ranger-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From v..@apache.org
Subject [3/3] incubator-ranger git commit: RANGER-1012: Added code to always prompt for ldap bind password while running the ldap tool instead of storing & reading from file
Date Fri, 10 Jun 2016 15:31:10 GMT
RANGER-1012: Added code to always prompt for ldap bind password while running the ldap tool
instead of storing & reading from file

Signed-off-by: Velmurugan Periasamy <vel@apache.org>


Project: http://git-wip-us.apache.org/repos/asf/incubator-ranger/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-ranger/commit/ae4ce8e0
Tree: http://git-wip-us.apache.org/repos/asf/incubator-ranger/tree/ae4ce8e0
Diff: http://git-wip-us.apache.org/repos/asf/incubator-ranger/diff/ae4ce8e0

Branch: refs/heads/master
Commit: ae4ce8e080941d9ff6de91982d70efa8d6413ee3
Parents: 7ee4aac
Author: Sailaja Polavarapu <spolavarapu@hortonworks.com>
Authored: Wed Jun 8 16:04:09 2016 -0700
Committer: Velmurugan Periasamy <vel@apache.org>
Committed: Fri Jun 10 11:30:28 2016 -0400

----------------------------------------------------------------------
 .../ldapconfigcheck/conf/input.properties              |  1 -
 .../ldapconfigchecktool/ldapconfigcheck/scripts/run.sh | 10 +++++++++-
 .../ranger/ldapconfigcheck/CommandLineOptions.java     | 13 ++++++++++++-
 .../org/apache/ranger/ldapconfigcheck/LdapConfig.java  |  9 +++++----
 .../ranger/ldapconfigcheck/LdapConfigCheckMain.java    |  4 ++--
 5 files changed, 28 insertions(+), 9 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/ae4ce8e0/ugsync/ldapconfigchecktool/ldapconfigcheck/conf/input.properties
----------------------------------------------------------------------
diff --git a/ugsync/ldapconfigchecktool/ldapconfigcheck/conf/input.properties b/ugsync/ldapconfigchecktool/ldapconfigcheck/conf/input.properties
index 38e6f5a..449ee6f 100755
--- a/ugsync/ldapconfigchecktool/ldapconfigcheck/conf/input.properties
+++ b/ugsync/ldapconfigchecktool/ldapconfigcheck/conf/input.properties
@@ -16,7 +16,6 @@
 # Mandatory ldap configuration properties.
 ranger.usersync.ldap.url=
 ranger.usersync.ldap.binddn=
-ranger.usersync.ldap.ldapbindpassword=
 
 # Mandatory only for openLdap 
 ranger.usersync.ldap.user.searchbase=

http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/ae4ce8e0/ugsync/ldapconfigchecktool/ldapconfigcheck/scripts/run.sh
----------------------------------------------------------------------
diff --git a/ugsync/ldapconfigchecktool/ldapconfigcheck/scripts/run.sh b/ugsync/ldapconfigchecktool/ldapconfigcheck/scripts/run.sh
index e5c313a..f3f7ac5 100755
--- a/ugsync/ldapconfigchecktool/ldapconfigcheck/scripts/run.sh
+++ b/ugsync/ldapconfigchecktool/ldapconfigcheck/scripts/run.sh
@@ -32,10 +32,11 @@ cdir=`pwd`
 cp="${cdir}/lib/*:${cdir}/conf"
 OUTDIR="${cdir}/output/"
 JAVA_CMD="java -cp ${cdir}/lib/ldapconfigcheck.jar:${cp} org.apache.ranger.ldapconfigcheck.LdapConfigCheckMain"
-
+INPUTFILE=""
 while getopts "i:o:d:r:ah" opt; do
   case $opt in
     i) INFILE=$OPTARG
+    INPUTFILE=$OPTARG
 	JAVA_CMD="$JAVA_CMD -i $OPTARG"
 	;;
     o) OUTDIR=$OPTARG
@@ -61,6 +62,13 @@ JAVA_CMD="$JAVA_CMD -o $OUTDIR"
 
 echo "JAVA commnad = $JAVA_CMD"
 
+if [ "${INPUTFILE}" != "" ]
+then
+	prompt="Ldap Bind Password:"
+	read -p "$prompt" -s password
+	JAVA_CMD="$JAVA_CMD -p $password"
+fi
+
 if [ "${JAVA_HOME}" != "" ]
 then
 	export JAVA_HOME

http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/ae4ce8e0/ugsync/ldapconfigchecktool/ldapconfigcheck/src/main/java/org/apache/ranger/ldapconfigcheck/CommandLineOptions.java
----------------------------------------------------------------------
diff --git a/ugsync/ldapconfigchecktool/ldapconfigcheck/src/main/java/org/apache/ranger/ldapconfigcheck/CommandLineOptions.java
b/ugsync/ldapconfigchecktool/ldapconfigcheck/src/main/java/org/apache/ranger/ldapconfigcheck/CommandLineOptions.java
index c71e5cc..340acf0 100644
--- a/ugsync/ldapconfigchecktool/ldapconfigcheck/src/main/java/org/apache/ranger/ldapconfigcheck/CommandLineOptions.java
+++ b/ugsync/ldapconfigchecktool/ldapconfigcheck/src/main/java/org/apache/ranger/ldapconfigcheck/CommandLineOptions.java
@@ -47,6 +47,7 @@ public class CommandLineOptions {
         options.addOption("d", "discoverProperties", true, "{all|users|groups}");
         options.addOption("r", "retrieve", true, "{all|users|groups}");
         options.addOption("a", "noAuthentication", false, "Ignore authentication properties");
+        options.addOption("p", true, "Ldap Bind Password");
     }
 
     public void parse() {
@@ -56,7 +57,13 @@ public class CommandLineOptions {
             if (cmd.hasOption("h")) {
 
             }
-
+            
+            if (cmd.hasOption("p")) {
+            	bindPassword = cmd.getOptionValue("p");
+            	if (bindPassword.trim().isEmpty()) {
+            		System.out.println("Ldap Bind Password cannot be empty!");
+            	}
+            }
 
             if (cmd.hasOption("o")) {
                 output = cmd.getOptionValue("o");
@@ -98,6 +105,10 @@ public class CommandLineOptions {
                     System.out.println("Please specify the input properties file name");
                     help();
                 }
+                
+                if (bindPassword == null || bindPassword.trim().isEmpty()) {
+            		System.out.println("Missing Ldap Bind Password!");
+            	}
 
             } else {
                 // Read the properties from CLI and write to the input properties file.

http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/ae4ce8e0/ugsync/ldapconfigchecktool/ldapconfigcheck/src/main/java/org/apache/ranger/ldapconfigcheck/LdapConfig.java
----------------------------------------------------------------------
diff --git a/ugsync/ldapconfigchecktool/ldapconfigcheck/src/main/java/org/apache/ranger/ldapconfigcheck/LdapConfig.java
b/ugsync/ldapconfigchecktool/ldapconfigcheck/src/main/java/org/apache/ranger/ldapconfigcheck/LdapConfig.java
index 4f7b004..6cd2f83 100644
--- a/ugsync/ldapconfigchecktool/ldapconfigcheck/src/main/java/org/apache/ranger/ldapconfigcheck/LdapConfig.java
+++ b/ugsync/ldapconfigchecktool/ldapconfigcheck/src/main/java/org/apache/ranger/ldapconfigcheck/LdapConfig.java
@@ -109,12 +109,13 @@ public class LdapConfig {
     private Properties prop = new Properties();
 
 
-    public LdapConfig(String configFile) {
-        init(configFile);
+    public LdapConfig(String configFile, String bindPasswd) {
+        init(configFile, bindPasswd);
     }
 
-    private void init(String configFile) {
+    private void init(String configFile, String bindPasswd) {
         readConfigFile(configFile);
+        prop.setProperty(LGSYNC_LDAP_BIND_PASSWORD, bindPasswd);
     }
 
     private void readConfigFile(String fileName) {
@@ -419,7 +420,7 @@ public class LdapConfig {
             prop.setProperty(AUTH_PASSWORD, authPass);
             config.setProperty(LGSYNC_LDAP_URL, ldapUrl);
             config.setProperty(LGSYNC_LDAP_BIND_DN, bindDn);
-            config.setProperty(LGSYNC_LDAP_BIND_PASSWORD, bindPassword);
+            //config.setProperty(LGSYNC_LDAP_BIND_PASSWORD, bindPassword);
             config.setProperty(LGSYNC_USER_SEARCH_BASE, userSearchBase);
             config.setProperty(LGSYNC_USER_SEARCH_FILTER, userSearchFilter);
             config.setProperty(AUTH_USERNAME, authUser);

http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/ae4ce8e0/ugsync/ldapconfigchecktool/ldapconfigcheck/src/main/java/org/apache/ranger/ldapconfigcheck/LdapConfigCheckMain.java
----------------------------------------------------------------------
diff --git a/ugsync/ldapconfigchecktool/ldapconfigcheck/src/main/java/org/apache/ranger/ldapconfigcheck/LdapConfigCheckMain.java
b/ugsync/ldapconfigchecktool/ldapconfigcheck/src/main/java/org/apache/ranger/ldapconfigcheck/LdapConfigCheckMain.java
index 073df27..fe9326f 100644
--- a/ugsync/ldapconfigchecktool/ldapconfigcheck/src/main/java/org/apache/ranger/ldapconfigcheck/LdapConfigCheckMain.java
+++ b/ugsync/ldapconfigchecktool/ldapconfigcheck/src/main/java/org/apache/ranger/ldapconfigcheck/LdapConfigCheckMain.java
@@ -49,7 +49,7 @@ public class LdapConfigCheckMain {
             outputDir = outputDir.concat("/");
         }
 
-        LdapConfig config = new LdapConfig(inFileName);
+        LdapConfig config = new LdapConfig(inFileName, cli.getBindPassword());
         if (cli.getLdapUrl() != null && !cli.getLdapUrl().isEmpty()) {
             config.updateInputPropFile(cli.getLdapUrl(), cli.getBindDn(), cli.getBindPassword(),
                     cli.getUserSearchBase(), cli.getUserSearchFilter(), cli.getAuthUser(),
cli.getAuthPass());
@@ -74,7 +74,7 @@ public class LdapConfigCheckMain {
                     "com.sun.jndi.ldap.LdapCtxFactory");
             env.put(Context.PROVIDER_URL, config.getLdapUrl());
             env.put(Context.SECURITY_PRINCIPAL, bindDn);
-            env.put(Context.SECURITY_CREDENTIALS, config.getLdapBindPassword());
+            env.put(Context.SECURITY_CREDENTIALS, cli.getBindPassword());
             env.put(Context.SECURITY_AUTHENTICATION, config.getLdapAuthenticationMechanism());
             env.put(Context.REFERRAL, "follow");
 


Mime
View raw message