You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by sm...@apache.org on 2021/06/30 16:18:57 UTC

[directory-fortress-core] branch FC-238 updated: Start using 2.1.0 api. Del fortress relax control, use the api's.

This is an automated email from the ASF dual-hosted git repository.

smckinney pushed a commit to branch FC-238
in repository https://gitbox.apache.org/repos/asf/directory-fortress-core.git


The following commit(s) were added to refs/heads/FC-238 by this push:
     new 62818e2  Start using 2.1.0 api. Del fortress relax control, use the api's.
62818e2 is described below

commit 62818e2ab8aaa73e5f4b88e1ff7ef589b518da4b
Author: Shawn McKinney <sm...@symas.com>
AuthorDate: Wed Jun 30 11:18:50 2021 -0500

    Start using 2.1.0 api. Del fortress relax control, use the api's.
---
 build-config.xml                                   |  2 -
 build.properties.example                           | 10 ++---
 config/bootstrap/fortress.properties.src           |  2 -
 config/fortress.properties.src                     |  2 -
 pom.xml                                            | 11 ++++-
 slapd.properties.example                           | 10 ++---
 .../fortress/core/ldap/LdapConnectionProvider.java | 12 +-----
 .../fortress/core/ldap/LdapDataProvider.java       |  2 +
 .../directory/fortress/core/ldap/RelaxControl.java | 35 ----------------
 .../fortress/core/ldap/RelaxControlFactory.java    | 47 ----------------------
 .../fortress/core/ldap/RelaxControlImpl.java       | 41 -------------------
 11 files changed, 20 insertions(+), 154 deletions(-)

diff --git a/build-config.xml b/build-config.xml
index 933a5d7..3cf2916 100644
--- a/build-config.xml
+++ b/build-config.xml
@@ -313,7 +313,6 @@
          <replace file="${dst.bootstrap.conf}" token="@VALIDATE_CONN_BORROW@" value="${all.validate.conn.borrow}"/>
          <replace file="${dst.bootstrap.conf}" token="@MAX_CONN_BLOCK@" value="${all.max.conn.block}"/>
          <replace file="${dst.bootstrap.conf}" token="@MAX_CONN_BLOCK_TIME@" value="${all.max.conn.block.time}"/>
-         <replace file="${dst.bootstrap.conf}" token="@REGISTER_RELAX_CONTROL@" value="${temp.enable.relax.control}"/>
          <replace file="${dst.bootstrap.conf}" token="@CFG_CRYPTO_PROP@" value="${crypto.prop}"/>
          <replace file="${dst.bootstrap.conf}" token="@SERVER_TYPE@" value="${ldap.server.type}"/>
          <replace file="${dst.bootstrap.conf}" token="@ROLE_OCCUPANTS@" value="${role.occupants}"/>
@@ -355,7 +354,6 @@
          <replace file="${dst.remote.conf}" token="@VALIDATE_CONN_BORROW@" value="${all.validate.conn.borrow}"/>
          <replace file="${dst.remote.conf}" token="@MAX_CONN_BLOCK@" value="${all.max.conn.block}"/>
          <replace file="${dst.remote.conf}" token="@MAX_CONN_BLOCK_TIME@" value="${all.max.conn.block.time}"/>
-         <replace file="${dst.remote.conf}" token="@REGISTER_RELAX_CONTROL@" value="${temp.enable.relax.control}"/>
          <replace file="${dst.remote.conf}" token="@USR_MAX_CONN@" value="${user.max.conn}"/>
          <replace file="${dst.remote.conf}" token="@CFG_CRYPTO_PROP@" value="${crypto.prop}"/>
          <replace file="${dst.remote.conf}" token="@ENABLE_REST@" value="${enable.mgr.impl.rest}"/>
diff --git a/build.properties.example b/build.properties.example
index 268ebeb..8a0ec84 100644
--- a/build.properties.example
+++ b/build.properties.example
@@ -115,15 +115,13 @@ user.min.conn=1
 user.max.conn=10
 
