You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by bh...@apache.org on 2015/06/04 19:08:53 UTC
[1/2] git commit: updated refs/heads/saml-production-grade to 6dfed25
Repository: cloudstack
Updated Branches:
refs/heads/saml-production-grade b36cf775c -> 6dfed2588
CLOUDSTACK-8457: Fix configurations in 4.5.1 to 4.5.2 upgrade path
Signed-off-by: Rohit Yadav <ro...@shapeblue.com>
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/bed8b652
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/bed8b652
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/bed8b652
Branch: refs/heads/saml-production-grade
Commit: bed8b652991b84e597327bde3436fa4be041cf8a
Parents: b36cf77
Author: Rohit Yadav <ro...@shapeblue.com>
Authored: Thu Jun 4 18:05:04 2015 +0200
Committer: Rohit Yadav <ro...@shapeblue.com>
Committed: Thu Jun 4 18:05:04 2015 +0200
----------------------------------------------------------------------
.../com/cloud/upgrade/dao/Upgrade451to452.java | 19 +++++++++++++----
.../cloudstack/api/command/ListIdpsCmd.java | 6 +++++-
setup/db/db/schema-451to452-cleanup.sql | 20 ++++++++++++++++++
setup/db/db/schema-451to452.sql | 22 ++++++++++++++++++++
4 files changed, 62 insertions(+), 5 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/bed8b652/engine/schema/src/com/cloud/upgrade/dao/Upgrade451to452.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/com/cloud/upgrade/dao/Upgrade451to452.java b/engine/schema/src/com/cloud/upgrade/dao/Upgrade451to452.java
index 3b7b643..870e534 100644
--- a/engine/schema/src/com/cloud/upgrade/dao/Upgrade451to452.java
+++ b/engine/schema/src/com/cloud/upgrade/dao/Upgrade451to452.java
@@ -17,11 +17,13 @@
package com.cloud.upgrade.dao;
+import com.cloud.utils.exception.CloudRuntimeException;
+import com.cloud.utils.script.Script;
+import org.apache.log4j.Logger;
+
import java.io.File;
import java.sql.Connection;
-import org.apache.log4j.Logger;
-
public class Upgrade451to452 implements DbUpgrade {
final static Logger s_logger = Logger.getLogger(Upgrade451to452.class);
@@ -42,7 +44,11 @@ public class Upgrade451to452 implements DbUpgrade {
@Override
public File[] getPrepareScripts() {
- return new File[] {};
+ String script = Script.findScript("", "db/schema-451to452.sql");
+ if (script == null) {
+ throw new CloudRuntimeException("Unable to find db/schema-451to452.sql");
+ }
+ return new File[] {new File(script)};
}
@Override
@@ -51,6 +57,11 @@ public class Upgrade451to452 implements DbUpgrade {
@Override
public File[] getCleanupScripts() {
- return null;
+ String script = Script.findScript("", "db/schema-451to452-cleanup.sql");
+ if (script == null) {
+ throw new CloudRuntimeException("Unable to find db/schema-451to452-cleanup.sql");
+ }
+
+ return new File[] {new File(script)};
}
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/bed8b652/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/ListIdpsCmd.java
----------------------------------------------------------------------
diff --git a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/ListIdpsCmd.java b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/ListIdpsCmd.java
index 4786a62..d6d867c 100644
--- a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/ListIdpsCmd.java
+++ b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/ListIdpsCmd.java
@@ -78,7 +78,11 @@ public class ListIdpsCmd extends BaseCmd implements APIAuthenticator {
for (SAMLProviderMetadata metadata: _samlAuthManager.getAllIdPMetadata()) {
IdpResponse idpResponse = new IdpResponse();
idpResponse.setId(metadata.getEntityId());
- idpResponse.setOrgName(metadata.getOrganizationName());
+ if (metadata.getOrganizationName() != null || !metadata.getOrganizationName().isEmpty()) {
+ idpResponse.setOrgName(metadata.getOrganizationName());
+ } else {
+ idpResponse.setOrgName(metadata.getEntityId());
+ }
idpResponse.setOrgUrl(metadata.getOrganizationUrl());
idpResponse.setObjectName("idp");
idpResponseList.add(idpResponse);
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/bed8b652/setup/db/db/schema-451to452-cleanup.sql
----------------------------------------------------------------------
diff --git a/setup/db/db/schema-451to452-cleanup.sql b/setup/db/db/schema-451to452-cleanup.sql
new file mode 100644
index 0000000..9f5e62a
--- /dev/null
+++ b/setup/db/db/schema-451to452-cleanup.sql
@@ -0,0 +1,20 @@
+-- Licensed to the Apache Software Foundation (ASF) under one
+-- or more contributor license agreements. See the NOTICE file
+-- distributed with this work for additional information
+-- regarding copyright ownership. The ASF licenses this file
+-- to you under the Apache License, Version 2.0 (the
+-- "License"); you may not use this file except in compliance
+-- with the License. You may obtain a copy of the License at
+--
+-- http://www.apache.org/licenses/LICENSE-2.0
+--
+-- Unless required by applicable law or agreed to in writing,
+-- software distributed under the License is distributed on an
+-- "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+-- KIND, either express or implied. See the License for the
+-- specific language governing permissions and limitations
+-- under the License.
