directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ersi...@apache.org
Subject svn commit: r372635 [5/6] - in /directory/trunks/apacheds/site: ./ src/ src/site/ src/site/resources/ src/site/resources/developers/ src/site/resources/images/ src/site/resources/users/ src/site/xdoc/ src/site/xdoc/developers/ src/site/xdoc/drafts/ src...
Date Thu, 26 Jan 2006 22:32:32 GMT
Added: directory/trunks/apacheds/site/src/site/xdoc/features.xml
URL: http://svn.apache.org/viewcvs/directory/trunks/apacheds/site/src/site/xdoc/features.xml?rev=372635&view=auto
==============================================================================
--- directory/trunks/apacheds/site/src/site/xdoc/features.xml (added)
+++ directory/trunks/apacheds/site/src/site/xdoc/features.xml Thu Jan 26 14:29:42 2006
@@ -0,0 +1,84 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<document>
+  <properties>
+    <author email="akarasulu@apache.org">Alex Karasulu</author>
+    
+  </properties>
+  
+  <body>
+    <section name="Server's Features">
+      <p> 
+        The Apache Directory Server is an embeddable LDAP server implemented in
+        pure Java.  It has several features that make it unique amoung LDAP 
+        servers.  These features are described below:
+      </p>
+      
+      <ul>
+        <li>
+          Designed as an LDAP and X.500 experimentation platform.  Plugable
+          components and subsystems make ApacheDS extremely modular and ideal 
+          for experiments with various aspects of the LDAP protocol. 
+        </li>
+        
+        <li>
+          The server's frontend is completely separable from its backend and
+          vice-versa making it very flexible for implementing virtual
+          directories, proxy servers and gateways to X.500.
+        </li>
+        
+        <li>
+          Several backends can be implemented and plugged into the server's
+          partition nexus.  The server supports a BTree based partition out of
+          the box but any backing store can be used to implement a partition so
+          long as it conforms to interfaces.
+        </li>
+        
+        <li>
+          The server exposes aspects of administration via a special system
+          backend.  LDAP can be used to manage these concerns through the
+          system naming context at <code>ou=system</code>.
+        </li>
+        
+        <li>
+          Java based triggers and stored procedures are being implemented.
+        </li>
+        
+        <li>
+          Both the backend subsystem and the frontend are separable and
+          independently embeddable.
+        </li>
+        
+        <li>
+          The server contains a server side JNDI LDAP provider as the facade
+          for the entire backend subsystem.  JNDI operations are directly
+          translated by this provider into operations against the nexus and the
+          target partitions storing server entries.
+        </li>
+        
+        <li>
+          The server will use JNDI as the data access API for stored procedures.
+          This will make stored procedures functional within and outside of the
+          server without requiring recompilation.
+        </li>
+        
+        <li>
+          The server's networking code, MINA, Multipurpose Infrastructure for
+          Network Applications was designed for pluggable protocol providers,
+          of all sorts and not just LDAP.  MINA gives ApacheDS the ability to 
+          handle large amounts of concurrency.  
+        </li>
+        
+        <li>
+          The server uses the Snickers tools and APIs for ASN.1 BER encoding and
+          decoding.  These tools are designed for a very small encoding and
+          decoding footprint as well as for use in non-blocking servers.  The
+          chunking nature of the BER codec makes the server very efficient while
+          handling encoding and decoding making it more resistant to DoS
+          attacks.  This layer is also pluggable with a new experimental Twix
+          provider which is much more efficient.  Of course there is the
+          unsupported Snacc4J provider which is no longer maintained.
+        </li>
+      </ul>
+      </section>
+    </body>
+</document>

Added: directory/trunks/apacheds/site/src/site/xdoc/images/apache-directory-logo.png
URL: http://svn.apache.org/viewcvs/directory/trunks/apacheds/site/src/site/xdoc/images/apache-directory-logo.png?rev=372635&view=auto
==============================================================================
Binary file - no diff available.

Propchange: directory/trunks/apacheds/site/src/site/xdoc/images/apache-directory-logo.png
------------------------------------------------------------------------------
    svn:mime-type = application/octet-stream

Added: directory/trunks/apacheds/site/src/site/xdoc/images/apache-incubator-logo.png
URL: http://svn.apache.org/viewcvs/directory/trunks/apacheds/site/src/site/xdoc/images/apache-incubator-logo.png?rev=372635&view=auto
==============================================================================
Binary file - no diff available.

Propchange: directory/trunks/apacheds/site/src/site/xdoc/images/apache-incubator-logo.png
------------------------------------------------------------------------------
    svn:mime-type = application/octet-stream

Added: directory/trunks/apacheds/site/src/site/xdoc/images/architecture.png
URL: http://svn.apache.org/viewcvs/directory/trunks/apacheds/site/src/site/xdoc/images/architecture.png?rev=372635&view=auto
==============================================================================
Binary file - no diff available.

Propchange: directory/trunks/apacheds/site/src/site/xdoc/images/architecture.png
------------------------------------------------------------------------------
    svn:mime-type = application/octet-stream

Added: directory/trunks/apacheds/site/src/site/xdoc/images/icon.png
URL: http://svn.apache.org/viewcvs/directory/trunks/apacheds/site/src/site/xdoc/images/icon.png?rev=372635&view=auto
==============================================================================
Binary file - no diff available.

Propchange: directory/trunks/apacheds/site/src/site/xdoc/images/icon.png
------------------------------------------------------------------------------
    svn:mime-type = application/octet-stream

Added: directory/trunks/apacheds/site/src/site/xdoc/index.xml
URL: http://svn.apache.org/viewcvs/directory/trunks/apacheds/site/src/site/xdoc/index.xml?rev=372635&view=auto
==============================================================================
--- directory/trunks/apacheds/site/src/site/xdoc/index.xml (added)
+++ directory/trunks/apacheds/site/src/site/xdoc/index.xml Thu Jan 26 14:29:42 2006
@@ -0,0 +1,76 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<document>
+  <properties>
+    <title>Apache Directory Server</title>
+    <author email="akarasulu@apache.org">Alex Karasulu</author>
+  </properties>
+  
+  <body>
+    <section name="Overview">
+      <p>Welcome to the Apache Directory Server Homepage!</p>
+
+      <p>
+        The Apache Directory Server is an embeddable LDAP server written in
+        Java.  It has been designed to introduce triggers, stored procedures,
+        queues and views to the world of LDAP which has lacked these rich
+        constructs.
+      </p>
+      
+      <table>
+        <tr>
+          <th>Topic</th>
+          <th>Description</th>
+        </tr>
+        
+        <tr>
+          <td>
+            <a href="./features.html">Features</a>
+          </td>
+          <td>
+            Lists existing and planned features.
+          </td>
+        </tr>
+
+        <tr>
+          <td>
+            <a href="./roadmap.html">Roadmap</a>
+          </td>
+          <td>
+            A development roadmap.
+          </td>
+        </tr>
+
+        <tr>
+          <td>
+            <a href="./users/index.html">User's Guide</a>
+          </td>
+          <td>
+            Material that might go into a user's guide or howto section.
+          </td>
+        </tr>
+
+        <tr>
+          <td>
+            <a href="./developers/index.html">Developers's Guide</a>
+          </td>
+          <td>
+            Material that might go into a developer's guide.
+          </td>
+        </tr>
+
+        <tr>
+          <td>
+            <a href="./projects/index.html">Projects</a>
+          </td>
+          <td>
+            The sitedocs for the various maven source code projects containing
+            the usual reports and info are here.
+          </td>
+        </tr>
+
+      </table>
+
+
+    </section>
+  </body>
+</document>

