From dev-return-34648-apmail-directory-dev-archive=directory.apache.org@directory.apache.org Tue Aug 03 16:29:47 2010 Return-Path: Delivered-To: apmail-directory-dev-archive@www.apache.org Received: (qmail 87977 invoked from network); 3 Aug 2010 16:29:47 -0000 Received: from unknown (HELO mail.apache.org) (140.211.11.3) by 140.211.11.9 with SMTP; 3 Aug 2010 16:29:47 -0000 Received: (qmail 76296 invoked by uid 500); 3 Aug 2010 16:29:47 -0000 Delivered-To: apmail-directory-dev-archive@directory.apache.org Received: (qmail 76097 invoked by uid 500); 3 Aug 2010 16:29:46 -0000 Mailing-List: contact dev-help@directory.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Apache Directory Developers List" Delivered-To: mailing list dev@directory.apache.org Received: (qmail 76090 invoked by uid 99); 3 Aug 2010 16:29:46 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 03 Aug 2010 16:29:46 +0000 X-ASF-Spam-Status: No, hits=-2.3 required=10.0 tests=RCVD_IN_DNSWL_MED X-Spam-Check-By: apache.org Received-SPF: unknown (nike.apache.org: error in processing during lookup of rbenjamin@ebay.com) Received: from [216.33.244.7] (HELO rhv-mipot-002.corp.ebay.com) (216.33.244.7) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 03 Aug 2010 16:29:38 +0000 DomainKey-Signature: s=corp; d=ebay.com; c=nofws; q=dns; h=X-EBay-Corp:X-IronPort-AV:Received:Received:From:To:Date: Subject:Thread-Topic:Thread-Index:Message-ID:References: In-Reply-To:Accept-Language:Content-Language: X-MS-Has-Attach:X-MS-TNEF-Correlator:acceptlanguage: x-ems-proccessed:x-ems-stamp:Content-Type: Content-Transfer-Encoding:MIME-Version:X-CFilter; b=c8LOhHy1FeOaSFFOsvLTyvReA8niARTD9XsfEkavJiMGZh4eAHR8adgB kKJ+urKIkwFrInQvikl8xP1fPjUkkjnVQSbQx39ZZegNEhncMemwbDOlq MCgYyXZH2pqeGeg; DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=ebay.com; i=rbenjamin@ebay.com; q=dns/txt; s=corp; t=1280852978; x=1312388978; h=from:to:date:subject:message-id:references:in-reply-to: content-transfer-encoding:mime-version; z=From:=20"Benjamin,=20Roy"=20|To:=20A pache=20Directory=20Developers=20List=20|Date:=20Tue,=203=20Aug=202010=2009:29:14=20-070 0|Subject:=20RE:=20Startup=20Error=20for=20Embedded=20Apa cheDS=20Created=20by=20ApacheDS=0D=0A=20archetype |Message-ID:=20|References:=20<30173696.86 121280489836607.JavaMail.jira@thor>=0D=0A=09<4929557.9012 1280511796748.JavaMail.jira@thor>=0D=0A=09 =0D=0A=09=0D=0A=09=0D=0A=09=0D =0A=09=0D=0A=09<4C575F57.3040709@gmail.com >=0D=0A=09=0D=0A=09=0D=0A =20|In-Reply-To:=20 |Content-Transfer-Encoding:=20quoted-printable |MIME-Version:=201.0; bh=Ta28LvFMu9xwRh5i50ul2xaKzeecxiKoZU45ip4qXmY=; b=DR25kFi1qqL9BY/uTH/jdbRgyDAK7Q/iYOM+vjDt/wGMNEMRRw1k/UuY uZJ0vNImYrzB0zNMNz8/ciGkkeFFrzWPnY/FojLMQrYuvOKvJKInnALy1 o9KbryvCtR3PrBo; X-EBay-Corp: Yes X-IronPort-AV: E=Sophos;i="4.55,309,1278313200"; d="scan'208";a="27676109" Received: from rhv-vtenf-002.corp.ebay.com (HELO RHV-MEXHT-002.corp.ebay.com) ([10.112.113.53]) by rhv-mipot-002.corp.ebay.com with ESMTP; 03 Aug 2010 09:29:16 -0700 Received: from RHV-MEXMS-002.corp.ebay.com ([10.245.17.114]) by RHV-MEXHT-002.corp.ebay.com ([10.245.24.101]) with mapi; Tue, 3 Aug 2010 09:29:16 -0700 From: "Benjamin, Roy" To: Apache Directory Developers List Date: Tue, 3 Aug 2010 09:29:14 -0700 Subject: RE: Startup Error for Embedded ApacheDS Created by ApacheDS archetype Thread-Topic: Startup Error for Embedded ApacheDS Created by ApacheDS archetype Thread-Index: Acsy4m/zi83BmHJ0Rla+sCzpe/krzQARmYLw Message-ID: References: <30173696.86121280489836607.JavaMail.jira@thor> <4929557.90121280511796748.JavaMail.jira@thor> <4C575F57.3040709@gmail.com> In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: acceptlanguage: en-US x-ems-proccessed: 10SqDH0iR7ekR7SRpKqm5A== x-ems-stamp: DpkR/L94GLsRyvgDP/zWRA== Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-CFilter: Scanned X-Virus-Checked: Checked by ClamAV on apache.org Hi Kiran, Can you tell me which version of ApacheDS you are using? The one I'm on doesn't think there is a ctor on AbstractAuthenticator that takes an AuthenticationLevel. Thanks! Roy -----Original Message----- From: ayyagarikiran@gmail.com [mailto:ayyagarikiran@gmail.com] On Behalf Of= Kiran Ayyagari Sent: Tuesday, August 03, 2010 1:03 AM To: Apache Directory Developers List Subject: Re: Startup Error for Embedded ApacheDS Created by ApacheDS archet= ype hi Roy, more inline On Tue, Aug 3, 2010 at 6:28 AM, Benjamin, Roy wrote: > I get an error, don't understand why this doesn't work. > > > > in stdout log: > > [17:40:29] ERROR > [org.apache.directory.shared.ldap.schema.loader.ldif.LdifSchemaLoader]=20 > - > ERR_10004 Expecting to find a schema.ldif file in provided=20 > baseDirectory path=20 > 'C:\Tomcat_5_5\work\Catalina\localhost\ApacheDSXX\server-work\schema\ou= =3Dschema.ldif' > but no such file found. > > > > Question: > > 1) Is there really supposed to be a file named: 'ou=3Dschema.ldif' ? > > 2) The path > C:\Tomcat_5_5\work\Catalina\localhost\ApacheDSXX\server-work\schema is=20 > valid, > > =A0=A0 so why can't the default schema be generated successfully ? yes, those LDIF files are required and also we generate the schema during s= tartup of ApacheDS but it is unable to generate it, cause you are embedding= the server in a container and containers have a different classloading mec= hanism which prevents generating the schema files. However if you followed my earlier mails it can be easily circumvented by s= etting the property -Dschema.resource.location > My use case will require a custom Authenticator class, but if I try to=20 > add an Authenticator > > even at various places in the code I get an exception.=A0 I've tried=20 > every place, early in the > > code, late in the code, before startup(), pretty much in each place I=20 > could add it. =A0For each I > > re-check server startup.=A0 Everything is OK, except that I always get=20 > the following exception: > > > > javax.servlet.ServletException: Bind requests only tunnel down into=20 > partitions if there are no authenticators to handle the mechanism. > > Check to see if you have correctly configured authenticators for the serv= er. > > ... > > root cause > > ... > > org.apache.directory.shared.ldap.exception.LdapAuthenticationNotSupported= Exception: > Bind requests only tunnel down into partitions if there are no=20 > authenticators to handle the mechanism. > > Check to see if you have correctly configured authenticators for the serv= er. > > > > I get the exception no matter where I try and add the Authenticator,=20 > or what Authenticator I try to add. > you need to add the authenticator before startup, which I see that you are = doing it (shown in the other mail), but I suspect that you are not initiali= zing that custom authenticator properly hence the issue, here I am attachin= g a modified StartStopListener code. note that it also supports an additional property 'ads-data-dir' to specify= the working directory HTH P.S:- appreciate your patience, and sorry if it took long time to solve thi= s. been held up with other issues Kiran Ayyagari =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D pasting the code here (in case i= f attachment gets stripped ) =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D /* * Licensed to the Apache Software Foundation (ASF) under one * or more contributor license agreements. See the NOTICE file * distributed with this work for additional information * regarding copyright ownership. The ASF licenses this file * to you under the Apache License, Version 2.0 (the * "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, * software