You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@karaf.apache.org by ja...@apache.org on 2015/03/05 17:24:39 UTC

[1/3] karaf git commit: KARAF-3105 - consolidate fqdn and nsdn as they are equivalent

Repository: karaf
Updated Branches:
  refs/heads/karaf-2.3.x ffe1e2601 -> 46b12f465
  refs/heads/karaf-3.0.x 517ac1325 -> c806614f5
  refs/heads/master e327f89dc -> b004bbfd5


KARAF-3105 - consolidate fqdn and nsdn as they are equivalent


Project: http://git-wip-us.apache.org/repos/asf/karaf/repo
Commit: http://git-wip-us.apache.org/repos/asf/karaf/commit/46b12f46
Tree: http://git-wip-us.apache.org/repos/asf/karaf/tree/46b12f46
Diff: http://git-wip-us.apache.org/repos/asf/karaf/diff/46b12f46

Branch: refs/heads/karaf-2.3.x
Commit: 46b12f465d13381803ede847649aa2ec07e6ee92
Parents: ffe1e26
Author: Jonathan Anstey <ja...@gmail.com>
Authored: Thu Mar 5 12:48:43 2015 -0330
Committer: Jonathan Anstey <ja...@gmail.com>
Committed: Thu Mar 5 12:48:43 2015 -0330

----------------------------------------------------------------------
 .../java/org/apache/karaf/jaas/modules/ldap/LDAPLoginModule.java  | 3 +--
 manual/src/main/webapp/developers-guide/security-framework.conf   | 3 +--
 2 files changed, 2 insertions(+), 4 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/karaf/blob/46b12f46/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/ldap/LDAPLoginModule.java
----------------------------------------------------------------------
diff --git a/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/ldap/LDAPLoginModule.java b/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/ldap/LDAPLoginModule.java
index ba2ed65..cd0293d 100644
--- a/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/ldap/LDAPLoginModule.java
+++ b/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/ldap/LDAPLoginModule.java
@@ -325,8 +325,7 @@ public class LDAPLoginModule extends AbstractKarafLoginModule {
             logger.debug("  base DN: " + roleBaseDN);
             roleFilter = roleFilter.replaceAll(Pattern.quote("%u"), Matcher.quoteReplacement(user));
             roleFilter = roleFilter.replaceAll(Pattern.quote("%dn"), Matcher.quoteReplacement(userDN));
-            roleFilter = roleFilter.replaceAll(Pattern.quote("%fqdn"), Matcher.quoteReplacement(userDN + "," + userBaseDN));
-            roleFilter = roleFilter.replaceAll(Pattern.quote("%nsdn"), Matcher.quoteReplacement(userDNNamespace));
+            roleFilter = roleFilter.replaceAll(Pattern.quote("%fqdn"), Matcher.quoteReplacement(userDNNamespace));
             roleFilter = roleFilter.replace("\\", "\\\\");
             logger.debug("  filter: " + roleFilter);
             NamingEnumeration namingEnumeration = context.search(roleBaseDN, roleFilter, controls);

http://git-wip-us.apache.org/repos/asf/karaf/blob/46b12f46/manual/src/main/webapp/developers-guide/security-framework.conf
----------------------------------------------------------------------
diff --git a/manual/src/main/webapp/developers-guide/security-framework.conf b/manual/src/main/webapp/developers-guide/security-framework.conf
index 6e15be5..e0305ed 100644
--- a/manual/src/main/webapp/developers-guide/security-framework.conf
+++ b/manual/src/main/webapp/developers-guide/security-framework.conf
@@ -372,8 +372,7 @@ The LDAPLoginModule supports the following patterns that you can use in the filt
 
 * {{%u}} is replaced by the user
 * {{%dn}} is replaced by the user DN
-* {{%fqdn}} is replaced by the user full qualified DN ({{userDN,userBaseDN}}).
-* {{%nsdn}} is replaced by the userDNNamespace (interesting especially for ActiveDirectory).
+* {{%fqdn}} is replaced by the user full qualified DN ({{userDNNamespace}}).
 
