Sun Java System Federation Manager 7.0 User's Guide

server-config.dtd Definition Type Document

The server-config.dtd defines the structure for serverconfig.xml. It is located in /FederationManager-base/XXXXXXXX.

Example 3–2 server-config.dtd

<?xml version="1.0" encoding="ISO-8859-1"?>

    Copyright (c) 2002 Sun Microsystems, Inc. All rights reserved. 

    Use is subject to license terms.

<!-- The root.-->
<!ELEMENT iPlanetDataAccessLayer (ServerGroup+) >

<!ELEMENT ServerGroup Server+ User+ BaseDN MiscConfig*>
<!ATTLIST ServerGroup
    name	ID		#REQUIRED
    minConnPool	NMTOKEN		"1"
    maxConnPool	NMTOKEN		"10"


<!-- An Server contains an id, host name and port. -->
<!ELEMENT Server>
<!ATTLIST Server
          name    ID    #REQUIRED
          host    CDATA    #REQUIRED
          port    NMTOKEN    "389"
          type    (SIMPLE|SSL)    "SIMPLE"

<!--An User contains an ID, the type of privileges the DN and Password
provides. The type of connection of a DirInstance is realized from the type
of User it is associated with or it contains.-->
<!ELEMENT User (DirDN, DirPassword)>
          name    ID    #REQUIRED
          type    (auth|proxy|rebind|admin)    "auth"

<!ELEMENT DirPassword (#PCDATA)>
<!ATTLIST MiscConfig
          name    CDATA   #REQUIRED
          value    CDATA   #IMPLIED

This section defines the main elements of the DTD.

iPlanetDataAccessLayer Element

iPlanetDataAccessLayer is the root element. It allows for the definition of multiple server groups per XML file. Its immediate sub-element is the ServerGroup. It contains no attributes.

ServerGroup Element

ServerGroup defines a pointer to one or more LDAPv3–compliant directories. They can be master or replica servers. The sub-elements that qualify ServerGroup include:

The ServerGroup attributes are the name of the server group, and values for minConnPool and maxConnPool which define the minimum (1) and maximum (10) connections that can be opened for the LDAP connection pool respectively. More than one defined ServerGroup element is not supported.

Note –

Federation Manager uses a connection pool to access the LDAPv3–compliant directory. All connections are opened when Federation Manager starts and are not closed. They are reused.

Server Element

Server defines a specific LDAPv3–compliant directory instance. It contains no sub-elements. The required XML attributes are a user-friendly name for the server, the host name, the port number on which the LDAPv3–compliant directory runs, and the type of LDAP connection that must be opened (either simple or SSL).

User Element

User contains sub-elements that define the user configured for the instance of the LDAPv3–compliant directory. The User sub-elements are DirDN and DirPassword. It's required XML attributes are the name of the user, and the type of user. The values for type identify the user's privileges and the type of connection that will be opened to the directory instance. Options include:

DirDN Element

DirDN contains the LDAP Distinguished Name (DN) of the defined user.

DirPassword Element

DirPassword contains the defined user's encrypted password.

Caution – Caution –

It is important that passwords and encryption keys are kept consistent throughout the deployment. For example, the passwords defined in this element are stored in the LDAPv3–compliant directory. If the password is changed in one place, it must be updated in all places where it is defined. Additionally, this password is encrypted. If the encryption key defined in the am.encryption.pwd property is changed, all passwords in serverconfig.xml must be re-encrypted using ampassword.

BaseDN Element

BaseDN defines the base DN for the server group. It contains no sub-elements and no XML attributes.

MiscConfig Element

MiscConfig is a placeholder for defining any LDAP JDK features like cache size. It contains no sub-elements. It's required XML attributes are the name of the feature and its defined value.