You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by sm...@apache.org on 2021/06/30 16:18:57 UTC
[directory-fortress-core] branch FC-238 updated: Start using 2.1.0
api. Del fortress relax control, use the api's.
This is an automated email from the ASF dual-hosted git repository.
smckinney pushed a commit to branch FC-238
in repository https://gitbox.apache.org/repos/asf/directory-fortress-core.git
The following commit(s) were added to refs/heads/FC-238 by this push:
new 62818e2 Start using 2.1.0 api. Del fortress relax control, use the api's.
62818e2 is described below
commit 62818e2ab8aaa73e5f4b88e1ff7ef589b518da4b
Author: Shawn McKinney <sm...@symas.com>
AuthorDate: Wed Jun 30 11:18:50 2021 -0500
Start using 2.1.0 api. Del fortress relax control, use the api's.
---
build-config.xml | 2 -
build.properties.example | 10 ++---
config/bootstrap/fortress.properties.src | 2 -
config/fortress.properties.src | 2 -
pom.xml | 11 ++++-
slapd.properties.example | 10 ++---
.../fortress/core/ldap/LdapConnectionProvider.java | 12 +-----
.../fortress/core/ldap/LdapDataProvider.java | 2 +
.../directory/fortress/core/ldap/RelaxControl.java | 35 ----------------
.../fortress/core/ldap/RelaxControlFactory.java | 47 ----------------------
.../fortress/core/ldap/RelaxControlImpl.java | 41 -------------------
11 files changed, 20 insertions(+), 154 deletions(-)
diff --git a/build-config.xml b/build-config.xml
index 933a5d7..3cf2916 100644
--- a/build-config.xml
+++ b/build-config.xml
@@ -313,7 +313,6 @@
<replace file="${dst.bootstrap.conf}" token="@VALIDATE_CONN_BORROW@" value="${all.validate.conn.borrow}"/>
<replace file="${dst.bootstrap.conf}" token="@MAX_CONN_BLOCK@" value="${all.max.conn.block}"/>
<replace file="${dst.bootstrap.conf}" token="@MAX_CONN_BLOCK_TIME@" value="${all.max.conn.block.time}"/>
- <replace file="${dst.bootstrap.conf}" token="@REGISTER_RELAX_CONTROL@" value="${temp.enable.relax.control}"/>
<replace file="${dst.bootstrap.conf}" token="@CFG_CRYPTO_PROP@" value="${crypto.prop}"/>
<replace file="${dst.bootstrap.conf}" token="@SERVER_TYPE@" value="${ldap.server.type}"/>
<replace file="${dst.bootstrap.conf}" token="@ROLE_OCCUPANTS@" value="${role.occupants}"/>
@@ -355,7 +354,6 @@
<replace file="${dst.remote.conf}" token="@VALIDATE_CONN_BORROW@" value="${all.validate.conn.borrow}"/>
<replace file="${dst.remote.conf}" token="@MAX_CONN_BLOCK@" value="${all.max.conn.block}"/>
<replace file="${dst.remote.conf}" token="@MAX_CONN_BLOCK_TIME@" value="${all.max.conn.block.time}"/>
- <replace file="${dst.remote.conf}" token="@REGISTER_RELAX_CONTROL@" value="${temp.enable.relax.control}"/>
<replace file="${dst.remote.conf}" token="@USR_MAX_CONN@" value="${user.max.conn}"/>
<replace file="${dst.remote.conf}" token="@CFG_CRYPTO_PROP@" value="${crypto.prop}"/>
<replace file="${dst.remote.conf}" token="@ENABLE_REST@" value="${enable.mgr.impl.rest}"/>
diff --git a/build.properties.example b/build.properties.example
index 268ebeb..8a0ec84 100644
--- a/build.properties.example
+++ b/build.properties.example
@@ -115,15 +115,13 @@ user.min.conn=1
user.max.conn=10
# Applies to all pools, connection validated on retrieval with dummy ldapsearch. (default is false)
-all.validate.conn.borrow=false
+#all.validate.conn.borrow=false
# Applies to all pools, connection validated when idle with dummy ldapsearch. (default is false)
-all.validate.conn.idle=false
+#all.validate.conn.idle=false
# Applies to all pools, when all connections are exhausted will block. (default is true)
-all.max.conn.block=true
+#all.max.conn.block=true
# Applies to all pools, when all connections are exhausted will block for this many milliseconds. (default is 5000)
-all.max.conn.block.time=5000
-# Set to true if using API 2.0.2 and need relax control (default is false):
-temp.enable.relax.control=false
+#all.max.conn.block.time=5000
########################################################################
# 3. GROUP OBJECT CLASS DEFINITIONS
diff --git a/config/bootstrap/fortress.properties.src b/config/bootstrap/fortress.properties.src
index 883f964..824d757 100755
--- a/config/bootstrap/fortress.properties.src
+++ b/config/bootstrap/fortress.properties.src
@@ -60,8 +60,6 @@ validate.conn.idle=@VALIDATE_CONN_IDLE@
max.conn.block=@MAX_CONN_BLOCK@
