Google Git
Sign in
apache / directory-server / refs/heads/kerberos-encryption-types / . / server-main / server.xml
blob: 525eca23e3154c57720eac9b9470dd42397d420b [file] [log] [blame]
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN"
"http://www.springframework.org/dtd/spring-beans.dtd">
<beans>
<bean id="environment" class="org.springframework.beans.factory.config.PropertiesFactoryBean">
<property name="properties">
<props>
<prop key="java.naming.security.authentication">simple</prop>
<prop key="java.naming.security.principal">uid=admin,ou=system</prop>
<prop key="java.naming.security.credentials">secret</prop>
<prop key="kdc.entryBaseDn">ou=users,dc=example,dc=com</prop>
<prop key="kdc.java.naming.security.credentials">secret</prop>
<prop key="kdc.encryption.types">aes256-cts-hmac-sha1-96 aes128-cts-hmac-sha1-96 des3-cbc-sha1-kd des-cbc-md5</prop>
<prop key="changepw.entryBaseDn">ou=users,dc=example,dc=com</prop>
<prop key="changepw.java.naming.security.credentials">secret</prop>
<!-- Set this key to a space delimited set of attributeType descriptions
and their OID's if you want an attributeType to be handled as
binary content.
The server will use the schema to derive the set of attributeTypes
to treat as binary. The union if the values you provide here
will be taken as the set of binaries. Note to be consistent you
must add both the OID and all the names an attributeType can have.
-->
<!--
<prop key="java.naming.ldap.attributes.binary"></prop>
-->
</props>
</property>
</bean>
<bean id="configuration" class="org.apache.directory.server.configuration.MutableServerStartupConfiguration">
<property name="workingDirectory" value="example.com" />
<!-- Uncomment below to have the server load entries on startup! -->
<!-- ldifDirectory property can point to a relative file, directory or -->
<!-- can point to an absolute path to either using the URL path -->
<!-- notation: i.e. file:///Users/jack/apacheds/ldifs -->
<property name="ldifDirectory">
<value>/root/ldif-example/kerberos-example.ldif</value>
</property>
<!-- Entries will optionally be filtered using LdifLoadFilters in the -->
<!-- order specified. The included Krb5KdcEntryFilter will conflict -->
<!-- with the KeyDerivationService interceptor, so should not be used. -->
<!--
<property name="ldifFilters">
<list>
<bean class="org.apache.directory.server.protocol.shared.store.Krb5KdcEntryFilter"/>
</list>
</property>
-->
<!-- the number of milliseconds before issuing a synch (flush to disk) -->
<!-- which writes out dirty pages back to disk. To turn off synchs all -->
<!-- together simply set this value to <= 0. Make sure you turn on -->
<!-- synchOnWrite for all partitions if you do choose to do this or else-->
<!-- writes may never persist to disk. -->
<property name="synchPeriodMillis" value="15000" />
<!-- limits searches by non-admin users to a max time of 15000 -->
<!-- milliseconds and has a default value of 10000 -->
<property name="maxTimeLimit" value="15000" />
<!-- limits searches to max size of 1000 entries: default value is 100 -->
<property name="maxSizeLimit" value="1000" />
<!-- maximum number of threads used by mina is set to 8: default is 4 -->
<property name="maxThreads" value="8" />
<property name="allowAnonymousAccess" value="false" />
<property name="accessControlEnabled" value="false" />
<property name="enableNtp" value="false" />
<property name="enableKerberos" value="true" />
<property name="enableChangePassword" value="true" />
<!--
It's more efficient to keep this feature turned off but you may not like
having the creatorsName and modifiersName contain OIDs instead of short
attributeType names instead. So if you want the creatorsName to change
from the normalized form which is the internal representation of
'0.9.2342.19200300.100.1.1=admin,2.5.4.11=system'
to a more human readabile form like:
'uid=admin,ou=system'
then set this property to true.
-->
<property name="denormalizeOpAttrsEnabled" value="false" />
<property name="ldapPort" value="10389" />
<property name="systemPartitionConfiguration" ref="systemPartitionConfiguration" />
<property name="partitionConfigurations">
<set>
<ref bean="examplePartitionConfiguration"/>
</set>
</property>
<property name="extendedOperationHandlers">
<list>
<bean class="org.apache.directory.server.ldap.support.extended.GracefulShutdownHandler"/>
<bean class="org.apache.directory.server.ldap.support.extended.LaunchDiagnosticUiHandler"/>
</list>
</property>
<property name="interceptorConfigurations">
<list>
<bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
<property name="name" value="normalizationService" />
<property name="interceptor">
<bean class="org.apache.directory.server.core.normalization.NormalizationService" />
</property>
</bean>
<bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
<property name="name" value="authenticationService" />
<property name="interceptor">
<bean class="org.apache.directory.server.core.authn.AuthenticationService" />
</property>
</bean>
<bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
<property name="name" value="referralService" />
<property name="interceptor">
<bean class="org.apache.directory.server.core.referral.ReferralService" />
</property>
</bean>
<bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
<property name="name" value="authorizationService" />
<property name="interceptor">
<bean class="org.apache.directory.server.core.authz.AuthorizationService" />
</property>
</bean>
<bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
<property name="name" value="defaultAuthorizationService" />
<property name="interceptor">
<bean class="org.apache.directory.server.core.authz.DefaultAuthorizationService" />
</property>
</bean>
<bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
<property name="name" value="exceptionService" />
<property name="interceptor">
<bean class="org.apache.directory.server.core.exception.ExceptionService" />
</property>
</bean>
<bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
<property name="name" value="operationalAttributeService" />
<property name="interceptor">
<bean class="org.apache.directory.server.core.operational.OperationalAttributeService" />
</property>
</bean>
<bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
<property name="name" value="passwordPolicyService" />
<property name="interceptor">
<bean class="org.apache.directory.server.kerberos.shared.interceptors.PasswordPolicyService" />
</property>
</bean>
<bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
<property name="name" value="keyDerivationService" />
<property name="interceptor">
<bean class="org.apache.directory.server.kerberos.shared.interceptors.KeyDerivationService" />
</property>
</bean>
<bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
<property name="name" value="schemaService" />
<property name="interceptor">
<bean class="org.apache.directory.server.core.schema.SchemaService" />
</property>
</bean>
<bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
<property name="name" value="subentryService" />
<property name="interceptor">
<bean class="org.apache.directory.server.core.subtree.SubentryService" />
</property>
</bean>
<bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
<property name="name" value="collectiveAttributeService" />
<property name="interceptor">
<bean class="org.apache.directory.server.core.collective.CollectiveAttributeService" />
</property>
</bean>
<bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
<property name="name" value="eventService" />
<property name="interceptor">
<bean class="org.apache.directory.server.core.event.EventService" />
</property>
</bean>
<bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
<property name="name" value="triggerService" />
<property name="interceptor">
<bean class="org.apache.directory.server.core.trigger.TriggerService" />
</property>
</bean>
<!-- Uncomment to enable replication service
<bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
<property name="name" value="replicationService" />
<property name="interceptor">
<bean class="org.apache.directory.mitosis.service.ReplicationService">
<property name="configuration">
<bean class="org.apache.directory.mitosis.configuration.ReplicationConfiguration">
<property name="replicaId">
<bean class="org.apache.directory.mitosis.common.ReplicaId">
<constructor-arg>
<value>instance_a</value>
</constructor-arg>
</bean>
</property>
<property name="serverPort" value="10390" />
<property name="peerReplicas" value="instance_b@localhost:10392" />
</bean>
</property>
</bean>
</property>
</bean>
-->
</list>
</property>
</bean>
<!-- use the following partitionConfiguration to override defaults for -->
<!-- the system partition -->
<bean id="systemPartitionConfiguration" class="org.apache.directory.server.core.partition.impl.btree.MutableBTreePartitionConfiguration">
<property name="name" value="system" />
<property name="cacheSize" value="100" />
<property name="suffix" value="ou=system" />
<!-- the optimizer is enabled by default but may not always be what -->
<!-- you want if your queries are really simple -->
<property name="optimizerEnabled" value="true" />
<!--
Synchronization on writes does not wait for synch operations
to flush dirty pages. Writes persist immediately to disk at
a cost to performance with increased data integrity. Otherwise
the periodic synch operation will flush dirty pages using the
synchPeriodMillis parameter in the main configuration.
