directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From build...@apache.org
Subject svn commit: r843920 - in /websites/staging/directory/trunk/content: ./ apacheds/advanced-ug/2-server-config.html
Date Wed, 26 Dec 2012 18:34:06 GMT
Author: buildbot
Date: Wed Dec 26 18:34:06 2012
New Revision: 843920

Log:
Staging update by buildbot for directory

Modified:
    websites/staging/directory/trunk/content/   (props changed)
    websites/staging/directory/trunk/content/apacheds/advanced-ug/2-server-config.html

Propchange: websites/staging/directory/trunk/content/
------------------------------------------------------------------------------
--- cms:source-revision (original)
+++ cms:source-revision Wed Dec 26 18:34:06 2012
@@ -1 +1 @@
-1425983
+1425986

Modified: websites/staging/directory/trunk/content/apacheds/advanced-ug/2-server-config.html
==============================================================================
--- websites/staging/directory/trunk/content/apacheds/advanced-ug/2-server-config.html (original)
+++ websites/staging/directory/trunk/content/apacheds/advanced-ug/2-server-config.html Wed
Dec 26 18:34:06 2012
@@ -128,247 +128,60 @@
 
 <h1 id="2-server-configuraion">2 - Server Configuraion</h1>
 <p>We will now describe the server configuration. Usually, all the configuration is
done using Apache Directory Studio, which offers a pretty GUI. One can also configure the
server using LDAP request, as the configuration is stored in teh <strong>DIT</strong>.
Otherwise, all the configuration modifications won't be applied on a started server : usually,
you will have to restart the server in order to get those modifications applied.</p>
-<h2 id="configurable-elements">Configurable elements</h2>
-<p>First, here is the list of elements that can be configured :</p>
-<ul>
-<li>
-<p>AdsBean</p>
-<ul>
-<li><em>boolean</em> enabled</li>
-<li><em>String</em> description</li>
-</ul>
-</li>
-<li>
-<p><a href="#directory-service">DirectoryServiceBean</a> -&gt; AdsBean</p>
-</li>
-<li>
-<p>ChangeLogBean -&gt; AdsBean</p>
-<ul>
-<li><em>String</em> changeLogId</li>
-<li><em>boolean</em> changeLogExposed</li>
-</ul>
-</li>
-<li>
-<p>JournalBean -&gt; AdsBean</p>
-<ul>
-<li><em>String</em> journalId</li>
-<li><em>String</em> journalFileName</li>
-<li><em>String</em> journalWorkingDir</li>
-<li><em>int</em> journalRotation</li>
-</ul>
-</li>
-<li>
-<p><a href="#servers">ServerBean</a> -&gt; AdsBean</p>
-</li>
-<li>
-<p><a href="#servers">TransportBean</a> -&gt; AdsBean</p>
-</li>
-<li>
-<p>TcpTransportBean -&gt; AdsBean</p>
-</li>
-<li>
-<p>UdpTransportBean -&gt; AdsBean</p>
-</li>
-<li>
-<p>NtpServerBean -&gt; ServerBean</p>
-</li>
-<li>
-<p>HttpServerBean -&gt; ServerBean</p>
-<ul>
-<li><em>String</em> httpConfFile</li>
-<li><em>List<HttpWebAppBean></em></li>
-</ul>
-</li>
-<li>
-<p>HttpWebAppBean -&gt; AdsBaseBean</p>
-<ul>
-<li><em>String</em> id</li>
-<li><em>String</em> httpAppCtxPath</li>
-<li><em>String</em> httpWarFile</li>
-</ul>
-</li>
-<li>
-<p>DSBasedServerBean -&gt; ServerBean</p>
-<ul>
-<li><em>Dn</em> searchBaseDn</li>
-</ul>
-</li>
-<li>
-<p>ChangePasswordServerBean -&gt; DSBasedServerBean</p>
-<ul>
-<li><em>long</em> krbAllowableClockSkew</li>
-<li><em>boolean</em> krbEmptyAddressesAllowed</li>
-<li><em>List<String></em> krbEncryptionTypes</li>
-<li><em>String</em> krbPrimaryRealm</li>
-<li><em>int</em> chgPwdPolicyCategoryCount</li>
-<li><em>int</em> chgPwdPolicyPasswordLength</li>
-<li><em>int</em> chgPwdPolicyTokenSize</li>
-<li><em>String</em> chgPwdServicePrincipal</li>
-</ul>
-</li>
-<li>
-<p>DhcpServerBean -&gt; DSBasedServerBean</p>