# Applies to all pools, when all connections are exhausted will block for this many milliseconds. (default is 5000)
max.conn.block.time=@MAX_CONN_BLOCK_TIME@
-# Set to true if using API 2.0.2 and need relax control (default is false):
-enable.relax.control.registration=@REGISTER_RELAX_CONTROL@
validate.conn.borrow=@VALIDATE_CONN_BORROW@
validate.conn.idle=@VALIDATE_CONN_IDLE@
diff --git a/config/fortress.properties.src b/config/fortress.properties.src
index 9996ec0..852f5d8 100755
--- a/config/fortress.properties.src
+++ b/config/fortress.properties.src
@@ -66,8 +66,6 @@ validate.conn.idle=@VALIDATE_CONN_IDLE@
max.conn.block=@MAX_CONN_BLOCK@
# Applies to all pools, when all connections are exhausted will block for this many milliseconds. (default is 5000)
max.conn.block.time=@MAX_CONN_BLOCK_TIME@
-# Set to true if using API 2.0.2 and need relax control (default is false):
-enable.relax.control.registration=@REGISTER_RELAX_CONTROL@
# These credentials are used for read/write access to all nodes under slapd access log suffix:
log.admin.user=@LOG_ROOT_DN@
diff --git a/pom.xml b/pom.xml
index c915520..5ec3613 100644
--- a/pom.xml
+++ b/pom.xml
@@ -88,7 +88,7 @@
<java.version>1.8</java.version>
<additionalparam>-Xdoclint:none</additionalparam>
<!-- Jars -->
- <version.api.all>2.0.2</version.api.all>
+ <version.ldap.api>2.1.0</version.ldap.api>
<version.apacheds>2.0.0.AM26</version.apacheds>
<version.accelerator.api>1.0-RC41</version.accelerator.api>
<version.accelerator.impl>1.0-RC41</version.accelerator.impl>
@@ -135,10 +135,17 @@
<dependency>
<groupId>org.apache.directory.api</groupId>
<artifactId>api-all</artifactId>
- <version>${version.api.all}</version>
+ <version>${version.ldap.api}</version>
</dependency>
<dependency>
+ <groupId>org.apache.directory.api</groupId>
+ <artifactId>api-ldap-extras-codec</artifactId>
+ <version>${version.ldap.api}</version>
+ </dependency>
+
+
+ <dependency>
<groupId>commons-configuration</groupId>
<artifactId>commons-configuration</artifactId>
<version>${version.commons.configuration}</version>
diff --git a/slapd.properties.example b/slapd.properties.example
index c3e1baa..415fa7b 100644
--- a/slapd.properties.example
+++ b/slapd.properties.example
@@ -73,15 +73,13 @@ log.min.conn=1
log.max.conn=3
# Applies to all pools, connection validated on retrieval with dummy ldapsearch. (default is false)
-all.validate.conn.borrow=false
+#all.validate.conn.borrow=false
# Applies to all pools, connection validated when idle with dummy ldapsearch. (default is false)
-all.validate.conn.idle=false
+#all.validate.conn.idle=false
# Applies to all pools, when all connections are exhausted will block. (default is true)
-all.max.conn.block=true
+#all.max.conn.block=true
# Applies to all pools, when all connections are exhausted will block for this many milliseconds. (default is 5000)
-all.max.conn.block.time=5000
-# Set to true if using API 2.0.2 and need relax control (default is false):
-temp.enable.relax.control=false
+#all.max.conn.block.time=5000
#These are passwords used for LDAP audit log service accounts:
# Audit Pool:
diff --git a/src/main/java/org/apache/directory/fortress/core/ldap/LdapConnectionProvider.java b/src/main/java/org/apache/directory/fortress/core/ldap/LdapConnectionProvider.java
index fa06d12..41760e7 100644
--- a/src/main/java/org/apache/directory/fortress/core/ldap/LdapConnectionProvider.java
+++ b/src/main/java/org/apache/directory/fortress/core/ldap/LdapConnectionProvider.java
@@ -24,10 +24,8 @@ import java.util.List;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.pool2.PooledObjectFactory;
-import org.apache.directory.api.ldap.codec.api.ControlFactory;
import org.apache.directory.api.ldap.codec.api.LdapApiService;
import org.apache.directory.api.ldap.codec.api.LdapApiServiceFactory;
-import org.apache.directory.api.ldap.codec.osgi.DefaultLdapCodecService;
import org.apache.directory.api.ldap.codec.standalone.StandaloneLdapApiService;
import org.apache.directory.api.ldap.model.exception.LdapException;
import org.apache.directory.fortress.core.CfgRuntimeException;
@@ -166,15 +164,7 @@ public class LdapConnectionProvider
}
config.setCredentials( adminPw );
- // Register Relax Control:
- if ( Config.getInstance().getBoolean( "enable.relax.control.registration", false ) )
- {
