You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ambari.apache.org by lp...@apache.org on 2017/10/19 12:45:06 UTC
[32/46] ambari git commit: AMBARI-21307 Implemented more detectors. Organized the code
AMBARI-21307 Implemented more detectors. Organized the code
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/92f2cc5b
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/92f2cc5b
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/92f2cc5b
Branch: refs/heads/feature-branch-AMBARI-21307
Commit: 92f2cc5b59fdb4efa8c71d4f55b7709d7ec95525
Parents: b05842b
Author: lpuskas <lp...@apache.org>
Authored: Tue Sep 12 11:58:45 2017 +0200
Committer: lpuskas <lp...@apache.org>
Committed: Thu Oct 19 14:42:00 2017 +0200
----------------------------------------------------------------------
.../server/ldap/AmbariLdapConfiguration.java | 1 +
.../ads/DefaultAttributeDetectionService.java | 134 ++++++++++++++-----
.../ldap/service/ads/ObjectClassDetector.java | 81 -----------
.../ads/OccurranceAndWeightBasedDetector.java | 81 -----------
.../service/ads/UserNameAttributeDetector.java | 75 -----------
.../ads/detectors/GroupMemberAttrDetector.java | 56 ++++++++
.../ads/detectors/GroupNameAttrDetector.java | 61 +++++++++
.../ads/detectors/GroupObjectClassDetector.java | 64 +++++++++
.../OccurranceAndWeightBasedDetector.java | 103 ++++++++++++++
.../detectors/UserGroupMemberAttrDetector.java | 56 ++++++++
.../ads/detectors/UserNameAttrDetector.java | 60 +++++++++
.../ads/detectors/UserObjectClassDetector.java | 64 +++++++++
.../DefaultAttributeDetectionServiceTest.java | 10 +-
13 files changed, 571 insertions(+), 275 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ambari/blob/92f2cc5b/ambari-server/src/main/java/org/apache/ambari/server/ldap/AmbariLdapConfiguration.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/ldap/AmbariLdapConfiguration.java b/ambari-server/src/main/java/org/apache/ambari/server/ldap/AmbariLdapConfiguration.java
index e28c6ed..ebb567d 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/ldap/AmbariLdapConfiguration.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/ldap/AmbariLdapConfiguration.java
@@ -56,6 +56,7 @@ public class AmbariLdapConfiguration {
USER_OBJECT_CLASS("ambari.ldap.attributes.user.object_class"),
USER_NAME_ATTRIBUTE("ambari.ldap.attributes.user.name_attr"),
+ USER_GROUP_MEMBER_ATTRIBUTE("ambari.ldap.attributes.user.group_member_attr"),
USER_SEARCH_BASE("ambari.ldap.attributes.user.search_base"),
GROUP_OBJECT_CLASS("ambari.ldap.attributes.group.object_class"),
http://git-wip-us.apache.org/repos/asf/ambari/blob/92f2cc5b/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/ads/DefaultAttributeDetectionService.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/ads/DefaultAttributeDetectionService.java b/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/ads/DefaultAttributeDetectionService.java
index 710adf1..b3a4fde 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/ads/DefaultAttributeDetectionService.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/ads/DefaultAttributeDetectionService.java
@@ -14,15 +14,18 @@
package org.apache.ambari.server.ldap.service.ads;
-import java.util.Set;
-
import javax.inject.Inject;
import javax.inject.Singleton;
import org.apache.ambari.server.ldap.AmbariLdapConfiguration;
import org.apache.ambari.server.ldap.service.AmbariLdapException;
-import org.apache.ambari.server.ldap.service.AttributeDetector;
import org.apache.ambari.server.ldap.service.LdapAttributeDetectionService;
+import org.apache.ambari.server.ldap.service.ads.detectors.GroupMemberAttrDetector;
+import org.apache.ambari.server.ldap.service.ads.detectors.GroupNameAttrDetector;
+import org.apache.ambari.server.ldap.service.ads.detectors.GroupObjectClassDetector;
+import org.apache.ambari.server.ldap.service.ads.detectors.UserGroupMemberAttrDetector;
+import org.apache.ambari.server.ldap.service.ads.detectors.UserNameAttrDetector;
+import org.apache.ambari.server.ldap.service.ads.detectors.UserObjectClassDetector;
import org.apache.directory.api.ldap.model.cursor.SearchCursor;
import org.apache.directory.api.ldap.model.entry.Entry;
import org.apache.directory.api.ldap.model.message.Response;
@@ -37,24 +40,29 @@ import org.apache.directory.ldap.client.api.search.FilterBuilder;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
-import com.google.common.collect.Sets;
-
@Singleton
public class DefaultAttributeDetectionService implements LdapAttributeDetectionService<LdapConnection> {
private static final Logger LOGGER = LoggerFactory.getLogger(DefaultAttributeDetectionService.class);
private static final int SAMPLE_RESULT_SIZE = 50;
- // ordered list of possible username attribute values (the most significant valus should be first)
- private static final Set<String> USER_OBJECT_CLASS_VALUES = Sets.newHashSet("person", "posixAccount");
- private static final Set<String> USER_GROUP_MEMBER_ATTR_VALUES = Sets.newHashSet("memberOf", "ismemberOf");
+ @Inject
+ private UserNameAttrDetector userNameAttrDetector = new UserNameAttrDetector(); // todo remove instantition
+
+ @Inject
+ private UserObjectClassDetector userObjectClassDetector = new UserObjectClassDetector(); // todo remove instantition
@Inject
- private UserNameAttributeDetector userNameAttrDetector = new UserNameAttributeDetector(); // todo remove instantition
+ private UserGroupMemberAttrDetector userGroupMemberAttrDetector = new UserGroupMemberAttrDetector(); // todo remove instantition
@Inject
- private ObjectClassDetector objectClassDetector = new ObjectClassDetector(); // todo remove instantition
+ private GroupNameAttrDetector groupNameAttrDetector = new GroupNameAttrDetector(); // todo remove instantition
+
+ @Inject
+ private GroupObjectClassDetector groupObjectClassDetector = new GroupObjectClassDetector(); // todo remove instantition
+
+ private GroupMemberAttrDetector groupMemberAttrDetector = new GroupMemberAttrDetector(); // todo remove instantition
@Inject
public DefaultAttributeDetectionService() {
@@ -76,7 +84,7 @@ public class DefaultAttributeDetectionService implements LdapAttributeDetectionS
// todo should the bind operation be done in the facade?
connection.bind(ambariLdapConfiguration.bindDn(), ambariLdapConfiguration.bindPassword());
- SearchRequest searchRequest = assembleSearchRequest(ambariLdapConfiguration);
+ SearchRequest searchRequest = assembleUserSearchRequest(ambariLdapConfiguration);
// do the search
searchCursor = connection.search(searchRequest);
@@ -95,15 +103,19 @@ public class DefaultAttributeDetectionService implements LdapAttributeDetectionS
if (response instanceof SearchResultEntry) {
Entry resultEntry = ((SearchResultEntry) response).getEntry();
- LOGGER.info("Processing sample entry: [{}]", resultEntry.getDn());
+ LOGGER.info("Processing sample entry with dn: [{}]", resultEntry.getDn());
+
userNameAttrDetector.collect(resultEntry);
- objectClassDetector.collect(resultEntry);
+ userObjectClassDetector.collect(resultEntry);
+ userGroupMemberAttrDetector.collect(resultEntry);
+
processedUserCnt++;
}
}
ambariLdapConfiguration.setValueFor(AmbariLdapConfiguration.AmbariLdapConfig.USER_NAME_ATTRIBUTE, userNameAttrDetector.detect());
- ambariLdapConfiguration.setValueFor(AmbariLdapConfiguration.AmbariLdapConfig.USER_OBJECT_CLASS, objectClassDetector.detect());
+ ambariLdapConfiguration.setValueFor(AmbariLdapConfiguration.AmbariLdapConfig.USER_OBJECT_CLASS, userObjectClassDetector.detect());
+ ambariLdapConfiguration.setValueFor(AmbariLdapConfiguration.AmbariLdapConfig.USER_GROUP_MEMBER_ATTRIBUTE, userGroupMemberAttrDetector.detect());
LOGGER.info("Decorated ambari ldap config : [{}]", ambariLdapConfiguration);
@@ -120,25 +132,72 @@ public class DefaultAttributeDetectionService implements LdapAttributeDetectionS
return ambariLdapConfiguration;
}
- private void detectUserAttributes(Entry resultEntry, AttributeDetector attributeDetector) {
- attributeDetector.collect(resultEntry);
+ @Override
+ public AmbariLdapConfiguration detectLdapGroupAttributes(LdapConnection connection, AmbariLdapConfiguration ambariLdapConfiguration) {
+ LOGGER.info("Detecting LDAP group attributes ...");
-// Set<String> objectClasses = detectUserObjectClass(resultEntry);
-// if (!objectClasses.isEmpty()) {
-// ambariLdapConfiguration.setValueFor(AmbariLdapConfiguration.AmbariLdapConfig.USER_OBJECT_CLASS, StringUtils.join(objectClasses, ","));
-// }
+ // perform a search using the user search base
+ if (Strings.isEmpty(ambariLdapConfiguration.groupSearchBase())) {
+ LOGGER.warn("No group search base provided");
+ return ambariLdapConfiguration;
+ }
+ SearchCursor searchCursor = null;
- }
+ try {
+ // todo should the bind operation be done in the facade?
+ connection.bind(ambariLdapConfiguration.bindDn(), ambariLdapConfiguration.bindPassword());
- @Override
- public AmbariLdapConfiguration detectLdapGroupAttributes(LdapConnection connection, AmbariLdapConfiguration ambariLdapConfiguration) {
- LOGGER.info("Detecting LDAP group attributes ...");
- return null;
+ SearchRequest searchRequest = assembleGroupSearchRequest(ambariLdapConfiguration);
+
+ // do the search
+ searchCursor = connection.search(searchRequest);
+
+ int processedGroupCnt = 0;
+
+ while (searchCursor.next()) {
+
+ if (processedGroupCnt >= SAMPLE_RESULT_SIZE) {
+ LOGGER.debug("The maximum number of results for attribute detection has exceeded. Quit detection.");
+ break;
+ }
+
+ Response response = searchCursor.get();
+ // process the SearchResultEntry
+
+ if (response instanceof SearchResultEntry) {
+ Entry resultEntry = ((SearchResultEntry) response).getEntry();
+ LOGGER.info("Processing sample entry with dn: [{}]", resultEntry.getDn());
+
+ groupNameAttrDetector.collect(resultEntry);
+ groupObjectClassDetector.collect(resultEntry);
+ groupMemberAttrDetector.collect(resultEntry);
+
+ processedGroupCnt++;
+ }
+ }
+
+ ambariLdapConfiguration.setValueFor(AmbariLdapConfiguration.AmbariLdapConfig.GROUP_NAME_ATTRIBUTE, groupNameAttrDetector.detect());
+ ambariLdapConfiguration.setValueFor(AmbariLdapConfiguration.AmbariLdapConfig.GROUP_OBJECT_CLASS, groupObjectClassDetector.detect());
+ ambariLdapConfiguration.setValueFor(AmbariLdapConfiguration.AmbariLdapConfig.GROUP_MEMBER_ATTRIBUTE, groupMemberAttrDetector.detect());
+
+ LOGGER.info("Decorated ambari ldap config : [{}]", ambariLdapConfiguration);
+
+ } catch (Exception e) {
+
+ LOGGER.error("Ldap operation failed", e);
+ } finally {
+ // housekeeping
+ if (null != searchCursor) {
+ searchCursor.close();
+ }
+ }
+
+ return ambariLdapConfiguration;
}
- private SearchRequest assembleSearchRequest(AmbariLdapConfiguration ambariLdapConfiguration) throws AmbariLdapException {
+ private SearchRequest assembleUserSearchRequest(AmbariLdapConfiguration ambariLdapConfiguration) throws AmbariLdapException {
try {
SearchRequest req = new SearchRequestImpl();
@@ -157,18 +216,23 @@ public class DefaultAttributeDetectionService implements LdapAttributeDetectionS
}
}
+ private SearchRequest assembleGroupSearchRequest(AmbariLdapConfiguration ambariLdapConfiguration) throws AmbariLdapException {
+ try {
- private Set<String> detectUserObjectClass(Entry entry) {
- LOGGER.info("Detecting user object class. Attributes: {}", entry.getAttributes());
- throw new UnsupportedOperationException("Not yet implemented");
- }
+ SearchRequest req = new SearchRequestImpl();
+ req.setScope(SearchScope.SUBTREE);
+ req.addAttributes("*");
+ req.setTimeLimit(0);
+ req.setBase(new Dn(ambariLdapConfiguration.groupSearchBase()));
+ // the filter must be set!
+ req.setFilter(FilterBuilder.present(ambariLdapConfiguration.dnAttribute()).toString());
- private String detectGroupNameAttribute(Entry entry) {
- throw new UnsupportedOperationException("Not yet implemented");
- }
+ return req;
- private Set<String> detectGroupObjectClass(Entry entry) {
- throw new UnsupportedOperationException("Not yet implemented");
+ } catch (Exception e) {
+ LOGGER.error("Could not assemble ldap search request", e);
+ throw new AmbariLdapException(e);
+ }
}
http://git-wip-us.apache.org/repos/asf/ambari/blob/92f2cc5b/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/ads/ObjectClassDetector.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/ads/ObjectClassDetector.java b/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/ads/ObjectClassDetector.java
deleted file mode 100644
index 2613517..0000000
--- a/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/ads/ObjectClassDetector.java
+++ /dev/null
@@ -1,81 +0,0 @@
-/*
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.ambari.server.ldap.service.ads;
-
-import java.util.Map;
-
-import javax.inject.Inject;
-
-import org.apache.directory.api.ldap.model.entry.Entry;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import com.google.common.collect.Maps;
-
-public class ObjectClassDetector extends OccurranceAndWeightBasedDetector {
-
- private static final Logger LOGGER = LoggerFactory.getLogger(ObjectClassDetector.class);
- private Map<String, Integer> occurranceMap = Maps.newHashMap();
- private Map<String, Integer> weightsMap = Maps.newHashMap();
-
-
- private enum ObjectClassValue {
- PERSON("person", 1),
- POSIX_ACCOUNT("posixAccount", 1);
-
- private String ocVal;
- private Integer weight;
-
- ObjectClassValue(String attr, Integer weght) {
- this.ocVal = attr;
- this.weight = weght;
- }
-
- Integer weight() {
- return this.weight;
- }
-
- String ocVal() {
- return this.ocVal;
- }
-
- }
-
- @Inject
- public ObjectClassDetector() {
- for (ObjectClassValue ocVal : ObjectClassValue.values()) {
- occurranceMap.put(ocVal.ocVal(), 0);
- weightsMap.put(ocVal.ocVal(), ocVal.weight());
- }
-
- }
-
- @Override
- protected Map<String, Integer> occurranceMap() {
- return occurranceMap;
- }
-
- @Override
- protected Map<String, Integer> weightsMap() {
- return weightsMap;
- }
-
- @Override
- protected boolean applies(Entry entry, String value) {
- LOGGER.info("Checking for object class [{}] in entry [{}]", value, entry.getDn());
- return entry.hasObjectClass(value);
- }
-
-}
http://git-wip-us.apache.org/repos/asf/ambari/blob/92f2cc5b/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/ads/OccurranceAndWeightBasedDetector.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/ads/OccurranceAndWeightBasedDetector.java b/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/ads/OccurranceAndWeightBasedDetector.java
deleted file mode 100644
index 32dc238..0000000
--- a/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/ads/OccurranceAndWeightBasedDetector.java
+++ /dev/null
@@ -1,81 +0,0 @@
-/*
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.ambari.server.ldap.service.ads;
-
-import java.util.Map;
-
-import org.apache.ambari.server.ldap.service.AttributeDetector;
-import org.apache.directory.api.ldap.model.entry.Entry;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-public abstract class OccurranceAndWeightBasedDetector implements AttributeDetector<Entry> {
-
- private static final Logger LOGGER = LoggerFactory.getLogger(OccurranceAndWeightBasedDetector.class);
-
- protected abstract Map<String, Integer> occurranceMap();
-
- protected abstract Map<String, Integer> weightsMap();
-
- protected abstract boolean applies(Entry entry, String value);
-
- @Override
- public String detect() {
- Map.Entry<String, Integer> selectedEntry = null;
-
- for (Map.Entry<String, Integer> entry : occurranceMap().entrySet()) {
- if (selectedEntry == null) {
-
- selectedEntry = entry;
- LOGGER.info("Initial name attribute: {}", selectedEntry);
- continue;
-
- }
-
- if (selectedEntry.getValue() < entry.getValue()) {
-
- LOGGER.info("Changing potential name attribute from : [{}] to: [{}]", selectedEntry, entry);
- selectedEntry = entry;
-
- }
- }
- return selectedEntry.getKey();
- }
-
- @Override
- public void collect(Entry entry) {
- LOGGER.info("Detecting ldap attributes/values ...");
-
- for (String attributeValue : occurranceMap().keySet()) {
- if (applies(entry, attributeValue)) {
-
- Integer cnt = occurranceMap().get(attributeValue).intValue();
- if (weightsMap().containsKey(attributeValue)) {
- cnt = cnt + weightsMap().get(attributeValue);
- } else {
- cnt = cnt + 1;
- }
- occurranceMap().put(attributeValue, cnt);
-
- LOGGER.info("Collected potential name attr: {}, count: {}", attributeValue, cnt);
-
- } else {
- LOGGER.info("The result entry doesn't contain the attribute: [{}]", attributeValue);
- }
- }
- }
-
-
-}
http://git-wip-us.apache.org/repos/asf/ambari/blob/92f2cc5b/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/ads/UserNameAttributeDetector.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/ads/UserNameAttributeDetector.java b/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/ads/UserNameAttributeDetector.java
deleted file mode 100644
index bbb4b43..0000000
--- a/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/ads/UserNameAttributeDetector.java
+++ /dev/null
@@ -1,75 +0,0 @@
-/*
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.ambari.server.ldap.service.ads;
-
-import java.util.Map;
-
-import org.apache.directory.api.ldap.model.entry.Entry;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import com.google.common.collect.Maps;
-
-public class UserNameAttributeDetector extends OccurranceAndWeightBasedDetector {
- private static final Logger LOGGER = LoggerFactory.getLogger(UserNameAttributeDetector.class);
-
- private Map<String, Integer> occurranceMap = Maps.newHashMap();
- private Map<String, Integer> weightsMap = Maps.newHashMap();
-
- private enum NameAttrs {
- SAM_ACCOUNT_NAME("sAMAccountName", 5),
- UID("uid", 3),
- CN("cn", 1);
-
- private String attrName;
- private Integer weight;
-
- NameAttrs(String attr, Integer weght) {
- this.attrName = attr;
- this.weight = weght;
- }
-
- Integer weight() {
- return this.weight;
- }
-
- String attrName() {
- return this.attrName;
- }
-
- }
-
- public UserNameAttributeDetector() {
- for (NameAttrs nameAttr : NameAttrs.values()) {
- occurranceMap.put(nameAttr.attrName(), 0);
- weightsMap.put(nameAttr.attrName(), nameAttr.weight());
- }
- }
-
- protected Map<String, Integer> occurranceMap() {
- return occurranceMap;
- }
-
- protected Map<String, Integer> weightsMap() {
- return weightsMap;
- }
-
- @Override
- protected boolean applies(Entry entry, String value) {
- LOGGER.info("Checking for attribute [{}] in entry [{}]", value, entry.getDn());
- return entry.containsAttribute(value);
- }
-
-}
http://git-wip-us.apache.org/repos/asf/ambari/blob/92f2cc5b/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/ads/detectors/GroupMemberAttrDetector.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/ads/detectors/GroupMemberAttrDetector.java b/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/ads/detectors/GroupMemberAttrDetector.java
new file mode 100644
index 0000000..6931736
--- /dev/null
+++ b/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/ads/detectors/GroupMemberAttrDetector.java
@@ -0,0 +1,56 @@
+/*
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ambari.server.ldap.service.ads.detectors;
+
+import org.apache.directory.api.ldap.model.entry.Entry;
+
+public class GroupMemberAttrDetector extends OccurranceAndWeightBasedDetector {
+
+ private enum GroupMemberAttr {
+
+ MEMBER("member", 1),
+ MEMBER_UID("memberUid", 1),
+ UNIQUE_MEMBER("uniqueMember", 1);
+
+ private String attrName;
+ private Integer weight;
+
+ GroupMemberAttr(String attr, Integer weght) {
+ this.attrName = attr;
+ this.weight = weght;
+ }
+
+ Integer weight() {
+ return this.weight;
+ }
+
+ String attrName() {
+ return this.attrName;
+ }
+
+ }
+
+ public GroupMemberAttrDetector() {
+ for (GroupMemberAttr groupMemberAttr : GroupMemberAttr.values()) {
+ occurranceMap().put(groupMemberAttr.attrName(), 0);
+ weightsMap().put(groupMemberAttr.attrName(), groupMemberAttr.weight());
+ }
+ }
+
+ @Override
+ protected boolean applies(Entry entry, String value) {
+ return entry.containsAttribute(value);
+ }
+}
http://git-wip-us.apache.org/repos/asf/ambari/blob/92f2cc5b/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/ads/detectors/GroupNameAttrDetector.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/ads/detectors/GroupNameAttrDetector.java b/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/ads/detectors/GroupNameAttrDetector.java
new file mode 100644
index 0000000..f868383
--- /dev/null
+++ b/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/ads/detectors/GroupNameAttrDetector.java
@@ -0,0 +1,61 @@
+/*
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ambari.server.ldap.service.ads.detectors;
+
+import org.apache.directory.api.ldap.model.entry.Entry;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+public class GroupNameAttrDetector extends OccurranceAndWeightBasedDetector {
+ private static final Logger LOGGER = LoggerFactory.getLogger(UserNameAttrDetector.class);
+
+ private enum GroupNameAttr {
+
+ DISTINGUISHED_NAME("distinguishedName", 1),
+
+ CN("cn", 1);
+
+ private String attrName;
+ private Integer weight;
+
+ GroupNameAttr(String attr, Integer weght) {
+ this.attrName = attr;
+ this.weight = weght;
+ }
+
+ Integer weight() {
+ return this.weight;
+ }
+
+ String attrName() {
+ return this.attrName;
+ }
+
+ }
+
+ public GroupNameAttrDetector() {
+
+ for (GroupNameAttr groupNameAttr : GroupNameAttr.values()) {
+ occurranceMap().put(groupNameAttr.attrName(), 0);
+ weightsMap().put(groupNameAttr.attrName(), groupNameAttr.weight());
+ }
+ }
+
+
+ @Override
+ protected boolean applies(Entry entry, String value) {
+ return entry.containsAttribute(value);
+ }
+}
http://git-wip-us.apache.org/repos/asf/ambari/blob/92f2cc5b/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/ads/detectors/GroupObjectClassDetector.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/ads/detectors/GroupObjectClassDetector.java b/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/ads/detectors/GroupObjectClassDetector.java
new file mode 100644
index 0000000..fddc5a5
--- /dev/null
+++ b/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/ads/detectors/GroupObjectClassDetector.java
@@ -0,0 +1,64 @@
+/*
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ambari.server.ldap.service.ads.detectors;
+
+import org.apache.directory.api.ldap.model.entry.Entry;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+public class GroupObjectClassDetector extends OccurranceAndWeightBasedDetector {
+
+ private static final Logger LOGGER = LoggerFactory.getLogger(GroupObjectClassDetector.class);
+
+ private enum ObjectClassValue {
+
+ GROUP("group", 1),
+
+ GROUP_OF_NAMES("groupOfNames", 1),
+
+ POSIX_GROUP("posixGroup", 1),
+
+ GROUP_OF_UNIQUE_NAMES("groupOfUniqueNames", 1);
+
+ private String ocVal;
+ private Integer weight;
+
+ ObjectClassValue(String attr, Integer weght) {
+ this.ocVal = attr;
+ this.weight = weght;
+ }
+
+ Integer weight() {
+ return this.weight;
+ }
+
+ String ocVal() {
+ return this.ocVal;
+ }
+
+ }
+
+ public GroupObjectClassDetector() {
+ for (ObjectClassValue ocVal : ObjectClassValue.values()) {
+ occurranceMap().put(ocVal.ocVal(), 0);
+ weightsMap().put(ocVal.ocVal(), ocVal.weight());
+ }
+ }
+
+ @Override
+ protected boolean applies(Entry entry, String value) {
+ return entry.hasObjectClass(value);
+ }
+}
http://git-wip-us.apache.org/repos/asf/ambari/blob/92f2cc5b/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/ads/detectors/OccurranceAndWeightBasedDetector.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/ads/detectors/OccurranceAndWeightBasedDetector.java b/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/ads/detectors/OccurranceAndWeightBasedDetector.java
new file mode 100644
index 0000000..8aaf6c1
--- /dev/null
+++ b/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/ads/detectors/OccurranceAndWeightBasedDetector.java
@@ -0,0 +1,103 @@
+/*
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ambari.server.ldap.service.ads.detectors;
+
+import java.util.Map;
+
+import org.apache.ambari.server.ldap.service.AttributeDetector;
+import org.apache.directory.api.ldap.model.entry.Entry;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import com.google.common.collect.Maps;
+
+public abstract class OccurranceAndWeightBasedDetector implements AttributeDetector<Entry> {
+
+ private static final Logger LOGGER = LoggerFactory.getLogger(OccurranceAndWeightBasedDetector.class);
+
+ private Map<String, Integer> occurranceMap = Maps.newHashMap();
+ private Map<String, Integer> weightsMap = Maps.newHashMap();
+
+ protected Map<String, Integer> occurranceMap() {
+ return occurranceMap;
+ }
+
+ protected Map<String, Integer> weightsMap() {
+ return weightsMap;
+ }
+
+
+ protected abstract boolean applies(Entry entry, String value);
+
+ @Override
+ public String detect() {
+ LOGGER.info("Calculating the most probable attribute/value ...");
+ Map.Entry<String, Integer> selectedEntry = null;
+
+ for (Map.Entry<String, Integer> entry : occurranceMap().entrySet()) {
+ if (selectedEntry == null) {
+
+ selectedEntry = entry;
+ LOGGER.debug("Initial attribute / value entry: {}", selectedEntry);
+ continue;
+
+ }
+
+ if (selectedEntry.getValue() < entry.getValue()) {
+
+ LOGGER.info("Changing potential attribute / value entry from : [{}] to: [{}]", selectedEntry, entry);
+ selectedEntry = entry;
+
+ }
+ }
+
+ // check whether the selected entry is valid (has occured in the sample result set)
+ String detectedVal = "N/A";
+
+ if (selectedEntry.getValue() > 0) {
+ detectedVal = selectedEntry.getKey();
+ } else {
+ LOGGER.warn("Unable to detect attribute or attribute value");
+ }
+
+ LOGGER.info("Detected attribute or value: [{}]", detectedVal);
+ return detectedVal;
+ }
+
+ @Override
+ public void collect(Entry entry) {
+ LOGGER.info("Collecting ldap attributes/values form entry with dn: [{]]", entry.getDn());
+
+ for (String attributeValue : occurranceMap().keySet()) {
+ if (applies(entry, attributeValue)) {
+
+ Integer cnt = occurranceMap().get(attributeValue).intValue();
+ if (weightsMap().containsKey(attributeValue)) {
+ cnt = cnt + weightsMap().get(attributeValue);
+ } else {
+ cnt = cnt + 1;
+ }
+ occurranceMap().put(attributeValue, cnt);
+
+ LOGGER.info("Collected potential name attr: {}, count: {}", attributeValue, cnt);
+
+ } else {
+ LOGGER.info("The result entry doesn't contain the attribute: [{}]", attributeValue);
+ }
+ }
+ }
+
+
+}
http://git-wip-us.apache.org/repos/asf/ambari/blob/92f2cc5b/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/ads/detectors/UserGroupMemberAttrDetector.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/ads/detectors/UserGroupMemberAttrDetector.java b/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/ads/detectors/UserGroupMemberAttrDetector.java
new file mode 100644
index 0000000..c3f2ab4
--- /dev/null
+++ b/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/ads/detectors/UserGroupMemberAttrDetector.java
@@ -0,0 +1,56 @@
+/*
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ambari.server.ldap.service.ads.detectors;
+
+import org.apache.directory.api.ldap.model.entry.Entry;
+
+public class UserGroupMemberAttrDetector extends OccurranceAndWeightBasedDetector {
+ private static String[] userGroupMemAttrValues = {"memberOf", "ismemberOf"};
+
+ private enum UserGroupMemberAttr {
+
+ MEMBER_OF("memberOf", 1),
+ IS_MEMBER_OF("ismemberOf", 1);
+
+ private String attrName;
+ private Integer weight;
+
+ UserGroupMemberAttr(String attr, Integer weght) {
+ this.attrName = attr;
+ this.weight = weght;
+ }
+
+ Integer weight() {
+ return this.weight;
+ }
+
+ String attrName() {
+ return this.attrName;
+ }
+
+ }
+
+ public UserGroupMemberAttrDetector() {
+ for (UserGroupMemberAttr userGroupMemberAttr : UserGroupMemberAttr.values()) {
+ occurranceMap().put(userGroupMemberAttr.attrName(), 0);
+ weightsMap().put(userGroupMemberAttr.attrName(), userGroupMemberAttr.weight);
+ }
+ }
+
+ @Override
+ protected boolean applies(Entry entry, String value) {
+ return entry.containsAttribute(value);
+ }
+}
http://git-wip-us.apache.org/repos/asf/ambari/blob/92f2cc5b/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/ads/detectors/UserNameAttrDetector.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/ads/detectors/UserNameAttrDetector.java b/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/ads/detectors/UserNameAttrDetector.java
new file mode 100644
index 0000000..40bf09b
--- /dev/null
+++ b/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/ads/detectors/UserNameAttrDetector.java
@@ -0,0 +1,60 @@
+/*
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ambari.server.ldap.service.ads.detectors;
+
+import org.apache.directory.api.ldap.model.entry.Entry;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+public class UserNameAttrDetector extends OccurranceAndWeightBasedDetector {
+ private static final Logger LOGGER = LoggerFactory.getLogger(UserNameAttrDetector.class);
+
+ private enum UserNameAttrs {
+ SAM_ACCOUNT_NAME("sAMAccountName", 5),
+ UID("uid", 3),
+ CN("cn", 1);
+
+ private String attrName;
+ private Integer weight;
+
+ UserNameAttrs(String attr, Integer weght) {
+ this.attrName = attr;
+ this.weight = weght;
+ }
+
+ Integer weight() {
+ return this.weight;
+ }
+
+ String attrName() {
+ return this.attrName;
+ }
+
+ }
+
+ public UserNameAttrDetector() {
+ for (UserNameAttrs nameAttr : UserNameAttrs.values()) {
+ occurranceMap().put(nameAttr.attrName(), 0);
+ weightsMap().put(nameAttr.attrName(), nameAttr.weight());
+ }
+ }
+
+ @Override
+ protected boolean applies(Entry entry, String value) {
+ LOGGER.info("Checking for attribute [{}] in entry [{}]", value, entry.getDn());
+ return entry.containsAttribute(value);
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/ambari/blob/92f2cc5b/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/ads/detectors/UserObjectClassDetector.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/ads/detectors/UserObjectClassDetector.java b/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/ads/detectors/UserObjectClassDetector.java
new file mode 100644
index 0000000..97b3c52
--- /dev/null
+++ b/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/ads/detectors/UserObjectClassDetector.java
@@ -0,0 +1,64 @@
+/*
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ambari.server.ldap.service.ads.detectors;
+
+import javax.inject.Inject;
+
+import org.apache.directory.api.ldap.model.entry.Entry;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+public class UserObjectClassDetector extends OccurranceAndWeightBasedDetector {
+
+ private static final Logger LOGGER = LoggerFactory.getLogger(UserObjectClassDetector.class);
+
+ private enum ObjectClassValue {
+ PERSON("person", 1),
+ POSIX_ACCOUNT("posixAccount", 1);
+
+ private String ocVal;
+ private Integer weight;
+
+ ObjectClassValue(String attr, Integer weght) {
+ this.ocVal = attr;
+ this.weight = weght;
+ }
+
+ Integer weight() {
+ return this.weight;
+ }
+
+ String ocVal() {
+ return this.ocVal;
+ }
+
+ }
+
+ @Inject
+ public UserObjectClassDetector() {
+ for (ObjectClassValue ocVal : ObjectClassValue.values()) {
+ occurranceMap().put(ocVal.ocVal(), 0);
+ weightsMap().put(ocVal.ocVal(), ocVal.weight());
+ }
+
+ }
+
+ @Override
+ protected boolean applies(Entry entry, String value) {
+ LOGGER.info("Checking for object class [{}] in entry [{}]", value, entry.getDn());
+ return entry.hasObjectClass(value);
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/ambari/blob/92f2cc5b/ambari-server/src/test/java/org/apache/ambari/server/ldap/service/ads/DefaultAttributeDetectionServiceTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/ldap/service/ads/DefaultAttributeDetectionServiceTest.java b/ambari-server/src/test/java/org/apache/ambari/server/ldap/service/ads/DefaultAttributeDetectionServiceTest.java
index 5cddf1a..08f2d6c 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/ldap/service/ads/DefaultAttributeDetectionServiceTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/ldap/service/ads/DefaultAttributeDetectionServiceTest.java
@@ -32,6 +32,8 @@ import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import com.google.common.collect.Maps;
+import com.google.gson.Gson;
+import com.google.gson.GsonBuilder;
public class DefaultAttributeDetectionServiceTest {
@@ -78,9 +80,12 @@ public class DefaultAttributeDetectionServiceTest {
// WHEN
AmbariLdapConfiguration config = attributeDetectionService.detectLdapUserAttributes(ldapConnection, ambariLdapConfiguration);
+ config = attributeDetectionService.detectLdapGroupAttributes(ldapConnection, ambariLdapConfiguration);
- // THEN
+ Gson gson = new GsonBuilder().create();
+ LOGGER.info(gson.toJson(config));
+ // THEN
ldapConnection.close();
}
@@ -95,9 +100,8 @@ public class DefaultAttributeDetectionServiceTest {
ldapPropsMap.put(AmbariLdapConfiguration.AmbariLdapConfig.BIND_PASSWORD.key(), "password");
ldapPropsMap.put(AmbariLdapConfiguration.AmbariLdapConfig.DN_ATTRIBUTE.key(), SchemaConstants.CN_AT);
- ldapPropsMap.put(AmbariLdapConfiguration.AmbariLdapConfig.USER_OBJECT_CLASS.key(), SchemaConstants.PERSON_OC);
- ldapPropsMap.put(AmbariLdapConfiguration.AmbariLdapConfig.USER_NAME_ATTRIBUTE.key(), SchemaConstants.UID_AT);
ldapPropsMap.put(AmbariLdapConfiguration.AmbariLdapConfig.USER_SEARCH_BASE.key(), "dc=example,dc=com");
+ ldapPropsMap.put(AmbariLdapConfiguration.AmbariLdapConfig.GROUP_SEARCH_BASE.key(), "dc=example,dc=com");
return ldapPropsMap;