...
In
...
order
...
to
...
enable
...
WebDAV
...
on
...
Sakai
...
2.0,
...
the
...
following
...
modules
...
must
...
be
...
installed.
...
Required
...
module(s)
...
for
...
implementing WebDAV and Sakai 2.0.x
-.
...
The
...
correct
...
krb5.conf
...
file
...
for
...
UC
...
Davis'
...
KDC
-. Krb5LoginModule (jaas)
-.
...
A
...
jaas.conf
...
file
...
that
...
includes
...
other
...
configuration
...
information
...
needed
...
for
...
the
...
provider
...
-.
...
Custom
...
UserDirectoryProvider,
...
UC
...
Davis'
...
Provider,
...
UCDKerbLDAP.java
...
which
...
is
...
a
...
modified
...
version
...
of
...
Stanford's
...
provider.
...
Thanks
...
to
...
Casey
...
Dunn
...
at
...
Stanford
...
for
...
providing
...
this
...
example.
...
-.
...
The
...
ucdprovider
...
directory
...
from
...
SVN.
...
This
...
will
...
be
...
added
...
to
...
the
...
...
...
\providers
...
directory.
...
-.
...
commons-lang.jar
...
and
...
commons-configuration.jar.
...
This
...
will
...
be
...
placed
...
in
...
the
...
Tomcat\shared\lib
...
directory.
...
-.
...
The
...
project.xml
...
and
...
components.xml
...
that
...
will
...
be
...
place
...
in
...
the
...
...
...
\providers\components
...
directory
...
-.
...
A
...
keytab
...
file
...
for
...
access
...
to
...
the
...
KDC.
...
See
...
Scott
...
Amerson
...
for
...
details.
...
Sakai
...
2.0.+/WebDav
...
Install
...
Instructions (Includes package structure for UCDavisUserDirectoryProvider)
Source is located in SVN, currently available for either 2.0.0
...
or
...
2.0.1
...
Sakai
...
frameworks.
...
Code
...
is
...
given
...
as
...
a
...
providers/UserDirWebDAV/branch/200
...
or
...
providers/UserDirWebDAV/branch/201
...
directory. https://mware.ucdavis.edu/svn/sakai/providers/trunk/201/
Package structure (to be deprecated):
Java package structure is detailed below:
ucdprovider | source dir | package | Source code |
|---|---|---|---|
----------- |
...
java->src-> |
...
----------- |
...
----------- |
...
edu.ucdavis.security.sakai2.distauth.user |
...
UCDKerbLDAP.java | |||
----------- | ----------- | edu.ucdavis.security.sakai2.distauth.KerbConf | UCDKrb.properties |
----------- |
...
----------- |
...
edu.ucdavis.security.sakai2.distauth.utilities |
...
misc |
...
LDAP |
...
extensions, |
...
not |
...
implemented |
This directory contains a UCDKerbLDAP.java,
...
an
...
implementation
...
of
...
the
...
UserDirectoryProvider
...
specifically
...
for
...
UC
...
Davis.
...
This
...
code
...
is
...
taken
...
from
...
examples
...
from
...
Columbia's
...
provider,
...
and
...
Stanford's
...
LDAP
...
implementation.
Updated package structure (10/25/05), located @ https://mware.ucdavis.edu/svn/sakai/providers/trunk/201Mods/
:
Java package structure is detailed below:
ucdproviders | source dir | package | Source code | notes |
|---|---|---|---|---|
----------- | java->src-> | |||
----------- | ----------- | edu.ucdavis.providers.sakai20.user | UCDavisUserDirectoryProvider.java | User Provider impl |
----------- | ----------- | edu.ucdavis.providers.sakai20.utilities | UCDConf.java | Properties configuration helper class |
----------- | ----------- | edu.ucdavis.providers.sakai20.utilities | UCDLDAP.java | LDAP helper class |
----------- | ----------- | edu.ucdavis.providers.sakai20.utilities | UCDLDAPSearch.java | LDAP search class |
----------- | ----------- | edu.ucdavis.providers.sakai20.utilities | UCDLDAPService.java | LDAP service impl |
Please see KerberosDirectoryProvider README for other information with respect to using jaas to implement Kerberos Authentication in Sakai.
In addition, to protect the integrity of your Kerberos password, the use
of a secure Web front-end is HIGHLY recommended. Enabling SSL should be done prior to deploying this code.
*GENERAL SETUP*
Prerequisite:
-Krb
Please see KerberosDirectoryProvider README for other information with respect to using jaas to implement Kerberos Authentication in Sakai.
In addition, to protect the integrity of your Kerberos password, the use
of a secure Web front-end is HIGHLY recommended. Enabling SSL should be done prior to deploying this code.
*GENERAL SETUP*
Prerequisite:
-Krb5LoginModule (comes with jdk 1.5)
The package structure for the UCDKerbLDAP.java module is as follows:
edu.ucdavis.security.distauth.sakai2.user
...
//source
...
code
...
edu.ucdavis.security.distauth.sakai2.KerbConf
...
//UCDKrb.properties
...
file
...
that
...
should
...
be
...
copied
...
into
...
Tomcat
...
sakai
...
dir
...
To
...
use
...
this
...
provider:
...
1)
...
Download
...
source
...
from
...
SVN
...
2)
...
Configure
...
Java
...
for
...
Kerberos
...
using
...
JAAS:
...
- Create
...
- a
...
- file
...
- jaas.config
...
- (jaas.config
...
- example
...
- provided
...
- in
...
- SVN)
...
- in
...
- the
...
- your
...
- Java
...
- installation,
...
- usually
...
- in
...
$JAVA_HOME/lib/security
...
- or
...
- $JAVA_HOME/jre/lib/security.
...
- Add
...
- this
...
- block
...
- (or
...
- edit
...
- an
...
- existing
...
- block):
Code Block
...
KerberosAuthentication { com.sun.security.auth.module.Krb5LoginModule required debug=false storekey=false clearPass=false useTicketCache=false useKeyTab=true keyTab="/etc/krb.keytab"; };
...
- Note,
...
- it
...
- is
...
- very
...
- important
...
- to
...
- have
...
- a
...
- semicolon
...
- at
...
- the
...
- end,
...
- and
...
- no
...
- other
...
- place!
...
The
...
UserDirectoryProvider
...
uses
...
the
...
KerberosAuthentication
...
context
...
by
...
default;
...
it
...
can
...
be
...
configured
...
by
...
changing
...
the
...
loginContext
...
parameter
...
in
...
the
...
components.xml
...
file.
...
See
...
KerberosDirectoryProvider
...
documentation
...
for
...
more
...
details.
...
3)
...
Copy
...
the
...
properties
...
file,
...
UCDKrb.properties
...
from
...
code/properties
...
to
...
your
...
TOMCAT_HOME/sakai
...
directory.
...
4)
...
Copy
...
the
...
code/ucdprovider
...
directory
...
into
...
the
...
Sakai_dir/providers
...
directory.
...
5)
...
Copy
...
the
...
following
...
from
...
the
...
code/providersconf
...
directory:
...
a.
...
components.xml
...
into
...
the
...
Sakai_dir/providers/components/webapp/WEB-INF
...
directory
...
b.
...
project.xml
...
into
...
the
...
Sakai_dir/providers/components
...
directory
...
-To
...
note
...
here,
...
uncomment
...
out
...
any
...
previous
...
provider
...
reference
...
that
...
is
...
no
...
longer
...
used
...
6)
...
Download
...
two
...
dependencies,
...
commons-lang.jar,
...
and
...
commons-components.jar.
...
These
...
jars
...
may
...
be
...
found
...
at
...
http://www.ibiblio.org/maven/,
...
and
...
should
...
be
...
placed
...
in
...
the
...
TOMCAT_HOME/shared/lib
...
directory.
...
7)
...
Attain
...
a
...
keytab
...
file
...
from
...
IET
...
Middleware,
...
and
...
place
...
modify
...
the
...
location
...
of
...
this
...
file
...
in
...
the
...
jaas.config
...
file
...
in
...
Step
...
1)
...
above.
...
8)
...
Rebuild
...
Sakai,
...
and
...
start
...
Tomcat
...
*
...
ADVANCED
...
OPTIONS*
...
See
...
KerberosDirectoryProvider
...
README.txt
...
for
...
any
...
advanced
...
options.
...
Technical Design
A solution to the WebDAV/Sakai
...
integration
...
problem
...
is
...
detailed
...
via the link below (provider diagrams).
http://mediaworks.ucdavis.edu:8080/confluence/display/UCDSAKAI/Sakai+Providers
Notes: UCDavisUserDirectoryProvider implements the UserDirectoryProvider interface. The following diagram illustrates the process flow for the provider: