...
Those parameters are loaded in the org.apache.directory.server.Service.java class, when the server is started, in the init method :
| Code Block | ||||
|---|---|---|---|---|
| ||||
public void init( InstallationLayout install, String[] args ) throws Exception { ... if ( install != null ) { log.info( "server: loading settings from ", install.getConfigurationFile() ); ... env = ( Properties ) factory.getBean( "environment" ); ... |
They are used everywhere in the server.
The "environment" bean is read from the Spring configuration file, server.xml, shown below :
...
Parameter | Default value | Description | Comment |
|---|---|---|---|
java.naming.security.authentication | simple | The kind of authentication used for the admin. | Shouldn't it be SASL now ? |
java.naming.security.principal | uid=admin,ou=system | The admin DN | Can be changed to another DN |
java.naming.security.credentials | secret | The principal password | must be changed at startup!!! |
java.naming.ldap.attributes.binary | empty | The list of binary attributes | In LDAP, only a few AT are declared as binary. |
...
Parameter | Default value | Description |
|---|---|---|
enabled | false | Whether this service is enabled. |
ipPort | No default. | The IP port for this service. |
ipAddress | No default. | The IP address for this service. |
searchBaseDn | "ou=users,dc=example,dc=comou=system" | The single location where entries users that can be SASL authenticated are stored. The <to be clarified>The definition of "entries" depends on the protocol. For example, for LDAP, Kerberos, and Change Password, entries are users for purposes of authentication. For DNS, entries are resource records. If this property is not set the store will search the system partition configuration for catalog entries. Catalog support is highly experimental and is only tested in the OSGi build of ApacheDS using the Config Admin service.<to be clarified/> |
| Warning | ||
|---|---|---|
| ||
This last parameter has been included with the last SASL addition. The description is not giving a lot of information about what is this parameter about, except for SASL authentication. The parameter name is not significant, and another one should be selected, IMHO. Can soemone elaborate what this parameter is about ? |
Parameter | Default value | Description |
|---|---|---|
initialContextFactory | "org.apache.directory.server.core.jndi.CoreContextFactory" | The JNDI initial context factory to use. |
securityAuthentication | "simple" | The authentication mechanism to use for establishing a JNDI context. |
securityPrincipal | "uid=admin,ou=system" | The principal to use for establishing a JNDI context. |
securityCredentials | "secret" | The credentials to use for establishing a JNDI context. |
serviceName | No default. | The friendly name of this service. |
servicePid | No default. | The PID for this service. A PID is a unique identifier for an instance of a service. PID's are used by OSGi's Config Admin service to dynamically inject configuration into a service when the service is started. |
bufferSize | No default. | The MINA buffer size for this service. |
catalogBaseDn | No default. | The single location where catalog entries are stored. A catalog entry is a mapping of a realm (or zone for DNS) to a search base DN. If this property is not set the store will expect a single search base DN to be set. Catalog support is highly experimental and is only tested in the OSGi build of ApacheDS using the Config Admin service. |
| Warning |
|---|
It would be goodd to have more insight about catalogs.
LDAP-Specific Configuration Parameters
...
The NTP parameters are very limited :
| Code Block | ||||
|---|---|---|---|---|
| ||||
<bean id="ntpConfiguration" class="org.apache.directory.server.ntp.NtpConfiguration">
<!-- Whether to enable the NTP protocol. -->
<property name="enabled" value="true" />
<!-- The port to run the NTP protocol on. -->
<property name="ipPort" value="123" />
</bean>
|
...