Hi Mark,
Please try to maintain nettiquette by using a prefix and a descriptive
email subject. That way the proper people can address your concerns
rapidly. Also you tacked on your questions to an existing email
thread. People may ignore it if its in a thread they are not interested
in. Coming out and saying it's regarding the Kerberos server may
trigger people to respond.
I understand though that your problem was related to configuration.
Just trying to give pointers on how you can get the best response
quickest. Please don't take this personally or as a hazing its just the
way we do things here - I would recommend this to anyone :-).
Mark Wilcox wrote:
Is there a Wiki page or URL (or a simple mail message :)) -- to show
how to enable the Kerberos service provider? I want to minimic a dual
KDC setup (this is common in Active Directory implementations in
higher ed where you have one AD tree for students and another for
staff). ApacheDS seems to be the simplest approach.
You can turn it on in 0.9 using Kerberos specific properties using
EnvKeys.ENABLE_KERBEROS set to true or on. This will start the embedded
Kerberos server. Other properties also exist for configuring the KDC.
These properties are found in the KdcConfiguration. Perhaps Enrique has
a wiki page out there on this stuff where these properties documented.
For now look at KdcConfiguration for 0.9. It extracts properties from
the environment given to it in the constructor if you look here:
http://svn.apache.org/viewcvs.cgi/directory/shared/kerberos/trunk/common/src/java/org/apache/kerberos/service/KdcConfiguration.java?rev=168482&view=markup
The JNDI provider in the main of apacheds gives these properties to the
KdcConfiguration and uses that to start the KDC's protocol provider and
register it with MINA.
But I can't seem to find any docs on how to actually enable the
Kerberos service provider.
Sorry about that. We should have the docs out there soon.
I'm using the .9 release of ApacheDS.
Alex
