Return-Path: Delivered-To: apmail-directory-dev-archive@www.apache.org Received: (qmail 10275 invoked from network); 19 May 2008 16:59:00 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 19 May 2008 16:59:00 -0000 Received: (qmail 85065 invoked by uid 500); 19 May 2008 16:58:59 -0000 Delivered-To: apmail-directory-dev-archive@directory.apache.org Received: (qmail 85028 invoked by uid 500); 19 May 2008 16:58:59 -0000 Mailing-List: contact dev-help@directory.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Apache Directory Developers List" Delivered-To: mailing list dev@directory.apache.org Received: (qmail 85005 invoked by uid 99); 19 May 2008 16:58:59 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 19 May 2008 09:58:59 -0700 X-ASF-Spam-Status: No, hits=4.4 required=10.0 tests=HTML_MESSAGE,NORMAL_HTTP_TO_IP,SPF_PASS,URIBL_RHS_DOB,WEIRD_PORT X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: domain of akarasulu@gmail.com designates 209.85.198.231 as permitted sender) Received: from [209.85.198.231] (HELO rv-out-0506.google.com) (209.85.198.231) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 19 May 2008 16:58:12 +0000 Received: by rv-out-0506.google.com with SMTP id g37so1373586rvb.25 for ; Mon, 19 May 2008 09:58:27 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:sender:to:subject:in-reply-to:mime-version:content-type:references:x-google-sender-auth; bh=NP/Y/6rDDRFV6aUFEwnw91KTWxbp7QSHEgoRwjbeDrc=; b=OfgY5N0Q4lf4iDMl4F/hFuFsatNxwp+QT4xpGyFGuP9t5J6GPUdOmtY32Dkp/jJQeA1GbKY8WLh7eu38yPnuYAMXHaloNtWrI0FH2z7ESNGN6TjcLxz5HHeV0+AXx/Q3tkuihZoxu+f4prJeYp5hGhJcXiMu4XUIp6O9HayNyLs= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:sender:to:subject:in-reply-to:mime-version:content-type:references:x-google-sender-auth; b=jEGUUmwq7e6W17uId2R3KDkg3NpGa6tqNp9BbDXPQuIMjTVyoTNvBHuCqIhtQSOeoh6Cp0JVWkNMawcKr7T/pzGA0FtLVSaqUl7LtlGal2FuUlM86xbN8l0coz+mvlNokYWsZukkcFzpl1oEBSPyHV6Uz/fddrkZzWHoJdaBf1g= Received: by 10.141.18.14 with SMTP id v14mr3791077rvi.236.1211216307647; Mon, 19 May 2008 09:58:27 -0700 (PDT) Received: by 10.141.113.13 with HTTP; Mon, 19 May 2008 09:58:27 -0700 (PDT) Message-ID: Date: Mon, 19 May 2008 12:58:27 -0400 From: "Alex Karasulu" Sender: akarasulu@gmail.com To: "Apache Directory Developers List" Subject: Re: [Apache DS] Questions about Apache DS 1.5.2 server.xml file In-Reply-To: <98d8c0860805190741j79d6290egb8efcc96341b63a@mail.gmail.com> MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_Part_23031_18025958.1211216307608" References: <98d8c0860805130240y147787b5s56dd6b01274d9345@mail.gmail.com> <98d8c0860805140204g5f8b8527m37ccd75c631761d3@mail.gmail.com> <98d8c0860805160537t2898ccd4te6a7a70304b39074@mail.gmail.com> <482DA75C.9249.0044.0@salfordsoftware.co.uk> <98d8c0860805160827h50d4254cq39d8fcb499db2f50@mail.gmail.com> <98d8c0860805190741j79d6290egb8efcc96341b63a@mail.gmail.com> X-Google-Sender-Auth: 35187c26354227df X-Virus-Checked: Checked by ClamAV on apache.org ------=_Part_23031_18025958.1211216307608 Content-Type: text/plain; charset=ISO-2022-JP Content-Transfer-Encoding: 7bit Content-Disposition: inline Hi Pierre, 2008/5/19 Pierre-Arnaud Marcelot : > Hi all, > > I still need a few other explanations on some parts of the server.xml file > in order to finish the update for the 1.5.2 version. > > I'm wondering what these attributes and tags are for (I guess Kerberos...): > > - saslHost > - saslPrincipal > - searchBaseDn > - saslQop > - saslRealms > > > I believe these parameters should also have an associated UI, shouldn't > they? > Yeah these are parameters for SASL using GSSAPI against Kerberos. Yeah I guess I would use a specific UI dialog for this content. Thanks, Alex > > 2008/5/16 Alex Karasulu : > > May be David can give us some insight as to how these properties would be >> properly encoded in XBean terms. >> >> I too have not tried it. Perhaps between Martin and David we can figure >> this out. >> >> Thanks guys, >> Alex >> >> 2008/5/16 Pierre-Arnaud Marcelot : >> >> Hi Martin, >>> >>> Thanks a lot! >>> I completely understand the configuration now. >>> >>> About the peerReplicas property, you're right and I'm not sure either the >>> given