-</li>
-<li>
-<p>DnsServerBean -&gt; DSBasedServerBean</p>
-</li>
-<li>
-<p><a href="#kerberos-server">KdcServerBean</a> -&gt; DSBasedServerBean</p>
-<ul>
-<li><em>long</em> krbAllowableClockSkew</li>
-<li><em>boolean</em> krbEmptyAddressesAllowed</li>
-<li><em>boolean</em> krbForwardableAllowed</li>
-<li><em>boolean</em> krbPAEncTimestampRequired</li>
-<li><em>boolean</em> krbPostdatedAllowed</li>
-<li><em>boolean</em> krbProxiableAllowed</li>
-<li><em>boolean</em> krbRenewableAllowed</li>
-<li><em>long</em> krbMaximumRenewableLifetime</li>
-<li><em>long</em> krbMaximumTicketLifetime</li>
-<li><em>String</em> krbPrimaryRealm</li>
-<li><em>boolean</em> krbBodyChecksumVerified</li>
-<li><em>List<String></em> krbEncryptionTypes</li>
-<li><em>String</em> krbKdcPrincipal</li>
-</ul>
-</li>
-<li>
-<p><a href="#ldap-server">LdapServerBean</a> -&gt; DSBasedServerBean</p>
-</li>
-<li>
-<p>ReplConsumerBean -&gt; AdsBaseBean</p>
-<ul>
-<li><em>String</em> replConsumerId</li>
-<li><em>String</em> searchBaseDn</li>
-<li><em>String</em> replProvHostName</li>
-<li><em>int</em> replProvPort</li>
-<li><em>String</em> replAliasDerefMode</li>
-<li><em>List<String></em> replAttributes</li>
-<li><em>long</em> replRefreshInterval</li>
-<li><em>boolean</em> replRefreshNPersist</li>
-<li><em>String</em> replSearchScope</li>
-<li><em>String</em> replSearchFilter</li>
-<li><em>int</em> replSearchSizeLimit</li>
-<li><em>int</em> replSearchTimeout</li>
-<li><em>String</em> replUserDn</li>
-<li><em>byte[]</em> replUserPassword</li>
-<li><em>String</em> replCookie</li>
-<li><em>boolean</em> replUseTls</li>
-<li><em>boolean</em> replStrictCertValidation</li>
-<li><em>byte[]</em> replPeerCertificate</li>
-<li><em>String</em> replConsumerImpl</li>
-</ul>
-</li>
-<li>
-<p>SaslMechHandlerBean -&gt; AdsBaseBean</p>
-<ul>
-<li><em>String</em> saslMechName</li>
-<li><em>String</em> saslMechClassName</li>
-<li><em>String</em> ntlmMechProvider</li>
-</ul>
-</li>
-<li>
-<p>ExtendedOpHandlerBean -&gt; AdsBaseBean</p>
-<ul>
-<li><em>String</em> extendedOpId</li>
-<li><em>String</em> extendedOpHandlerClass</li>
-</ul>
-</li>
-<li>
-<p>InterceptorBean -&gt; AdsBean</p>
+<p>It's a good policy not to modify the LDIF files by hand, but instead to use the
Studio Configuration plugin to modify your configuration. </p>
+<h2 id="overall-structure">Overall structure</h2>
+<p>The configuration is stored in a hierarchical order, where sub-elements are related
to their parent. For instance, the <em>Transports</em> are associated to the <em>Server</em>
they are child of. If we have many kind of servers, we will have as many transports as we
have servers.</p>
+<p>The following hierarchy describe the different kind of elements that one can configure,
and their relationship :</p>
 <ul>
-<li><em>String</em> _int_erceptorId</li>
-<li><em>String</em> _int_erceptorClassName</li>
-<li><em>int</em> _int_erceptorOrder</li>
+<li><a href="#directory-service">Directory Service</a><ul>
+<li><a href="#change-log">ChangeLog</a></li>
+<li><a href="#journal">Journal</a></li>
+<li><a href="#interceptors">Interceptors</a><ul>
+<li><a href="#authentication-Interceptor">Authentication Interceptor</a><ul>
+<li><a href="#authenticators">Authenticators</a></li>
+<li><a href="#password-policies">Password Policies</a></li>
 </ul>
 </li>
-<li>
-<p>AuthenticationInterceptorBean -&gt; InterceptorBean</p>
-<ul>
-<li>List<AuthenticatorBean></li>
-<li>List<PasswordPolicyBean></li>
 </ul>
 </li>
-<li>
-<p>AuthenticatorBean -&gt; AdsBean</p>
-<ul>
-<li><em>String</em> authenticatorId</li>