 # Applies to all pools, connection validated on retrieval with dummy ldapsearch. (default is false)
-all.validate.conn.borrow=false
+#all.validate.conn.borrow=false
 # Applies to all pools, connection validated when idle with dummy ldapsearch. (default is false)
-all.validate.conn.idle=false
+#all.validate.conn.idle=false
 # Applies to all pools, when all connections are exhausted will block. (default is true)
-all.max.conn.block=true
+#all.max.conn.block=true
 # Applies to all pools, when all connections are exhausted will block for this many milliseconds. (default is 5000)
-all.max.conn.block.time=5000
-# Set to true if using API 2.0.2 and need relax control (default is false):
-temp.enable.relax.control=false
+#all.max.conn.block.time=5000
 
 ########################################################################
 # 3. GROUP OBJECT CLASS DEFINITIONS
diff --git a/config/bootstrap/fortress.properties.src b/config/bootstrap/fortress.properties.src
index 883f964..824d757 100755
--- a/config/bootstrap/fortress.properties.src
+++ b/config/bootstrap/fortress.properties.src
@@ -60,8 +60,6 @@ validate.conn.idle=@VALIDATE_CONN_IDLE@
 max.conn.block=@MAX_CONN_BLOCK@
 # Applies to all pools, when all connections are exhausted will block for this many milliseconds. (default is 5000)
 max.conn.block.time=@MAX_CONN_BLOCK_TIME@
-# Set to true if using API 2.0.2 and need relax control (default is false):
-enable.relax.control.registration=@REGISTER_RELAX_CONTROL@
 
 validate.conn.borrow=@VALIDATE_CONN_BORROW@
 validate.conn.idle=@VALIDATE_CONN_IDLE@
diff --git a/config/fortress.properties.src b/config/fortress.properties.src
index 9996ec0..852f5d8 100755
--- a/config/fortress.properties.src
+++ b/config/fortress.properties.src
@@ -66,8 +66,6 @@ validate.conn.idle=@VALIDATE_CONN_IDLE@
 max.conn.block=@MAX_CONN_BLOCK@
 # Applies to all pools, when all connections are exhausted will block for this many milliseconds. (default is 5000)
 max.conn.block.time=@MAX_CONN_BLOCK_TIME@
-# Set to true if using API 2.0.2 and need relax control (default is false):
-enable.relax.control.registration=@REGISTER_RELAX_CONTROL@
 
 # These credentials are used for read/write access to all nodes under slapd access log suffix:
 log.admin.user=@LOG_ROOT_DN@
diff --git a/pom.xml b/pom.xml
index c915520..5ec3613 100644
--- a/pom.xml
+++ b/pom.xml
@@ -88,7 +88,7 @@
     <java.version>1.8</java.version>
     <additionalparam>-Xdoclint:none</additionalparam>
     <!-- Jars -->
-    <version.api.all>2.0.2</version.api.all>
+    <version.ldap.api>2.1.0</version.ldap.api>
     <version.apacheds>2.0.0.AM26</version.apacheds>
     <version.accelerator.api>1.0-RC41</version.accelerator.api>
     <version.accelerator.impl>1.0-RC41</version.accelerator.impl>
@@ -135,10 +135,17 @@
     <dependency>
       <groupId>org.apache.directory.api</groupId>
       <artifactId>api-all</artifactId>
-      <version>${version.api.all}</version>
+      <version>${version.ldap.api}</version>
     </dependency>
 
     <dependency>
+      <groupId>org.apache.directory.api</groupId>
+      <artifactId>api-ldap-extras-codec</artifactId>
+      <version>${version.ldap.api}</version>
+    </dependency>
+
+
+    <dependency>
       <groupId>commons-configuration</groupId>
       <artifactId>commons-configuration</artifactId>
       <version>${version.commons.configuration}</version>
diff --git a/slapd.properties.example b/slapd.properties.example
index c3e1baa..415fa7b 100644
--- a/slapd.properties.example
+++ b/slapd.properties.example
@@ -73,15 +73,13 @@ log.min.conn=1
 log.max.conn=3
 
 # Applies to all pools, connection validated on retrieval with dummy ldapsearch. (default is false)
-all.validate.conn.borrow=false
+#all.validate.conn.borrow=false
 # Applies to all pools, connection validated when idle with dummy ldapsearch. (default is false)
-all.validate.conn.idle=false
+#all.validate.conn.idle=false
 # Applies to all pools, when all connections are exhausted will block. (default is true)
-all.max.conn.block=true
+#all.max.conn.block=true
 # Applies to all pools, when all connections are exhausted will block for this many milliseconds. (default is 5000)
-all.max.conn.block.time=5000
-# Set to true if using API 2.0.2 and need relax control (default is false):
-temp.enable.relax.control=false
+#all.max.conn.block.time=5000
 
