Alfresco JLAN Manual de usuario
Alfresco JLAN Server
Installation Guide
For Alfresco JLAN Server v6.0
Author: GK Spencer
© Alfresco 2007-2011. All r ghts reserved
Table of Contents
1 Alfresco JLAN Server Overview................................................................... 3
2 T e JLAN Server Applications...................................................................... 4
2.1 Jar F les...............................................................................................................4
2.2 org.alfresco.jlan.app.JLANServer............................................................................ 5
2.3 org.alfresco.jlan.app.JLANServerServ ce.................................................................. 5
2.4 JLAN Server XML Conf gurat on F le......................................................................... 6
2.4.1 Server Conf gurat on.......................................................................................6
2.4.2 Global Conf gurat on....................................................................................... 6
2.4.3 SMB Server Conf gurat on............................................................................... 7
2.4.4 Cluster Conf gurat on.................................................................................... 12
2.4.5 FTP Server Conf gurat on...............................................................................12
2.4.6 NFS Server Conf gurat on.............................................................................. 15
2.4.7 Shares Conf gurat on.................................................................................... 17
2.4.7.1 JavaF leD skDr ver Conf gurat on..............................................................20
2.4.7.2 DBD skDr ver Conf gurat on.....................................................................21
2.4.7.2.1 DatabaseInterface Conf gurat on....................................................... 25
2.4.7.2.2 F leLoader Conf gurat on.................................................................. 26
2.4.7.2.3 Sample Conf gurat ons.....................................................................29
2.4.8 Secur ty Conf gurat on...................................................................................33
2.4.8.1 LocalAuthent cator................................................................................. 34
2.4.8.2 PassthruAuthent cator............................................................................ 36
2.4.8.3 Enterpr se Authent cator......................................................................... 37
2.4.9 Share Mapper Conf gurat on...........................................................................38
2.4.10 Dr ve Mapp ngs Conf gurat on.......................................................................38
2.4.11 Debug Conf gurat on................................................................................... 39
2.4.11.1 Cluster Debug Conf gurat on..................................................................40
3 Deploying T e SMB/CIFS Server On Windows........................................... 42
3.1 W ndows Nat ve SMB/CIFS................................................................................... 42
3.2 W ndows NetBIOS Over TCP/IP............................................................................. 42
3.3 JLAN Server SMB/CIFS Implementat on................................................................. 43
3.3.1 Nat ve SMB/CIFS..........................................................................................43
3.3.2 NetBIOS Over TCP/IP....................................................................................44
3.3.3 W n32 NetBIOS............................................................................................ 45
4 Enterprise Aut entication Setup................................................................47
4.1 Kerberos/Act ve D rectory Setup........................................................................... 47
2
Alfresco JLAN Server Installation Guide
1 Alfresco JLAN Server Overview
The JLAN Server s a Java based f le server mplement ng the Server Message Block
(SMB) protocol, also known as the Common Internet F le System (CIFS), F le Transfer
Protocol (FTP) and Network F le Server (NFS) protocol.
SMB/CIFS s the protocol used by W ndows network ng to prov de d sk and pr nt
shares, plus other network adm n strat on and secur ty funct ons.
The JLAN Server uses a v rtual f lesystem nterface that prov des a standard nterface
to the f lesystem for the var ous protocols. The v rtual f lesystem may be mapped to a
real f lesystem, or other repos tory or med a.
Much of the des gn ph losophy beh nd the JLAN Server s about custom zat on. Many of
the key components of the system can be replaced v a the ma n server conf gurat on
class. The key components that may be replaced/custom zed are:-
•V rtual f lesystem dr ver classes
•Authent cat on classes
•Server conf gurat on classes
•V rtual f lesystem mapp ng class
•Access control manager and access control rules
•Quota manager
The JLAN Server k t conta ns a v rtual f lesystem dr ver class that maps to the local
f lesystem us ng the java.io.File class and a database f lesystem that stores the
f lesystem structure n a database table w th a custom f le loader class used to load
and save the f le data. There are sample f le loader mplementat ons that use the local
f lesystem and database BLOB f elds.
The demonstrat on server appl cat ons – org.alfresco.jlan.app.JLANServer and
org.alfresco.jlan.app.JLANServerService – use an XML based server conf gurat on
mplementat on.
The default v rtual f lesystem mapp ng class prov des access to the f lesystems def ned
n the server conf gurat on plus allows access to a HOME area f the user access ng the
server has a home d rectory def ned n the server conf gurat on.
3
2 T e JLAN Server Applications
The Jar f le suppl ed w th the JLAN Server k t conta ns two fully funct onal server
appl cat ons that use the SMB/CIFS, NetBIOS, FTP and NFS server components:-
•org.alfresco.jlan.app.JLANServer
Allows the JLAN Server to be started as a console appl cat on, or as an
NT serv ce.
•org.alfresco.jlan.app.JLANServerServ ce
Allows the JLAN Server to be started as a console appl cat on, or NT
serv ce, or L nux/Un x daemon by us ng the Serv ceWrapper from
Tanuk Software.
The server s conf gured us ng an XML conf gurat on f le. The appl cat on uses the DOM
parser that s part of the Java runt me.
The conf gurat on f le defaults to jlanserver.xml n the user home d rectory, under
W ndows th s w ll be n the Documents And Settings\<username> d rectory. The
conf gurat on f le can also be spec f ed on the command l ne.
In the demo vers on of the JLAN Server k t the ma n appl cat ons are
org.alfresco.jlan.app.demo.JLANServer and
org.alfresco.jlan.app.demo.JLANServerService.
2.1 Jar Files
There are two Jar f les ncludes n the JLAN Server k t :-
• alfresco-jlan.jar
Conta ns the core server appl cat ons but does not conta n the database
nterface code for mySQL, Oracle or Cloudscape Derby.
• alfresco-jlan-db.jar
Conta ns the core server appl cat ons plus the mySQL, Oracle and Derby
database nterface classes.
The database f lesystem vers on of the Jar also requ res the appropr ate JDBC classes
to be on the classpath.
The JLAN Server requ res a JCE prov der that mplements MD4, MD5 and DES
hash ng/encrypt on algor thms. The k t conta ns the Crypt x JCE prov der, the Crypt x
l cence s reproduced below :-
Cryptix General License
Copyright (c) 1995-2005 The Cryptix Foundation Li ited.
All rights reserved.
Redistribution and use in source and binary for s, with or without
odification, are per itted provided that the following conditions are
et:
1. Redistributions of source code ust retain the copyright notice,
this list of conditions and the following disclai er.
2. Redistributions in binary for ust reproduce the above copyright
notice, this list of conditions and the following disclai er in
the docu entation and/or other aterials provided with the
distribution.
THIS SOFTWARE IS PROVIDED BY THE CRYPTIX FOUNDATION LIMITED AND
4
CONTRIBUTORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
IN NO EVENT SHALL THE CRYPTIX FOUNDATION LIMITED OR CONTRIBUTORS BE
LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
Other JCE prov ders may be used such as Bouncy Castle, or f you are us ng the IBM
JDK/JRE th s ncludes the requ red hash ng and encrypt on algor thms n the standard
k t.
2.2 org.alfresco.jlan.app.JLANServer
The JLANServer appl cat on can be run as a console appl cat on or as an NT serv ce.
The follow ng command l nes show var ous ways that the server appl cat on can be
started:-
java -jar alfresco-jlan.jar
java -cp .\alfresco-jlan.jar org.alfresco.jlan.app.JLANServer jlanconfig.xml
java -jar .\alfresco-jlan.jar jlanConfig.xml
A sample conf gurat on f le s ncluded n the demo k t (jlanserver.xml). The sample
conf gurat on f le s setup to use the W n32 NetBIOS nterface.
To use the NetBIOS over TCP/IP and/or nat ve SMB nterfaces the network broadcast
mask must be conf gured before the sample conf gurat on f le can be used.
The runsrv. at batch f le may also be used to start the server under W ndows.
2.3 org.alfresco.jlan.app.JLANServerService
The JLANServerServ ce appl cat on uses the Serv ceWrapper from Tanuk Software
(http://wrapper.tanuk software.org/) to prov de portab l ty and res l ence.
The Serv ceWrapper s ava lable for a w de range of platforms, nclud ng W ndows,
L nux, Mac OS X, Ir x, HP-UX, A x, FreeBSD and Solar s.
The JLAN Server k t conta ns the b nar es for W ndows, L nux, Solar s and Mac OS X
support n the service\ sub-d rectory. A pre-conf gured ServerWrapper conf gurat on
f le s ncluded – jlansrv.conf. The ma n JLAN Server conf gurat on f le s expected to
be n the user home d rectory, the jlansrv.conf f le only prov des the Serv ceWrapper
conf gurat on of the JVM, appl cat on class, logg ng, JVM mon tor ng and NT serv ce
parameters.
To start the JLANServerServ ce under W ndows use the JLANServer.exe n the
wrapper\windows sub-d rectory. To start as a console appl cat on use the follow ng
command l ne:-
jlanserver -c jlansrv.conf
The Serv ceWrapper can also be used to run the JLAN Server as an NT serv ce or
daemon process. To nstall and start the JLAN Server as an NT serv ce use the
follow ng commands:-
5
jlanserver -i jlansrv.conf
jlanserver -t jlansrv.conf
The wrapper.ntservice.account and wrapper.ntservice.password parameters n the
jlansrv.conf w ll need to be mod f ed before nstall ng the JLAN Server as an NT
serv ce.
