Free trial
◂ Back to Profiq blog

SeaFile Storage authentication via ForgeRock OpenDJ

Ondřej Fuchsík

7 min read ·

9 years ago

Seafile and OpenDJ diagram

Welcome to this blog post. I will describe and explain how to set up own storage with file synchronization across multiple computers and platforms. Having a distributed and safe file storage is a fundamental requirement for enterprises of all sizes small, medium size or big. Seafile is nice in that it allows you to scale from small to big over time. The goal of my project was to set-up an internal storage system that will serve tens of users. All of them should be able to share their files via the storage safely and do a backup, when needed.

Seafile is an open source project based on server-client architecture. The core of this post will explain installation and configuration of Seafile server. The server has a nice feature, which allows to authenticate users through LDAP protocol and one part of this post will be about setting up OpenDJ LDAP server, which is also an open source project. It’s easy to install, administrate and has very nice documentation with lot of examples and active community, which is able to help in case of troubles.

Let proceed to Seafile server installation.

The server is able to run on Linux (Debian 7, Ubuntu 14.04, Centos 6.6), Windows and Raspberry Pi. Here I will explain installation on Linux Ubuntu 14.04.

Seafile and OpenDJ diagram
An abstract overview of target architecture.

Prerequisities:

  • MySQL server
  • Installed packages on your system:
    • python 2.7
    • python-setuptools
    • python-imaging
    • python-mysqldb

Steps to install OpenDJ 2.6.0 LDAP server:

This section is describing the procedure for the installation of OpenDJ directory server and creation of one user at step 8. This step can be repeated to add more users or you can import data.

  1. Download archive for Linux.
  2. Unzip the archive.
  3. Move to the created folder and run setup command like:
    • To install server with GUI run:
    • /path/to/opendj/setup
    • To install server in command line interactive mode run:
    • /path/to/opendj/setup --cli
  4. Provide necessary inputs like credentials, host name, base dn (let create just base entry) and choose start the server at the end of configuration.
  5. Run control-panel with credentials.
    • /path/to/opendj/bin/control-panel -D 'cn=directory manager' -w password
  6. Click on Manage entries on the left side (see Figure 1).

    GUI navigation
    Figure 1: Click on Manage Entries on the left.
  7. Create new Organizational Unit (On the top, click on Entries and choose New Organizational Unit and fill the form, see Figure 2).

    Create new org unit by clicking on Entries -> New Org...
    Figure 2: Creation of new Organization Unit – example data
  8. Create new user (On the top, click on Entries and choose New User and fill the form, see Figure 3)Documentation – Import users.

    Creating new entry - example data.
    Figure 3: Creating new entry – example data.
  9. You should have structure similar to following one (see Figure 4).

    Shows how an example structure should looks like.
    Figure 4: Shows how an example structure should looks like.

Steps to set up Seafile server:

  1.  Download archive for your system.
  2.  Prepare workspace on your system:
    1.  Create a folder, where the server will be deployed.
      • mkdir /path/to/seafile/
    2.  Copy the archive to this directory and unzip it.
      • cd /path/to/seafile
        cp /path/to/seafile.zip .
        unzip seafile.zip
    3.  As next is recommended to create a folder installed under this directory.
      • mkdir installed
    4.  Move your archive to this directory.
      • mv seafile.zip installed
  3.  Make sure your MySQL service is running.
    • sudo netstat -tap | grep mysql
  4.  Run the script under seafile-server folder setup-seafile-mysql.sh .
    • ./seafile-server/setup-seafile-mysql.sh
    1. You will be prompted for some informations like MySQL port number, server-name, domain (ip), port of seafile-server and port of http server.
    2. After you will need to provide administrator’s credentials.
    3. At the end you can let the script to create automatically SQL tables for you.
  5.  Start seafile.
    • ./seafile-server/seafile.sh start
  6.  Start seahub.
    • ./seafile-server/seahub.sh start
  7.  Now you should be able to access a login web page of your private Seafile server on http://domain:8000/ (see Figure 5).

