From: Mathieu Baudier <mbaudier@argeo.org>
Date: Mon, 23 Nov 2009 13:54:20 +0000 (+0000)
Subject: Improve Apache directory server
X-Git-Tag: argeo-commons-2.1.30~1700
X-Git-Url: http://git.argeo.org/?p=lgpl%2Fargeo-commons.git;a=commitdiff_plain;h=c6c3aa132f6559ac1e2fa015cf2efba92802eba0

Improve Apache directory server

git-svn-id: https://svn.argeo.org/commons/trunk@3148 4cfe0d0a-d680-48aa-b62c-e0a02a3f76cc
---

diff --git a/security/demo/init.ldif b/security/demo/init.ldif
deleted file mode 100644
index 9fb8d4b6f..000000000
--- a/security/demo/init.ldif
+++ /dev/null
@@ -1,74 +0,0 @@
-dn: dc=demo,dc=argeo,dc=org
-objectClass: domain
-objectClass: extensibleObject
-objectClass: top
-dc: springsecurity
-
-dn: ou=groups,dc=demo,dc=argeo,dc=org
-objectClass: organizationalUnit
-objectClass: top
-ou: groups
-
-dn: ou=users,dc=demo,dc=argeo,dc=org
-objectClass: organizationalUnit
-objectClass: top
-ou: users
-
-dn: uid=demo,ou=users,dc=demo,dc=argeo,dc=org
-objectClass: organizationalPerson
-objectClass: person
-objectClass: inetOrgPerson
-objectClass: top
-cn: demo User
-description: Demo user
-givenname: Demo
-mail: demo@localhost
-sn: User
-uid: demo
-userpassword:: e1NIQX1pZVNWNTVRYytlUU9hWURSU2hhL0Fqek5USkU9
-
-dn: uid=root,ou=users,dc=demo,dc=argeo,dc=org
-objectClass: person
-objectClass: inetOrgPerson
-objectClass: organizationalPerson
-objectClass: top
-cn: demo User
-description: Superuser
-givenname: Root
-mail: root@localhost
-sn: Root
-uid: root
-userpassword:: e1NIQX1pZVNWNTVRYytlUU9hWURSU2hhL0Fqek5USkU9
-
-dn: uid=frodo,ou=users,dc=demo,dc=argeo,dc=org
-objectClass: person
-objectClass: inetOrgPerson
-objectClass: organizationalPerson
-objectClass: top
-cn: demo User
-description: Heroe
-givenname: Frodo
-mail: frodo@localhost
-sn: User
-uid: frodo
-userpassword:: e1NIQX1pZVNWNTVRYytlUU9hWURSU2hhL0Fqek5USkU9
-
-dn: uid=gandalf,ou=users,dc=demo,dc=argeo,dc=org
-objectClass: organizationalPerson
-objectClass: person
-objectClass: inetOrgPerson
-objectClass: top
-cn: root User
-description: Superuser
-givenname: Gandalf
-mail: admin@localhost
-sn: User
-uid: gandalf
-userpassword:: e1NIQX1pZVNWNTVRYytlUU9hWURSU2hhL0Fqek5USkU9
-
-dn: cn=admin,ou=groups,dc=demo,dc=argeo,dc=org
-objectClass: groupOfUniqueNames
-objectClass: top
-cn: admin
-uniquemember: uid=gandalf,ou=users,dc=demo,dc=argeo,dc=org
-uniquemember: uid=root,ou=users,dc=demo,dc=argeo,dc=org
diff --git a/security/demo/org.argeo.security.demo.ldap/META-INF/MANIFEST.MF b/security/demo/org.argeo.security.demo.ldap/META-INF/MANIFEST.MF
new file mode 100644
index 000000000..00885883a
--- /dev/null
+++ b/security/demo/org.argeo.security.demo.ldap/META-INF/MANIFEST.MF
@@ -0,0 +1,3 @@
+Bundle-SymbolicName: org.argeo.security.demo.ldap
+Bundle-Version: 0.1.2.SNAPSHOT
+Fragment-Host: org.argeo.security.manager.ldap
diff --git a/security/demo/org.argeo.security.demo.ldap/ldap.properties b/security/demo/org.argeo.security.demo.ldap/ldap.properties
new file mode 100644
index 000000000..970468a8a
--- /dev/null
+++ b/security/demo/org.argeo.security.demo.ldap/ldap.properties
@@ -0,0 +1,5 @@
+argeo.ldap.rootdn=dc=demo,dc=argeo,dc=org
+argeo.ldap.host=localhost
+argeo.ldap.port=10389
+argeo.ldap.manager.userdn=uid=admin,ou=system
+argeo.ldap.manager.password=secret
diff --git a/security/demo/pom.xml b/security/demo/pom.xml
index 9da7b0927..67cb9c7dc 100644
--- a/security/demo/pom.xml
+++ b/security/demo/pom.xml
@@ -1,4 +1,5 @@
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
 	<modelVersion>4.0.0</modelVersion>
 	<parent>
 		<groupId>org.argeo.commons</groupId>
