...
In
...
order
...
to
...
enable
...
WebDAV
...
on
...
Sakai
...
2.0,
...
the
...
following
...
modules
...
must
...
be
...
installed.
...
Required
...
module(s)
...
for
...
implementing WebDAV and Sakai 2.0.x
-. The correct krb5.conf
...
file
...
for
...
UC
...
Davis'
...
KDC
-. Krb5LoginModule (jaas)
-. A jaas.conf
...
file
...
that
...
includes
...
other
...
configuration
...
information
...
needed
...
for
...
the
...
provider
...
-.
...
Custom
...
UserDirectoryProvider,
...
UC
...
Davis'
...
Provider,
...
UCDKerbLDAP.java
...
which
...
is
...
a
...
modified
...
version
...
of
...
Stanford's
...
provider.
...
Thanks
...
to
...
Casey
...
Dunn
...
at
...
Stanford
...
for
...
providing
...
this
...
example.
...
-.
...
The
...
ucdprovider
...
directory
...
from
...
SVN.
...
This
...
will
...
be
...
added
...
to
...
the
...
...
...
\providers
...
directory.
...
-.
...
commons-lang.jar
...
and
...
commons-configuration.jar.
...
This
...
will
...
be
...
placed
...
in
...
the
...
Tomcat\shared\lib
...
directory.
...
-.
...
The
...
project.xml
...
and
...
components.xml
...
that
...
will
...
be
...
place
...
in
...
the
...
...
...
\providers\components
...
directory
...
-.
...
A
...
keytab
...
file
...
for
...
access
...
to
...
the
...
KDC.
...
See
...
Scott
...
Amerson
...
for
...
details.
...
Sakai
...
2.0.+/WebDav
...
Install
...
Instructions (Includes package structure for UCDavisUserDirectoryProvider)
Source is located in SVN, currently available for either 2.0.0
...
or
...
2.0.1 Sakai frameworks.
...
Code
...
is
...
given
...
as
...
a
...
providers/UserDirWebDAV/branch/200
...
or
...
providers/UserDirWebDAV/branch/201
...
directory. https://mware.ucdavis.edu/svn/sakai/providers/trunk/201/
Package structure (to be deprecated):
Java package structure is detailed below:
ucdprovider | source dir | package | Source code |
---|---|---|---|
----------- |
...
java->src-> |
...
----------- |
...
----------- |
...
edu.ucdavis.security.sakai2.distauth.user |
...
UCDKerbLDAP.java | |||
----------- | ----------- | edu.ucdavis.security.sakai2.distauth.KerbConf | UCDKrb.properties |
----------- |
...
----------- |
...
edu.ucdavis.security.sakai2.distauth.utilities |
...
misc |
...
LDAP |
...
extensions, |
...
not |
...
implemented |
This directory contains a UCDKerbLDAP.java,
...
an
...
implementation
...
of
...
the
...
UserDirectoryProvider
...
specifically
...
for
...
UC
...
Davis.
...
This
...
code
...
is
...
taken
...
from
...
examples
...
from
...
Columbia's
...
provider,
...
and
...
Stanford's
...
LDAP
...
implementation.
Updated package structure (10/25/05), located @ https://mware.ucdavis.edu/svn/sakai/providers/trunk/201Mods/
:
Java package structure is detailed below:
ucdproviders | source dir | package | Source code | notes |
---|---|---|---|---|
----------- | java->src-> | |||
----------- | ----------- | edu.ucdavis.providers.sakai20.user | UCDavisUserDirectoryProvider.java | User Provider impl |
----------- | ----------- | edu.ucdavis.providers.sakai20.utilities | UCDConf.java | Properties configuration helper class |
----------- | ----------- | edu.ucdavis.providers.sakai20.utilities | UCDLDAP.java | LDAP helper class |
----------- | ----------- | edu.ucdavis.providers.sakai20.utilities | UCDLDAPSearch.java | LDAP search class |
----------- | ----------- | edu.ucdavis.providers.sakai20.utilities | UCDLDAPService.java | LDAP service impl |
Please see KerberosDirectoryProvider README for other information with respect to using jaas to implement Kerberos Authentication in Sakai.
In addition, to protect the integrity of your Kerberos password, the use
of a secure Web front-end is HIGHLY recommended. Enabling SSL should be done prior to deploying this code.