To start the JLANServerServ ce under L nux, Solar s or FreeBSD use the jlanserver
appl cat on n the appropr ate wrapper\ sub-d rectory.
A scr pt s prov ded n the service\linux\ sub-d rectory that can be used to
start/stop/restart the JLAN Server as a daemon process under L nux.
For more nformat on on conf gur ng the Serv ceWrapper and to download support for
other operat ng systems v s t the Tanuk Software web s te at
http://wrapper.tanuk software.org/.
2.4 JLAN Server XML Configuration File
The JLAN Server s conf gured us ng a s mple XML f le. A DTD s ava lable n the k t to
val date the conf gurat on (jlanserver.dtd).
The conf gurat on s conta ned w th n the <jlanserver> sect on of the conf gurat on f le.
The server s conf gured v a the <servers>, <glo al>, <SMB>, <FTP>, <NFS>
<shares>, <security>, <shareMapper>, <DriveMappings>, <cluster> and <de ug>
sub-sect ons.
Conf gurat on tems added n recent vers ons of the JLAN Server are shown n bold
type.
2.4.1 Server Configuration
The <servers> sect on def nes the var ous protocol servers that are to be enabled.
Server Configuration
<SMB/> or <CIFS/> Enable the SMB server
<FTP/> Enable the FTP server
<NFS/> Enable the NFS server (mount server and ma n NFS server)
2.4.2 Global Configuration
The <glo al> sect on def nes the sett ngs that are global to the server conf gurat on
and var ous protocols.
Global Configuration
<t mezone name=”...”/>
<t mezone offset=”...”/>
Spec f es the server t mezone us ng e ther the name, such as
'GMT' or 'PST' w th the name attr bute, or by spec fy ng the
offset from UTC n m nutes w th the offset attr bute.
The offset may be spec f ed as a pos t ve or negat ve value.
6
Global Configuration
<t mezone name=”PST”/>
<t mezone offset=”-480”/>
2.4.3 SMB Server Configuration
The <SMB> sect on def nes the SMB/CIFS server conf gurat on deta ls and network
conf gurat on. The ma n host conf gurat on s conta ned w th n the <host> sub-sect on,
w th var ous debug sett ngs be ng spec f ed by the <sessionDe ug>, <net iosDe ug>
and <announceDe ug> tems.
Host Configuration
<host name=”...” doma n=”...”/> Spec f es the server name and doma n/workgroup
that the server s part of.
<host name=”JLANSRV” doma n=”STARLASOFT”/>
<al as names=”name1,name2,..”/> Spec f es al as names that the server w ll respond to.
<broadcast>n.n.n.n</broadcast> Network or subnet broadcast mask as a dotted
TCP/IP address. In some cases the value of
'255.255.255.255' may work.
<broadcast>90.1.255.255</broadcast>
<smbd alects>..,..</smbd alects> Enables the SMB d alects that the server w ll
negot ate w th a cl ent. The ava lable d alects are
Core, LanMan and NT.
<smbd alects>Core,LanMan,NT</smbd alects>
<comment>...</comment> Server comment sent out as part of the host
announcement and also returned by var ous
server/workstat on nformat on requests.
<comment>JLAN SMB Server</comment>
<b ndto>n.n.n.n</b ndto>
<b ndto adapter=”...”/>
Spec f es the network adapter to b nd to f the host
has mult ple network adapters. If not spec f ed the
SMB server w ll b nd to all ava lable adapters.
Alternat vely, the adapter name may be spec f ed
us ng the adapter attr bute. The adapter name s the
name returned by the NetworkInterface class, such
as 'eth0' or 'en0'.
<b ndto>90.1.0.0</b ndto>
<b ndto adapter=”eth0”/>
<authent cator type=”...”>
..
</authent cator>
Conf gures the CIFS server authent cat on
mechan sm.
The type attr bute spec f es that one of the suppl ed
7
Host Configuration
<authent cator>
<class>...</class>
..
</authent cator>
authent cators be used. The ava lable values are
'local' for the s mple authent cator that supports
NTLM1 logons, 'passthru' for the passthru
authent cator or 'enterpr se' for the authent cator
that supports NTLM v1, NTLM v2 and Kerberos
logons.
A custom authent cator can be spec f ed by us ng the
<class> conf gurat on tag. Other conf gurat on tags
may be spec f ed as requ red.
<netBIOSSMB/>
<netBIOSSMB b ndto=”n.n.n.n”/>
<netBIOSSMB adapter=”...”/>
<netBIOSSMB platforms=”...”/>
Enables the NetBIOS over TCP/IP protocol on port
139.
To run the JLAN SMB Server under W ndows you
must d sable NetBIOS over TCP/IP v a the Network
Control Panel.
The indto attr bute may be spec f ed to b nd the
NetBIOS name server to a part cular address when
the system has mult ple network adapters.
Alternat vely, the adapter name may be spec f ed
us ng the adapter attr bute. The adapter name s the
name returned by the NetworkInterface class, such
as 'eth0' or 'en0'.
The platforms attr bute may be spec f ed to control
wh ch platforms the NetBIOS SMB component w ll be
enabled on. The platforms value s a comma
del meted l st of platform names where the val d
names are linux, macosx, windows, solaris and aix.
NetBIOS over TCP/IP may be enabled at the same
t me as the nat ve SMB over TCP/IP protocol.
<tcp pSMB/>
<tcp pSMB platforms=”...”/>
<tcp pSMB pv6=”enabled”/>
Enables the nat ve SMB over TCP/IP protocol on port
445.
The platforms attr bute may be spec f ed to control
wh ch platforms the NetBIOS SMB component w ll be
enabled on. The platforms value s a comma
del meted l st of platform names where the val d
names are linux, macosx, windows, solaris and aix.
The ipv6 attr bute enables nat ve SMB support under
Ipv6 sockets. The JLAN Server w ll b nd to IPv4 and
IPv6 sockets.
To run the nat ve SMB over TCP/IP protocol under
W ndows you need to d sable W ndows from us ng
the port v a the follow ng reg stry key:-
8
Host Configuration
[HKLM\SYSTEM\CurrentControlSet\Serv ces\NetBT\P
arameters]
“SMBDev ceEnabled”=dword:00000000
Nat ve SMB over TCP/IP may be enabled at the
same t me as NetBIOS over TCP/IP.
The k t conta ns a reg stry f le ( port445.reg) wh ch
can be used to d sable the W ndows f le server on
port 445.
<W n32NetBIOS name=”...”
accept=”...” lana=”n” ap =”...”/>
Enables the W n32 NetBIOS nat ve nterface protocol
that uses the W n32 Netb os() API call to prov de the
nam ng, sess on and datagram support.
The name attr bute spec f es the server name to
accept connect ons on. If not spec f ed the ma n SMB
server name s used.
The accept attr bute can be used to restr ct the
cl ents that are allowed to connect to the server. Th s
s useful f the JLAN Server should only be access ble
from the local host.
The lana attr bute can be used to spec fy wh ch
NetBIOS LAN adapter the W n32 NetBIOS nterface
w ll use. If not spec f ed the f rst ava lable LANA w ll
be used.
The api attr bute s used to spec fy the nat ve code
nterface to be used. The val d values are net ios for
the or g nal W n32 Netb os() API based code or
winsock for the new W nsock Netb os based code.
The default s to use the W nsock NetBIOS code.
<WINS>
<pr mary>...</pr mary>
<secondary>...</secondary>
</WINS>
Enables the NetBIOS name server to use the
spec f ed WINS server(s) when reg ster ng the local
NetBIOS names.
The secondary WINS server address s opt onal.
<hostAnnounce nterval='n'/> Enables host announcement so that the JLAN SMB
server appears under Network Ne ghborhood. Host
announcements w ll only be sent out f the NetBIOS
over TCP/IP protocol s enabled v a the
<netBIOSSMB/> conf gurat on tem.
The interval attr bute spec f es the announcement
9
Host Configuration
nterval n m nutes.
<hostAnnounce nterval=”5”/>
<HostAnnouncerPort>
n
</HostAnnouncerPort>
Spec f es the datagram port to be used by the host
announcer when send ng announcement datagrams.
If not spec f ed the default port of 138 w ll be used.
<W n32Announce nterval=”n”/> Enables host announcement v a the W n32 Netb os
API so that the JLAN SMB server appears under
Network Ne ghborhood.
The interval attr bute spec f es the announcement
nterval n m nutes.
<sess onT meout>
n
</sess onT meout>
Spec f es the CIFS sess on t meout value n seconds.
The default sess on t meout s 15 m nutes.
If no I/O occurs on the sess on w th n th s t me then
the sess on w ll be closed by the server. W ndows
cl ents send keep-al ve requests, usually w th n 15
m nutes.
<d sableNIO/> D sables the new NIO based CIFS server code and
reverts to us ng the older socket and JNI based
code.
The SMB server has many debug sett ngs wh ch are controlled by the follow ng
conf gurat on tems:-
SMB Server Debug Configuration
<sess onDebug flags=”...”/> Enables var ous SMB sess on level debug output. See the
table below for the l st of ava lable debug levels.
<sess onDebug flags=”NetBIOS,F le,IPC,Error”/>
<netb osDebug/> Enables NetBIOS name server debug output.
<announceDebug/> Enables host announcer debug output.
10
Tabla de contenidos
