Return-Path: X-Original-To: apmail-cloudstack-commits-archive@www.apache.org Delivered-To: apmail-cloudstack-commits-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 0740D1021F for ; Fri, 13 Dec 2013 12:14:57 +0000 (UTC) Received: (qmail 67619 invoked by uid 500); 13 Dec 2013 12:14:54 -0000 Delivered-To: apmail-cloudstack-commits-archive@cloudstack.apache.org Received: (qmail 67555 invoked by uid 500); 13 Dec 2013 12:14:54 -0000 Mailing-List: contact commits-help@cloudstack.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@cloudstack.apache.org Delivered-To: mailing list commits@cloudstack.apache.org Received: (qmail 67531 invoked by uid 99); 13 Dec 2013 12:14:53 -0000 Received: from tyr.zones.apache.org (HELO tyr.zones.apache.org) (140.211.11.114) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 13 Dec 2013 12:14:53 +0000 Received: by tyr.zones.apache.org (Postfix, from userid 65534) id 31BAD8B7CA8; Fri, 13 Dec 2013 12:14:53 +0000 (UTC) Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: kishan@apache.org To: commits@cloudstack.apache.org Date: Fri, 13 Dec 2013 12:14:54 -0000 Message-Id: <4969bf20927f4974bb84634d9bb4605b@git.apache.org> In-Reply-To: <8cbceb51c02447dcb5db903de3477167@git.apache.org> References: <8cbceb51c02447dcb5db903de3477167@git.apache.org> X-Mailer: ASF-Git Admin Mailer Subject: [2/3] git commit: updated refs/heads/master to b54ac9a CLOUDSTACK-5435 enabled encryption for ldap params Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/1d5051f6 Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/1d5051f6 Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/1d5051f6 Branch: refs/heads/master Commit: 1d5051f60e0b302287f4fd806a84e65afc7494d0 Parents: 86dadaa Author: Rajani Karuturi Authored: Fri Dec 13 17:28:06 2013 +0530 Committer: Kishan Kavala Committed: Fri Dec 13 17:44:24 2013 +0530 ---------------------------------------------------------------------- .../cloudstack/api/command/LDAPConfigCmd.java | 41 ++++++++------------ .../api/response/LdapConfigurationResponse.java | 13 +++---- .../cloudstack/ldap/LdapConfigurationVO.java | 21 ++++++---- .../apache/cloudstack/ldap/LdapManagerImpl.java | 9 ++--- setup/db/db/schema-421to430.sql | 2 +- 5 files changed, 40 insertions(+), 46 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cloudstack/blob/1d5051f6/plugins/user-authenticators/ldap/src/org/apache/cloudstack/api/command/LDAPConfigCmd.java ---------------------------------------------------------------------- diff --git a/plugins/user-authenticators/ldap/src/org/apache/cloudstack/api/command/LDAPConfigCmd.java b/plugins/user-authenticators/ldap/src/org/apache/cloudstack/api/command/LDAPConfigCmd.java index 5e424de..db6d7dd 100644 --- a/plugins/user-authenticators/ldap/src/org/apache/cloudstack/api/command/LDAPConfigCmd.java +++ b/plugins/user-authenticators/ldap/src/org/apache/cloudstack/api/command/LDAPConfigCmd.java @@ -21,9 +21,11 @@ import java.util.List; import javax.inject.Inject; -import org.apache.commons.lang.StringEscapeUtils; -import org.apache.log4j.Logger; - +import com.cloud.exception.ConcurrentOperationException; +import com.cloud.exception.InsufficientCapacityException; +import com.cloud.exception.InvalidParameterValueException; +import com.cloud.exception.ResourceAllocationException; +import com.cloud.exception.ResourceUnavailableException; import org.apache.cloudstack.api.APICommand; import org.apache.cloudstack.api.ApiConstants; import org.apache.cloudstack.api.BaseCmd; @@ -37,12 +39,9 @@ import org.apache.cloudstack.framework.config.impl.ConfigurationVO; import org.apache.cloudstack.ldap.LdapConfiguration; import org.apache.cloudstack.ldap.LdapConfigurationVO; import org.apache.cloudstack.ldap.LdapManager; +import org.apache.commons.lang.StringEscapeUtils; +import org.apache.log4j.Logger; -import com.cloud.exception.ConcurrentOperationException; -import