Skip to content

Commit 3a0be57

Browse files
dhrndhrn
authored
Add share (#11)
* * fix * * fix * * fix * * fix * * fix * * fix * * fix * * fix * * fix * * fix * * fix * * fix * * fix * * fix * * fix * * fix * * fix * * fix * * fix * * fix * * fix * * fix * * fix * * fix * * fix * * fix * * fix * * fix * * fix * * fix * * fix * * fix * Revert "* fix" This reverts commit 526008d * Revert "* fix" This reverts commit 526008d * * fix * * fix * * fix * * fix * * fix
1 parent 1306a9f commit 3a0be57

File tree

9 files changed

+834
-11
lines changed

9 files changed

+834
-11
lines changed

.gitignore

Lines changed: 2 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -1,9 +1,5 @@
11
.idea
2+
.vscode
23

3-
# KDC database password stash
4-
openldap/krb5kdc/.k5.*
5-
# LDAP password stash
6-
openldap/krb5kdc/*stash
7-
# Keytab files
8-
openldap/krb5kdc/*.keytab
4+
# principles
95
keytabs

alfresco/kerberos_files/krb5.conf

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,9 +1,11 @@
11
[libdefaults]
22
default_realm = EXAMPLE.COM
3+
ignore_acceptor_hostname = true
34

45
[realms]
56
EXAMPLE.COM = {
67
kdc = example.com:88
8+
admin_server = example.com:749
79
}
810

911
[domain_realm]

docker-compose.yaml

Lines changed: 29 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -111,6 +111,33 @@ services:
111111
networks:
112112
alfresco-network:
113113

114+
share:
115+
# image: alfresco/alfresco-share:6.2.2
116+
container_name: share
117+
hostname: share
118+
build:
119+
context: ./share
120+
extra_hosts:
121+
- "example.com:192.168.55.10"
122+
environment:
123+
REPO_HOST: "alfresco"
124+
REPO_PORT: "80"
125+
JAVA_OPTS: "
126+
-Xms500m
127+
-Xmx500m
128+
-Dalfresco.host=localhost
129+
-Dalfresco.port=80
130+
-Dsun.security.krb5.msinterop.kstring=true
131+
-Dalfresco.context=alfresco
132+
-Dalfresco.protocol=http
133+
"
134+
links:
135+
- alfresco
136+
depends_on:
137+
- alfresco
138+
networks:
139+
alfresco-network:
140+
114141
transform-router:
115142
image: quay.io/alfresco/alfresco-transform-router:1.3.2
116143
environment:
@@ -212,11 +239,13 @@ services:
212239
depends_on:
213240
- alfresco
214241
- demoshell
242+
- share
215243
ports:
216244
- 80:80
217245
links:
218246
- demoshell
219247
- alfresco
248+
- share
220249
networks:
221250
alfresco-network:
222251

nginx/nginx.conf

Lines changed: 7 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -5,9 +5,8 @@ events {
55
}
66

77
http {
8-
98
server {
10-
listen 3.129.248.199:80;
9+
listen 127.0.0.1:80 default_server;
1110
server_name 3.129.248.199 example.com;
1211
rewrite ^/(.*)$ http://www.example.com/$1 permanent;
1312
}
@@ -56,8 +55,12 @@ http {
5655
absolute_redirect off;
5756
}
5857

59-
# Share settings, do not remove
60-
#SHARE_LOCATION
58+
location /share/ {
59+
proxy_pass http://share:8080;
60+
61+
# If using external proxy / load balancer (for initial redirect if no trailing slash)
62+
absolute_redirect off;
63+
}
6164

6265
location /workspace/ {
6366
proxy_pass http://workspace:8080/;

share/Dockerfile

Lines changed: 14 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,14 @@
1+
FROM alfresco/alfresco-share:6.2.2
2+
# Files to be included in container
3+
4+
USER root
5+
6+
RUN yum install -y krb5-workstation
7+
8+
COPY kerberos_files/krb5.conf /etc
9+
#COPY kerberos_files/share.keytab /etc
10+
COPY kerberos_files/java.login.config.share /usr/java/default/conf/security/java.login.config
11+
COPY kerberos_files/share-config-custom.xml /usr/local/tomcat/shared/classes/alfresco/web-extension/
12+
13+
RUN chown -R root:root /usr/java/default/conf/security /etc/krb5.conf
14+
RUN echo "login.config.url.1=file:/usr/java/default/conf/security/java.login.config" >> /usr/java/default/conf/security/java.security

share/kerberos_files/java.login.config.share

Lines changed: 31 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,31 @@
1+
Alfresco {
2+
com.sun.security.auth.module.Krb5LoginModule sufficient;
3+
};
4+
5+
AlfrescoHTTP
6+
{
7+
com.sun.security.auth.module.Krb5LoginModule required
8+
storeKey=true
9+
useKeyTab=true
10+
doNotPrompt=true
11+
keyTab="/etc/share.keytab"
12+
principal="HTTP/example.com@EXAMPLE.COM";
13+
};
14+
15+
ShareHTTP
16+
{
17+
com.sun.security.auth.module.Krb5LoginModule required
18+
storeKey=true
19+
useKeyTab=true
20+
doNotPrompt=true
21+
keyTab="/etc/share.keytab"
22+
principal="HTTP/example.com@EXAMPLE.COM";
23+
};
24+
25+
com.sun.net.ssl.client {
26+
com.sun.security.auth.module.Krb5LoginModule sufficient;
27+
};
28+
29+
other {
30+
com.sun.security.auth.module.Krb5LoginModule sufficient;
31+
};

share/kerberos_files/krb5.conf

Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,13 @@
1+
[libdefaults]
2+
default_realm = EXAMPLE.COM
3+
ignore_acceptor_hostname = true
4+
5+
[realms]
6+
EXAMPLE.COM = {
7+
kdc = example.com:88
8+
admin_server = example.com:749
9+
}
10+
11+
[domain_realm]
12+
.example.com = EXAMPLE.COM
13+
example.com = EXAMPLE.COM

0 commit comments

Comments
 (0)