@@ -26,7 +27,7 @@
 					</argsToAppend>
 					<fork>false</fork>
 					<systemProperties>
-						<slc.osgi.start>
+						<argeo.osgi.start>
 							org.springframework.osgi.extender,
 							org.springframework.osgi.web.extender,
 							org.argeo.dep.osgi.catalina.start,
@@ -35,12 +36,12 @@
 							org.argeo.security.ria,
 							org.argeo.security.core,
 							org.argeo.server.ads.server
-						</slc.osgi.start>
-						<slc.osgi.bundles>
+						</argeo.osgi.start>
+						<argeo.osgi.bundles>
 							${basedir};in=*;ex=pom.xml;ex=target;ex=.*;ex=*.ldif,
 							${basedir}/../modules;in=*;ex=pom.xml;ex=target;ex=.*,
 							${basedir}/../../server/modules;in=*;ex=pom.xml;ex=target;ex=.*,
-						</slc.osgi.bundles>
+						</argeo.osgi.bundles>
 					</systemProperties>
 				</configuration>
 			</plugin>
@@ -94,5 +95,13 @@
 			<groupId>org.springframework.osgi</groupId>
 			<artifactId>org.springframework.osgi.web.extender</artifactId>
 		</dependency>
+
+		<!-- Used to start the Apache Directory server -->
+		<dependency>
+			<groupId>org.argeo.commons.server</groupId>
+			<artifactId>org.argeo.server.ads</artifactId>
+			<version>0.1.2-SNAPSHOT</version>
+		</dependency>
+
 	</dependencies>
 </project>
\ No newline at end of file
diff --git a/security/modules/org.argeo.security.manager.ldap/META-INF/MANIFEST.MF b/security/modules/org.argeo.security.manager.ldap/META-INF/MANIFEST.MF
index bb61a8fee..7ef09fd7e 100644
--- a/security/modules/org.argeo.security.manager.ldap/META-INF/MANIFEST.MF
+++ b/security/modules/org.argeo.security.manager.ldap/META-INF/MANIFEST.MF
@@ -2,6 +2,7 @@ Bundle-SymbolicName: org.argeo.security.manager.ldap
 Bundle-Version: 0.1.2.SNAPSHOT
 Import-Package: org.argeo.security,
  org.argeo.security.ldap,
+ org.springframework.beans.factory.config,
  org.springframework.ldap.core.support,
  org.springframework.security,
  org.springframework.security.ldap,
diff --git a/security/modules/org.argeo.security.manager.ldap/META-INF/spring/ldap-osgi.xml b/security/modules/org.argeo.security.manager.ldap/META-INF/spring/ldap-osgi.xml
new file mode 100644
index 000000000..49ad482ce
--- /dev/null
+++ b/security/modules/org.argeo.security.manager.ldap/META-INF/spring/ldap-osgi.xml
@@ -0,0 +1,17 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans:beans xmlns="http://www.springframework.org/schema/osgi"
+	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:beans="http://www.springframework.org/schema/beans"
+	xsi:schemaLocation="http://www.springframework.org/schema/osgi  
+       http://www.springframework.org/schema/osgi/spring-osgi-1.1.xsd
+       http://www.springframework.org/schema/beans   
+       http://www.springframework.org/schema/beans/spring-beans-2.5.xsd">
+
+	<service ref="_authenticationManager"
+		interface="org.springframework.security.AuthenticationManager"
+		context-class-loader="service-provider" />
+
+	<service ref="securityDao" interface="org.argeo.security.ArgeoSecurityDao" />
+
+	<list id="userNatureMappers" interface="org.argeo.security.ldap.UserNatureMapper"
+		cardinality="0..N" />
+</beans:beans>
\ No newline at end of file
diff --git a/security/modules/org.argeo.security.manager.ldap/META-INF/spring/ldap.xml b/security/modules/org.argeo.security.manager.ldap/META-INF/spring/ldap.xml
index 534bfe5df..c3cea65d4 100644
--- a/security/modules/org.argeo.security.manager.ldap/META-INF/spring/ldap.xml
+++ b/security/modules/org.argeo.security.manager.ldap/META-INF/spring/ldap.xml
@@ -5,6 +5,16 @@
               http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.4.xsd">
 
