cloudstack-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From kis...@apache.org
Subject [2/3] git commit: updated refs/heads/master to b54ac9a
Date Fri, 13 Dec 2013 12:14:54 GMT
CLOUDSTACK-5435 enabled encryption for ldap params


Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/1d5051f6
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/1d5051f6
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/1d5051f6

Branch: refs/heads/master
Commit: 1d5051f60e0b302287f4fd806a84e65afc7494d0
Parents: 86dadaa
Author: Rajani Karuturi <rajanikaruturi@gmail.com>
Authored: Fri Dec 13 17:28:06 2013 +0530
Committer: Kishan Kavala <kishan@cloud.com>
Committed: Fri Dec 13 17:44:24 2013 +0530

----------------------------------------------------------------------
 .../cloudstack/api/command/LDAPConfigCmd.java   | 41 ++++++++------------
 .../api/response/LdapConfigurationResponse.java | 13 +++----
 .../cloudstack/ldap/LdapConfigurationVO.java    | 21 ++++++----
 .../apache/cloudstack/ldap/LdapManagerImpl.java |  9 ++---
 setup/db/db/schema-421to430.sql                 |  2 +-
 5 files changed, 40 insertions(+), 46 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cloudstack/blob/1d5051f6/plugins/user-authenticators/ldap/src/org/apache/cloudstack/api/command/LDAPConfigCmd.java
----------------------------------------------------------------------
diff --git a/plugins/user-authenticators/ldap/src/org/apache/cloudstack/api/command/LDAPConfigCmd.java
b/plugins/user-authenticators/ldap/src/org/apache/cloudstack/api/command/LDAPConfigCmd.java
index 5e424de..db6d7dd 100644
--- a/plugins/user-authenticators/ldap/src/org/apache/cloudstack/api/command/LDAPConfigCmd.java
+++ b/plugins/user-authenticators/ldap/src/org/apache/cloudstack/api/command/LDAPConfigCmd.java
@@ -21,9 +21,11 @@ import java.util.List;
 
 import javax.inject.Inject;
 
-import org.apache.commons.lang.StringEscapeUtils;
-import org.apache.log4j.Logger;
-
+import com.cloud.exception.ConcurrentOperationException;
+import com.cloud.exception.InsufficientCapacityException;
+import com.cloud.exception.InvalidParameterValueException;
+import com.cloud.exception.ResourceAllocationException;
+import com.cloud.exception.ResourceUnavailableException;
 import org.apache.cloudstack.api.APICommand;
 import org.apache.cloudstack.api.ApiConstants;
 import org.apache.cloudstack.api.BaseCmd;
@@ -37,12 +39,9 @@ import org.apache.cloudstack.framework.config.impl.ConfigurationVO;
 import org.apache.cloudstack.ldap.LdapConfiguration;
 import org.apache.cloudstack.ldap.LdapConfigurationVO;
 import org.apache.cloudstack.ldap.LdapManager;
+import org.apache.commons.lang.StringEscapeUtils;
+import org.apache.log4j.Logger;
 
-import com.cloud.exception.ConcurrentOperationException;
-import com.cloud.exception.InsufficientCapacityException;
-import com.cloud.exception.InvalidParameterValueException;
-import com.cloud.exception.ResourceAllocationException;
-import com.cloud.exception.ResourceUnavailableException;
 import com.cloud.user.Account;
 import com.cloud.utils.Pair;
 
@@ -68,7 +67,7 @@ public class LDAPConfigCmd extends BaseCmd {
     /////////////////////////////////////////////////////
     //////////////// API parameters /////////////////////
     /////////////////////////////////////////////////////
-    @Parameter(name = ApiConstants.LIST_ALL, type = CommandType.BOOLEAN, description = "If
true return current LDAP configuration")
+    @Parameter(name = ApiConstants.LIST_ALL, type = BaseCmd.CommandType.BOOLEAN, description
= "If true return current LDAP configuration")
     private Boolean listAll;
 
