Return-Path: X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183]) by cust-asf2.ponee.io (Postfix) with ESMTP id 39786200D2D for ; Thu, 12 Oct 2017 19:27:11 +0200 (CEST) Received: by cust-asf.ponee.io (Postfix) id 37963160BF3; Thu, 12 Oct 2017 17:27:11 +0000 (UTC) Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by cust-asf.ponee.io (Postfix) with SMTP id DE469160BE6 for ; Thu, 12 Oct 2017 19:27:09 +0200 (CEST) Received: (qmail 43336 invoked by uid 500); 12 Oct 2017 17:27:05 -0000 Mailing-List: contact commits-help@ambari.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: ambari-dev@ambari.apache.org Delivered-To: mailing list commits@ambari.apache.org Received: (qmail 42987 invoked by uid 99); 12 Oct 2017 17:27:05 -0000 Received: from git1-us-west.apache.org (HELO git1-us-west.apache.org) (140.211.11.23) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 12 Oct 2017 17:27:05 +0000 Received: by git1-us-west.apache.org (ASF Mail Server at git1-us-west.apache.org, from userid 33) id 9F7ADDFCFC; Thu, 12 Oct 2017 17:27:02 +0000 (UTC) Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: lpuskas@apache.org To: commits@ambari.apache.org Date: Thu, 12 Oct 2017 17:27:40 -0000 Message-Id: <9c29fc44e4554b26ad466264ce48cdab@git.apache.org> In-Reply-To: <86e42e74de4e427398b40457c676060b@git.apache.org> References: <86e42e74de4e427398b40457c676060b@git.apache.org> X-Mailer: ASF-Git Admin Mailer Subject: [39/50] [abbrv] ambari git commit: AMBARI-21307 Added the supported ldap properties to the code. Refactored existing code relying on these properties archived-at: Thu, 12 Oct 2017 17:27:11 -0000 AMBARI-21307 Added the supported ldap properties to the code. Refactored existing code relying on these properties Project: http://git-wip-us.apache.org/repos/asf/ambari/repo Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/467f5327 Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/467f5327 Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/467f5327 Branch: refs/heads/feature-branch-AMBARI-21307 Commit: 467f5327099f80a166407e4fcdd5a4b3df9cf0f0 Parents: 81ff7b4 Author: lpuskas Authored: Fri Sep 8 13:57:25 2017 +0300 Committer: lpuskas Committed: Thu Oct 12 19:25:50 2017 +0200 ---------------------------------------------------------------------- .../server/ldap/AmbariLdapConfiguration.java | 189 ++++++++++++------- .../AmbariLdapConfigurationProvider.java | 6 +- .../server/ldap/service/AmbariLdapFacade.java | 10 +- .../service/LdapAttributeDetectionService.java | 43 +++++ .../ambari/server/ldap/service/LdapFacade.java | 2 +- .../ads/DefaultAttributeDetectionService.java | 47 +++++ .../ads/DefaultLdapConfigurationService.java | 4 +- .../ads/DefaultLdapConnectionService.java | 4 +- .../DefaultAttributeDetectionServiceTest.java | 102 ++++++++++ .../DefaultLdapConfigurationServiceTest.java | 30 ++- 10 files changed, 348 insertions(+), 89 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/ambari/blob/467f5327/ambari-server/src/main/java/org/apache/ambari/server/ldap/AmbariLdapConfiguration.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/ldap/AmbariLdapConfiguration.java b/ambari-server/src/main/java/org/apache/ambari/server/ldap/AmbariLdapConfiguration.java index e913e77..76faeed 100644 --- a/ambari-server/src/main/java/org/apache/ambari/server/ldap/AmbariLdapConfiguration.java +++ b/ambari-server/src/main/java/org/apache/ambari/server/ldap/AmbariLdapConfiguration.java @@ -34,63 +34,67 @@ public class AmbariLdapConfiguration { /** * Constants representing supported LDAP related property names */ - public enum LdapConfigProperty { - LDAP_CONFIGURED("ambari.ldap.configured"), - AUTOMATIC_ATTRIBUTE_DETECTION("ambari.ldap.automatic.attribute.detection"), - USE_SSL("ambari.ldap.usessl"), - LDAP_SERVER_HOST("ambari.ldap.server.host"), - LDAP_SERVER_PORT("ambari.ldap.server.port"), - LDAP_TRUSTSTORE("ambari.ldap.truststore"), - LDAP_TRUSTSTORE_TYPE("ambari.ldap.truststore.type"), - LDAP_TRUSTSTORE_PATH("ambari.ldap.truststore.path"), - LDAP_TRUSTSTORE_PASSWORD("ambari.ldap.truststore.password"), - BASE_DN("ambari.ldap.bind.dn"), - REFERRAL("ambari.ldap.referral"), - PAGINATION_ENABLED("ambari.ldap.pagination.enabled"), - - BIND_ANONIMOUSLY("ambari.ldap.bindanonymously"), - MANAGER_DN("ambari.ldap.managerdn"), - MANAGER_PASSWORD("ambari.ldap.managerpassword"), - USER_OBJECT_CLASS("ambari.ldap.user.object.class"), - USER_NAME_ATTRIBUTE("ambari.ldap.user.name.attribute"), - USER_NAME_FORCE_LOWERCASE("ambari.ldap.username.force.lowercase"), - USER_SEARCH_BASE("ambari.ldap.user.search.base"), - SYNC_USER_MEMBER_REPLACE_PATTERN("ambari.ldap.sync.user.member.replacepattern"), - SYNC_USER_MEMBER_FILTER("ambari.ldap.sync.user.member_filter"), - - ADMIN_GROUP_MAPPING_RULES ("ambari.ldap.admin.group.mappingrules"), - GROUP_OBJECT_CLASS("ambari.ldap.group.object.class"), - GROUP_NAME_ATTRIBUTE("ambari.ldap.group.name.attribute"), - GROUP_MEMBER_ATTRIBUTE("ambari.ldap.group.member.attribute"), - GROUP_SEARCH_BASE("ambari.ldap.group.search.base"), - SYNC_GROUP_MEMBER_REPLACE_PATTERN("ambari.ldap.sync.group.member.replacepattern"), - SYNC_GROUP_MEMBER_FILTER("ambari.ldap.sync.group.member_filter"), - DN_ATTRIBUTE("authentication.ldap.dnAttribute"), - - TEST_USER_NAME("ambari.ldap.test.user.name"), - TEST_USER_PASSWORD("ambari.ldap.test.user.password"); + public enum AmbariLdapConfig { + + LDAP_ENABLED("ambari.ldap.authentication.enabled"), + SERVER_HOST("ambari.ldap.connectivity.server.host"), + SERVER_PORT("ambari.ldap.connectivity.server.port"), + USE_SSL("ambari.ldap.connectivity.use_ssl"), + + TRUST_STORE("ambari.ldap.connectivity.trust_store"), + TRUST_STORE_TYPE("ambari.ldap.connectivity.trust_store.type"), + TRUST_STORE_PATH("ambari.ldap.connectivity.trust_store.path"), + TRUST_STORE_PASSWORD("ambari.ldap.connectivity.trust_store.password"), + ANONYMOUS_BIND("ambari.ldap.connectivity.anonymous_bind"), + + BIND_DN("ambari.ldap.connectivity.bind_dn"), + BIND_PASSWORD("ambari.ldap.connectivity.bind_password"), + + ATTR_DETECTION("ambari.ldap.attributes.detection"), // manual | auto + + DN_ATTRIBUTE("ambari.ldap.attributes.dn_attr"), + + USER_OBJECT_CLASS("ambari.ldap.attributes.user.object_class"), + USER_NAME_ATTRIBUTE("ambari.ldap.attributes.user.name_attr"), + USER_SEARCH_BASE("ambari.ldap.attributes.user.search_base"), + + GROUP_OBJECT_CLASS("ambari.ldap.attributes.group.object_class"), + GROUP_NAME_ATTRIBUTE("ambari.ldap.attributes.group.name_attr"), + GROUP_MEMBER_ATTRIBUTE("ambari.ldap.attributes.group.member_attr"), + GROUP_SEARCH_BASE("ambari.ldap.attributes.user.search_base"), + + USER_SEARCH_FILTER("ambari.ldap.advanced.user_search_filter"), + USER_MEMBER_REPLACE_PATTERN("ambari.ldap.advanced.user_member_replace_pattern"), + USER_MEMBER_FILTER("ambari.ldap.advanced.user_member_filter"), + + GROUP_SEARCH_FILTER("ambari.ldap.advanced.group_search_filter"), + GROUP_MEMBER_REPLACE_PATTERN("ambari.ldap.advanced.group_member_replace_pattern"), + GROUP_MEMBER_FILTER("ambari.ldap.advanced.group_member_filter"), + + FORCE_LOWERCASE_USERNAMES("ambari.ldap.advanced.force_lowercase_usernames"), + REFERRAL_HANDLING("ambari.ldap.advanced.referrals"), // folow + PAGINATION_ENABLED("ambari.ldap.advanced.pagination_enabled"); // true | false private String propertyName; - LdapConfigProperty(String propertyName) { - this.propertyName = propertyName; + AmbariLdapConfig(String propName) { + this.propertyName = propName; } - public String propertyName() { + public String key() { return this.propertyName; } } private final Map configurationMap; - private Object configurationValue(LdapConfigProperty ldapConfigProperty) { + private Object configValue(AmbariLdapConfig ambariLdapConfig) { Object value = null; - if (configurationMap.containsKey(ldapConfigProperty.propertyName)) { - value = configurationMap.get(ldapConfigProperty.propertyName); + if (configurationMap.containsKey(ambariLdapConfig.key())) { + value = configurationMap.get(ambariLdapConfig.key()); } else { - LOGGER.warn("Ldap configuration property [{}] hasn't been set", ldapConfigProperty.propertyName()); + LOGGER.warn("Ldap configuration property [{}] hasn't been set", ambariLdapConfig.key()); } - return value; } @@ -99,65 +103,120 @@ public class AmbariLdapConfiguration { this.configurationMap = configuration; } + public boolean ldapEnabled() { + return Boolean.valueOf((String) configValue(AmbariLdapConfig.LDAP_ENABLED)); + } - public String ldapServerHost() { - return (String) configurationValue(LdapConfigProperty.LDAP_SERVER_HOST); + public String serverHost() { + return (String) configValue(AmbariLdapConfig.SERVER_HOST); } - public int ldapServerPort() { - return Integer.valueOf((String) configurationValue(LdapConfigProperty.LDAP_SERVER_PORT)); + public int serverPort() { + return Integer.valueOf((String) configValue(AmbariLdapConfig.SERVER_PORT)); } public boolean useSSL() { - return Boolean.valueOf((String) configurationValue(LdapConfigProperty.USE_SSL)); + return Boolean.valueOf((String) configValue(AmbariLdapConfig.USE_SSL)); + } + + public String trustStore() { + return (String) configValue(AmbariLdapConfig.TRUST_STORE); + } + + public String trustStoreType() { + return (String) configValue(AmbariLdapConfig.TRUST_STORE_TYPE); + } + + public String trustStorePath() { + return (String) configValue(AmbariLdapConfig.TRUST_STORE_PATH); + } + + public String trustStorePassword() { + return (String) configValue(AmbariLdapConfig.TRUST_STORE_PASSWORD); } - public boolean bindAnonimously() { - return Boolean.valueOf((String) configurationValue(LdapConfigProperty.BIND_ANONIMOUSLY)); + public boolean anonymousBind() { + return Boolean.valueOf((String) configValue(AmbariLdapConfig.ANONYMOUS_BIND)); } - public String managerDn() { - return (String) configurationValue(LdapConfigProperty.MANAGER_DN); + public String bindDn() { + return (String) configValue(AmbariLdapConfig.BIND_DN); } - public String managerPassword() { - return (String) configurationValue(LdapConfigProperty.MANAGER_PASSWORD); + public String bindPassword() { + return (String) configValue(AmbariLdapConfig.BIND_PASSWORD); } - public boolean automaticAttributeDetection() { - return Boolean.valueOf((String) configurationValue(LdapConfigProperty.AUTOMATIC_ATTRIBUTE_DETECTION)); + public String attributeDetection() { + return (String) configValue(AmbariLdapConfig.ATTR_DETECTION); } - public String baseDn() { - return (String) configurationValue(LdapConfigProperty.BASE_DN); + public String dnAttribute() { + return (String) configValue(AmbariLdapConfig.DN_ATTRIBUTE); } public String userObjectClass() { - return (String) configurationValue(LdapConfigProperty.USER_OBJECT_CLASS); + return (String) configValue(AmbariLdapConfig.USER_OBJECT_CLASS); } public String userNameAttribute() { - return (String) configurationValue(LdapConfigProperty.USER_NAME_ATTRIBUTE); + return (String) configValue(AmbariLdapConfig.USER_NAME_ATTRIBUTE); } public String userSearchBase() { - return (String) configurationValue(LdapConfigProperty.USER_SEARCH_BASE); + return (String) configValue(AmbariLdapConfig.USER_SEARCH_BASE); } public String groupObjectClass() { - return (String) configurationValue(LdapConfigProperty.GROUP_OBJECT_CLASS); + return (String) configValue(AmbariLdapConfig.GROUP_OBJECT_CLASS); } public String groupNameAttribute() { - return (String) configurationValue(LdapConfigProperty.GROUP_NAME_ATTRIBUTE); + return (String) configValue(AmbariLdapConfig.GROUP_NAME_ATTRIBUTE); } public String groupMemberAttribute() { - return (String) configurationValue(LdapConfigProperty.GROUP_MEMBER_ATTRIBUTE); + return (String) configValue(AmbariLdapConfig.GROUP_MEMBER_ATTRIBUTE); } public String groupSearchBase() { - return (String) configurationValue(LdapConfigProperty.GROUP_SEARCH_BASE); + return (String) configValue(AmbariLdapConfig.GROUP_SEARCH_BASE); + } + + public String userSearchFilter() { + return (String) configValue(AmbariLdapConfig.USER_SEARCH_FILTER); + } + + public String userMemberReplacePattern() { + return (String) configValue(AmbariLdapConfig.USER_MEMBER_REPLACE_PATTERN); + } + + public String userMemberFilter() { + return (String) configValue(AmbariLdapConfig.USER_MEMBER_FILTER); + } + + public String groupSearchFilter() { + return (String) configValue(AmbariLdapConfig.GROUP_SEARCH_FILTER); + } + + public String groupMemberReplacePattern() { + return (String) configValue(AmbariLdapConfig.GROUP_MEMBER_REPLACE_PATTERN); + } + + public String groupMemberFilter() { + return (String) configValue(AmbariLdapConfig.GROUP_MEMBER_FILTER); + } + + public boolean forceLowerCaseUserNames() { + return Boolean.valueOf((String) configValue(AmbariLdapConfig.FORCE_LOWERCASE_USERNAMES)); + } + + public boolean paginationEnabled() { + return Boolean.valueOf((String) configValue(AmbariLdapConfig.PAGINATION_ENABLED)); + } + + public String referralHandling() { + return (String) configValue(AmbariLdapConfig.REFERRAL_HANDLING); } } http://git-wip-us.apache.org/repos/asf/ambari/blob/467f5327/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/AmbariLdapConfigurationProvider.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/AmbariLdapConfigurationProvider.java b/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/AmbariLdapConfigurationProvider.java index 7f3e8a9..80ed828 100644 --- a/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/AmbariLdapConfigurationProvider.java +++ b/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/AmbariLdapConfigurationProvider.java @@ -24,6 +24,7 @@ import javax.inject.Singleton; import org.apache.ambari.server.events.AmbariLdapConfigChangedEvent; import org.apache.ambari.server.events.publishers.AmbariEventPublisher; import org.apache.ambari.server.ldap.AmbariLdapConfiguration; +import org.apache.ambari.server.ldap.LdapConfigurationFactory; import org.apache.ambari.server.orm.dao.AmbariConfigurationDAO; import org.apache.ambari.server.orm.entities.AmbariConfigurationEntity; import org.apache.ambari.server.security.authorization.AmbariLdapAuthenticationProvider; @@ -55,6 +56,9 @@ public class AmbariLdapConfigurationProvider implements Provider ambariConfigurationDAOProvider; + @Inject + private LdapConfigurationFactory ldapConfigurationFactory; + private Gson gson = new GsonBuilder().create(); @Inject @@ -95,7 +99,7 @@ public class AmbariLdapConfigurationProvider implements Provider) propertyMaps.iterator().next()); + instance = ldapConfigurationFactory.createLdapConfiguration((Map) propertyMaps.iterator().next()); } LOGGER.info("Loaded LDAP configuration instance: [ {} ]", instance); http://git-wip-us.apache.org/repos/asf/ambari/blob/467f5327/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/AmbariLdapFacade.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/AmbariLdapFacade.java b/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/AmbariLdapFacade.java index 90a5ba7..16bf6b7 100644 --- a/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/AmbariLdapFacade.java +++ b/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/AmbariLdapFacade.java @@ -55,6 +55,9 @@ public class AmbariLdapFacade implements LdapFacade { @Inject private LdapConnectionService ldapConnectionService; + @Inject + private LdapAttributeDetectionService ldapAttributeDetectionService; + //todo remove this, added for testing purposes only @Inject private Provider ambariLdapConfigurationProvider; @@ -78,9 +81,12 @@ public class AmbariLdapFacade implements LdapFacade { @Override - public void detectAttributes(AmbariLdapConfiguration