Multipe Djigzo Instances

On 02/25/2011 10:46 AM, Manuel Faux wrote:

--
Djigzo open source email encryption

-----Original Message-----
From: users-bounces(a)lists.djigzo.com [mailto:users-bounces(a)lists.djigzo.com] On Behalf Of Martijn Brinkers
Sent: Friday, February 25, 2011 12:46 PM
To: users(a)lists.djigzo.com
Subject: Re: Multipe Djigzo Instances

On 02/25/2011 10:46 AM, Manuel Faux wrote:

Hi,

I want to run multiple Djigzo instances on one server with one Postfix installation. What I did so far is the following:

- Copied the Djigzo files in one folder for each instance

- Created one database for each instance

- Configured each instance to use its database in the hibernate.cfg.xml

- Configured an individual SOAP port for each instance

- Deployed the backend for each Djigzo instance (this was a bit tricky, because I had to modify djigzo-web to allow overruling some configuration values via the Tomcat context (feel free to contact me to hand over you the sources) because each instance has to use an own SOAP port)

- Added the content filter pipe to Postfix's master.cf for each instance

- Added the inet TCP socket for each instance in master.cf

- Created one init script for each instance

This setup works so far, but I'm unsure if I've forgotten something or some other things will interfere. I am aware of the fact I cannot use Djigzo-Web to configure Postfix anymore or to view the logs, does anyone see other limitations?

How does Postfix decide which back-end to use? based on sender domain?

You should be able to manage Postfix and see the log files from the Web GUI but each instance modifies the same Postfix config and shows the same log file.

Instead of modifying djigzo-web to use a different soap port you can specify the soap port in the Tomcat context file
(/etc/tomcat6/Catalina/localhost):

<Context docBase="/usr/share/djigzo-web/djigzo.war" unpackWAR="false">
    <Parameter name="djigzo.system.properties"
value="djigzo-web.spring.authenticator.config=spring-default-authenticator.xml&#10;djigzo.ws.server.port=12345"
override="false"/>
</Context>

The <Parameter> setting overrides the <context-param> setting for "djigzo.system.properties" in web.xml. In the above example, the soap port is set to 12345.

Is there a documented way, how to chroot Djigzo?

Djigzo runs on Java (OpenJDK) so you should chroot the complete OpenJDK runtime. This is probably possible although I'm not sure whether it's worth the effort since Java is very secure (unless you use Web Applets in your browser but no one is using that any more :).

Kind regards,

Martijn

--
Djigzo open source email encryption

On 04/13/2011 01:11 PM, Manuel Faux wrote:

-----Original Message-----
From: users-bounces(a)lists.djigzo.com [mailto:users-bounces(a)lists.djigzo.com] On Behalf Of Martijn Brinkers
Sent: Friday, February 25, 2011 12:46 PM
To: users(a)lists.djigzo.com
Subject: Re: Multipe Djigzo Instances

On 02/25/2011 10:46 AM, Manuel Faux wrote:

Hi,

I want to run multiple Djigzo instances on one server with one Postfix installation. What I did so far is the following:

- Copied the Djigzo files in one folder for each instance

- Created one database for each instance

- Configured each instance to use its database in the hibernate.cfg.xml

- Configured an individual SOAP port for each instance

- Deployed the backend for each Djigzo instance (this was a bit tricky, because I had to modify djigzo-web to allow overruling some configuration values via the Tomcat context (feel free to contact me to hand over you the sources) because each instance has to use an own SOAP port)

- Added the content filter pipe to Postfix's master.cf for each instance

- Added the inet TCP socket for each instance in master.cf

- Created one init script for each instance

This setup works so far, but I'm unsure if I've forgotten something or some other things will interfere. I am aware of the fact I cannot use Djigzo-Web to configure Postfix anymore or to view the logs, does anyone see other limitations?

How does Postfix decide which back-end to use? based on sender domain?

You should be able to manage Postfix and see the log files from the Web GUI but each instance modifies the same Postfix config and shows the same log file.

Instead of modifying djigzo-web to use a different soap port you can specify the soap port in the Tomcat context file
(/etc/tomcat6/Catalina/localhost):

<Context docBase="/usr/share/djigzo-web/djigzo.war" unpackWAR="false">
    <Parameter name="djigzo.system.properties"
value="djigzo-web.spring.authenticator.config=spring-default-authenticator.xml&#10;djigzo.ws.server.port=12345"
override="false"/>
</Context>

The <Parameter> setting overrides the <context-param> setting for "djigzo.system.properties" in web.xml. In the above example, the soap port is set to 12345.

Is there a documented way, how to chroot Djigzo?