 #These are passwords used for LDAP audit log service accounts:
 # Audit Pool:
diff --git a/src/main/java/org/apache/directory/fortress/core/ldap/LdapConnectionProvider.java b/src/main/java/org/apache/directory/fortress/core/ldap/LdapConnectionProvider.java
index fa06d12..41760e7 100644
--- a/src/main/java/org/apache/directory/fortress/core/ldap/LdapConnectionProvider.java
+++ b/src/main/java/org/apache/directory/fortress/core/ldap/LdapConnectionProvider.java
@@ -24,10 +24,8 @@ import java.util.List;
 
 import org.apache.commons.lang.StringUtils;
 import org.apache.commons.pool2.PooledObjectFactory;
-import org.apache.directory.api.ldap.codec.api.ControlFactory;
 import org.apache.directory.api.ldap.codec.api.LdapApiService;
 import org.apache.directory.api.ldap.codec.api.LdapApiServiceFactory;
-import org.apache.directory.api.ldap.codec.osgi.DefaultLdapCodecService;
 import org.apache.directory.api.ldap.codec.standalone.StandaloneLdapApiService;
 import org.apache.directory.api.ldap.model.exception.LdapException;
 import org.apache.directory.fortress.core.CfgRuntimeException;
@@ -166,15 +164,7 @@ public class LdapConnectionProvider
         }
         config.setCredentials( adminPw );
 