Added: directory/trunks/apacheds/site/src/site/xdoc/license.xml
URL: http://svn.apache.org/viewcvs/directory/trunks/apacheds/site/src/site/xdoc/license.xml?rev=372635&view=auto
==============================================================================
--- directory/trunks/apacheds/site/src/site/xdoc/license.xml (added)
+++ directory/trunks/apacheds/site/src/site/xdoc/license.xml Thu Jan 26 14:29:42 2006
@@ -0,0 +1,215 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<document>
+  <properties>
+    <author email="akarasulu@apache.org">Alex Karasulu</author>
+    
+  </properties>
+  
+  <body>
+    <section name="Apache 2.0 License">
+      <source>
+                                 Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
+
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+   1. Definitions.
+
+      "License" shall mean the terms and conditions for use, reproduction,
+      and distribution as defined by Sections 1 through 9 of this document.
+
+      "Licensor" shall mean the copyright owner or entity authorized by
+      the copyright owner that is granting the License.
+
+      "Legal Entity" shall mean the union of the acting entity and all
+      other entities that control, are controlled by, or are under common
+      control with that entity. For the purposes of this definition,
+      "control" means (i) the power, direct or indirect, to cause the
+      direction or management of such entity, whether by contract or
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      outstanding shares, or (iii) beneficial ownership of such entity.
+
+      "You" (or "Your") shall mean an individual or Legal Entity
+      exercising permissions granted by this License.
+
+      "Source" form shall mean the preferred form for making modifications,
+      including but not limited to software source code, documentation
+      source, and configuration files.
+
+      "Object" form shall mean any form resulting from mechanical
+      transformation or translation of a Source form, including but
+      not limited to compiled object code, generated documentation,
+      and conversions to other media types.
+
+      "Work" shall mean the work of authorship, whether in Source or
+      Object form, made available under the License, as indicated by a
+      copyright notice that is included in or attached to the work
+      (an example is provided in the Appendix below).
+
+      "Derivative Works" shall mean any work, whether in Source or Object
+      form, that is based on (or derived from) the Work and for which the
+      editorial revisions, annotations, elaborations, or other modifications
+      represent, as a whole, an original work of authorship. For the purposes
+      of this License, Derivative Works shall not include works that remain
+      separable from, or merely link (or bind by name) to the interfaces of,
+      the Work and Derivative Works thereof.
+
+      "Contribution" shall mean any work of authorship, including
+      the original version of the Work and any modifications or additions
+      to that Work or Derivative Works thereof, that is intentionally
+      submitted to Licensor for inclusion in the Work by the copyright owner
+      or by an individual or Legal Entity authorized to submit on behalf of
+      the copyright owner. For the purposes of this definition, "submitted"
+      means any form of electronic, verbal, or written communication sent
+      to the Licensor or its representatives, including but not limited to
+      communication on electronic mailing lists, source code control systems,
+      and issue tracking systems that are managed by, or on behalf of, the
+      Licensor for the purpose of discussing and improving the Work, but
+      excluding communication that is conspicuously marked or otherwise
+      designated in writing by the copyright owner as "Not a Contribution."
+
+      "Contributor" shall mean Licensor and any individual or Legal Entity
+      on behalf of whom a Contribution has been received by Licensor and
+      subsequently incorporated within the Work.
+
+   2. Grant of Copyright License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      copyright license to reproduce, prepare Derivative Works of,
+      publicly display, publicly perform, sublicense, and distribute the
+      Work and such Derivative Works in Source or Object form.
+
+   3. Grant of Patent License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      (except as stated in this section) patent license to make, have made,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
+      where such license applies only to those patent claims licensable
+      by such Contributor that are necessarily infringed by their
+      Contribution(s) alone or by combination of their Contribution(s)
+      with the Work to which such Contribution(s) was submitted. If You
+      institute patent litigation against any entity (including a
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      or a Contribution incorporated within the Work constitutes direct
+      or contributory patent infringement, then any patent licenses
+      granted to You under this License for that Work shall terminate
+      as of the date such litigation is filed.
+
+   4. Redistribution. You may reproduce and distribute copies of the
+      Work or Derivative Works thereof in any medium, with or without
+      modifications, and in Source or Object form, provided that You
+      meet the following conditions:
+
+      (a) You must give any other recipients of the Work or
+          Derivative Works a copy of this License; and
+
+      (b) You must cause any modified files to carry prominent notices
+          stating that You changed the files; and
+
+      (c) You must retain, in the Source form of any Derivative Works
+          that You distribute, all copyright, patent, trademark, and
+          attribution notices from the Source form of the Work,
+          excluding those notices that do not pertain to any part of
+          the Derivative Works; and
+
+      (d) If the Work includes a "NOTICE" text file as part of its
+          distribution, then any Derivative Works that You distribute must
+          include a readable copy of the attribution notices contained
+          within such NOTICE file, excluding those notices that do not
+          pertain to any part of the Derivative Works, in at least one
+          of the following places: within a NOTICE text file distributed
+          as part of the Derivative Works; within the Source form or
+          documentation, if provided along with the Derivative Works; or,
+          within a display generated by the Derivative Works, if and
+          wherever such third-party notices normally appear. The contents
+          of the NOTICE file are for informational purposes only and
+          do not modify the License. You may add Your own attribution
+          notices within Derivative Works that You distribute, alongside
+          or as an addendum to the NOTICE text from the Work, provided
+          that such additional attribution notices cannot be construed
+          as modifying the License.
+
+      You may add Your own copyright statement to Your modifications and
+      may provide additional or different license terms and conditions
+      for use, reproduction, or distribution of Your modifications, or
+      for any such Derivative Works as a whole, provided Your use,
+      reproduction, and distribution of the Work otherwise complies with
+      the conditions stated in this License.
+
+   5. Submission of Contributions. Unless You explicitly state otherwise,
+      any Contribution intentionally submitted for inclusion in the Work
+      by You to the Licensor shall be under the terms and conditions of
+      this License, without any additional terms or conditions.
+      Notwithstanding the above, nothing herein shall supersede or modify
+      the terms of any separate license agreement you may have executed
+      with Licensor regarding such Contributions.
+
+   6. Trademarks. This License does not grant permission to use the trade
+      names, trademarks, service marks, or product names of the Licensor,
+      except as required for reasonable and customary use in describing the
+      origin of the Work and reproducing the content of the NOTICE file.
+
+   7. Disclaimer of Warranty. Unless required by applicable law or
+      agreed to in writing, Licensor provides the Work (and each
+      Contributor provides its Contributions) on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      implied, including, without limitation, any warranties or conditions
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      PARTICULAR PURPOSE. You are solely responsible for determining the
+      appropriateness of using or redistributing the Work and assume any
+      risks associated with Your exercise of permissions under this License.
+
+   8. Limitation of Liability. In no event and under no legal theory,
+      whether in tort (including negligence), contract, or otherwise,
+      unless required by applicable law (such as deliberate and grossly
+      negligent acts) or agreed to in writing, shall any Contributor be
+      liable to You for damages, including any direct, indirect, special,
+      incidental, or consequential damages of any character arising as a
+      result of this License or out of the use or inability to use the
+      Work (including but not limited to damages for loss of goodwill,
+      work stoppage, computer failure or malfunction, or any and all
+      other commercial damages or losses), even if such Contributor
+      has been advised of the possibility of such damages.
+
+   9. Accepting Warranty or Additional Liability. While redistributing
+      the Work or Derivative Works thereof, You may choose to offer,
+      and charge a fee for, acceptance of support, warranty, indemnity,
+      or other liability obligations and/or rights consistent with this
+      License. However, in accepting such obligations, You may act only
+      on Your own behalf and on Your sole responsibility, not on behalf
+      of any other Contributor, and only if You agree to indemnify,
+      defend, and hold each Contributor harmless for any liability
+      incurred by, or claims asserted against, such Contributor by reason
+      of your accepting any such warranty or additional liability.
+
+   END OF TERMS AND CONDITIONS
+
+   APPENDIX: How to apply the Apache License to your work.
+
+      To apply the Apache License to your work, attach the following
+      boilerplate notice, with the fields enclosed by brackets "[]"
+      replaced with your own identifying information. (Don't include
+      the brackets!)  The text should be enclosed in the appropriate
+      comment syntax for the file format. We also recommend that a
+      file or class name and description of purpose be included on the
+      same "printed page" as the copyright notice for easier
+      identification within third-party archives.
+
+   Copyright [yyyy] [name of copyright owner]
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.
+      </source>
+    </section>
+  </body>
+</document>

Added: directory/trunks/apacheds/site/src/site/xdoc/mailing-lists.xml
URL: http://svn.apache.org/viewcvs/directory/trunks/apacheds/site/src/site/xdoc/mailing-lists.xml?rev=372635&view=auto
==============================================================================
--- directory/trunks/apacheds/site/src/site/xdoc/mailing-lists.xml (added)
+++ directory/trunks/apacheds/site/src/site/xdoc/mailing-lists.xml Thu Jan 26 14:29:42 2006
@@ -0,0 +1,41 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<document>
+  <properties>
+    <author email="akarasulu@apache.org">Alex Karasulu</author>
+    
+  </properties>
+  
+  <body>
+    <section name="Mailing Lists">
+      <p>
+        These are the mailing lists that have been established for the directory
+        project.  For each list, there is a subscribe, unsubscribe, and an
+        archive link.
+      </p>
+      <table>
+        <thead>
+        <tr>
+          <th>List Name</th>
+          <th>Subscribe</th>
+          <th>Unsubscribe</th>
+          <th>Archive</th>
+        </tr>
+        </thead>
+        <tbody>
+          <tr>
+            <td>Apache Directory Developement - use [server] prefix</td>
+            <td>
+              <a href="mailto:dev-subscribe@directory.apache.org">Subscribe</a>
+            </td>
+            <td>
+              <a href="mailto:dev-unsubscribe@directory.apache.org">Unsubscribe</a>
+            </td>
+            <td>
+              <a href="http://mail-archives.apache.org/eyebrowse/SummarizeList?listId=181">Archive</a>
+            </td>
+          </tr>
+        </tbody>
+      </table>
+    </section>
+  </body>
+</document>

Added: directory/trunks/apacheds/site/src/site/xdoc/notices.xml
URL: http://svn.apache.org/viewcvs/directory/trunks/apacheds/site/src/site/xdoc/notices.xml?rev=372635&view=auto
==============================================================================
--- directory/trunks/apacheds/site/src/site/xdoc/notices.xml (added)
+++ directory/trunks/apacheds/site/src/site/xdoc/notices.xml Thu Jan 26 14:29:42 2006
@@ -0,0 +1,18 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<document>
+  <properties>
+    <author email="akarasulu@apache.org">Alex Karasulu</author>
+    
+  </properties>
+  
+  <body>
+    <section name="Notices">
+      <subsection name="Apache General Notice">
+        <source>
+This product includes software developed by
+The Apache Software Foundation (http://www.apache.org/).
+        </source>
+      </subsection>
+    </section>
+  </body>
+</document>