-->
<property name="synchOnWrite" value="true" />
<property name="indexedAttributes">
<set>
<bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
<property name="attributeId" value="1.3.6.1.4.1.18060.0.4.1.2.1" />
<property name="cacheSize" value="100" />
</bean>
<bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
<property name="attributeId" value="1.3.6.1.4.1.18060.0.4.1.2.2" />
<property name="cacheSize" value="100" />
</bean>
<bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
<property name="attributeId" value="1.3.6.1.4.1.18060.0.4.1.2.3" />
<property name="cacheSize" value="100" />
</bean>
<bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
<property name="attributeId" value="1.3.6.1.4.1.18060.0.4.1.2.4" />
<property name="cacheSize" value="100" />
</bean>
<bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
<property name="attributeId" value="1.3.6.1.4.1.18060.0.4.1.2.5" />
<property name="cacheSize" value="10" />
</bean>
<bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
<property name="attributeId" value="1.3.6.1.4.1.18060.0.4.1.2.6" />
<property name="cacheSize" value="10" />
</bean>
<bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
<property name="attributeId" value="1.3.6.1.4.1.18060.0.4.1.2.7" />
<property name="cacheSize" value="10" />
</bean>
<bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
<property name="attributeId" value="ou" />
<property name="cacheSize" value="100" />
</bean>
<bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
<property name="attributeId" value="uid" />
<property name="cacheSize" value="100" />
</bean>
<bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
<property name="attributeId" value="objectClass" />
<property name="cacheSize" value="100" />
</bean>
</set>
</property>
<property name="contextEntry">
<value>
objectClass: top
objectClass: organizationalUnit
objectClass: extensibleObject
ou: system
</value>
</property>
</bean>
<bean id="examplePartitionConfiguration" class="org.apache.directory.server.core.partition.impl.btree.MutableBTreePartitionConfiguration">
<property name="name" value="example" />
<property name="cacheSize" value="100" />
<property name="suffix" value="dc=example,dc=com" />
<!-- the optimizer is enabled by default but may not always be what -->
<!-- you want if your queries are really simple -->
<property name="optimizerEnabled" value="true" />
<!--
Synchronization on writes does not wait for synch operations
to flush dirty pages. Writes persist immediately to disk at
a cost to performance with increased data integrity. Otherwise
the periodic synch operation will flush dirty pages using the
synchPeriodMillis parameter in the main configuration.
-->
<property name="synchOnWrite" value="true" />
<property name="indexedAttributes">
<set>
<bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
<property name="attributeId" value="1.3.6.1.4.1.18060.0.4.1.2.1" />
<property name="cacheSize" value="100" />
</bean>
<bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
<property name="attributeId" value="1.3.6.1.4.1.18060.0.4.1.2.2" />
<property name="cacheSize" value="100" />
</bean>
<bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
<property name="attributeId" value="1.3.6.1.4.1.18060.0.4.1.2.3" />
<property name="cacheSize" value="100" />
</bean>
<bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
<property name="attributeId" value="1.3.6.1.4.1.18060.0.4.1.2.4" />
<property name="cacheSize" value="100" />
</bean>
<bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
<property name="attributeId" value="1.3.6.1.4.1.18060.0.4.1.2.5" />
<property name="cacheSize" value="10" />
</bean>
<bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
<property name="attributeId" value="1.3.6.1.4.1.18060.0.4.1.2.6" />
<property name="cacheSize" value="10" />
</bean>
<bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
<property name="attributeId" value="1.3.6.1.4.1.18060.0.4.1.2.7" />
<property name="cacheSize" value="10" />
</bean>
<bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
<property name="attributeId" value="dc" />
<property name="cacheSize" value="100" />
</bean>
<bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
<property name="attributeId" value="ou" />
<property name="cacheSize" value="100" />
</bean>
<bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
<property name="attributeId" value="krb5PrincipalName" />
<property name="cacheSize" value="100" />
</bean>
<bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
<property name="attributeId" value="uid" />
<property name="cacheSize" value="100" />
</bean>
<bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
<property name="attributeId" value="objectClass" />
<property name="cacheSize" value="100" />
</bean>
</set>
</property>
<property name="contextEntry">
<value>
objectClass: top
objectClass: domain
objectClass: extensibleObject
dc: example
</value>
</property>
</bean>
<bean class="org.springframework.beans.factory.config.CustomEditorConfigurer">
<property name="customEditors">
<map>
<entry key="javax.naming.directory.Attributes">
<bean class="org.apache.directory.server.core.configuration.AttributesPropertyEditor"/>
</entry>
</map>
</property>
</bean>
</beans>