build.properties.example - directory-fortress-core - Git at Google

 #
 #   Licensed to the Apache Software Foundation (ASF) under one
 #   or more contributor license agreements.  See the NOTICE file
 #   distributed with this work for additional information
 #   regarding copyright ownership.  The ASF licenses this file
 #   to you under the Apache License, Version 2.0 (the
 #   "License"); you may not use this file except in compliance
 #   with the License.  You may obtain a copy of the License at
 #
 #     http://www.apache.org/licenses/LICENSE-2.0
 #
 #   Unless required by applicable law or agreed to in writing,
 #   software distributed under the License is distributed on an
 #   "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 #   KIND, either express or implied.  See the License for the
 #   specific language governing permissions and limitations
 #   under the License.
 #
 #
 ########################################################################
 # 0. About the fortress build.properties file
 ########################################################################

 # Use this property file to specify environment settings specific to your environment and fortress runtime components.
 # These parameters will be loaded into the following locations by the Fortress during the init targets within the build.xml ant management utility:
 # a. fortress.properties - Fortress' configuration file tells fortress runtime how to connect to remote resources
 # b. refreshLDAPData.xml - Used by fortress to initialize and base load the LDAP DIT data structures.  Fortress also stores runtime params inside 'ou=Config' container on remote server.
 # c. slapd.conf - This will be used to configure the runtime OpenLDAP server (slapd) if applicable.

 ########################################################################
 # 1. BEGIN BASIC CONFIGURATION SECTION
 ########################################################################

 # Use this Fortress Core version:
 version=1.0-RC40-SNAPSHOT

 # Enable local.mode property if your machine does not have connection to Internet and runtime dependencies have already downloaded to FORTRESS_HOME/lib folder on this machine:
 #local.mode=true

 # Set sudo.pw is used by 'init-slapd', 'start-slapd' and 'stop-slapd' tagets on Linux machine when sudo access required, otherwise leave this value blank
 # The sudo.pw variable must be uncommented and left empty iff installing Symas-OpenLDAP package onto Redhat Linux platform:
 #sudo.pw=

 ########################################################################
 # 2. BEGIN HTTP CLIENT CONFIGURATION SECTION (Ignore if using LDAPv3):
 ########################################################################

 # The following optional HTTP parameters are needed when Fortress client communicates though EnMasse HTTP proxy (rather than LDAP) server:
 # Setting the enable.mgr.impl.rest to 'true' sets Fortress instance to use HTTP services rather than LDAPv3 protocol. Default value is 'false':
 # Using REST/HTTP allows Fortress communications to pass through firewalls and other non-LDAP network intermediaries.
 enable.mgr.impl.rest=false
 #enable.mgr.impl.rest=true

 # This user account is added automatically during init-slapd or init-apacheds target via 'FortressDemoUsers.xml' policy file:
 http.user=demouser4
 http.pw=password
 http.host=localhost
 http.port=8080
 http.protocol=http

 ########################################################################
 # 3. BEGIN LDAP CLIENT CONFIGURATION SECTION: (Ignore if using HTTP):
 ########################################################################

 # This param tells fortress what type of ldap server in use:
 #ldap.server.type=openldap
 ldap.server.type=apacheds
 # This is the default:
 ldap.client.type=apache

 # These parameters point fortress to LDAP host:
 ldap.host=localhost
 ldap.port=10389
 enable.ldap.ssl=false
 #ldap.uris=ldap://${ldap.host}:${ldap.port}

 # These are needed for client SSL connections with LDAP Server:
 #enable.ldap.ssl=true
 #ldap.host=fortressdemo2.com
 #ldap.port=10636
 #enable.ldap.ssl.debug=true
 #trust.store=/home/smckinn/GIT/fortressDev/directory-fortress-core/src/test/resources/certs/mytruststore
 #trust.store.password=changeit
 #trust.store.set.prop=true

 # These are needed for slapd startup SSL configuration:
 #ldap.uris=ldap://${ldap.host}:389 ldaps://${ldap.host}:${ldap.port}

 # These are needed for slapd server-side SSL configuration:
 #tls.ca.cert.file=ca-cert.pem
 #tls.cert.file=server-cert.pem
 #tls.key.file=server-key.pem

 # These are used to construct suffix for DIT, i.e. dc=example,dc=com.
 suffix.name=example
 suffix.dc=com
 #suffix.name=coe
 #suffix.dc=hawaii
 #suffix.dc2=edu
 # Do not change suffix param unless you know what you are doing:
 suffix=dc=${suffix.name},dc=${suffix.dc}
 #suffix=dc=${suffix.name},dc=${suffix.dc},dc=${suffix.dc2}

 #  These properties define the structure of Fortress DIT:
 users.dn=ou=People,${suffix}
 roles.dn=ou=Roles,ou=RBAC,${suffix}
 policies.dn=ou=Policies,${suffix}
 perms.dn=ou=Permissions,ou=RBAC,${suffix}
 constraints.dn=ou=Constraints,ou=RBAC,${suffix}
 userous.dn=ou=OS-U,ou=ARBAC,${suffix}
 permous.dn=ou=OS-P,ou=ARBAC,${suffix}
 adminroles.dn=ou=AdminRoles,ou=ARBAC,${suffix}
 adminperms.dn=ou=AdminPerms,ou=ARBAC,${suffix}
 audits.dn=cn=log
 groups.dn=ou=Groups,${suffix}

 # These are the connection parameters used for LDAP service account:
 #root.dn=cn=Manager,${suffix}
 root.dn=uid=admin,ou=system
 # Used to load OpenLDAP admin root password in slapd.conf and was encrypted using 'slappasswd' command:
 root.pw={SSHA}pSOV2TpCxj2NMACijkcMko4fGrFopctU
 # This OpenLDAP admin root pass is bound for fortress.properties used by 'admin' pooled connections:
 cfg.root.pw=secret

 # This specifies the number of default LDAP connections to maintain in the pool:
 admin.min.conn=1
 admin.max.conn=10
 # This speicifes the number of user LDAP connections (used for user authentication operations only) to maintain in the pool:
 # User Pool:
 user.min.conn=1
 user.max.conn=10

 # Used for searching slapd logger.  Comment out for ApacheDS or other directory servers:
 log.admin.user=cn=Manager,cn=log
 log.admin.pw=secret

 # Used for slapd logger connection pool.  Leave zeros when using apacheds:
 min.log.conn=1
 max.log.conn=3

 ########################################################################
 # 9. GROUP OBJECT CLASS DEFINITIONS
 ########################################################################

 # Use Fortress defined LDAP Group objectclass:
 group.objectclass=configGroup
 group.protocol=configProtocol
 group.properties=configParameter

 # Use Guacamole defined LDAP Group objectclass:
 #group.objectclass=guacConfigGroup
 #group.protocol=guacConfigProtocol
 #group.properties=guacConfigParameter
	#
	# Licensed to the Apache Software Foundation (ASF) under one
	# or more contributor license agreements. See the NOTICE file
	# distributed with this work for additional information
	# regarding copyright ownership. The ASF licenses this file
	# to you under the Apache License, Version 2.0 (the
	# "License"); you may not use this file except in compliance
	# with the License. You may obtain a copy of the License at
	#
	# http://www.apache.org/licenses/LICENSE-2.0
	#
	# Unless required by applicable law or agreed to in writing,
	# software distributed under the License is distributed on an
	# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
	# KIND, either express or implied. See the License for the
	# specific language governing permissions and limitations
	# under the License.
	#
	#
	########################################################################
	# 0. About the fortress build.properties file
	########################################################################

	# Use this property file to specify environment settings specific to your environment and fortress runtime components.
	# These parameters will be loaded into the following locations by the Fortress during the init targets within the build.xml ant management utility:
	# a. fortress.properties - Fortress' configuration file tells fortress runtime how to connect to remote resources
	# b. refreshLDAPData.xml - Used by fortress to initialize and base load the LDAP DIT data structures. Fortress also stores runtime params inside 'ou=Config' container on remote server.
	# c. slapd.conf - This will be used to configure the runtime OpenLDAP server (slapd) if applicable.

	########################################################################
	# 1. BEGIN BASIC CONFIGURATION SECTION
	########################################################################

	# Use this Fortress Core version:
	version=1.0-RC40-SNAPSHOT

	# Enable local.mode property if your machine does not have connection to Internet and runtime dependencies have already downloaded to FORTRESS_HOME/lib folder on this machine:
	#local.mode=true

	# Set sudo.pw is used by 'init-slapd', 'start-slapd' and 'stop-slapd' tagets on Linux machine when sudo access required, otherwise leave this value blank
	# The sudo.pw variable must be uncommented and left empty iff installing Symas-OpenLDAP package onto Redhat Linux platform:
	#sudo.pw=

	########################################################################
	# 2. BEGIN HTTP CLIENT CONFIGURATION SECTION (Ignore if using LDAPv3):
	########################################################################