Added: directory/trunks/apacheds/site/src/site/xdoc/projects/index.xml
URL: http://svn.apache.org/viewcvs/directory/trunks/apacheds/site/src/site/xdoc/projects/index.xml?rev=372635&view=auto
==============================================================================
--- directory/trunks/apacheds/site/src/site/xdoc/projects/index.xml (added)
+++ directory/trunks/apacheds/site/src/site/xdoc/projects/index.xml Thu Jan 26 14:29:42 2006
@@ -0,0 +1,65 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<document>
+  <properties>
+    <author email="akarasulu@apache.org">Alex Karasulu</author>
+    
+  </properties>
+  
+  <body>
+    <section name="Server Projects">
+      <p>
+        The server is composed of several Maven projects.  The usually Maven
+        generated project documenation for each of them can be accessed here:
+      </p>
+      
+      <table>
+        <tr>
+          <th>Project</th>
+          <th>Description</th>
+        </tr>
+        
+        <tr>
+          <td>
+            <a href="../projects/apacheds-main/index.html">main</a>
+          </td>
+          <td>
+            Command line server application with <code>main()</code>
+          </td>
+        </tr>
+
+        <tr>
+          <td>
+            <a href="../projects/apacheds-core/index.html">core</a>
+          </td>
+          <td>
+            The core contains the JNDI provider, interceptor
+            framework, interceptor services, the schema subsystem and the
+            database subsystem.  Hence the core is the heart of the server as
+            its name suggests.
+          </td>
+        </tr>
+
+        <tr>
+          <td>
+            <a href="../projects/apacheds-shared/index.html">shared</a>
+          </td>
+          <td>
+            Code shared by the core and plugin separated to prevent cyclic deps
+          </td>
+        </tr>
+
+        <tr>
+          <td>
+            <a href="../projects/maven-directory-plugin/index.html">plugin</a>
+          </td>
+          <td>
+            A Maven Plugin used to generate code from OpenLDAP schema files.
+            These files are parsed and source is generated to bootstrap schema
+            in the server.
+          </td>
+        </tr>
+      </table>
+
+    </section>
+  </body>
+</document>

Added: directory/trunks/apacheds/site/src/site/xdoc/rfcs/rfc3642.txt.pdf
URL: http://svn.apache.org/viewcvs/directory/trunks/apacheds/site/src/site/xdoc/rfcs/rfc3642.txt.pdf?rev=372635&view=auto
==============================================================================
Binary file - no diff available.

Propchange: directory/trunks/apacheds/site/src/site/xdoc/rfcs/rfc3642.txt.pdf
------------------------------------------------------------------------------
    svn:mime-type = application/octet-stream

Added: directory/trunks/apacheds/site/src/site/xdoc/rfcs/rfc3698.txt.pdf
URL: http://svn.apache.org/viewcvs/directory/trunks/apacheds/site/src/site/xdoc/rfcs/rfc3698.txt.pdf?rev=372635&view=auto
==============================================================================
Binary file - no diff available.

Propchange: directory/trunks/apacheds/site/src/site/xdoc/rfcs/rfc3698.txt.pdf
------------------------------------------------------------------------------
    svn:mime-type = application/octet-stream

Added: directory/trunks/apacheds/site/src/site/xdoc/roadmap.xml
URL: http://svn.apache.org/viewcvs/directory/trunks/apacheds/site/src/site/xdoc/roadmap.xml?rev=372635&view=auto
==============================================================================
--- directory/trunks/apacheds/site/src/site/xdoc/roadmap.xml (added)
+++ directory/trunks/apacheds/site/src/site/xdoc/roadmap.xml Thu Jan 26 14:29:42 2006
@@ -0,0 +1,30 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<document>
+  <properties>
+    <author email="akarasulu@apache.org">Alex Karasulu</author>
+    
+  </properties>
+  
+  <body>
+    <section name="Server Roadmap">
+      <p>
+        Until we pull this together in a nice format you can get an
+        idea of what is going on using these alternative sources of info:
+      </p>
+
+      <ul>
+        <li>
+          Look at the JIRA
+          <a href="http://issues.apache.org/jira/secure/BrowseProject.jspa">here
+          </a> for specific tasks.
+        </li>
+        <li>
+          Look at the release info in the WIKI
+          <a href="http://wiki.apache.org/directory/ReleasesHowto">here
+          </a> for high level roadmap.
+        </li>
+      </ul>
+    </section>
+
+  </body>
+</document>

Added: directory/trunks/apacheds/site/src/site/xdoc/users/acareas.xml
URL: http://svn.apache.org/viewcvs/directory/trunks/apacheds/site/src/site/xdoc/users/acareas.xml?rev=372635&view=auto
==============================================================================
--- directory/trunks/apacheds/site/src/site/xdoc/users/acareas.xml (added)
+++ directory/trunks/apacheds/site/src/site/xdoc/users/acareas.xml Thu Jan 26 14:29:42 2006
@@ -0,0 +1,150 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<document>
+  <properties>
+    <author email="akarasulu">akarasulu</author>
+    
+  </properties>
+  <body>
+    <section heading="h1" name="Introduction">
+      <p>
+This guide will show you how to create an Access Control Specific Area and
+Access Control Inner Areas for administering access controls within ApacheDS.
+Basic knowledge of the X.500 administrative model is presumed along with an
+understanding of the Basic Access Control Scheme in X.501. For quick primers
+please take a look at the following
+documentation:</p>
+      <ul nesting="1">
+        <li>
+          <a href="./subentries.html">Subentries</a>
+and the Administrative
+Model
+        </li>
+        <li>
+          <a href="./authorization.html">Authorization</a>
+        </li>
+      </ul>
+    </section>
+    <section heading="h1" name="Creating Access Control Specific Areas (ACSA)">
+      <p>
+An access control specific area is an Autonomous Administrative Area (AAA) for
+managing access control specific aspects of a subtree within the DIT. Like all
+administrative areas, an access control specific area is rooted at a vertex
+entry called the Administrative Point (AP). The ACSA spans down until leaf
+entries are encountered or until another ACSA is encountered. Access control
+specific areas do not
+overlap.</p>
+      <p>
+Under the AP, you can add subentries that contain prescriptiveACI attributes.
+Zero or more subentries can be added, each with one or more prescriptiveACI.
+These subentries apply access control information (ACI) in these prescriptiveACI
+attributes to collections of entries within the
+ACSA.</p>
+      <subsection heading="h2" name="Adding an 'administrativeRole' Attribute">
+        <p>
+An entry becomes an AP when it has an administrativeRole attribute added to it
+with the appropriate
+value
+          <a href="./s.html">s</a>
+. For an ACSA, we need to add the 'accessControlSpecificArea' value to this
+attribute.
+        </p>
+        <p>
+Most of the time users will create partitions in the server and set the root
+context of the partition (its suffix) to be the AP for a ACSA. For example the
+default server.xml for ApacheDS ships with a partition with the suffix,
+'dc=example,dc=com'. We can use this suffix entry as the AP and our ACSA can
+cover all entries under and including
+'dc=example,dc=com'.</p>
+        <p>
+The code below binds to the server as admin ('uid=admin,ou=system') and modifies
+the suffix entry to become an ACSA. Note that we check to make sure the
+attribute does not already exist before attempting the add
+operation.</p>
+        <source>  ...
+  // Get a DirContext on the dc=example,dc=com entry
+  Hashtable env = new Hashtable();
+  env.put( "java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory" );
+  env.put( "java.naming.provider.url", "ldap://localhost:389/dc=example,dc=com" );
+  env.put( "java.naming.security.principal", "uid=admin,ou=system" );
+  env.put( "java.naming.security.credentials", "secret" );
+  env.put( "java.naming.security.authentication", "simple" );
+  ctx = new InitialDirContext( env );
+
+  // Lookup the administrativeRole specifically since it is operational
+  Attributes ap = ctx.getAttributes( "", new String[] { "administrativeRole" } );
+  Attribute administrativeRole = ap.get( "administrativeRole" );
+
+  // If it does not exist or has no ACSA value then add the attribute
+  if ( administrativeRole == null || ! administrativeRole.contains( "accessControlSpecificArea" ) )
+  {
+    Attributes changes = new BasicAttributes( "administrativeRole", "accessControlSpecificArea", true );
+    ctx.modifyAttributes( "", DirContext.ADD_ATTRIBUTE, changes );
+  }
+  ...
+</source>
+        <p>
+This simple modification of adding the value 'accessControlSpecificArea' to the
+administrativeRole makes the suffix entry 'dc=example,dc=com' an AP for an
+access control specific area. Now you can add subentries to your heart's content
+which subordinate to the
+AP.</p>
+      </subsection>
+    </section>
+    <section heading="h1" name="Creating an Access Control Inner Administrative Area">
+      <p>
+Creating an inner area involves the same process. In fact the same code can be
+used by changing the value added to the administrativeRole attribute. To create
+the inner area just add 'accessControlInnerArea' for the administrativeRole
+within the AP: same steps, same code, different value for the
+administrativeRole.</p>
+    </section>
+    <section heading="h1" name="Access Control Subentries">
+      <p>
+After creating the access control area you can create subentries that
+subordinate to this AP for managing access to it and anything below. Access
+control subentries are entries with the objectClasses: 'subentry' and
+'accessControlSubentry'. An access control subentry must contain 3 attributes
+other than the obvious objectClass attribute. These required attributes are
+listed
+below:</p>
+      <table>
+        <tr>
+          <th>
+Attribute</th>
+          <th>
+SINGLE-VALUED</th>
+          <th>
+Description</th>
+        </tr>
+        <tr>
+          <td>
+cn</td>
+          <td>
+no</td>
+          <td>
+The name of the subentry used as its
+RDN</td>
+        </tr>
+        <tr>
+          <td>
+subtreeSpecification</td>
+          <td>
+yes</td>
+          <td>
+The specification for the collection of entries the ACI is to be applied
+to.</td>
+        </tr>
+        <tr>
+          <td>
+prescriptiveACI</td>
+          <td>
+no</td>
+          <td>
+The attribute holding the
+ACIItem</td>
+        </tr>
+      </table>
+    </section>
+  </body>
+</document>

Added: directory/trunks/apacheds/site/src/site/xdoc/users/allowselfpasswordmodify
URL: http://svn.apache.org/viewcvs/directory/trunks/apacheds/site/src/site/xdoc/users/allowselfpasswordmodify?rev=372635&view=auto
==============================================================================
--- directory/trunks/apacheds/site/src/site/xdoc/users/allowselfpasswordmodify (added)
+++ directory/trunks/apacheds/site/src/site/xdoc/users/allowselfpasswordmodify Thu Jan 26 14:29:42 2006
@@ -0,0 +1,58 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<document>
+  <properties>
+    <author email="akarasulu">akarasulu</author>
+    <title>AllowSelfPasswordModify</title>
+  </properties>
+  <body>
+    <source>{
+  identificationTag "allowSelfAccessAndModification",
+  precedence 14,
+  authenticationLevel none,
+  itemOrUserFirst userFirst: 
+  {
+    userClasses { thisEntry },
+    userPermissions 
+    { 
+      { protectedItems {entry}, grantsAndDenials { grantModify, grantBrowse, grantRead } },
+      { protectedItems {allAttributeValues {userPassword}}, grantsAndDenials { grantAdd, grantRemove } }
+    } 
+  } 
+}
+</source>
+    <section heading="h2" name="Commentary">
+      <p>
+Note that two different user permissions are used to accurately specify self
+access and self modification of the *userPassword* attribute within the entry. 
+So with the first userPermission of this ACI a user would be able to read all
+attributes and values within his/her entry.  They also have the ability to
+modify the entry but this is moot since they cannot add, remove or replace any
+attributes within their entry.  The second user permission completes the picture
+by granting add and remove permissions to all values of userPassword.  This
+means the user can replace the
+password.</p>
+      <table>
+        <tr>
+          <th>
+            <img src="http://docs.safehaus.org/images/icons/emoticons/information.png"/>
+          </th>
+          <th>
+            <center>"grantAdd + grantRemove = grantReplace"</center>
+          </th>
+        </tr>
+        <tr>
+          <td/>
+          <td>
+            <p>
+Modify operations either add, remove or replace attributes and their values in
+LDAP.  X.500 seems to have overlooked the replace capability.  Hence there is no
+such thing as a *grantReplace* permission.  However grantAdd and grantDelete on
+an attribute and its values are both required for a replace operation to take
+place.</p>
+          </td>
+        </tr>
+      </table>
+    </section>
+  </body>
+</document>

Added: directory/trunks/apacheds/site/src/site/xdoc/users/authentication.xml
URL: http://svn.apache.org/viewcvs/directory/trunks/apacheds/site/src/site/xdoc/users/authentication.xml?rev=372635&view=auto
==============================================================================
--- directory/trunks/apacheds/site/src/site/xdoc/users/authentication.xml (added)
+++ directory/trunks/apacheds/site/src/site/xdoc/users/authentication.xml Thu Jan 26 14:29:42 2006
@@ -0,0 +1,249 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<document>
+  <properties>
+    <author email="akarasulu">akarasulu</author>
+    
+  </properties>
+  <body>
+    <section heading="h2" name="Server Authentication">
+      <p>
+This page
+describes:</p>
+      <ol nesting="0">
+        <li>
+the status of
+authentication,</li>
+        <li>
+how to bind (authenticate) as the admin superuser after starting the server the
+first
+time,</li>
+        <li>
+adding non-superusers and binding to the directory as
+them,</li>
+        <li>
+how to protect user
+passwords,</li>
+        <li>
+how to disable anonymous
+binds,</li>
+        <li>
+how to customize the server to use different authentication
+mechanisms.</li>
+      </ol>
+      <subsection heading="h3" name="Status">
+        <p>
+Presently the directory server supports only simple authentication and anonymous
+binds while storing passwords in clear text within userPassword attributes in
+user
+entries.</p>
+        <p>
+Within a short while we'll be able to store passwords using the authPassword
+property which uses strong one way hashes for authentication such as MD5 and
+SHA1. These schemes and the schema used are described in detail here
+in
+          <a href="http://www.faqs.org/rfcs/rfc3112.html">RFC 3112</a>
+.
+        </p>
+      </subsection>
+      <subsection heading="h3" name="How to bind as the admin superuser after initial startup?">
+        <p>
+You just downloaded the server and started it up for the first time. Now you're
+wondering how to bind to the server using an LDAP client like jxplorer, gq, or
+ldapbrowser.</p>
+        <p>
+By default the super user or admin account is created when the system partition
+is created under the 'ou=system' naming context. This occurs when the server is
+started for the first time. The admin user can be found under the following
+DN:</p>
+        <source>          uid=admin,ou=system
+</source>
+        <p>
+The password is initially set to 'secret'. You definately want to change this
+after starting the server. For the first time you can bind to the server as this
+user with 'secret' as the
+password.</p>
+        <p>
+To change the password for the admin user you'll have to make changes to two
+places. First you'll have to change the password in the directory for the user.
+Second you'll have to change the password in the server.xml configuration file
+for the java.naming.security.credentials
+property.</p>
+        <p>
+If you did not disable anonymous binds by setting the respective property
+(described below), then you can bind anonymously to the server without any
+username or
+password.</p>
+        <p>
+Even when anonymous binds are disabled anonymous users can still bind to the
+RootDSE as required by the protocol to lookup supported SASL mechanisms before
+attempting a bind. Don't worry the RootDSE is read
+only.</p>
+      </subsection>
+      <subsection heading="h3" name="Adding and authenticating normal users">
+        <p>
+By default a user in the server can be just about any entry with a userPassword
+attribute that contains a clear text password. The DN can be anything reachable
+within one of the directory partitions. So if you add a partition to hang off of
+'dc=example,dc=com' then you can add user entries anywhere under this naming
+context or just add user entries under the 'ou=system' naming context. Below is
+an LDIF of a user you can add to the directory as a test
+user.</p>
+        <source>dn: uid=jdoe,ou=users,ou=system
+cn: John Doe
+sn: Doe
+givenname: John
+objectclass: top
+objectclass: person
+objectclass: organizationalPerson
+objectclass: inetOrgPerson
+ou: Human Resources
+ou: People
+l: Las Vegas
+uid: jdoe
+mail: jdoe@apachecon.comm
+telephonenumber: +1 408 555 5555
+facsimiletelephonenumber: +1 408 555 5556
+roomnumber: 4613
+userpassword: test
+</source>
+        <p>
+You can download
+this
+          <a href="./newuser.ldif.html">newuser.ldif</a>
+file and use it to add the user. Below we use the ldapadd OpenLDAP client to
+import the LDIF file presuming the server was started on port 1024 on the
+localhost:
+        </p>
+        <source>ldapadd -a -D "uid=admin,ou=system" -f newuser.ldif -h localhost -p 1024 -x -w secret
+</source>
+        <p>
+You can confirm the add/import by performing a search for the user. This time
+using the OpenLDAP search client you use the following
+command:</p>
+        <source>ldapsearch -D "uid=admin,ou=system" -h localhost -p 1024 -x -w secret -s one
+    -b "ou=users,ou=system" "(uid=jdoe)"
+</source>
+        <p>
+You can start searching the directory using this new user like
+so:</p>
+        <source>ldapsearch -D "uid=jdoe,ou=users,ou=system" -h localhost -p 1024 -x -w test -s one -b "ou=system" "(objectClass=*)"
+</source>
+      </subsection>
+      <subsection heading="h3" name="Protecting user passwords">
+        <p>
+Without access controls enabled userPasswords and user entries are accessible
+and alterable by all: even anonymous users. There are however some minimal
+built-in rules for protecting users and groups within the server without having
+to turn on the ACI
+subsystem.</p>
+        <p>
+Without ACIs the server automatically protects, hides, the admin user from
+everyone but the admin user. Users cannot see other user entries under the
+'ou=users,ou=system' entry. So placing new users there automatically protects
+them. Placing new users anywhere else exposes them. Groups defined using
+groupOfNames or groupOfUniqueNames under the 'ou=groups,ou=system' are also
+protected from access or alteration by anyone other than the admin user. Again
+this protection is not allowed anywhere else but under these
+entries.</p>
+        <p>
+For simple configurations this should provide adequate protection but it lacks
+flexibility. For advanced configurations users should enable the ACI subsystem.
+This however shuts down access to everything by everyone except the admin user
+which bypasses the ACI subsystem. Directory administrators should look at the
+docomentation on how to specify access control information
+here:
+          <a href="./authorization.html">Authorization</a>
+.
+        </p>
+      </subsection>
+      <subsection heading="h3" name="Disabling anonymous binds">
+        <p>
+Anonymous binds come enabled out of the box. So you might want to turn off this
+feature especially if you're not using a version of ApacheDS that is 0.9.3 or
+higher with ACI support. To do so you're going to have to restart the server
+after setting the allowAnonymousAccess property to false in the server.xml
+configuration
+file.</p>
+      </subsection>
+      <subsection heading="h3" name="Using custom authenticators">
+        <p>
+Authenticator SPI provides a way to implement your own authentication mechanism,
+for instance simple mechanism using password encryption such as MD5 or SHA1, or
+SASL mechanism. See the following
+example:</p>
+        <source>import javax.naming.NamingException;
+
+import org.apache.ldap.server.auth.AbstractAuthenticator;
+import org.apache.ldap.server.auth.LdapPrincipal;
+import org.apache.ldap.server.jndi.ServerContext;
+import org.apache.ldap.common.exception.LdapNoPermissionException;
+import org.apache.ldap.common.name.LdapName;
+
+public class MyAuthenticator extends AbstractAuthenticator {
+
+    public MyAuthenticator( )
+    {
+        // create authenticator that will handle "simple" authentication mechanism
+        super( "simple" );
+    }
+
+    public void init() throws NamingException
+    {
+        ...
+    }
+
+    public LdapPrincipal authenticate( ServerContext ctx ) throws NamingException
+    {
+        ...
+
+        // return the authorization id
+        LdapName principalDn = new LdapName( dn );
+        return new LdapPrincipal( principalDn );
+    }
+}
+</source>
+        <p>
+The authenticator class has to extend the
+org.apache.ldap.server.auth.AbstractAuthenticator. This class needs to have a
+no-argument constructor that calls the super() constructor with parameter the
+authentication mechanism it is going to handle. In the above example,
+MyAuthenticator class is going to handle the simple authentication mechanism. To
+implement a SASL mechanism you need to call super() with the name of the SASL
+mechanism, e.g. super( "DIGEST-MD5"
+).</p>
+        <p>
+You can optionally implement the init() method to initialize your authenticator
+class. This will be called when the authenticator is loaded by ApacheDS during
+start-up.</p>
+        <p>
+When a client performs an authentication, ApacheDS will call the authenticate()
+method. You can get the client authentication info from the server context.
+After you authenticate the client, you need to return the authorization id. If
+the authentication fails, you should throw an
+LdapNoPermissionException.</p>
+        <p>
+When there are multiple authenticators registered with the same authentication
+type, ApacheDS will try to use them in the order it was registered. If one fails
+it will use the next one, until it finds one that successfully authenticates the
+client.</p>
+        <p>
+To tell ApacheDS to load your custom authenticators, you need to specify it in
+the server.xml. You can also optionally specify the location of a .properties
+file containing the initialization parameters. See the following
+example:</p>
+        <p>
+EXAMPLE BELOW IS NO LONGER VALID WITH XML
+CONFIGURATION</p>
+        <source>server.authenticators=myauthenticator yourauthenticator
+
+server.authenticator.class.myauthenticator=com.mycompany.MyAuthenticator
+server.authenticator.properties.myauthenticator=myauthenticator.properties
+
+server.authenticator.class.yourauthenticator=com.yourcompany.YourAuthenticator
+server.authenticator.properties.yourauthenticator=yourauthenticator.properties
+</source>
+      </subsection>
+    </section>
+  </body>
+</document>

