- 论坛徽章:
- 0
|
我用的是ApacheDS,因为没有管理控制台,增加属性及对象类都需要用代码生成,我根据Sun网站上的资料
http://java.sun.com/products/jndi/tutorial/ldap/schema/object.html
做了测试,但是老是报错
server.xml
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN"
"http://www.springframework.org/dtd/spring-beans.dtd">
<beans>
<bean id="environment" class="org.springframework.beans.factory.config.PropertiesFactoryBean">
<property name="properties">
<props>
<prop key="java.naming.security.authentication">simple</prop>
<prop key="java.naming.security.principal">uid=admin,ou=system</prop>
<prop key="java.naming.security.credentials">admin</prop>
</props>
</property>
</bean>
<bean id="configuration" class="org.apache.directory.server.configuration.MutableServerStartupConfiguration">
<property name="workingDirectory" value="example.com" />
<!-- Uncomment below to have the server load entries on startup! -->
<!-- ldifDirectory property can point to a relative file, directory or -->
<!-- can point to an absolute path to either using the URL path -->
<!-- notation: i.e. file:///Users/jack/apacheds/ldifs -->
<!-- Entries will optionally be filtered using LdifLoadFilters in the -->
<!-- order specified. The included Krb5KdcEntryFilter will filter -->
<!-- kerberos principals creating keys for them using their -->
<!-- userPassword attribute if present. -->
<!--<property name="ldifDirectory">
<value>example.ldif</value>
</property>
<property name="ldifFilters">
<list>
<bean class="org.apache.directory.server.protocol.shared.store.Krb5KdcEntryFilter"/>
</list>
</property>-->
<!-- the number of milliseconds before issuing a synch (flush to disk) -->
<!-- which writes out dirty pages back to disk. To turn off synchs all -->
<!-- together simply set this value to <= 0. Make sure you turn on -->
<!-- synchOnWrite for all partitions if you do choose to do this or else-->
<!-- writes may never persist to disk. -->
<property name="synchPeriodMillis" value="15000" />
<!-- limits searches by non-admin users to a max time of 15000 -->
<!-- milliseconds and has a default value of 10000 -->
<property name="maxTimeLimit" value="15000" />
<!-- limits searches to max size of 1000 entries: default value is 100 -->
<property name="maxSizeLimit" value="1000" />
<!-- maximum number of threads used by mina is set to 8: default is 4 -->
<property name="maxThreads" value="8" />
<property name="allowAnonymousAccess" value="false" />
<property name="accessControlEnabled" value="false" />
<property name="enableNtp" value="false" />
<property name="enableKerberos" value="false" />
<property name="enableChangePassword" value="false" />
<!--
It's more efficient to keep this feature turned off but you may not like
having the creatorsName and modifiersName contain OIDs instead of short
attributeType names instead. So if you want the creatorsName to change
from the normalized form which is the internal representation of
'0.9.2342.19200300.100.1.1=admin,2.5.4.11=system'
to a more human readabile form like:
'uid=admin,ou=system'
then set this property to true.
-->
<property name="denormalizeOpAttrsEnabled" value="false" />
<property name="ldapPort" value="10389" />
<property name="systemPartitionConfiguration" ref="systemPartitionConfiguration" />
<property name="contextPartitionConfigurations">
<set>
<ref bean="examplePartitionConfiguration"/>
</set>
</property>
<property name="bootstrapSchemas">
<set>
<bean class="org.apache.directory.server.core.schema.bootstrap.AutofsSchema"/>
<bean class="org.apache.directory.server.core.schema.bootstrap.CorbaSchema"/>
<bean class="org.apache.directory.server.core.schema.bootstrap.CoreSchema"/>
<bean class="org.apache.directory.server.core.schema.bootstrap.CosineSchema"/>
<bean class="org.apache.directory.server.core.schema.bootstrap.ApacheSchema"/>
<bean class="org.apache.directory.server.core.schema.bootstrap.CollectiveSchema"/>
<bean class="org.apache.directory.server.core.schema.bootstrap.InetorgpersonSchema"/>
<bean class="org.apache.directory.server.core.schema.bootstrap.JavaSchema"/>
<bean class="org.apache.directory.server.core.schema.bootstrap.Krb5kdcSchema"/>
<bean class="org.apache.directory.server.core.schema.bootstrap.NisSchema"/>
<bean class="org.apache.directory.server.core.schema.bootstrap.SystemSchema"/>
<bean class="org.apache.directory.server.core.schema.bootstrap.ApachednsSchema"/>
</set>
</property>
<property name="extendedOperationHandlers">
<list>
<bean class="org.apache.directory.server.ldap.support.extended.GracefulShutdownHandler"/>
<bean class="org.apache.directory.server.ldap.support.extended.LaunchDiagnosticUiHandler"/>
</list>
</property>
<property name="interceptorConfigurations">
<list>
<bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
<property name="name" value="normalizationService" />
<property name="interceptor">
<bean class="org.apache.directory.server.core.normalization.NormalizationService" />
</property>
</bean>
<bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
<property name="name" value="authenticationService" />
<property name="interceptor">
<bean class="org.apache.directory.server.core.authn.AuthenticationService" />
</property>
</bean>
<bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
<property name="name" value="referralService" />
<property name="interceptor">
<bean class="org.apache.directory.server.core.referral.ReferralService" />
</property>
</bean>
<bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
<property name="name" value="authorizationService" />
<property name="interceptor">
<bean class="org.apache.directory.server.core.authz.AuthorizationService" />
</property>
</bean>
<bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
<property name="name" value="defaultAuthorizationService" />
<property name="interceptor">
<bean class="org.apache.directory.server.core.authz.DefaultAuthorizationService" />
</property>
</bean>
<bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
<property name="name" value="exceptionService" />
<property name="interceptor">
<bean class="org.apache.directory.server.core.exception.ExceptionService" />
</property>
</bean>
<bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
<property name="name" value="schemaService" />
<property name="interceptor">
<bean class="org.apache.directory.server.core.schema.SchemaService" />
</property>
</bean>
<bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
<property name="name" value="subentryService" />
<property name="interceptor">
<bean class="org.apache.directory.server.core.subtree.SubentryService" />
</property>
</bean>
<bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
<property name="name" value="operationalAttributeService" />
<property name="interceptor">
<bean class="org.apache.directory.server.core.operational.OperationalAttributeService" />
</property>
</bean>
<bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
<property name="name" value="collectiveAttributeService" />
<property name="interceptor">
<bean class="org.apache.directory.server.core.collective.CollectiveAttributeService" />
</property>
</bean>
<bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
<property name="name" value="eventService" />
<property name="interceptor">
<bean class="org.apache.directory.server.core.event.EventService" />
</property>
</bean>
</list>
</property>
</bean>
<!-- use the following partitionConfiguration to override defaults for -->
<!-- the system partition -->
<bean id="systemPartitionConfiguration" class="org.apache.directory.server.core.partition.impl.btree.MutableBTreePartitionConfiguration">
<property name="name" value="system" />
<property name="cacheSize" value="100" />
<property name="suffix" value="ou=system" />
<!-- the optimizer is enabled by default but may not always be what -->
<!-- you want if your queries are really simple -->
<property name="optimizerEnabled" value="true" />
<!--
Synchronization on writes does not wait for synch operations
to flush dirty pages. Writes persist immediately to disk at
a cost to performance with increased data integrity. Otherwise
the periodic synch operation will flush dirty pages using the
synchPeriodMillis parameter in the main configuration.
-->
<property name="synchOnWrite" value="true" />
<property name="indexedAttributes">
<set>
<bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
<property name="attributeId" value="ou" />
<property name="cacheSize" value="100" />
</bean>
<bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
<property name="attributeId" value="uid" />
<property name="cacheSize" value="100" />
</bean>
<bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
<property name="attributeId" value="objectClass" />
<property name="cacheSize" value="100" />
</bean>
</set>
</property>
<property name="contextEntry">
<value>
objectClass: top
objectClass: organizationalUnit
objectClass: extensibleObject
ou: system
</value>
</property>
</bean>
<bean id="examplePartitionConfiguration" class="org.apache.directory.server.core.partition.impl.btree.MutableBTreePartitionConfiguration">
<property name="name" value="example" />
<property name="cacheSize" value="100"/>
<property name="suffix" value="dc=example,dc=com" />
<!-- the optimizer is enabled by default but may not always be what -->
<!-- you want if your queries are really simple -->
<property name="optimizerEnabled" value="true" />
<!--
Synchronization on writes does not wait for synch operations
to flush dirty pages. Writes persist immediately to disk at
a cost to performance with increased data integrity. Otherwise
the periodic synch operation will flush dirty pages using the
synchPeriodMillis parameter in the main configuration.
