directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Alex Karasulu" <>
Subject Re: [SASL] SASL configuration, committed.
Date Tue, 20 Mar 2007 18:16:32 GMT

This is good news.

On 3/19/07, Enrique Rodriguez <> wrote:
> Hi, Directory developers,
> I checked-in all the changes resulting from our discussions of the
> last week, to the SASL branch.  Some notes:
> 1)  In getting the configuration sorted out, w.r.t. Spring, for SASL
> and Kerberos, I had to make the same changes to all the protocol
> providers.  So, all the protocol providers are now enabled for Spring
> bean configuration.  I checked in a new server.xml that has beans for
> all the protocols, to server-main.  This server.xml is the best place
> to look to get an overview of what changed.  Note that DNS could also
> be enabled, but since ServerContextFactory never included it, I
> haven't added it in.

Some comments:

(1) You might also want to copy the new server.xml over to the
src/main/installers/server.xml file so the installers have the correct
instead of the old ones.  server-main is an assembly with a
based bootstrapper for the assembly.  It's not really used all that much.

(2) Can we have a couple confluence pages for the 1.5 branch that describes
these configuration changes in terms of spring?

(3) Can we have a SASL how to for the server before we merge this code
into the trunk?

(4) Should we add the code to enable DNS into the server?  It might give
people the ability to start playing with the DNS protocol and that way we
attract more users/committers?

2)  Since config is all working, I updated and checked in my SASL
> GSSAPI integration test.  This test case uses Sun's Kerberos client,
> which, unfortunately, doesn't allow you to set the port.  I checked
> the test case in anyway for review but since the port is hard-coded
> for "88" it will fail for non-root users.  We'll have to comment it
> out in the server-unit POM, I guess.

That stinks yeah.  Would be nice to have the integration test run every time
when we want to validate that SASL code is not broken for a release.  Is
there absolutely no work around for this?

3)  I still have code local for Start TLS.  I can commit to
> protocol-ldap and enable it in the server once the grant is
> acknowledged.

I have my fax machine setup now as of yesterday.  I will fax this
today and check with Jim.

4)  I have notes on what changed and will put together all new config
> doco for the 1.5 guides.

Ahhhh ok very cool I did not read this far when making my comments above
under your note #1.

Good work overall.  Now all we have to do I guess is review everything and
determine what release to push this in (1.5.0 or 1.5.1).   Then the merge.


View raw message