com.cloud.exception.InsufficientCapacityException; -import com.cloud.exception.InvalidParameterValueException; -import com.cloud.exception.ResourceAllocationException; -import com.cloud.exception.ResourceUnavailableException; import com.cloud.user.Account; import com.cloud.utils.Pair; @@ -68,7 +67,7 @@ public class LDAPConfigCmd extends BaseCmd { ///////////////////////////////////////////////////// //////////////// API parameters ///////////////////// ///////////////////////////////////////////////////// - @Parameter(name = ApiConstants.LIST_ALL, type = CommandType.BOOLEAN, description = "If true return current LDAP configuration") + @Parameter(name = ApiConstants.LIST_ALL, type = BaseCmd.CommandType.BOOLEAN, description = "If true return current LDAP configuration") private Boolean listAll; @Parameter(name = ApiConstants.HOST_NAME, type = CommandType.STRING, description = "Hostname or ip address of the ldap server eg: my.ldap.com") @@ -80,19 +79,13 @@ public class LDAPConfigCmd extends BaseCmd { @Parameter(name = ApiConstants.USE_SSL, type = CommandType.BOOLEAN, description = "Check Use SSL if the external LDAP server is configured for LDAP over SSL.") private Boolean useSSL; - @Parameter(name = ApiConstants.SEARCH_BASE, - type = CommandType.STRING, - description = "The search base defines the starting point for the search in the directory tree Example: dc=cloud,dc=com.") + @Parameter(name = ApiConstants.SEARCH_BASE, type = CommandType.STRING, description = "The search base defines the starting point for the search in the directory tree Example: dc=cloud,dc=com.") private String searchBase; - @Parameter(name = ApiConstants.QUERY_FILTER, - type = CommandType.STRING, - description = "You specify a query filter here, which narrows down the users, who can be part of this domain.") + @Parameter(name = ApiConstants.QUERY_FILTER, type = CommandType.STRING, description = "You specify a query filter here, which narrows down the users, who can be part of this domain.") private String queryFilter; - @Parameter(name = ApiConstants.BIND_DN, - type = CommandType.STRING, - description = "Specify the distinguished name of a user with the search permission on the directory.") + @Parameter(name = ApiConstants.BIND_DN, type = CommandType.STRING, description = "Specify the distinguished name of a user with the search permission on the directory.") private String bindDN; @Parameter(name = ApiConstants.BIND_PASSWORD, type = CommandType.STRING, description = "Enter the password.") @@ -177,8 +170,7 @@ public class LDAPConfigCmd extends BaseCmd { ///////////////////////////////////////////////////// @Override - public void execute() throws ResourceUnavailableException, InsufficientCapacityException, ServerApiException, ConcurrentOperationException, - ResourceAllocationException { + public void execute() throws ResourceUnavailableException, InsufficientCapacityException, ServerApiException, ConcurrentOperationException, ResourceAllocationException { if (getListAll()) { // return the existing conf @@ -192,8 +184,7 @@ public class LDAPConfigCmd extends BaseCmd { String searchBaseConfig = _ldapConfiguration.getBaseDn(); String bindDnConfig = _ldapConfiguration.getBindPrincipal(); for (LdapConfigurationVO ldapConfigurationVO : result.first()) { - responses.add(createLDAPConfigResponse(ldapConfigurationVO.getHostname(), ldapConfigurationVO.getPort(), useSSlConfig, null, searchBaseConfig, - bindDnConfig)); + responses.add(createLDAPConfigResponse(ldapConfigurationVO.getHostname(), ldapConfigurationVO.getPort(), useSSlConfig, null, searchBaseConfig, bindDnConfig)); } } response.setResponses(responses); @@ -204,7 +195,7 @@ public class LDAPConfigCmd extends BaseCmd { } else { boolean result = updateLDAP(); if (result) { - LDAPConfigResponse lr = createLDAPConfigResponse(getHostname(), getPort(), getUseSSL(), getQueryFilter(), getSearchBase(), getBindDN()); + LDAPConfigResponse