 
+	<bean
+		class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
+		<property name="systemPropertiesModeName" value="SYSTEM_PROPERTIES_MODE_OVERRIDE" />
+		<property name="ignoreUnresolvablePlaceholders" value="true" />
+		<property name="locations">
+			<value>osgibundle:ldap.properties
+			</value>
+		</property>
+	</bean>
+
 	<bean id="_authenticationManager" class="org.springframework.security.providers.ProviderManager">
 		<property name="providers">
 			<list>
@@ -15,9 +25,10 @@
 
 	<bean id="contextSource"
 		class="org.springframework.security.ldap.DefaultSpringSecurityContextSource">
-		<constructor-arg value="ldap://localhost:10389/dc=demo,dc=argeo,dc=org" />
-		<property name="userDn" value="uid=admin,ou=system" />
-		<property name="password" value="secret" />
+		<constructor-arg
+			value="ldap://${argeo.ldap.host}:${argeo.ldap.port}/${argeo.ldap.rootdn}" />
+		<property name="userDn" value="${argeo.ldap.manager.userdn}" />
+		<property name="password" value="${argeo.ldap.manager.password}" />
 	</bean>
 
 	<bean id="authenticationProvider"
@@ -66,9 +77,8 @@
 		name="usernameMapper"> <bean
 		class="org.springframework.security.ldap.DefaultLdapUsernameToDnMapper">
 		<constructor-arg value="ou=users" /> <constructor-arg value="uid" />
-		</bean> </property> </bean>
-	<bean id="userDetailsMapper" class="org.argeo.security.ldap.ArgeoUserDetailsContextMapper">
-		<property name="userNatureMappers" ref="userNatureMappers" />
-	</bean>
+		</bean> </property> </bean> <bean id="userDetailsMapper"
+		class="org.argeo.security.ldap.ArgeoUserDetailsContextMapper">
+		<property name="userNatureMappers" ref="userNatureMappers" /> </bean>
 	-->
 </beans>
diff --git a/security/modules/org.argeo.security.manager.ldap/META-INF/spring/osgi.xml b/security/modules/org.argeo.security.manager.ldap/META-INF/spring/osgi.xml
deleted file mode 100644
index 49ad482ce..000000000
--- a/security/modules/org.argeo.security.manager.ldap/META-INF/spring/osgi.xml
+++ /dev/null
@@ -1,17 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<beans:beans xmlns="http://www.springframework.org/schema/osgi"
-	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:beans="http://www.springframework.org/schema/beans"
-	xsi:schemaLocation="http://www.springframework.org/schema/osgi  
-       http://www.springframework.org/schema/osgi/spring-osgi-1.1.xsd
-       http://www.springframework.org/schema/beans   
-       http://www.springframework.org/schema/beans/spring-beans-2.5.xsd">
-
-	<service ref="_authenticationManager"
-		interface="org.springframework.security.AuthenticationManager"
-		context-class-loader="service-provider" />
-
-	<service ref="securityDao" interface="org.argeo.security.ArgeoSecurityDao" />
-
-	<list id="userNatureMappers" interface="org.argeo.security.ldap.UserNatureMapper"
-		cardinality="0..N" />
-</beans:beans>
\ No newline at end of file
diff --git a/server/modules/org.argeo.server.ads.server/META-INF/MANIFEST.MF b/server/modules/org.argeo.server.ads.server/META-INF/MANIFEST.MF
index c58d8be49..d5060c345 100644
--- a/server/modules/org.argeo.server.ads.server/META-INF/MANIFEST.MF
+++ b/server/modules/org.argeo.server.ads.server/META-INF/MANIFEST.MF
@@ -17,7 +17,5 @@ Import-Package: org.apache.directory.server.configuration,
  org.apache.directory.server.jndi,
  org.apache.directory.server.ldap.support.extended,
  org.apache.directory.shared.asn1.codec,
- org.springframework.beans.factory.config,
- org.springframework.ldap.core.support,
- org.springframework.security.config,
- org.springframework.security.ldap
+ org.argeo.server.ads,
+ org.springframework.beans.factory.config
diff --git a/server/modules/org.argeo.server.ads.server/META-INF/spring/ads.xml b/server/modules/org.argeo.server.ads.server/META-INF/spring/ads.xml
index 593234f1b..6f7f6a615 100644
--- a/server/modules/org.argeo.server.ads.server/META-INF/spring/ads.xml
+++ b/server/modules/org.argeo.server.ads.server/META-INF/spring/ads.xml
@@ -1,9 +1,59 @@
-<beans:beans xmlns="http://www.springframework.org/schema/security"
-	xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-	xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
-              http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.4.xsd">
+<beans xmlns="http://www.springframework.org/schema/beans"
+	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd">
 
-	<ldap-server root="dc=demo,dc=argeo,dc=org" port="10389"
-		ldif="file:init.ldif" />
+	<bean
+		class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
+		<property name="systemPropertiesModeName" value="SYSTEM_PROPERTIES_MODE_OVERRIDE" />
+		<property name="ignoreUnresolvablePlaceholders" value="false" />
+		<property name="locations">
+			<value>osgibundle:ads.properties
+			</value>
+		</property>
+	</bean>
 
-</beans:beans>
+	<bean class="org.argeo.server.ads.AdsContainer">
+		<property name="workingDirectory" value="${argeo.osgi.data.dir}/apacheds" />
+		<property name="deleteWorkingDirOnExit" value="true" />
+		<property name="configuration" ref="configuration" />
+		<property name="environment" ref="environment" />
+		<property name="ldifs">
+			<list>
+				<value>osgibundle:init.ldif</value>
+			</list>
+		</property>
+	</bean>
+
+	<bean id="environment"
+		class="org.springframework.beans.factory.config.PropertiesFactoryBean">
+		<property name="properties">
+			<props>
+				<prop key="java.naming.security.authentication">simple</prop>
+				<prop key="java.naming.security.principal">${argeo.ldap.manager.userdn}</prop>
+				<prop key="java.naming.security.credentials">${argeo.ldap.manager.password}</prop>
+				<!--<prop key="kdc.entryBaseDn">ou=users,dc=example,dc=com</prop>-->
+				<!--<prop key="kdc.java.naming.security.credentials">secret</prop>-->
+				<!--
+					<prop key="changepw.entryBaseDn">ou=users,dc=example,dc=com</prop>
+				-->
+				<!--
+					<prop key="changepw.java.naming.security.credentials">secret</prop>
+				-->
+				<!--
+					Set this key to a space delimited set of attributeType descriptions
+					and their OID's if you want an attributeType to be handled as
+					binary content. The server will use the schema to derive the set of
+					attributeTypes to treat as binary. The union if the values you
+					provide here will be taken as the set of binaries. Note to be
+					consistent you must add both the OID and all the names an
+					attributeType can have.
+				-->
+				<!--
+					<prop key="java.naming.ldap.attributes.binary"></prop>
+				-->
+			</props>
+		</property>
+	</bean>
+
+
+</beans>
diff --git a/server/modules/org.argeo.server.ads.server/META-INF/spring/server.xml b/server/modules/org.argeo.server.ads.server/META-INF/spring/server.xml
index ca83c1f6f..2bf80b941 100644
--- a/server/modules/org.argeo.server.ads.server/META-INF/spring/server.xml
+++ b/server/modules/org.argeo.server.ads.server/META-INF/spring/server.xml
@@ -4,37 +4,6 @@
   "http://www.springframework.org/dtd/spring-beans.dtd">
 
 <beans>
-	<bean id="environment"
-		class="org.springframework.beans.factory.config.PropertiesFactoryBean">
-		<property name="properties">
-			<props>
-				<prop key="java.naming.security.authentication">simple</prop>
-				<prop key="java.naming.security.principal">uid=admin,ou=system</prop>
-				<prop key="java.naming.security.credentials">secret</prop>
-				<!--<prop key="kdc.entryBaseDn">ou=users,dc=example,dc=com</prop>-->
-				<!--<prop key="kdc.java.naming.security.credentials">secret</prop>-->
-				<!--
-					<prop key="changepw.entryBaseDn">ou=users,dc=example,dc=com</prop>
-				-->
-				<!--
-					<prop key="changepw.java.naming.security.credentials">secret</prop>
-				-->
-				<!--
-					Set this key to a space delimited set of attributeType descriptions
-					and their OID's if you want an attributeType to be handled as
-					binary content. The server will use the schema to derive the set of
-					attributeTypes to treat as binary. The union if the values you
-					provide here will be taken as the set of binaries. Note to be
-					consistent you must add both the OID and all the names an
-					attributeType can have.
-				-->
-				<!--
-					<prop key="java.naming.ldap.attributes.binary"></prop>
-				-->
-			</props>
-		</property>
-	</bean>
-
 	<bean id="configuration"
 		class="org.apache.directory.server.configuration.MutableServerStartupConfiguration">
 		<property name="workingDirectory" value="example.com" />
@@ -66,12 +35,17 @@
 		-->
 