 NB: the LDAPLoginModule doesn't provide backend engine. It means that the administration of the users and roles should be
 performed directly on the LDAP backend.

[3/3] karaf git commit: KARAF-3105 - consolidate fqdn and nsdn as they are equivalent

Posted by ja...@apache.org.

KARAF-3105 - consolidate fqdn and nsdn as they are equivalent


Project: http://git-wip-us.apache.org/repos/asf/karaf/repo
Commit: http://git-wip-us.apache.org/repos/asf/karaf/commit/b004bbfd
Tree: http://git-wip-us.apache.org/repos/asf/karaf/tree/b004bbfd
Diff: http://git-wip-us.apache.org/repos/asf/karaf/diff/b004bbfd

Branch: refs/heads/master
Commit: b004bbfd5525638682d2b48fd0ae496cc7a9a6a8
Parents: e327f89
Author: Jonathan Anstey <ja...@gmail.com>
Authored: Thu Mar 5 12:54:23 2015 -0330
Committer: Jonathan Anstey <ja...@gmail.com>
Committed: Thu Mar 5 12:54:23 2015 -0330

----------------------------------------------------------------------
 .../org/apache/karaf/jaas/modules/ldap/LDAPLoginModule.java     | 3 +--
 manual/src/main/webapp/developers-guide/security-framework.conf | 5 ++---
 2 files changed, 3 insertions(+), 5 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/karaf/blob/b004bbfd/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/ldap/LDAPLoginModule.java
----------------------------------------------------------------------
diff --git a/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/ldap/LDAPLoginModule.java b/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/ldap/LDAPLoginModule.java
index 2ac7d1b..ea5e953 100644
--- a/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/ldap/LDAPLoginModule.java
+++ b/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/ldap/LDAPLoginModule.java
@@ -357,8 +357,7 @@ public class LDAPLoginModule extends AbstractKarafLoginModule {
                         logger.debug("  base DN: " + roleBaseDN);
                         roleFilter = roleFilter.replaceAll(Pattern.quote("%u"), Matcher.quoteReplacement(user));
                         roleFilter = roleFilter.replaceAll(Pattern.quote("%dn"), Matcher.quoteReplacement(userDN));
-                        roleFilter = roleFilter.replaceAll(Pattern.quote("%fqdn"), Matcher.quoteReplacement(userDN + "," + userBaseDN));
-                        roleFilter = roleFilter.replaceAll(Pattern.quote("%nsdn"), Matcher.quoteReplacement(userDNNamespace));
+                        roleFilter = roleFilter.replaceAll(Pattern.quote("%fqdn"), Matcher.quoteReplacement(userDNNamespace));
                         roleFilter = roleFilter.replace("\\", "\\\\");
                         logger.debug("  filter: " + roleFilter);
                         List<String> rolesList = new ArrayList<>();

http://git-wip-us.apache.org/repos/asf/karaf/blob/b004bbfd/manual/src/main/webapp/developers-guide/security-framework.conf
----------------------------------------------------------------------
diff --git a/manual/src/main/webapp/developers-guide/security-framework.conf b/manual/src/main/webapp/developers-guide/security-framework.conf
index def1d57..1ef1b2e 100644
--- a/manual/src/main/webapp/developers-guide/security-framework.conf
+++ b/manual/src/main/webapp/developers-guide/security-framework.conf
@@ -378,8 +378,7 @@ The LDAPLoginModule supports the following patterns that you can use in the filt
 
 * {{%u}} is replaced by the user
 * {{%dn}} is replaced by the user DN
-* {{%fqdn}} is replaced by the user full qualified DN ({{userDN,userBaseDN}}).
-* {{%nsdn}} is replaced by the userDNNamespace (interesting especially for ActiveDirectory).
+* {{%fqdn}} is replaced by the user full qualified DN ({{userDNNamespace}}).
 