+<li><a href="#partitions">Partitions</a><ul>
+<li><a href="#indexes">Indexes</a><ul>
+<li><a href="#indexed-attribute">Indexed Attribute</a></li>
 </ul>
 </li>
-<li>
-<p>AuthenticatorImplBean -&gt; AuthenticatorBean</p>
-<ul>
-<li><em>String</em> authenticatorClass</li>
 </ul>
 </li>
-<li>
-<p>DelegatingAuthenticatorBean -&gt; AuthenticatorBean</p>
-<ul>
-<li><em>String</em> delegateHost</li>
-<li><em>int</em> delegatePort</li>
+<li><a href="#servers">Servers</a><ul>
+<li><a href="#ldap-server">Ldap Server</a><ul>
+<li><a href="#transports">Transports</a></li>
+<li><a href="#repl-consumers">ReplConsumers</a></li>
+<li><a href="#extended-op-handlers">Extended Operation Handlers</a></li>
+<li><a href="#sasl-mechanisms">SASL Mechanisms</a></li>
 </ul>
 </li>
-<li>
-<p>PasswordPolicyBean -&gt; AdsBean</p>
-<ul>
-<li><em>String</em> pwdId</li>
-<li><em>String</em> pwdAttribute</li>
-<li><em>int</em> pwdMinAge</li>
-<li><em>int</em> pwdMaxAge</li>
-<li><em>int</em> pwdInHistory</li>
-<li><em>int</em> pwdCheckQuality</li>
-<li><em>int</em> pwdMinLength</li>
-<li><em>int</em> pwdMaxLength</li>
-<li><em>int</em> pwdExpireWarning</li>
-<li><em>int</em> pwdGraceAuthNLimit</li>
-<li><em>int</em> pwdGraceExpire</li>
-<li><em>boolean</em> pwdLockout</li>
-<li><em>int</em> pwdLockoutDuration</li>
-<li><em>int</em> pwdMaxFailure</li>
-<li><em>int</em> pwdFailureCountInterval</li>
-<li><em>boolean</em> pwdMustChange</li>
-<li><em>boolean</em> pwdAllowUserChange</li>
-<li><em>boolean</em> pwdSafeModify</li>
-<li><em>int</em> pwdMinDelay</li>
-<li><em>int</em> pwdMaxDelay</li>
-<li><em>int</em> pwdMaxIdle</li>
+<li><a href="#kerberos-server">Kerberos Server</a><ul>
+<li><a href="#transports">Transports</a></li>
 </ul>
 </li>
-<li>
-<p>PartitionBean -&gt; AdsBean</p>
-<ul>
-<li><em>int</em>  partitionId</li>
-<li><em>Dn</em> partitionSuffix</li>
-<li><em>boolean</em> partitionSyncOnWrite</li>
-<li><em>int</em>  contextEntry</li>
-<li><em>List<IndexBean></em></li>
+<li><a href="#http-server">Http Server</a><ul>
+<li><a href="#transports">Transports</a></li>
+<li><a href="#http-web-apps">HttpWebApps</a></li>
 </ul>
 </li>
-<li>
-<p>JdbmPartitionBean -&gt; PartitionBean</p>
-<ul>
-<li><em>int</em> partitionCacheSize</li>
-<li><em>boolean</em> jdbmPartitionOptimizerEnabled <br />
-</li>
+<li><a href="#change-password-server">ChangePassword Server</a><ul>
+<li><a href="#transports">Transports</a></li>
 </ul>
 </li>
-<li>
-<p>IndexBean -&gt; AdsBean</p>
-<ul>
-<li><em>int</em> indexAttributeId</li>
-<li><em>boolean</em> indexHasReverse</li>
 </ul>
 </li>
-<li>
-<p>JdbmIndexBean -&gt; IndexBean</p>
-<ul>
-<li><em>int</em> indexCacheSize</li>
-<li><em>int</em> indexNumDupLimit</li>
-<li><em>String</em> indexFileName</li>
-<li><em>String</em> indexWorkingDir</li>
 </ul>
 </li>
 </ul>
 <p>We will now explain each one of those elements.</p>
 <h3 id="directory-service">Directory Service</h3>
+<p><DIV class="note" markdown="1">
+Note that bold attributes are mandatory
+</DIV></p>
 <p>This is the key of the whole server : the place where we store the data. Most of
the servers are depending on this component. You maye have more than one server, but only
one <em>DirectoryService</em>. This compoent itself refers to the servers that
will be started, plus the backends it will depends on.</p>
 <p>Here are the configuration parameters for this components :</p>
 <table>
@@ -383,56 +196,63 @@
 </thead>
 <tbody>
 <tr>
-<td>directoryServiceId</td>
+<td><strong>directoryServiceId</strong></td>
 <td>ads-directoryServiceId</td>
 <td><em>String</em></td>
 <td></td>
 <td>The unique identifier for the service</td>
 </tr>
 <tr>
-<td>dsReplicaId</td>
+<td>enabled</td>
+<td>ads-enabled</td>
+<td><em>boolean</em></td>
+<td>true</td>
+<td>Tells if the DirectoryService is enabled</td>
+</tr>
+<tr>
+<td>description</td>
+<td>description</td>
+<td><em>String</em></td>
+<td>N/A</td>
+<td>A short optional description</td>
+</tr>
+<tr>
+<td><strong>dsReplicaId</strong></td>
 <td>ads-dsReplicaId</td>
 <td><em>int</em></td>
-<td></td>
+<td>1</td>
 <td>The replication identifier</td>
 </tr>
 <tr>
-<td>dsAccessControlEnabled</td>
+<td><strong>dsAccessControlEnabled</strong></td>
 <td>ads-dsAccessControlEnabled</td>
 <td><em>boolean</em></td>
 <td>true</td>
 <td>Tells if the Access Control interceptor is active</td>
 </tr>
 <tr>
-<td>dsAllowAnonymousAccess</td>
+<td><strong>dsAllowAnonymousAccess</strong></td>
 <td>ads-dsAllowAnonymousAccess</td>
 <td><em>boolean</em></td>
 <td>false</td>
 <td>Tells if the service allow anonymous access</td>
 </tr>
 <tr>
-<td>dsDenormalizeOpAttrsEnabled</td>
+<td><strong>dsDenormalizeOpAttrsEnabled</strong></td>
 <td>ads-dsDenormalizeOpAttrsEnabled</td>
 <td><em>boolean</em></td>
 <td>true</td>
-<td>Tells if the service should denormalize operatonal attributes</td>
-</tr>
-<tr>
-<td>dsMaxPDUSize</td>
-<td>ads-dsMaxPDUSize</td>
-<td><em>int</em></td>
-<td>2048</td>
-<td>The maximum size of an incoming PDU (not used)</td>
+<td>Tells if the service should denormalize operational attributes</td>
 </tr>
 <tr>
-<td>dsPasswordHidden</td>
+<td><strong>dsPasswordHidden</strong></td>
 <td>ads-dsPasswordHidden</td>
 <td><em>boolean</em></td>
 <td>true</td>
 <td>Tells if the passwords should be encrypted (not used)</td>
 </tr>
 <tr>
-<td>dsSyncPeriodMillis</td>
+<td><strong>dsSyncPeriodMillis</strong></td>
 <td>ads-dsSyncPeriodMillis</td>
 <td><em>long</em></td>
 <td>15000</td>
@@ -442,46 +262,65 @@
 <td>dsTestEntries</td>
 <td></td>
 <td><em>String</em></td>
-<td></td>
+<td>N/A</td>
 <td>Not used</td>
 </tr>
+</tbody>
+</table>
+<h3 id="change-log">Change Log</h3>
+<p>The <em>ChangeLog</em> is an optional system that logs every changes
made on the server, and also records the revert operation, allowing the system to rollback
the changes if needed. This is extremely useful when running tests.</p>
+<p>Note that at the moment, the system works in memory.</p>
+<p>It's disabled by default.</p>
+<p>Here are the configuration element for the <em>ChangeLog</em> elements
:</p>
+<table>
+<thead>
 <tr>
-<td>changeLog</td>
-<td></td>
-<td><em>ChangeLogBean</em></td>
-<td>N/A</td>
-<td>The interceptor that stores the reverted modifications</td>
+<th>Parameter</th>
+<th>AttributeType</th>
+<th>type</th>
+<th>default value</th>
+<th>Description</th>
 </tr>
+</thead>
+<tbody>
 <tr>
-<td>journal</td>
+<td><strong>changeLogId</strong></td>
+<td>ads-changeLogId</td>
+<td><em>String</em></td>
 <td></td>
-<td><em>JournalBean</em></td>
-<td>N/A</td>
-<td>The interceptor that records every modification</td>
+<td>The unique identifier for the system</td>
 </tr>
 <tr>
-<td>servers</td>
-<td>ads-servers</td>
-<td><em>List<ServerBean></em></td>
-<td>N/A</td>
-<td>The list of started servers</td>
+<td>enabled</td>
+<td>ads-enabled</td>
+<td><em>boolean</em></td>
+<td>false</td>
+<td>Tells if the ChangeLog system is enabled</td>
 </tr>
 <tr>
-<td>interceptors</td>
-<td>ads-interceptors</td>
-<td><em>List<InterceptorBean></em></td>
+<td>description</td>
+<td>description</td>
+<td><em>String</em></td>
 <td>N/A</td>
-<td>The list of interceptors</td>
+<td>A short optional description</td>
 </tr>
 <tr>
-<td>partitions</td>
-<td>ads-partitions</td>