Djigzo runs on Java (OpenJDK) so you should chroot the complete OpenJDK runtime. This is probably possible although I'm not sure whether it's worth the effort since Java is very secure (unless you use Web Applets in your browser but no one is using that any more :).

Kind regards,

Martijn

--
Djigzo open source email encryption
_______________________________________________
Users mailing list
Users(a)lists.djigzo.com
http://lists.djigzo.com/lists/listinfo/users

--
Djigzo open source email encryption

-----Original Message-----
From: users-bounces(a)lists.djigzo.com [mailto:users-bounces(a)lists.djigzo.com] On Behalf Of Martijn Brinkers
Sent: Friday, February 25, 2011 12:46 PM
To: users(a)lists.djigzo.com
Subject: Re: Multipe Djigzo Instances

On 02/25/2011 10:46 AM, Manuel Faux wrote:

Hi,

I want to run multiple Djigzo instances on one server with one Postfix installation. What I did so far is the following:

- Copied the Djigzo files in one folder for each instance

- Created one database for each instance

- Configured each instance to use its database in the hibernate.cfg.xml

- Configured an individual SOAP port for each instance

- Deployed the backend for each Djigzo instance (this was a bit tricky, because I had to modify djigzo-web to allow overruling some configuration values via the Tomcat context (feel free to contact me to hand over you the sources) because each instance has to use an own SOAP port)

- Added the content filter pipe to Postfix's master.cf for each instance

- Added the inet TCP socket for each instance in master.cf

- Created one init script for each instance

This setup works so far, but I'm unsure if I've forgotten something or some other things will interfere. I am aware of the fact I cannot use Djigzo-Web to configure Postfix anymore or to view the logs, does anyone see other limitations?

How does Postfix decide which back-end to use? based on sender domain?

You should be able to manage Postfix and see the log files from the Web GUI but each instance modifies the same Postfix config and shows the same log file.

Instead of modifying djigzo-web to use a different soap port you can specify the soap port in the Tomcat context file
(/etc/tomcat6/Catalina/localhost):

<Context docBase="/usr/share/djigzo-web/djigzo.war" unpackWAR="false">
    <Parameter name="djigzo.system.properties"
value="djigzo-web.spring.authenticator.config=spring-default-authenticator.xml&#10;djigzo.ws.server.port=12345"
override="false"/>
</Context>

The <Parameter> setting overrides the <context-param> setting for "djigzo.system.properties" in web.xml. In the above example, the soap port is set to 12345.

Is there a documented way, how to chroot Djigzo?

Djigzo runs on Java (OpenJDK) so you should chroot the complete OpenJDK runtime. This is probably possible although I'm not sure whether it's worth the effort since Java is very secure (unless you use Web Applets in your browser but no one is using that any more :).

Kind regards,

Martijn

--
Djigzo open source email encryption

On 04/13/2011 03:04 PM, Manuel Faux wrote:

Kind regards,
Manuel Faux

-----Original Message-----
From: users-bounces(a)lists.djigzo.com [mailto:users-bounces(a)lists.djigzo.com] On Behalf Of Martijn Brinkers
Sent: Friday, February 25, 2011 12:46 PM
To: users(a)lists.djigzo.com
Subject: Re: Multipe Djigzo Instances

On 02/25/2011 10:46 AM, Manuel Faux wrote:

Hi,

I want to run multiple Djigzo instances on one server with one Postfix installation. What I did so far is the following:

- Copied the Djigzo files in one folder for each instance

- Created one database for each instance

- Configured each instance to use its database in the hibernate.cfg.xml

- Configured an individual SOAP port for each instance

- Deployed the backend for each Djigzo instance (this was a bit tricky, because I had to modify djigzo-web to allow overruling some configuration values via the Tomcat context (feel free to contact me to hand over you the sources) because each instance has to use an own SOAP port)

- Added the content filter pipe to Postfix's master.cf for each instance

- Added the inet TCP socket for each instance in master.cf

- Created one init script for each instance

This setup works so far, but I'm unsure if I've forgotten something or some other things will interfere. I am aware of the fact I cannot use Djigzo-Web to configure Postfix anymore or to view the logs, does anyone see other limitations?

How does Postfix decide which back-end to use? based on sender domain?

You should be able to manage Postfix and see the log files from the Web GUI but each instance modifies the same Postfix config and shows the same log file.

Instead of modifying djigzo-web to use a different soap port you can specify the soap port in the Tomcat context file
(/etc/tomcat6/Catalina/localhost):

<Context docBase="/usr/share/djigzo-web/djigzo.war" unpackWAR="false">
    <Parameter name="djigzo.system.properties"
value="djigzo-web.spring.authenticator.config=spring-default-authenticator.xml&#10;djigzo.ws.server.port=12345"
override="false"/>
</Context>

The <Parameter> setting overrides the <context-param> setting for "djigzo.system.properties" in web.xml. In the above example, the soap port is set to 12345.