example would work. >>> Did anyone tested it? >>> >>> But I think we can mix xbean and spring syntaxes to get something that >>> will work and could look like: >>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> instance_b@localhost:10392 >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>> >>> >>> Thanks again, >>> Pierre-Arnaud >>> >>> >>> On Fri, May 16, 2008 at 4:25 PM, Martin Alderson < >>> Martin.Alderson@salfordsoftware.co.uk> wrote: >>> >>>> Hi Pierre, >>>> >>>> I haven't tried the new xbean form of the replication configuration - >>>> I'm not really sure if anyone has! >>>> >>>> I'm not sure if peerReplicas="instance_b@localhost:10392" will work, >>>> since peerReplicas is actually a set. In my old style config I have: >>>> >>>> >>>> >>>> t3st-b@127.0.0.1:11390 >>>> >>>> >>>> >>>> Each ApacheDS replica needs to be given a unique and permanent case >>>> insensitive ID. It should never change for a given ApacheDS instance >>>> unless the backend data is wiped out (effectively giving you a fresh >>>> install). I think that in the future we would want to make this >>>> auto-generated by default to simplify the configuration. The replica ID >>>> in your snippet is instance_a - the rest is just necessary cruft that we >>>> should cut down in the future. The replica ID must match the regular >>>> expression [-_a-zA-Z0-9]{1,16}. >>>> >>>> The replication service listens on the port specified with "serverPort" >>>> for connections from other replicas. All the other replicas must be >>>> specified with "peerReplicas". Each peer replica is specified with >>>> [replicaID]@[serverAddress]:[serverPort]. >>>> >>>> Hope this helps, >>>> >>>> Martin >>>> >>>> >>>> >>> "Pierre-Arnaud Marcelot" 16/05/2008 13:37 >>> >>>> Hi Alex, >>>> >>>> Thanks for your answers. >>>> >>>> Another question... >>>> >>>> I'd like the configuration editor to be able to edit basic replication >>>> settings for the replication interceptor. >>>> Can I get a little explanation on what these lines doplease? >>>> >>>> > >>>> > >>>> > >>> > peerReplicas="instance_b@localhost:10392"> >>>> > >>>> > >>>> > >>>> > >>>> > >>>> > >>>> > >>>> Especially the serverPort, peerReplicas, replacaId attributes or >>>> tag... >>>> >>>> Thanks a lot. >>>> >>>> Pierre-Arnaud >>>> On Thu, May 15, 2008 at 12:19 PM, Alex Karasulu >>>> wrote: >>>> >>>> > Hey Pierre, >>>> > >>>> > Sorry for taking so long to respond on this one. >>>> > >>>> > On Wed, May 14, 2008 at 5:04 AM, Pierre-Arnaud Marcelot >>>> >>>> > wrote: >>>> > >>>> >> Hi again Alex, >>>> >> >>>> >> On Tue, May 13, 2008 at 5:19 PM, Alex Karasulu >>>> >>>> >> wrote: >>>> >> >>>> >>> >>>> >>> ● It seems that each declared protocol must be referenced in the >>>> >>>> 'apacheDS' bean. Am I right? >>>> >>>> If yes, then if I want to enable the DNS server inside Apache DS, >>>> I'll >>>> >>>> need to uncomment the 'dnsServer' bean, add an 'id' to it and >>>> reference it >>>> >>>> in the 'apacheDS' bean? >>>> >>>> >>>> >>> >>>> >>> Yep you're right. >>>> >> >>>> >> >>>> >> Are you sure about that...? >>>> >> Actually, I had a closer look to the ApacheDS class >>>> >> (org.apache.directory.server.configuration.ApacheDS) and I've not >>>> seen any >>>> >> dnsServer, kdcServer, changePasswordServer or ntpServer field. I >>>> don't see >>>> >> how Spring could make any association... >>>> >> >>>> > >>>> > Yeah it was there before. I may have an older version in mind. >>>> That's >>>> > where we should keep a reference to all these protocol >>>> server/services. >>>> > Must have changed when we did this XBean thing. >>>> > >>>> > >>>> >> How do I enable these protocols? Maybe by setting an 'enable' >>>> attribute >>>> >> set to true to each protocol bean? >>>> >> >>>> >> I think so but I'd need to look at the code. I think there's a >>>> start >>>> > method but it only gets or shoudl only get invoked or startup the >>>> service >>>> > when this enabled flag is set. I'd need to look at the logic there. >>>> > >>>> > Alex >>>> > >>>> >>> >>> >> > ------=_Part_23031_18025958.1211216307608 Content-Type: text/html; charset=ISO-2022-JP Content-Transfer-Encoding: 7bit Content-Disposition: inline Hi Pierre,