+
+--;
+-- Schema cleanup from 4.5.1 to 4.5.2;
+--;
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/bed8b652/setup/db/db/schema-451to452.sql
----------------------------------------------------------------------
diff --git a/setup/db/db/schema-451to452.sql b/setup/db/db/schema-451to452.sql
new file mode 100644
index 0000000..cd7f229
--- /dev/null
+++ b/setup/db/db/schema-451to452.sql
@@ -0,0 +1,22 @@
+-- Licensed to the Apache Software Foundation (ASF) under one
+-- or more contributor license agreements. See the NOTICE file
+-- distributed with this work for additional information
+-- regarding copyright ownership. The ASF licenses this file
+-- to you under the Apache License, Version 2.0 (the
+-- "License"); you may not use this file except in compliance
+-- with the License. You may obtain a copy of the License at
+--
+-- http://www.apache.org/licenses/LICENSE-2.0
+--
+-- Unless required by applicable law or agreed to in writing,
+-- software distributed under the License is distributed on an
+-- "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+-- KIND, either express or implied. See the License for the
+-- specific language governing permissions and limitations
+-- under the License.
+
+--;
+-- Schema upgrade from 4.5.1 to 4.5.2;
+--;
+
+DELETE FROM `cloud`.`configuration` WHERE name like 'saml%';
[2/2] git commit: updated refs/heads/saml-production-grade to 6dfed25
Posted by bh...@apache.org.
CLOUDSTACK-8457: Fail if idp has no sso URL defined
Signed-off-by: Rohit Yadav <ro...@shapeblue.com>
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/6dfed258
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/6dfed258
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/6dfed258
Branch: refs/heads/saml-production-grade
Commit: 6dfed2588a149c7f8d75b0862c0bc52c9a1ae8f8
Parents: bed8b65
Author: Rohit Yadav <ro...@shapeblue.com>
Authored: Thu Jun 4 19:07:51 2015 +0200
Committer: Rohit Yadav <ro...@shapeblue.com>
Committed: Thu Jun 4 19:07:51 2015 +0200
----------------------------------------------------------------------
.../cloudstack/api/command/SAML2LoginAPIAuthenticatorCmd.java | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/6dfed258/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/SAML2LoginAPIAuthenticatorCmd.java
----------------------------------------------------------------------
diff --git a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/SAML2LoginAPIAuthenticatorCmd.java b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/SAML2LoginAPIAuthenticatorCmd.java
index e634220..631aed2 100644
--- a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/SAML2LoginAPIAuthenticatorCmd.java
+++ b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/SAML2LoginAPIAuthenticatorCmd.java
@@ -154,6 +154,12 @@ public class SAML2LoginAPIAuthenticatorCmd extends BaseCmd implements APIAuthent
"IdP ID (" + idpId + ") is not found in our list of supported IdPs, cannot proceed.",
params, responseType));
}
+ if (idpMetadata.getSsoUrl() == null || idpMetadata.getSsoUrl().isEmpty()) {
+ throw new ServerApiException(ApiErrorCode.PARAM_ERROR, _apiServer.getSerializedApiError(ApiErrorCode.PARAM_ERROR.getHttpCode(),
+ "IdP ID (" + idpId + ") has no Single Sign On URL defined please contact "
+ + idpMetadata.getContactPersonName() + " <" + idpMetadata.getContactPersonEmail() + ">, cannot proceed.",
+ params, responseType));
+ }
String authnId = SAMLUtils.generateSecureRandomId();
s_logger.debug("Sending SAMLRequest id=" + authnId);
String redirectUrl = SAMLUtils.buildAuthnRequestUrl(authnId, spMetadata, idpMetadata, SAML2AuthManager.SAMLSignatureAlgorithm.value());
@@ -196,7 +202,6 @@ public class SAML2LoginAPIAuthenticatorCmd extends BaseCmd implements APIAuthent
SAMLProviderMetadata spMetadata = _samlAuthManager.getSPMetadata();
SAMLProviderMetadata idpMetadata = _samlAuthManager.getIdPMetadata(issuer.getValue());
-
// Set IdpId for this session
session.setAttribute(SAMLPluginConstants.SAML_IDPID, issuer.getValue());