commit | ff7da6664e79e9ebd5ce90da8fe7d084db04d432 | [log] [tgz] |
---|---|---|
author | Shawn McKinney <smckinney@symas.com> | Tue Jul 12 04:44:35 2022 -0500 |
committer | Shawn McKinney <smckinney@symas.com> | Tue Jul 12 04:44:35 2022 -0500 |
tree | 1a3ecf8c410d495c12d6dfb65a010c55d4282605 | |
parent | 331c915902bf116f4a284c9f6e1cef6504ca77bf [diff] |
to latest wicket, spring security
Licensed to the Apache Software Foundation (ASF) under one or more contributor license agreements. See the NOTICE file distributed with this work for additional information regarding copyright ownership. The ASF licenses this file to you under the Apache License, Version 2.0 (the “License”); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an “AS IS” BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
This document contains instructions to download, build, and test operations using Apache Fortress Web component.
A web interface to drive administrative and review functions of Apache Fortress.
Uses Apache Wicket as the web framework.
Layered security using ...
Each Page maps to a different Fortress entity (Users, Roles, Perms, Groups, ...) and has four panels:
More here: README-SECURITY-MODEL
Minimum software requirements:
Everything else covered in the steps that follow. Tested on Debian & Centos systems.
a. from git:
git clone --branch 2.0.5 https://gitbox.apache.org/repos/asf/directory-fortress-commander.git/ cd directory-fortress-commander
b. or download package:
wget http://www.apache.org/dist/directory/fortress/dist/2.0.5/fortress-web-2.0.5-source-release.zip unzip fortress-web-2.0.5-source-release.zip cd fortress-web-2.0.5
mvn clean install
cp src/main/resources/fortress.properties.example src/main/resources/fortress.properties
vi src/main/resources/fortress.properties
a. Prepare fortress for ApacheDS usage:
# This param tells fortress what type of ldap server in use: ldap.server.type=apacheds # Use value from [Set Hostname Entry]: host=localhost # ApacheDS defaults to this: port=10389 # These credentials are used for read/write access to all nodes under suffix: admin.user=uid=admin,ou=system admin.pw=secret
-- Or --
b. Prepare fortress for OpenLDAP usage:
# This param tells fortress what type of ldap server in use: ldap.server.type=openldap # Use value from [Set Hostname Entry]: host=localhost # OpenLDAP defaults to this: port=389 # These credentials are used for read/write access to all nodes under suffix: admin.user=cn=manager,dc=example,dc=com admin.pw=secret # Optional, If using audit view pages, enable this service account to the slapd access log database: log.admin.user=cn=manager,cn=log # For corresponding log user: log.admin.pw=secret
a. Look out fortress.properties.example for a list of typical options.
b. Learn more about what properties there are: README-PROPERTIES.
Run maven install with load file:
mvn install -Dload.file=./src/main/resources/FortressWebDemoUsers.xml
Notes:
<plugin> <groupId>org.codehaus.mojo</groupId> <artifactId>tomcat-maven-plugin</artifactId> <version>${version.tomcat.maven.plugin}</version> <configuration> ... <!-- Warning the tomcat manager creds here are for deploying into a demo environment only. --> <username>tcmanager</username> <password>m@nager123</password> </configuration> </plugin>
wget http://repo.maven.apache.org/maven2/org/apache/directory/fortress/fortress-realm-proxy/2.0.5/fortress-realm-proxy-2.0.5.jar -P $TOMCAT_HOME/lib
where TOMCAT_HOME matches your target env.
Restart Tomcat server.
Enter maven command to deploy to Tomcat:
mvn tomcat:deploy
mvn tomcat:redeploy
http://hostname:8080/fortress-web
where hostname is host or ip for your machine
Fortress Web uses WebDriverManager to manage the Selenium drivers.
Run the Selenium Web driver integration tests with Firefox (default):
mvn test -Dtest=FortressWebSeleniumITCase
mvn test -Dtest=FortressWebSeleniumITCase -Dweb.driver=chrome
Note: These automated tests require that:
This section describes the properties needed to control fortress web.
# Host name and port of LDAP DIT: host=localhost port=10389
# If ApacheDS server: ldap.server.type=apacheds
# Else if OpenLDAP server: ldap.server.type=openldap
# Else leave blank: #ldap.server.type=other
# If ApacheDS it will look something like this: admin.user=uid=admin,ou=system admin.pw=secret
# Else If OpenLDAP it will look something like this: admin.user=cn=Manager,dc=example,dc=com
# This is min/max settings for LDAP connections. For testing and low-volume instances this will work: min.admin.conn=1 max.admin.conn=10
# This node contains fortress properties stored on behalf of connecting LDAP clients: config.realm=DEFAULT config.root=ou=Config,dc=example,dc=com
# Used for SSL Connection to LDAP Server: enable.ldap.ssl=true enable.ldap.ssl.debug=true trust.store=/fully/qualified/path/and/file/name/to/java/truststore trust.store.password=changeit
# This will override default LDAP manager implementations for the RESTful ones: enable.mgr.impl.rest=true
# Optional parameters needed when Fortress client is connecting with the En Masse (rather than LDAP) server: http.user=demouser4 http.pw=gX9JbCTxJW5RiH+otQEX0Ja0RIAoPBQf http.host=localhost http.port=8080
# The default is 'false': enable.nav.panel=true
# ApacheDS stores its password policies objects here by default: apacheds.pwpolicy.root=ou=passwordPolicies,ads-interceptorId=authenticationInterceptor,ou=interceptors,ads-directoryServiceId=default,ou=config
# Used by application security components: perms.cached=true
# This is the default tenant or home context contextId=HOME
# If you need to scope to a different tenant, supply its ID here: contextId=mytenantid