Alfresco JLAN User manual
Alfresco JLAN Server
Installation Guide
For Alfresco JLAN Server v6.0
Author: GK Spencer
© Alfresco 2007-2011. All r ghts reserved
Table of Contents
1 Alfresco JLAN Server Overview................................................................... 3
2 T e JLAN Server Applications...................................................................... 4
2.1 Jar F les...............................................................................................................4
2.2 org.alfresco.jlan.app.JLANServer............................................................................ 5
2.3 org.alfresco.jlan.app.JLANServerServ ce.................................................................. 5
2.4 JLAN Server XML Conf gurat on F le......................................................................... 6
2.4.1 Server Conf gurat on.......................................................................................6
2.4.2 Global Conf gurat on....................................................................................... 6
2.4.3 SMB Server Conf gurat on............................................................................... 7
2.4.4 Cluster Conf gurat on.................................................................................... 12
2.4.5 FTP Server Conf gurat on...............................................................................12
2.4.6 NFS Server Conf gurat on.............................................................................. 15
2.4.7 Shares Conf gurat on.................................................................................... 17
2.4.7.1 JavaF leD skDr ver Conf gurat on..............................................................20
2.4.7.2 DBD skDr ver Conf gurat on.....................................................................21
2.4.7.2.1 DatabaseInterface Conf gurat on....................................................... 25
2.4.7.2.2 F leLoader Conf gurat on.................................................................. 26
2.4.7.2.3 Sample Conf gurat ons.....................................................................29
2.4.8 Secur ty Conf gurat on...................................................................................33
2.4.8.1 LocalAuthent cator................................................................................. 34
2.4.8.2 PassthruAuthent cator............................................................................ 36
2.4.8.3 Enterpr se Authent cator......................................................................... 37
2.4.9 Share Mapper Conf gurat on...........................................................................38
2.4.10 Dr ve Mapp ngs Conf gurat on.......................................................................38
2.4.11 Debug Conf gurat on................................................................................... 39
2.4.11.1 Cluster Debug Conf gurat on..................................................................40
3 Deploying T e SMB/CIFS Server On Windows........................................... 42
3.1 W ndows Nat ve SMB/CIFS................................................................................... 42
3.2 W ndows NetBIOS Over TCP/IP............................................................................. 42
3.3 JLAN Server SMB/CIFS Implementat on................................................................. 43
3.3.1 Nat ve SMB/CIFS..........................................................................................43
3.3.2 NetBIOS Over TCP/IP....................................................................................44
3.3.3 W n32 NetBIOS............................................................................................ 45
4 Enterprise Aut entication Setup................................................................47
4.1 Kerberos/Act ve D rectory Setup........................................................................... 47
2
Alfresco JLAN Server Installation Guide
1 Alfresco JLAN Server Overview
The JLAN Server s a Java based f le server mplement ng the Server Message Block
(SMB) protocol, also known as the Common Internet F le System (CIFS), F le Transfer
Protocol (FTP) and Network F le Server (NFS) protocol.
SMB/CIFS s the protocol used by W ndows network ng to prov de d sk and pr nt
shares, plus other network adm n strat on and secur ty funct ons.
The JLAN Server uses a v rtual f lesystem nterface that prov des a standard nterface
to the f lesystem for the var ous protocols. The v rtual f lesystem may be mapped to a
real f lesystem, or other repos tory or med a.
Much of the des gn ph losophy beh nd the JLAN Server s about custom zat on. Many of
the key components of the system can be replaced v a the ma n server conf gurat on
class. The key components that may be replaced/custom zed are:-
•V rtual f lesystem dr ver classes
•Authent cat on classes
•Server conf gurat on classes
•V rtual f lesystem mapp ng class
•Access control manager and access control rules
•Quota manager
The JLAN Server k t conta ns a v rtual f lesystem dr ver class that maps to the local
f lesystem us ng the java.io.File class and a database f lesystem that stores the
f lesystem structure n a database table w th a custom f le loader class used to load
and save the f le data. There are sample f le loader mplementat ons that use the local
f lesystem and database BLOB f elds.
The demonstrat on server appl cat ons – org.alfresco.jlan.app.JLANServer and
org.alfresco.jlan.app.JLANServerService – use an XML based server conf gurat on
mplementat on.