     @Parameter(name = ApiConstants.HOST_NAME, type = CommandType.STRING, description = "Hostname
or ip address of the ldap server eg: my.ldap.com")
@@ -80,19 +79,13 @@ public class LDAPConfigCmd extends BaseCmd {
     @Parameter(name = ApiConstants.USE_SSL, type = CommandType.BOOLEAN, description = "Check
Use SSL if the external LDAP server is configured for LDAP over SSL.")
     private Boolean useSSL;
 
-    @Parameter(name = ApiConstants.SEARCH_BASE,
-               type = CommandType.STRING,
-               description = "The search base defines the starting point for the search in
the directory tree Example:  dc=cloud,dc=com.")
+    @Parameter(name = ApiConstants.SEARCH_BASE, type = CommandType.STRING, description =
"The search base defines the starting point for the search in the directory tree Example:
 dc=cloud,dc=com.")
     private String searchBase;
 
-    @Parameter(name = ApiConstants.QUERY_FILTER,
-               type = CommandType.STRING,
-               description = "You specify a query filter here, which narrows down the users,
who can be part of this domain.")
+    @Parameter(name = ApiConstants.QUERY_FILTER, type = CommandType.STRING, description =
"You specify a query filter here, which narrows down the users, who can be part of this domain.")
     private String queryFilter;
 
-    @Parameter(name = ApiConstants.BIND_DN,
-               type = CommandType.STRING,
-               description = "Specify the distinguished name of a user with the search permission
on the directory.")
+    @Parameter(name = ApiConstants.BIND_DN, type = CommandType.STRING, description = "Specify
the distinguished name of a user with the search permission on the directory.")
     private String bindDN;
 
     @Parameter(name = ApiConstants.BIND_PASSWORD, type = CommandType.STRING, description
= "Enter the password.")
@@ -177,8 +170,7 @@ public class LDAPConfigCmd extends BaseCmd {
     /////////////////////////////////////////////////////
 
     @Override
-    public void execute() throws ResourceUnavailableException, InsufficientCapacityException,
ServerApiException, ConcurrentOperationException,
-        ResourceAllocationException {
+    public void execute() throws ResourceUnavailableException, InsufficientCapacityException,
ServerApiException, ConcurrentOperationException, ResourceAllocationException {
         if (getListAll()) {
             // return the existing conf
 
@@ -192,8 +184,7 @@ public class LDAPConfigCmd extends BaseCmd {
                 String searchBaseConfig = _ldapConfiguration.getBaseDn();
                 String bindDnConfig = _ldapConfiguration.getBindPrincipal();
                 for (LdapConfigurationVO ldapConfigurationVO : result.first()) {
-                    responses.add(createLDAPConfigResponse(ldapConfigurationVO.getHostname(),
ldapConfigurationVO.getPort(), useSSlConfig, null, searchBaseConfig,
-                        bindDnConfig));
+                    responses.add(createLDAPConfigResponse(ldapConfigurationVO.getHostname(),
ldapConfigurationVO.getPort(), useSSlConfig, null, searchBaseConfig, bindDnConfig));
                 }
             }
             response.setResponses(responses);
@@ -204,7 +195,7 @@ public class LDAPConfigCmd extends BaseCmd {
         } else {
             boolean result = updateLDAP();
             if (result) {
-                LDAPConfigResponse lr = createLDAPConfigResponse(getHostname(), getPort(),
getUseSSL(), getQueryFilter(), getSearchBase(), getBindDN());
+                LDAPConfigResponse lr = this.createLDAPConfigResponse(getHostname(), getPort().toString(),
getUseSSL(), getQueryFilter(), getSearchBase(), getBindDN());
                 lr.setResponseName(getCommandName());
                 setResponseObject(lr);
             }
@@ -212,10 +203,10 @@ public class LDAPConfigCmd extends BaseCmd {
 
     }
 
-    private LDAPConfigResponse createLDAPConfigResponse(String hostname, Integer port, Boolean
useSSL, String queryFilter, String searchBase, String bindDN) {
+    private LDAPConfigResponse createLDAPConfigResponse(String hostname, String port, Boolean
useSSL, String queryFilter, String searchBase, String bindDN) {
         LDAPConfigResponse lr = new LDAPConfigResponse();
         lr.setHostname(hostname);
-        lr.setPort(port.toString());
+        lr.setPort(port);
         lr.setUseSSL(useSSL.toString());
         lr.setQueryFilter(queryFilter);
         lr.setBindDN(bindDN);

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/1d5051f6/plugins/user-authenticators/ldap/src/org/apache/cloudstack/api/response/LdapConfigurationResponse.java
----------------------------------------------------------------------
diff --git a/plugins/user-authenticators/ldap/src/org/apache/cloudstack/api/response/LdapConfigurationResponse.java
b/plugins/user-authenticators/ldap/src/org/apache/cloudstack/api/response/LdapConfigurationResponse.java
index a4e4782..f03df42 100644
--- a/plugins/user-authenticators/ldap/src/org/apache/cloudstack/api/response/LdapConfigurationResponse.java
+++ b/plugins/user-authenticators/ldap/src/org/apache/cloudstack/api/response/LdapConfigurationResponse.java
@@ -16,11 +16,10 @@
 // under the License.
 package org.apache.cloudstack.api.response;
 
-import com.google.gson.annotations.SerializedName;
-
 import org.apache.cloudstack.api.BaseResponse;
 
 import com.cloud.serializer.Param;
+import com.google.gson.annotations.SerializedName;
 
 public class LdapConfigurationResponse extends BaseResponse {
     @SerializedName("hostname")
@@ -29,7 +28,7 @@ public class LdapConfigurationResponse extends BaseResponse {
 
     @SerializedName("port")
     @Param(description = "port")
-    private int port;
+    private String port;
 
     public LdapConfigurationResponse() {
         super();
@@ -40,7 +39,7 @@ public class LdapConfigurationResponse extends BaseResponse {
         this.hostname = hostname;
     }
 
-    public LdapConfigurationResponse(final String hostname, final int port) {
+    public LdapConfigurationResponse(final String hostname, final String port) {
         this.hostname = hostname;
         this.port = port;
     }
@@ -49,7 +48,7 @@ public class LdapConfigurationResponse extends BaseResponse {
         return hostname;
     }
 
-    public int getPort() {
+    public String getPort() {
         return port;
     }
 
@@ -57,7 +56,7 @@ public class LdapConfigurationResponse extends BaseResponse {
         this.hostname = hostname;
     }
 
-    public void setPort(final int port) {
+    public void setPort(final String port) {
         this.port = port;
     }
-}
\ No newline at end of file
+}

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/1d5051f6/plugins/user-authenticators/ldap/src/org/apache/cloudstack/ldap/LdapConfigurationVO.java
----------------------------------------------------------------------
diff --git a/plugins/user-authenticators/ldap/src/org/apache/cloudstack/ldap/LdapConfigurationVO.java
b/plugins/user-authenticators/ldap/src/org/apache/cloudstack/ldap/LdapConfigurationVO.java
index 488e7f4..54b35cb 100644
--- a/plugins/user-authenticators/ldap/src/org/apache/cloudstack/ldap/LdapConfigurationVO.java
+++ b/plugins/user-authenticators/ldap/src/org/apache/cloudstack/ldap/LdapConfigurationVO.java
@@ -16,6 +16,10 @@
 // under the License.
 package org.apache.cloudstack.ldap;
 
+import org.apache.cloudstack.api.InternalIdentity;
+
+import com.cloud.utils.db.Encrypt;
+
 import javax.persistence.Column;
 import javax.persistence.Entity;
 import javax.persistence.GeneratedValue;
@@ -23,26 +27,27 @@ import javax.persistence.GenerationType;
 import javax.persistence.Id;
 import javax.persistence.Table;
 
-import org.apache.cloudstack.api.InternalIdentity;
-
 @Entity
 @Table(name = "ldap_configuration")
 public class LdapConfigurationVO implements InternalIdentity {
-    @Column(name = "hostname")
-    private String hostname;
 
     @Id
     @GeneratedValue(strategy = GenerationType.IDENTITY)
     @Column(name = "id")
     private Long id;
 