Added: directory/trunks/apacheds/site/src/site/xdoc/users/authorization.xml
URL: http://svn.apache.org/viewcvs/directory/trunks/apacheds/site/src/site/xdoc/users/authorization.xml?rev=372635&view=auto
==============================================================================
--- directory/trunks/apacheds/site/src/site/xdoc/users/authorization.xml (added)
+++ directory/trunks/apacheds/site/src/site/xdoc/users/authorization.xml Thu Jan 26 14:29:42 2006
@@ -0,0 +1,232 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<document>
+  <properties>
+    <author email="akarasulu">akarasulu</author>
+    
+  </properties>
+  <body>
+    <p>
+ApacheDS uses an adaptation of the X.500 basic access control scheme in
+combination with X.500 subentries to control access to entries and attributes
+within the DIT. This document will show you how to enable the basic access
+control mechanism and how to define access control information to manage access
+to protected
+resources.</p>
+    <section heading="h2" name="Enabling Basic Access Controls">
+      <p>
+By default the access control subsystem is turned off. Once enabled everything
+is tightly locked down. Only the special admin user, '*uid=admin,ou=system*', is
+not affected by permissions. Access to all operations are denied by default
+until enabled using an ACIItem. For this reason enabling basic access controls
+is a configuration
+option.</p>
+      <p>
+To turn on the basic access control mechanism you need to set the
+*accessControlEnabled* property in the configuration to true. This can be set
+programatically on the StartupConfiguration or via the
+server.xml.</p>
+    </section>
+    <section heading="h2" name="Types of ACI (Access Control Information)">
+      <p>
+Three different types of ACI exist. All types use the same specification syntax
+for an ACIITem. These types differ in their placement and manner of use within
+the
+directory.</p>
+      <subsection heading="h3" name="Entry ACI">
+        <p>
+Entry ACI are access controls added to entries to protect that entry
+specifically. Meaning the protoected entry is the entry where the ACI resides.
+When performing an operation on an entry, ApacheDS checks for the presence of
+the multivalued operational attribute, *entryACI*. The values of the entryACI
+attribute contain
+ACIItems.</p>
+        <table>
+          <tr>
+            <td>
+              <img src="http://docs.safehaus.org/images/icons/emoticons/warning.png"/>
+            </td>
+            <td>
+              <p>
+There is one exception to the rule of consulting entryACI attributes within
+ApacheDS: add operations do not consult the entryACI within the entry being
+added. This is a security precaution. If allowed users can arbitrarily add
+entries where they wanted by putting entryACI into the new entry being added.
+This could comprimise the
+DSA.</p>
+            </td>
+          </tr>
+        </table>
+      </subsection>
+      <subsection heading="h3" name="Prescriptive ACI">
+        <p>
+Prescriptive ACI are access controls that are applied to a collection of
+entries, not just to a single entry. Collections of entries are defined by the
+subtreeSpecifications of subentries. Hence prescriptive ACI are added to
+subentries as attributes and are applied by ApacheDS to the entries selected by
+the subentry's subtreeSpecification. ApacheDS uses the *prescriptiveACI*
+multivalued operational attribute within subentries to contain ACIItems that
+apply to the entry
+collection.</p>
+        <p>
+Prescriptive ACI can save much effort when trying to control access to a
+collection of resources. Prescriptive ACI can even be specified to apply access
+controls to entries that do not yet exist within the DIT. They are a very
+powerful mechanism and for this reason they are the prefered mechanism for
+managing access to protected resources. ApacheDS is optimized specifically for
+managing access to collections of entries rather than point entries
+themselves.</p>
+        <p>
+Users should try to avoid entry ACIs whenever possible, and use prescriptive
+ACIs instead. Entry ACIs are more for managing exceptional cases and should not
+be used
+excessively.</p>
+        <table>
+          <tr>
+            <th>
+              <img src="http://docs.safehaus.org/images/icons/emoticons/information.png"/>
+            </th>
+            <th>
+              <center>How it works!</center>
+            </th>
+          </tr>
+          <tr>
+            <td/>
+            <td>
+              <p>
+For every type of LDAP operation ApacheDS checks to see if any access control
+subentries include the protected entry in their collection. The set of
+subentries which include the protected entry are discovered very rapidly by the
+subentry subsystem. The subentry subsystem caches subtreeSpecifications for all
+subentries within the server so inclusion checks are
+fast.</p>
+              <p>
+For each access control subentry in the set, ApacheDS checks within a
+prescriptive ACI cache for ACI tuples. ApacheDS also caches prescriptive ACI
+information in a special form called ACI tuples. This is done so ACIItem parsing
+and conversion to an optimal representations for evaluation is not required at
+access time. This way access based on prescriptive ACIs is determined very
+rapidly.</p>
+            </td>
+          </tr>
+        </table>
+      </subsection>
+      <subsection heading="h3" name="Subentry ACI">
+        <p>
+Access to subentries also needs to be controlled. Subentries are special in
+ApacheDS. Although they subordinate to an administrative entry (entry of an
+Administrative Point), they are technically considered to be in the same context
+as their administrative entry. ApacheDS considers the perscriptive ACI applied
+to the administrative entry, to also apply to its
+subentries.</p>
+        <p>
+This however is not the most intuitive mechanism to use for explicitly
+controlling access to subentries. A more explicit mechanism is used to specify
+ACIs specifically for protecting subentries. ApacheDS uses the multivalued
+operational attribute, *subentryACI*, within administrative entries to control
+access to immediately subordinate
+subentries.</p>
+        <p>
+Protection policies for ACIs themselves can be managed within the entry of an
+administrative
+point.</p>
+      </subsection>
+    </section>
+    <section heading="h2" name="Some Simple Examples">
+      <p>
+The ACIItem syntax is very expressive and that makes it extremely powerful for
+specifying complex access control policies. However the syntax is not very easy
+to grasp for beginners. For this reason we start with simple examples that focus
+on different protection mechanisms offered by the ACIItem syntax. We do this
+instead of specifying the grammar which is not the best way to learn a
+language.</p>
+      <table>
+        <tr>
+          <th>
+            <img src="http://docs.safehaus.org/images/icons/emoticons/forbidden.png"/>
+          </th>
+          <th>
+            <center>Before you go any further...</center>
+          </th>
+        </tr>
+        <tr>
+          <td/>
+          <td>
+            <p>
+Please don't go any further until you have read up on the use
+of
+              <a href="./subentries.html">Subentries</a>
+. Knowledge of subentries, subtreeSpecifications, administrative areas, and
+administrative roles are required to properly digest the following
+matterial.
+            </p>
+          </td>
+        </tr>
+      </table>
+      <p>
+Before going on to these trails you might want to set up an Administrative Area
+for managing access control via prescriptiveACI.  Both subentryACI and
+prescriptiveACI require the presence of an Administrative Point entry.  For more
+information and code examples
+see
+        <a href="./acareas.html">ACAreas</a>
+.
+      </p>
+      <subsection heading="h3" name="ACI Trails">
+        <p>
+Here are some trails that resemble simple HOWTO guides.  They're ordered with
+the most pragmatic usage first.  We will add to these trails over
+time.</p>
+        <table>
+          <tr>
+            <th>
+Trail</th>
+            <th>
+Description</th>
+          </tr>
+          <tr>
+            <td>
+              <a href="./enablesearchforallusers.html">EnableSearchForAllUsers</a>
+            </td>
+            <td>
+Enabling access to browse and read all entries and their attributes by
+authenticated
+users.</td>
+          </tr>
+          <tr>
+            <td>
+              <a href="./denysubentryaccess.html">DenySubentryAccess</a>
+            </td>
+            <td>
+Protecting access to subentries
+themselves.</td>
+          </tr>
+          <tr>
+            <td>
+              <a href="./allowselfpasswordmodify.html">AllowSelfPasswordModify</a>
+            </td>
+            <td>
+Granting users the rights needed to change their own
+passwords.</td>
+          </tr>
+          <tr>
+            <td>
+              <a href="./grantadddelmodtogroup.html">GrantAddDelModToGroup</a>
+            </td>
+            <td>
+Granting add, delete, and modify permissions to a group of
+users.</td>
+          </tr>
+          <tr>
+            <td>
+              <a href="./grantmodtoentry.html">GrantModToEntry</a>
+            </td>
+            <td>
+Applying ACI to a single
+entry.</td>
+          </tr>
+        </table>
+      </subsection>
+    </section>
+  </body>
+</document>

