IdAS Basic Deployment
This simple solution combines IdAS (along with the IdAS Registry), the JNDI Context Provider, and an LDAP server to provide an identity store which is then accessed by an application.
The application opens a Context as a subject and then prints the attributes of that subject.
Each of the following Higgins components are required along with their dependencies:
- IdAS API (component, download)
- IdAS Common (component, download)
- IdAS Registry (component, download)
- Redistributable Dependencies (component, download)
- Configuration XML (component, download)
- JNDI Context Provider (component, download)
- Configuration API (component, download) (Needed by the JNDI Context Provider)
- IdAS SPI (component, download) (Needed by the JNDI Context Provider)
- Util: IdAS CP (component, download) (Needed by the JNDI Context Provider)
- Util: IdAS JScript (component, download) (Needed by the JNDI Context Provider)
- Util: Socket (component, download) (Needed by the JNDI Context Provider)
These external components are also required.
- LDAP Server
Get the Higgins components
If you're using Eclipse, you need to get the solution project and all dependency projects recursively. The easy way to do this is to import this Team Project Set:
If you're not using Eclipse, you'll need to use svn to get the code for this solution as well as all the code for the dependencies. <todo: more instructions here would be nice>
Get, install, configure, and run an LDAP server
The easy way is to download the simple LDAP server mentioned above. If you do that and unpack it, you'll have everything you need, preconfigured. Just run the executable ldaputility.jar. Note that java -jar ldaputility.jar /? produces a help screen.
If you want to use a different LDAP server, that's ok, but it's up to you to install it. For this solution, there are no special schema requirements, you just need to make sure it can perform a simple bind with name and password.
Edit the configuration file
This solution illustrates two alternate ways that you can configure the context provider.
In the first alternate, you edit a single configuration file (./conf/IdASConfiguration1.xml). This configuration file is read into a ConfigurationHandler object which in turn is used to produce an IdASRegistry instance from which a context can be obtained (see contextFromConfig in BasicIdAS.java).
In the second alternate, you configure the JNDI context factory (./conf/contextfactories.xrds) and the ldap context (./conf/Higgins-LDAP-Server.xrds) separately. In this case, the IdASRegistry uses XRI resolution to locate and configure the context (see contextFromXRDS in BasicIdAS.java)
You can comment/uncomment the contextFrom* calls in readSubject in BasicIdAS.java
In either case, if you're using the simple Java LDAP server mentioned above, the deployment is preconfigured, you don't need to do anything. Otherwise, you might need to make some changes to whichever configuration file you're using. A tutorial on much of what goes into the the JNDI context provider's context configuration can be found at JNDI_CP_Configuration
Setting the host and port
This setting is used to change the host and port:
<Setting Name="Address" Type="xsd:string">ldap://localhost:50389</Setting>
Setting the subject's name and password
Update these settings:
<Setting Name="java.naming.security.principal" Type="xsd:string">cn=admin,o=bandit</Setting> <Setting Name="java.naming.security.credentials" Type="xsd:string">admin</Setting>
Build and run the application
If you're using Eclipse, you should be able to simply run the application using the Run menu.
If you're running from the command line, you need to build this deployment and it's dependencies. <todo: add instructions>. There's a main function in the BasicIdAS class. <todo: put a run target in the build.xml?>