masonjm 2004/08/10 14:08:56
Modified: src/conf/webapp Tag: SLIDE_2_1_RELEASE_BRANCH
JNDI-Domain.xml
Log:
Some cleanup and minor config changes
Revision Changes Path
No revision
No revision
1.2.2.1 +79 -156 jakarta-slide/src/conf/webapp/JNDI-Domain.xml
Index: JNDI-Domain.xml
===================================================================
RCS file: /home/cvs/jakarta-slide/src/conf/webapp/JNDI-Domain.xml,v
retrieving revision 1.2
retrieving revision 1.2.2.1
diff -u -r1.2 -r1.2.2.1
--- JNDI-Domain.xml 24 Jun 2004 14:00:52 -0000 1.2
+++ JNDI-Domain.xml 10 Aug 2004 21:08:56 -0000 1.2.2.1
@@ -2,13 +2,11 @@
<slide>
<namespace name="slide">
<definition>
- <!-- Use the Tx Stores for the main store. JNDIPrincipalStore
-*cannot* do this -->
+ <!-- Use the Tx Stores for the main store. JNDIPrincipalStore
*cannot* do this -->
<store name="main">
- <nodestore
-
classname="org.apache.slide.store.txfile.TxXMLFileDescriptorsStore">
- <parameter
name="rootpath">main/store/metadata</parameter>
- <parameter
name="workpath">main/work/metadata</parameter>
+ <nodestore
classname="org.apache.slide.store.txfile.TxXMLFileDescriptorsStore">
+ <parameter
name="rootpath">store/metadata</parameter>
+ <parameter
name="workpath">work/metadata</parameter>
</nodestore>
<securitystore>
<reference store="nodestore"/>
@@ -22,43 +20,34 @@
<revisiondescriptorstore>
<reference store="nodestore"/>
</revisiondescriptorstore>
- <contentstore
-
classname="org.apache.slide.store.txfile.TxFileContentStore">
- <parameter
name="rootpath">main/store/content</parameter>
- <parameter
name="workpath">main/work/content</parameter>
+ <contentstore
classname="org.apache.slide.store.txfile.TxFileContentStore">
+ <parameter
name="rootpath">store/content</parameter>
+ <parameter
name="workpath">work/content</parameter>
</contentstore>
</store>
<!-- Use a JNDIPrincipalStore to for users -->
<store name="users">
- <nodestore
-
classname="org.apache.slide.store.txjndi.JNDIPrincipalStore"
- >
+ <nodestore
classname="org.apache.slide.store.txjndi.JNDIPrincipalStore">
+ <!-- See javadoc for JNDIPrincipalStore for
description of parameters -->
+ <parameter
name="cache.refresh.checkrate">15</parameter>
+ <parameter
name="cache.refresh.rate">600</parameter>
+ <parameter
name="cache.refresh.threshold">500</parameter>
<parameter
name="jndi.container">ou=XXXXXX,o=XXXXXXXX</parameter>
<parameter
name="jndi.attributes.rdn">uid</parameter>
- <parameter name="jndi.search.filter">
- (objectClass=inetOrgPerson)</parameter>
+ <parameter
name="jndi.search.filter">(objectClass=inetOrgPerson)</parameter>
<parameter
name="jndi.search.scope">ONELEVEL_SCOPE</parameter>
- <parameter name="jndi.search.attributes">
-
postalCode,initials,givenName,uid,mail,fullName,telephoneNumber,title,facsimileTelephoneNumber,groupMembership,l,sn,cn</parameter>
- <parameter name="java.naming.provider.url">
- ldap://xxxxxxxxxxxxxxxx</parameter>
- <parameter name="java.naming.factory.initial">
-
com.sun.jndi.ldap.LdapCtxFactory</parameter>
- <parameter
name="java.naming.security.principal">
- xxxxxxxxxxxxxxxx</parameter>
+ <parameter
name="jndi.search.attributes">postalCode,initials,givenName,uid,mail,fullName,telephoneNumber,title,facsimileTelephoneNumber,groupMembership,l,sn,cn</parameter>
+ <parameter
name="java.naming.provider.url">ldap://xxxxxxxxxxxxxxxx</parameter>
+ <parameter
name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory</parameter>
+ <parameter
name="java.naming.security.principal">xxxxxxxxxxxxxxxx</parameter>
<parameter
name="java.naming.security.authentication">simple</parameter>
- <parameter
name="java.naming.security.credentials">
- xxxxxxxxxxxxxxxxxx</parameter>
+ <parameter
name="java.naming.security.credentials">xxxxxxxxxxxxxxxxxx</parameter>
</nodestore>
- <!-- Use a Tx Store to store security and lock
information -->
- <securitystore
-
classname="org.apache.slide.store.txfile.TxXMLFileDescriptorsStore"
- >