ambariLdapConfiguration) { + public AmbariLdapConfiguration detectAttributes(AmbariLdapConfiguration ambariLdapConfiguration) { LOGGER.info("Detecting LDAP configuration attributes ..."); - LOGGER.info("LDAP config: {}", ambariLdapConfigurationProvider.get()); + + LdapConnection connection = ldapConnectionService.createLdapConnection(ambariLdapConfiguration); + ambariLdapConfiguration = ldapAttributeDetectionService.detectLdapUserAttributes(connection, ambariLdapConfiguration); + return ambariLdapConfiguration; } @Override http://git-wip-us.apache.org/repos/asf/ambari/blob/467f5327/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/LdapAttributeDetectionService.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/LdapAttributeDetectionService.java b/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/LdapAttributeDetectionService.java new file mode 100644 index 0000000..70a8977 --- /dev/null +++ b/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/LdapAttributeDetectionService.java @@ -0,0 +1,43 @@ +/* + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.ambari.server.ldap.service; + +import org.apache.ambari.server.ldap.AmbariLdapConfiguration; +import org.apache.directory.ldap.client.api.LdapConnection; + +/** + * Contract defining operations to detect user and group attributes. + */ +public interface LdapAttributeDetectionService { + + /** + * Decorates the passed in configuration with the detected ldap user attribute values + * + * @param ldapConnection the connection instance to LDAP + * @param ambariLdapConfiguration configuration instance holding connection details + * @return the configuration decorated with user related attributes + */ + AmbariLdapConfiguration detectLdapUserAttributes(LdapConnection ldapConnection, AmbariLdapConfiguration ambariLdapConfiguration); + + /** + * Decorates the passed in configuration with the detected ldap group attribute values + * + * @param ldapConnection the connection instance to LDAP + * @param ambariLdapConfiguration configuration instance holding connection details + * @return the configuration decorated with group related attributes + */ + AmbariLdapConfiguration detectLdapGroupAttributes(LdapConnection ldapConnection, AmbariLdapConfiguration ambariLdapConfiguration); +} + http://git-wip-us.apache.org/repos/asf/ambari/blob/467f5327/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/LdapFacade.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/LdapFacade.java b/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/LdapFacade.java index eadff7d..76b16c4 100644 --- a/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/LdapFacade.java +++ b/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/LdapFacade.java @@ -39,7 +39,7 @@ public interface LdapFacade { * * @param ambariLdapConfiguration */ - void detectAttributes(AmbariLdapConfiguration ambariLdapConfiguration); + AmbariLdapConfiguration detectAttributes(AmbariLdapConfiguration ambariLdapConfiguration); /** * Checks user and group related LDAP configuration attributes in the configuration object with the help of the provided parameters http://git-wip-us.apache.org/repos/asf/ambari/blob/467f5327/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/ads/DefaultAttributeDetectionService.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/ads/DefaultAttributeDetectionService.java b/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/ads/DefaultAttributeDetectionService.java new file mode 100644 index 0000000..55d0765 --- /dev/null +++ b/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/ads/DefaultAttributeDetectionService.java @@ -0,0 +1,47 @@ +/* + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.ambari.server.ldap.service.ads; + +import javax.inject.Inject; +import javax.inject.Singleton; + +import org.apache.ambari.server.ldap.AmbariLdapConfiguration; +import