 		<!--
-			<property name="ldifDirectory"> <value>example.ldif</value>
-			</property> <property name="ldifFilters"> <list> <bean
-			class="org.apache.directory.server.protocol.shared.store.Krb5KdcEntryFilter"/>
-			</list> </property>
+		<property name="ldifDirectory">
+			<value>${argeo.ads.init.ldif}</value>
+		</property> -->
+
+		<!--
+			<property name="ldifFilters"> <list> <bean
+			class="org.apache.directory.server.protocol.shared.store.Krb5KdcEntryFilter"
+			/> </list> </property>
 		-->
 
+
 		<!--
 			the number of milliseconds before issuing a synch (flush to disk)
 		-->
@@ -123,7 +97,7 @@
 		-->
 		<property name="denormalizeOpAttrsEnabled" value="false" />
 
-		<property name="ldapPort" value="10389" />
+		<property name="ldapPort" value="${argeo.ldap.port}" />
 
 		<property name="systemPartitionConfiguration" ref="systemPartitionConfiguration" />
 
@@ -305,12 +279,12 @@
 			</set>
 		</property>
 		<property name="contextEntry">
-			<value>
+			<value><![CDATA[
 				objectClass: top
 				objectClass: organizationalUnit
-				objectClass: extensibleObject
+				objectClass:extensibleObject
 				ou: system
-      </value>
+				]]></value>
 		</property>
 	</bean>
 
@@ -319,7 +293,7 @@
 		class="org.apache.directory.server.core.partition.impl.btree.MutableBTreePartitionConfiguration">
 		<property name="name" value="example" />
 		<property name="cacheSize" value="100" />
-		<property name="suffix" value="dc=example,dc=com" />
+		<property name="suffix" value="${argeo.ldap.rootdn}" />
 
 		<!--
 			the optimizer is enabled by default but may not always be what
@@ -367,12 +341,12 @@
 			</set>
 		</property>
 		<property name="contextEntry">
-			<value>
+			<value><![CDATA[
 				objectClass: top
 				objectClass: domain
 				objectClass: extensibleObject
 				dc: example
-      </value>
+				]]></value>
 		</property>
 	</bean>
 
diff --git a/server/modules/org.argeo.server.ads.server/ads.properties b/server/modules/org.argeo.server.ads.server/ads.properties
new file mode 100644
index 000000000..2596f1a58
--- /dev/null
+++ b/server/modules/org.argeo.server.ads.server/ads.properties
@@ -0,0 +1,4 @@
+argeo.ldap.rootdn=dc=demo,dc=argeo,dc=org
+argeo.ldap.port=10389
+argeo.ldap.manager.userdn=uid=admin,ou=system
+argeo.ldap.manager.password=secret
diff --git a/server/modules/org.argeo.server.ads.server/init.ldif b/server/modules/org.argeo.server.ads.server/init.ldif
new file mode 100644
index 000000000..8b0c8276a
--- /dev/null
+++ b/server/modules/org.argeo.server.ads.server/init.ldif
@@ -0,0 +1,47 @@
+dn: dc=demo,dc=argeo,dc=org
+objectClass: domain
+objectClass: extensibleObject
+objectClass: top
+dc: springsecurity
+
+dn: ou=groups,dc=demo,dc=argeo,dc=org
+objectClass: organizationalUnit
+objectClass: top
+ou: groups
+
+dn: ou=users,dc=demo,dc=argeo,dc=org
+objectClass: organizationalUnit
+objectClass: top
+ou: users
+
+dn: uid=demo,ou=users,dc=demo,dc=argeo,dc=org
+objectClass: organizationalPerson
+objectClass: person
+objectClass: inetOrgPerson
+objectClass: top
+cn: demo User
+description: Demo user
+givenname: Demo
+mail: demo@localhost
+sn: User
+uid: demo
+userpassword:: e1NIQX1pZVNWNTVRYytlUU9hWURSU2hhL0Fqek5USkU9
+
+dn: uid=root,ou=users,dc=demo,dc=argeo,dc=org
+objectClass: person
+objectClass: inetOrgPerson
+objectClass: organizationalPerson
+objectClass: top
+cn: demo User
+description: Superuser
+givenname: Root
+mail: root@localhost
+sn: Root
+uid: root
+userpassword:: e1NIQX1pZVNWNTVRYytlUU9hWURSU2hhL0Fqek5USkU9
+
+dn: cn=admin,ou=groups,dc=demo,dc=argeo,dc=org
+objectClass: groupOfUniqueNames
+objectClass: top
+cn: admin
+uniquemember: uid=root,ou=users,dc=demo,dc=argeo,dc=org
diff --git a/server/modules/org.argeo.server.catalina/META-INF/MANIFEST.MF b/server/modules/org.argeo.server.catalina/META-INF/MANIFEST.MF
index bfd6f2b32..d07c840fb 100644
--- a/server/modules/org.argeo.server.catalina/META-INF/MANIFEST.MF
+++ b/server/modules/org.argeo.server.catalina/META-INF/MANIFEST.MF
@@ -9,4 +9,5 @@ Import-Package: org.springframework.security;resolution:=optional,
  org.springframework.security.ui.savedrequest;resolution:=optional,
  org.springframework.security.userdetails;resolution:=optional,
  org.springframework.security.context;resolution:=optional,
- org.argeo.security.core;resolution:=optional
+ org.argeo.security.core;resolution:=optional,
+ org.argeo.security.nature;resolution:=optional
diff --git a/server/modules/org.argeo.server.tomcat/conf/server.xml b/server/modules/org.argeo.server.tomcat/conf/server.xml
index fda25a39a..f79a91244 100644
--- a/server/modules/org.argeo.server.tomcat/conf/server.xml
+++ b/server/modules/org.argeo.server.tomcat/conf/server.xml
@@ -124,7 +124,7 @@
 			-->
 			<Host name="localhost" appBase="webapps" unpackWARs="true"
 				autoDeploy="true" xmlValidation="false" xmlNamespaceAware="false"
-				workDir="${slc.osgi.dataDir}/tomcat/work">
+				workDir="${argeo.osgi.data.dir}/tomcat/work">
 