- <parameter
name="rootpath">users/store/metadata</parameter>
- <parameter
name="workpath">users/work/metadata</parameter>
+ <securitystore>
+ <reference store="nodestore"/>
</securitystore>
<lockstore>
- <reference store="securitystore"/>
+ <reference store="nodestore"/>
</lockstore>
<revisiondescriptorsstore>
<reference store="nodestore"/>
@@ -72,37 +61,28 @@
</store>
<!-- Use a JNDIPrincipalStore for roles -->
<store name="roles">
- <nodestore
-
classname="org.apache.slide.store.txjndi.JNDIPrincipalStore"
- >
- <parameter name="jndi.container">
-
ou=XXXXX,ou=XXXXX,o=XXXXXXXXX</parameter>
+ <nodestore
classname="org.apache.slide.store.txjndi.JNDIPrincipalStore">
+ <!-- See javadoc for JNDIPrincipalStore for
description of parameters -->
+ <parameter
name="cache.refresh.checkrate">15</parameter>
+ <parameter
name="cache.refresh.rate">600</parameter>
+ <parameter
name="cache.refresh.threshold">500</parameter>
+ <parameter
name="jndi.container">ou=XXXXX,ou=XXXXX,o=XXXXXXXXX</parameter>
<parameter
name="jndi.attributes.rdn">cn</parameter>
- <parameter
name="jndi.attributes.groupmemberset">
- uniqueMember</parameter>
- <parameter name="jndi.search.filter">
- objectClass=groupOfNames</parameter>
+ <parameter
name="jndi.attributes.groupmemberset">uniqueMember</parameter>
+ <parameter
name="jndi.search.filter">objectClass=groupOfNames</parameter>
<parameter
name="jndi.search.scope">ONELEVEL_SCOPE</parameter>
<parameter
name="jndi.search.attributes">cn</parameter>
- <parameter name="java.naming.provider.url">
- ldap://xxxxxxxxxxxxxx</parameter>
- <parameter name="java.naming.factory.initial">
-
com.sun.jndi.ldap.LdapCtxFactory</parameter>
- <parameter
name="java.naming.security.principal">
- xxxxxxxxxxxxxxxxxx</parameter>
+ <parameter
name="java.naming.provider.url">ldap://xxxxxxxxxxxxxx</parameter>
+ <parameter
name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory</parameter>
+ <parameter
name="java.naming.security.principal">xxxxxxxxxxxxxxxxxx</parameter>
<parameter
name="java.naming.security.authentication">simple</parameter>
- <parameter
name="java.naming.security.credentials">
- xxxxxxxxxxxxxxxx</parameter>
+ <parameter
name="java.naming.security.credentials">xxxxxxxxxxxxxxxx</parameter>
</nodestore>
- <!-- Use a Tx Store to store security and lock
information -->
- <securitystore
-
classname="org.apache.slide.store.txfile.TxXMLFileDescriptorsStore"
- >
- <parameter
name="rootpath">roles/store/metadata</parameter>
- <parameter
name="workpath">roles/work/metadata</parameter>
+ <securitystore>
+ <reference store="nodestore"/>
</securitystore>
<lockstore>
- <reference store="securitystore"/>
+ <reference store="nodestore"/>
</lockstore>
<revisiondescriptorsstore>
<reference store="nodestore"/>
@@ -150,153 +130,96 @@
<parameter name="nested_roles_maxdepth">0</parameter>
</configuration>
<data>
- <objectnode classname="org.apache.slide.structure.SubjectNode"
- uri="/">
+ <objectnode classname="org.apache.slide.structure.SubjectNode"
uri="/">
<!-- Make sure the subject here is a valid LDAP group
-->
- <permission action="all" subject="/roles/connect users"
- inheritable="true"/>
- <permission action="/actions/read-acl" subject="all"
- inheritable="true" negative="true"/>
- <permission action="/actions/write-acl" subject="all"
- inheritable="true" negative="true"/>
- <permission action="/actions/unlock" subject="all"
- inheritable="true" negative="true"/>
- <permission action="/actions/read" subject="all"
- inheritable="true"/>
- <objectnode
classname="org.apache.slide.structure.SubjectNode"
- uri="/users">
+ <permission action="all" subject="/roles/XXXXXXX"
inheritable="true"/>
+ <permission action="/actions/read-acl" subject="all"
inheritable="true" negative="true"/>
+ <permission action="/actions/write-acl" subject="all"
inheritable="true" negative="true"/>
+ <permission action="/actions/unlock" subject="all"
inheritable="true" negative="true"/>