Added: directory/trunks/apacheds/site/src/site/xdoc/users/building.xml
URL: http://svn.apache.org/viewcvs/directory/trunks/apacheds/site/src/site/xdoc/users/building.xml?rev=372635&view=auto
==============================================================================
--- directory/trunks/apacheds/site/src/site/xdoc/users/building.xml (added)
+++ directory/trunks/apacheds/site/src/site/xdoc/users/building.xml Thu Jan 26 14:29:42 2006
@@ -0,0 +1,97 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<document>
+  <properties>
+    <author email="akarasulu">akarasulu</author>
+    
+  </properties>
+  <body>
+    <section heading="h2" name="Building and Running the Apache Directory Server">
+      <p>
+All directory projects
+use
+        <a href="http://maven.apache.org">Maven</a>
+as the default build tool. We try to remain current with the production version
+of Maven. As of 12/04 we use Maven 1.0.2 on JDK 1.4 and
+up.
+      </p>
+      <p>
+The multiproject plugin is used to build all the maven projects associated with
+the server. After checking out the server trunk from subversion, cd into it and
+run the following multiproject
+command:</p>
+      <source>maven multiproject:install
+</source>
+      <p>
+Once you've built the server you'll find an executable jar file under the
+main/target directory labeled apacheds-main-$version.jar which can be fired up
+like
+so:</p>
+      <source>java -jar main/target/apacheds-main-$version.jar server.xml
+</source>
+      <p>
+When you start the server without a xml conf file arguement default settings are
+used. It tries to bind to 389 but this non-root user does not have the needed
+priviledges so it tries to bind on the next available port which is 1024. You
+may like a conf file that can be used to override and set server specific
+properties to control its behavoir. Below we use
+the
+        <a href="http://valpithy.notlong.com/">xml configuration</a>
+file that comes preconfigured for Apache under the server/trunk/main
+directory:
+      </p>
+      <source>java -jar main/target/apacheds-main-${version}.jar main/server.xml
+</source>
+    </section>
+    <section heading="h2" name="Apache Directory Server's Maven Modules">
+      <p>
+The server is composed of 4 separate maven projects.  These projects are
+summarized
+below:</p>
+      <table>
+        <tr>
+          <th>
+Project</th>
+          <th>
+Summary</th>
+        </tr>
+        <tr>
+          <td>
+core</td>
+          <td>
+The heart of the server which contains the JNDI Provider, interceptors,
+partitions and
+schema.</td>
+        </tr>
+        <tr>
+          <td>
+shared</td>
+          <td>
+Contains shared classes between modules to prevent cyclic
+deps.</td>
+        </tr>
+        <tr>
+          <td>
+plugin</td>
+          <td>
+Contains a maven plugin used while developing with/for the directory
+server.</td>
+        </tr>
+        <tr>
+          <td>
+main</td>
+          <td>
+Contains the ApacheDS application main() along with a special
+InitialContextFactory implemenation that extends the CoreContextFactory which is
+an InitialContextFactory implementation (ICF). This ICF is the
+ServerContextFactory and it initializes MINA adding the LDAP protocol provider
+as well as the other providers for protocols like Kerberos, Change Password,
+NTP, DNS and DHCP. Of course the configuration determines if these protocols are
+started or not. All protocols with the exception of NTP use the core LDAP store
+as their backing store with custom
+schema.</td>
+        </tr>
+      </table>
+    </section>
+  </body>
+</document>

