retructuring...

git-svn-id: https://textgridlab.org/svn/textgrid/trunk/middleware/tgauth@1810 7c539038-3410-0410-b1ec-0f2a7bf1c452

retructuring...
37ba3ff2 · Martin Haase · ef29e430 · 37ba3ff2 · 37ba3ff2 · 37ba3ff2
Commit 37ba3ff2 authored 16 years ago by Martin Haase
--- a/info.textgrid.middleware.tgauth.rbac/conf/rbac.conf
+++ b/info.textgrid.middleware.tgauth.rbac/conf/rbac.conf
+<?xml version="1.1" ?>
+<configuration>
+  <section name="user">
+    <var name="host">ingrid.sub.uni-goettingen.de</var>
+    <var name="port">5389</var>
+    <var name="version">3</var>
+    <var name="tls">no</var>
+    <var name="base">ou=people,dc=rbac,dc=textgrid,dc=de</var>
+    <var name="binddn">cn=manager,dc=rbac,dc=textgrid,dc=de</var>
+    <var name="password">secret</var>
+    <var name="filter">(objectClass=inetorgperson)</var>
+    <var name="userEntryDefinitionClass">InetOrgDefinition</var>
+    <var name="userEntryDefinitionFile">/srv/vhosts/textgrid.regengedanken.de/www/htdocs/rbac/InetOrgDefinition.class.php</var>
+    <!-- Possile values are "uid", "cn", "sn" or any other used in the
+         objectClass "inetOrgPerson". If you want to use another attribute, you
+         will have to write an Extension for the addUser-function. This is
+         only possible if you use the RBAC-Framework instead of the plain
+         libraries RBACcore or RBAClimitedHirarchical. -->
+    <var name="namingattribute">uid</var>
+  </section>
+  <section name="role">
+    <var name="host">ingrid.sub.uni-goettingen.de</var>
+    <var name="port">5389</var>
+    <var name="version">3</var>
+    <var name="tls">no</var>
+    <var name="base">ou=roles,dc=rbac,dc=textgrid,dc=de</var>
+    <var name="binddn">cn=manager,dc=rbac,dc=textgrid,dc=de</var>
+    <var name="password">secret</var>
+    <var name="namingattribute">rbacname</var>
+    <var name="filter">(objectClass=rbacrole)</var>
+    <!-- May also be member to have greater compatibility, for example -->
+    <var name="assignedattribute">rbacperformer</var>
+  </section>
+  <section name="session">
+    <var name="host">ingrid.sub.uni-goettingen.de</var>
+    <var name="port">5389</var>
+    <var name="version">3</var>
+    <var name="tls">no</var>
+    <var name="base">ou=sessions,dc=rbac,dc=textgrid,dc=de</var>
+    <var name="binddn">cn=manager,dc=rbac,dc=textgrid,dc=de</var>
+    <var name="password">secret</var>
+    <var name="namingattribute">rbacname</var>
+    <var name="filter">(objectClass=rbacsession)</var>
+  </section>
+  <section name="resource">
+    <var name="host">ingrid.sub.uni-goettingen.de</var>
+    <var name="port">5389</var>
+    <var name="version">3</var>
+    <var name="tls">no</var>
+    <var name="base">dc=rbac,dc=textgrid,dc=de</var>
+    <var name="binddn">cn=manager,dc=rbac,dc=textgrid,dc=de</var>
+    <var name="password">secret</var>
+    <var name="namingattribute">rbacname</var>
+    <var name="aliasattribute">tgresourceuri</var>
+    <var name="filter">(objectClass=rbacresource)</var>
+  </section>
+  <!-- This is the configuration section for the project-extension
+       defined in the extensions/Project.class.php file.
