You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by ro...@apache.org on 2018/01/26 12:03:16 UTC
[cloudstack] branch 4.11 updated: CLOUDSTACK-10239: Fallback to
default provider if needed (#2430)
This is an automated email from the ASF dual-hosted git repository.
rohit pushed a commit to branch 4.11
in repository https://gitbox.apache.org/repos/asf/cloudstack.git
The following commit(s) were added to refs/heads/4.11 by this push:
new 6aadbc5 CLOUDSTACK-10239: Fallback to default provider if needed (#2430)
6aadbc5 is described below
commit 6aadbc521950964b86d2912c874800cead1b7496
Author: dahn <da...@gmail.com>
AuthorDate: Fri Jan 26 12:03:11 2018 +0000
CLOUDSTACK-10239: Fallback to default provider if needed (#2430)
Fallback to default provider if needed.
---
.../apache/cloudstack/api/command/LinkDomainToLdapCmd.java | 4 ++--
.../src/org/apache/cloudstack/ldap/LdapContextFactory.java | 11 +++++++----
.../ldap/src/org/apache/cloudstack/ldap/LdapManager.java | 1 -
.../ldap/src/org/apache/cloudstack/ldap/LdapManagerImpl.java | 7 ++++---
.../cloudstack/api/command/LdapCreateAccountCmdTest.java | 4 ++--
5 files changed, 15 insertions(+), 12 deletions(-)
diff --git a/plugins/user-authenticators/ldap/src/org/apache/cloudstack/api/command/LinkDomainToLdapCmd.java b/plugins/user-authenticators/ldap/src/org/apache/cloudstack/api/command/LinkDomainToLdapCmd.java
index 0014095..a64193a 100644
--- a/plugins/user-authenticators/ldap/src/org/apache/cloudstack/api/command/LinkDomainToLdapCmd.java
+++ b/plugins/user-authenticators/ldap/src/org/apache/cloudstack/api/command/LinkDomainToLdapCmd.java
@@ -54,11 +54,11 @@ public class LinkDomainToLdapCmd extends BaseCmd {
@Parameter(name = ApiConstants.TYPE, type = CommandType.STRING, required = true, description = "type of the ldap name. GROUP or OU")
private String type;
- @Parameter(name = ApiConstants.LDAP_DOMAIN, type = CommandType.STRING, required = true, description = "name of the group or OU in LDAP")
+ @Parameter(name = ApiConstants.LDAP_DOMAIN, type = CommandType.STRING, required = false, description = "name of the group or OU in LDAP")
private String ldapDomain;
@Deprecated
- @Parameter(name = ApiConstants.NAME, type = CommandType.STRING, required = true, description = "name of the group or OU in LDAP")
+ @Parameter(name = ApiConstants.NAME, type = CommandType.STRING, required = false, description = "name of the group or OU in LDAP")
private String name;
@Parameter(name = ApiConstants.ADMIN, type = CommandType.STRING, required = false, description = "domain admin username in LDAP ")
diff --git a/plugins/user-authenticators/ldap/src/org/apache/cloudstack/ldap/LdapContextFactory.java b/plugins/user-authenticators/ldap/src/org/apache/cloudstack/ldap/LdapContextFactory.java
index b141f05..70f7a56 100644
--- a/plugins/user-authenticators/ldap/src/org/apache/cloudstack/ldap/LdapContextFactory.java
+++ b/plugins/user-authenticators/ldap/src/org/apache/cloudstack/ldap/LdapContextFactory.java
@@ -25,6 +25,7 @@ import javax.naming.NamingException;
import javax.naming.ldap.InitialLdapContext;
import javax.naming.ldap.LdapContext;
+import org.apache.commons.lang3.StringUtils;
import org.apache.log4j.Logger;
public class LdapContextFactory {
@@ -40,12 +41,10 @@ public class LdapContextFactory {
_ldapConfiguration = ldapConfiguration;
}
- // TODO add optional domain (optional only for backwards compatibility)
public LdapContext createBindContext(Long domainId) throws NamingException, IOException {
return createBindContext(null, domainId);
}
- // TODO add optional domain (optional only for backwards compatibility)
public LdapContext createBindContext(final String providerUrl, Long domainId) throws NamingException, IOException {
final String bindPrincipal = _ldapConfiguration.getBindPrincipal(domainId);
final String bindPassword = _ldapConfiguration.getBindPassword(domainId);
@@ -80,9 +79,13 @@ public class LdapContextFactory {
private Hashtable<String, String> getEnvironment(final String principal, final String password, final String providerUrl, final boolean isSystemContext, Long domainId) {
final String factory = _ldapConfiguration.getFactory();
- final String url = providerUrl == null ? _ldapConfiguration.getProviderUrl(domainId) : providerUrl;
+ String url = providerUrl == null ? _ldapConfiguration.getProviderUrl(domainId) : providerUrl;
+ if (StringUtils.isEmpty(url) && domainId != null) {
+ //try a default ldap implementation
+ url = _ldapConfiguration.getProviderUrl(null);
