cloudstack-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From aprat...@apache.org
Subject [4/7] git commit: updated refs/heads/ldapplugin to 25e8e9b
Date Fri, 02 Aug 2013 10:42:16 GMT
Add Support for member of filter

Signed-off-by: Abhinandan Prateek <aprateek@apache.org>


Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/23f0187d
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/23f0187d
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/23f0187d

Branch: refs/heads/ldapplugin
Commit: 23f0187d056462b326f070e05de8e2bd9de147de
Parents: 532e04d
Author: Ian Duffy <ian@ianduffy.ie>
Authored: Fri Aug 2 09:27:58 2013 +0100
Committer: Abhinandan Prateek <aprateek@apache.org>
Committed: Fri Aug 2 14:20:47 2013 +0530

----------------------------------------------------------------------
 .../org/apache/cloudstack/ldap/LdapConfiguration.java    |  4 ++++
 .../src/org/apache/cloudstack/ldap/LdapUserManager.java  | 11 +++++++++--
 server/src/com/cloud/configuration/Config.java           |  1 +
 setup/db/db/schema-410to420.sql                          |  2 ++
 4 files changed, 16 insertions(+), 2 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cloudstack/blob/23f0187d/plugins/user-authenticators/ldap/src/org/apache/cloudstack/ldap/LdapConfiguration.java
----------------------------------------------------------------------
diff --git a/plugins/user-authenticators/ldap/src/org/apache/cloudstack/ldap/LdapConfiguration.java
b/plugins/user-authenticators/ldap/src/org/apache/cloudstack/ldap/LdapConfiguration.java
index d0ae4d2..1d2ddfb 100644
--- a/plugins/user-authenticators/ldap/src/org/apache/cloudstack/ldap/LdapConfiguration.java
+++ b/plugins/user-authenticators/ldap/src/org/apache/cloudstack/ldap/LdapConfiguration.java
@@ -113,4 +113,8 @@ public class LdapConfiguration {
         final String userObject = _configDao.getValue("ldap.user.object");
         return userObject == null ? "inetOrgPerson" : userObject;
     }
+
+    public String getSearchGroupPrinciple() {
+	return _configDao.getValue("ldap.search.group.principle");
+    }
 }
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/23f0187d/plugins/user-authenticators/ldap/src/org/apache/cloudstack/ldap/LdapUserManager.java
----------------------------------------------------------------------
diff --git a/plugins/user-authenticators/ldap/src/org/apache/cloudstack/ldap/LdapUserManager.java
b/plugins/user-authenticators/ldap/src/org/apache/cloudstack/ldap/LdapUserManager.java
index f255752..073edda 100644
--- a/plugins/user-authenticators/ldap/src/org/apache/cloudstack/ldap/LdapUserManager.java
+++ b/plugins/user-authenticators/ldap/src/org/apache/cloudstack/ldap/LdapUserManager.java
@@ -90,8 +90,15 @@ public class LdapUserManager {
         controls.setSearchScope(_ldapConfiguration.getScope());
         controls.setReturningAttributes(_ldapConfiguration.getReturnAttributes());
 
-        final String filter = "(&(objectClass=" + _ldapConfiguration.getUserObject()
+ ")" + "("
-                + _ldapConfiguration.getUsernameAttribute() + "=" + (username == null ? "*"
: username) + "))";
+	final String userObjectFilter = "(objectClass=" + _ldapConfiguration.getUserObject() + ")";
+	final String usernameFilter = "(" + _ldapConfiguration.getUsernameAttribute() + "=" + (username
== null ? "*" : username) + ")";
+	String memberOfFilter = "";
+	if(_ldapConfiguration.getSearchGroupPrinciple() != null) {
+	    memberOfFilter = "(memberof=" + _ldapConfiguration.getSearchGroupPrinciple() + ")";
+	}
+
+
+	final String filter = "(&" + userObjectFilter + usernameFilter + memberOfFilter + ")";
 
         return context.search(_ldapConfiguration.getBaseDn(), filter, controls);
     }

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/23f0187d/server/src/com/cloud/configuration/Config.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/configuration/Config.java b/server/src/com/cloud/configuration/Config.java
index 1ec0576..91bcbf5 100755
--- a/server/src/com/cloud/configuration/Config.java
+++ b/server/src/com/cloud/configuration/Config.java
@@ -433,6 +433,7 @@ public enum Config {
     LdapLastnameAttribute("Advanced", ManagementServer.class, String.class, "ldap.lastname.attribute",
"sn", "Sets the lastname attribute used within LDAP", null),
     LdapUsernameAttribute("Advanced", ManagementServer.class, String.class, "ldap.username.attribute",
"uid", "Sets the username attribute used within LDAP", null),
     LdapUserObject("Advanced", ManagementServer.class, String.class, "ldap.user.object",
"inetOrgPerson", "Sets the object type of users within LDAP", null),
+    LdapSearchGroupPrinciple("Advanced", ManagementServer.class, String.class, "ldap.search.group.principle",
null, "Sets the principle of the group that users must be a member of", null),
 
 	// VMSnapshots
     VMSnapshotMax("Advanced", VMSnapshotManager.class, Integer.class, "vmsnapshot.max", "10",
"Maximum vm snapshots for a vm", null),

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/23f0187d/setup/db/db/schema-410to420.sql
----------------------------------------------------------------------
diff --git a/setup/db/db/schema-410to420.sql b/setup/db/db/schema-410to420.sql
index f4cd1b1..9792991 100644
--- a/setup/db/db/schema-410to420.sql
+++ b/setup/db/db/schema-410to420.sql
@@ -2150,6 +2150,8 @@ INSERT IGNORE INTO `cloud`.`configuration` VALUES ('Advanced', 'DEFAULT',
'manag
 INSERT IGNORE INTO `cloud`.`configuration` VALUES ('Advanced', 'DEFAULT', 'management-server',
'ldap.lastname.attribute', 'sn', 'Sets the lastname attribute used within LDAP');
 INSERT IGNORE INTO `cloud`.`configuration` VALUES ('Advanced', 'DEFAULT', 'management-server',
'ldap.user.object', 'inetOrgPerson', 'Sets the object type of users within LDAP');
 INSERT IGNORE INTO `cloud`.`configuration` VALUES ('Advanced', 'DEFAULT', 'management-server',
'ldap.basedn', NULL, 'Sets the basedn for LDAP');
+INSERT IGNORE INTO `cloud`.`configuration` VALUES ('Advanced', 'DEFAULT', 'management-server',
'ldap.search.group.principle', NULL, 'Sets the principle of the group that users must be a
member of');
+
 
 CREATE TABLE `cloud`.`ldap_configuration` (
   `id` bigint unsigned NOT NULL auto_increment COMMENT 'id',


Mime
View raw message