| <?xml version="1.0" encoding="UTF-8"?> |
| |
| <!-- |
| Licensed to the Apache Software Foundation (ASF) under one |
| or more contributor license agreements. See the NOTICE file |
| distributed with this work for additional information |
| regarding copyright ownership. The ASF licenses this file |
| to you under the Apache License, Version 2.0 (the |
| "License"); you may not use this file except in compliance |
| with the License. You may obtain a copy of the License at |
| |
| http://www.apache.org/licenses/LICENSE-2.0 |
| |
| Unless required by applicable law or agreed to in writing, |
| software distributed under the License is distributed on an |
| "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
| KIND, either express or implied. See the License for the |
| specific language governing permissions and limitations |
| under the License. |
| --> |
| |
| |
| <spring:beans xmlns:spring="http://xbean.apache.org/schemas/spring/1.0" |
| xmlns:s="http://www.springframework.org/schema/beans" |
| xmlns="http://apacheds.org/config/1.0"> |
| |
| <defaultDirectoryService id="directoryService" instanceId="default" |
| workingDirectory="example.com" |
| allowAnonymousAccess="true" |
| accessControlEnabled="false" |
| denormalizeOpAttrsEnabled="false"> |
| <systemPartition> |
| <!-- use the following partitionConfiguration to override defaults for --> |
| <!-- the system partition --> |
| <jdbmPartition id="system" cacheSize="100" suffix="ou=system" optimizerEnabled="true" syncOnWrite="true"> |
| <indexedAttributes> |
| <jdbmIndex attributeId="1.3.6.1.4.1.18060.0.4.1.2.1" cacheSize="100"/> |
| <jdbmIndex attributeId="1.3.6.1.4.1.18060.0.4.1.2.2" cacheSize="100"/> |
| <jdbmIndex attributeId="1.3.6.1.4.1.18060.0.4.1.2.3" cacheSize="100"/> |
| <jdbmIndex attributeId="1.3.6.1.4.1.18060.0.4.1.2.4" cacheSize="100"/> |
| <jdbmIndex attributeId="1.3.6.1.4.1.18060.0.4.1.2.5" cacheSize="10"/> |
| <jdbmIndex attributeId="1.3.6.1.4.1.18060.0.4.1.2.6" cacheSize="10"/> |
| <jdbmIndex attributeId="1.3.6.1.4.1.18060.0.4.1.2.7" cacheSize="10"/> |
| <jdbmIndex attributeId="ou" cacheSize="100"/> |
| <jdbmIndex attributeId="uid" cacheSize="100"/> |
| <jdbmIndex attributeId="objectClass" cacheSize="100"/> |
| </indexedAttributes> |
| <contextEntry>#systemContextEntry</contextEntry> |
| <!-- contextEntry> |
| <s:value> |
| objectClass: top |
| objectClass: organizationalUnit |
| objectClass: extensibleObject |
| ou: system |
| </s:value> |
| </contextEntry --> |
| </jdbmPartition> |
| </systemPartition> |
| |
| <partitions> |
| <!-- NOTE: when specifying new partitions you need not include those --> |
| <!-- attributes below with OID's which are the system indices, if left --> |
| <!-- out they will be automatically configured for you with defaults. --> |
| <jdbmPartition id="example" cacheSize="100" suffix="dc=example,dc=com" optimizerEnabled="true" |
| syncOnWrite="true"> |
| <indexedAttributes> |
| <jdbmIndex attributeId="1.3.6.1.4.1.18060.0.4.1.2.1" cacheSize="100"/> |
| <jdbmIndex attributeId="1.3.6.1.4.1.18060.0.4.1.2.2" cacheSize="100"/> |
| <jdbmIndex attributeId="1.3.6.1.4.1.18060.0.4.1.2.3" cacheSize="100"/> |
| <jdbmIndex attributeId="1.3.6.1.4.1.18060.0.4.1.2.4" cacheSize="100"/> |
| <jdbmIndex attributeId="1.3.6.1.4.1.18060.0.4.1.2.5" cacheSize="10"/> |
| <jdbmIndex attributeId="1.3.6.1.4.1.18060.0.4.1.2.6" cacheSize="10"/> |
| <jdbmIndex attributeId="1.3.6.1.4.1.18060.0.4.1.2.7" cacheSize="10"/> |
