Services

Services are used by Penrose Server to provide interface for Penrose clients. Services are configured in conf/server.xml:

<server>

  <service name="..." enabled="...">

    <service-class>...</service-class>

    <parameter>
      <param-name>...</param-name>
      <param-value>...</param-value>
    </parameter>

  </service>

</server>

Each service is enabled by default. Enabled service will be started automatically when Penrose Server is started. To disable a service, specify enabled="false".

Penrose contains 2 built-in services:

JMX
LDAP

JMX Service

JMX Service is responsible for handling requests from JMX clients (e.g. Penrose Studio). The default service name is "JMX" and class name is "org.safehaus.penrose.management.PenroseJMXService".

Parameter	Description	Valid Values	Default
rmiPort	RMI port	integer	1099
rmiTransportPort	RMI transport port	integer, 0 = random	40888
httpPort	HTTP port	integer	8112

Note: if you are running Penrose behind a firewall, you might need to set the rmiTransportPort to a fixed number.

LDAP Service

LDAP Service is responsible for handling requests from LDAP clients (e.g. LDAP command line tool, LDAP browser). By default Penrose is configured with one LDAP service, but it is possible to configure multiple LDAP services to run concurrently (with different service name and port numbers).

In Penrose 1.1, the LDAP service is configured as follows:

<service name="LDAP">

  <service-class>org.safehaus.penrose.ldap.PenroseLDAPService</service-class>

  <parameter>
    <param-name>...</param-name>
    <param-value>...</param-value>
  </parameter>

</service>

Available parameters are:

Parameter	Description	Valid Values	Default
ldapPort	LDAP port	integer	10389
allowAnonymousAccess	Allow anonymous access	boolean	true

If you're running with JDK 1.5 or later, you can configure SSL:

Parameter	Description	Valid Values	Default
enableLdaps	Enable SSL	boolean	false
ldapsPort	Secure LDAP port	integer	10636
ldapsCertificateFile	SSL Certificate keystore	string	certificates/server.cert
ldapsCertificatePassword	Keystore password	string	changeit

Starting from version 1.2, Penrose comes with several choices for LDAP service:

MINA (default)
ApacheDS
OpenDS

Please note that the default LDAP service might change in the future version of Penrose.

The default LDAP service is configured as follows:

<service name="LDAP">

  <service-class>org.safehaus.penrose.ldap.DefaultLDAPService</service-class>

  <parameter>
    <param-name>...</param-name>
    <param-value>...</param-value>
  </parameter>

</service>

MINA LDAP Service

If you want to use MINA as the LDAP service for Penrose specifically, change the service class as follows:

<service-class>org.safehaus.penrose.mina.MinaLDAPService</service-class>

These are the available parameters for MINA LDAP service:

Parameter	Description	Valid Values	Default
ldapPort	LDAP port	integer	10389

ApacheDS LDAP Service

To use ApacheDS as the LDAP service for Penrose, change the service class as follows:

<service-class>org.safehaus.penrose.mina.ApacheDSLDAPService</service-class>

These are the available parameters for ApacheDS LDAP service:

Parameter	Description	Valid Values	Default
ldapPort	LDAP port	integer	10389
enableLdaps	Enable SSL	boolean	false
ldapsPort	Secure LDAP port	integer	10636
ldapsCertificateFile	SSL Certificate keystore	string	certificates/server.cert
ldapsCertificatePassword	Keystore password	string	changeit

OpenDS LDAP Service

To use OpenDS as the LDAP service for Penrose, change the service class as follows:

<service-class>org.safehaus.penrose.opends.OpenDSLDAPService</service-class>

OpenDS configuration parameters can be found in PENROSE_SERVER_HOME/config/config.ldif.

Overview

Documentation

Developers

Support

Page Operations

Browse Space

JMX Service

LDAP Service

MINA LDAP Service

ApacheDS LDAP Service

OpenDS LDAP Service