distributed under the License is distributed on an * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY * KIND, either express or implied. See the License for the * specific language governing permissions and limitations * under the License. * */ package org.example; import java.io.File; import java.util.HashSet; import java.util.List; import java.util.Set; import javax.servlet.ServletContext; import javax.servlet.ServletContextEvent; import javax.servlet.ServletContextListener; import org.apache.directory.server.constants.ServerDNConstants; import org.apache.directory.server.core.DefaultDirectoryService; import org.apache.directory.server.core.DirectoryService; import org.apache.directory.server.core.LdapPrincipal; import org.apache.directory.server.core.authn.AbstractAuthenticator; import org.apache.directory.server.core.authn.AuthenticationInterceptor; import org.apache.directory.server.core.authn.Authenticator; import org.apache.directory.server.core.authn.SimpleAuthenticator; import org.apache.directory.server.core.factory.JdbmPartitionFactory; import org.apache.directory.server.core.interceptor.context.BindOperationCo= ntext; import org.apache.directory.server.core.partition.Partition; import org.apache.directory.server.core.partition.ldif.LdifPartition; import org.apache.directory.server.core.schema.SchemaPartition; import org.apache.directory.server.ldap.LdapServer; import org.apache.directory.server.protocol.shared.transport.TcpTransport; import org.apache.directory.shared.ldap.constants.AuthenticationLevel; import org.apache.directory.shared.ldap.constants.SchemaConstants; import org.apache.directory.shared.ldap.schema.SchemaManager; import org.apache.directory.shared.ldap.schema.ldif.extractor.SchemaLdifExt= ractor; import org.apache.directory.shared.ldap.schema.ldif.extractor.impl.DefaultS= chemaLdifExtractor; import org.apache.directory.shared.ldap.schema.loader.ldif.LdifSchemaLoader= ; import org.apache.directory.shared.ldap.schema.manager.impl.DefaultSchemaMa= nager; import org.apache.directory.shared.ldap.schema.registries.SchemaLoader; /** * A Servlet context listener to start and stop ApacheDS. * * @author Apache Directory * Project */ public class StartStopListener implements ServletContextListener { private DirectoryService directoryService; private LdapServer ldapServer; /** * Startup ApacheDS embedded. */ public void contextInitialized( ServletContextEvent evt ) { try { ServletContext servletContext =3D evt.getServletContext(); directoryService =3D new DefaultDirectoryService(); directoryService.setShutdownHookEnabled( true ); ldapServer =3D new LdapServer(); ldapServer.setDirectoryService( directoryService ); ldapServer.setAllowAnonymousAccess( true ); // Set LDAP port to 10389 TcpTransport ldapTransport =3D new TcpTransport( 10389 ); ldapServer.setTransports( ldapTransport ); directoryService.setWorkingDirectory( getWorkingDir( servletCon= text ) ); initSchema(); initSystemPartition(); AuthenticationInterceptor authInterceptor =3D ( AuthenticationI= nterceptor ) directoryService .getInterceptor( AuthenticationInterceptor.class.getName() = ); Set authenticators =3D authInterceptor.getAuthen= ticators(); if ( authenticators =3D=3D null ) { authenticators =3D new HashSet(); } // add your authenticator authenticators.add( new MyAuthenticator() ); authInterceptor.setAuthenticators( authenticators ); directoryService.startup(); ldapServer.start(); // Store directoryService in context to provide it to servlets = etc. servletContext.setAttribute( DirectoryService.JNDI_KEY, directo= ryService ); } catch ( Exception e ) { throw new RuntimeException( e ); } } /** * Shutdown ApacheDS embedded. */ public void contextDestroyed( ServletContextEvent evt ) { try { ldapServer.stop(); directoryService.shutdown(); } catch ( Exception e ) { throw new RuntimeException( e ); } } /** * Inits the schema and schema partition. */ private void initSchema() throws Exception { SchemaPartition schemaPartition =3D directoryService.getSchemaServi= ce().getSchemaPartition(); // Init the LdifPartition LdifPartition ldifPartition =3D new LdifPartition(); String workingDirectory =3D directoryService.getWorkingDirectory().getPath(); ldifPartition.setWorkingDirectory( workingDirectory + "/schema" ); // Extract the schema on disk (a brand new one) and load the regist= ries File serverWorkDirectory =3D new File( workingDirectory ); File schemaRepository =3D new File( serverWorkDirectory, "schema" )= ; SchemaLdifExtractor extractor =3D new DefaultSchemaLdifExtractor( s= erverWorkDirectory ); if ( !schemaRepository.exists() ) { // extract only if the schema directory is not present extractor.extractOrCopy(); } else { System.out.println( "schema partition directory exists, skippin= g schema extraction" ); } schemaPartition.setWrappedPartition( ldifPartition ); SchemaLoader loader =3D new LdifSchemaLoader( schemaRepository ); SchemaManager schemaManager =3D new DefaultSchemaManager( loader ); directoryService.setSchemaManager( schemaManager ); // We have to load the schema now, otherwise we won't be able // to initialize the Partitions, as we won't be able to parse // and normalize their suffix DN schemaManager.loadAllEnabled(); schemaPartition.setSchemaManager( schemaManager ); List errors =3D schemaManager.getErrors(); if ( errors.size() !=3D 0 ) { System.out.println( errors ); throw new RuntimeException( "there were errors while loading sc= hema" ); } } /** * Inits the system partition. * * @throws Exception the exception */ private void initSystemPartition() throws Exception { // change the working directory to something that is unique // on the system and somewhere either under target directory // or somewhere in a temp area of the machine. JdbmPartitionFactory partitionFactory =3D new JdbmPartitionFactory(= ); // Inject the System Partition Partition systemPartition =3D partitionFactory.createPartition( "sy= stem", ServerDNConstants.SYSTEM_DN, 500, new File( directoryService.getWorkingDirectory(), "system" ) ); systemPartition.setSchemaManager( directoryService.getSchemaManager= () ); partitionFactory.addIndex( systemPartition, SchemaConstants.OBJECT_= CLASS_AT, 100 ); directoryService.setSystemPartition( systemPartition ); } private File getWorkingDir( ServletContext servletContext ) { File workingDir =3D null; String workDirPath =3D System.getProperty( "ads-data-dir" ); if ( workDirPath =3D=3D null ) { // Determine an appropriate working directory workingDir =3D ( File ) servletContext.getAttribute( "javax.ser= vlet.context.tempdir" ); workingDir =3D new File( workingDir, "server-work" ); System.out.println( "ads-data-dir property is not set storing t= he ldap data in temporary directory " + workingDir.getAbsolutePath() ); } else { workingDir =3D new File( workDirPath ); System.out.println( "storing the ldap data in the directory " += workingDir.getAbsolutePath() ); } workingDir.mkdirs(); return workingDir; } } class MyAuthenticator extends AbstractAuthenticator { private SimpleAuthenticator wrappedAuth; public MyAuthenticator() { super( AuthenticationLevel.SIMPLE ); wrappedAuth =3D new SimpleAuthenticator(); } @Override protected void doInit() { try { wrappedAuth.init( getDirectoryService() ); } catch ( Exception e ) { throw new RuntimeException( e ); } } public LdapPrincipal authenticate( BindOperationContext bindContext ) t= hrows Exception { System.out.println( "++++++++++ authenticating using a custome auth= enticator '" + MyAuthenticator.class.getName() + "'" ); return wrappedAuth.authenticate( bindContext ); } }