| <jdbmIndex attributeId="dc" cacheSize="100"/> |
| <jdbmIndex attributeId="ou" cacheSize="100"/> |
| <jdbmIndex attributeId="krb5PrincipalName" cacheSize="100"/> |
| <jdbmIndex attributeId="uid" cacheSize="100"/> |
| <jdbmIndex attributeId="objectClass" cacheSize="100"/> |
| </indexedAttributes> |
| <contextEntry>#exampleContextEntry</contextEntry> |
| <!-- contextEntry> |
| <s:value> |
| objectClass: top |
| objectClass: domain |
| objectClass: extensibleObject |
| dc: example |
| </s:value> |
| </contextEntry --> |
| </jdbmPartition> |
| </partitions> |
| |
| <interceptors> |
| <normalizationInterceptor/> |
| <authenticationInterceptor/> |
| <referralInterceptor/> |
| <aciAuthorizationInterceptor/> |
| <defaultAuthorizationInterceptor/> |
| <exceptionInterceptor/> |
| <operationalAttributeInterceptor/> |
| |
| <!-- Uncomment to enable the password policy interceptor |
| <passwordPolicyInterceptor/> |
| <keyDerivationInterceptor/> |
| --> |
| |
| <schemaInterceptor/> |
| <subentryInterceptor/> |
| <collectiveAttributeInterceptor/> |
| <eventInterceptor/> |
| <triggerInterceptor/> |
| |
| <!-- Uncomment to enable replication interceptor |
| <replicationInterceptor> |
| <configuration> |
| <replicationConfiguration serverPort="10390" peerReplicas="instance_b@localhost:10392"> |
| <replicaId> |
| <replicaId id="instance_a"/> |
| </replicaId> |
| </replicationConfiguration> |
| </configuration> |
| </replicationInterceptor> |
| --> |
| </interceptors> |
| </defaultDirectoryService> |
| |
| <standardThreadPool id="standardThreadPool" maxThreads="8"/> |
| <datagramAcceptor id="datagramAcceptor" logicExecutor="#standardThreadPool"/> |
| <socketAcceptor id="socketAcceptor" logicExecutor="#standardThreadPool"/> |
| |
| <!-- missing atou=users,dc=example,dc=com |
| <changePasswordServer ipPort="60464"> |
| <directoryService>#directoryService</directoryService> |
| <datagramAcceptor>#datagramAcceptor</datagramAcceptor> |
| <socketAcceptor>#socketAcceptor</socketAcceptor> |
| </changePasswordServer> |
| --> |
| <!-- missing atou=users,dc=example,dc=com |
| <kdcServer ipPort="60088"> |
| <directoryService>#directoryService</directoryService> |
| <datagramAcceptor>#datagramAcceptor</datagramAcceptor> |
| <socketAcceptor>#socketAcceptor</socketAcceptor> |
| </kdcServer> |
| --> |
| <ntpServer ipPort="60123"> |
| <datagramAcceptor>#datagramAcceptor</datagramAcceptor> |
| <socketAcceptor>#socketAcceptor</socketAcceptor> |
| </ntpServer> |
| <!-- missing atou=users,dc=example,dc=com |
| <dnsServer ipPort="8053"> |
| <directoryService>#directoryService</directoryService> |
| <datagramAcceptor>#datagramAcceptor</datagramAcceptor> |
| <socketAcceptor>#socketAcceptor</socketAcceptor> |
| </dnsServer> |
| --> |
| |
| <ldapServer id="ldapsServer" |
| enabled="true" |
| ipPort="10636" |
| enableLdaps="true"> |
| <directoryService>#directoryService</directoryService> |
| <socketAcceptor>#socketAcceptor</socketAcceptor> |
| </ldapServer> |
| |
| |
| <ldapServer id="ldapServer" |
| ipPort="10389" |
| allowAnonymousAccess="false" |
| saslHost="ldap.example.com" |
| saslPrincipal="ldap/ldap.example.com@EXAMPLE.COM" |
| searchBaseDn="ou=users,ou=system" |
| maxTimeLimit="15000" |
| maxSizeLimit="1000"> |
| |
| <directoryService>#directoryService</directoryService> |
| <socketAcceptor>#socketAcceptor</socketAcceptor> |
| |
| <!-- The list of supported authentication mechanisms. --> |