Added: directory/trunks/apacheds/site/src/site/xdoc/users/collective.xml
URL: http://svn.apache.org/viewcvs/directory/trunks/apacheds/site/src/site/xdoc/users/collective.xml?rev=372635&view=auto
==============================================================================
--- directory/trunks/apacheds/site/src/site/xdoc/users/collective.xml (added)
+++ directory/trunks/apacheds/site/src/site/xdoc/users/collective.xml Thu Jan 26 14:29:42 2006
@@ -0,0 +1,239 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<document>
+  <properties>
+    <author email="akarasulu">akarasulu</author>
+    
+  </properties>
+  <body>
+    <section heading="h2" name="Introduction">
+      <p>
+Collective attributes are attributes whose values are shared across a collection
+of entries. It's very common to encounter situations where a bunch of entries
+have the same value for an attribute. Collective attributes for LDAP are defined
+in
+        <a href="http://www.faqs.org/rfcs/rfc3671.html">RFC 3671</a>
+. ApacheDS implements this
+RFC.
+      </p>
+      <subsection heading="h3" name="Use Case">
+        <p>
+For example one might organize everyone in an engineering department under an
+ou, 'ou=engineering'. If the engineering team is located in the same area and
+building then several attributes in each user entry within engineering will have
+the same value. An example of such an attribute would be the locale. If
+engineering is located in Sunnyvale CA then all locale attributes of entries
+under 'ou=engineering' would be set to
+Sunnyvale.</p>
+        <p>
+Rather than manage the value for this attribute in each entry a single
+collective attribute can be used in a subentry. Changes to the value of this
+attribute would immediately be reflected to those entries selected by the
+subtreeSpecification of subentry. For more information on specifying subtrees
+take
+at
+          <a href="./subentries.html">Subentries</a>
+.
+        </p>
+      </subsection>
+    </section>
+    <section heading="h2" name="Setting up a Collective Attribute Administration Area (AA)">
+      <p>
+To manage collective attributes for a collection of entries you must add
+collective subentries to the Administrative Point (AP) of the collective AA. For
+more information on AAs
+see
+        <a href="./subentries.html">Subentries</a>
+. These collective subentries must have the objectClass subentry as well as
+collectiveAttributeSubentry. Also the AP, of the AA, must have an
+administrativeRole value of collectiveAttributeSpecificArea (2.5.23.5) or
+collectiveAttributeInnerArea
+(2.5.23.6).
+      </p>
+      <subsection heading="h3" name="Example">
+        <p>
+For the use case above we can presume a partition at the namingContext
+'dc=example,dc=com' with an 'ou=engineering' entry below containing users from
+the engineering team in Sunnyvale. Let's presume no AA has yet been defined so
+we have to create one. We'll set the partition root 'dc=example,dc=com' as the
+AP of an AA that spans the entire subtree. For this simple example the AA will
+be autonomous for the collective aspect. Setting this up is just a matter of
+modifying the 'dc=example,dc=com' entry so it contains the operational attribute
+administrativeRole with the value collectiveAttributeSpecificArea. The code
+below sets up this AAA for collective attribute
+administration.</p>
+        <source>  // Get a DirContext on the dc=example,dc=com entry
+  Hashtable env = new Hashtable();
+  env.put( "java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory" );
+  env.put( "java.naming.provider.url", "ldap://localhost:" + port + "/dc=example,dc=com" );
+  env.put( "java.naming.security.principal", "uid=admin,ou=system" );
+  env.put( "java.naming.security.credentials", "secret" );
+  env.put( "java.naming.security.authentication", "simple" );
+  ctx = new InitialDirContext( env );
+
+  // Modify the entry to make it an AAA for collective attribute administration
+  Attributes mods = new BasicAttributes( "administrativeRole", "collectiveAttributeSpecificArea", true );
+  ctx.modifyAttributes( "", DirContext.ADD_ATTRIBUTE, mods );
+</source>
+        <p>
+Now 'dc=example,dc=com' is the AP for a collective attribute AAA that spans the
+entire subtree under and including it down to every leaf entry. All that remains
+is the addition of the subentry with the collective attributes we want included
+in the entries of all engineering users. Here's what the LDIF would look like
+for this subentry given that its commonName is
+'engineeringLocale'.</p>
+        <source>dn: cn=engineeringLocale,dc=example,dc=com
+objectClass: top
+objectClass: subentry
+objectClass: collectiveAttributeSubentry
+cn: engineeringLocale
+c-l: Sunnyvale
+subtreeSpecification: {base "ou=engineering", minimum 4}
+</source>
+        <p>
+A couple points regarding this subentry's
+LDIF:</p>
+        <ol nesting="0">
+          <li>
+It subordinates to the AP
+('dc=example,dc=com')</li>
+          <li>
+It contains the objectClasses: subentry and
+collectiveAttributeSubentry</li>
+          <li>
+It contains the collective version of locale (l):
+c-l</li>
+          <li>
+Its subtreeSpecification excludes entries whose number of DN name components is
+is less than
+4</li>
+        </ol>
+        <p>
+Note that the minimum value of 4 is used in the subtreeSpecification to make
+sure that the entry 'ou=engineering,dc=example,dc=com' does not have c-l:
+Sunnyvale added to it. It's got 3 components to the DN so minimum 4 chops it out
+of the
+collection.</p>
+      </subsection>
+    </section>
+    <section heading="h2" name="Collective Attribute Types">
+      <p>
+As one can see from the example above, special collective attributes are used
+for regular attributes: c-l for l. These attributes are derived from the
+original attribute and are marked as COLLECTIVE. RFC 3671 defines a bunch of
+these which are listed below. If you don't find what you're looking for just add
+it to your own schema using this
+pattern.</p>
+      <p>
+We have included this list from RFC 3671 into the collective.schema which comes
+standard with
+ApacheDS.</p>
+      <source>3.1. Collective Locality Name
+
+   The c-l attribute type specifies a locality name for a collection of
+   entries.
+
+      ( 2.5.4.7.1 NAME 'c-l'
+        SUP l COLLECTIVE )
+
+3.2. Collective State or Province Name
+
+   The c-st attribute type specifies a state or province name for a
+   collection of entries.
+
+      ( 2.5.4.8.1 NAME 'c-st'
+        SUP st COLLECTIVE )
+
+3.3. Collective Street Address
+
+   The c-street attribute type specifies a street address for a
+   collection of entries.
+
+      ( 2.5.4.9.1 NAME 'c-street'
+        SUP street COLLECTIVE )
+
+3.4. Collective Organization Name
+
+   The c-o attribute type specifies an organization name for a
+   collection of entries.
+
+      ( 2.5.4.10.1 NAME 'c-o'
+        SUP o COLLECTIVE )
+
+3.5. Collective Organizational Unit Name
+
+   The c-ou attribute type specifies an organizational unit name for a
+   collection of entries.
+
+      ( 2.5.4.11.1 NAME 'c-ou'
+        SUP ou COLLECTIVE )
+
+3.6. Collective Postal Address
+
+   The c-PostalAddress attribute type specifies a postal address for a
+   collection of entries.
+
+      ( 2.5.4.16.1 NAME 'c-PostalAddress'
+        SUP postalAddress COLLECTIVE )
+
+3.7. Collective Postal Code
+
+   The c-PostalCode attribute type specifies a postal code for a
+   collection of entries.
+
+      ( 2.5.4.17.1 NAME 'c-PostalCode'
+        SUP postalCode COLLECTIVE )
+
+3.8. Collective Post Office Box
+
+   The c-PostOfficeBox attribute type specifies a post office box for a
+   collection of entries.
+
+      ( 2.5.4.18.1 NAME 'c-PostOfficeBox'
+        SUP postOfficeBox COLLECTIVE )
+
+3.9. Collective Physical Delivery Office Name
+
+   The c-PhysicalDeliveryOfficeName attribute type specifies a physical
+   delivery office name for a collection of entries.
+
+      ( 2.5.4.19.1 NAME 'c-PhysicalDeliveryOfficeName'
+        SUP physicalDeliveryOfficeName COLLECTIVE )
+
+3.10. Collective Telephone Number
+
+   The c-TelephoneNumber attribute type specifies a telephone number for
+   a collection of entries.
+
+      ( 2.5.4.20.1 NAME 'c-TelephoneNumber'
+        SUP telephoneNumber COLLECTIVE )
+
+3.11. Collective Telex Number
+
+   The c-TelexNumber attribute type specifies a telex number for a
+   collection of entries.
+
+      ( 2.5.4.21.1 NAME 'c-TelexNumber'
+        SUP telexNumber COLLECTIVE )
+
+3.13. Collective Facsimile Telephone Number
+
+   The c-FacsimileTelephoneNumber attribute type specifies a facsimile
+   telephone number for a collection of entries.
+
+      ( 2.5.4.23.1 NAME 'c-FacsimileTelephoneNumber'
+
+   SUP facsimileTelephoneNumber COLLECTIVE )
+
+3.14. Collective International ISDN Number
+
+   The c-InternationalISDNNumber attribute type specifies an
+   international ISDN number for a collection of entries.
+
+      ( 2.5.4.25.1 NAME 'c-InternationalISDNNumber'
+        SUP internationalISDNNumber COLLECTIVE )
+
+</source>
+    </section>
+  </body>
+</document>