lr = this.createLDAPConfigResponse(getHostname(), getPort().toString(), getUseSSL(), getQueryFilter(), getSearchBase(), getBindDN()); lr.setResponseName(getCommandName()); setResponseObject(lr); } @@ -212,10 +203,10 @@ public class LDAPConfigCmd extends BaseCmd { } - private LDAPConfigResponse createLDAPConfigResponse(String hostname, Integer port, Boolean useSSL, String queryFilter, String searchBase, String bindDN) { + private LDAPConfigResponse createLDAPConfigResponse(String hostname, String port, Boolean useSSL, String queryFilter, String searchBase, String bindDN) { LDAPConfigResponse lr = new LDAPConfigResponse(); lr.setHostname(hostname); - lr.setPort(port.toString()); + lr.setPort(port); lr.setUseSSL(useSSL.toString()); lr.setQueryFilter(queryFilter); lr.setBindDN(bindDN); http://git-wip-us.apache.org/repos/asf/cloudstack/blob/1d5051f6/plugins/user-authenticators/ldap/src/org/apache/cloudstack/api/response/LdapConfigurationResponse.java ---------------------------------------------------------------------- diff --git a/plugins/user-authenticators/ldap/src/org/apache/cloudstack/api/response/LdapConfigurationResponse.java b/plugins/user-authenticators/ldap/src/org/apache/cloudstack/api/response/LdapConfigurationResponse.java index a4e4782..f03df42 100644 --- a/plugins/user-authenticators/ldap/src/org/apache/cloudstack/api/response/LdapConfigurationResponse.java +++ b/plugins/user-authenticators/ldap/src/org/apache/cloudstack/api/response/LdapConfigurationResponse.java @@ -16,11 +16,10 @@ // under the License. package org.apache.cloudstack.api.response; -import com.google.gson.annotations.SerializedName; - import org.apache.cloudstack.api.BaseResponse; import com.cloud.serializer.Param; +import com.google.gson.annotations.SerializedName; public class LdapConfigurationResponse extends BaseResponse { @SerializedName("hostname") @@ -29,7 +28,7 @@ public class LdapConfigurationResponse extends BaseResponse { @SerializedName("port") @Param(description = "port") - private int port; + private String port; public LdapConfigurationResponse() { super(); @@ -40,7 +39,7 @@ public class LdapConfigurationResponse extends BaseResponse { this.hostname = hostname; } - public LdapConfigurationResponse(final String hostname, final int port) { + public LdapConfigurationResponse(final String hostname, final String port) { this.hostname = hostname; this.port = port; } @@ -49,7 +48,7 @@ public class LdapConfigurationResponse extends BaseResponse { return hostname; } - public int getPort() { + public String getPort() { return port; } @@ -57,7 +56,7 @@ public class LdapConfigurationResponse extends BaseResponse { this.hostname = hostname; } - public void setPort(final int port) { + public void setPort(final String port) { this.port = port; } -} \ No newline at end of file +} http://git-wip-us.apache.org/repos/asf/cloudstack/blob/1d5051f6/plugins/user-authenticators/ldap/src/org/apache/cloudstack/ldap/LdapConfigurationVO.java ---------------------------------------------------------------------- diff --git a/plugins/user-authenticators/ldap/src/org/apache/cloudstack/ldap/LdapConfigurationVO.java b/plugins/user-authenticators/ldap/src/org/apache/cloudstack/ldap/LdapConfigurationVO.java index 488e7f4..54b35cb 100644 --- a/plugins/user-authenticators/ldap/src/org/apache/cloudstack/ldap/LdapConfigurationVO.java +++ b/plugins/user-authenticators/ldap/src/org/apache/cloudstack/ldap/LdapConfigurationVO.java @@ -16,6 +16,10 @@ // under the License. package org.apache.cloudstack.ldap; +import org.apache.cloudstack.api.InternalIdentity; + +import com.cloud.utils.db.Encrypt; + import javax.persistence.Column; import javax.persistence.Entity; import javax.persistence.GeneratedValue; @@ -23,26 +27,27 @@ import javax.persistence.GenerationType; import javax.persistence.Id; import javax.persistence.Table; -import