directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Kiran Ayyagari <>
Subject Re: [ApacheDS] Enablement of LDAPS (SSL) Service in ApacheDS 2.0 configuration
Date Mon, 22 Nov 2010 15:17:57 GMT
On Mon, Nov 22, 2010 at 4:37 PM, Pierre-Arnaud Marcelot <> wrote:
> Hi Emmanuel,
> On 22 nov. 2010, at 15:31, Emmanuel Lecharny wrote:
>> On 11/22/10 3:17 PM, Pierre-Arnaud Marcelot wrote:
>>> Hi Dev,
>>> A quick question, while I'm writing the configuration editor for ApacheDS 2.0
>>> LDAP and LDAPS servers configuration is shared in the 'ads-serverId=ldapServer,ou=servers,ads-directoryServiceId=default,ou=config'
>>> Like other servers (Kerberos, ChangePassword, HTTP, etc.), this entry has a 'ads-enabled'
>>> But how do I know which servers (LDAP and/org LDAPS) should be enabled?
>>> Should I look at the enablement of the transports to see which ones are enabled?
Should we add a specific 'ads-enable-ldaps' attribute to the LDAP Server configuration?
>>> WDYT ?
>> IMO, if the SSL transport is present, then LDAPS should be enabled. No need for an
extra flag.
> I agree with this (transport being present and enabled).
> But I propose we make this a consistent behavior all across the servers
> In that case, how about removing the 'ads-enable' attribute from the servers entries
and look for the value in the transport ?
this requires an entirely different logic to find out if a server is
enabled or not, i.e a server will be
treated as enabled only if at least one transport is enabled. If we
take care of this in
the ServiceBuilder then +1

Kiran Ayyagari

View raw message