-<td><em>List<PartitionBean></em></td>
-<td>N/A</td>
-<td>The list of existing partitions</td>
+<td><strong>changeLogExposed</strong></td>
+<td>ads-changeLogExposed</td>
+<td><em>boolean</em></td>
+<td>false</td>
+<td>Tells if the ChangeLog is exposed to the users</td>
 </tr>
 </tbody>
 </table>
+<h3 id="journal">Journal</h3>
+<h3 id="interceptors">Interceptors</h3>
+<h3 id="authentication-interceptor">Authentication Interceptor</h3>
+<h3 id="authenticators">Authenticators)</h3>
+<h3 id="password-policies">Password Policies</h3>
+<h3 id="partitions">Partitions</h3>
+<h3 id="indexes">Indexes</h3>
+<h3 id="indexed-attribute">Indexed Attribute</h3>
 <h3 id="servers">Servers</h3>
 <p>As we can see, we can start more than one server. We have :</p>
 <ul>
@@ -493,8 +332,8 @@
 <li>a DHCP server</li>
 <li>a DNS server</li>
 </ul>
-<p>There is a distinction though between the servers backed by a Directory Service,
and those that aren't (like the HTTP and NTP servers). </p>
-<p>All the servers share some common parameters, which are exposed in the following
table :</p>
+<p>There is a distinction though between the servers backed by a <em>DirectoryService</em>,
and those that aren't (like the HTTP and NTP servers). </p>
+<p>All the <em>DirectoryService</em> backed servers share some common parameters,
which are exposed in the following table :</p>
 <table>
 <thead>
 <tr>
@@ -510,83 +349,20 @@
 <td>searchBaseDn</td>
 <td>ads-searchBaseDN</td>
 <td><em>Dn</em></td>
-<td></td>
+<td>N/A</td>
 <td>The place were to start looking for authentication informations</td>
 </tr>
 <tr>
 <td>serverId</td>
 <td>ads-serverId</td>
 <td><em>String</em></td>
-<td></td>
+<td>N/A</td>
 <td>The server unique name</td>
 </tr>
-<tr>
-<td>transports</td>
-<td>ads-transports</td>
-<td><em>List<TransportBean></em></td>
-<td></td>
-<td>The transports used by this server</td>
-</tr>
 </tbody>
 </table>
 <p>A server can define more than one transports : for instance, the Kerberos server
uses UDP and TCP transports.</p>
-<p>Here are the parameters for the Transport structure :</p>
-<table>
-<thead>
-<tr>
-<th>Parameter</th>
-<th>AttributeType</th>
-<th>type</th>
-<th>default value</th>
-<th>Description</th>
-</tr>
-</thead>
-<tbody>
-<tr>
-<td>transportId</td>
-<td>ads-transportId</td>
-<td><em>String</em></td>
-<td></td>
-<td>The identification</td>
-</tr>
-<tr>
-<td>transportAddress</td>
-<td>ads-transportAddress</td>
-<td><em>String</em></td>
-<td></td>
-<td>The IP Address</td>
-</tr>
-<tr>
-<td>systemPort</td>
-<td>ads-systemPort</td>
-<td><em>int</em></td>
-<td>-1</td>
-<td>The port</td>
-</tr>
-<tr>
-<td>transportEnableSsl</td>
-<td>ads-transportEnableSsl</td>
-<td><em>boolean</em></td>
-<td>false</td>
-<td>Tells if SSL is activated (not used for UDP)</td>
-</tr>
-<tr>
-<td>transportNbThreads</td>
-<td>ads-transportNbThreads</td>
-<td><em>int</em></td>
-<td>3</td>
-<td>he number of dedicated threads to process the messages</td>
-</tr>
-<tr>
-<td>transportBackLog</td>
-<td>ads-transportBackLog</td>
-<td><em>int</em></td>
-<td>50</td>
-<td>The number of messages on hold if the server is overloaded (not used for UDP)</td>
-</tr>
-</tbody>
-</table>
-<h4 id="ldap-server">Ldap Server</h4>
+<h3 id="ldap-server">Ldap Server</h3>
 <p>Let's start with the main server : the LDAP server. </p>
 <p>The list of attributes that can be modified is exposed in the following table. </p>
 <table>
@@ -601,93 +377,387 @@
 </thead>
 <tbody>
 <tr>
-<td>confidentialityRequired</td>
+<td>**confidentialityRequired</td>
 <td>ads-confidentialityRequired</td>
 <td><em>boolean</em></td>
-<td></td>
