You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ambari.apache.org by ak...@apache.org on 2016/09/13 12:33:09 UTC
ambari git commit: AMBARI-17787. LDAPS must be used to communicate
with an Active Directory when Kerberos is being enabled (FE) (akovalenko)
Repository: ambari
Updated Branches:
refs/heads/branch-2.5 275d5dffc -> 29b388903
AMBARI-17787. LDAPS must be used to communicate with an Active Directory when Kerberos is being enabled (FE) (akovalenko)
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/29b38890
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/29b38890
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/29b38890
Branch: refs/heads/branch-2.5
Commit: 29b3889032428e0d7af11255f9b7ed755960b314
Parents: 275d5df
Author: Aleksandr Kovalenko <ak...@hortonworks.com>
Authored: Tue Jul 19 14:53:07 2016 +0300
Committer: Aleksandr Kovalenko <ak...@hortonworks.com>
Committed: Tue Sep 13 15:32:43 2016 +0300
----------------------------------------------------------------------
.../1.10.3-10/configuration/kerberos-env.xml | 2 ++
ambari-web/app/messages.js | 1 +
ambari-web/app/utils/config.js | 4 ++++
ambari-web/app/utils/validator.js | 10 ++++++++++
ambari-web/test/utils/validator_test.js | 17 +++++++++++++++++
5 files changed, 34 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ambari/blob/29b38890/ambari-server/src/main/resources/common-services/KERBEROS/1.10.3-10/configuration/kerberos-env.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/KERBEROS/1.10.3-10/configuration/kerberos-env.xml b/ambari-server/src/main/resources/common-services/KERBEROS/1.10.3-10/configuration/kerberos-env.xml
index 9f6b446..7016437 100644
--- a/ambari-server/src/main/resources/common-services/KERBEROS/1.10.3-10/configuration/kerberos-env.xml
+++ b/ambari-server/src/main/resources/common-services/KERBEROS/1.10.3-10/configuration/kerberos-env.xml
@@ -82,11 +82,13 @@
<display-name>LDAP url</display-name>
<description>
The URL to the Active Directory LDAP Interface
+ Example: ldaps://ad.example.com:636
</description>
<value/>
<value-attributes>
<visible>false</visible>
<overridable>false</overridable>
+ <type>ldap_url</type>
</value-attributes>
<on-ambari-upgrade add="true"/>
</property>
http://git-wip-us.apache.org/repos/asf/ambari/blob/29b38890/ambari-web/app/messages.js
----------------------------------------------------------------------
diff --git a/ambari-web/app/messages.js b/ambari-web/app/messages.js
index 0640916..076aa6d 100644
--- a/ambari-web/app/messages.js
+++ b/ambari-web/app/messages.js
@@ -3039,6 +3039,7 @@ Em.I18n.translations = {
'errorMessage.config.number.float': 'Must be a valid number',
'errorMessage.config.mail': 'Must be a valid email address',
'errorMessage.config.user': 'Value is not valid',
+ 'errorMessage.config.ldapUrl': 'Must be a valid LDAP url',
'errorMessage.config.password': 'Passwords do not match',
'errorMessage.config.directory.heterogeneous': 'dir format is wrong, can be "[{storage type}]/{dir name}"',
'errorMessage.config.directory.default': 'Must be a slash or drive at the start, and must not contain white spaces',
http://git-wip-us.apache.org/repos/asf/ambari/blob/29b38890/ambari-web/app/utils/config.js
----------------------------------------------------------------------
diff --git a/ambari-web/app/utils/config.js b/ambari-web/app/utils/config.js
index 0a4d546..3110685 100644
--- a/ambari-web/app/utils/config.js
+++ b/ambari-web/app/utils/config.js
@@ -619,6 +619,10 @@ App.config = Em.Object.create({
return function (value) {
return !validator.isValidDbName(value) ? Em.I18n.t('errorMessage.config.user') : '';
};
+ case 'ldap_url':
+ return function (value) {
+ return !validator.isValidLdapsURL(value) ? Em.I18n.t('errorMessage.config.ldapUrl') : '';
+ };
default:
return function (value, name) {
if (['javax.jdo.option.ConnectionURL', 'oozie.service.JPAService.jdbc.url'].contains(name)
http://git-wip-us.apache.org/repos/asf/ambari/blob/29b38890/ambari-web/app/utils/validator.js
----------------------------------------------------------------------
diff --git a/ambari-web/app/utils/validator.js b/ambari-web/app/utils/validator.js
index 6929fa2..7b08d37 100644
--- a/ambari-web/app/utils/validator.js
+++ b/ambari-web/app/utils/validator.js
@@ -322,6 +322,16 @@ module.exports = {
isValidAlertName: function(value) {
var alertNameRegex = /^[\s0-9a-z_\-%]+$/i;
return alertNameRegex.test(value);
+ },
+
+ /**
+ * Validate ldaps URL
+ * @param {string} value
+ * @returns {boolean}
+ */
+ isValidLdapsURL: function(value) {
+ var ldapsUrlRegex = /^(ldaps):\/\/(((([a-z]|\d|-|\.|_|~|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(%[\da-f]{2})|[!\$&'\(\)\*\+,;=]|:)*@)?(((\d|[1-9]\d|1\d\d|2[0-4]\d|25[0-5])\.(\d|[1-9]\d|1\d\d|2[0-4]\d|25[0-5])\.(\d|[1-9]\d|1\d\d|2[0-4]\d|25[0-5])\.(\d|[1-9]\d|1\d\d|2[0-4]\d|25[0-5]))|((([a-z]|\d|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(([a-z]|\d|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])([a-z]|\d|-|\.|_|~|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])*([a-z]|\d|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])))\.)+(([a-z]|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(([a-z]|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])([a-z]|\d|-|\.|_|~|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])*([a-z]|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])))\.?)(:\d*)?)(\/((([a-z]|\d|-|\.|_|~|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(%[\da-f]{2})|[!\$&'\(\)\*\+,;=]|:|@)+(\/(([a-z]|\d|-|\.|_|~|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(%[\da-f]{2})|[!\$&'\(\)\*\+,;=]|:|@)*)*)?)?(\?((([a-z]|\d|-|\.|_|~|[\u00A0-\uD7
FF\uF900-\uFDCF\uFDF0-\uFFEF])|(%[\da-f]{2})|[!\$&'\(\)\*\+,;=]|:|@)|[\uE000-\uF8FF]|\/|\?)*)?(\#((([a-z]|\d|-|\.|_|~|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(%[\da-f]{2})|[!\$&'\(\)\*\+,;=]|:|@)|\/|\?)*)?$/i;
+ return ldapsUrlRegex.test(value);
}
};
http://git-wip-us.apache.org/repos/asf/ambari/blob/29b38890/ambari-web/test/utils/validator_test.js
----------------------------------------------------------------------
diff --git a/ambari-web/test/utils/validator_test.js b/ambari-web/test/utils/validator_test.js
index f07539d..f542c7a 100644
--- a/ambari-web/test/utils/validator_test.js
+++ b/ambari-web/test/utils/validator_test.js
@@ -480,4 +480,21 @@ describe('validator', function () {
})
});
});
+
+ describe('#isValidLdapsURL()', function() {
+ var tests = [
+ {m: '"" - invalid', i: '', e: false},
+ {m: '"http://example.com" - invalid', i: 'http://example.com', e: false},
+ {m: '"ldap://example.com" - invalid', i: 'ldap://example.com', e: false},
+ {m: '"ldaps://example.com" - valid', i: 'ldaps://example.com', e: true},
+ {m: '"ldaps://example.com:636" - valid', i: 'ldaps://example.com:636', e: true},
+ {m: '"ldaps://example.com:636/path" - valid', i: 'ldaps://example.com:636/path', e: true},
+ {m: '"ldaps://example.com:6eeee36/path" - valid', i: 'ldaps://example.com:6eee36/path', e: false}
+ ];
+ tests.forEach(function(test) {
+ it(test.m + ' ', function () {
+ expect(validator.isValidLdapsURL(test.i)).to.equal(test.e);
+ })
+ });
+ });
});