Added: directory/trunks/apacheds/site/src/site/xdoc/users/configuration.xml
URL: http://svn.apache.org/viewcvs/directory/trunks/apacheds/site/src/site/xdoc/users/configuration.xml?rev=372635&view=auto
==============================================================================
--- directory/trunks/apacheds/site/src/site/xdoc/users/configuration.xml (added)
+++ directory/trunks/apacheds/site/src/site/xdoc/users/configuration.xml Thu Jan 26 14:29:42 2006
@@ -0,0 +1,258 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<document>
+  <properties>
+    <author email="trustin">trustin</author>
+    
+  </properties>
+  <body>
+    <p>
+The Apache Directory team introduced new configuration interface of ApacheDS
+from the version 0.9.1. This page introduces
+it.</p>
+    <section heading="h1" name="The Configuration API">
+      <p>
+ApacheDS provides its configuration API in the
+org.apache.ldap.server.configuration package. This package contains concrete
+configuration instruction classes that you can instantiate and specify in your
+JNDI environment variable. To put your configuration instruction class into the
+JNDI environment
+variable:</p>
+      <source>Properties env = new Properties();
+env.setProperty( Context.INITIAL_CONTEXT_FACTORY, CoreContextFactory.class.getName() );
+...
+
+// Create a configuration instruction.
+Configuration cfg = new MutableStartupConfiguration();
+...
+
+// Put the configuration instruction to the environment variable.
+env.putAll( cfg.toJndiEnvironment() );
+
+// Execute the instruction you've specified.
+new InitialContext( env );
+</source>
+      <p>
+Now let's find out what kind of instruction you can give to
+ApacheDS.</p>
+      <subsection heading="h2" name="StartupConfiguration">
+        <p>
+This instruction starts up the ApacheDS if it is not started. Here's the list of
+known
+properties:</p>
+        <ul nesting="1">
+          <li>
+authenticatorConfigurations - a collection of AuthenticatorConfigurations.
+AuthenticatorConfiguration specifies Authenticators that authenticate a user who
+accesses the ApacheDS DIT. (Default: &lt;all default
+authenticators&gt;)</li>
+          <li>
+bootstrapSchemas - a set of BootstrapSchemas which are loaded at the first time
+ApacheDS starts up (Default: &lt;all default
+schemas&gt;)</li>
+          <li>
+contextPartitionConfigurations - A collection of ContextPartitionConfigurations.
+ContextPartitionConfiguration specified ContextPartitions that consist the
+ApacheDS DIT. (Default: no context partitions except system
+partition)</li>
+          <li>
+accessControl - Set to true if you want to enable access control support of the
+ApacheDS. (Default:
+false)</li>
+          <li>
+allowAnonymousAccess - Set to true if you want to enable anonymous access.
+(Default:
+true)</li>
+          <li>
+interceptorConfigurations - a list of InterceptorConfigurations which will
+configure the initial interceptor chain of the ApacheDS (Default: &lt;all default
+interceptors&gt;)</li>
+          <li>
+testEntries - a list of javax.naming.directory.Attributes which will be added to
+the DIT while the ApacheDS is started up (Default: no test
+entries)</li>
+          <li>
+workingDirectory - a working directory the content of DIT will be stored to
+(Default:
+./server-work/)</li>
+        </ul>
+        <p>
+You don't need to specify any properties because all properties have the
+default. Please use MutableStartupConfiguration to modify any properties
+above.</p>
+      </subsection>
+      <subsection heading="h2" name="ShutdownConfiguration">
+        <p>
+This instruction shuts down the ApacheDS if it is not already shut down. There's
+no property to
+configure.</p>
+      </subsection>
+      <subsection heading="h2" name="SyncConfiguration">
+        <p>
+This instruction flushes out any I/O buffer or write cache. There's no property
+to
+configure.</p>
+      </subsection>
+      <subsection heading="h2" name="AddContextPartitionConfiguration">
+        <p>
+This instruction adds a new context partition on-the-fly while the ApacheDS is
+running. There is only one property, 'contextPartitionConfiguration'. You can
+specify an appropriate ContextPartitionConfiguration to plug a context partition
+into the
+ApacheDS.</p>
+      </subsection>
+      <subsection heading="h2" name="RemoveContextPartitionConfiguration">
+        <p>
+This instruction removes an existing context partition on-the-fly while the
+ApacheDS is running. There is only one property, 'suffix'. You can specify the
+suffix of the partition you want to remove from the
+ApacheDS.</p>
+      </subsection>
+      <subsection heading="h2" name="Running and Choosing Multiple Instances">
+        <p>
+You can run multiple instances of ApacheDS by specifying {{instanceId}} to all
+Configuration instructions. InstanceId can be specified as a constructor
+parameter. Please take a look at the API documentation (JavaDoc) for more
+details.</p>
+        <source>// Create a configuration instruction that affects an ApacheDS instance 'instance4'.
+Configuration cfg = new MutableStartupConfiguration( "instance4" );
+...
+
+// Put the configuration instruction to the environment variable.
+env.putAll( cfg.toJndiEnvironment() );
+
+// Execute the instruction you've specified for an ApacheDS instance 'instance4'.
+new InitialContext( env );
+</source>
+      </subsection>
+    </section>
+    <section heading="h1" name="Using Spring Framework">
+      <p>
+The configuration API is designed to fit tightly
+with
+        <a href="http://www.springframework.org/">Spring Framework</a>
+. Here is an example beans xml
+file:
+      </p>
+      <source>&lt;?xml version="1.0" encoding="UTF-8"?&gt;
+
+&lt;!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN"
+  "http://www.springframework.org/dtd/spring-beans.dtd"&gt;
+
+&lt;beans&gt;
+  &lt;!-- JNDI environment variable --&gt;
+  &lt;bean id="environment" class="org.springframework.beans.factory.config.PropertiesFactoryBean"&gt;
+    &lt;property name="properties"&gt;
+      &lt;props&gt;
+    	  &lt;prop key="asn.1.berlib.provider"&gt;org.apache.ldap.common.berlib.asn1.SnickersProvider&lt;/prop&gt;
+    	  &lt;!--prop key="asn.1.berlib.provider"&gt;org.apache.ldap.common.TwixProvider&lt;/prop--&gt;
+    	  &lt;prop key="java.naming.security.authentication"&gt;simple&lt;/prop&gt;
+    	  &lt;prop key="java.naming.security.principal"&gt;uid=admin,ou=system&lt;/prop&gt;
+          &lt;prop key="java.naming.security.credentials"&gt;secret&lt;/prop&gt;
+          &lt;prop key="java.naming.ldap.attributes.binary"&gt;
+            photo personalSignature audio jpegPhoto javaSerializedData userPassword
+            userCertificate cACertificate authorityRevocationList certificateRevocationList
+            crossCertificatePair x500UniqueIdentifier krb5Key
+          &lt;/prop&gt;
+      &lt;/props&gt;
+    &lt;/property&gt;
+  &lt;/bean&gt;
+  
+  &lt;!-- StartupConfiguration to start ApacheDS --&gt;
+  &lt;bean id="configuration" class="org.apache.ldap.server.configuration.MutableServerStartupConfiguration"&gt;
+    &lt;property name="workingDirectory"&gt;&lt;value&gt;apache.org&lt;/value&gt;&lt;/property&gt;
+    &lt;property name="allowAnonymousAccess"&gt;&lt;value&gt;false&lt;/value&gt;&lt;/property&gt;
+    &lt;property name="accessControlEnabled"&gt;&lt;value&gt;false&lt;/value&gt;&lt;/property&gt;
+    &lt;property name="ldapPort"&gt;&lt;value&gt;10389&lt;/value&gt;&lt;/property&gt;
+    &lt;property name="contextPartitionConfigurations"&gt;
+      &lt;set&gt;
+        &lt;ref bean="apachePartitionConfiguration"/&gt;
+      &lt;/set&gt;
+    &lt;/property&gt;
+
+    &lt;!-- Bootstrap schemas --&gt;
+    &lt;property name="bootstrapSchemas"&gt;
+      &lt;set&gt;
+        &lt;bean class="org.apache.ldap.server.schema.bootstrap.AutofsSchema"/&gt;
+        &lt;bean class="org.apache.ldap.server.schema.bootstrap.CorbaSchema"/&gt;
+        &lt;bean class="org.apache.ldap.server.schema.bootstrap.CoreSchema"/&gt;
+
+        ......
+
+      &lt;/set&gt;
+    &lt;/property&gt;
+    
+    &lt;!-- Interceptor configurations --&gt;
+    &lt;property name="interceptorConfigurations"&gt;
+      &lt;list&gt;
+        &lt;bean class="org.apache.ldap.server.configuration.MutableInterceptorConfiguration"&gt;
+          &lt;property name="name"&gt;&lt;value&gt;normalizationService&lt;/value&gt;&lt;/property&gt;
+          &lt;property name="interceptor"&gt;
+            &lt;bean class="org.apache.ldap.server.normalization.NormalizationService" /&gt;
+          &lt;/property&gt;
+        &lt;/bean&gt;
+        &lt;bean class="org.apache.ldap.server.configuration.MutableInterceptorConfiguration"&gt;
+          &lt;property name="name"&gt;&lt;value&gt;authenticationService&lt;/value&gt;&lt;/property&gt;
+          &lt;property name="interceptor"&gt;
+            &lt;bean class="org.apache.ldap.server.authn.AuthenticationService" /&gt;
+          &lt;/property&gt;
+        &lt;/bean&gt;
+
+        ......
+
+      &lt;/list&gt;
+    &lt;/property&gt;
+  &lt;/bean&gt;
+
+  &lt;!-- Additional ContextPartitionConfiguration --&gt;
+  &lt;bean id="apachePartitionConfiguration" class="org.apache.ldap.server.configuration.MutableContextPartitionConfiguration"&gt;
+    &lt;property name="name"&gt;&lt;value&gt;apache&lt;/value&gt;&lt;/property&gt;
+    &lt;property name="suffix"&gt;&lt;value&gt;dc=apache,dc=org&lt;/value&gt;&lt;/property&gt;
+    &lt;property name="indexedAttributes"&gt;
+      &lt;set&gt;
+        &lt;value&gt;objectClass&lt;/value&gt;
+        &lt;value&gt;ou&lt;/value&gt;
+        &lt;value&gt;uid&lt;/value&gt;
+      &lt;/set&gt;
+    &lt;/property&gt;
+    &lt;property name="contextEntry"&gt;
+      &lt;value&gt;
+        objectClass: top
+        objectClass: domain
+        objectClass: extensibleObject
+        dc: apache
+      &lt;/value&gt;
+    &lt;/property&gt;
+  &lt;/bean&gt;
+
+  &lt;!-- Custom editors required to launch ApacheDS --&gt;
+  &lt;bean class="org.springframework.beans.factory.config.CustomEditorConfigurer"&gt;
+    &lt;property name="customEditors"&gt;
+      &lt;map&gt;
+        &lt;entry key="javax.naming.directory.Attributes"&gt;
+          &lt;bean class="org.apache.ldap.server.configuration.AttributesPropertyEditor"/&gt;
+        &lt;/entry&gt;
+      &lt;/map&gt;
+   &lt;/property&gt;
+  &lt;/bean&gt;
+&lt;/beans&gt;
+</source>
+      <p>
+With the XML file above, you can start up the ApacheDS with this
+code:</p>
+      <source>Properties env;
+ServerStartupConfiguration cfg;
+
+ApplicationContext factory = new FileSystemXmlApplicationContext( args[0] );
+cfg = ( StartupConfiguration ) factory.getBean( "configuration" );
+env = ( Properties ) factory.getBean( "environment" );
+
+env.setProperty( Context.PROVIDER_URL, "" );
+env.setProperty( Context.INITIAL_CONTEXT_FACTORY, CoreContextFactory.class.getName() );
+env.putAll( cfg.toJndiEnvironment() );
+
+new InitialDirContext( env );
+</source>
+    </section>
+  </body>
+</document>

Added: directory/trunks/apacheds/site/src/site/xdoc/users/denysubentryaccess.xml
URL: http://svn.apache.org/viewcvs/directory/trunks/apacheds/site/src/site/xdoc/users/denysubentryaccess.xml?rev=372635&view=auto
==============================================================================
--- directory/trunks/apacheds/site/src/site/xdoc/users/denysubentryaccess.xml (added)
+++ directory/trunks/apacheds/site/src/site/xdoc/users/denysubentryaccess.xml Thu Jan 26 14:29:42 2006
@@ -0,0 +1,11 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<document>
+  <properties>
+    <author email="akarasulu">akarasulu</author>
+    
+  </properties>
+  <body>
+    <section heading="h1" name="Coming soon ..."/>
+  </body>
+</document>

Added: directory/trunks/apacheds/site/src/site/xdoc/users/deploying.xml
URL: http://svn.apache.org/viewcvs/directory/trunks/apacheds/site/src/site/xdoc/users/deploying.xml?rev=372635&view=auto
==============================================================================
--- directory/trunks/apacheds/site/src/site/xdoc/users/deploying.xml (added)
+++ directory/trunks/apacheds/site/src/site/xdoc/users/deploying.xml Thu Jan 26 14:29:42 2006
@@ -0,0 +1,30 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<document>
+  <properties>
+    <author email="akarasulu@apache.org">Alex Karasulu</author>
+    
+  </properties>
+  
+  <body>
+    <section name="TODO">
+      <ul>
+        <li>
+          Figure out what deployment will take but this is way out there.
+        </li>
+        
+        <li>
+          Perhaps there will be some deployment tools we can build to help
+          configure server components as the server is deployed along with
+          an installer.
+        </li>
+      </ul>
+    </section>
+
+    <section name="Deploying the Server">
+      <p>
+        Coming later ...
+      </p>
+    </section>
+      
+  </body>
+</document>



Mime
View raw message