...
1) Download source from SVN
2) Configure Java for Kerberos using JAAS:
- Create a file jaas.config (jaas.config example provided in SVN) in the your Java installation, usually in
$JAVA_HOME/lib/security or $JAVA_HOME/jre/lib/security.
- Add this block (or edit an existing block):
Code Block KerberosAuthentication { com.sun.security.auth.module.Krb5LoginModule required debug=false storekey=false clearPass=false useTicketCache=false useKeyTab=true keyTab="/etc/krb.keytab"; };
- Note, it is very important to have a semicolon at the end, and no other place!
The UserDirectoryProvider uses the KerberosAuthentication context by
default; it can be configured by changing the loginContext parameter in
the components.xml file. See KerberosDirectoryProvider documentation for more details.
...
A solution to the WebDAV/Sakai integration problem is detailed below. The following diagrams (class, and attached flow) detail the technical information related to the solution.
UserDirectoryProvider |
|
...
UCDKerbLDAP
UCDKerbLDAP()
m_logger : Logger
m_ucdproperties : String
m_knownusermsg : String
m_logincontext : String
m_requirelocalaccount : boolean
setLoginContext(String)
setUcdproperties(String)
setLogger(Logger)
setRequireLocalAccount(Boolean)
setKnownUserMsg(String)
init()
destroy()
userExists(String)
getUser(UserEdit)
findUserByEmail(UserEdit, String)
authenticateUser(String, UserEdit, String)
destroyAuthentication()
updateUserAfterAuthentication()
authenticateViaKerberos(String, String)
userKnownToKerberos(String)
SakaiCallbackHandler
Notes: UCDKerbLDAP provider via the link below (provider diagrams).
http://mediaworks.ucdavis.edu:8080/confluence/display/UCDSAKAI/Sakai+Providers
Notes: UCDavisUserDirectoryProvider implements the UserDirectoryProvider interface. The following diagram illustrates the process flow for the provider: