Licensed to the Apache Software Foundation (ASF) under one or more contributor license agreements. See the NOTICE file distributed with this work for additional information regarding copyright ownership. The ASF licenses this file to you under the Apache License, Version 2.0 (the “License”); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an “AS IS” BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
This document contains instructions to download, build, and test operations using Apache Fortress Rest component.
Minimum hardware requirements:
Minimum software requirements:
Everything else covered in steps that follow. Tested on Debian, Centos & Windows systems.
a. from git:
git clone --branch 2.0.1 https://git-wip-us.apache.org/repos/asf/directory-fortress-enmasse.git cd directory-fortress-enmasse mvn clean install
b. or download package:
wget http://www.apache.org/dist/directory/fortress/dist/2.0.1/fortress-rest-2.0.1-source-release.zip unzip fortress-rest-2.0.1.zip cd fortress-rest-2.0.1 mvn clean install
mvn javadoc:javadoc
These contain the coordinates to the target LDAP server.
cp $FORTRESS_CORE_HOME/config/fortress.properties $FORTRESS_REST_HOME/src/main/resources
# This param tells fortress what type of ldap server in use: ldap.server.type=apacheds # ldap host name host=localhost # if ApacheDS is listening on port=10389 # If ApacheDS, these credentials are used for read/write to fortress DIT admin.user=uid=admin,ou=system admin.pw=secret # This is min/max settings for admin pool connections: min.admin.conn=1 max.admin.conn=10 # This node contains more fortress properties stored on behalf of connecting LDAP clients: config.realm=DEFAULT config.root=ou=Config,dc=example,dc=com # Used by application security components: perms.cached=true # Fortress uses a cache: ehcache.config.file=ehcache.xml # Default for pool reconnect flag is false: enable.pool.reconnect=true
Run maven install with load file:
mvn install -Dload.file=./src/main/resources/FortressRestServerPolicy.xml
<plugin> <groupId>org.codehaus.mojo</groupId> <artifactId>tomcat-maven-plugin</artifactId> <version>${version.tomcat.maven.plugin}</version> <configuration> ... <!-- Warning the tomcat manager creds here are for deploying into a demo environment only. --> <username>tcmanager</username> <password>m@nager123</password> </configuration> </plugin>
cp $FORTRESS_REALM_HOME/proxy/target/fortress-realm-proxy-[version].jar $TOMCAT_HOME/lib
Restart Tomcat server.
Enter maven command to deploy to Tomcat:
mvn tomcat:deploy
mvn tomcat:redeploy
Run unit test:
mvn test -Dtest=EmTest
Test Notes:
Another way to test Fortress Rest is using the Fortress Core APIs which can be configured to communicate via HTTP/REST. To enable Fortress Core test client to route requests through Fortress Rest server, add these properties to build.properties in FORTRESS_CORE_HOME root folder:
Add these credentials to build.properties file located in the directory-fortress-core root folder. It contains the HTTP coordinates to your deployed Fortress Rest server:
http.user=demouser4 http.pw=password http.host=localhost http.port=8080
enable.mgr.impl.rest=true
mvn install
mvn test -Dtest=FortressJUnitTest
All operations should now route through Fortress Rest server.
This section describes the properties needed to control fortress rest.
# Host name and port of LDAP DIT: host=localhost port=10389
# If ApacheDS server: ldap.server.type=apacheds
# Else if OpenLDAP server: ldap.server.type=slapd
# Else leave blank: #ldap.server.type=other
# If ApacheDS it will look something like this: admin.user=uid=admin,ou=system admin.pw=secret
# Else If OpenLDAP it will look something like this: admin.user=cn=Manager,dc=example,dc=com
# This is min/max settings for LDAP connections. For testing and low-volume instances this will work: min.admin.conn=1 max.admin.conn=10
# This node contains fortress properties stored on behalf of connecting LDAP clients: config.realm=DEFAULT config.root=ou=Config,dc=example,dc=com
# Used for SSL Connection to LDAP Server: enable.ldap.ssl=true enable.ldap.ssl.debug=true trust.store=/fully/qualified/path/and/file/name/to/java/truststore trust.store.password=changeit trust.store.set.prop=true
# ApacheDS stores its password policies objects here by default: apacheds.pwpolicy.root=ou=passwordPolicies,ads-interceptorId=authenticationInterceptor,ou=interceptors,ads-directoryServiceId=default,ou=config
# This is the default tenant or home context contextId=HOME
# If you need to scope to a different tenant, supply its ID here: contextId=mytenantid