+ <permission action="/actions/read" subject="all"
inheritable="true"/>
+ <objectnode
classname="org.apache.slide.structure.SubjectNode" uri="/users">
<permission action="all" subject="self"
inheritable="true"/>
- <permission action="all"
subject="unauthenticated"
- inheritable="true" negative="true"/>
+ <permission action="all"
subject="unauthenticated" inheritable="true" negative="true"/>
</objectnode>
- <objectnode
classname="org.apache.slide.structure.SubjectNode"
- uri="/roles">
+ <objectnode
classname="org.apache.slide.structure.SubjectNode" uri="/roles">
<permission action="all" subject="self"
inheritable="true"/>
- <permission action="all"
subject="unauthenticated"
- inheritable="true" negative="true"/>
+ <permission action="all"
subject="unauthenticated" inheritable="true" negative="true"/>
</objectnode>
- <objectnode
classname="org.apache.slide.structure.ActionNode"
- uri="/actions">
- <objectnode
-
classname="org.apache.slide.structure.ActionNode"
- uri="/actions/read">
+ <objectnode
classname="org.apache.slide.structure.ActionNode" uri="/actions">
+ <objectnode
classname="org.apache.slide.structure.ActionNode" uri="/actions/read">
<revision>
- <property
name="privilege-member-set"><![CDATA[<D:href
-xmlns:D='DAV:'>/actions/read-acl</D:href> <D:href
-xmlns:D='DAV:'>/actions/read-current-user-privilege-set</D:href>]]></property>
+ <property
name="privilege-member-set"><![CDATA[<D:href xmlns:D='DAV:'>/actions/read-acl</D:href>
<D:href xmlns:D='DAV:'>/actions/read-current-user-privilege-set</D:href>]]></property>
</revision>
</objectnode>
- <objectnode
-
classname="org.apache.slide.structure.ActionNode"
- uri="/actions/read-acl">
+ <objectnode
classname="org.apache.slide.structure.ActionNode" uri="/actions/read-acl">
<revision>
<property
name="privilege-member-set"/>
</revision>
</objectnode>
- <objectnode
-
classname="org.apache.slide.structure.ActionNode"
-
uri="/actions/read-current-user-privilege-set">
+ <objectnode
classname="org.apache.slide.structure.ActionNode"
uri="/actions/read-current-user-privilege-set">
<revision>
<property
name="privilege-member-set"/>
</revision>
</objectnode>
- <objectnode
-
classname="org.apache.slide.structure.ActionNode"
- uri="/actions/write">
+ <objectnode
classname="org.apache.slide.structure.ActionNode" uri="/actions/write">
<revision>
- <property
name="privilege-member-set"><![CDATA[<D:href
-xmlns:D='DAV:'>/actions/write-acl</D:href> <D:href
-xmlns:D='DAV:'>/actions/write-properties</D:href> <D:href
-xmlns:D='DAV:'>/actions/write-content</D:href>]]></property>
+ <property
name="privilege-member-set"><![CDATA[<D:href
xmlns:D='DAV:'>/actions/write-acl</D:href> <D:href
xmlns:D='DAV:'>/actions/write-properties</D:href> <D:href
xmlns:D='DAV:'>/actions/write-content</D:href>]]></property>
</revision>
</objectnode>
- <objectnode
-
classname="org.apache.slide.structure.ActionNode"
- uri="/actions/write-acl">
+ <objectnode
classname="org.apache.slide.structure.ActionNode" uri="/actions/write-acl">
<revision>
<property
name="privilege-member-set"/>
</revision>
</objectnode>
- <objectnode
-
classname="org.apache.slide.structure.ActionNode"
- uri="/actions/write-properties">
+ <objectnode
classname="org.apache.slide.structure.ActionNode" uri="/actions/write-properties">
<revision>
<property
name="privilege-member-set"/>
</revision>
</objectnode>
- <objectnode
-
classname="org.apache.slide.structure.ActionNode"
- uri="/actions/write-content">
+ <objectnode
classname="org.apache.slide.structure.ActionNode" uri="/actions/write-content">
<revision>
- <property
name="privilege-member-set"><![CDATA[<D:href
-xmlns:D='DAV:'>/actions/bind</D:href> <D:href
-xmlns:D='DAV:'>/actions/unbind</D:href>]]></property>
+ <property
name="privilege-member-set"><![CDATA[<D:href xmlns:D='DAV:'>/actions/bind</D:href>
<D:href xmlns:D='DAV:'>/actions/unbind</D:href>]]></property>
</revision>
</objectnode>
- <objectnode
-
