[lsc-dev] [LDAP Synchronization Connector - Bug #590] (New) Multiple connectors configuration with SSL & TLS activation

noreply at lsc-project.org noreply at lsc-project.org
Tue Apr 23 16:12:26 CEST 2013


Issue #590 has been reported by Frédéric POISSON.

----------------------------------------
Bug #590: Multiple connectors configuration with SSL & TLS activation
http://tools.lsc-project.org/issues/590

Author: Frédéric POISSON
Status: New
Priority: Normal
Assigned to: 
Category: Core
Target version: 
Problem in version: 


Hello,

When reading LSC configuration service http://lsc-project.org/wiki/documentation/2.0/execution/start it is explain that we can make  :
 - a symbolic link with a new name of init.d script (eg /etc/init.d/lsc)
 - a copy of service configuration init.d script (eg /etc/default/lsc) with same name.

But if we also configure multiple connectors like this we can't follow easily the SSL & TLS documentation http://lsc-project.org/wiki/documentation/2.0/howtos/ssltls because it require to update main bin/lsc script without notion of multiple connectors.
I have also tested some option (see my last comment on http://tools.lsc-project.org/issues/438#change-2055) that couldn't be shared for each multiple connectors configuration. 

So i have made some changes on scripts bin/lsc and bin/lsc-agent in order to be able to load configuration from files of /etc/default/lsc location (and copy like). 
These changes permit to load all parameters like JAVA_HOME, JAVA_OPTS, LSC_JMXPORT etc.. 

The other advantage is to do not overwrite the binary script when you upgrade with rpm package, as configuration is inside a file not inside a script...

Here is an example of file /etc/default/lsc-cust1 with dedicated connector information:
[...]
JAVA_HOME=/usr/java/jre1.6.0_41
JAVA_OPTS="$JAVA_OPTS -Duser.timezone=UTC+1 -Djavax.net.ssl.trustStore=/usr/local/lsc/etc-cust1/cacerts -Djavax.net.ssl.trustStorePassword=changeit"
[...]

Notice that in order to be able to call service script (for async) and bin/lsc script for the same configuration (ie clean phase call), i propose to create a symbolic link LSC_CFG_DIR/lsc to /etc/default/lsc-cust1 for example.

I have tested it with both async task and sync task with a Linux server, but i'm not sure to have tested all cases.

Please tell me if these patches are coherent with your implementation or usage of LSC.

Regards,


-- 
You have received this notification because you have either subscribed to it, or are involved in it.
To change your notification preferences, please click here: http://tools.lsc-project.org/my/account
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.lsc-project.org/pipermail/lsc-dev/attachments/20130423/fb0325d5/attachment.htm>


More information about the lsc-dev mailing list