 				<!--
 					SingleSignOn valve, share authentication between web applications
diff --git a/server/modules/pom.xml b/server/modules/pom.xml
index 24c752354..625cee835 100644
--- a/server/modules/pom.xml
+++ b/server/modules/pom.xml
@@ -30,5 +30,13 @@
 			<version>0.1.2-SNAPSHOT</version>
 			<type>pom</type>
 		</dependency>
+
+		<!-- Used to start the Apache Directory server -->
+		<dependency>
+			<groupId>org.argeo.commons.server</groupId>
+			<artifactId>org.argeo.server.ads</artifactId>
+			<version>0.1.2-SNAPSHOT</version>
+		</dependency>
+
 	</dependencies>
 </project>
\ No newline at end of file
diff --git a/server/runtime/org.argeo.server.ads/.classpath b/server/runtime/org.argeo.server.ads/.classpath
new file mode 100644
index 000000000..16f01e2ee
--- /dev/null
+++ b/server/runtime/org.argeo.server.ads/.classpath
@@ -0,0 +1,7 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<classpath>
+	<classpathentry kind="src" output="target/classes" path="src/main/java"/>
+	<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/J2SE-1.5"/>
+	<classpathentry kind="con" path="org.maven.ide.eclipse.MAVEN2_CLASSPATH_CONTAINER"/>
+	<classpathentry kind="output" path="target/classes"/>
+</classpath>
diff --git a/server/runtime/org.argeo.server.ads/.project b/server/runtime/org.argeo.server.ads/.project
new file mode 100644
index 000000000..831bb1b8d
--- /dev/null
+++ b/server/runtime/org.argeo.server.ads/.project
@@ -0,0 +1,23 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<projectDescription>
+	<name>org.argeo.server.ads</name>
+	<comment></comment>
+	<projects>
+	</projects>
+	<buildSpec>
+		<buildCommand>
+			<name>org.eclipse.jdt.core.javabuilder</name>
+			<arguments>
+			</arguments>
+		</buildCommand>
+		<buildCommand>
+			<name>org.maven.ide.eclipse.maven2Builder</name>
+			<arguments>
+			</arguments>
+		</buildCommand>
+	</buildSpec>
+	<natures>
+		<nature>org.maven.ide.eclipse.maven2Nature</nature>
+		<nature>org.eclipse.jdt.core.javanature</nature>
+	</natures>
+</projectDescription>
diff --git a/server/runtime/org.argeo.server.ads/.settings/org.eclipse.jdt.core.prefs b/server/runtime/org.argeo.server.ads/.settings/org.eclipse.jdt.core.prefs
new file mode 100644
index 000000000..96aed002c
--- /dev/null
+++ b/server/runtime/org.argeo.server.ads/.settings/org.eclipse.jdt.core.prefs
@@ -0,0 +1,5 @@
+#Mon Nov 23 13:34:23 CET 2009
+eclipse.preferences.version=1
+org.eclipse.jdt.core.compiler.codegen.targetPlatform=1.5
+org.eclipse.jdt.core.compiler.compliance=1.5
+org.eclipse.jdt.core.compiler.source=1.5
diff --git a/server/runtime/org.argeo.server.ads/.settings/org.maven.ide.eclipse.prefs b/server/runtime/org.argeo.server.ads/.settings/org.maven.ide.eclipse.prefs
new file mode 100644
index 000000000..8a80a771a
--- /dev/null
+++ b/server/runtime/org.argeo.server.ads/.settings/org.maven.ide.eclipse.prefs
@@ -0,0 +1,9 @@
+#Mon Nov 23 13:34:22 CET 2009
+activeProfiles=
+eclipse.preferences.version=1
+fullBuildGoals=process-test-resources
+includeModules=false
+resolveWorkspaceProjects=true
+resourceFilterGoals=process-resources resources\:testResources
+skipCompilerPlugin=true
+version=1
diff --git a/server/runtime/org.argeo.server.ads/pom.xml b/server/runtime/org.argeo.server.ads/pom.xml
new file mode 100644
index 000000000..f5894520c
--- /dev/null
+++ b/server/runtime/org.argeo.server.ads/pom.xml
@@ -0,0 +1,65 @@
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+	<modelVersion>4.0.0</modelVersion>
+	<parent>