org.apache.ambari.server.ldap.service.LdapAttributeDetectionService; +import org.apache.directory.ldap.client.api.LdapConnection; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +@Singleton +public class DefaultAttributeDetectionService implements LdapAttributeDetectionService { + + private static final Logger LOGGER = LoggerFactory.getLogger(DefaultAttributeDetectionService.class); + + @Inject + public DefaultAttributeDetectionService() { + } + + @Override + public AmbariLdapConfiguration detectLdapUserAttributes(LdapConnection connection, AmbariLdapConfiguration ambariLdapConfiguration) { + LOGGER.info("Detecting LDAP user attributes ..."); + + return null; + } + + @Override + public AmbariLdapConfiguration detectLdapGroupAttributes(LdapConnection connection, AmbariLdapConfiguration ambariLdapConfiguration) { + LOGGER.info("Detecting LDAP group attributes ..."); + return null; + } +} http://git-wip-us.apache.org/repos/asf/ambari/blob/467f5327/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/ads/DefaultLdapConfigurationService.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/ads/DefaultLdapConfigurationService.java b/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/ads/DefaultLdapConfigurationService.java index abc9201..db8c77f 100644 --- a/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/ads/DefaultLdapConfigurationService.java +++ b/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/ads/DefaultLdapConfigurationService.java @@ -186,9 +186,9 @@ public class DefaultLdapConfigurationService implements LdapConfigurationService */ private void bind(AmbariLdapConfiguration ambariLdapConfiguration, LdapConnection connection) throws LdapException { LOGGER.info("Connecting to LDAP ...."); - if (!ambariLdapConfiguration.bindAnonimously()) { + if (!ambariLdapConfiguration.anonymousBind()) { LOGGER.debug("Anonimous binding not supported, binding with the manager detailas..."); - connection.bind(ambariLdapConfiguration.managerDn(), ambariLdapConfiguration.managerPassword()); + connection.bind(ambariLdapConfiguration.bindDn(), ambariLdapConfiguration.bindPassword()); } else { LOGGER.debug("Binding anonimously ..."); connection.bind(); http://git-wip-us.apache.org/repos/asf/ambari/blob/467f5327/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/ads/DefaultLdapConnectionService.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/ads/DefaultLdapConnectionService.java b/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/ads/DefaultLdapConnectionService.java index ced52fc..f39df54 100644 --- a/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/ads/DefaultLdapConnectionService.java +++ b/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/ads/DefaultLdapConnectionService.java @@ -52,8 +52,8 @@ public class DefaultLdapConnectionService implements LdapConnectionService { LOGGER.debug("Creating a configuration instance based on the ambari configuration: {}", ambariAmbariLdapConfiguration); LdapConnectionConfig ldapConnectionConfig = new LdapConnectionConfig(); - ldapConnectionConfig.setLdapHost(ambariAmbariLdapConfiguration.ldapServerHost()); - ldapConnectionConfig.setLdapPort(ambariAmbariLdapConfiguration.ldapServerPort()); + ldapConnectionConfig.setLdapHost(ambariAmbariLdapConfiguration.serverHost()); + ldapConnectionConfig.setLdapPort(ambariAmbariLdapConfiguration.serverPort()); ldapConnectionConfig.setUseSsl(ambariAmbariLdapConfiguration.useSSL()); // todo set the other values as required http://git-wip-us.apache.org/repos/asf/ambari/blob/467f5327/ambari-server/src/test/java/org/apache/ambari/server/ldap/service/ads/DefaultAttributeDetectionServiceTest.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/java/org/apache/ambari/server/ldap/service/ads/DefaultAttributeDetectionServiceTest.java b/ambari-server/src/test/java/org/apache/ambari/server/ldap/service/ads/DefaultAttributeDetectionServiceTest.java new file mode 100644 index 0000000..5b3ac20 --- /dev/null +++ b/ambari-server/src/test/java/org/apache/ambari/server/ldap/service/ads/DefaultAttributeDetectionServiceTest.java @@ -0,0 +1,102 @@ +/* + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.ambari.server.ldap.service.ads; + + +import java.util.Map; + +import org.apache.ambari.server.ldap.AmbariLdapConfiguration; +import org.apache.ambari.server.ldap.service.LdapConnectionService; +import org.apache.directory.api.ldap.model.constants.SchemaConstants; +import org.apache.directory.ldap.client.api.LdapConnection; +import org.apache.directory.ldap.client.api.LdapNetworkConnection; +import org.easymock.EasyMockRule; +import org.easymock.TestSubject; +import org.junit.Assert; +import org.junit.Before; +import org.junit.Rule; +import org.junit.Test; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import com.google.common.collect.Maps; + +public class DefaultAttributeDetectionServiceTest { + + private static final Logger LOGGER = LoggerFactory.getLogger(DefaultAttributeDetectionServiceTest.class); + + @Rule + public EasyMockRule mocks = new EasyMockRule(this); + + private AmbariLdapConfiguration testLdapConfiguration; + private LdapConnection connection; + + @TestSubject + private DefaultAttributeDetectionService attributeDetectionService = new DefaultAttributeDetectionService(); + + @Before + public void before() { + + Map initialProps = Maps.newHashMap(); + initialProps.put(AmbariLdapConfiguration.AmbariLdapConfig.BIND_DN.key(), ""); + testLdapConfiguration = new AmbariLdapConfiguration(initialProps); + } + + @Test + public void testShouldUserNameAttributeBeDetectedWhenSearchReturnsValidUsers() throws Exception { + // GIVEN +// a set of entries returned from the LDAP search + + // WHEN + AmbariLdapConfiguration ambariLdapConfiguration = attributeDetectionService.detectLdapUserAttributes(connection, testLdapConfiguration); + + // THEN + Assert.assertNotNull(ambariLdapConfiguration); + Assert.assertEquals("The username attribute is not the expected", "uid", ambariLdapConfiguration.userNameAttribute()); + + } + + + private Map getTestPropertiesMap() { + Map ldapPropsMap = Maps.newHashMap(); + + ldapPropsMap.put(AmbariLdapConfiguration.AmbariLdapConfig.ANONYMOUS_BIND.key(), "true"); + ldapPropsMap.put(AmbariLdapConfiguration.AmbariLdapConfig.SERVER_HOST.key(), "ldap.forumsys.com"); + ldapPropsMap.put(AmbariLdapConfiguration.AmbariLdapConfig.SERVER_PORT.key(), "389"); + ldapPropsMap.put(AmbariLdapConfiguration.AmbariLdapConfig.BIND_DN.key(), "dc=example,dc=com"); + + ldapPropsMap.put(AmbariLdapConfiguration.AmbariLdapConfig.USER_OBJECT_CLASS.key(), SchemaConstants.PERSON_OC); + ldapPropsMap.put(AmbariLdapConfiguration.AmbariLdapConfig.USER_NAME_ATTRIBUTE.key(), SchemaConstants.UID_AT); + ldapPropsMap.put(AmbariLdapConfiguration.AmbariLdapConfig.USER_SEARCH_BASE.key(), "dc=example,dc=com"); + + return ldapPropsMap; + + } + + @Test + public void functionalTest() throws Exception { + // GIVEN + AmbariLdapConfiguration ambariLdapConfiguration = new AmbariLdapConfiguration(getTestPropertiesMap()); + LdapConnectionService connectionService = new DefaultLdapConnectionService(); + LdapNetworkConnection ldapConnection = connectionService.createLdapConnection(ambariLdapConfiguration); + + + // WHEN + AmbariLdapConfiguration config = attributeDetectionService.detectLdapUserAttributes(ldapConnection, ambariLdapConfiguration); + + // THEN + + } +} \ No newline at end of file http://git-wip-us.apache.org/repos/asf/ambari/blob/467f5327/ambari-server/src/test/java/org/apache/ambari/server/ldap/service/ads/DefaultLdapConfigurationServiceTest.