Is there a documented way, how to chroot Djigzo?

Djigzo runs on Java (OpenJDK) so you should chroot the complete OpenJDK runtime. This is probably possible although I'm not sure whether it's worth the effort since Java is very secure (unless you use Web Applets in your browser but no one is using that any more :).

Kind regards,

Martijn

--
Djigzo open source email encryption
_______________________________________________
Users mailing list
Users(a)lists.djigzo.com
http://lists.djigzo.com/lists/listinfo/users

--
Djigzo open source email encryption

-----Original Message-----
From: users-bounces(a)lists.djigzo.com [mailto:users-bounces(a)lists.djigzo.com] On Behalf Of Martijn Brinkers
Sent: Wednesday, April 13, 2011 3:24 PM
To: users(a)lists.djigzo.com
Subject: Re: Multipe Djigzo Instances

On 04/13/2011 03:04 PM, Manuel Faux wrote:

Hi,

Sorry for the blank mails, this seems to be a bug in my Outlook 2007 mail client...

Here's my question to the mailing list:

I've tried overriding Djigzo default's by using your method:

<Context docBase="/usr/share/djigzo-web/djigzo.war" path="/djigzo1">
  <Parameter name="djigzo.system.properties" value="djigzo-web.spring.authenticator.config=spring-default-authenticator.xml&#10;djigzo.ws.server.port=10901" override="false"/>
  <Parameter name="djigzo.system.properties" value="djigzo-web.spring.authenticator.config=spring-default-authenticator.xml&#10;djigzo.ws.server.host=192.168.1.101" override="false"/>
  <Parameter name="djigzo.system.properties"
value="djigzo-web.spring.authenticator.config=spring-default-authentic
ator.xml&#10;soap.password=pvaj3pa8321kjzzzz2" override="false"/>
</Context>

It seems Djigzo ignores the settings. Is there a way to determine which settings are set for each option?

Is the format of the value parameter correct: "djigzo-web.spring.authenticator.config=<value>&10;<option>=<value>"? What does the djigz-web.spring.authenticator.xml represent?

No you should only add one "djigzo.system.properties" parameter. The context only seems to support just one parameter so you need to encode the properties into one string (this is Tomcat shortcoming). Because the properties need to be newline separated and XML does not directly support a NL character you need to XML write the NL as &#10;

So in your case I think the parameter value should look like:

"djigzo-web.spring.authenticator.config=spring-default-authenticator.xml&#10;djigzo.ws.server.port=12345&#10;djigzo.ws.server.host=192.168.1.101&#10;soap.password=pvaj3pa8321kjzzzz2"

Note: without any newlines (my mail app adds the newlines)

The reason you need to add "djigzo-web.spring.authenticator.config=" is that it's a required system setting.

If you look at web.xml in the djigzo-web.war file the following section does more or less the same thing:

<context-param>
<param-name>djigzo.system.properties</param-name>
<param-value>
    <!-- Use the default authenticator. -->
    djigzo-web.spring.authenticator.config=spring-default-
authenticator.xml
</param-value>
</context-param>

The only difference is that in web.xml you can use newline characters.
Now because you are overriding the "djigzo.system.properties" settings in the Context you should also add the "djigzo-web.spring.authenticator.config" setting in your properties because all existing settings in web.xml will no longer be used.

Instead of specifying everything in the Context you can create multiple copies of djigzo-web.war and change the web.xml contained in the war files (a war file is just a zip with a different extension). I however would prefer the Context approach because that only requires 'external'
changes.

Kind regards,

Martijn Brinkers

Kind regards,
Manuel Faux

-----Original Message-----
From: users-bounces(a)lists.djigzo.com
[mailto:users-bounces(a)lists.djigzo.com] On Behalf Of Martijn Brinkers
Sent: Friday, February 25, 2011 12:46 PM
To: users(a)lists.djigzo.com
Subject: Re: Multipe Djigzo Instances

On 02/25/2011 10:46 AM, Manuel Faux wrote:

Hi,

I want to run multiple Djigzo instances on one server with one Postfix installation. What I did so far is the following:

- Copied the Djigzo files in one folder for each instance

- Created one database for each instance

- Configured each instance to use its database in the hibernate.cfg.xml

- Configured an individual SOAP port for each instance

- Deployed the backend for each Djigzo instance (this was a bit tricky, because I had to modify djigzo-web to allow overruling some configuration values via the Tomcat context (feel free to contact me to hand over you the sources) because each instance has to use an own SOAP port)

- Added the content filter pipe to Postfix's master.cf for each instance

- Added the inet TCP socket for each instance in master.cf

- Created one init script for each instance

This setup works so far, but I'm unsure if I've forgotten something or some other things will interfere. I am aware of the fact I cannot use Djigzo-Web to configure Postfix anymore or to view the logs, does anyone see other limitations?