-        // Register Relax Control:
-        if ( Config.getInstance().getBoolean( "enable.relax.control.registration", false ) )
-        {
-            ControlFactory<RelaxControl> relaxControlFactory = new RelaxControlFactory( new DefaultLdapCodecService() );
-            (new LdapNetworkConnection()).getCodecService().registerRequestControl(relaxControlFactory);
-            LOG.info( "Register RelaxControl" );
-        }
-
-        // TODO: FIXME #4
+        // TODO: FC-295 - Move/Improve RBAC Accelerator Client
         try
         {
             List<String> listExOps = new ArrayList<>();
diff --git a/src/main/java/org/apache/directory/fortress/core/ldap/LdapDataProvider.java b/src/main/java/org/apache/directory/fortress/core/ldap/LdapDataProvider.java
index c041cb0..3ab54c1 100644
--- a/src/main/java/org/apache/directory/fortress/core/ldap/LdapDataProvider.java
+++ b/src/main/java/org/apache/directory/fortress/core/ldap/LdapDataProvider.java
@@ -51,6 +51,8 @@ import org.apache.directory.api.ldap.model.message.*;
 import org.apache.directory.api.ldap.model.message.controls.ProxiedAuthz;
 import org.apache.directory.api.ldap.model.message.controls.ProxiedAuthzImpl;
 import org.apache.directory.api.ldap.model.name.Dn;
+import org.apache.directory.api.ldap.extras.controls.relax.RelaxControlImpl;
+
 import org.apache.directory.fortress.core.GlobalIds;
 import org.apache.directory.fortress.core.model.Constraint;
 import org.apache.directory.fortress.core.model.ConstraintUtil;
diff --git a/src/main/java/org/apache/directory/fortress/core/ldap/RelaxControl.java b/src/main/java/org/apache/directory/fortress/core/ldap/RelaxControl.java
deleted file mode 100644
index 8550e7f..0000000
--- a/src/main/java/org/apache/directory/fortress/core/ldap/RelaxControl.java
+++ /dev/null
@@ -1,35 +0,0 @@
-/*
- *   Licensed to the Apache Software Foundation (ASF) under one
- *   or more contributor license agreements.  See the NOTICE file
- *   distributed with this work for additional information
- *   regarding copyright ownership.  The ASF licenses this file
- *   to you under the Apache License, Version 2.0 (the
- *   "License"); you may not use this file except in compliance
- *   with the License.  You may obtain a copy of the License at
- *
- *     https://www.apache.org/licenses/LICENSE-2.0
- *
- *   Unless required by applicable law or agreed to in writing,
- *   software distributed under the License is distributed on an
- *   "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- *   KIND, either express or implied.  See the License for the
- *   specific language governing permissions and limitations
- *   under the License.
- *
- */
-package org.apache.directory.fortress.core.ldap;
-
-
-import org.apache.directory.api.ldap.model.message.Control;
-
-/**
- * The LDAP Relax Rules Control. It's defined in https://tools.ietf.org/html/draft-zeilenga-ldap-relax-03.
- * This control is sent with every update of pwdPolicySubEntry, pwdAccountLockedTime and pwdReset on user entry.
- *
- * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
- */
-public interface RelaxControl extends Control
-{
-    /** The LDAP Relax Rules Control OID */
-    String OID = "1.3.6.1.4.1.4203.666.5.12";
-}
diff --git a/src/main/java/org/apache/directory/fortress/core/ldap/RelaxControlFactory.java b/src/main/java/org/apache/directory/fortress/core/ldap/RelaxControlFactory.java
deleted file mode 100644
index c8cef82..0000000
--- a/src/main/java/org/apache/directory/fortress/core/ldap/RelaxControlFactory.java
+++ /dev/null
@@ -1,47 +0,0 @@
-/*
- *   Licensed to the Apache Software Foundation (ASF) under one
- *   or more contributor license agreements.  See the NOTICE file
- *   distributed with this work for additional information
- *   regarding copyright ownership.  The ASF licenses this file
- *   to you under the Apache License, Version 2.0 (the
- *   "License"); you may not use this file except in compliance
- *   with the License.  You may obtain a copy of the License at
- *
- *     https://www.apache.org/licenses/LICENSE-2.0
- *
- *   Unless required by applicable law or agreed to in writing,
- *   software distributed under the License is distributed on an
- *   "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- *   KIND, either express or implied.  See the License for the
- *   specific language governing permissions and limitations
- *   under the License.
- *
- */
-package org.apache.directory.fortress.core.ldap;
-
-
-import org.apache.directory.api.ldap.codec.api.AbstractControlFactory;
-import org.apache.directory.api.ldap.codec.api.LdapApiService;
-
-public class RelaxControlFactory extends AbstractControlFactory<RelaxControl>
-{
-    /**
-     * Creates a new instance of ManageDsaITFactory.
-     *
-     * @param codec The LDAP codec
-     */
-    public RelaxControlFactory( LdapApiService codec )
-    {
-        super( codec, RelaxControl.OID );
-    }
-
-
-    /**
-     * {@inheritDoc}
-     */
-    @Override
-    public RelaxControl newControl()
-    {
-        return new RelaxControlImpl();
-    }
-}
diff --git a/src/main/java/org/apache/directory/fortress/core/ldap/RelaxControlImpl.java b/src/main/java/org/apache/directory/fortress/core/ldap/RelaxControlImpl.java
deleted file mode 100644
index db4fe9f..0000000
--- a/src/main/java/org/apache/directory/fortress/core/ldap/RelaxControlImpl.java
+++ /dev/null
@@ -1,41 +0,0 @@
-/*
- *   Licensed to the Apache Software Foundation (ASF) under one
- *   or more contributor license agreements.  See the NOTICE file
- *   distributed with this work for additional information
- *   regarding copyright ownership.  The ASF licenses this file
- *   to you under the Apache License, Version 2.0 (the
- *   "License"); you may not use this file except in compliance
- *   with the License.  You may obtain a copy of the License at
- *
- *     https://www.apache.org/licenses/LICENSE-2.0
- *
- *   Unless required by applicable law or agreed to in writing,
- *   software distributed under the License is distributed on an
- *   "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- *   KIND, either express or implied.  See the License for the
- *   specific language governing permissions and limitations
- *   under the License.
- *
- */
-package org.apache.directory.fortress.core.ldap;
-
-import org.apache.directory.api.ldap.model.message.controls.AbstractControl;
-
-/**
- * The LDAP Relax Rules Control. It's defined in https://tools.ietf.org/html/draft-zeilenga-ldap-relax-03.
- * This control is sent with every update of pwdPolicySubEntry, pwdAccountLockedTime and pwdReset on user entry.
- *
- * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
- */
-public class RelaxControlImpl extends AbstractControl implements RelaxControl
-{
-    public RelaxControlImpl() {
-        super( OID );
-    }
-
-    public RelaxControlImpl(boolean isCritical)
-    {
-        super( OID );
-        this.setCritical(isCritical);
-    }
-}