activemq-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From build...@apache.org
Subject svn commit: r918055 - in /websites/production/activemq/content: cache/main.pageCache cached-ldap-authorization-module.html
Date Thu, 31 Jul 2014 17:20:49 GMT
Author: buildbot
Date: Thu Jul 31 17:20:48 2014
New Revision: 918055

Log:
Production update by buildbot for activemq

Modified:
    websites/production/activemq/content/cache/main.pageCache
    websites/production/activemq/content/cached-ldap-authorization-module.html

Modified: websites/production/activemq/content/cache/main.pageCache
==============================================================================
Binary files - no diff available.

Modified: websites/production/activemq/content/cached-ldap-authorization-module.html
==============================================================================
--- websites/production/activemq/content/cached-ldap-authorization-module.html (original)
+++ websites/production/activemq/content/cached-ldap-authorization-module.html Thu Jul 31
17:20:48 2014
@@ -84,69 +84,32 @@
 <div class="wiki-content maincontent">    <div class="aui-message hint shadowed
information-macro">
                             <span class="aui-icon icon-hint">Icon</span>
                 <div class="message-content">
-                            
-<p>Available since 5.6</p>
+                            <p>Available since 5.6</p>
                     </div>
     </div>
-
-
-<p>Cached LDAP authorization module is an implementation of an default authorization
module that initializes and updates data from LDAP. It supports all standard features like
defining wildcard policy entries and entry for temporary destinations.</p>
-
-<h2 id="CachedLDAPAuthorizationModule-Initializing">Initializing</h2>
-
-<p>We provide two ldif files for easy starting. The first one is for <a shape="rect"
class="external-link" href="http://directory.apache.org/">Apache Directory Server</a>
(<a shape="rect" class="external-link" href="https://svn.apache.org/repos/asf/activemq/trunk/activemq-core/src/test/resources/org/apache/activemq/security/activemq-apacheds.ldif">ldif</a>),
which we use in embedded mode for testing. For an example on how to initialize the embedded
ApacheDS with this ldif file take a look at <a shape="rect" class="external-link" href="https://svn.apache.org/repos/asf/activemq/trunk/activemq-unit-tests/src/test/java/org/apache/activemq/security/CachedLDAPSecurityTest.java">CachedLDAPSecurityTest</a></p>
-
-
-
-<p>The other one is for <a shape="rect" class="external-link" href="http://www.openldap.org/"
rel="nofollow">OpenLDAP</a> (<a shape="rect" class="external-link" href="https://svn.apache.org/repos/asf/activemq/trunk/activemq-unit-tests/src/test/resources/org/apache/activemq/security/activemq-openldap.ldif">ldif</a>)</p>
-
-    <div class="aui-message hint shadowed information-macro">
+<p>Cached LDAP authorization module is an implementation of an default authorization
module that initializes and updates data from LDAP. It supports all standard features like
defining wildcard policy entries and entry for temporary destinations.</p><h2 id="CachedLDAPAuthorizationModule-Initializing">Initializing</h2><p>We
provide two ldif files for easy starting. The first one is for <a shape="rect" class="external-link"
href="http://directory.apache.org/">Apache Directory Server</a> (<a shape="rect"
class="external-link" href="https://svn.apache.org/repos/asf/activemq/trunk/activemq-core/src/test/resources/org/apache/activemq/security/activemq-apacheds.ldif">ldif</a>),
which we use in embedded mode for testing. For an example on how to initialize the embedded
ApacheDS with this ldif file take a look at <a shape="rect" class="external-link" href="https://svn.apache.org/repos/asf/activemq/trunk/activemq-unit-tests/src/test/java/org/apache/activemq/security/CachedLDAPSecurityTest.jav
 a">CachedLDAPSecurityTest</a></p><p>The other one is for <a shape="rect"
class="external-link" href="http://www.openldap.org/" rel="nofollow">OpenLDAP</a>
(<a shape="rect" class="external-link" href="https://svn.apache.org/repos/asf/activemq/trunk/activemq-unit-tests/src/test/resources/org/apache/activemq/security/activemq-openldap.ldif">ldif</a>)</p>
   <div class="aui-message hint shadowed information-macro">
                             <span class="aui-icon icon-hint">Icon</span>
                 <div class="message-content">
-                            
-<p>The provided ldif and examples assume <code>dc=activemq,dc=apache,dc=org</code>
suffix to be used for entries, so the configuration similar to the one shown in the following
snippet</p>
-
-<div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent
pdl">
-<script class="theme: Default; brush: java; gutter: false" type="syntaxhighlighter"><![CDATA[
-suffix          &quot;dc=activemq,dc=apache,dc=org&quot;
+                            <p>The provided ldif and examples assume <code>dc=activemq,dc=apache,dc=org</code>
suffix to be used for entries, so the configuration similar to the one shown in the following
snippet</p><div class="code panel pdl" style="border-width: 1px;"><div class="codeContent
panelContent pdl">
+<script class="theme: Default; brush: java; gutter: false" type="syntaxhighlighter"><![CDATA[suffix
         &quot;dc=activemq,dc=apache,dc=org&quot;
 rootdn          &quot;cn=admin,dc=activemq,dc=apache,dc=org&quot;
 # Cleartext passwords, especially for the rootdn, should
 # be avoid.  See slappasswd(8) and slapd.conf(5) for details.
 # Use of strong authentication encouraged.
 rootpw          {SSHA}lfAYn54xCFghgQv5B2Kqn3d3eLojqxtS
 ]]></script>
-</div></div>
-
-<p>should be put into your <code>slapd.conf</code> </p>
-
+</div></div><p>should be put into your <code>slapd.conf</code></p>
                     </div>
     </div>
-
-
-
-<p>To initialize your (properly configured) OpenLDAP do something like</p>
-
-<div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent
pdl">
+<p>To initialize your (properly configured) OpenLDAP do something like</p><div
class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent
pdl">
 <script class="theme: Default; brush: java; gutter: false" type="syntaxhighlighter"><![CDATA[ldapadd
-x -D &quot;cn=admin,dc=activemq,dc=apache,dc=org&quot; -w sunflower -f activemq-openldap.ldif]]></script>
-</div></div>
-
-
-<h2 id="CachedLDAPAuthorizationModule-Configuring">Configuring</h2>
-
-<p>Once entries are in LDAP, you can configure the module to load entries from there.
A default values are adapted for embedded Apache DS server, so all you have to do in that
case is add your plugin to the broker xml conf</p>
-
-<div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent
pdl">
+</div></div><h2 id="CachedLDAPAuthorizationModule-Configuring">Configuring</h2><p>Once
entries are in LDAP, you can configure the module to load entries from there. A default values
are adapted for embedded Apache DS server, so all you have to do in that case is add your
plugin to the broker xml conf</p><div class="code panel pdl" style="border-width:
1px;"><div class="codeContent panelContent pdl">
 <script class="theme: Default; brush: java; gutter: false" type="syntaxhighlighter"><![CDATA[&lt;authorizationPlugin&gt;
     &lt;map&gt;
         &lt;cachedLDAPAuthorizationMap/&gt;
     &lt;/map&gt;
 &lt;/authorizationPlugin&gt;]]></script>
-</div></div>
-
-
-<p>For the OpenLDAP case, you should define more parameters    </p>
-
-<div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent
pdl">
+</div></div><p>For the OpenLDAP case, you should define more parameters</p><div
class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent
pdl">
 <script class="theme: Default; brush: java; gutter: false" type="syntaxhighlighter"><![CDATA[&lt;authorizationPlugin&gt;
     &lt;map&gt;
         &lt;cachedLDAPAuthorizationMap
@@ -161,21 +124,7 @@ rootpw          {SSHA}lfAYn54xCFghgQv5B2
         /&gt;
     &lt;/map&gt;
 &lt;/authorizationPlugin&gt;]]></script>
-</div></div>          
-
-<p>Full examples of configurations for <a shape="rect" class="external-link" href="https://svn.apache.org/repos/asf/activemq/trunk/activemq-core/src/test/resources/org/apache/activemq/security/activemq-apacheds.xml">Apache
DS</a> and <a shape="rect" class="external-link" href="https://svn.apache.org/repos/asf/activemq/trunk/activemq-core/src/test/resources/org/apache/activemq/security/activemq-openldap.xml">OpenLDAP</a></p>
-
-<p>The list of all properties for <code>cachedLDAPAuthorizationMap</code></p>
-
-<div class="table-wrap"><table class="confluenceTable"><tbody><tr><th
colspan="1" rowspan="1" class="confluenceTh"><p>property</p></th><th