-<td>TODO</td>
+<td>false</td>
+<td>Whether or not confidentiality (TLS secured connection) is required</td>
 </tr>
 <tr>
-<td>maxSizeLimit</td>
+<td>**maxSizeLimit</td>
 <td>ads-maxSizeLimit</td>
 <td><em>int</em></td>
 <td>1000</td>
 <td>The maximum number of entries the server will return</td>
 </tr>
 <tr>
-<td>maxTimeLimit</td>
+<td>**maxTimeLimit</td>
 <td>ads-maxTimeLimit</td>
 <td><em>int</em></td>
 <td>1000</td>
 <td>The maimum number of seconds the server will use to process a search request</td>
 </tr>
 <tr>
-<td>saslHost</td>
+<td><strong>maxPDUSize</strong></td>
+<td>ads-maxPDUSize</td>
+<td><em>int</em></td>
+<td>2048</td>
+<td>The maximal size for a PDU. This is currently not leveraged</td>
+</tr>
+<tr>
+<td><strong>saslHost</strong></td>
 <td>ads-saslHost</td>
 <td><em>int</em></td>
-<td></td>
-<td>TODO</td>
+<td>N/A</td>
+<td>The name of this host, validated during SASL negotiation</td>
 </tr>
 <tr>
-<td>saslPrincipal</td>
+<td><strong>saslPrincipal</strong></td>
 <td>ads-saslPrincipal</td>
 <td><em>String</em></td>
-<td></td>
-<td>TODO</td>
+<td>N/A</td>
+<td>The service principal, used by GSSAPI.</td>
 </tr>
 <tr>
-<td>saslRealms</td>
+<td><strong>saslRealms</strong></td>
 <td>ads-saslRealms</td>
 <td><em>List<String></em></td>
-<td></td>
-<td>TODO</td>
+<td>N/A</td>
+<td>The list of realms serviced by this host.</td>
 </tr>
 <tr>
 <td>keystoreFile</td>
 <td>ads-keystoreFile</td>
 <td><em>String</em></td>
-<td></td>
+<td>N/A</td>
 <td>The place on the filesystem where the Keystore is stored</td>
 </tr>
 <tr>
 <td>certificatePassword</td>
 <td>ads-certificatePassword</td>
 <td><em>String</em></td>
-<td></td>
+<td>N/A</td>
 <td>The certificate's password</td>
 </tr>
 <tr>
 <td>replReqHandler</td>
 <td>ads-replReqHandler</td>
 <td><em>String</em></td>
-<td></td>
-<td>TODO</td>
+<td>org.apache.directory.server.ldap.replication.provider.SyncReplRequestHandler</td>
+<td>The replication request handler FQCN</td>
 </tr>
 <tr>
-<td>replConsumers</td>
-<td>ads-replConsumers</td>
-<td><em>List<ReplConsumerBean></em></td>
-<td></td>
-<td>TODO</td>
+<td>replEnabled</td>
+<td>ads-replEnabled</td>
+<td><em>boolean</em></td>
+<td>FALSE</td>
+<td>Tells if the replication system is enabled</td>
 </tr>
+</tbody>
+</table>
+<h3 id="repl-consumers">Repl Consumers</h3>
+<h3 id="extended-op-handlers">Extended Op Handlers</h3>
+<h3 id="sasl-mechanisms">SASL Mechanisms</h3>
+<h3 id="kerberos-server">Kerberos Server</h3>
+<h3 id="http-server">Http Server</h3>
+<h3 id="http-web-apps">Http Web Apps</h3>
+<h3 id="change-password-server">Change Password Server</h3>
+<h3 id="transports">Transports</h3>
+<p>Here are the parameters for the Transport structure :</p>
+<table>
+<thead>
 <tr>
-<td>saslMechHandlers</td>
-<td>ads-saslMechHandlers</td>
-<td><em>List<SaslMechHandlerBean></em></td>
-<td></td>
-<td>The list of SASL mechanism handlers</td>
+<th>Parameter</th>
+<th>AttributeType</th>
+<th>type</th>
+<th>default value</th>
+<th>Description</th>
 </tr>
+</thead>
+<tbody>
 <tr>
-<td>extendedOpHandlers</td>
-<td>ads-extendedOpHandlers</td>
-<td><em>List<ExtendedOpHandlerBean></em></td>
-<td></td>
-<td>The list of extended operation handlers</td>
+<td><strong>transportId</strong></td>
+<td>ads-transportId</td>
+<td><em>String</em></td>
+<td>N/A</td>
+<td>The identification</td>
+</tr>
+<tr>
+<td><strong>transportAddress</strong></td>
+<td>ads-transportAddress</td>
+<td><em>String</em></td>
+<td>localhost</td>
+<td>The IP Address</td>
+</tr>
+<tr>
+<td><strong>systemPort</strong></td>
+<td>ads-systemPort</td>
+<td><em>int</em></td>
+<td>-1</td>