-->
<property name="synchOnWrite" value="true" />
<property name="indexedAttributes">
<set>
<bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
<property name="attributeId" value="dc" />
<property name="cacheSize" value="100" />
</bean>
<bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
<property name="attributeId" value="ou" />
<property name="cacheSize" value="100" />
</bean>
<bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
<property name="attributeId" value="krb5PrincipalName" />
<property name="cacheSize" value="100" />
</bean>
<bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
<property name="attributeId" value="uid" />
<property name="cacheSize" value="100" />
</bean>
<bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
<property name="attributeId" value="objectClass" />
<property name="cacheSize" value="100" />
</bean>
</set>
</property>
<property name="contextEntry">
<value>
objectClass: top
objectClass: domain
objectClass: extensibleObject
dc: example
</value>
</property>
</bean>
<bean class="org.springframework.beans.factory.config.CustomEditorConfigurer">
<property name="customEditors">
<map>
<entry key="javax.naming.directory.Attributes">
<bean class="org.apache.directory.server.core.configuration.AttributesPropertyEditor"/>
</entry>
</map>
</property>
</bean>
</beans>
测试:
public static void main(String[] args){
Hashtable env = new Hashtable(11);
env.put(Context.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory" ;
env.put(Context.PROVIDER_URL, "ldap://localhost:10389/ou=system";
env.put(Context.SECURITY_AUTHENTICATION, "simple";
env.put(Context.SECURITY_PRINCIPAL, "uid=admin,ou=system";
env.put(Context.SECURITY_CREDENTIALS, "admin";
try {
DirContext ctx = new InitialDirContext( env );
DirContext schema = ctx.getSchema("";
Attributes attrs = new BasicAttributes(true);
attrs.put("NUMERICOID", "1.3.6.1.4.1.18060.0.4.3.3.1";
attrs.put("NAME", "jetspeed2-user";
attrs.put("DESC", "An entry which represents a jetspeed2-user";
attrs.put("SUP", "top";
attrs.put("STRUCTURAL", "true");
Attribute must = new BasicAttribute("MUST");
must.add("cn");
must.add("objectclass");
attrs.put(must);
Attribute may = new BasicAttribute("MAY");
may.add("description");
attrs.put(may);
schema.createSubcontext("ClassDefinition/jetspeed2-user", attrs);
} catch (NamingException e) {
e.printStackTrace();
}
}
报错:
javax.naming.NameNotFoundException: [LDAP: error code 32 - failed to modify entry 2.5.4.3=schema,2.5.4.11=system: Attempt to lookup non-existant entry: 2.5.4.3=schema,2.5.4.11=system]; remaining name ''
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3010)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2931)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2737)
at com.sun.jndi.ldap.LdapCtx.c_modifyAttributes(LdapCtx.java:1370)
at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_modifyAttributes(ComponentDirContext.java:235)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.modifyAttributes(PartialCompositeDirContext.java:147)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.modifyAttributes(PartialCompositeDirContext.java:136)
at com.sun.jndi.ldap.LdapSchemaCtx$SchemaInfo.modifyAttributes(LdapSchemaCtx.java:413)
at com.sun.jndi.ldap.LdapSchemaCtx.addServerSchema(LdapSchemaCtx.java:276)
at com.sun.jndi.ldap.LdapSchemaCtx.doCreateSubcontext(LdapSchemaCtx.java:196)
at com.sun.jndi.toolkit.dir.HierMemDirCtx.createSubcontext(HierMemDirCtx.java:375)
at com.sun.jndi.toolkit.dir.HierMemDirCtx.createSubcontext(HierMemDirCtx.java:36
at com.nci.np.test.CreateObjectTest.main(CreateObjectTest.java:46) |
|
免费注册
发表于 2007-10-09 15:07