classname="org.apache.slide.structure.ActionNode"
- uri="/actions/bind">
+ <objectnode
classname="org.apache.slide.structure.ActionNode" uri="/actions/bind">
<revision>
<property
name="privilege-member-set"/>
</revision>
</objectnode>
- <objectnode
-
classname="org.apache.slide.structure.ActionNode"
- uri="/actions/unbind">
+ <objectnode
classname="org.apache.slide.structure.ActionNode" uri="/actions/unbind">
<revision>
<property
name="privilege-member-set"/>
</revision>
</objectnode>
- <objectnode
-
classname="org.apache.slide.structure.ActionNode"
- uri="/actions/unlock">
+ <objectnode
classname="org.apache.slide.structure.ActionNode" uri="/actions/unlock">
<revision>
<property
name="privilege-member-set"/>
</revision>
</objectnode>
</objectnode>
- <objectnode
classname="org.apache.slide.structure.SubjectNode"
- uri="/files">
- <permission action="all"
subject="unauthenticated"
- inheritable="true"/>
- <!-- Make sure the subject here is a valid LDAP
-group -->
- <permission action="/actions/write"
- subject="/roles/connect users"
inheritable="true"/>
- <permission action="/actions/read-acl"
subject="owner"
- inheritable="true"/>
+ <objectnode
classname="org.apache.slide.structure.SubjectNode" uri="/files">
+ <permission action="all"
subject="unauthenticated" inheritable="true"/>
+ <!-- Make sure the subject here is a valid
LDAP group -->
+ <permission action="/actions/write"
subject="/roles/XXXXXXX" inheritable="true"/>
+ <permission action="/actions/read-acl"
subject="owner" inheritable="true"/>
</objectnode>
- <objectnode
classname="org.apache.slide.structure.SubjectNode"
- uri="/history">
- <permission action="all"
subject="unauthenticated"
- inheritable="true"/>
- <!-- Make sure the subject here is a valid LDAP
-group -->
- <permission action="/actions/write"
- subject="/roles/connect users"
inheritable="true"/>
- <permission action="/actions/read-acl"
subject="owner"
- inheritable="true"/>
+ <objectnode
classname="org.apache.slide.structure.SubjectNode" uri="/history">
+ <permission action="all"
subject="unauthenticated" inheritable="true"/>
+ <!-- Make sure the subject here is a valid
LDAP group -->
+ <permission action="/actions/write"
subject="/roles/XXXXXXX" inheritable="true"/>
+ <permission action="/actions/read-acl"
subject="owner" inheritable="true"/>
</objectnode>
- <objectnode
classname="org.apache.slide.structure.SubjectNode"
- uri="/workspace">
- <permission action="all"
subject="unauthenticated"
- inheritable="true"/>
- <!-- Make sure the subject here is a valid LDAP
-group -->
- <permission action="/actions/write"
- subject="/roles/connect users"
inheritable="true"/>
- <permission action="/actions/read-acl"
subject="owner"
- inheritable="true"/>
+ <objectnode
classname="org.apache.slide.structure.SubjectNode" uri="/workspace">
+ <permission action="all"
subject="unauthenticated" inheritable="true"/>
+ <!-- Make sure the subject here is a valid
LDAP group -->
+ <permission action="/actions/write"
subject="/roles/XXXXXXX" inheritable="true"/>
+ <permission action="/actions/read-acl"
subject="owner" inheritable="true"/>
</objectnode>
- <objectnode
classname="org.apache.slide.structure.SubjectNode"
- uri="/workingresource">
- <permission action="all"
subject="unauthenticated"
- inheritable="true"/>
+ <objectnode
classname="org.apache.slide.structure.SubjectNode" uri="/workingresource">
+ <permission action="all"
subject="unauthenticated" inheritable="true"/>
<!-- Make sure the subject here is a valid
LDAP group -->
- <permission action="/actions/write"
- subject="/roles/connect users"
inheritable="true"/>
- <permission action="/actions/read-acl"
subject="owner"
- inheritable="true"/>
+ <permission action="/actions/write"
subject="/roles/XXXXXXX" inheritable="true"/>
+ <permission action="/actions/read-acl"
subject="owner" inheritable="true"/>
</objectnode>
</objectnode>
</data>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