The default v rtual f lesystem mapp ng class prov des access to the f lesystems def ned
n the server conf gurat on plus allows access to a HOME area f the user access ng the
server has a home d rectory def ned n the server conf gurat on.
3
2 T e JLAN Server Applications
The Jar f le suppl ed w th the JLAN Server k t conta ns two fully funct onal server
appl cat ons that use the SMB/CIFS, NetBIOS, FTP and NFS server components:-
•org.alfresco.jlan.app.JLANServer
Allows the JLAN Server to be started as a console appl cat on, or as an
NT serv ce.
•org.alfresco.jlan.app.JLANServerServ ce
Allows the JLAN Server to be started as a console appl cat on, or NT
serv ce, or L nux/Un x daemon by us ng the Serv ceWrapper from
Tanuk Software.
The server s conf gured us ng an XML conf gurat on f le. The appl cat on uses the DOM
parser that s part of the Java runt me.
The conf gurat on f le defaults to jlanserver.xml n the user home d rectory, under
W ndows th s w ll be n the Documents And Settings\<username> d rectory. The
conf gurat on f le can also be spec f ed on the command l ne.
In the demo vers on of the JLAN Server k t the ma n appl cat ons are
org.alfresco.jlan.app.demo.JLANServer and
org.alfresco.jlan.app.demo.JLANServerService.
2.1 Jar Files
There are two Jar f les ncludes n the JLAN Server k t :-
• alfresco-jlan.jar
Conta ns the core server appl cat ons but does not conta n the database
nterface code for mySQL, Oracle or Cloudscape Derby.
• alfresco-jlan-db.jar
Conta ns the core server appl cat ons plus the mySQL, Oracle and Derby
database nterface classes.
The database f lesystem vers on of the Jar also requ res the appropr ate JDBC classes
to be on the classpath.
The JLAN Server requ res a JCE prov der that mplements MD4, MD5 and DES
hash ng/encrypt on algor thms. The k t conta ns the Crypt x JCE prov der, the Crypt x
l cence s reproduced below :-
Cryptix General License
Copyright (c) 1995-2005 The Cryptix Foundation Li ited.
All rights reserved.
Redistribution and use in source and binary for s, with or without
odification, are per itted provided that the following conditions are
et:
1. Redistributions of source code ust retain the copyright notice,
this list of conditions and the following disclai er.
2. Redistributions in binary for ust reproduce the above copyright
notice, this list of conditions and the following disclai er in
the docu entation and/or other aterials provided with the
distribution.
THIS SOFTWARE IS PROVIDED BY THE CRYPTIX FOUNDATION LIMITED AND
4
CONTRIBUTORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
IN NO EVENT SHALL THE CRYPTIX FOUNDATION LIMITED OR CONTRIBUTORS BE
LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
Other JCE prov ders may be used such as Bouncy Castle, or f you are us ng the IBM
JDK/JRE th s ncludes the requ red hash ng and encrypt on algor thms n the standard
k t.
2.2 org.alfresco.jlan.app.JLANServer
The JLANServer appl cat on can be run as a console appl cat on or as an NT serv ce.
The follow ng command l nes show var ous ways that the server appl cat on can be
started:-
java -jar alfresco-jlan.jar
java -cp .\alfresco-jlan.jar org.alfresco.jlan.app.JLANServer jlanconfig.xml
java -jar .\alfresco-jlan.jar jlanConfig.xml
A sample conf gurat on f le s ncluded n the demo k t (jlanserver.xml). The sample
conf gurat on f le s setup to use the W n32 NetBIOS nterface.
To use the NetBIOS over TCP/IP and/or nat ve SMB nterfaces the network broadcast
mask must be conf gured before the sample conf gurat on f le can be used.
The runsrv. at batch f le may also be used to start the server under W ndows.
2.3 org.alfresco.jlan.app.JLANServerService
The JLANServerServ ce appl cat on uses the Serv ceWrapper from Tanuk Software
(http://wrapper.tanuk software.org/) to prov de portab l ty and res l ence.
The Serv ceWrapper s ava lable for a w de range of platforms, nclud ng W ndows,
L nux, Mac OS X, Ir x, HP-UX, A x, FreeBSD and Solar s.
The JLAN Server k t conta ns the b nar es for W ndows, L nux, Solar s and Mac OS X
support n the service\ sub-d rectory. A pre-conf gured ServerWrapper conf gurat on
f le s ncluded – jlansrv.conf. The ma n JLAN Server conf gurat on f le s expected to
be n the user home d rectory, the jlansrv.conf f le only prov des the Serv ceWrapper
conf gurat on of the JVM, appl cat on class, logg ng, JVM mon tor ng and NT serv ce
parameters.
To start the JLANServerServ ce under W ndows use the JLANServer.exe n the
wrapper\windows sub-d rectory. To start as a console appl cat on use the follow ng
command l ne:-
jlanserver -c jlansrv.conf
The Serv ceWrapper can also be used to run the JLAN Server as an NT serv ce or
daemon process. To nstall and start the JLAN Server as an NT serv ce use the
follow ng commands:-
5
jlanserver -i jlansrv.conf
jlanserver -t jlansrv.conf
The wrapper.ntservice.account and wrapper.ntservice.password parameters n the
jlansrv.conf w ll need to be mod f ed before nstall ng the JLAN Server as an NT
serv ce.
To start the JLANServerServ ce under L nux, Solar s or FreeBSD use the jlanserver
appl cat on n the appropr ate wrapper\ sub-d rectory.
A scr pt s prov ded n the service\linux\ sub-d rectory that can be used to
start/stop/restart the JLAN Server as a daemon process under L nux.
For more nformat on on conf gur ng the Serv ceWrapper and to download support for
other operat ng systems v s t the Tanuk Software web s te at
http://wrapper.tanuk software.org/.
2.4 JLAN Server XML Configuration File
The JLAN Server s conf gured us ng a s mple XML f le. A DTD s ava lable n the k t to
val date the conf gurat on (jlanserver.dtd).
The conf gurat on s conta ned w th n the <jlanserver> sect on of the conf gurat on f le.
The server s conf gured v a the <servers>, <glo al>, <SMB>, <FTP>, <NFS>
<shares>, <security>, <shareMapper>, <DriveMappings>, <cluster> and <de ug>
sub-sect ons.
Conf gurat on tems added n recent vers ons of the JLAN Server are shown n bold
type.
2.4.1 Server Configuration
The <servers> sect on def nes the var ous protocol servers that are to be enabled.
Server Configuration
<SMB/> or <CIFS/> Enable the SMB server
<FTP/> Enable the FTP server
<NFS/> Enable the NFS server (mount server and ma n NFS server)
2.4.2 Global Configuration
The <glo al> sect on def nes the sett ngs that are global to the server conf gurat on
and var ous protocols.
Global Configuration
<t mezone name=”...”/>
<t mezone offset=”...”/>
Spec f es the server t mezone us ng e ther the name, such as
'GMT' or 'PST' w th the name attr bute, or by spec fy ng the
offset from UTC n m nutes w th the offset attr bute.
The offset may be spec f ed as a pos t ve or negat ve value.
6
Global Configuration
<t mezone name=”PST”/>
<t mezone offset=”-480”/>
2.4.3 SMB Server Configuration
The <SMB> sect on def nes the SMB/CIFS server conf gurat on deta ls and network
conf gurat on. The ma n host conf gurat on s conta ned w th n the <host> sub-sect on,
w th var ous debug sett ngs be ng spec f ed by the <sessionDe ug>, <net iosDe ug>
and <announceDe ug> tems.
Host Configuration
<host name=”...” doma n=”...”/> Spec f es the server name and doma n/workgroup
that the server s part of.
<host name=”JLANSRV” doma n=”STARLASOFT”/>
<al as names=”name1,name2,..”/> Spec f es al as names that the server w ll respond to.
<broadcast>n.n.n.n</broadcast> Network or subnet broadcast mask as a dotted
TCP/IP address. In some cases the value of
'255.255.255.255' may work.
<broadcast>90.1.255.255</broadcast>
<smbd alects>..,..</smbd alects> Enables the SMB d alects that the server w ll
negot ate w th a cl ent. The ava lable d alects are
Core, LanMan and NT.
<smbd alects>Core,LanMan,NT</smbd alects>
<comment>...</comment> Server comment sent out as part of the host
announcement and also returned by var ous
server/workstat on nformat on requests.
<comment>JLAN SMB Server</comment>
<b ndto>n.n.n.n</b ndto>
<b ndto adapter=”...”/>
Spec f es the network adapter to b nd to f the host
has mult ple network adapters. If not spec f ed the
SMB server w ll b nd to all ava lable adapters.
Alternat vely, the adapter name may be spec f ed
us ng the adapter attr bute. The adapter name s the
name returned by the NetworkInterface class, such
as 'eth0' or 'en0'.
<b ndto>90.1.0.0</b ndto>
<b ndto adapter=”eth0”/>
<authent cator type=”...”>
..
</authent cator>
Conf gures the CIFS server authent cat on
mechan sm.
The type attr bute spec f es that one of the suppl ed
7
Host Configuration
<authent cator>
<class>...</class>
..
</authent cator>
authent cators be used. The ava lable values are
'local' for the s mple authent cator that supports
NTLM1 logons, 'passthru' for the passthru
authent cator or 'enterpr se' for the authent cator
that supports NTLM v1, NTLM v2 and Kerberos
logons.
A custom authent cator can be spec f ed by us ng the
<class> conf gurat on tag. Other conf gurat on tags
may be spec f ed as requ red.
<netBIOSSMB/>
<netBIOSSMB b ndto=”n.n.n.n”/>
<netBIOSSMB adapter=”...”/>
<netBIOSSMB platforms=”...”/>
Enables the NetBIOS over TCP/IP protocol on port
139.
To run the JLAN SMB Server under W ndows you
must d sable NetBIOS over TCP/IP v a the Network
Control Panel.
The indto attr bute may be spec f ed to b nd the
NetBIOS name server to a part cular address when
the system has mult ple network adapters.
Alternat vely, the adapter name may be spec f ed
us ng the adapter attr bute. The adapter name s the
name returned by the NetworkInterface class, such
as 'eth0' or 'en0'.
The platforms attr bute may be spec f ed to control
wh ch platforms the NetBIOS SMB component w ll be
enabled on. The platforms value s a comma
del meted l st of platform names where the val d
names are linux, macosx, windows, solaris and aix.
NetBIOS over TCP/IP may be enabled at the same
t me as the nat ve SMB over TCP/IP protocol.
<tcp pSMB/>
<tcp pSMB platforms=”...”/>
<tcp pSMB pv6=”enabled”/>
Enables the nat ve SMB over TCP/IP protocol on port
445.
The platforms attr bute may be spec f ed to control
wh ch platforms the NetBIOS SMB component w ll be
enabled on. The platforms value s a comma
del meted l st of platform names where the val d
names are linux, macosx, windows, solaris and aix.
The ipv6 attr bute enables nat ve SMB support under
Ipv6 sockets. The JLAN Server w ll b nd to IPv4 and
IPv6 sockets.
To run the nat ve SMB over TCP/IP protocol under
W ndows you need to d sable W ndows from us ng
the port v a the follow ng reg stry key:-
8
Host Configuration
[HKLM\SYSTEM\CurrentControlSet\Serv ces\NetBT\P
arameters]
“SMBDev ceEnabled”=dword:00000000
Nat ve SMB over TCP/IP may be enabled at the
same t me as NetBIOS over TCP/IP.
The k t conta ns a reg stry f le ( port445.reg) wh ch
can be used to d sable the W ndows f le server on
port 445.
<W n32NetBIOS name=”...”
accept=”...” lana=”n” ap =”...”/>
Enables the W n32 NetBIOS nat ve nterface protocol
that uses the W n32 Netb os() API call to prov de the
nam ng, sess on and datagram support.
The name attr bute spec f es the server name to
accept connect ons on. If not spec f ed the ma n SMB
server name s used.
The accept attr bute can be used to restr ct the
cl ents that are allowed to connect to the server. Th s
s useful f the JLAN Server should only be access ble
from the local host.
The lana attr bute can be used to spec fy wh ch
NetBIOS LAN adapter the W n32 NetBIOS nterface
w ll use. If not spec f ed the f rst ava lable LANA w ll
be used.
The api attr bute s used to spec fy the nat ve code
nterface to be used. The val d values are net ios for
the or g nal W n32 Netb os() API based code or
winsock for the new W nsock Netb os based code.
The default s to use the W nsock NetBIOS code.
<WINS>
<pr mary>...</pr mary>
<secondary>...</secondary>
</WINS>
Enables the NetBIOS name server to use the
spec f ed WINS server(s) when reg ster ng the local
NetBIOS names.
The secondary WINS server address s opt onal.
<hostAnnounce nterval='n'/> Enables host announcement so that the JLAN SMB
server appears under Network Ne ghborhood. Host
announcements w ll only be sent out f the NetBIOS
over TCP/IP protocol s enabled v a the
<netBIOSSMB/> conf gurat on tem.
The interval attr bute spec f es the announcement
9
Host Configuration
nterval n m nutes.
<hostAnnounce nterval=”5”/>
<HostAnnouncerPort>
n
</HostAnnouncerPort>
Spec f es the datagram port to be used by the host
announcer when send ng announcement datagrams.
If not spec f ed the default port of 138 w ll be used.
<W n32Announce nterval=”n”/> Enables host announcement v a the W n32 Netb os
API so that the JLAN SMB server appears under
Network Ne ghborhood.
The interval attr bute spec f es the announcement
nterval n m nutes.
<sess onT meout>
n
</sess onT meout>
Spec f es the CIFS sess on t meout value n seconds.
The default sess on t meout s 15 m nutes.
If no I/O occurs on the sess on w th n th s t me then
the sess on w ll be closed by the server. W ndows
cl ents send keep-al ve requests, usually w th n 15
m nutes.
<d sableNIO/> D sables the new NIO based CIFS server code and
reverts to us ng the older socket and JNI based
code.
The SMB server has many debug sett ngs wh ch are controlled by the follow ng
conf gurat on tems:-
SMB Server Debug Configuration
<sess onDebug flags=”...”/> Enables var ous SMB sess on level debug output. See the
table below for the l st of ava lable debug levels.
<sess onDebug flags=”NetBIOS,F le,IPC,Error”/>
<netb osDebug/> Enables NetBIOS name server debug output.
<announceDebug/> Enables host announcer debug output.
10
The follow ng table l sts the ava lable sess on debug levels:-
Session Debug Levels
NETBIOS Name sess on debugg ng
STATE Sess on state changes
RXDATA Rece ved sess on data
TXDATA Transm tted sess on data
ERROR Request errors
NEGOTIATE SMB d alect negot at on
TREE Share connect on/d sconnect on
SEARCH F le/d rectory searches
INFO Informat on requests
FILE F le access
FILEIO F le read/wr te
TRANSACT SMB transact ons
ECHO Cl ent sess on keep-al ve
IPC IPC$ named p pe requests
PKTTYPE Output rece ved packet type
DCERPC DCE/RPC handl ng
NOTIFY Change not f cat on process ng
STREAMS NTFS streams
SOCKET Low level connect ons
LOCK F le byte range locks/unlocks
STATECACHE F le state cach ng
TIMING Request/response t m ng
PKTPOOL Memory pool allocat ons/deallocat ons
PKTSTATS Dump memory pool stat st cs dur ng server shutdown
THREADPOOL Thread pool
BENCHMARK Benchmark ng
STATECACHE F le state cache
OPLOCK Oplocks
A sample SMB conf gurat on sect on s shown below:-
<SMB>
< ost name="JLANSRV" domain="STARLASOFT">
<broadcast>192.168.1.255</broadcast>
<smbdialects>Core,LanMan,NT</smbdialects>
<comment>JLAN SMB Server</comment>
<bindto>192.168.1.2</bindto>
11
<netBIOSSMB/>
< ostAnnounce interval="5"/>
</ ost>
<sessionDebug flags="Negotiate,Tree"/>
<netbiosDebug/>
<announceDebug/>
</SMB>
2.4.4 Cluster Configuration
The <cluster> sect on def nes the global cluster conf gurat on.
The JLAN Server currently has clustered f le state cache and debug nterface classes
wh ch are based on the Hazelcast cluster ng code. The <cluster> conf gurat on sect on
allows a s ngle Hazelcast nstance to be used by mult ple clustered f lesystems and/or
have debug output p ped to a central server.
Cluster Configuration
<conf gF le>
…
</conf gF le>
Spec f es the path of the Hazelcast XML conf gurat on f le
that s used to create the shared Hazelcast nstance.
2.4.5 FTP Server Configuration
The <FTP> sect on def nes the FTP server conf gurat on.
FTP Configuration
<authent cator>
<class>...</class>
..
</authent cator>
The authent cator conf gurat on sub-sect on s used to
enable a custom FTP authent cat on class that mplements
the org.alfresco.jlan.ftp.FTPAuthenticator nterface.
The class must be spec f ed, other conf gurat on parameters
may be spec f ed as requ red.
<b ndto>n.n.n.n</b ndto>
<b ndto adapter=”...”/>
Spec f es wh ch network adapter to b nd to f the host has
mult ple network adapters. If not spec f ed the FTP server
w ll b nd to all ava lable adapters.
Alternat vely, the adapter name may be spec f ed us ng the
adapter attr bute. The adapter name s the name returned
by the NetworkInterface class, such as 'eth0' or 'en0'.
<b ndto>192.168.1.2</b ndto>
<b ndto adapter=”eth0”/>
<port>n</port> Spec f es the port that the FTP server l stens for ncom ng
connect ons on. The default port s 21.
<rootD rectory>
..
</rootD rectory>
Spec f es the path to be used for the root d rectory when a
cl ent connects to the FTP server.
The root d rectory path must be spec f ed us ng the FTP
12
FTP Configuration
path format, us ng forward slashes n the path '/'.
The root d rectory path may spec fy just the v rtual
f lesystem to be used as the root, e. /name, or may
conta n one or more sub-d rector es on the part cular v rtual
f lesystem, e. /name/d r1/d r2.
<dataPorts rangeFrom=”n”
rangeTo=”n”/>
Allows a port range to be spec f ed to control the data ports
that the FTP server may open.
<allowAnonymous/> Allow anonymous access to the FTP server. If not enabled
only def ned users w ll be able to access the FTP server.
<debug flags=”...”/> Enables var ous FTP server/sess on debug output.
<s teInterface>
<class>..</class>
..
</s teInterface>
The s te nterface conf gurat on sub-sect on s used to
enable s te spec f c extens ons to the FTP server.
The class must be spec f ed, and must mplement the
org.alfresco.jlan.ftp.FTPSiteInterface nterface. Other
conf gurat on parameters may be spec f ed as requ red.
<keyStore>
…
</keyStore>
Path to the keys store f le when FTPS s enabled.
<trustStore>
…
</trustStore>
Path to the trust store f le when FTPS s enabled.
<storePassp rase>
…
</storePassp rase>
Store passphrase
<requireSecureSession/> Only allow sess ons that use an FTPS logon.
<sslEngineDebug/> Enable FTPS SSL eng ne debug output.
The follow ng table l sts the ava lable FTP debug levels:-
FTP Debug Levels
STATE Sess on state changes
RXDATA Rece ved sess on data
TXDATA Transm tted sess on data
SEARCH F le/d rectory searches
INFO Informat on requests
FILE F le access
FILEIO F le read/wr te
ERROR Request errors
PKTTYPE Request types
DATAPORT Data sess on
DIRECTORY D rectory related commands
13
FTP Debug Levels
TIMING Request/response t m ng
SSL FTPS/SSL
A sample FTP server conf gurat on sect on s shown below:-
<FTP>
<bindto>192.168.1.2</bindto>
<allowAnonymous/>
<debug flags=”File,FileIO,Searc ,Error”/>
</FTP>
14
2.4.6 NFS Server Configuration
The <NFS> sect on def nes the NFS server conf gurat on.
NFS Configuration
<enablePortMapper/> Enable the port mapper serv ce.
<MountServerPort>
n
</MountServerPort>
Spec f es the port to be used by the mount server for UDP
and TCP requests.
If not spec f ed the next ava lable port w ll be allocated to
the mount server.
<PortMapperPort>
n
</PortMapperPort>
Spec f es the port to be used by the port mapper for UDP
and TCP requests.
If not spec f ed the default port of 111 w ll be used.
<NFSServerPort>
n
</NFSServerPort>
Spec f es the port to be used by the NFS server for UDP and
TCP requests.
If not spec f ed the default port of 2049 w ll be used.
<PacketPool>
n
</PacketPool>
Spec f es the number of RPC request packet buffers to
allocate for request process ng. The value must be at least
equal to the thread pool s ze plus one.
The packet pool should be two to three t mes the thread
pool s ze for opt mum performance.
<ThreadPool>
n
</ThreadPool>
Number of worker threads to allocate to the thread pool
that processes RPC requests from NFS cl ents. The thread
pool s now shared between the TCP and UDP connect ons.
Defaults to 16 worker threads.
<debug flags=”...”/> Enable var ous NFS server debug output.
<mountServerDebug/> Enables mount server debug output.
<portMapperDebug/> Enables port mapper server debug output.
<rpcAuthent cator>
<class>...</class>
</rpcAuthent cator>
Spec f es the class to be used to prov de RPC authent cat on
to the mount and NFS servers.
The class must mplement the
org.alfresco.jlan.oncrpc.RpcAuthenticator nterface.
A default RPC authent cator that allows any cl ent to access
the RPC servers s used f no authent cator s spec f ed.
<disablePortMapperRegistrat
ion/>
Do not reg ster the NFS and mount servers w th a port
mapper serv ce.
<FileCac e>n[:m]</FileCac
e>
F le cache t mer value(s) n seconds. Spec f es the amount
of t me to keep a f le open after an I/O or close request s
15
NFS Configuration
rece ved.
If only a s ngle value s spec f ed t w ll be used for f le I/O
and f le close t mers.
Two values may be spec f ed, seperated by a ':'. The f rst
value s the I/O t mer and the second value s the f le close
t mer, n seconds.
<fileCac eDebug/> Enable f le cache debug output.
The follow ng table l sts the ava lable NFS debug levels:-
NFS Debug Levels
RXDATA Rece ved sess on data
TXDATA Transm tted sess on data
SEARCH F le/d rectory searches
INFO Informat on requests
FILE F le access
FILEIO F le read/wr te
ERROR Request errors
DIRECTORY D rectory related commands
A sample NFS server conf gurat on sect on s shown below:-
<NFS>
<enablePortMapper/>
<debug flags=”File,Fileio,Searc ,Mount”/>
</NFS>
16
2.4.7 S ares Configuration
The <shares> sect on def nes the ava lable v rtual f lesystems. Each v rtual f lesystem
s assoc ated w th a dr ver class that prov des the nterface between the v rtual
f lesystem and the core protocol servers.
The JLAN Server Jar f le conta ns two v rtual f lesystem dr vers:-
•JavaF leD skDr ver
Maps the v rtual f lesystem to the local f lesystem us ng the java. o.F le
class.
•DBD skDr ver
Uses a database to hold the v rtual f lesystem structure. The database
nterface used s conf gurable to allow d fferent database types to be
used. The f le data s accessed v a a f le loader class w th d fferent
mplementat ons allow ng the f le data to be stored on the local
f lesystem, n database BLOB f elds or n a repos tory.
S ares Configuration
<d skshare name=”...”
comment=”...”/>
Def nes a v rtual f lesystem. The name attr bute spec f es
the share name that w ll be used by a cl ent to map or
mount the v rtual f lesystem.
The opt onal comment s returned by var ous nformat on
requests.
<d skshare name=”JLAN” comment=”Test area”/>
<dr ver> Spec f es the start of the d sk share dr ver class def n t on
block.
<accessControl>
<accessControl default=”...”>
Spec f es the access control rules block.
The default attr bute spec f es the default access for
cl ents that do not match any of the access control rules.
The default value may be Read for read-only access, Write
for read/wr te access or None for no access.
An empty access control block may be spec f ed w th a
default value or Read or Write.
<d sableChangeNot f cat on/> D sables the process ng of change not f cat ons for th s
v rtual f lesystem.
W ndows cl ents reg ster for change not f cat on to watch
f le/d rectory changes made by other cl ents.
<s ze totalS ze=”n”
freeS ze=”n”/>
<s ze totalS ze=”n” freeS ze=”n”
blockS ze=”n”
blocksPerUn t=”n”/>
Spec f es the v rtual d sk s ze, free space and opt onally
the block and allocat on un t s zes.
The d sk s ze and free space may be spec f ed as 'n' bytes,
'nK' for k lobytes, 'nM' for megabytes or 'nT' for terabytes.
17
S ares Configuration
The blockS ze defaults to 512 bytes and the blocksPerUn t
defaults to 64 to nd cate a 32Kb allocat on un t. It s
recommended that these values are not altered.
The v rtual f lesystem dr ver class may mplement the
DiskSizeInterface to prov de dynam c d sk s ze
nformat on.
<volume label=”...” ser al=”n”
created=”d”/>
Spec f es the v rtual d sk volume label, and opt onally the
ser al number and creat on date/t me.
The creat on date/t me str ng should be n the 'dd-MMM-
yyyy' or 'dd-MMM-yyyy hh:mm:ss' format.
The v rtual f lesystem dr ver class may mplement the
DiskVolumeInterface to prov de the volume nformat on
programat cally.
The <dr ver> sub-sect on conta ns the v rtual f lesystem dr ver class deta ls and dr ver
spec f c conf gurat on values. The <dr ver> sect on must conta n a <class>...</class>
tem to spec fy the dr ver class, for example:-
<class>org.alfresco.jlan.smb.server.disk.JavaFileDiskDriver</class>
The <accessControl> sub-sect on conta ns the access control rules that are used to
allow read or read/wr te access to the share, or to d sallow access to the share.
The <accessControl> block may be empty f a default access of Read or Wr te s
spec f ed, for example :-
<accessControl default=”Read”/>
The follow ng table deta ls the access control rules that are ava lable v a the default
access control manager. The access attr bute may have the value Read for read-only
access, Write for read/wr te access or None to d sallow access.
Access Control Rule Description
<user name=”...” access=”...”/> Set the access for the spec f ed user.
The rule appl es to SMB/CIFS and FTP
sess ons.
<protocol type=”...” access=”...”/> Set the access depend ng upon the protocol
used by the cl ent.
The type attr bute may conta n a comma
del meted l st of protocol names. Val d
protocol names are SMB, CIFS, NFS and FTP.
<address subnet=”...” mask=”...”
access=”...”/>
Set the access depend ng upon the cl ents
network address.
The su net attr bute spec f es the network
18
Access Control Rule Description
subnet n n.n.n.n format.
The mask attr bute spec f es the network
mask n n.n.n.n format.
<address p=”...” access=”...”/> Set the access depend ng upon the cl ents
network address.
The ip attr bute spec f es the cl ent address n
n.n.n.n format.
<doma n name=”...” access=”...”/> Set the access depend ng on the callers
doma n name.
Th s rule only appl es to SMB/CIFS sess ons.
A sample access control block s shown below :-
<disks are name="TESTAREA">
<driver>
<class>
org.alfresco.jlan.smb.server.disk.JavaFileDiskDriver
</class>
<LocalPat >N:\TestArea</LocalPat >
</driver>
<volume label="TESTLABEL"/>
<size totalSize="2T" freeSize="100G"/>
<accessControl default="Read">
<user name="gkspencer" access="Write"/>
<user name="GK Spencer" access="Write"/>
<address subnet="192.168.1.0" mask="255.255.255.0" access="Write"/>
<domain name="LAPTOP" access="None"/>
</accessControl>
</disks are>
19
2.4.7.1 JavaFileDiskDriver Configuration
The JavaFileDiskDriver class maps a v rtual f lesystem to the local f lesystem us ng the
java.io.File class. The JavaFileDiskDriver class s n the
org.alfresco.jlan.sm .server.disk package.
The <driver> sub-sect on conf gurat on parameters are shown below:-
JavaFileDiskDriver Configuration
<LocalPath>...</LocalPath> Spec f es the local path to map the v rtual f lesystem to.
A sample JavaF leD skDr ver share conf gurat on sect on s shown below:-
<s ares>
<disks are name=”JLAN” comment=”Test s are”>
<class>
org.alfresco.jlan.smb.server.disk.JavaFileDiskDriver
</class>
<LocalPat >R:\JLAN</LocalPat >
</disks are>
</s ares>
20
Table of contents
