...
In
...
order
...
to
...
enable
...
WebDAV
...
on
...
Sakai
...
2.0,
...
the
...
following
...
modules
...
must
...
be
...
installed.
...
Required
...
module(s)
...
for
...
WebDAV
...
-.
...
The
...
correct
...
krb5.conf
...
file
...
for
...
UC
...
Davis'
...
KDC
...
-.
...
A
...
jaas.conf
...
file
...
that
...
includes
...
other
...
configuration
...
information
...
needed
...
for
...
the
...
provider
...
-.
...
Custom
...
UserDirectoryProvider,
...
UC
...
Davis'
...
Provider,
...
UCDKerbLDAP.java
...
which
...
is
...
a
...
modified
...
version
...
of
...
Stanford's
...
provider.
...
Thanks
...
to
...
Casey
...
Dunn
...
at
...
Stanford
...
for
...
providing
...
this
...
example.
...
-.
...
The
...
ucdprovider
...
directory
...
from
...
SVN.
...
This
...
will
...
be
...
added
...
to
...
the
...
...
...
\providers
...
directory.
...
-.
...
commons-lang.jar
...
and
...
commons-configuration.jar.
...
This
...
will
...
be
...
placed
...
in
...
the
...
Tomcat\shared\lib
...
directory.
...
-.
...
The
...
project.xml
...
and
...
components.xml
...
that
...
will
...
be
...
place
...
in
...
the
...
...
...
\providers\components
...
directory
...
-.
...
A
...
keytab
...
file
...
for
...
access
...
to
...
the
...
KDC.
...
See
...
Scott
...
Amerson
...
for
...
details.
...
Sakai
...
2.0.+/WebDav
...
Install
...
Instructions
...
Source
...
is
...
located
...
in
...
SVN,
...
currently
...
available
...
for
...
either
...
2.0.0
...
or
...
2.0.1
...
Sakai
...
frameworks.
...
Code
...
is
...
given
...
as
...
a
...
providers/UserDirWebDAV/branch/200
...
or
...
providers/UserDirWebDAV/branch/201
...
directory.
...
Java
...
package
...
structure
...
is
...
detailed
...
below:
...
ucdprovider |
...
source |
---|
...
dir |
---|
...
package |
---|
...
Source |
---|
...
code |
---|
----------- |
...
java->src-> |
...
----------- |
...
----------- |
...
edu.ucdavis.security.sakai2.distauth.user |
...
UCDKerbLDAP.java |
...
----------- |
...
----------- |
...
edu.ucdavis.security.sakai2.distauth.utilities |
...
misc |
...
LDAP |
...
extensions, |
...
not |
...
implemented |
This directory contains a UCDKerbLDAP.java,
...
an
...
implementation
...
of
...
the
...
UserDirectoryProvider
...
specifically
...
for
...
UC
...
Davis.
...
This
...
code
...
is
...
taken
...
from
...
examples
...
from
...
Columbia's
...
provider,
...
and
...
Stanford's
...
LDAP
...
implementation.
...
Please
...
see
...
KerberosDirectoryProvider
...
README
...
for
...
other
...
information
...
with
...
respect
...
to
...
using
...
jaas
...
to
...
implement
...
Kerberos
...
Authentication
...
in
...
Sakai.
...
In
...
addition,
...
to
...
protect
...
the
...
integrity
...
of
...
your
...
Kerberos
...
password,
...
the
...
use
...
of
...
a
...
secure
...
Web
...
front-end
...
is
...
HIGHLY
...
recommended.
...
Enabling
...
SSL
...
should
...
be
...
done
...
prior
...
to
...
deploying
...
this
...
code.
...
*
...
GENERAL
...
SETUP*
...
The
...
package
...
structure
...
for
...
the
...
UCDKrbLDAP.java
...
module
...
is
...
as
...
follows:
...
edu.ucdavis.security.distauth.sakai2.user
...
//source
...
code
...
edu.ucdavis.security.distauth.sakai2.KerbConf
...
//UCDKrb.properties
...
file
...
that
...
should
...
be
...
copied
...
into
...
Tomcat
...
sakai
...
dir
...
To
...
use
...
this
...
provider:
...
1)
...
Download
...
source
...
from
...
SVN
...
2)
...
Configure
...
Java
...
for
...
Kerberos
...
using
...
JAAS:
...
- Create
...
- a
...
- file
...
- jaas.config
...
- (jaas.config
...
- example
...
- provided
...
- in
...
- SVN)
...
- in
...
- the
...
- your
...
- Java
...
- installation,
...
- usually
...
- in
...
$JAVA_HOME/lib/security
...
- or
...
- $JAVA_HOME/jre/lib/security.
...
- Add
...
- this
...
- block
...
- (or
...
- edit
...
- an
...
- existing
...
- block):
...
Code Block
...
KerberosAuthentication { com.sun.security.auth.module.Krb5LoginModule required debug=false storekey=false clearPass=false useTicketCache=false useKeyTab=true keyTab="/etc/krb.keytab"; };
...
- Note,
...
- it
...
- is
...
- very
...
- important
...
- to
...
- have
...
- a
...
- semicolon
...
- at
...
- the
...
- end,
...
- and
...
- no
...
- other
...
- place!
...
The
...
UserDirectoryProvider
...
uses
...
the
...
KerberosAuthentication
...
context
...
by
...
default;
...
it
...
can
...
be
...
configured
...
by
...
changing
...
the
...
loginContext
...
parameter
...
in
...
the
...
components.xml
...
file.
...
See
...
KerberosDirectoryProvider
...
documentation
...
for
...
more
...
details.
...
3)
...
Copy
...
the
...
properties
...
file,
...
UCDKrb.properties
...
from
...
code/properties
...
to
...
your
...
TOMCAT_HOME/sakai
...
directory.
...
4)
...
Copy
...
the
...
code/ucdprovider
...
directory
...
into
...
the
...
Sakai_dir/providers
...
directory.
...
5)
...
Copy
...
the
...
following
...
from
...
the
...
code/providersconf
...
directory:
...
a.
...
components.xml
...
into
...
the
...
Sakai_dir/providers/components/webapp/WEB-INF
...
directory
...
b.
...
project.xml
...
into
...
the
...
Sakai_dir/providers/components
...
directory
...
-To
...
note
...
here,
...
uncomment
...
out
...
any
...
previous
...
provider
...
reference
...
that
...
is
...
no
...
longer
...
used
...
6)
...
Download
...
two
...
dependencies,
...
commons-lang.jar,
...
and
...
commons-components.jar.
...
These
...
jars
...
may
...
be
...
found
...
at
...
http://www.ibiblio.org/maven/,
...
and
...
should
...
be
...
placed
...
in
...
the
...
TOMCAT_HOME/shared/lib
...
directory.
...
7)
...
Attain
...
a
...
keytab
...
file
...
from
...
IET
...
Middleware,
...
and
...
place
...
modify
...
the
...
location
...
of
...
this
...
file
...
in
...
the
...
jaas.config
...
file
...
in
...
Step
...
1)
...
above.
...
8)
...
Rebuild
...
Sakai,
...
and
...
start
...
Tomcat
...
*ADVANCED
...
OPTIONS*
...
See
...
KerberosDirectoryProvider
...
README.txt
...
for
...
any
...
advanced
...
options.
...
Technical Design
A solution to the WebDAV/Sakai
...
integration
...
problem
...
is
...
detailed
...
below.
...
The
...
following
...
diagrams
...
(class,
...
flow)
...
detail
...
the
...
technical
...
information
...
related
...
to
...
the
...
solution.
...
UserDirectoryProvider |
---|