How does Postfix decide which back-end to use? based on sender domain?

You should be able to manage Postfix and see the log files from the Web GUI but each instance modifies the same Postfix config and shows the same log file.

Instead of modifying djigzo-web to use a different soap port you can
specify the soap port in the Tomcat context file
(/etc/tomcat6/Catalina/localhost):

<Context docBase="/usr/share/djigzo-web/djigzo.war" unpackWAR="false">
    <Parameter name="djigzo.system.properties"
value="djigzo-web.spring.authenticator.config=spring-default-authenticator.xml&#10;djigzo.ws.server.port=12345"
override="false"/>
</Context>

The <Parameter> setting overrides the <context-param> setting for "djigzo.system.properties" in web.xml. In the above example, the soap port is set to 12345.

Is there a documented way, how to chroot Djigzo?

Djigzo runs on Java (OpenJDK) so you should chroot the complete OpenJDK runtime. This is probably possible although I'm not sure whether it's worth the effort since Java is very secure (unless you use Web Applets in your browser but no one is using that any more :).

Kind regards,

Martijn

--
Djigzo open source email encryption
_______________________________________________
Users mailing list
Users(a)lists.djigzo.com
http://lists.djigzo.com/lists/listinfo/users

--
Djigzo open source email encryption

On 04/16/2011 01:43 PM, Manuel Faux wrote:

Kind regards,
Manuel Faux

-----Original Message-----
From: users-bounces(a)lists.djigzo.com [mailto:users-bounces(a)lists.djigzo.com] On Behalf Of Martijn Brinkers
Sent: Wednesday, April 13, 2011 3:24 PM
To: users(a)lists.djigzo.com
Subject: Re: Multipe Djigzo Instances

On 04/13/2011 03:04 PM, Manuel Faux wrote:

Hi,

Sorry for the blank mails, this seems to be a bug in my Outlook 2007 mail client...

Here's my question to the mailing list:

I've tried overriding Djigzo default's by using your method:

<Context docBase="/usr/share/djigzo-web/djigzo.war" path="/djigzo1">
  <Parameter name="djigzo.system.properties" value="djigzo-web.spring.authenticator.config=spring-default-authenticator.xml&#10;djigzo.ws.server.port=10901" override="false"/>
  <Parameter name="djigzo.system.properties" value="djigzo-web.spring.authenticator.config=spring-default-authenticator.xml&#10;djigzo.ws.server.host=192.168.1.101" override="false"/>
  <Parameter name="djigzo.system.properties"
value="djigzo-web.spring.authenticator.config=spring-default-authentic
ator.xml&#10;soap.password=pvaj3pa8321kjzzzz2" override="false"/>
</Context>

It seems Djigzo ignores the settings. Is there a way to determine which settings are set for each option?

Is the format of the value parameter correct: "djigzo-web.spring.authenticator.config=<value>&10;<option>=<value>"? What does the djigz-web.spring.authenticator.xml represent?

No you should only add one "djigzo.system.properties" parameter. The context only seems to support just one parameter so you need to encode the properties into one string (this is Tomcat shortcoming). Because the properties need to be newline separated and XML does not directly support a NL character you need to XML write the NL as &#10;

So in your case I think the parameter value should look like:

"djigzo-web.spring.authenticator.config=spring-default-authenticator.xml&#10;djigzo.ws.server.port=12345&#10;djigzo.ws.server.host=192.168.1.101&#10;soap.password=pvaj3pa8321kjzzzz2"

Note: without any newlines (my mail app adds the newlines)

The reason you need to add "djigzo-web.spring.authenticator.config=" is that it's a required system setting.

If you look at web.xml in the djigzo-web.war file the following section does more or less the same thing:

<context-param>
<param-name>djigzo.system.properties</param-name>
<param-value>
    <!-- Use the default authenticator. -->
    djigzo-web.spring.authenticator.config=spring-default-
authenticator.xml
</param-value>
</context-param>

The only difference is that in web.xml you can use newline characters.
Now because you are overriding the "djigzo.system.properties" settings in the Context you should also add the "djigzo-web.spring.authenticator.config" setting in your properties because all existing settings in web.xml will no longer be used.

Instead of specifying everything in the Context you can create multiple copies of djigzo-web.war and change the web.xml contained in the war files (a war file is just a zip with a different extension). I however would prefer the Context approach because that only requires 'external'
changes.

Kind regards,

Martijn Brinkers

Kind regards,
Manuel Faux

-----Original Message-----
From: users-bounces(a)lists.djigzo.com
[mailto:users-bounces(a)lists.djigzo.com] On Behalf Of Martijn Brinkers
Sent: Friday, February 25, 2011 12:46 PM
To: users(a)lists.djigzo.com
Subject: Re: Multipe Djigzo Instances

On 02/25/2011 10:46 AM, Manuel Faux wrote:

Hi,

I want to run multiple Djigzo instances on one server with one Postfix installation. What I did so far is the following:

- Copied the Djigzo files in one folder for each instance

- Created one database for each instance

- Configured each instance to use its database in the hibernate.cfg.xml

- Configured an individual SOAP port for each instance

- Deployed the backend for each Djigzo instance (this was a bit tricky, because I had to modify djigzo-web to allow overruling some configuration values via the Tomcat context (feel free to contact me to hand over you the sources) because each instance has to use an own SOAP port)

- Added the content filter pipe to Postfix's master.cf for each instance

- Added the inet TCP socket for each instance in master.cf

- Created one init script for each instance

This setup works so far, but I'm unsure if I've forgotten something or some other things will interfere. I am aware of the fact I cannot use Djigzo-Web to configure Postfix anymore or to view the logs, does anyone see other limitations?

How does Postfix decide which back-end to use? based on sender domain?

You should be able to manage Postfix and see the log files from the Web GUI but each instance modifies the same Postfix config and shows the same log file.

Instead of modifying djigzo-web to use a different soap port you can
specify the soap port in the Tomcat context file
(/etc/tomcat6/Catalina/localhost):

<Context docBase="/usr/share/djigzo-web/djigzo.war" unpackWAR="false">
    <Parameter name="djigzo.system.properties"
value="djigzo-web.spring.authenticator.config=spring-default-authenticator.xml&#10;djigzo.ws.server.port=12345"
override="false"/>
</Context>

The <Parameter> setting overrides the <context-param> setting for "djigzo.system.properties" in web.xml. In the above example, the soap port is set to 12345.

Is there a documented way, how to chroot Djigzo?

Djigzo runs on Java (OpenJDK) so you should chroot the complete OpenJDK runtime. This is probably possible although I'm not sure whether it's worth the effort since Java is very secure (unless you use Web Applets in your browser but no one is using that any more :).

Kind regards,

Martijn

--
Djigzo open source email encryption
_______________________________________________
Users mailing list
Users(a)lists.djigzo.com
http://lists.djigzo.com/lists/listinfo/users

--
Djigzo open source email encryption
_______________________________________________
Users mailing list
Users(a)lists.djigzo.com
http://lists.djigzo.com/lists/listinfo/users

--
Djigzo open source email encryption

-----Original Message-----
From: users-bounces(a)lists.djigzo.com [mailto:users-bounces(a)lists.djigzo.com] On Behalf Of Martijn Brinkers
Sent: Sunday, April 17, 2011 6:30 PM
To: users(a)lists.djigzo.com
Subject: Re: Multipe Djigzo Instances

On 04/16/2011 01:43 PM, Manuel Faux wrote:

does this setting affect all contexts or only the context it's being specified in? I think these parameters are set globally and affect every context, so the context which is deployed last, overrides all configuration values. Might this be possible?
I cannot figure out how this might be done, because each context has another class loader, as far as I know.

You are right. It seems that only one setting is used. I spend some time investigating this and I think I have found a solution to run multiple GUIs.

Suppose you only want to use different values for djigzo.ws.server.host and djigzo.ws.server.port and that you want to run two instances of the GUI. You should add two context XML files and make sure that the context set the required properties.

So and two context files to /etc/tomcat6/Catalina/localhost

djigzo1.xml:

<Context docBase="/usr/share/djigzo-web/djigzo.war" unpackWAR="false">
        <Parameter name="djigzo.ws.server.host" value="127.0.0.1"
override="false"/>
        <Parameter name="djigzo.ws.server.port" value="9000"
override="false"/>
</Context>

and djigzo2.xml:

<Context docBase="/usr/share/djigzo-web/djigzo.war" unpackWAR="false">
        <Parameter name="djigzo.ws.server.host" value="192.168.178.101"
override="false"/>
        <Parameter name="djigzo.ws.server.port" value="9001"
override="false"/>
</Context>

These two contexts will make the URL https://1.2.3.4:8443/djigzo1/ go to the gateway running on 127.0.0.1:9000 and https://1.2.3.4:8443/djigzo2/ to the gateway running on 192.168.178.101:9001

Kind regards,

Martijn Brinkers

Kind regards,
Manuel Faux

-----Original Message-----
From: users-bounces(a)lists.djigzo.com
[mailto:users-bounces(a)lists.djigzo.com] On Behalf Of Martijn Brinkers
Sent: Wednesday, April 13, 2011 3:24 PM
To: users(a)lists.djigzo.com
Subject: Re: Multipe Djigzo Instances

On 04/13/2011 03:04 PM, Manuel Faux wrote:

Hi,

Sorry for the blank mails, this seems to be a bug in my Outlook 2007 mail client...

Here's my question to the mailing list:

I've tried overriding Djigzo default's by using your method:

<Context docBase="/usr/share/djigzo-web/djigzo.war" path="/djigzo1">
  <Parameter name="djigzo.system.properties" value="djigzo-web.spring.authenticator.config=spring-default-authenticator.xml&#10;djigzo.ws.server.port=10901" override="false"/>
  <Parameter name="djigzo.system.properties" value="djigzo-web.spring.authenticator.config=spring-default-authenticator.xml&#10;djigzo.ws.server.host=192.168.1.101" override="false"/>
  <Parameter name="djigzo.system.properties"
value="djigzo-web.spring.authenticator.config=spring-default-authenti
c ator.xml&#10;soap.password=pvaj3pa8321kjzzzz2" override="false"/>
</Context>

It seems Djigzo ignores the settings. Is there a way to determine which settings are set for each option?

Is the format of the value parameter correct: "djigzo-web.spring.authenticator.config=<value>&10;<option>=<value>"? What does the djigz-web.spring.authenticator.xml represent?

No you should only add one "djigzo.system.properties" parameter. The
context only seems to support just one parameter so you need to encode
the properties into one string (this is Tomcat shortcoming). Because
the properties need to be newline separated and XML does not directly
support a NL character you need to XML write the NL as &#10;

So in your case I think the parameter value should look like:

"djigzo-web.spring.authenticator.config=spring-default-authenticator.xml&#10;djigzo.ws.server.port=12345&#10;djigzo.ws.server.host=192.168.1.101&#10;soap.password=pvaj3pa8321kjzzzz2"

Note: without any newlines (my mail app adds the newlines)

The reason you need to add "djigzo-web.spring.authenticator.config=" is that it's a required system setting.

If you look at web.xml in the djigzo-web.war file the following section does more or less the same thing:

<context-param>
<param-name>djigzo.system.properties</param-name>
<param-value>
    <!-- Use the default authenticator. -->
    djigzo-web.spring.authenticator.config=spring-default-
authenticator.xml
</param-value>
</context-param>

The only difference is that in web.xml you can use newline characters.
Now because you are overriding the "djigzo.system.properties" settings in the Context you should also add the "djigzo-web.spring.authenticator.config" setting in your properties because all existing settings in web.xml will no longer be used.

Instead of specifying everything in the Context you can create multiple copies of djigzo-web.war and change the web.xml contained in the war files (a war file is just a zip with a different extension). I however would prefer the Context approach because that only requires 'external'
changes.

Kind regards,

Martijn Brinkers

Kind regards,
Manuel Faux

-----Original Message-----
From: users-bounces(a)lists.djigzo.com
[mailto:users-bounces(a)lists.djigzo.com] On Behalf Of Martijn Brinkers
Sent: Friday, February 25, 2011 12:46 PM
To: users(a)lists.djigzo.com
Subject: Re: Multipe Djigzo Instances

On 02/25/2011 10:46 AM, Manuel Faux wrote:

Hi,

I want to run multiple Djigzo instances on one server with one Postfix installation. What I did so far is the following:

- Copied the Djigzo files in one folder for each instance

- Created one database for each instance

- Configured each instance to use its database in the hibernate.cfg.xml

- Configured an individual SOAP port for each instance

- Deployed the backend for each Djigzo instance (this was a bit tricky, because I had to modify djigzo-web to allow overruling some configuration values via the Tomcat context (feel free to contact me to hand over you the sources) because each instance has to use an own SOAP port)

- Added the content filter pipe to Postfix's master.cf for each instance

- Added the inet TCP socket for each instance in master.cf

- Created one init script for each instance

This setup works so far, but I'm unsure if I've forgotten something or some other things will interfere. I am aware of the fact I cannot use Djigzo-Web to configure Postfix anymore or to view the logs, does anyone see other limitations?

How does Postfix decide which back-end to use? based on sender domain?

You should be able to manage Postfix and see the log files from the Web GUI but each instance modifies the same Postfix config and shows the same log file.

