Licensed to the Apache Software Foundation (ASF) under one or more contributor license agreements. See the NOTICE file distributed with this work for additional information regarding copyright ownership. The ASF licenses this file to you under the Apache License, Version 2.0 (the “License”); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an “AS IS” BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
Apache Fortress 2.0.4 and OpenLDAP Quickstart System Architecture
Minimum hardware requirements:
Minimum software requirements:
Everything else covered in steps that follow.
a. from git:
git clone --branch 2.0.4 https://gitbox.apache.org/repos/asf/directory-fortress-core.git cd directory-fortress-core
b. or download package:
wget http://www.apache.org/dist/directory/fortress/dist/2.0.4/fortress-core-2.0.4-source-release.zip unzip fortress-core-2.0.4-source-release.zip cd fortress-core-2.0.4
cp build.properties.example build.properties cp slapd.properties.example slapd.properties
*slapd.properties.example contains the slapd default config.
Download the latest OpenLDAP binaries for your platform: Symas OpenLDAP Silver Edition
Place either a centos or debian package under the folder named ldap : fortress-core-[VERSION]/ldap
Edit the slapd.properties file:
vi slapd.properties
a. For Debian installs:
slapd.install=dpkg -i symas-openldap-silver.version.platform.deb
b. For Centos:
slapd.install=rpm -i symas-openldap-silver.version.platform.rpm
a. Yes, I want to enable slapo-rbac:
rbac.accelerator=true
To use this option, symas-openldap version 2.4.43++ is required.
b. No, I don't want to enable slapo-rbac:
rbac.accelerator=false
a. Place .pem files for ca-certificate, server certificate and private key in folder named certs : fortress-core-[VERSION]/src/test/resources/certs
These will get copied to openldap ssl folder during init-slapd target. For example:
b. add or replace the following slapd.properties:
# These are needed for client SSL connections with LDAP Server: enable.ldap.ssl=true # The LDAP hostname must match the common name in the server certificate: ldap.host=fortressdemo2.com # 636 is default LDAPS on OpenLDAP: ldap.port=636 enable.ldap.ssl.debug=true # The trust store is found either on the application's classpath or filepath as specified by trust.store.onclasspath: trust.store=mytruststore trust.store.password=changeit # Will pick up the truststore from the classpath if set to true which is the default. Otherwise, file must be specified a fully qualified filename: trust.store.onclasspath=true # These are needed for slapd startup SSL configuration: ldap.uris=ldap://${ldap.host}:389 ldaps://${ldap.host}:${ldap.port} # These are the 3 crypto artifacts copied earlier: tls.ca.cert.file=ca-cert.pem tls.cert.file=server-cert.pem tls.key.file=server-key.pem
more notes
Save and exit
Prepare your terminal for execution of maven commands.
#!/bin/sh export M2_HOME=... export JAVA_HOME=... export PATH=$PATH:$M2_HOME/bin
a. Java 8 target
mvn clean install
-- OR --
b. Java 11 target
mvn clean install -Djava.version=11
mvn test -Pinit-slapd
mvn test -Pstart-slapd
mvn test -Pstop-slapd
mvn install -Dload.file=./ldap/setup/refreshLDAPData.xml
These will build the Directory Information Tree (DIT), create the config and data policies needed for the integration test to follow.
mvn -Dtest=FortressJUnitTest test
Tests the APIs against your LDAP server.
Tests run: Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 196 sec - in org.apache.directory.fortress.core.impl.FortressJUnitTest Results : Tests run: Failures: 0, Errors: 0, Skipped: 0 [INFO] [INFO] --- maven-antrun-plugin:1.8:run (default) @ fortress-core --- [INFO] Executing tasks fortress-load: [INFO] Executed tasks [INFO] ------------------------------------------------------------------------ [INFO] BUILD SUCCESS [INFO] ------------------------------------------------------------------------ [INFO] Total time: 03:19 min [INFO] Finished at: 2016-01-07T09:28:18-06:00 [INFO] Final Memory: 27M/532M [INFO] ------------------------------------------------------------------------
mvn -Dtest=FortressJUnitTest test
Tests run: Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 207.081 sec - in org.apache.directory.fortress.core.impl.FortressJUnitTest Results : Tests run: Failures: 0, Errors: 0, Skipped: 0 [INFO] [INFO] --- maven-antrun-plugin:1.8:run (default) @ fortress-core --- [INFO] Executing tasks fortress-load: [INFO] Executed tasks [INFO] ------------------------------------------------------------------------ [INFO] BUILD SUCCESS [INFO] ------------------------------------------------------------------------ [INFO] Total time: 03:30 min [INFO] Finished at: 2016-01-07T09:33:11-06:00 [INFO] Final Memory: 27M/531M [INFO] ------------------------------------------------------------------------
Notice more tests ran this time vs the first time, due to teardown.
Test Notes:
During this section, you will be asked to setup Apache Tomcat 8 and prepare for usage with Apache Fortress
wget http://archive.apache.org/dist/tomcat/tomcat-8/v8.0.30/bin/apache-tomcat-8.0.30.tar.gz tar -xvf apache-tomcat-8.0.30.tar.gz sudo mv apache-tomcat-8.0.30 /usr/local/tomcat8
Change the tomcat version as neeeded - v7 and beyond are ok. For BSD variants (i.e. Mac) append / to the folder name above on mv command.*
sudo wget http://repo.maven.apache.org/maven2/org/apache/directory/fortress/fortress-realm-proxy/2.0.4/fortress-realm-proxy-2.0.4.jar -P /usr/local/tomcat8/lib
sudo vi /usr/local/tomcat8/conf/tomcat-users.xml
<role rolename="manager-script"/> <role rolename="manager-gui"/> <user username="tcmanager" password="m@nager123" roles="manager-script"/> <user username="tcmanagergui" password="m@nager123" roles="manager-gui"/>
Save and exit tomcat-users.xml file
Configure Tomcat as a service (optional)
a. Edit the config file:
vi /etc/init.d/tomcat
b. Add the following:
#!/bin/bash # description: Tomcat Start Stop Restart # processname: tomcat # chkconfig: 234 20 80 CATALINA_HOME=/usr/local/tomcat8 case $1 in start) sh $CATALINA_HOME/bin/startup.sh ;; stop) sh $CATALINA_HOME/bin/shutdown.sh ;; restart) sh $CATALINA_HOME/bin/shutdown.sh sh $CATALINA_HOME/bin/startup.sh ;; esac exit 0
c. Add the init script to startup for run level 2, 3 and 4:
cd /etc/init.d chmod 755 tomcat chkconfig --add tomcat chkconfig --level 234 tomcat on
a. If running Tomcat as a service:
service tomcat start
b. Else
sudo /usr/local/tomcat8/bin/startup.sh
tail -f -n10000 /usr/local/tomcat8/logs/catalina.out
http://hostname:8080/manager
During this section, you will be asked to setup Apache Fortress Rest Application
a. from git:
git clone --branch 2.0.4 https://gitbox.apache.org/repos/asf/directory-fortress-enmasse.git cd directory-fortress-enmasse
b. or download package:
wget http://www.apache.org/dist/directory/fortress/dist/2.0.4/fortress-rest-2.0.4-source-release.zip unzip fortress-rest-2.0.4-source-release.zip cd fortress-rest-2.0.4
cp ../[FORTRESS-CORE-HOME]/config/fortress.properties src/main/resources
where FORTRESS-CORE-HOME is package location on your machine
mvn clean install -Dload.file=./src/main/resources/FortressRestServerPolicy.xml tomcat:deploy
mvn tomcat:redeploy
mvn test -Dtest=EmTest
During this section, you will be asked to setup Apache Fortress Web Application
a. from git:
git clone --branch 2.0.4 https://gitbox.apache.org/repos/asf/directory-fortress-commander.git cd directory-fortress-commander
b. or download package:
wget http://www.apache.org/dist/directory/fortress/dist/2.0.4/fortress-web-2.0.4-source-release.zip unzip fortress-web-2.0.4-source-release.zip cd fortress-web-2.0.4
cp ../[FORTRESS-CORE-HOME]/config/fortress.properties src/main/resources
where FORTRESS-CORE-HOME is package location on your machine
mvn clean install -Dload.file=./src/main/resources/FortressWebDemoUsers.xml tomcat:deploy
mvn tomcat:redeploy
http://hostname:8080/fortress-web
Click on the links, to pull up various views on the data stored in the directory.
Run the Selenium Web driver integration tests with Firefox (default):
mvn test -Dtest=FortressWebSeleniumITCase
mvn test -Dtest=FortressWebSeleniumITCase -Dweb.driver=chrome
Note: The Selenium tests require that: