You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by sm...@apache.org on 2019/04/16 22:34:38 UTC
[directory-fortress-core] branch FC-267 updated: FC-267 - New
Configuration entity
This is an automated email from the ASF dual-hosted git repository.
smckinney pushed a commit to branch FC-267
in repository https://gitbox.apache.org/repos/asf/directory-fortress-core.git
The following commit(s) were added to refs/heads/FC-267 by this push:
new 24f5eec FC-267 - New Configuration entity
24f5eec is described below
commit 24f5eecf5f44a60996bca5338eb4bf802f871c22
Author: Shawn McKinney <sm...@apache.org>
AuthorDate: Tue Apr 16 17:34:33 2019 -0500
FC-267 - New Configuration entity
---
ldap/schema/fortress.schema | 22 ++++++++
ldap/setup/refreshLDAPData-src.xml | 2 +
.../apache/directory/fortress/core/ConfigMgr.java | 48 ++++++++++++-----
.../directory/fortress/core/GlobalErrIds.java | 5 ++
.../apache/directory/fortress/core/GlobalIds.java | 60 ++++++----------------
.../directory/fortress/core/ConfigMgrConsole.java | 8 +--
6 files changed, 85 insertions(+), 60 deletions(-)
diff --git a/ldap/schema/fortress.schema b/ldap/schema/fortress.schema
index 58ca495..d0c1dea 100644
--- a/ldap/schema/fortress.schema
+++ b/ldap/schema/fortress.schema
@@ -343,6 +343,17 @@ attributetype ( ftAtId:38
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
+
+# Builtin:
+#attributetype ( 1.3.6.1.1.1.1.1 NAME 'gidNumber'
+# DESC 'An integer uniquely identifying a group in an
+# administrative domain'
+# EQUALITY integerMatch
+# SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
+# SINGLE-VALUE )
+
+
+
######################################################################
## 2. Apache Fortress Structural object class definitions
######################################################################
@@ -573,3 +584,14 @@ objectclass ( ftAxId:4
ftModId
)
)
+
+## AC5: Fortress RFC2307 Auxiliary Object Class
+objectclass ( ftAxId:5
+ NAME 'ftConfig'
+ DESC 'Fortress Config Properties'
+ AUXILIARY
+ MUST (
+ gidNumber $
+ uidNumber
+ )
+ )
diff --git a/ldap/setup/refreshLDAPData-src.xml b/ldap/setup/refreshLDAPData-src.xml
index a3ebc99..93ca919 100755
--- a/ldap/setup/refreshLDAPData-src.xml
+++ b/ldap/setup/refreshLDAPData-src.xml
@@ -73,6 +73,8 @@
<addconfig>
<config props="config.realm:DEFAULT"/>
+ <config props="config.gid.number:10000"/>
+ <config props="config.uid.number:20000"/>
<config props="user.session.props.enabled:false"/>
<config props="authn.type:default"/>
<config props="clientside.sorting:true"/>
diff --git a/src/main/java/org/apache/directory/fortress/core/ConfigMgr.java b/src/main/java/org/apache/directory/fortress/core/ConfigMgr.java
index 17e43ff..b9837ad 100755
--- a/src/main/java/org/apache/directory/fortress/core/ConfigMgr.java
+++ b/src/main/java/org/apache/directory/fortress/core/ConfigMgr.java
@@ -21,6 +21,8 @@ package org.apache.directory.fortress.core;
+import org.apache.directory.fortress.core.model.Configuration;
+
import java.util.Properties;
@@ -41,28 +43,48 @@ public interface ConfigMgr
{
/**
* Create a new cfg node with given name and properties. The name is required. If node already exists,
- * a {@link org.apache.directory.fortress.core.SecurityException} with error
+ * {@link org.apache.directory.fortress.core.SecurityException} with error
* {@link org.apache.directory.fortress.core.GlobalErrIds#FT_CONFIG_ALREADY_EXISTS} will be thrown.
+ * <h4>required parameters</h4>
+ * <ul>
+ * <li>{@link Configuration#name} - contains the name of new object being added</li>
+ * </ul>
+ * <h4>optional parameters</h4>
+ * <ul>
+ * <li>{@link Configuration#props} - List of name / value pairs corresponding to fortress configuration entries.</li>
+ * <li>{@link Configuration#uidNumber} - String containing valid integer value for sequence number</li>
+ * <li>{@link Configuration#gidNumber} - String containing valid integer value for sequence number</li>
+ * <li>
+ * </ul>
*
- * @param name attribute is required and maps to 'cn' attribute in 'device' object class.
- * @param inProps contains {@link Properties} with list of name/value pairs to add to existing config node.
- * @return {@link Properties} containing the collection of name/value pairs just added.
+ * @param cfg contains the name and optional attributes.
+ * @return {@link Configuration} - contains the configuration entity that was added.
* @throws org.apache.directory.fortress.core.SecurityException in the event entry already present or other system error.
*/
- Properties add( String name, Properties inProps ) throws SecurityException;
+ Configuration add(Configuration cfg) throws SecurityException;
/**
- * Update existing cfg node with additional properties, or, replace existing properties. The name is required.
- * If node does not exist, a {@link org.apache.directory.fortress.core.SecurityException} with error
+ * Update existing cfg node with additional properties, or, replace existing properties. The name is required.
+ * If node does not exist, a {@link org.apache.directory.fortress.core.SecurityException} with error
* {@link org.apache.directory.fortress.core.GlobalErrIds#FT_CONFIG_NOT_FOUND} will be thrown.
+ * <h4>required parameters</h4>
+ * <ul>
+ * <li>{@link Configuration#name} - contains the name of new object being added</li>
+ * </ul>
+ * <h4>optional parameters</h4>
+ * <ul>
+ * <li>{@link Configuration#props} - List of name / value pairs corresponding to fortress configuration entries.</li>
+ * <li>{@link Configuration#uidNumber} - String containing valid integer value for sequence number</li>
+ * <li>{@link Configuration#gidNumber} - String containing valid integer value for sequence number</li>
+ * <li>
+ * </ul>
*
- * @param name attribute is required and maps to 'cn' attribute in 'device' object class.
- * @param inProps contains {@link Properties} with list of name/value pairs to add or update from existing config node.
- * @return {@link Properties} containing the collection of name/value pairs to be added to existing node.
+ * @param cfg contains the name and optional attributes.
+ * @return {@link Configuration} - contains the configuration entity that was added.
* @throws org.apache.directory.fortress.core.SecurityException in the event entry not present or other system error.
*/
- Properties update( String name, Properties inProps ) throws SecurityException;
+ Configuration update(Configuration cfg) throws SecurityException;
/**
@@ -106,9 +128,9 @@ public interface ConfigMgr
* {@link org.apache.directory.fortress.core.GlobalErrIds#FT_CONFIG_NOT_FOUND} will be thrown.
*
* @param name attribute is required and maps to 'cn' attribute in 'device' object class.
- * @return {@link Properties} containing the collection of name/value pairs just added. Maps to 'ftProps' attribute
+ * @return {@link Configuration} containing the collection of name/value pairs present. Maps to 'ftProps' attribute
* in 'ftProperties' object class.
* @throws org.apache.directory.fortress.core.SecurityException in the event entry doesn't exist or other system error.
*/
- Properties read( String name ) throws SecurityException;
+ Configuration read( String name ) throws SecurityException;
}
diff --git a/src/main/java/org/apache/directory/fortress/core/GlobalErrIds.java b/src/main/java/org/apache/directory/fortress/core/GlobalErrIds.java
index 0749bac..f90ea7d 100755
--- a/src/main/java/org/apache/directory/fortress/core/GlobalErrIds.java
+++ b/src/main/java/org/apache/directory/fortress/core/GlobalErrIds.java
@@ -102,6 +102,11 @@ public final class GlobalErrIds
public static final int FT_CONFIG_PROPS_NULL = 110;
/**
+ * The cfg object is required but was passed in null.
+ */
+ public static final int FT_CONFIG_NULL = 111;
+
+ /**
* The config node could not be created on ldap server.
*/
public static final int FT_CONFIG_CREATE_FAILED = 120;
diff --git a/src/main/java/org/apache/directory/fortress/core/GlobalIds.java b/src/main/java/org/apache/directory/fortress/core/GlobalIds.java
index f4f3864..8092864 100755
--- a/src/main/java/org/apache/directory/fortress/core/GlobalIds.java
+++ b/src/main/java/org/apache/directory/fortress/core/GlobalIds.java
@@ -226,9 +226,13 @@ public final class GlobalIds
*/
public static final String FAILED_AUTHZ_INDICATOR = "%failed%";
/**
- * This object class contains Fortress audit contextual information.