Instead of modifying djigzo-web to use a different soap port you can
specify the soap port in the Tomcat context file
(/etc/tomcat6/Catalina/localhost):

<Context docBase="/usr/share/djigzo-web/djigzo.war" unpackWAR="false">
    <Parameter name="djigzo.system.properties"
value="djigzo-web.spring.authenticator.config=spring-default-authenticator.xml&#10;djigzo.ws.server.port=12345"
override="false"/>
</Context>

The <Parameter> setting overrides the <context-param> setting for "djigzo.system.properties" in web.xml. In the above example, the soap port is set to 12345.

Is there a documented way, how to chroot Djigzo?

Djigzo runs on Java (OpenJDK) so you should chroot the complete OpenJDK runtime. This is probably possible although I'm not sure whether it's worth the effort since Java is very secure (unless you use Web Applets in your browser but no one is using that any more :).

Kind regards,

Martijn

--
Djigzo open source email encryption
_______________________________________________
Users mailing list
Users(a)lists.djigzo.com
http://lists.djigzo.com/lists/listinfo/users

--
Djigzo open source email encryption
_______________________________________________
Users mailing list
Users(a)lists.djigzo.com
http://lists.djigzo.com/lists/listinfo/users

--
Djigzo open source email encryption

On 04/17/2011 06:54 PM, Manuel Faux wrote:

Thank you.
Kind regards,
Manuel Faux

-----Original Message-----
From: users-bounces(a)lists.djigzo.com [mailto:users-bounces(a)lists.djigzo.com] On Behalf Of Martijn Brinkers
Sent: Sunday, April 17, 2011 6:30 PM
To: users(a)lists.djigzo.com
Subject: Re: Multipe Djigzo Instances

On 04/16/2011 01:43 PM, Manuel Faux wrote:

does this setting affect all contexts or only the context it's being specified in? I think these parameters are set globally and affect every context, so the context which is deployed last, overrides all configuration values. Might this be possible?
I cannot figure out how this might be done, because each context has another class loader, as far as I know.

You are right. It seems that only one setting is used. I spend some time investigating this and I think I have found a solution to run multiple GUIs.

Suppose you only want to use different values for djigzo.ws.server.host and djigzo.ws.server.port and that you want to run two instances of the GUI. You should add two context XML files and make sure that the context set the required properties.

So and two context files to /etc/tomcat6/Catalina/localhost

djigzo1.xml:

<Context docBase="/usr/share/djigzo-web/djigzo.war" unpackWAR="false">
        <Parameter name="djigzo.ws.server.host" value="127.0.0.1"
override="false"/>
        <Parameter name="djigzo.ws.server.port" value="9000"
override="false"/>
</Context>

and djigzo2.xml:

<Context docBase="/usr/share/djigzo-web/djigzo.war" unpackWAR="false">
        <Parameter name="djigzo.ws.server.host" value="192.168.178.101"
override="false"/>
        <Parameter name="djigzo.ws.server.port" value="9001"
override="false"/>
</Context>

These two contexts will make the URL https://1.2.3.4:8443/djigzo1/ go to the gateway running on 127.0.0.1:9000 and https://1.2.3.4:8443/djigzo2/ to the gateway running on 192.168.178.101:9001

Kind regards,

Martijn Brinkers

Kind regards,
Manuel Faux

-----Original Message-----
From: users-bounces(a)lists.djigzo.com
[mailto:users-bounces(a)lists.djigzo.com] On Behalf Of Martijn Brinkers
Sent: Wednesday, April 13, 2011 3:24 PM
To: users(a)lists.djigzo.com
Subject: Re: Multipe Djigzo Instances

On 04/13/2011 03:04 PM, Manuel Faux wrote:

Hi,

Sorry for the blank mails, this seems to be a bug in my Outlook 2007 mail client...

Here's my question to the mailing list:

I've tried overriding Djigzo default's by using your method:

<Context docBase="/usr/share/djigzo-web/djigzo.war" path="/djigzo1">
  <Parameter name="djigzo.system.properties" value="djigzo-web.spring.authenticator.config=spring-default-authenticator.xml&#10;djigzo.ws.server.port=10901" override="false"/>
  <Parameter name="djigzo.system.properties" value="djigzo-web.spring.authenticator.config=spring-default-authenticator.xml&#10;djigzo.ws.server.host=192.168.1.101" override="false"/>
  <Parameter name="djigzo.system.properties"
value="djigzo-web.spring.authenticator.config=spring-default-authenti
c ator.xml&#10;soap.password=pvaj3pa8321kjzzzz2" override="false"/>
</Context>

It seems Djigzo ignores the settings. Is there a way to determine which settings are set for each option?

Is the format of the value parameter correct: "djigzo-web.spring.authenticator.config=<value>&10;<option>=<value>"? What does the djigz-web.spring.authenticator.xml represent?

No you should only add one "djigzo.system.properties" parameter. The
context only seems to support just one parameter so you need to encode
the properties into one string (this is Tomcat shortcoming). Because
the properties need to be newline separated and XML does not directly
support a NL character you need to XML write the NL as &#10;

So in your case I think the parameter value should look like:

"djigzo-web.spring.authenticator.config=spring-default-authenticator.xml&#10;djigzo.ws.server.port=12345&#10;djigzo.ws.server.host=192.168.1.101&#10;soap.password=pvaj3pa8321kjzzzz2"

Note: without any newlines (my mail app adds the newlines)

The reason you need to add "djigzo-web.spring.authenticator.config=" is that it's a required system setting.

If you look at web.xml in the djigzo-web.war file the following section does more or less the same thing:

<context-param>
<param-name>djigzo.system.properties</param-name>
<param-value>
    <!-- Use the default authenticator. -->
    djigzo-web.spring.authenticator.config=spring-default-
authenticator.xml
</param-value>
</context-param>

The only difference is that in web.xml you can use newline characters.
Now because you are overriding the "djigzo.system.properties" settings in the Context you should also add the "djigzo-web.spring.authenticator.config" setting in your properties because all existing settings in web.xml will no longer be used.

Instead of specifying everything in the Context you can create multiple copies of djigzo-web.war and change the web.xml contained in the war files (a war file is just a zip with a different extension). I however would prefer the Context approach because that only requires 'external'
changes.

Kind regards,

Martijn Brinkers

Kind regards,
Manuel Faux

-----Original Message-----
From: users-bounces(a)lists.djigzo.com
[mailto:users-bounces(a)lists.djigzo.com] On Behalf Of Martijn Brinkers
Sent: Friday, February 25, 2011 12:46 PM
To: users(a)lists.djigzo.com
Subject: Re: Multipe Djigzo Instances

On 02/25/2011 10:46 AM, Manuel Faux wrote:

Hi,

I want to run multiple Djigzo instances on one server with one Postfix installation. What I did so far is the following:

- Copied the Djigzo files in one folder for each instance

- Created one database for each instance

- Configured each instance to use its database in the hibernate.cfg.xml

- Configured an individual SOAP port for each instance

- Deployed the backend for each Djigzo instance (this was a bit tricky, because I had to modify djigzo-web to allow overruling some configuration values via the Tomcat context (feel free to contact me to hand over you the sources) because each instance has to use an own SOAP port)

- Added the content filter pipe to Postfix's master.cf for each instance

- Added the inet TCP socket for each instance in master.cf

- Created one init script for each instance

This setup works so far, but I'm unsure if I've forgotten something or some other things will interfere. I am aware of the fact I cannot use Djigzo-Web to configure Postfix anymore or to view the logs, does anyone see other limitations?

How does Postfix decide which back-end to use? based on sender domain?

You should be able to manage Postfix and see the log files from the Web GUI but each instance modifies the same Postfix config and shows the same log file.

Instead of modifying djigzo-web to use a different soap port you can
specify the soap port in the Tomcat context file
(/etc/tomcat6/Catalina/localhost):

<Context docBase="/usr/share/djigzo-web/djigzo.war" unpackWAR="false">
    <Parameter name="djigzo.system.properties"
value="djigzo-web.spring.authenticator.config=spring-default-authenticator.xml&#10;djigzo.ws.server.port=12345"
override="false"/>
</Context>

The <Parameter> setting overrides the <context-param> setting for "djigzo.system.properties" in web.xml. In the above example, the soap port is set to 12345.

Is there a documented way, how to chroot Djigzo?

Djigzo runs on Java (OpenJDK) so you should chroot the complete OpenJDK runtime. This is probably possible although I'm not sure whether it's worth the effort since Java is very secure (unless you use Web Applets in your browser but no one is using that any more :).

Kind regards,

Martijn

--
Djigzo open source email encryption
_______________________________________________
Users mailing list
Users(a)lists.djigzo.com
http://lists.djigzo.com/lists/listinfo/users

--
Djigzo open source email encryption
_______________________________________________
Users mailing list
Users(a)lists.djigzo.com
http://lists.djigzo.com/lists/listinfo/users

--
Djigzo open source email encryption
_______________________________________________
Users mailing list
Users(a)lists.djigzo.com
http://lists.djigzo.com/lists/listinfo/users

--
Djigzo open source email encryption