 For instance, the following configuration will work properly with ActiveDirectory (adding the ActiveDirectory to the
 default {{karaf}} realm):
@@ -397,7 +396,7 @@ default {{karaf}} realm):
     user.search.subtree=true
     role.base.dn=ou=Groups,ou=there,DC=local
     role.name.attribute=cn
-    role.filter=(member=%nsdn)
+    role.filter=(member=%fqdn)
     role.search.subtree=true
     authentication=simple
   </jaas:module>

[2/3] karaf git commit: KARAF-3105 - consolidate fqdn and nsdn as they are equivalent

Posted by ja...@apache.org.

KARAF-3105 - consolidate fqdn and nsdn as they are equivalent


Project: http://git-wip-us.apache.org/repos/asf/karaf/repo
Commit: http://git-wip-us.apache.org/repos/asf/karaf/commit/c806614f
Tree: http://git-wip-us.apache.org/repos/asf/karaf/tree/c806614f
Diff: http://git-wip-us.apache.org/repos/asf/karaf/diff/c806614f

Branch: refs/heads/karaf-3.0.x
Commit: c806614f5bbe69983138ffa17c77a4422fa9441a
Parents: 517ac13
Author: Jonathan Anstey <ja...@gmail.com>
Authored: Thu Mar 5 12:51:44 2015 -0330
Committer: Jonathan Anstey <ja...@gmail.com>
Committed: Thu Mar 5 12:51:44 2015 -0330

----------------------------------------------------------------------
 .../java/org/apache/karaf/jaas/modules/ldap/LDAPLoginModule.java  | 3 +--
 manual/src/main/webapp/developers-guide/security-framework.conf   | 3 +--
 2 files changed, 2 insertions(+), 4 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/karaf/blob/c806614f/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/ldap/LDAPLoginModule.java
----------------------------------------------------------------------
diff --git a/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/ldap/LDAPLoginModule.java b/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/ldap/LDAPLoginModule.java
index c5ea937..11158bb 100644
--- a/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/ldap/LDAPLoginModule.java
+++ b/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/ldap/LDAPLoginModule.java
@@ -325,8 +325,7 @@ public class LDAPLoginModule extends AbstractKarafLoginModule {
             logger.debug("  base DN: " + roleBaseDN);
             roleFilter = roleFilter.replaceAll(Pattern.quote("%u"), Matcher.quoteReplacement(user));
             roleFilter = roleFilter.replaceAll(Pattern.quote("%dn"), Matcher.quoteReplacement(userDN));
-            roleFilter = roleFilter.replaceAll(Pattern.quote("%fqdn"), Matcher.quoteReplacement(userDN + "," + userBaseDN));
-            roleFilter = roleFilter.replaceAll(Pattern.quote("%nsdn"), Matcher.quoteReplacement(userDNNamespace));
+            roleFilter = roleFilter.replaceAll(Pattern.quote("%fqdn"), Matcher.quoteReplacement(userDNNamespace));
             roleFilter = roleFilter.replace("\\", "\\\\");
             logger.debug("  filter: " + roleFilter);
             NamingEnumeration namingEnumeration = context.search(roleBaseDN, roleFilter, controls);

http://git-wip-us.apache.org/repos/asf/karaf/blob/c806614f/manual/src/main/webapp/developers-guide/security-framework.conf
----------------------------------------------------------------------
diff --git a/manual/src/main/webapp/developers-guide/security-framework.conf b/manual/src/main/webapp/developers-guide/security-framework.conf
index 82c9b68..ca3bf9f 100644
--- a/manual/src/main/webapp/developers-guide/security-framework.conf
+++ b/manual/src/main/webapp/developers-guide/security-framework.conf
@@ -381,8 +381,7 @@ The LDAPLoginModule supports the following patterns that you can use in the filt
 
 * {{%u}} is replaced by the user
 * {{%dn}} is replaced by the user DN
-* {{%fqdn}} is replaced by the user full qualified DN ({{userDN,userBaseDN}}).
-* {{%nsdn}} is replaced by the userDNNamespace (interesting especially for ActiveDirectory).
+* {{%fqdn}} is replaced by the user full qualified DN ({{userDNNamespace}}).
 
 For instance, the following configuration will work properly with ActiveDirectory (adding the ActiveDirectory to the
 default {{karaf}} realm):