The Penrose Project

• Overview
  • News
  • FAQ
  • Features
  • Licenses
  • Download
  • Demo
• Documentation
  • Quick Start
  • Version 1.2 (in development)
    • Complete
    • Server User Guide
    • Studio User Guide
    • Developer Guide
    • Embedding Penrose
    • Javadoc
  • Version 1.1 (stable)
    • Complete
    • Server User Guide
    • Studio User Guide
    • Developer Guide
    • Embedding Penrose
    • Javadoc
  • Use Cases
  • Community Wiki
• Developer
  • Nightly Builds
  • Code Repository
  • Road Map
  • Change Log
  • Project Management
• Support
  • WebChat
  • Forum & List
  • Bug/Feature Tracker
  • Team
  • Contact

OpenDS

Overview

Starting from version 1.1, Java Backend supports OpenDS. Any application that implements Java Backend interface (e.g. Penrose) can be run under OpenDS. The following is an example of running Penrose under OpenDS.

Installing Penrose Server

Download and install Penrose Server 1.2 or later. The installation directory will be referred to as PENROSE_SERVER_HOME.

Note: currently the JMX service doesn't work under OpenDS. You need to disable JMX service.

Installing OpenDS

Ideally you should be able to just download and install OpenDS. However at this point you need to check out the OpenDS source code, apply a patch, then build and install OpenDS. The installation directory will be referred to as OPENDS_HOME. Run the QuickSetup:

cd OPENDS_HOME
setup.bat

Installing Java Backend

Download and install Java Backend 1.1 for OpenDS. The installation directory will be referred to as JAVA_BACKEND_HOME.

Configuring Java Backend

In OpenDS the plugin configuration is stored as an LDAP entry under cn=plugins,cn=config.
An example configuration file can be found in JAVA_BACKEND_HOME/config/config.ldif.

dn: cn=Java Backend,cn=Plugins,cn=config
objectClass: top
objectClass: ds-cfg-plugin
objectClass: extensibleObject
cn: Java Backend
ds-cfg-plugin-class: com.identyx.javabackend.opends.JavaBackend
ds-cfg-plugin-enabled: true
ds-cfg-plugin-type: postConnect
ds-cfg-plugin-type: postDisconnect
ds-cfg-plugin-type: preParseAdd
ds-cfg-plugin-type: preParseBind
ds-cfg-plugin-type: preParseUnbind
ds-cfg-plugin-type: preParseCompare
ds-cfg-plugin-type: preParseDelete
ds-cfg-plugin-type: preParseModify
ds-cfg-plugin-type: preParseModifyDN
ds-cfg-plugin-type: preParseSearch
java-backend-class: <class name>
java-backend-classpath: <Java class path>
java-backend-libpath: <Java library path>
java-backend-property: <name>=<value>
java-backend-suffix: <name space>

In the "java-backend-class" attribute you should specify your Java backend class. This class has to implement com.identyx.javabackend.Backend interface.

In the "java-backend-classpath" attribute you can optionally specify the path to your Java classes. This attribute can be specified multiple times.

In the "java-backend-libpath" attribute you can optionally specify the path to your jar files. This attribute can be specified multiple times.

In the "java-backend-property" attribute you can optionally specify a system property and its value. This attribute can be specified multiple times.

In the "java-backend-suffix" attribute you can specify the LDAP suffix that will be handled by this backend. This attribute can be specified multiple times. If you specify at least one suffix, Java Backend will use the static suffix list to check the target DN of the incoming requests. If you specify no suffixes, Java Backend will check with the backend implementation which can be dynamic but possibly slower.

Assuming Penrose is installed in /usr/local/penrose-server-1.2, here is a sample of Java Backend configuration for Penrose:

dn: cn=Java Backend,cn=Plugins,cn=config
objectClass: top
objectClass: ds-cfg-plugin
objectClass: extensibleObject
cn: Java Backend
ds-cfg-plugin-class: com.identyx.javabackend.opends.JavaBackend
ds-cfg-plugin-enabled: true
ds-cfg-plugin-type: postConnect
ds-cfg-plugin-type: postDisconnect
ds-cfg-plugin-type: preParseAdd
ds-cfg-plugin-type: preParseBind
ds-cfg-plugin-type: preParseUnbind
ds-cfg-plugin-type: preParseCompare
ds-cfg-plugin-type: preParseDelete
ds-cfg-plugin-type: preParseModify
ds-cfg-plugin-type: preParseModifyDN
ds-cfg-plugin-type: preParseSearch
java-backend-class: org.safehaus.penrose.backend.PenroseBackend
java-backend-libpath: /usr/local/penrose-server-1.2/lib
java-backend-libpath: /usr/local/penrose-server-1.2/lib/ext
java-backend-libpath: /usr/local/penrose-server-1.2/schema/ext
java-backend-libpath: /usr/local/penrose-server-1.2/server/lib
java-backend-libpath: /usr/local/penrose-server-1.2/server/lib/ext
java-backend-property: penrose.home=/usr/local/penrose-server-1.2
java-backend-suffix: dc=Example,dc=com
java-backend-suffix: ou=system

Configuring OpenDS

First stop OpenDS:

cd OPENDS_HOME/bat
./stop-ds.bat -h localhost -p 10389 -D "cn=Directory Manager" -w secret

Add the above configuration into OPENDS_HOME/config/config.ldif.

Copy the files in JAVA_BACKEND_HOME/lib into OPENDS_HOME/lib.

Finally start OpenDS again:

./start-ds.bat

Log Messages

OpenDS log messages are stored in files under OPENDS_HOME/logs directory. To watch Java Backend's log messages:

tail -f OPENDS_HOME/logs/server.out

References

• Enabling OpenDS LDAP Service in Penrose
• OpenDS Wiki mentioning Penrose
• OpenDS
• Extending OpenDS functionality with a plugin
• OpenDS Source Code
• OpenDS Javadoc