+ }
- final Hashtable<String, String> environment = new Hashtable<String, String>();
+ final Hashtable<String, String> environment = new Hashtable<>();
environment.put(Context.INITIAL_CONTEXT_FACTORY, factory);
environment.put(Context.PROVIDER_URL, url);
diff --git a/plugins/user-authenticators/ldap/src/org/apache/cloudstack/ldap/LdapManager.java b/plugins/user-authenticators/ldap/src/org/apache/cloudstack/ldap/LdapManager.java
index 002242c..2dceae1 100644
--- a/plugins/user-authenticators/ldap/src/org/apache/cloudstack/ldap/LdapManager.java
+++ b/plugins/user-authenticators/ldap/src/org/apache/cloudstack/ldap/LdapManager.java
@@ -52,7 +52,6 @@ public interface LdapManager extends PluggableService {
@Deprecated
LdapConfigurationResponse deleteConfiguration(String hostname, int port, Long domainId) throws InvalidParameterValueException;
- // TODO username is only unique withing domain scope (add domain id to call)
LdapUser getUser(final String username, Long domainId) throws NoLdapUserMatchingQueryException;
LdapUser getUser(String username, String type, String name, Long domainId) throws NoLdapUserMatchingQueryException;
diff --git a/plugins/user-authenticators/ldap/src/org/apache/cloudstack/ldap/LdapManagerImpl.java b/plugins/user-authenticators/ldap/src/org/apache/cloudstack/ldap/LdapManagerImpl.java
index b82231c..547c10b 100644
--- a/plugins/user-authenticators/ldap/src/org/apache/cloudstack/ldap/LdapManagerImpl.java
+++ b/plugins/user-authenticators/ldap/src/org/apache/cloudstack/ldap/LdapManagerImpl.java
@@ -313,7 +313,7 @@ public class LdapManagerImpl implements LdapManager, LdapValidator {
@Override
public LinkDomainToLdapResponse linkDomainToLdap(LinkDomainToLdapCmd cmd) {
- Validate.isTrue(_ldapConfiguration.getBaseDn(cmd.getDomainId()) == null, "can not configure an ldap server and an ldap group/ou to a domain");
+ Validate.isTrue(_ldapConfiguration.getBaseDn(cmd.getDomainId()) == null, "can not link a domain unless a basedn is configured for it.");
Validate.notEmpty(cmd.getLdapDomain(), "ldapDomain cannot be empty, please supply a GROUP or OU name");
return linkDomainToLdap(cmd.getDomainId(),cmd.getType(),cmd.getLdapDomain(),cmd.getAccountType());
}
@@ -356,8 +356,9 @@ public class LdapManagerImpl implements LdapManager, LdapValidator {
return _ldapTrustMapDao.findGroupInDomain(domainId, group);
}
- @Override public LinkAccountToLdapResponse linkAccountToLdap(LinkAccountToLdapCmd cmd) {
- Validate.notNull(_ldapConfiguration.getBaseDn(cmd.getDomainId()), "can not configure an ldap server and an ldap group/ou to a domain");
+ @Override
+ public LinkAccountToLdapResponse linkAccountToLdap(LinkAccountToLdapCmd cmd) {
+ Validate.notNull(_ldapConfiguration.getBaseDn(cmd.getDomainId()), "can not link an account to ldap in a domain for which no basdn is configured");
Validate.notNull(cmd.getDomainId(), "domainId cannot be null.");
Validate.notEmpty(cmd.getAccountName(), "accountName cannot be empty.");
Validate.notEmpty(cmd.getLdapDomain(), "ldapDomain cannot be empty, please supply a GROUP or OU name");
diff --git a/plugins/user-authenticators/ldap/test/org/apache/cloudstack/api/command/LdapCreateAccountCmdTest.java b/plugins/user-authenticators/ldap/test/org/apache/cloudstack/api/command/LdapCreateAccountCmdTest.java
index a4eccbf..55d7f62 100644
--- a/plugins/user-authenticators/ldap/test/org/apache/cloudstack/api/command/LdapCreateAccountCmdTest.java
+++ b/plugins/user-authenticators/ldap/test/org/apache/cloudstack/api/command/LdapCreateAccountCmdTest.java
@@ -62,10 +62,10 @@ public class LdapCreateAccountCmdTest implements LdapConfigurationChanger {
}
@Test(expected = ServerApiException.class)
- public void failedCreationDueToANullResponseFromCloudstackAccountCreater() throws Exception {
+ public void failedCreationDueToANullResponseFromCloudstackAccountCreator() throws Exception {
// We have an LdapManager, AccountService and LdapCreateAccountCmd
LdapUser mrMurphy = new LdapUser("rmurphy", "rmurphy@cloudstack.org", "Ryan", "Murphy", "cn=rmurphy,ou=engineering,dc=cloudstack,dc=org", "engineering", false, null);
- when(ldapManager.getUser(anyString(), isNull(Long.class))).thenReturn(mrMurphy);
+ when(ldapManager.getUser(anyString(), isNull(Long.class))).thenReturn(mrMurphy).thenReturn(mrMurphy);
ldapCreateAccountCmd.execute();
fail("An exception should have been thrown: " + ServerApiException.class);
}
--
To stop receiving notification emails like this one, please contact
rohit@apache.org.