Page Comparison

...

-. The correct krb5.conf file for UC Davis' KDC
-. Krb5LoginModule (jaas)
-. A jaas.conf file that includes other configuration information needed for the provider
-. Custom UserDirectoryProvider, UC Davis' Provider, UCDKerbLDAP.java which is a modified version of Stanford's provider. Thanks to Casey Dunn at Stanford for providing this example.
-. The ucdprovider directory from SVN. This will be added to the *Sakai Source*\providers directory.
-. commons-lang.jar and commons-configuration.jar. This will be placed in the Tomcat\shared\lib directory.
-. The project.xml and components.xml that will be place in the *Sakai Source*\providers\components directory
-. A keytab file for access to the KDC. See Scott Amerson for details.

Sakai 2.0.+/WebDav Install Instructions (Includes package structure for UCDavisUserDirectoryProvider)

Source is located in SVN, currently available for either 2.0.0 or 2.0.1 Sakai frameworks.
Code is given as a providers/UserDirWebDAV/branch/200 or providers/UserDirWebDAV/branch/201 directory. https://mware.ucdavis.edu/svn/sakai/providers/trunk/201/

Package structure (to be deprecated):
Java package structure is detailed below:

...

This directory contains a UCDKerbLDAP.java, an implementation of the UserDirectoryProvider specifically for UC Davis.
This code is taken from examples from Columbia's provider, and Stanford's LDAP implementation.

Updated package structure (10/25/05), located @ https://mware.ucdavis.edu/svn/sakai/providers/trunk/201Mods/
:
Java package structure is detailed below:

Please see KerberosDirectoryProvider README for other information with respect to using jaas to implement Kerberos Authentication in Sakai.

In addition, to protect the integrity of your Kerberos password, the use
of a secure Web front-end is HIGHLY recommended. Enabling SSL should be done prior to deploying this code.

*GENERAL SETUP*

Prerequisite:

-Krb

Please see KerberosDirectoryProvider README for other information with respect to using jaas to implement Kerberos Authentication in Sakai.

...

1) Download source from SVN
2) Configure Java for Kerberos using JAAS:

• Create a file jaas.config (jaas.config example provided in SVN) in the your Java installation, usually in
  $JAVA_HOME/lib/security or $JAVA_HOME/jre/lib/security.

• Add this block (or edit an existing block):

  Code Block
  KerberosAuthentication { com.sun.security.auth.module.Krb5LoginModule required debug=false storekey=false clearPass=false useTicketCache=false useKeyTab=true keyTab="/etc/krb.keytab"; };

• Note, it is very important to have a semicolon at the end, and no other place!

The UserDirectoryProvider uses the KerberosAuthentication context by
default; it can be configured by changing the loginContext parameter in
the components.xml file. See KerberosDirectoryProvider documentation for more details.

...

A solution to the WebDAV/Sakai integration problem is detailed below. The following diagrams (class, and attached flow) detail the technical information related to the solution.

...

UCDKerbLDAP
UCDKerbLDAP()
m_logger : Logger
m_ucdproperties : String
m_knownusermsg : String
m_logincontext : String
m_requirelocalaccount : boolean
setLoginContext(String)
setUcdproperties(String)
setLogger(Logger)
setRequireLocalAccount(Boolean)
setKnownUserMsg(String)
init()
destroy()
userExists(String)
getUser(UserEdit)
findUserByEmail(UserEdit, String)
authenticateUser(String, UserEdit, String)
destroyAuthentication()
updateUserAfterAuthentication()
authenticateViaKerberos(String, String)
userKnownToKerberos(String)
SakaiCallbackHandler

Notes: UCDKerbLDAP provider via the link below (provider diagrams).

http://mediaworks.ucdavis.edu:8080/confluence/display/UCDSAKAI/Sakai+Providers

Notes: UCDavisUserDirectoryProvider implements the UserDirectoryProvider interface. The following diagram illustrates the process flow for the provider: