You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@griffin.apache.org by gu...@apache.org on 2017/09/30 09:37:35 UTC
incubator-griffin git commit: add login module
Repository: incubator-griffin
Updated Branches:
refs/heads/master 4aa6f7799 -> 0a3de7532
add login module
Author: hwang19 <hw...@ebay.com>
Closes #124 from whhe/master.
Project: http://git-wip-us.apache.org/repos/asf/incubator-griffin/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-griffin/commit/0a3de753
Tree: http://git-wip-us.apache.org/repos/asf/incubator-griffin/tree/0a3de753
Diff: http://git-wip-us.apache.org/repos/asf/incubator-griffin/diff/0a3de753
Branch: refs/heads/master
Commit: 0a3de7532697ac47de62643dc69bb629d04af243
Parents: 4aa6f77
Author: hwang19 <hw...@ebay.com>
Authored: Sat Sep 30 17:37:26 2017 +0800
Committer: Lionel Liu <bh...@163.com>
Committed: Sat Sep 30 17:37:26 2017 +0800
----------------------------------------------------------------------
.../griffin/core/login/LoginController.java | 48 ++++++
.../apache/griffin/core/login/LoginService.java | 35 +++++
.../griffin/core/login/LoginServiceImpl.java | 153 +++++++++++++++++++
.../src/main/resources/application.properties | 12 +-
4 files changed, 247 insertions(+), 1 deletion(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-griffin/blob/0a3de753/service/src/main/java/org/apache/griffin/core/login/LoginController.java
----------------------------------------------------------------------
diff --git a/service/src/main/java/org/apache/griffin/core/login/LoginController.java b/service/src/main/java/org/apache/griffin/core/login/LoginController.java
new file mode 100644
index 0000000..7a5f5af
--- /dev/null
+++ b/service/src/main/java/org/apache/griffin/core/login/LoginController.java
@@ -0,0 +1,48 @@
+/*
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied. See the License for the
+specific language governing permissions and limitations
+under the License.
+*/
+
+package org.apache.griffin.core.login;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.core.env.Environment;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.*;
+
+import java.util.HashMap;
+import java.util.Map;
+
+@RestController
+@RequestMapping("/api/v1/login")
+public class LoginController {
+ private static final Logger LOGGER = LoggerFactory.getLogger(LoginController.class);
+
+ @Autowired
+ private LoginService loginService;
+
+ @Autowired
+ private Environment env;
+
+ @RequestMapping(value = "/authenticate", method = RequestMethod.POST)
+ public ResponseEntity<Map<String, Object>> login(@RequestBody Map<String, String> map) {
+ return loginService.login(map);
+ }
+}
http://git-wip-us.apache.org/repos/asf/incubator-griffin/blob/0a3de753/service/src/main/java/org/apache/griffin/core/login/LoginService.java
----------------------------------------------------------------------
diff --git a/service/src/main/java/org/apache/griffin/core/login/LoginService.java b/service/src/main/java/org/apache/griffin/core/login/LoginService.java
new file mode 100644
index 0000000..83b9c48
--- /dev/null
+++ b/service/src/main/java/org/apache/griffin/core/login/LoginService.java
@@ -0,0 +1,35 @@
+/*
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied. See the License for the
+specific language governing permissions and limitations
+under the License.
+*/
+
+package org.apache.griffin.core.login;
+
+import org.springframework.http.ResponseEntity;
+
+import java.util.Map;
+
+public interface LoginService {
+
+ public ResponseEntity<Map<String, Object>> login(Map<String, String> map);
+
+ public ResponseEntity<Map<String, Object>> loginDefault(Map<String, String> map);
+
+ public ResponseEntity<Map<String, Object>> loginLDAP(Map<String, String> map);
+
+
+}
http://git-wip-us.apache.org/repos/asf/incubator-griffin/blob/0a3de753/service/src/main/java/org/apache/griffin/core/login/LoginServiceImpl.java
----------------------------------------------------------------------
diff --git a/service/src/main/java/org/apache/griffin/core/login/LoginServiceImpl.java b/service/src/main/java/org/apache/griffin/core/login/LoginServiceImpl.java
new file mode 100644
index 0000000..7598feb
--- /dev/null
+++ b/service/src/main/java/org/apache/griffin/core/login/LoginServiceImpl.java
@@ -0,0 +1,153 @@
+/*
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied. See the License for the
+specific language governing permissions and limitations
+under the License.
+*/
+
+package org.apache.griffin.core.login;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.core.env.Environment;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseEntity;
+import org.springframework.stereotype.Service;
+
+import javax.naming.Context;
+import javax.naming.NamingEnumeration;
+import javax.naming.NamingException;
+import javax.naming.directory.Attributes;
+import javax.naming.directory.SearchControls;
+import javax.naming.directory.SearchResult;
+import javax.naming.ldap.InitialLdapContext;
+import javax.naming.ldap.LdapContext;
+import java.util.*;
+
+@Service
+public class LoginServiceImpl implements LoginService {
+ private static final Logger LOGGER = LoggerFactory.getLogger(LoginServiceImpl.class);
+
+ @Autowired
+ private Environment env;
+
+ @Override
+ public ResponseEntity<Map<String, Object>> login(Map<String, String> map){
+ String strategy = env.getProperty("login.strategy");
+ switch (strategy){
+ case "ldap": return loginLDAP(map);
+ case "default":return loginDefault(map);
+ default: {
+ LOGGER.error("Missing login strategy configuration");
+ return new ResponseEntity<Map<String, Object>>(new HashMap<String,Object>(), HttpStatus.NOT_FOUND);
+ }
+ }
+ }
+
+ @Override
+ public ResponseEntity<Map<String, Object>> loginDefault(Map<String, String> map){
+ String username = map.get("username");
+ String password = map.get("password");
+ if(username == null || password == null){
+ LOGGER.error("Missing default login input");
+ return null;
+ }
+ String fullName = null;
+ if(username.equals("user")){
+ if(password.equals("test")){
+ fullName = "Default";
+ }
+ }
+ return getResponse(username, fullName);
+ }
+
+ @Override
+ public ResponseEntity<Map<String, Object>> loginLDAP(Map<String, String> map) {
+ String ntAccount = map.get("username");
+ String password = map.get("password");
+ if(ntAccount == null || password == null){
+ LOGGER.error("Missing ldap login input");
+ return null;
+ }
+ String fullName = searchLDAP(ntAccount, password);
+ return getResponse(ntAccount, fullName);
+ }
+
+ private String searchLDAP(String ntAccount, String password){
+ String domainComponent = env.getProperty("ldap.dc");
+ Hashtable<String, String> ht = getLDAPEnvironmrnt(ntAccount, password);
+ if(domainComponent == null || ht == null){
+ return null;
+ }
+ LdapContext ctx;
+ try {
+ String searchFilter = "(sAMAccountName=" + ntAccount + ")";
+ SearchControls searchControls = new SearchControls();
+ searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE);
+ ctx = new InitialLdapContext(ht, null);
+ NamingEnumeration<SearchResult> results = ctx.search(domainComponent, searchFilter, searchControls);
+ String fullName = ntAccount;
+ SearchResult searchResult = null;
+ while (results.hasMoreElements()) {
+ searchResult = results.nextElement();
+ Attributes attrs = searchResult.getAttributes();
+ if (attrs != null && attrs.get("cn") != null) {
+ String cnName = (String) attrs.get("cn").get();
+ if(cnName.indexOf("(") > 0){
+ fullName = cnName.substring(0, cnName.indexOf("("));
+ }
+ }
+ }
+ return fullName;
+ } catch (NamingException e) {
+ LOGGER.info("Failed to login with LDAP auth");
+ }
+ return null;
+ }
+
+ private Hashtable<String, String> getLDAPEnvironmrnt(String ntAccount, String password){
+ String ldapUrl = env.getProperty("ldap.url");
+ String domain = env.getProperty("ldap.domain");
+ String connectTimeout = env.getProperty("ldap.connect-timeout");
+ String readTimeout = env.getProperty("ldap.read-timeout");
+ if(ldapUrl == null || domain == null ||connectTimeout == null || readTimeout == null){
+ LOGGER.error("Missing ldap properties");
+ return null;
+ }
+ String ldapUser = ntAccount + "@" + domain;
+ String ldapFactory = "com.sun.jndi.ldap.LdapCtxFactory";
+ Hashtable<String, String> ht = new Hashtable<String, String>();
+ ht.put(Context.INITIAL_CONTEXT_FACTORY, ldapFactory);
+ ht.put("com.sun.jndi.ldap.connect.timeout", connectTimeout);
+ ht.put("com.sun.jndi.ldap.read.timeout", readTimeout);
+ ht.put(Context.PROVIDER_URL, ldapUrl);
+ ht.put(Context.SECURITY_PRINCIPAL, ldapUser);
+ ht.put(Context.SECURITY_CREDENTIALS, password);
+ return ht;
+ }
+
+ private ResponseEntity<Map<String,Object>> getResponse(String ntAccount, String fullName){
+ Map<String,Object> message = new HashMap<String,Object>();
+ if(fullName!=null){
+ message.put("ntAccount", ntAccount);
+ message.put("fullName", fullName);
+ message.put("status", 0);
+ return new ResponseEntity<Map<String, Object>>(message, HttpStatus.OK);
+ }else {
+ return new ResponseEntity<Map<String, Object>>(message, HttpStatus.NOT_FOUND);
+ }
+ }
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/incubator-griffin/blob/0a3de753/service/src/main/resources/application.properties
----------------------------------------------------------------------
diff --git a/service/src/main/resources/application.properties b/service/src/main/resources/application.properties
index 802c270..2a579e3 100644
--- a/service/src/main/resources/application.properties
+++ b/service/src/main/resources/application.properties
@@ -42,4 +42,14 @@ kafka.schema.registry.url = http://localhost:8081
jobInstance.fixedDelay.in.milliseconds=60000
# spring cache
-cache.evict.hive.fixedRate.in.milliseconds=900000
\ No newline at end of file
+cache.evict.hive.fixedRate.in.milliseconds=900000
+
+#login strategy
+login.strategy = default
+
+#ldap
+ldap.url=ldap://<ldap url>
+ldap.domain=<account domain>
+ldap.dc=<domain components config>
+ldap.connect-timeout=<connect timeout config>
+ldap.read-timeout=<read timeout config>