+    @Encrypt
+    @Column(name = "hostname")
+    private String hostname;
+
+    @Encrypt
     @Column(name = "port")
-    private int port;
+    private String port;
 
     public LdapConfigurationVO() {
     }
 
-    public LdapConfigurationVO(final String hostname, final int port) {
+    public LdapConfigurationVO(final String hostname, final String port) {
         this.hostname = hostname;
         this.port = port;
     }
@@ -56,11 +61,11 @@ public class LdapConfigurationVO implements InternalIdentity {
         return id;
     }
 
-    public int getPort() {
+    public String getPort() {
         return port;
     }
 
     public void setId(final long id) {
         this.id = id;
     }
-}
\ No newline at end of file
+}

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/1d5051f6/plugins/user-authenticators/ldap/src/org/apache/cloudstack/ldap/LdapManagerImpl.java
----------------------------------------------------------------------
diff --git a/plugins/user-authenticators/ldap/src/org/apache/cloudstack/ldap/LdapManagerImpl.java
b/plugins/user-authenticators/ldap/src/org/apache/cloudstack/ldap/LdapManagerImpl.java
index 6d71f4f..42b0aeb 100644
--- a/plugins/user-authenticators/ldap/src/org/apache/cloudstack/ldap/LdapManagerImpl.java
+++ b/plugins/user-authenticators/ldap/src/org/apache/cloudstack/ldap/LdapManagerImpl.java
@@ -24,9 +24,6 @@ import javax.inject.Inject;
 import javax.naming.NamingException;
 import javax.naming.directory.DirContext;
 
-import org.apache.log4j.Logger;
-import org.springframework.stereotype.Component;
-
 import org.apache.cloudstack.api.LdapValidator;
 import org.apache.cloudstack.api.command.LDAPConfigCmd;
 import org.apache.cloudstack.api.command.LDAPRemoveCmd;
@@ -40,6 +37,8 @@ import org.apache.cloudstack.api.command.LdapUserSearchCmd;
 import org.apache.cloudstack.api.response.LdapConfigurationResponse;
 import org.apache.cloudstack.api.response.LdapUserResponse;
 import org.apache.cloudstack.ldap.dao.LdapConfigurationDao;
+import org.apache.log4j.Logger;
+import org.springframework.stereotype.Component;
 
 import com.cloud.exception.InvalidParameterValueException;
 import com.cloud.utils.Pair;
@@ -76,10 +75,10 @@ public class LdapManagerImpl implements LdapManager, LdapValidator {
             try {
                 final String providerUrl = "ldap://" + hostname + ":" + port;
                 _ldapContextFactory.createBindContext(providerUrl);
-                configuration = new LdapConfigurationVO(hostname, port);
+                configuration = new LdapConfigurationVO(hostname, Integer.toString(port));
                 _ldapConfigurationDao.persist(configuration);
                 s_logger.info("Added new ldap server with hostname: " + hostname);
-                return new LdapConfigurationResponse(hostname, port);
+                return new LdapConfigurationResponse(hostname, Integer.toString(port));
             } catch (final NamingException e) {
                 throw new InvalidParameterValueException("Unable to bind to the given LDAP
server");
             }

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/1d5051f6/setup/db/db/schema-421to430.sql
----------------------------------------------------------------------
diff --git a/setup/db/db/schema-421to430.sql b/setup/db/db/schema-421to430.sql
index 532a33a..b1b378b 100644
--- a/setup/db/db/schema-421to430.sql
+++ b/setup/db/db/schema-421to430.sql
@@ -618,7 +618,7 @@ INSERT INTO `cloud`.`configuration`(category, instance, component, name,
value,
 CREATE TABLE `cloud`.`ldap_configuration` (
   `id` bigint unsigned NOT NULL auto_increment COMMENT 'id',
   `hostname` varchar(255) NOT NULL COMMENT 'the hostname of the ldap server',
-  `port` int(10) COMMENT 'port that the ldap server is listening on',
+  `port` varchar(255) COMMENT 'port that the ldap server is listening on',
   PRIMARY KEY  (`id`)
 ) ENGINE=InnoDB DEFAULT CHARSET=utf8;
 


Mime
View raw message