colspan="1" rowspan="1" class="confluenceTh"><p>default value</p></th><th
colspan="1" rowspan="1" class="confluenceTh"><p>description</p></th><td
colspan="1" rowspan="1" class="confluenceTd"><p>version</p></td></tr><tr><td
colspan="1" rowspan="1" class="confluenceTd"><p>connectionURL</p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p>ldap://localhost:1024</p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p>LDAP Server connection address</p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p>&#160;</p></td></tr><tr><td
colspan="1" rowspan="1" class="confluenceTd"><p>connectionUsername</p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p>uid=admin,ou=system</p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p>Dn to be used for connecting to the
server</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>&#
 160;</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p>connectionPassword</p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p>secret</p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p>Password to be used for connecting
to the server</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>&#160;</p></td></tr><tr><td
colspan="1" rowspan="1" class="confluenceTd"><p>connectionProtocol</p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p>s</p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p>Connection protocol to be used for connecting
to the server</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>&#160;</p></td></tr><tr><td
colspan="1" rowspan="1" class="confluenceTd"><p>authentication</p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p>simple</p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p>Authentication method to be used
when connecting to the server</p></td><td colspan="1" rowspan="1" class="conflue
 nceTd"><p>&#160;</p></td></tr><tr><td colspan="1"
rowspan="1" class="confluenceTd"><p>queueSearchBase</p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p>ou=Queue,ou=Destination,ou=ActiveMQ,ou=system</p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p>Base dn of queue related entries</p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p>5.7 and later</p></td></tr><tr><td
colspan="1" rowspan="1" class="confluenceTd"><p>topicSearchBase</p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p>ou=Topic,ou=Destination,ou=ActiveMQ,ou=system</p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p>Base dn of topic related entries</p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p>5.7 and later</p></td></tr><tr><td
colspan="1" rowspan="1" class="confluenceTd"><p>tempSearchBase</p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p>ou=Temp,ou=Destination,ou=ActiveMQ,ou=system</p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p>Base dn of temp
 orary destinations related entries</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>5.7
and later</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p>refreshInterval</p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p>-1</p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p>Interval (in milliseconds) of pulling changes
from the server, -1 means pulling is off, see #Updates for more info</p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p>&#160;</p></td></tr><tr><td
colspan="1" rowspan="1" class="confluenceTd"><p>legacyGroupMapping</p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p>true</p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p>Should permission group members be configured
as CN and not a full DN</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>5.7
and later</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p>baseDn</p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p>ou=sy
 stem</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>Base
dn of ActiveMQ related entries</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>5.6</p></td></tr></tbody></table></div>
-
-
-
-<h2 id="CachedLDAPAuthorizationModule-Updates">Updates</h2>
-
-<p>Many LDAP servers supports so called "persistent search" feature which allows applications
to receive changes in LDAP in a "push" manner. By default this plugin assumes that LDAP server
supports this feature and will "register" to get live updates.</p>
-
-<p>For servers that doesn't support this yet (like OpenLDAP), we provide "pull" updates.
