true"/>
- <!-- Make sure the subject here is a valid LDAP
-group -->
- <permission action="/actions/write"
- subject="/roles/connect users" inheritable="true"/>
- <permission action="/actions/read-acl" subject="owner"
- inheritable="true"/>
+ <objectnode classname="org.apache.slide.structure.SubjectNode" uri="/files">
+ <permission action="all" subject="unauthenticated" inheritable="true"/>
+ <!-- Make sure the subject here is a valid LDAP group -->
+ <permission action="/actions/write" subject="/roles/XXXXXXX" inheritable="true"/>
+ <permission action="/actions/read-acl" subject="owner" inheritable="true"/>
</objectnode>
- <objectnode classname="org.apache.slide.structure.SubjectNode"
- uri="/history">
- <permission action="all" subject="unauthenticated"
- inheritable="true"/>
- <!-- Make sure the subject here is a valid LDAP
-group -->
- <permission action="/actions/write"
- subject="/roles/connect users" inheritable="true"/>
- <permission action="/actions/read-acl" subject="owner"
- inheritable="true"/>
+ <objectnode classname="org.apache.slide.structure.SubjectNode" uri="/history">
+ <permission action="all" subject="unauthenticated" inheritable="true"/>
+ <!-- Make sure the subject here is a valid LDAP group -->
+ <permission action="/actions/write" subject="/roles/XXXXXXX" inheritable="true"/>
+ <permission action="/actions/read-acl" subject="owner" inheritable="true"/>
</objectnode>
- <objectnode classname="org.apache.slide.structure.SubjectNode"
- uri="/workspace">
- <permission action="all" subject="unauthenticated"
- inheritable="true"/>
- <!-- Make sure the subject here is a valid LDAP
-group -->
- <permission action="/actions/write"
- subject="/roles/connect users" inheritable="true"/>
- <permission action="/actions/read-acl" subject="owner"
- inheritable="true"/>
+ <objectnode classname="org.apache.slide.structure.SubjectNode" uri="/workspace">
+ <permission action="all" subject="unauthenticated" inheritable="true"/>
+ <!-- Make sure the subject here is a valid LDAP group -->
+ <permission action="/actions/write" subject="/roles/XXXXXXX" inheritable="true"/>
+ <permission action="/actions/read-acl" subject="owner" inheritable="true"/>
</objectnode>
- <objectnode classname="org.apache.slide.structure.SubjectNode"
- uri="/workingresource">
- <permission action="all" subject="unauthenticated"
- inheritable="true"/>
+ <objectnode classname="org.apache.slide.structure.SubjectNode" uri="/workingresource">
+ <permission action="all" subject="unauthenticated" inheritable="true"/>
<!-- Make sure the subject here is a valid LDAP group -->
- <permission action="/actions/write"
- subject="/roles/connect users" inheritable="true"/>
- <permission action="/actions/read-acl" subject="owner"
- inheritable="true"/>
+ <permission action="/actions/write" subject="/roles/XXXXXXX" inheritable="true"/>
+ <permission action="/actions/read-acl" subject="owner" inheritable="true"/>
</objectnode>
</objectnode>
</data>
---------------------------------------------------------------------
To unsubscribe, e-mail: slide-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: slide-dev-help@jakarta.apache.org