Bug #2914
Unable to modify LDAP password in production
100%
Description
LDAP password in d1_cn_service and d1_processing is determined through the use of a properties file - ldapService.properties
the ldapService.properties file is not held within the war/jar files of d1_cn_service/d1_processing respectively.
the file should move to /etc/ldap/ or /etc/dataone.
The conf.xml of both projects should then read from the filesystem file.
a packaging mechanism should be modified to set the password in the correct file during installation.
since dataone-os-core is the package where the password is entered (and then subsequently removed from the debian frontend db), dataone-cn-os-core is most-likely the appropriate place.
History
#1 Updated by Robert Waltz over 12 years ago
- Milestone changed from CCI-1.0.0 to CCI-1.0.1
#2 Updated by Ben Leinfelder over 12 years ago
I don't know about moving the properties file -- the configuration system allows you to override previously set property values using a variety of mechanisms. I think the key is knowing when/where to point to the properties file that contains the desired overrides. I like the use of filesystem pointers in the configuration.xml file, but again, how you get that on the classpath from cn-buildout/dataone-os-core will be the real challenge.
#3 Updated by Robert Waltz over 12 years ago
- Status changed from New to In Progress
The procedure being used here is the same that we use with other properties files, namely node.properties and d1Client.properties, that need modification on a per environment basis. I'm re-using the strategy that has worked in the past for this kind of issue. For me the only concern is where to store the properties file. I decided in the /etc/ldap directory because that is where all the ldap related files are, even though this ldap related file is specifically for DataONE client interactions with ldap.
#4 Updated by Robert Waltz over 12 years ago
- Status changed from In Progress to Closed
