directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Emmanuel Lecharny" <>
Subject Re: [SASL] SASL configuration
Date Thu, 15 Mar 2007 20:42:12 GMT
On 3/15/07, Enrique Rodriguez <> wrote:
> > Other than that I cannot see many issues.  However what's wrong with
> keeping
> > these configuration properties together with the configuration objects?
> > Keeping the configuration in one place may have advantages for us later
> when
> > we clean things up and put all these parameters into the DIT under the
> > system partition for DIT based configuration.
> Anytime you keep anything together, you are restricting modularity.
> Today the assumption is that users of the
> ServerContextFactory/ServerStartupConfiguration want to use both the
> LDAP and Kerberos protocols.  This may be correct for most people, but
> it simply doesn't scale, especially when you consider the addition of
> richer configuration for LDAP/SASL and the Kerberos, DNS, DHCP, and
> NTP protocols.

I would add something here : we have at least three layer of configuration
here :
1) Ldap specific configuration, which are absolutly mandatory (like the port
we are listening to)
2) Admin specific configuration, like TimeLimit, SizeLimit, whatsoever
3) Integration configuration (loaded interceptors and whatever is used to
modify the way the server is working)

IMO, those three layers should be addressed differently. I like the idea of
having the last two layers in the DIT, because then we don't have to
manipulate a giant XML file or thousands of small XML files. Otherwise, I
personnaly prefer manipulate one big file than many little ones. But this is
just me :)

What else can we say ? let's add a JIRA or create a Wiki page to address
this configuration problem, because we won't be able to fix it in the next
two weeks. As we might also integrate OSGi sooner or later, this is
something we should think twice before modifying the current configuration.

Sorry that we have to live with what we have for a little while... But it
also prove that we have reached a critical size  : it starts to become
complicated to change things :)

Emmanuel L├ęcharny

View raw message