+		<groupId>org.argeo.commons.server</groupId>
+		<artifactId>runtime</artifactId>
+		<version>0.1.2-SNAPSHOT</version>
+		<relativePath>..</relativePath>
+	</parent>
+	<artifactId>org.argeo.server.ads</artifactId>
+	<name>Commons Server Apache Directory Server</name>
+	<build>
+		<plugins>
+			<plugin>
+				<groupId>org.apache.maven.plugins</groupId>
+				<artifactId>maven-compiler-plugin</artifactId>
+			</plugin>
+			<plugin>
+				<groupId>org.apache.maven.plugins</groupId>
+				<artifactId>maven-source-plugin</artifactId>
+			</plugin>
+			<plugin>
+				<groupId>org.apache.maven.plugins</groupId>
+				<artifactId>maven-jar-plugin</artifactId>
+			</plugin>
+			<plugin>
+				<groupId>org.apache.felix</groupId>
+				<artifactId>maven-bundle-plugin</artifactId>
+				<version>${version.maven-bundle-plugin}</version>
+				<configuration>
+					<instructions>
+						<Export-Package>
+							org.argeo.server.ads.*
+						</Export-Package>
+					</instructions>
+				</configuration>
+			</plugin>
+		</plugins>
+	</build>
+	<dependencies>
+		<!-- Apache DS -->
+		<dependency>
+			<groupId>org.apache.directory</groupId>
+			<artifactId>com.springsource.org.apache.directory.server.jndi</artifactId>
+		</dependency>
+
+		<!-- Apache Commons -->
+		<dependency>
+			<groupId>org.apache.commons</groupId>
+			<artifactId>com.springsource.org.apache.commons.io</artifactId>
+		</dependency>
+
+		<!-- Spring -->
+		<dependency>
+			<groupId>org.springframework</groupId>
+			<artifactId>org.springframework.beans</artifactId>
+		</dependency>
+
+		<!-- Logging -->
+		<dependency>
+			<groupId>org.slf4j</groupId>
+			<artifactId>com.springsource.slf4j.org.apache.commons.logging</artifactId>
+		</dependency>
+	</dependencies>
+</project>
diff --git a/server/runtime/org.argeo.server.ads/src/main/java/org/argeo/server/ads/AdsContainer.java b/server/runtime/org.argeo.server.ads/src/main/java/org/argeo/server/ads/AdsContainer.java
new file mode 100644
index 000000000..4a36f721d
--- /dev/null
+++ b/server/runtime/org.argeo.server.ads/src/main/java/org/argeo/server/ads/AdsContainer.java
@@ -0,0 +1,138 @@
+package org.argeo.server.ads;
+
+import java.io.File;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Properties;
+
+import javax.naming.Context;
+import javax.naming.InitialContext;
+import javax.naming.NamingException;
+import javax.naming.directory.InitialDirContext;
+
+import org.apache.commons.io.FileUtils;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.apache.directory.server.configuration.MutableServerStartupConfiguration;
+import org.apache.directory.server.core.configuration.ShutdownConfiguration;
+import org.apache.directory.server.jndi.ServerContextFactory;
+import org.springframework.beans.factory.DisposableBean;
+import org.springframework.beans.factory.InitializingBean;
+import org.springframework.core.io.Resource;
+import org.springframework.util.Assert;
+
+public class AdsContainer implements InitializingBean, DisposableBean {
+	private final static Log log = LogFactory.getLog(AdsContainer.class);
+
+	private MutableServerStartupConfiguration configuration;
+	private Properties environment = null;
+	private File workingDirectory = new File(System
+			.getProperty("java.io.tmpdir")
+			+ File.separator + "argeo-apacheDirectoryServer");
+	private List<Resource> ldifs = new ArrayList<Resource>();
+	private File ldifDirectory;
+	private Boolean deleteWorkingDirOnExit = false;
+
+	@SuppressWarnings("unchecked")