2008/5/19 Pierre-Arnaud Marcelot <pa@marcelot.net>:
Hi all,

I still need a few other explanations on some parts of the server.xml file in order to finish the update for the 1.5.2 version.

I'm wondering what these attributes and tags are for (I guess Kerberos...):
  • saslHost
  • saslPrincipal
  • searchBaseDn
  • saslQop
  • saslRealms

I believe these parameters should also have an associated UI, shouldn't they?

Yeah these are parameters for SASL using GSSAPI against Kerberos.  Yeah I guess I would use a specific UI dialog for this content.

Thanks,
Alex

 

2008/5/16 Alex Karasulu <akarasulu@apache.org>:

May be David can give us some insight as to how these properties would be properly encoded in XBean terms. 

I too have not tried it.  Perhaps between Martin and David we can figure this out.

Thanks guys,
Alex

2008/5/16 Pierre-Arnaud Marcelot <pa@marcelot.net>:

Hi Martin,

Thanks a lot!
I completely understand the configuration now.

About the peerReplicas property, you're right and I'm not sure either the given example would work.
Did anyone tested it?

But I think we can mix xbean and spring syntaxes to get something that will work and could look like:
      <replicationInterceptor>
        <configuration>
          <replicationConfiguration serverPort="10390">
            <spring:property name="peerReplicas">
              <spring:set>
                <spring:value xmlns="http://www.springframework.org/schema/beans">
                     instance_b@localhost:10392
                </spring:value>
              </spring:set>
            </spring:property>

            <replicaId>
              <replicaId id="instance_a"/>
            </replicaId>
          </replicationConfiguration>
        </configuration>
      </replicationInterceptor>
 

Thanks again,
Pierre-Arnaud


On Fri, May 16, 2008 at 4:25 PM, Martin Alderson <Martin.Alderson@salfordsoftware.co.uk> wrote:
Hi Pierre,

I haven't tried the new xbean form of the replication configuration -
I'm not really sure if anyone has!

I'm not sure if peerReplicas="instance_b@localhost:10392" will work,
since peerReplicas is actually a set.  In my old style config I have:

                 <property name="peerReplicas">
                   <set>
                     <value>t3st-b@127.0.0.1:11390</value>
                   </set>
                 </property>

Each ApacheDS replica needs to be given a unique and permanent case
insensitive ID.  It should never change for a given ApacheDS instance
unless the backend data is wiped out (effectively giving you a fresh
install).  I think that in the future we would want to make this
auto-generated by default to simplify the configuration.  The replica ID
in your snippet is instance_a - the rest is just necessary cruft that we
should cut down in the future.  The replica ID must match the regular
expression [-_a-zA-Z0-9]{1,16}.

The replication service listens on the port specified with "serverPort"
for connections from other replicas.  All the other replicas must be
specified with "peerReplicas".  Each peer replica is specified with
[replicaID]@[serverAddress]:[serverPort].

Hope this helps,

Martin


>>> "Pierre-Arnaud Marcelot" <pa@marcelot.net> 16/05/2008 13:37 >>>
Hi Alex,

Thanks for your answers.

Another question...

I'd like the configuration editor to be able to edit basic replication
settings for the replication interceptor.
Can I get a little explanation on what these lines doplease?

>       <replicationInterceptor>
>         <configuration>
>           <replicationConfiguration serverPort="10390"
> peerReplicas="instance_b@localhost:10392">
>             <replicaId>
>               <replicaId id="instance_a"/>
>             </replicaId>
>           </replicationConfiguration>
>         </configuration>
>       </replicationInterceptor>
>
Especially the serverPort, peerReplicas, replacaId attributes or
tag...

Thanks a lot.

Pierre-Arnaud
On Thu, May 15, 2008 at 12:19 PM, Alex Karasulu <akarasulu@apache.org>
wrote:

> Hey Pierre,
>
> Sorry for taking so long to respond on this one.
>
> On Wed, May 14, 2008 at 5:04 AM, Pierre-Arnaud Marcelot
<pa@marcelot.net>
> wrote:
>
>> Hi again Alex,
>>
>> On Tue, May 13, 2008 at 5:19 PM, Alex Karasulu
<akarasulu@apache.org>
>> wrote:
>>
>>>
>>> ● It seems that each declared protocol must be referenced in the
>>>> 'apacheDS' bean. Am I right?
>>>> If yes, then if I want to enable the DNS server inside Apache DS,
I'll
>>>> need to uncomment the 'dnsServer' bean, add an 'id' to it and
reference it
>>>> in the 'apacheDS' bean?
>>>>
>>>
>>> Yep you're right.
>>
>>
>> Are you sure about that...?
>> Actually, I had a closer look to the ApacheDS class
>> (org.apache.directory.server.configuration.ApacheDS) and I've not
seen any
>> dnsServer, kdcServer, changePasswordServer or ntpServer field. I
don't see
>> how Spring could make any association...
>>
>
> Yeah it was there before.  I may have an older version in mind.
That's
> where we should keep a reference to all these protocol
server/services.
> Must have changed when we did this XBean thing.
>
>
>> How do I enable these protocols? Maybe by setting an 'enable'
attribute
>> set to true to each protocol bean?
>>
>> I think so but I'd need to look at the code.  I think there's a
start
> method but it only gets or shoudl only get invoked or startup the
service
> when this enabled flag is set.  I'd need to look at the logic there.
>
> Alex
>




------=_Part_23031_18025958.1211216307608--