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/java/org/apache/ambari/server/ldap/service/ads/DefaultLdapConfigurationServiceTest.java b/ambari-server/src/test/java/org/apache/ambari/server/ldap/service/ads/DefaultLdapConfigurationServiceTest.java index b5978a5..e023c6c 100644 --- a/ambari-server/src/test/java/org/apache/ambari/server/ldap/service/ads/DefaultLdapConfigurationServiceTest.java +++ b/ambari-server/src/test/java/org/apache/ambari/server/ldap/service/ads/DefaultLdapConfigurationServiceTest.java @@ -74,14 +74,14 @@ public class DefaultLdapConfigurationServiceTest { // GIVEN Map ldapPropsMap = Maps.newHashMap(); - ldapPropsMap.put(AmbariLdapConfiguration.LdapConfigProperty.BIND_ANONIMOUSLY.propertyName(), "true"); - ldapPropsMap.put(AmbariLdapConfiguration.LdapConfigProperty.LDAP_SERVER_HOST.propertyName(), "ldap.forumsys.com"); - ldapPropsMap.put(AmbariLdapConfiguration.LdapConfigProperty.LDAP_SERVER_PORT.propertyName(), "389"); - ldapPropsMap.put(AmbariLdapConfiguration.LdapConfigProperty.BASE_DN.propertyName(), "dc=example,dc=com"); + ldapPropsMap.put(AmbariLdapConfiguration.AmbariLdapConfig.ANONYMOUS_BIND.key(), "true"); + ldapPropsMap.put(AmbariLdapConfiguration.AmbariLdapConfig.SERVER_HOST.key(), "ldap.forumsys.com"); + ldapPropsMap.put(AmbariLdapConfiguration.AmbariLdapConfig.SERVER_PORT.key(), "389"); + ldapPropsMap.put(AmbariLdapConfiguration.AmbariLdapConfig.BIND_DN.key(), "dc=example,dc=com"); - ldapPropsMap.put(AmbariLdapConfiguration.LdapConfigProperty.USER_OBJECT_CLASS.propertyName(), SchemaConstants.PERSON_OC); - ldapPropsMap.put(AmbariLdapConfiguration.LdapConfigProperty.USER_NAME_ATTRIBUTE.propertyName(), SchemaConstants.UID_AT); - ldapPropsMap.put(AmbariLdapConfiguration.LdapConfigProperty.USER_SEARCH_BASE.propertyName(), "dc=example,dc=com"); + ldapPropsMap.put(AmbariLdapConfiguration.AmbariLdapConfig.USER_OBJECT_CLASS.key(), SchemaConstants.PERSON_OC); + ldapPropsMap.put(AmbariLdapConfiguration.AmbariLdapConfig.USER_NAME_ATTRIBUTE.key(), SchemaConstants.UID_AT); + ldapPropsMap.put(AmbariLdapConfiguration.AmbariLdapConfig.USER_SEARCH_BASE.key(), "dc=example,dc=com"); AmbariLdapConfiguration ambariLdapConfiguration = new AmbariLdapConfiguration(ldapPropsMap); @@ -96,16 +96,14 @@ public class DefaultLdapConfigurationServiceTest { // GIVEN Map ldapPropsMap = Maps.newHashMap(); - ldapPropsMap.put(AmbariLdapConfiguration.LdapConfigProperty.BIND_ANONIMOUSLY.propertyName(), "true"); - ldapPropsMap.put(AmbariLdapConfiguration.LdapConfigProperty.LDAP_SERVER_HOST.propertyName(), "ldap.forumsys.com"); - ldapPropsMap.put(AmbariLdapConfiguration.LdapConfigProperty.LDAP_SERVER_PORT.propertyName(), "389"); - ldapPropsMap.put(AmbariLdapConfiguration.LdapConfigProperty.BASE_DN.propertyName(), "dc=example,dc=com"); + ldapPropsMap.put(AmbariLdapConfiguration.AmbariLdapConfig.ANONYMOUS_BIND.key(), "true"); + ldapPropsMap.put(AmbariLdapConfiguration.AmbariLdapConfig.SERVER_HOST.key(), "ldap.forumsys.com"); + ldapPropsMap.put(AmbariLdapConfiguration.AmbariLdapConfig.SERVER_PORT.key(), "389"); + ldapPropsMap.put(AmbariLdapConfiguration.AmbariLdapConfig.BIND_DN.key(), "dc=example,dc=com"); - - ldapPropsMap.put(AmbariLdapConfiguration.LdapConfigProperty.GROUP_OBJECT_CLASS.propertyName(), SchemaConstants.GROUP_OF_UNIQUE_NAMES_OC); - ldapPropsMap.put(AmbariLdapConfiguration.LdapConfigProperty.GROUP_NAME_ATTRIBUTE.propertyName(), SchemaConstants.CN_AT); - ldapPropsMap.put(AmbariLdapConfiguration.LdapConfigProperty.GROUP_MEMBER_ATTRIBUTE.propertyName(), SchemaConstants.UNIQUE_MEMBER_AT); - ldapPropsMap.put(AmbariLdapConfiguration.LdapConfigProperty.GROUP_SEARCH_BASE.propertyName(), "dc=example,dc=com"); + ldapPropsMap.put(AmbariLdapConfiguration.AmbariLdapConfig.USER_OBJECT_CLASS.key(), SchemaConstants.PERSON_OC); + ldapPropsMap.put(AmbariLdapConfiguration.AmbariLdapConfig.USER_NAME_ATTRIBUTE.key(), SchemaConstants.UID_AT); + ldapPropsMap.put(AmbariLdapConfiguration.AmbariLdapConfig.USER_SEARCH_BASE.key(), "dc=example,dc=com"); AmbariLdapConfiguration ambariLdapConfiguration = new AmbariLdapConfiguration(ldapPropsMap);