+	public void afterPropertiesSet() throws Exception {
+
+		log.info("Starting directory server with id '"
+				+ configuration.getInstanceId() + "' in directory "
+				+ workingDirectory.getAbsolutePath());
+
+		if (deleteWorkingDirOnExit && workingDirectory.exists()) {
+			log.warn("Found existing directory " + workingDirectory
+					+ " deleting it...");
+			FileUtils.deleteDirectory(workingDirectory);
+		}
+		configuration.setWorkingDirectory(workingDirectory);
+		workingDirectory.mkdirs();
+
+		if (ldifDirectory != null)
+			configuration.setLdifDirectory(ldifDirectory);
+		else
+			configuration.setLdifDirectory(new File(workingDirectory
+					.getAbsolutePath()
+					+ File.separator + "ldif"));
+
+		if (ldifs.size() > 0)
+			configuration.getLdifDirectory().mkdirs();
+		for (Resource ldif : ldifs) {
+			FileUtils.copyURLToFile(ldif.getURL(), new File(configuration
+					.getLdifDirectory().getAbsolutePath()
+					+ File.separator + ldif.getFilename().replace(':', '_')));
+			if (log.isDebugEnabled())
+				log.debug("Copied " + ldif + " to LDIF directory "
+						+ configuration.getLdifDirectory());
+		}
+
+		Properties env = new Properties();
+		env.setProperty(Context.INITIAL_CONTEXT_FACTORY,
+				ServerContextFactory.class.getName());
+		Assert.notNull(environment);
+		env.putAll(environment);
+		env.putAll(configuration.toJndiEnvironment());
+
+		try {
+			new InitialDirContext(env);
+		} catch (NamingException e) {
+			throw new RuntimeException(
+					"Failed to start Apache Directory server", e);
+		}
+	}
+
+	@SuppressWarnings("unchecked")
+	public void destroy() throws Exception {
+		ShutdownConfiguration shutdown = new ShutdownConfiguration(
+				configuration.getInstanceId());
+
+		Properties env = new Properties();
+		env.setProperty(Context.INITIAL_CONTEXT_FACTORY,
+				ServerContextFactory.class.getName());
+		Assert.notNull(environment);
+		env.putAll(environment);
+		env.putAll(shutdown.toJndiEnvironment());
+
+		log.info("Shutting down directory server with id '"
+				+ configuration.getInstanceId() + "'");
+
+		try {
+			new InitialContext(env);
+		} catch (NamingException e) {
+			throw new RuntimeException(
+					"Failed to stop Apache Directory server", e);
+		}
+
+		if (workingDirectory.exists() && deleteWorkingDirOnExit) {
+			if (log.isDebugEnabled())
+				log.debug("Delete Apache DS working dir " + workingDirectory);
+			FileUtils.deleteDirectory(workingDirectory);
+		}
+
+	}
+
+	public void setConfiguration(MutableServerStartupConfiguration configuration) {
+		this.configuration = configuration;
+	}
+
+	public void setWorkingDirectory(File workingDirectory) {
+		this.workingDirectory = workingDirectory;
+	}
+
+	public void setEnvironment(Properties environment) {
+		this.environment = environment;
+	}
+
+	public void setLdifs(List<Resource> ldifs) {
+		this.ldifs = ldifs;
+	}
+
+	public void setLdifDirectory(File ldifDirectory) {
+		this.ldifDirectory = ldifDirectory;
+	}
+
+	public void setDeleteWorkingDirOnExit(Boolean deleteWorkingDirOnExit) {
+		this.deleteWorkingDirOnExit = deleteWorkingDirOnExit;
+	}
+
+}
diff --git a/server/runtime/pom.xml b/server/runtime/pom.xml
index 1d8f5e6ac..a643674aa 100644
--- a/server/runtime/pom.xml
+++ b/server/runtime/pom.xml
@@ -17,5 +17,6 @@
 		<module>org.argeo.server.osgi</module>
 		<module>org.argeo.server.jxl</module>
 		<module>org.argeo.server.hibernate</module>
+		<module>org.argeo.server.ads</module>
 	</modules>
 </project>
\ No newline at end of file