mirror of https://github.com/OpenIdentityPlatform/OpenDJ.git
opendj-maven-plugin/src/main/resources/config/xml/org/forgerock/opendj/server/config/AccessLogPublisherConfiguration.xml
@@ -61,7 +61,7 @@ <adm:property-override name="java-class"> <adm:default-behavior> <adm:defined> <adm:value>org.opends.server.api.AccessLogPublisher</adm:value> <adm:value>org.opends.server.loggers.AccessLogPublisher</adm:value> </adm:defined> </adm:default-behavior> </adm:property-override> opendj-maven-plugin/src/main/resources/config/xml/org/forgerock/opendj/server/config/CryptPasswordStorageSchemeConfiguration.xml
@@ -23,7 +23,7 @@ ! ! ! Copyright 2007-2008 Sun Microsystems, Inc. ! Portions Copyright 2010-2013 ForgeRock AS ! Portions Copyright 2010-2015 ForgeRock AS ! Portions Copyright 2012 Dariusz Janny <dariusz.janny@gmail.com> ! --> <adm:managed-object name="crypt-password-storage-scheme" @@ -40,18 +40,20 @@ algorithms, either Unix crypt, md5, sha256 or sha512. </adm:synopsis> <adm:description> This implementation contains an implementation for the user password syntax, with a storage scheme name of "CRYPT". Like on most Unixes, the "CRYPT" storage scheme has different algorithms, the default being the Unix crypt. This scheme contains only an implementation for the user password syntax, with a storage scheme name of "CRYPT". Like on most Unixes, the "CRYPT" storage scheme has different algorithms, the default being Unix crypt. Even though the Unix crypt is a one-way digest, it is relatively weak by today's standards. Because it supports only a 12-bit salt (meaning that there are only 4096 possible ways to encode a given password), it is also vulnerable to dictionary attacks. You should therefore use this storage scheme only in cases where an external application expects to retrieve the password and verify it outside of the directory, rather than by performing an LDAP bind. Warning: even though Unix crypt is a one-way digest, it is very weak by today's standards. Only the first 8 characters in a password are used, and it only uses the bottom 7 bits of each character. It only supports a 12-bit salt (meaning that there are only 4096 possible ways to encode a given password), so it is vulnerable to dictionary attacks. You should therefore use this algorithm only in cases where an external application expects to retrieve the password and verify it outside of the directory, instead of by performing an LDAP bind. </adm:description> <adm:profile name="ldap"> <ldap:object-class> @@ -75,11 +77,11 @@ <adm:description> Select the crypt algorithm to use to encrypt new passwords. The value can either be "unix", which means the password is encrypted with the Unix crypt algorithm, or md5 which means the password is with the weak Unix crypt algorithm, or "md5" which means the password is encrypted with the BSD MD5 algorithm and has a $1$ prefix, or sha256 which means the password is encrypted with the SHA256 algorithm and has a $5$ prefix, or sha512 which means the password is encrypted with the SHA512 algorithm and has a $6$ prefix. or "sha256" which means the password is encrypted with the SHA256 algorithm and has a $5$ prefix, or "sha512" which means the password is encrypted with the SHA512 algorithm and has a $6$ prefix. </adm:description> <adm:default-behavior> <adm:defined> @@ -90,7 +92,9 @@ <adm:enumeration> <adm:value name="unix"> <adm:synopsis> New passwords are encrypted with the Unix crypt algorithm. New passwords are encrypted with the Unix crypt algorithm. Passwords are truncated at 8 characters and the top bit of each character is ignored. </adm:synopsis> </adm:value> <adm:value name="md5"> opendj-maven-plugin/src/main/resources/config/xml/org/forgerock/opendj/server/config/ExternalChangelogDomainConfiguration.xml
@@ -23,7 +23,7 @@ ! ! ! Copyright 2009 Sun Microsystems, Inc. ! Portions copyright 2011 ForgeRock AS ! Portions copyright 2011-2015 ForgeRock AS ! --> <adm:managed-object name="external-changelog-domain" plural-name="external-changelog-domains" @@ -44,9 +44,9 @@ </adm:profile> <adm:property name="enabled" mandatory="true"> <adm:synopsis> Indicates whether the <adm:user-friendly-name /> is enabled. Indicates whether the <adm:user-friendly-name /> is enabled. To enable computing the change numbers, set the Replication Server's "ds-cfg-compute-change-number" property to true. </adm:synopsis> <adm:syntax> <adm:boolean /> opendj-maven-plugin/src/main/resources/config/xml/org/forgerock/opendj/server/config/HTTPAccessLogPublisherConfiguration.xml
@@ -22,7 +22,7 @@ ! CDDL HEADER END ! ! ! Copyright 2013 ForgeRock AS ! Copyright 2013-2015 ForgeRock AS ! --> <adm:managed-object name="http-access-log-publisher" plural-name="http-access-log-publishers" @@ -51,7 +51,7 @@ <adm:property-override name="java-class"> <adm:default-behavior> <adm:defined> <adm:value>org.opends.server.HTTPAccessLogPublisher</adm:value> <adm:value>org.opends.server.loggers.HTTPAccessLogPublisher</adm:value> </adm:defined> </adm:default-behavior> </adm:property-override> opendj-maven-plugin/src/main/resources/config/xml/org/forgerock/opendj/server/config/LDAPPassThroughAuthenticationPolicyConfiguration.xml
@@ -184,6 +184,31 @@ </adm:profile> </adm:property> <adm:property name="source-address" multi-valued="false" mandatory="false"> <adm:synopsis> If specified, the server will bind to the address before connecting to the remote server. </adm:synopsis> <adm:description> The address must be one assigned to an existing network interface. </adm:description> <adm:default-behavior> <adm:alias> <adm:synopsis> Let the server decide. </adm:synopsis> </adm:alias> </adm:default-behavior> <adm:syntax> <adm:ip-address/> </adm:syntax> <adm:profile name="ldap"> <ldap:attribute> <ldap:name>ds-cfg-source-address</ldap:name> </ldap:attribute> </adm:profile> </adm:property> <adm:property name="connection-timeout"> <adm:synopsis> Specifies the timeout used when connecting to remote LDAP opendj-maven-plugin/src/main/resources/config/xml/org/forgerock/opendj/server/config/LocalDBBackendConfiguration.xml
@@ -23,7 +23,7 @@ ! ! ! Copyright 2007-2010 Sun Microsystems, Inc. ! Portions Copyright 2010-2013 ForgeRock AS. ! Portions Copyright 2010-2015 ForgeRock AS. ! --> <adm:managed-object name="local-db-backend" plural-name="local-db-backends" package="org.forgerock.opendj.server.config" @@ -44,6 +44,23 @@ can be used to quickly locate target entries based on different kinds of criteria. </adm:description> <adm:constraint> <adm:synopsis> The properties db-txn-no-sync and db-txn-write-no-sync are mutually exclusive and cannot be both set at the same time. </adm:synopsis> <adm:condition> <adm:implies> <adm:contains property="enabled" value="true" /> <adm:not> <adm:and> <adm:contains property="db-txn-no-sync" value="true" /> <adm:contains property="db-txn-write-no-sync" value="true" /> </adm:and> </adm:not> </adm:implies> </adm:condition> </adm:constraint> <adm:profile name="ldap"> <ldap:object-class> <ldap:name>ds-cfg-local-db-backend</ldap:name> opendj-maven-plugin/src/main/resources/config/xml/org/forgerock/opendj/server/config/LogPublisherConfiguration.xml
@@ -23,7 +23,7 @@ ! ! ! Copyright 2007-2008 Sun Microsystems, Inc. ! Portions copyright 2013 ForgeRock AS ! Portions copyright 2013-2015 ForgeRock AS ! --> <adm:managed-object name="log-publisher" plural-name="log-publishers" package="org.forgerock.opendj.server.config" abstract="true" @@ -65,7 +65,7 @@ <adm:syntax> <adm:java-class> <adm:instance-of> org.opends.server.api.LogPublisher org.opends.server.loggers.LogPublisher </adm:instance-of> </adm:java-class> </adm:syntax> opendj-maven-plugin/src/main/resources/config/xml/org/forgerock/opendj/server/config/ReplicationDomainConfiguration.xml
@@ -103,6 +103,30 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="source-address" multi-valued="false" mandatory="false"> <adm:synopsis> If specified, the server will bind to the address before connecting to the remote server. </adm:synopsis> <adm:description> The address must be one assigned to an existing network interface. </adm:description> <adm:default-behavior> <adm:alias> <adm:synopsis> Let the server decide. </adm:synopsis> </adm:alias> </adm:default-behavior> <adm:syntax> <adm:ip-address /> </adm:syntax> <adm:profile name="ldap"> <ldap:attribute> <ldap:name>ds-cfg-source-address</ldap:name> </ldap:attribute> </adm:profile> </adm:property> <adm:property name="base-dn" mandatory="true" read-only="true"> <adm:synopsis> Specifies the base DN of the replicated data. opendj-maven-plugin/src/main/resources/config/xml/org/forgerock/opendj/server/config/ReplicationServerConfiguration.xml
@@ -23,7 +23,7 @@ ! ! ! Copyright 2007-2010 Sun Microsystems, Inc. ! Portions copyright 2011-2014 ForgeRock AS ! Portions copyright 2011-2015 ForgeRock AS ! --> <adm:managed-object name="replication-server" plural-name="replication-servers" @@ -75,6 +75,30 @@ </ldap:attribute> </adm:profile> </adm:property> <adm:property name="source-address" multi-valued="false" mandatory="false"> <adm:synopsis> If specified, the server will bind to the address before connecting to the remote server. </adm:synopsis> <adm:description> The address must be one assigned to an existing network interface. </adm:description> <adm:default-behavior> <adm:alias> <adm:synopsis> Let the server decide. </adm:synopsis> </adm:alias> </adm:default-behavior> <adm:syntax> <adm:ip-address /> </adm:syntax> <adm:profile name="ldap"> <ldap:attribute> <ldap:name>ds-cfg-source-address</ldap:name> </ldap:attribute> </adm:profile> </adm:property> <adm:property name="replication-server-id" mandatory="true" read-only="true"> <adm:synopsis>