+<td>The port</td>
+</tr>
+<tr>
+<td>transportEnableSsl</td>
+<td>ads-transportEnableSsl</td>
+<td><em>boolean</em></td>
+<td>false</td>
+<td>Tells if SSL is activated (not used for UDP)</td>
+</tr>
+<tr>
+<td>transportNbThreads</td>
+<td>ads-transportNbThreads</td>
+<td><em>int</em></td>
+<td>3</td>
+<td>he number of dedicated threads to process the messages</td>
+</tr>
+<tr>
+<td>transportBackLog</td>
+<td>ads-transportBackLog</td>
+<td><em>int</em></td>
+<td>50</td>
+<td>The number of messages on hold if the server is overloaded (not used for UDP)</td>
 </tr>
 </tbody>
 </table>
-<p>Most of the parameters are </p>
-<h4 id="kerberos-server">Kerberos Server</h4>
+<h2 id="configurable-elements">Configurable elements</h2>
+<p>First, here is the list of elements that can be configured :</p>
+<ul>
+<li>
+<p><a href="#directory-service">DirectoryServiceBean</a> -&gt; AdsBean</p>
+</li>
+<li>
+<p>AdsBean</p>
+<ul>
+<li><em>boolean</em> enabled</li>
+<li><em>String</em> description</li>
+</ul>
+</li>
+<li>
+<p>ChangeLogBean -&gt; AdsBean</p>
+<ul>
+<li><em>String</em> changeLogId</li>
+<li><em>boolean</em> changeLogExposed</li>
+</ul>
+</li>
+<li>
+<p>JournalBean -&gt; AdsBean</p>
+<ul>
+<li><em>String</em> journalId</li>
+<li><em>String</em> journalFileName</li>
+<li><em>String</em> journalWorkingDir</li>
+<li><em>int</em> journalRotation</li>
+</ul>
+</li>
+<li>
+<p><a href="#servers">ServerBean</a> -&gt; AdsBean</p>
+</li>
+<li>
+<p><a href="#servers">TransportBean</a> -&gt; AdsBean</p>
+</li>
+<li>
+<p>TcpTransportBean -&gt; AdsBean</p>
+</li>
+<li>
+<p>UdpTransportBean -&gt; AdsBean</p>
+</li>
+<li>
+<p>NtpServerBean -&gt; ServerBean</p>
+</li>
+<li>
+<p>HttpServerBean -&gt; ServerBean</p>
+<ul>
+<li><em>String</em> httpConfFile</li>
+<li><em>List<HttpWebAppBean></em></li>
+</ul>
+</li>
+<li>
+<p>HttpWebAppBean -&gt; AdsBaseBean</p>
+<ul>
+<li><em>String</em> id</li>
+<li><em>String</em> httpAppCtxPath</li>
+<li><em>String</em> httpWarFile</li>
+</ul>
+</li>
+<li>
+<p>DSBasedServerBean -&gt; ServerBean</p>
+<ul>
+<li><em>Dn</em> searchBaseDn</li>
+</ul>
+</li>
+<li>
+<p>ChangePasswordServerBean -&gt; DSBasedServerBean</p>
+<ul>
+<li><em>long</em> krbAllowableClockSkew</li>
+<li><em>boolean</em> krbEmptyAddressesAllowed</li>
+<li><em>List<String></em> krbEncryptionTypes</li>
+<li><em>String</em> krbPrimaryRealm</li>
+<li><em>int</em> chgPwdPolicyCategoryCount</li>
+<li><em>int</em> chgPwdPolicyPasswordLength</li>
+<li><em>int</em> chgPwdPolicyTokenSize</li>
+<li><em>String</em> chgPwdServicePrincipal</li>
+</ul>
+</li>
+<li>
+<p>DhcpServerBean -&gt; DSBasedServerBean</p>
+</li>
+<li>
+<p>DnsServerBean -&gt; DSBasedServerBean</p>
+</li>
+<li>
+<p><a href="#kerberos-server">KdcServerBean</a> -&gt; DSBasedServerBean</p>
+<ul>
+<li><em>long</em> krbAllowableClockSkew</li>
+<li><em>boolean</em> krbEmptyAddressesAllowed</li>
+<li><em>boolean</em> krbForwardableAllowed</li>
+<li><em>boolean</em> krbPAEncTimestampRequired</li>
+<li><em>boolean</em> krbPostdatedAllowed</li>
+<li><em>boolean</em> krbProxiableAllowed</li>
+<li><em>boolean</em> krbRenewableAllowed</li>
+<li><em>long</em> krbMaximumRenewableLifetime</li>
+<li><em>long</em> krbMaximumTicketLifetime</li>
+<li><em>String</em> krbPrimaryRealm</li>
+<li><em>boolean</em> krbBodyChecksumVerified</li>
+<li><em>List<String></em> krbEncryptionTypes</li>
+<li><em>String</em> krbKdcPrincipal</li>
+</ul>
+</li>
+<li>
+<p><a href="#ldap-server">LdapServerBean</a> -&gt; DSBasedServerBean</p>
+</li>
+<li>
+<p>ReplConsumerBean -&gt; AdsBaseBean</p>
+<ul>
+<li><em>String</em> replConsumerId</li>