- ControlFactory<RelaxControl> relaxControlFactory = new RelaxControlFactory( new DefaultLdapCodecService() );
- (new LdapNetworkConnection()).getCodecService().registerRequestControl(relaxControlFactory);
- LOG.info( "Register RelaxControl" );
- }
-
- // TODO: FIXME #4
+ // TODO: FC-295 - Move/Improve RBAC Accelerator Client
try
{
List<String> listExOps = new ArrayList<>();
diff --git a/src/main/java/org/apache/directory/fortress/core/ldap/LdapDataProvider.java b/src/main/java/org/apache/directory/fortress/core/ldap/LdapDataProvider.java
index c041cb0..3ab54c1 100644
--- a/src/main/java/org/apache/directory/fortress/core/ldap/LdapDataProvider.java
+++ b/src/main/java/org/apache/directory/fortress/core/ldap/LdapDataProvider.java
@@ -51,6 +51,8 @@ import org.apache.directory.api.ldap.model.message.*;
import org.apache.directory.api.ldap.model.message.controls.ProxiedAuthz;
import org.apache.directory.api.ldap.model.message.controls.ProxiedAuthzImpl;
import org.apache.directory.api.ldap.model.name.Dn;
+import org.apache.directory.api.ldap.extras.controls.relax.RelaxControlImpl;
+
import org.apache.directory.fortress.core.GlobalIds;
import org.apache.directory.fortress.core.model.Constraint;
import org.apache.directory.fortress.core.model.ConstraintUtil;
diff --git a/src/main/java/org/apache/directory/fortress/core/ldap/RelaxControl.java b/src/main/java/org/apache/directory/fortress/core/ldap/RelaxControl.java
deleted file mode 100644
index 8550e7f..0000000
--- a/src/main/java/org/apache/directory/fortress/core/ldap/RelaxControl.java
+++ /dev/null
@@ -1,35 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * https://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.directory.fortress.core.ldap;
-
-
-import org.apache.directory.api.ldap.model.message.Control;
-
-/**
- * The LDAP Relax Rules Control. It's defined in https://tools.ietf.org/html/draft-zeilenga-ldap-relax-03.
- * This control is sent with every update of pwdPolicySubEntry, pwdAccountLockedTime and pwdReset on user entry.
- *
- * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
- */
-public interface RelaxControl extends Control
-{
- /** The LDAP Relax Rules Control OID */
- String OID = "1.3.6.1.4.1.4203.666.5.12";
-}
diff --git a/src/main/java/org/apache/directory/fortress/core/ldap/RelaxControlFactory.java b/src/main/java/org/apache/directory/fortress/core/ldap/RelaxControlFactory.java
deleted file mode 100644
index c8cef82..0000000
--- a/src/main/java/org/apache/directory/fortress/core/ldap/RelaxControlFactory.java
+++ /dev/null
@@ -1,47 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * https://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.directory.fortress.core.ldap;
-
-
-import org.apache.directory.api.ldap.codec.api.AbstractControlFactory;
-import org.apache.directory.api.ldap.codec.api.LdapApiService;
-
-public class RelaxControlFactory extends AbstractControlFactory<RelaxControl>
-{
- /**
- * Creates a new instance of ManageDsaITFactory.
- *
- * @param codec The LDAP codec
- */
- public RelaxControlFactory( LdapApiService codec )
- {
- super( codec, RelaxControl.OID );
- }
-
-
- /**
- * {@inheritDoc}
- */
- @Override
- public RelaxControl newControl()
- {
- return new RelaxControlImpl();
- }
-}
diff --git a/src/main/java/org/apache/directory/fortress/core/ldap/RelaxControlImpl.java b/src/main/java/org/apache/directory/fortress/core/ldap/RelaxControlImpl.java
deleted file mode 100644
index db4fe9f..0000000
--- a/src/main/java/org/apache/directory/fortress/core/ldap/RelaxControlImpl.java
+++ /dev/null
@@ -1,41 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * https://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.directory.fortress.core.ldap;
-
-import org.apache.directory.api.ldap.model.message.controls.AbstractControl;
-
-/**
- * The LDAP Relax Rules Control. It's defined in https://tools.ietf.org/html/draft-zeilenga-ldap-relax-03.
- * This control is sent with every update of pwdPolicySubEntry, pwdAccountLockedTime and pwdReset on user entry.
- *
- * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
- */
-public class RelaxControlImpl extends AbstractControl implements RelaxControl
-{
- public RelaxControlImpl() {
- super( OID );
- }
-
- public RelaxControlImpl(boolean isCritical)
- {
- super( OID );
- this.setCritical(isCritical);
- }
-}