| <saslMechanismHandlers> |
| <simpleMechanismHandler mech-name="SIMPLE"/> |
| <cramMd5MechanismHandler mech-name="CRAM-MD5" directoryService="#directoryService"/> |
| <digestMd5MechanismHandler mech-name="DIGEST-MD5" directoryService="#directoryService"/> |
| <gssapiMechanismHandler mech-name="GSSAPI" directoryService="#directoryService"/> |
| <ntlmMechanismHandler mech-name="NTLM" ntlmProviderFqcn="com.foo.Bar"/> |
| <ntlmMechanismHandler mech-name="GSS-SPNEGO" ntlmProviderFqcn="com.foo.Bar"/> |
| </saslMechanismHandlers> |
| |
| <!-- The desired quality-of-protection, used by DIGEST-MD5 and GSSAPI. --> |
| <saslQop> |
| <s:value>auth</s:value> |
| <s:value>auth-int</s:value> |
| <s:value>auth-conf</s:value> |
| </saslQop> |
| |
| <!-- The realms serviced by this SASL host, used by DIGEST-MD5 and GSSAPI. --> |
| <saslRealms> |
| <s:value>example.com</s:value> |
| <s:value>apache.org</s:value> |
| </saslRealms> |
| |
| <!-- the collection of extended operation handlers to install --> |
| <extendedOperationHandlers> |
| <startTlsHandler/> |
| <gracefulShutdownHandler/> |
| <launchDiagnosticUiHandler/> |
| <!-- The Stored Procedure Extended Operation is not stable yet and it may cause security risks.--> |
| <!--storedProcedureExtendedOperationHandler/--> |
| </extendedOperationHandlers> |
| </ldapServer> |
| |
| |
| <apacheDS id="apacheDS" |
| synchPeriodMillis="15000" |
| allowAnonymousAccess="false"> |
| |
| <directoryService>#directoryService</directoryService> |
| <ldapServer>#ldapServer</ldapServer> |
| <ldapsServer>#ldapsServer</ldapsServer> |
| </apacheDS> |
| |
| <spring:bean id="systemContextEntry" |
| class="org.springframework.beans.factory.config.MethodInvokingFactoryBean"> |
| <spring:property name="targetObject"><spring:ref local='directoryService'/></spring:property> |
| <spring:property name="targetMethod"><spring:value>newEntry</spring:value></spring:property> |
| <spring:property name="arguments"> |
| <spring:list> |
| <spring:value xmlns="http://www.springframework.org/schema/beans"> |
| objectClass: top |
| objectClass: organizationalUnit |
| objectClass: extensibleObject |
| ou: system |
| </spring:value> |
| <spring:value>ou=system</spring:value> |
| </spring:list> |
| </spring:property> |
| </spring:bean> |
| |
| <spring:bean id="exampleContextEntry" |
| class="org.springframework.beans.factory.config.MethodInvokingFactoryBean"> |
| <spring:property name="targetObject"><spring:ref local='directoryService'/></spring:property> |
| <spring:property name="targetMethod"><spring:value>newEntry</spring:value></spring:property> |
| <spring:property name="arguments"> |
| <spring:list> |
| <spring:value xmlns="http://www.springframework.org/schema/beans"> |
| objectClass: top |
| objectClass: domain |
| objectClass: extensibleObject |
| dc: example |
| </spring:value> |
| <spring:value>dc=example,dc=com</spring:value> |
| </spring:list> |
| </spring:property> |
| </spring:bean> |
| |
| <!-- another bean I didn't convert --> |
| <spring:bean class="org.springframework.beans.factory.config.CustomEditorConfigurer"> |
| <spring:property name="customEditors"> |
| <spring:map> |
| <spring:entry key="javax.naming.directory.Attributes"> |
| <spring:bean class="org.apache.directory.server.core.configuration.AttributesPropertyEditor"/> |
| </spring:entry> |
| </spring:map> |
| </spring:property> |
| </spring:bean> |
| </spring:beans> |