In this case you need to set <code>refreshInterval</code> property, which will
define the update period for the plugin (so in this case, updates will not be immediately
applied)</p></div>
+</div></div><p>Full examples of configurations for <a shape="rect" class="external-link"
href="https://svn.apache.org/repos/asf/activemq/trunk/activemq-unit-tests/src/test/resources/org/apache/activemq/security/activemq-apacheds.xml">Apache
DS</a> and <a shape="rect" class="external-link" href="https://svn.apache.org/repos/asf/activemq/trunk/activemq-unit-tests/src/test/resources/org/apache/activemq/security/activemq-openldap.xml">OpenLDAP</a></p><p>The
list of all properties for <code>cachedLDAPAuthorizationMap</code></p><div
class="table-wrap"><table class="confluenceTable"><tbody><tr><th colspan="1"
rowspan="1" class="confluenceTh"><p>property</p></th><th colspan="1"
rowspan="1" class="confluenceTh"><p>default value</p></th><th colspan="1"
rowspan="1" class="confluenceTh"><p>description</p></th><td colspan="1"
rowspan="1" class="confluenceTd"><p>version</p></td></tr><tr><td
colspan="1" rowspan="1" class="confluenceTd"><p>connectionURL</p></td><td
colspan="1" rowspan="1" class="co
 nfluenceTd"><p>ldap://localhost:1024</p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p>LDAP Server connection address</p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p>&#160;</p></td></tr><tr><td
colspan="1" rowspan="1" class="confluenceTd"><p>connectionUsername</p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p>uid=admin,ou=system</p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p>Dn to be used for connecting to the
server</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>&#160;</p></td></tr><tr><td
colspan="1" rowspan="1" class="confluenceTd"><p>connectionPassword</p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p>secret</p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p>Password to be used for connecting
to the server</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>&#160;</p></td></tr><tr><td
colspan="1" rowspan="1" class="confluenceTd"><p>connectionProtocol</p></td><td
colspan="1" rowspan="1" class="co
 nfluenceTd"><p>s</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>Connection
protocol to be used for connecting to the server</p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p>&#160;</p></td></tr><tr><td
colspan="1" rowspan="1" class="confluenceTd"><p>authentication</p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p>simple</p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p>Authentication method to be used
when connecting to the server</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>&#160;</p></td></tr><tr><td
colspan="1" rowspan="1" class="confluenceTd"><p>queueSearchBase</p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p>ou=Queue,ou=Destination,ou=ActiveMQ,ou=system</p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p>Base dn of queue related entries</p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p>5.7 and later</p></td></tr><tr><td
colspan="1" rowspan="1" class="confluenceTd"><p>topicSearchBase</p></td><
 td colspan="1" rowspan="1" class="confluenceTd"><p>ou=Topic,ou=Destination,ou=ActiveMQ,ou=system</p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p>Base dn of topic related entries</p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p>5.7 and later</p></td></tr><tr><td
colspan="1" rowspan="1" class="confluenceTd"><p>tempSearchBase</p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p>ou=Temp,ou=Destination,ou=ActiveMQ,ou=system</p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p>Base dn of temporary destinations
related entries</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>5.7
and later</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p>refreshInterval</p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p>-1</p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p>Interval (in milliseconds) of pulling changes
from the server, -1 means pulling is off, see #Updates for more info</p></td><td
colspan="1" rowspan="1" c
 lass="confluenceTd"><p>&#160;</p></td></tr><tr><td
colspan="1" rowspan="1" class="confluenceTd"><p>legacyGroupMapping</p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p>true</p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p>Should permission group members be configured
as CN and not a full DN</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>5.7
and later</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p>baseDn</p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p>ou=system</p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p>Base dn of ActiveMQ related entries</p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p>5.6</p></td></tr></tbody></table></div><h2
id="CachedLDAPAuthorizationModule-Updates">Updates</h2><p>Many LDAP servers
supports so called "persistent search" feature which allows applications to receive changes
in LDAP in a "push" manner. By default this plugin assumes that LDAP server supports this
feature
  and will "register" to get live updates.</p><p>For servers that doesn't support
this yet (like OpenLDAP), we provide "pull" updates. In this case you need to set <code>refreshInterval</code>
property, which will define the update period for the plugin (so in this case, updates will
not be immediately applied)</p></div>
         </td>
         <td valign="top">
           <div class="navigation">



Mime
View raw message