+       Notice: This part is independant from the configuration in
+               the rbacSoap.conf.xml file. If you change this, you
+               might also have to change the parameters given there. -->
+  <section name="project">
+    <var name="base">rbacname=Projekt-Teilnehmer,ou=roles,dc=rbac,dc=textgrid,dc=de</var>
+    <var name="leaderRoleName">Projektleiter</var>
+    <var name="administratorRoleName">Administrator</var>
+    <var name="editorRoleName">Bearbeiter</var>
+    <var name="observerRoleName">Beobachter</var>
+  </section>
+  <section name="errorCode">
+    <var name="OK">1</var>
+    <var name="RESOURCE_OPERATION_ERROR">2</var>
+    <var name="RESOURCE_UNKNOWN">4</var>
+    <var name="USER_SESSION_ERROR">8</var>
+    <var name="SESSION_ALLREADY_EXISTS">16</var>
+    <var name="SESSION_DOES_NOT_EXISTS">32</var>
+    <var name="USER_UNKNOWN">64</var>
+    <var name="USER_ROLE_ERROR">128</var>
+    <var name="USER_ALLREADY_EXISTS">256</var>
+    <var name="INVALID_USER_FORMAT">512</var>
+    <var name="ROLE_ALLREADY_EXISTS">1024</var>
+    <var name="ROLE_UNKNOWN">2048</var>
+    <var name="LDAP_ERROR">4096</var>
+    <var name="UNKNOWN_ERROR">8192</var>
+    <var name="SD_ALLREADY_EXISTS">16384</var>
+    <var name="SD_CARDINALITY">32768</var>
+    <var name="SD_UNKNOWN">65536</var>
+  </section>
+  <section name="errorDescription">
+    <var name="OK">Ok</var>
+    <var name="RESOURCE_OPERATION_ERROR">This resource-operation-combination is invalid .</var>
+    <var name="RESOURCE_UNKNOWN">The resource is not known or not uniqueue.</var>
+    <var name="USER_SESSION_ERROR">The user you gave is not the owner of this session.</var>
+    <var name="SESSION_ALLREADY_EXISTS">The session allready exists so you can not create it.</var>
+    <var name="SESSION_DOES_NOT_EXISTS">The session does not exist.</var>
+    <var name="USER_UNKNOWN">The user is not known.</var>
+    <var name="USER_ROLE_ERROR">This user-role-combination is invalid.</var>
+    <var name="USER_ALLREADY_EXISTS">The user allready exists.</var>
+    <var name="INVALID_USER_FORMAT">The user has to have the the format: &lt;username&gt;@&lt;domain&gt; (foo@example.org)</var>
+    <var name="ROLE_ALLREADY_EXISTS">The role allready exists.</var>
+    <var name="ROLE_UNKNOWN">The role is unknown.</var>
+    <var name="LDAP_ERROR">An LDAP-Error occured, see description: </var>
+    <var name="UNKNOWN_ERROR">An error occured.</var>
+    <var name="SD_ALLREADY_EXISTS">The Separation of Duty Set allready exists.</var>
+    <var name="SD_CARDINALITY">The given cardinality is invalid! Make sure it is >= 2</var>
+    <var name="SD_UNKNOWN">The Separation of Duty set is unknown</var>
+  </section>
+</configuration>
--- a/info.textgrid.middleware.tgauth.rbac/conf/rbacSoap.conf
+++ b/info.textgrid.middleware.tgauth.rbac/conf/rbacSoap.conf
+<configuration>
+  <section name="errorCode">
+    <var name="OK">1</var>
+    <var name="INSUFFICIENT_ACCESS">2</var>
+    <var name="AUTHENTICATION_ERROR">4</var>
+  </section>
+  <section name="errorDescription">
+    <var name="OK">Ok</var>
+    <var name="INSUFFICIENT_ACCESS">This function requires an authentication and authorization.</var>
+    <var name="AUTHENTICATION_ERROR">Authentication was not successfull. Username or password are incorrect.</var>
+  </section>
+  <section name="authentication">
+    <var name="host">ingrid.sub.uni-goettingen.de</var>
+    <var name="port">5389</var>
+    <var name="version">3</var>
+    <var name="tls">no</var>
+    <var name="base">ou=people,dc=rbac,dc=textgrid,dc=de</var>
+    <var name="binddn">cn=manager,dc=rbac,dc=textgrid,dc=de</var>
+    <var name="password">secret</var>
+    <var name="namingattribute">uid</var>
+  </section>
+  <section name="counter">
+    <var name="host">ingrid.sub.uni-goettingen.de</var>
+    <var name="port">5389</var>
+    <var name="version">3</var>
+    <var name="tls">no</var>
+    <var name="base">ou=counter,dc=rbac,dc=textgrid,dc=de</var>
+    <var name="binddn">cn=manager,dc=rbac,dc=textgrid,dc=de</var>
+    <var name="password">secret</var>
+    <var name="namingattribute">cn</var>
+  </section>
+  <!-- All trees under which users are created
+       have this naming-attribute -->
+  <section name="user">
+    <var name="userTreeAttribute">ou</var>
+  </section>
+  <!-- The name of the project-role under which
+       all projects are stored. Remember that the
+       value given here is relative to the role-base
+       configured for the rbac-system! -->
+  <section name="project">
+    <var name="base">Projekt-Teilnehmer</var>
+  </section>
+  <!-- This base is used to create new
+       TextGrid-Resources. -->
+  <section name="textGridResource">
+    <var name="base">ou=resources,dc=rbac,dc=textgrid,dc=de</var>
+  </section>
+</configuration>
--- a/info.textgrid.middleware.tgauth.rbac/conf/system.conf
+++ b/info.textgrid.middleware.tgauth.rbac/conf/system.conf
+<system>
+  <!-- This is the system-configuration for the RBAC-Framework.
+       The RBAC libraries need an additional configuration-file
+       where you have to define all LDAP-specific settings. Tell
+       the RBAC-Framework where it can find this configuration.
+       Specify a full path or a path relative to your main
+       application. -->
+  <configuration file="../conf/rbac.conf" />
+  <!-- Here you can specify if you want to use Core RBAC or the
+       Limited Hierarchical RBAC. In order to work properly both
+       libraries need a couple of classes specified through
+       the "require" statements. Again you have to specify a full
+       path or a path relative to your main application. -->
+  <rbac class="RBAClimitedHirarchical">
+    <require file="../rbac/iContext.interface.php" />
+    <require file="../lib/iCrypto.interface.php" />
+    <require file="../lib/iHelper.interface.php" />
+    <require file="../lib/iLDAP.interface.php" />
+    <require file="../rbac/iRBACcore.interface.php" />
+    <require file="../rbac/iRBAClimitedHirarchical.interface.php" />
+    <require file="../rbac/RBACException.class.php" />
+    <require file="../rbac/RBACExtension.class.php" />
+    <require file="../rbac/Context.class.php" />
+    <require file="../lib/Helper.class.php" />
+    <require file="../lib/LDAP.class.php" />
+    <require file="../lib/Crypto.class.php" />
+    <require file="../rbac/SimpleConfig.class.php" />
+    <require file="../rbac/RBACcore.class.php" />
+    <require file="../rbac/RBAClimitedHirarchical.class.php" />
+  </rbac>
+  <!-- Specify the extensions you want to use through the
+       RBAC-Framework. Give a full path or a path relative
+       to your main application. -->
+  <extension class="PublicResource" file="../tgExtensions/PublicResource.class.php" />
+  <extension class="Project" file="../tgExtensions/Project.class.php" />
+<!--  <extension class="SSD" file="../rbac/extensions/SSD.class.php" /> -->
+<!--  <extension class="DSD" file="../rbac/extensions/DSD.class.php" /> -->
+  <extension class="Logger" file="../tgExtensions/Logger.class.php" />
+</system>