+ * This aux object class contains Fortress audit contextual information.
*/
public static final String FT_MODIFIER_AUX_OBJECT_CLASS_NAME = "ftMods";
+ /**
+ * This aux object class allows requires uidNumber and gidNumber.
+ */
+ public static final String FT_RFC2307_AUX_OBJECT_CLASS_NAME = "ftConfig";
/**
* The ftModifier contains the internalUserId of administrator who performed action.
@@ -339,56 +343,14 @@ public final class GlobalIds
*/
public static final String TYPE = "ftType";
-/*
- */
-/**
- * Begin RF2307 properties...
- *//*
-
- */
-/**
- * Is RF2307 enabled? Set to 'true'.
- *//*
-
- public static final String RFC_2307_PROP_NM = "rfc2307";
-
- */
-/**
- * RF2307bis uses groupOfNames but could be different.
- *//*
-
- public static final String RFC_2307_GROUP_PROP_NM = "rfc2307.group";
-
- */
-/**
- * RF2307bis specifies memberuid.
- *//*
-
- public static final String RFC_2307_GROUP_MEMBER_PROP_NM = "rfc2307.group.member";
-
- */
-/**
- * RF2307bis specifies memberOf
- *//*
-
- public static final String RFC_2307_USER_MEMBER_PROP_NM = "rfc2307.user.member";
-
- */
-/**
- * RF2307bis uses this for users:
- *//*
-
- public static final String RFC2307_USER_OBJECT_CLASS_NM = "posixAccount";
-*/
/**
- * RF2307bis uses this for groups:
+ * RF2307bis uses these on users and roles:
*/
public static final String RFC2307_PROP = "rfc2307";
public static final String GID_NUMBER = "gidNumber";
public static final String UID_NUMBER = "uidNumber";
-
/*
* *************************************************************************
* ** RBAC Entity maximum length constants
@@ -523,6 +485,16 @@ public final class GlobalIds
public static final String CONFIG_REALM = "config.realm";
/**
+ * This config is used to retrieve uidNumber from property list during file load.
+ */
+ public static final String CONFIG_UID_NUMBER = "config.uid.number";
+
+ /**
+ * This config is used to retrieve uidNumber from property list during file load.
+ */
+ public static final String CONFIG_GID_NUMBER = "config.gid.number";
+
+ /**
* Fortress stores name-value pairs within multi-occurring attributes in ldap. Usually a separator of ':' is used
* format: {@code name:value},
*/
diff --git a/src/test/java/org/apache/directory/fortress/core/ConfigMgrConsole.java b/src/test/java/org/apache/directory/fortress/core/ConfigMgrConsole.java
index 2afc05e..69c4554 100755
--- a/src/test/java/org/apache/directory/fortress/core/ConfigMgrConsole.java
+++ b/src/test/java/org/apache/directory/fortress/core/ConfigMgrConsole.java
@@ -19,6 +19,7 @@
*/
package org.apache.directory.fortress.core;
+import org.apache.directory.fortress.core.model.Configuration;
import org.apache.directory.fortress.core.model.Session;
import java.util.Enumeration;
@@ -72,7 +73,7 @@ class ConfigMgrConsole
String value = ReaderUtil.readLn();
Properties props = new Properties();
props.setProperty(key, value);
- cm.add(realm, props);
+ cm.add(new Configuration(realm, props));
System.out.println("Property successfully added");
System.out.println("ENTER to continue");
}
@@ -96,7 +97,7 @@ class ConfigMgrConsole
String value = ReaderUtil.readLn();
Properties props = new Properties();
props.setProperty(key, value);
- cm.update(realm, props);
+ cm.update(new Configuration(realm, props));
System.out.println("Property successfully updated");
System.out.println("ENTER to continue");
}
@@ -114,7 +115,8 @@ class ConfigMgrConsole
ReaderUtil.clearScreen();
System.out.println("Enter config realm name:");
String realm = ReaderUtil.readLn();
- Properties props = cm.read(realm);
+ Configuration configuration = cm.read(realm);
+ Properties props = configuration.getProperties();
int ctr = 0;
for (Enumeration e = props.propertyNames(); e.hasMoreElements();)
{