*GENERAL SETUP*
Prerequisite:
-Krb
Please see KerberosDirectoryProvider README for other information with respect to using jaas to implement Kerberos Authentication in Sakai.
In addition, to protect the integrity of your Kerberos password, the use
of a secure Web front-end is HIGHLY recommended. Enabling SSL should be done prior to deploying this code.
*GENERAL SETUP*
Prerequisite:
-Krb5LoginModule (comes with jdk 1.5)
The package structure for the UCDKerbLDAP.java module is as follows:
edu.ucdavis.security.distauth.sakai2.user
...
//source
...
code
...
edu.ucdavis.security.distauth.sakai2.KerbConf
...
//UCDKrb.properties
...
file
...
that
...
should
...
be
...
copied
...
into
...
Tomcat
...
sakai
...
dir
...
To
...
use
...
this
...
provider:
...
1) Download source from SVN
2) Configure Java for Kerberos using JAAS:
- Create a file jaas.config (jaas.config
...
- example
...
- provided
...
- in
...
- SVN)
...
- in
...
- the
...
- your
...
- Java
...
- installation,
...
- usually
...
- in
...
$JAVA_HOME/lib/security
...
- or
...
- $JAVA_HOME/jre/lib/security.
...
- Add
...
- this
...
- block
...
- (or
...
- edit
...
- an
...
- existing
...
- block):
Code Block
...
KerberosAuthentication { com.sun.security.auth.module.Krb5LoginModule required debug=false storekey=false clearPass=false useTicketCache=false useKeyTab=true keyTab="/etc/krb.keytab"; };
...
- Note,
...
- it
...
- is
...
- very
...
- important
...
- to
...
- have
...
- a
...
- semicolon
...
- at
...
- the
...
- end,
...
- and
...
- no
...
- other
...
- place!
...
The
...
UserDirectoryProvider
...
uses
...
the
...
KerberosAuthentication
...
context
...
by
...
default;
...
it
...
can
...
be
...
configured
...
by
...
changing
...
the
...
loginContext
...
parameter
...
in
...
the
...
components.xml
...
file.
...
See
...
KerberosDirectoryProvider
...
documentation
...
for
...
more
...
details.
...
3)
...
Copy
...
the
...
properties
...
file,
...
UCDKrb.properties
...
from
...
code/properties
...
to
...
your
...
TOMCAT_HOME/sakai
...
directory.
...
4)
...
Copy
...
the
...
code/ucdprovider
...
directory
...
into
...
the
...
Sakai_dir/providers
...
directory.
...
5)
...
Copy
...
the
...
following
...
from
...
the
...
code/providersconf
...
directory:
...
a.
...
components.xml
...
into
...
the
...
Sakai_dir/providers/components/webapp/WEB-INF
...
directory
...
b.
...
project.xml
...
into
...
the
...
Sakai_dir/providers/components
...
directory
...
-To
...
note
...
here,
...
uncomment
...
out
...
any
...
previous
...
provider
...
reference
...
that
...
is
...
no
...
longer
...
used
...
6)
...
Download
...
two
...
dependencies,
...
commons-lang.jar,
...
and
...
commons-components.jar.
...
These
...
jars
...
may
...
be
...
found
...
at
...
http://www.ibiblio.org/maven/,
...
and
...
should
...
be
...
placed
...
in
...
the
...
TOMCAT_HOME/shared/lib
...
directory.
...
7)
...
Attain
...
a
...
keytab
...
file
...
from
...
IET
...
Middleware,
...
and
...
place
...
modify
...
the
...
location
...
of
...
this
...
file
...
in
...
the
...
jaas.config
...
file
...
in
...
Step
...
1)
...
above.
...
8) Rebuild Sakai,
...
and
...
start
...
Tomcat
...
*ADVANCED
...
OPTIONS*
...
See
...
KerberosDirectoryProvider
...
README.txt
...
for
...
any
...
advanced
...
options.
...
Technical Design
A solution to the WebDAV/Sakai
...
integration
...
problem
...
is
...
detailed
...
via the link below (provider diagrams).
http://mediaworks.ucdavis.edu:8080/confluence/display/UCDSAKAI/Sakai+Providers
Notes: UCDavisUserDirectoryProvider implements the UserDirectoryProvider interface. The following diagram illustrates the process flow for the provider: