| # |
| # Copyright (c) 2009-2013. JoshuaTree. All Rights Reserved. |
| # |
| |
| ######################################################################## |
| # 0. About the fortress build.properties file |
| ######################################################################## |
| |
| # Use this property file to specify environment settings specific to your environment and fortress runtime components. |
| # These parameters will be loaded into the following locations by the Fortress during the init targets within the build.xml ant management utility: |
| # a. fortress.properties - Fortress' configuration file tells fortress runtime how to connect to remote resources |
| # b. refreshLDAPData.xml - Used by fortress to initialize and base load the LDAP DIT data structures. Fortress also stores runtime params inside 'ou=Config' container on remote server. |
| # c. slapd.conf - This will be used to configure the runtime OpenLDAP server (slapd) if applicable. |
| |
| ######################################################################## |
| # 1. BEGIN BASIC CONFIGURATION SECTION |
| ######################################################################## |
| |
| # Use this Fortress Core version: |
| version=1.0-RC33 |
| |
| # Enable local.mode property if your machine does not have connection to Internet and runtime dependencies have already downloaded to FORTRESS_HOME/lib folder on this machine: |
| #local.mode=true |
| |
| # Set sudo.pw if running 'init-slapd' on Linux machine and sudo access required, otherwise leave this value blank |
| # The sudo.pw variable must be uncommented and left empty iff installing Symas-OpenLDAP package onto Redhat Linux platform: |
| sudo.pw= |
| |
| # If encryption of LDAP &/or HTTP service account passwords (e.g. cfg.root.pw, cfg.log.root.pw and http.pw params) is required, this field must be set. |
| # If encryption of service accounts not needed, leave this value blank, and set the password values for cfg.root.pw, cfg.log.root.pw and http.pw to be their clear text value. |
| # Use any arbitrary value here but whatever used must also be key used to encrypt. |
| crypto.prop=abcd12345 |
| |
| ######################################################################## |
| # 2. BEGIN HTTP CONFIGURATION SECTION (Ignore if using LDAPv3): |
| ######################################################################## |
| |
| # The following optional HTTP parameters are needed when Fortress client communicates though EnMasse HTTP proxy (rather than LDAP) server: |
| # Setting the enable.mgr.impl.rest to 'true' sets Fortress instance to use HTTP services rather than LDAPv3 protocol. Default value is 'false': |
| # Using REST/HTTP allows Fortress communications to pass through firewalls and other non-LDAP network intermediaries. |
| enable.mgr.impl.rest=false |
| #enable.mgr.impl.rest=true |
| |
| # This user account is added automatically during init-slapd or init-apacheds target via 'FortressDemoUsers.xml' policy file: |
| http.user=demouser4 |
| http.pw=gX9JbCTxJW5RiH+otQEX0Ja0RIAoPBQf |
| http.host=localhost |
| http.port=8080 |
| |
| ######################################################################## |
| # 3. BEGIN LDAP SERVER CONFIGURATION SECTION: (Ignore if using HTTP): |
| ######################################################################## |
| |
| # This param tells fortress what type of ldap server in use: |
| ldap.server.type=openldap |
| #ldap.server.type=apacheds |
| # This is the default: |
| #ldap.client.type=unboundid |
| # To override and use apache ldap API uncomment this: |
| #ldap.client.type=apache |
| |
| # These parameters point fortress to LDAP host: |
| ldap.host=localhost |
| ldap.port=389 |
| #ldap.host=192.168.1.102 |
| #ldap.port=10389 |
| |
| # These are used to construct suffix for DIT, i.e. dc=example,dc=com. |
| suffix.name=jts |
| suffix.dc=us |
| #suffix.name=example |
| #suffix.dc=com |
| # Do not change suffix param unless you know what you are doing: |
| suffix=dc=${suffix.name},dc=${suffix.dc} |
| |
| # These are the connection parameters used for LDAP service account: |
| root.dn=cn=Manager,${suffix} |
| #root.dn=uid=admin,ou=system |
| # Used to load OpenLDAP admin root password in slapd.conf and was encrypted using 'slappasswd' command: |
| root.pw={SSHA}pSOV2TpCxj2NMACijkcMko4fGrFopctU |
| # This OpenLDAP admin root pass is bound for fortress.properties and was encrypted using 'encrypt' target in build.xml: |
| cfg.root.pw=W7T0G9hylKZQ4K+DF8gfgA== |
| |
| # This specifies the number of default LDAP connections to maintain in the pool: |
| admin.min.conn=1 |
| admin.max.conn=10 |
| # This speicifes the number of user LDAP connections (used for user authentication operations only) to maintain in the pool: |
| # User Pool: |
| user.min.conn=1 |
| user.max.conn=10 |
| |
| #################################################################################### |
| # 4. BEGIN OPENLDAP SERVER CONFIGURATION SECTION: (Ignore if using HTTP or ApacheDS): |
| #################################################################################### |
| |
| # This speicifes the number of audit logging LDAP connections (used for audit logging operations only) to maintain in the pool: |
| # Audit Pool: |
| log.min.conn=1 |
| log.max.conn=3 |
| |
| #These are passwords used for LDAP audit log service accounts: |
| # Audit Pool: |
| log.root.dn=cn=Manager,${log.suffix} |
| # This OpenLDAP slapd logger password is bound for slapd.conf and was encrypted using 'slappasswd' command: |
| log.root.pw={SSHA}pSOV2TpCxj2NMACijkcMko4fGrFopctU |
| # This OpenLDAP slapd logger password will be stored using fortress' remote configuration utility and was encrypted using 'encrypt' target in build.xml: |
| cfg.log.root.pw=W7T0G9hylKZQ4K+DF8gfgA== |
| # More Audit Config: |
| log.suffix=cn=log |
| log.ops=logops bind writes compare |
| #log.ops=###AuditDisabled |
| |
| # OpenLDAP MDB Backend config is default setting for Fortress:: |
| db.type=mdb |
| dflt.rdrs=maxreaders 64 |
| dflt.size=maxsize 1000000000 |
| log.rdrs=maxreaders 64 |
| log.size=maxsize 1000000000 |
| dflt.bdb.cache.size= |
| dflt.bdb.cache.idle.size= |
| log.bdb.cache.size= |
| |
| #base.load.script=FortressDemoUsers.xml |
| |
| # Do not change any params below this line unless you know what you are doing: |
| |
| ## If using Symas OpenLDAP on NIX, uncomment this section: |
| db.root=/var/openldap |
| openldap.root=/opt/symas |
| slapd.dir=${openldap.root}/etc/openldap |
| # to start debug mode: |
| #slapd.start=${openldap.root}/lib/slapd -h ldap://${ldap.host}:${ldap.port} -f ${openldap.root}/etc/openldap/slapd.conf -F ${openldap.root}/etc/openldap -d -1 |
| pid.dir=/var/symas |
| |
| db.dir=${db.root}/dflt |
| db.hist.dir=${db.root}/hist |
| db.bak.dir=${db.root}/backup/dflt |
| db.bak.hist.dir=${db.root}/backup/hist |
| |
| # unless you know what you're doing, take the default: |
| log.dbnosynch=dbnosync |
| #log.dbnosynch= |
| dflt.dbnosynch=dbnosync |
| #dflt.dbnosynch= |
| log.checkpoint=checkpoint 64 5 |
| dflt.checkpoint=checkpoint 64 5 |
| |
| ## If using Debian/Ubuntu OpenLDAP, uncomment this section: |
| #unless you know what you're doing, take the default: |
| #db.dir=/var/lib/ldap |
| #db.hist.dir=${db.dir}/hist |
| #db.bak.dir=/var/lib/ldap-backup/db |
| #db.bak.hist.dir=/var/lib/ldap-backup/hist |
| #slapd.dir=/etc/ldap |
| #pid.dir=/var/run/slapd |
| #slapd.module.dir=/usr/lib/ldap |
| #slapd.start=slapd -h ldap://${ldap.host}:${ldap.port} -f /etc/ldap/slapd.conf |
| |
| |
| ########################################################################################### |
| # 5. BEGIN SYMAS-OPENLDAP INSTALL CONFIGURATION SECTION (Ignore if using ApacheDS or HTTP): |
| ########################################################################################### |
| |
| ## If using Symas OpenLDAP, uncomment single option from #1 - 8 below: |
| # Each of the options are used for a particular Symas-OpenLDAP platform. |
| |
| # Option 1 - Debian i386 Silver: |
| #platform=Debian-Silver-i386 |
| #slapd.install=dpkg -i symas-openldap-silver.32_2.4.35-1_i386.deb |
| #slapd.uninstall=dpkg -r symas-openldap-silver |
| #install.image.dir=/home/smckinn/archives/debian32 |
| #slapd.module.dir=${openldap.root}/lib/openldap |
| #slapd.start=${openldap.root}/lib/slapd -h ldap://${ldap.host}:${ldap.port} -f ${openldap.root}/etc/openldap/slapd.conf -F ${openldap.root}/etc/openldap |
| |
| # Option 2 - Debian 64-bit Silver: |
| platform=Debian-Silver-x86-64 |
| #slapd.install=dpkg -i symas-openldap-silver.64_2.4.35-1_amd64.deb |
| #slapd.uninstall=dpkg -r symas-openldap-silver |
| install.image.dir=/home/smckinn/archives/debian64 |
| slapd.module.dir=${openldap.root}/lib64/openldap |
| slapd.start=${openldap.root}/lib64/slapd -h ldap://${ldap.host}:${ldap.port} -f ${openldap.root}/etc/openldap/slapd.conf -F ${openldap.root}/etc/openldap |
| |
| # Option 3 - Debian i386 Gold: |
| #platform=Debian-Gold-i386 |
| #slapd.install=dpkg -i symas-openldap-gold.32_2.4.29-1_i386.deb |
| #slapd.uninstall=dpkg -r symas-openldap-gold.32 |
| |
| # Option 4 - Redhat i386 Silver: |
| #platform=Redhat-Silver-i386 |
| #slapd.install=rpm -Uvv symas-openldap-silver.i386-2.4.35-1.rpm |
| #slapd.uninstall=rpm -e symas-openldap-silver |
| #install.image.dir=/home/smckinn/archives/redhat32 |
| #slapd.module.dir=${openldap.root}/lib/openldap |
| #slapd.start=${openldap.root}/lib/slapd -h ldap://${ldap.host}:${ldap.port} -f ${openldap.root}/etc/openldap/slapd.conf -F ${openldap.root}/etc/openldap |
| |
| # Option 5 - Redhat i386 Gold: |
| #platform=Redhat-Gold-i386 |
| #slapd.install=rpm -Uvv symas-openldap-gold.i386-2.4.28-1.rpm |
| #slapd.uninstall=rpm -e symas-openldap-gold |
| |
| # Option 6 - Redhat 64-bit Silver: |
| #platform=Redhat-Silver-x86-64 |
| #slapd.install=rpm -Uvv symas-openldap-silver.x86_64-2.4.35-1.rpm |
| #slapd.uninstall=rpm -e symas-openldap-silver |
| #install.image.dir=/home/smckinn/archives/redhat64 |
| #slapd.module.dir=${openldap.root}/lib64/openldap |
| #slapd.start=${openldap.root}/lib64/slapd -h ldap://${ldap.host}:${ldap.port} -f ${openldap.root}/etc/openldap/slapd.conf -F ${openldap.root}/etc/openldap |
| |
| # Option 7 - Windows 32-bit Silver: |
| #platform=Windows-Silver-i686 |
| #slapd.exe.drive=C |
| #slapd.exe.dir=OpenLDAP |
| #fortress.home.drive=C |
| #windows=true |
| #install.image.dir=/home/smckinn/archives/win32 |
| #install.image.loc=symas-openldap |
| #install.image.exe=symas-openldap-silver-win.NT_i686-2.4.32.2 |
| #uninstall.image.exe=uninstall-symas-openldap-silver-win |
| #pid.dir=. |
| #slapd.exe.location=${slapd.exe.drive}:\\${slapd.exe.dir} |
| #slapd.exe.location2=${slapd.exe.drive}:/${slapd.exe.dir} |
| #db.root=${slapd.exe.location2}/db |
| #slapd.dir=${slapd.exe.location2}/etc/openldap |
| #slapd.module.dir=${slapd.exe.location2}/openldap |
| #dflt.size=maxsize 100000000 |
| #log.size=maxsize 100000000 |
| |
| # Option 8 - Windows 32-bit Gold |
| #platform=Windows-Gold-i686 |
| #windows=true |
| #slapd.exe.dir=/JavaTools/symas-openldap-gold-win |
| #db.dir=/JavaTools/symas-openldap-gold-win/ldap |
| #db.hist.dir=${db.dir}/hist |
| #db.bak.dir=/JavaTools/symas-openldap-gold-win/ldap-backup/db |
| #db.bak.hist.dir=/JavaTools/symas-openldap-gold-win/ldap-backup/hist |
| #slapd.dir=/JavaTools/symas-openldap-gold-win/etc/ldap |
| #pid.dir=. |
| #slapd.module.dir=/JavaTools/symas-openldap-gold-win/openldap |
| #slapd.start=slapd.exe -f \JavaTools\symas-openldap-gold-win\etc\openldap\slapd.conf |
| |
| ## If Fortress Builder used to install OpenLDAP, uncomment and set value to point for Fortress Builder home folder: |
| #builder.home=/home/smckinn/tmp/fortress/8/fortressBuilder-Debian-Silver-i386-1.0.0-rc6 |
| |
| ######################################################################################## |
| # 6. BEGIN BUILDER INSTALL CONFIGURATION SECTION (Do not modify): |
| ######################################################################################## |
| |
| # Only needed for EnMasse setup: |
| M2_HOME=./apache-maven |
| #M2_HOME=/usr/share/maven2 |
| |
| tomcat-realm.conf=<Realm className="us.jts.sentry.tomcat.Tc7AccessMgrProxy" debug="0" resourceName="UserDatabase" containerType="Tomcat7" realmClasspath="${user.dir}${file.separator}conf${path.separator}${user.dir}${file.separator}dist${file.separator}fortressSentry-${version}.jar"/> |
| tomcat.dir=../apache-tomcat |
| |
| #These props are for 'Builder' target and have been moved here: "${user.home}/build.properties" |
| openldap.install.artifact.dir=${basedir} |
| #openldap.install.artifact.dir=${basedir}/symas-openldap |
| #tomcat.image.dir=/home/smckinn/archives/tomcat/apache-tomcat-7.0.27 |
| #maven.image.dir=/home/smckinn/archives/java/apache-maven-3.0.4 |
| |
| ######################################################################## |
| # 7. BEGIN MULTITNENACY TESTING SECTION (Set tenant=Client123 if not multitenant): |
| ######################################################################## |
| # The tenant property is used by Ant targets 'admin', 'cli', 'console', 'test-full', and 'test-samples': |
| tenant=HOME |
| #tenant=Client123 |
| #tenant=Client456 |
| #tenant=Client789 |