	# The following optional HTTP parameters are needed when Fortress client communicates though EnMasse HTTP proxy (rather than LDAP) server:
	# Setting the enable.mgr.impl.rest to 'true' sets Fortress instance to use HTTP services rather than LDAPv3 protocol. Default value is 'false':
	# Using REST/HTTP allows Fortress communications to pass through firewalls and other non-LDAP network intermediaries.
	enable.mgr.impl.rest=false
	#enable.mgr.impl.rest=true

	# This user account is added automatically during init-slapd or init-apacheds target via 'FortressDemoUsers.xml' policy file:
	http.user=demouser4
	http.pw=password
	http.host=localhost
	http.port=8080
	http.protocol=http

	########################################################################
	# 3. BEGIN LDAP CLIENT CONFIGURATION SECTION: (Ignore if using HTTP):
	########################################################################

	# This param tells fortress what type of ldap server in use:
	#ldap.server.type=openldap
	ldap.server.type=apacheds
	# This is the default:
	ldap.client.type=apache

	# These parameters point fortress to LDAP host:
	ldap.host=localhost
	ldap.port=10389
	enable.ldap.ssl=false
	#ldap.uris=ldap://${ldap.host}:${ldap.port}

	# These are needed for client SSL connections with LDAP Server:
	#enable.ldap.ssl=true
	#ldap.host=fortressdemo2.com
	#ldap.port=10636
	#enable.ldap.ssl.debug=true
	#trust.store=/home/smckinn/GIT/fortressDev/directory-fortress-core/src/test/resources/certs/mytruststore
	#trust.store.password=changeit
	#trust.store.set.prop=true

	# These are needed for slapd startup SSL configuration:
	#ldap.uris=ldap://${ldap.host}:389 ldaps://${ldap.host}:${ldap.port}

	# These are needed for slapd server-side SSL configuration:
	#tls.ca.cert.file=ca-cert.pem
	#tls.cert.file=server-cert.pem
	#tls.key.file=server-key.pem

	# These are used to construct suffix for DIT, i.e. dc=example,dc=com.
	suffix.name=example
	suffix.dc=com
	#suffix.name=coe
	#suffix.dc=hawaii
	#suffix.dc2=edu
	# Do not change suffix param unless you know what you are doing:
	suffix=dc=${suffix.name},dc=${suffix.dc}
	#suffix=dc=${suffix.name},dc=${suffix.dc},dc=${suffix.dc2}

	# These properties define the structure of Fortress DIT:
	users.dn=ou=People,${suffix}
	roles.dn=ou=Roles,ou=RBAC,${suffix}
	policies.dn=ou=Policies,${suffix}
	perms.dn=ou=Permissions,ou=RBAC,${suffix}
	constraints.dn=ou=Constraints,ou=RBAC,${suffix}
	userous.dn=ou=OS-U,ou=ARBAC,${suffix}
	permous.dn=ou=OS-P,ou=ARBAC,${suffix}
	adminroles.dn=ou=AdminRoles,ou=ARBAC,${suffix}
	adminperms.dn=ou=AdminPerms,ou=ARBAC,${suffix}
	audits.dn=cn=log
	groups.dn=ou=Groups,${suffix}

	# These are the connection parameters used for LDAP service account:
	#root.dn=cn=Manager,${suffix}
	root.dn=uid=admin,ou=system
	# Used to load OpenLDAP admin root password in slapd.conf and was encrypted using 'slappasswd' command:
	root.pw={SSHA}pSOV2TpCxj2NMACijkcMko4fGrFopctU
	# This OpenLDAP admin root pass is bound for fortress.properties used by 'admin' pooled connections:
	cfg.root.pw=secret

	# This specifies the number of default LDAP connections to maintain in the pool:
	admin.min.conn=1
	admin.max.conn=10
	# This speicifes the number of user LDAP connections (used for user authentication operations only) to maintain in the pool:
	# User Pool:
	user.min.conn=1
	user.max.conn=10

	# Used for searching slapd logger. Comment out for ApacheDS or other directory servers:
	log.admin.user=cn=Manager,cn=log
	log.admin.pw=secret

	# Used for slapd logger connection pool. Leave zeros when using apacheds:
	min.log.conn=1
	max.log.conn=3

	########################################################################
	# 9. GROUP OBJECT CLASS DEFINITIONS
	########################################################################

	# Use Fortress defined LDAP Group objectclass:
	group.objectclass=configGroup
	group.protocol=configProtocol
	group.properties=configParameter

	# Use Guacamole defined LDAP Group objectclass:
	#group.objectclass=guacConfigGroup
	#group.protocol=guacConfigProtocol
	#group.properties=guacConfigParameter