+<li><em>String</em> searchBaseDn</li>
+<li><em>String</em> replProvHostName</li>
+<li><em>int</em> replProvPort</li>
+<li><em>String</em> replAliasDerefMode</li>
+<li><em>List<String></em> replAttributes</li>
+<li><em>long</em> replRefreshInterval</li>
+<li><em>boolean</em> replRefreshNPersist</li>
+<li><em>String</em> replSearchScope</li>
+<li><em>String</em> replSearchFilter</li>
+<li><em>int</em> replSearchSizeLimit</li>
+<li><em>int</em> replSearchTimeout</li>
+<li><em>String</em> replUserDn</li>
+<li><em>byte[]</em> replUserPassword</li>
+<li><em>String</em> replCookie</li>
+<li><em>boolean</em> replUseTls</li>
+<li><em>boolean</em> replStrictCertValidation</li>
+<li><em>byte[]</em> replPeerCertificate</li>
+<li><em>String</em> replConsumerImpl</li>
+</ul>
+</li>
+<li>
+<p>SaslMechHandlerBean -&gt; AdsBaseBean</p>
+<ul>
+<li><em>String</em> saslMechName</li>
+<li><em>String</em> saslMechClassName</li>
+<li><em>String</em> ntlmMechProvider</li>
+</ul>
+</li>
+<li>
+<p>ExtendedOpHandlerBean -&gt; AdsBaseBean</p>
+<ul>
+<li><em>String</em> extendedOpId</li>
+<li><em>String</em> extendedOpHandlerClass</li>
+</ul>
+</li>
+<li>
+<p>InterceptorBean -&gt; AdsBean</p>
+<ul>
+<li><em>String</em> _int_erceptorId</li>
+<li><em>String</em> _int_erceptorClassName</li>
+<li><em>int</em> _int_erceptorOrder</li>
+</ul>
+</li>
+<li>
+<p>AuthenticationInterceptorBean -&gt; InterceptorBean</p>
+<ul>
+<li>List<AuthenticatorBean></li>
+<li>List<PasswordPolicyBean></li>
+</ul>
+</li>
+<li>
+<p>AuthenticatorBean -&gt; AdsBean</p>
+<ul>
+<li><em>String</em> authenticatorId</li>
+</ul>
+</li>
+<li>
+<p>AuthenticatorImplBean -&gt; AuthenticatorBean</p>
+<ul>
+<li><em>String</em> authenticatorClass</li>
+</ul>
+</li>
+<li>
+<p>DelegatingAuthenticatorBean -&gt; AuthenticatorBean</p>
+<ul>
+<li><em>String</em> delegateHost</li>
+<li><em>int</em> delegatePort</li>
+</ul>
+</li>
+<li>
+<p>PasswordPolicyBean -&gt; AdsBean</p>
+<ul>
+<li><em>String</em> pwdId</li>
+<li><em>String</em> pwdAttribute</li>
+<li><em>int</em> pwdMinAge</li>
+<li><em>int</em> pwdMaxAge</li>
+<li><em>int</em> pwdInHistory</li>
+<li><em>int</em> pwdCheckQuality</li>
+<li><em>int</em> pwdMinLength</li>
+<li><em>int</em> pwdMaxLength</li>
+<li><em>int</em> pwdExpireWarning</li>
+<li><em>int</em> pwdGraceAuthNLimit</li>
+<li><em>int</em> pwdGraceExpire</li>
+<li><em>boolean</em> pwdLockout</li>
+<li><em>int</em> pwdLockoutDuration</li>
+<li><em>int</em> pwdMaxFailure</li>
+<li><em>int</em> pwdFailureCountInterval</li>
+<li><em>boolean</em> pwdMustChange</li>
+<li><em>boolean</em> pwdAllowUserChange</li>
+<li><em>boolean</em> pwdSafeModify</li>
+<li><em>int</em> pwdMinDelay</li>
+<li><em>int</em> pwdMaxDelay</li>
+<li><em>int</em> pwdMaxIdle</li>
+</ul>
+</li>
+<li>
+<p>PartitionBean -&gt; AdsBean</p>
+<ul>
+<li><em>int</em>  partitionId</li>
+<li><em>Dn</em> partitionSuffix</li>
+<li><em>boolean</em> partitionSyncOnWrite</li>
+<li><em>int</em>  contextEntry</li>
+<li><em>List<IndexBean></em></li>
+</ul>
+</li>
+<li>
+<p>JdbmPartitionBean -&gt; PartitionBean</p>
+<ul>
+<li><em>int</em> partitionCacheSize</li>
+<li><em>boolean</em> jdbmPartitionOptimizerEnabled <br />
+</li>
+</ul>
+</li>
+<li>
+<p>IndexBean -&gt; AdsBean</p>
+<ul>
+<li><em>int</em> indexAttributeId</li>
+<li><em>boolean</em> indexHasReverse</li>
+</ul>
+</li>
+<li>
+<p>JdbmIndexBean -&gt; IndexBean</p>
+<ul>
+<li><em>int</em> indexCacheSize</li>
+<li><em>int</em> indexNumDupLimit</li>
+<li><em>String</em> indexFileName</li>
+<li><em>String</em> indexWorkingDir</li>
+</ul>
+</li>
+</ul>
 
 
     <div class="nav">



Mime
View raw message