org.apache.cloudstack.api.InternalIdentity; - @Entity @Table(name = "ldap_configuration") public class LdapConfigurationVO implements InternalIdentity { - @Column(name = "hostname") - private String hostname; @Id @GeneratedValue(strategy = GenerationType.IDENTITY) @Column(name = "id") private Long id; + @Encrypt + @Column(name = "hostname") + private String hostname; + + @Encrypt @Column(name = "port") - private int port; + private String port; public LdapConfigurationVO() { } - public LdapConfigurationVO(final String hostname, final int port) { + public LdapConfigurationVO(final String hostname, final String port) { this.hostname = hostname; this.port = port; } @@ -56,11 +61,11 @@ public class LdapConfigurationVO implements InternalIdentity { return id; } - public int getPort() { + public String getPort() { return port; } public void setId(final long id) { this.id = id; } -} \ No newline at end of file +} http://git-wip-us.apache.org/repos/asf/cloudstack/blob/1d5051f6/plugins/user-authenticators/ldap/src/org/apache/cloudstack/ldap/LdapManagerImpl.java ---------------------------------------------------------------------- diff --git a/plugins/user-authenticators/ldap/src/org/apache/cloudstack/ldap/LdapManagerImpl.java b/plugins/user-authenticators/ldap/src/org/apache/cloudstack/ldap/LdapManagerImpl.java index 6d71f4f..42b0aeb 100644 --- a/plugins/user-authenticators/ldap/src/org/apache/cloudstack/ldap/LdapManagerImpl.java +++ b/plugins/user-authenticators/ldap/src/org/apache/cloudstack/ldap/LdapManagerImpl.java @@ -24,9 +24,6 @@ import javax.inject.Inject; import javax.naming.NamingException; import javax.naming.directory.DirContext; -import org.apache.log4j.Logger; -import org.springframework.stereotype.Component; - import org.apache.cloudstack.api.LdapValidator; import org.apache.cloudstack.api.command.LDAPConfigCmd; import org.apache.cloudstack.api.command.LDAPRemoveCmd; @@ -40,6 +37,8 @@ import org.apache.cloudstack.api.command.LdapUserSearchCmd; import org.apache.cloudstack.api.response.LdapConfigurationResponse; import org.apache.cloudstack.api.response.LdapUserResponse; import org.apache.cloudstack.ldap.dao.LdapConfigurationDao; +import org.apache.log4j.Logger; +import org.springframework.stereotype.Component; import com.cloud.exception.InvalidParameterValueException; import com.cloud.utils.Pair; @@ -76,10 +75,10 @@ public class LdapManagerImpl implements LdapManager, LdapValidator { try { final String providerUrl = "ldap://" + hostname + ":" + port; _ldapContextFactory.createBindContext(providerUrl); - configuration = new LdapConfigurationVO(hostname, port); + configuration = new LdapConfigurationVO(hostname, Integer.toString(port)); _ldapConfigurationDao.persist(configuration); s_logger.info("Added new ldap server with hostname: " + hostname); - return new LdapConfigurationResponse(hostname, port); + return new LdapConfigurationResponse(hostname, Integer.toString(port)); } catch (final NamingException e) { throw new InvalidParameterValueException("Unable to bind to the given LDAP server"); } http://git-wip-us.apache.org/repos/asf/cloudstack/blob/1d5051f6/setup/db/db/schema-421to430.sql ---------------------------------------------------------------------- diff --git a/setup/db/db/schema-421to430.sql b/setup/db/db/schema-421to430.sql index 532a33a..b1b378b 100644 --- a/setup/db/db/schema-421to430.sql +++ b/setup/db/db/schema-421to430.sql @@ -618,7 +618,7 @@ INSERT INTO `cloud`.`configuration`(category, instance, component, name, value, CREATE TABLE `cloud`.`ldap_configuration` ( `id` bigint unsigned NOT NULL auto_increment COMMENT 'id', `hostname` varchar(255) NOT NULL COMMENT 'the hostname of the ldap server', - `port` int(10) COMMENT 'port that the ldap server is listening on', + `port` varchar(255) COMMENT 'port that the ldap server is listening on', PRIMARY KEY (`id`) ) ENGINE=InnoDB DEFAULT CHARSET=utf8;