    Figure 5: Seafile login web page.
    Figure 5: Seafile login web page.
  8. To authenticate through OpenDJ LDAP server add following lines into ccnet/ccnet.conf file.
    • echo "[LDAP]" >> ./seafile/ccnet/ccnet.conf
      echo "HOST = ldap://ondrej-personal:1389/" >> ./seafile/ccnet/ccnet.conf
      echo "BASE = ou=users,dc=example,dc=com" >> ./seafile/ccnet/ccnet.conf
      echo "USER_DN = cn=seafileadmin,dc=example,dc=com" >> ./seafile/ccnet/ccnet.conf
      echo "PASSWORD = secret" >> ./seafile/ccnet/ccnet.conf
      echo "LOGIN_ATTR = mail" >> ./seafile/ccnet/ccnet.conf

    Figure 6: Example setting of ccne.conf for LDAP authentication
    Figure 6: Example setting of ccne.conf for LDAP authentication
  9. Restart Seafile.
    • ./seafile-server/seahub.sh stop
      ./seafile-server/seafile.sh stop
      ./seafile-server/seafile.sh start
      ./seafile-server/seahub.sh start
  10. Add new user to OpenDJ under ou=users and try log in to Seafile.

At this point we have working directory and file server and we miss just a client application which allows us to synchronize files. Seafile provides support for lot of platforms. You can download Desktop client (Windows, Linux, Mac) or Mobile Client (Android, IOS). The installation for Linux is pretty straight forward, because Debian packages are available. The only thing you need to do is download package and install it like any other.

After installation process run the Seafile GUI client, provide folder which will be used for file synchronization from the server, server hostname with port and your credentials. Now the Seafile client is configured and you are ready to synchronize your files with server. If you are interested in command line client visit CLI manual web page.

We are at the end of the process, however this is not complete tutorial of all functions, it just explains basics of Seafile and also OpenDJ. These products provides a lot of nice features, so check them, if you are interested. I see these products very useful and easy to administrate and I think it’s very nice connection of two open source projects. I like that you can use Seafile on your mobile as good as on your MAC, Windows or Linux workstation.

Sources:

forgerock ldap opendj seafile system engineering

Ondřej Fuchsík

3 Responses to “SeaFile Storage authentication via ForgeRock OpenDJ”

  1. SeaFile Storage authentication via ForgeRock OpenDJ | says:
    11.8.2015 at 12:20

    […] See the article here: http://www.profiq.com/seafile-storage-authentication-via-forgerock-opendj/ […]

    Reply
  2. Authenticating Sencha Web Application Manager via ForgeRock’s OpenDJ » profiq says:
    22.9.2015 at 9:07

    […] installation process of OpenDJ was described in our previous blog in detail, I only add a download link to the .zip distribution of […]

    Reply
  3. Integrating (ForgeRock) LDAP with MuleSoft » profiq says:
    19.5.2016 at 8:01

    […] you have installed the LDAP server; you can find simple install instructions in a previous blog of ours. […]

    Reply

Leave a Reply

Related articles

JSON

Let’s make LLMs generate JSON!

In this article, we are going to talk about three tools that can, at least in theory, force any local LLM to produce structured output: LM Format Enforcer, Outlines, and Guidance. After a short description of each tool, we will evaluate their performance on a few test cases ranging from book recommendations to extracting information from HTML. And the best for the end, we will show you how forcing LLMs to produce a structured output can be used to solve a very common problem in many businesses: extracting structured records from free-form text.

Posted 6 days ago by Milos Svana

Notiondipity: What I learned about browser extension development

Me and many of my colleagues at profiq use Notion for note-taking and work organization. Our workspaces contain a lot of knowledge about our work, plans, or the articles or books we read. At some point, a thought came to my mind: couldn’t we use all this knowledge to come up with project ideas suited to our skills and interests?

Posted 1 month ago by Milos Svana

From ChatGPT to Smart Agents: The Next Frontier in App Integration

It has been over a year since OpenAI introduced ChatGPT and brought the power of AI and large language models (LLMs) to the average consumer. But we could argue that introducing APIs for seamlessly integrating large language models into apps developed by companies and independent hackers all over the world can be the true game changer in the long term. Developers are having heated discussions about how we can utilize this technology to develop truly useful apps that provide real value instead of just copying what OpenAI does. We want to contribute to this discussion by showing you how we think about developing autonomous agents at profiq. But first a bit of background.

Posted 4 months ago by Milos Svana

Read the Blog

Tags

system engineering testing profiq system testing forgerock opendj qa openam ldap liferay ai idm portal sencha security amazon mulesoft java sso agent