You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ambari.apache.org by sw...@apache.org on 2014/08/11 22:23:09 UTC
git commit: AMBARI-6812. Views : Admin - Update ambari-server
setup-ldap command.
Repository: ambari
Updated Branches:
refs/heads/trunk e19a0c8e2 -> b6f4e586e
AMBARI-6812. Views : Admin - Update ambari-server setup-ldap command.
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/b6f4e586
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/b6f4e586
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/b6f4e586
Branch: refs/heads/trunk
Commit: b6f4e586eb157a8b9036f10fb4b77cc8ea87e7d5
Parents: e19a0c8
Author: Siddharth Wagle <sw...@hortonworks.com>
Authored: Mon Aug 11 13:22:56 2014 -0700
Committer: Siddharth Wagle <sw...@hortonworks.com>
Committed: Mon Aug 11 13:22:56 2014 -0700
----------------------------------------------------------------------
.../server/configuration/Configuration.java | 8 +++---
ambari-server/src/main/python/ambari-server.py | 26 ++++++++++++++------
.../src/test/python/TestAmbariServer.py | 16 ++++++++++--
3 files changed, 37 insertions(+), 13 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ambari/blob/b6f4e586/ambari-server/src/main/java/org/apache/ambari/server/configuration/Configuration.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/configuration/Configuration.java b/ambari-server/src/main/java/org/apache/ambari/server/configuration/Configuration.java
index faca227..b378970 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/configuration/Configuration.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/configuration/Configuration.java
@@ -138,13 +138,13 @@ public class Configuration {
public static final String LDAP_USER_OBJECT_CLASS_KEY =
"authentication.ldap.userObjectClass";
public static final String LDAP_GROUP_BASE_KEY =
- "authorization.ldap.groupBase";
+ "authentication.ldap.groupBase";
public static final String LDAP_GROUP_OBJECT_CLASS_KEY =
- "authorization.ldap.groupObjectClass";
+ "authentication.ldap.groupObjectClass";
public static final String LDAP_GROUP_NAMING_ATTR_KEY =
- "authorization.ldap.groupNamingAttr";
+ "authentication.ldap.groupNamingAttr";
public static final String LDAP_GROUP_MEMEBERSHIP_ATTR_KEY =
- "authorization.ldap.groupMembershipAttr";
+ "authentication.ldap.groupMembershipAttr";
public static final String LDAP_ADMIN_GROUP_MAPPING_RULES_KEY =
"authorization.ldap.adminGroupMappingRules";
public static final String LDAP_GROUP_SEARCH_FILTER_KEY =
http://git-wip-us.apache.org/repos/asf/ambari/blob/b6f4e586/ambari-server/src/main/python/ambari-server.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/python/ambari-server.py b/ambari-server/src/main/python/ambari-server.py
index ffb25bb..079b29f 100755
--- a/ambari-server/src/main/python/ambari-server.py
+++ b/ambari-server/src/main/python/ambari-server.py
@@ -2991,7 +2991,11 @@ def setup_ldap():
ldap_property_list_reqd = ["authentication.ldap.primaryUrl",
"authentication.ldap.secondaryUrl",
"authentication.ldap.useSSL",
+ "authentication.ldap.userObjectClass",
"authentication.ldap.usernameAttribute",
+ "authentication.ldap.groupObjectClass",
+ "authentication.ldap.groupNamingAttr",
+ "authentication.ldap.groupMembershipAttr",
"authentication.ldap.baseDn",
"authentication.ldap.bindAnonymously"]
@@ -3011,9 +3015,13 @@ def setup_ldap():
LDAP_PRIMARY_URL_DEFAULT = get_value_from_properties(properties, ldap_property_list_reqd[0])
LDAP_SECONDARY_URL_DEFAULT = get_value_from_properties(properties, ldap_property_list_reqd[1])
LDAP_USE_SSL_DEFAULT = get_value_from_properties(properties, ldap_property_list_reqd[2], "false")
- LDAP_USER_ATT_DEFAULT = get_value_from_properties(properties, ldap_property_list_reqd[3], "uid")
- LDAP_BASE_DN_DEFAULT = get_value_from_properties(properties, ldap_property_list_reqd[4])
- LDAP_BIND_DEFAULT = get_value_from_properties(properties, ldap_property_list_reqd[5], "false")
+ LDAP_USER_CLASS_DEFAULT = get_value_from_properties(properties, ldap_property_list_reqd[3], "person")
+ LDAP_USER_ATT_DEFAULT = get_value_from_properties(properties, ldap_property_list_reqd[4], "uid")
+ LDAP_GROUP_CLASS_DEFAULT = get_value_from_properties(properties, ldap_property_list_reqd[5], "groupOfUniqueNames")
+ LDAP_GROUP_ATT_DEFAULT = get_value_from_properties(properties, ldap_property_list_reqd[6], "cn")
+ LDAP_GROUP_MEMBER_DEFAULT = get_value_from_properties(properties, ldap_property_list_reqd[7], "uniqueMember")
+ LDAP_BASE_DN_DEFAULT = get_value_from_properties(properties, ldap_property_list_reqd[8])
+ LDAP_BIND_DEFAULT = get_value_from_properties(properties, ldap_property_list_reqd[9], "false")
LDAP_MGR_DN_DEFAULT = get_value_from_properties(properties, ldap_property_list_opt[0])
SSL_TRUSTSTORE_TYPE_DEFAULT = get_value_from_properties(properties, SSL_TRUSTSTORE_TYPE_PROPERTY, "jks")
SSL_TRUSTSTORE_PATH_DEFAULT = get_value_from_properties(properties, SSL_TRUSTSTORE_PATH_PROPERTY)
@@ -3024,16 +3032,20 @@ def setup_ldap():
ldap_property_list_reqd[0]:(LDAP_PRIMARY_URL_DEFAULT, "Primary URL* {{host:port}} {0}: ".format(get_prompt_default(LDAP_PRIMARY_URL_DEFAULT)), False),\
ldap_property_list_reqd[1]:(LDAP_SECONDARY_URL_DEFAULT, "Secondary URL {{host:port}} {0}: ".format(get_prompt_default(LDAP_SECONDARY_URL_DEFAULT)), True),\
ldap_property_list_reqd[2]:(LDAP_USE_SSL_DEFAULT, "Use SSL* [true/false] {0}: ".format(get_prompt_default(LDAP_USE_SSL_DEFAULT)), False),\
- ldap_property_list_reqd[3]:(LDAP_USER_ATT_DEFAULT, "User name attribute* {0}: ".format(get_prompt_default(LDAP_USER_ATT_DEFAULT)), False),\
- ldap_property_list_reqd[4]:(LDAP_BASE_DN_DEFAULT, "Base DN* {0}: ".format(get_prompt_default(LDAP_BASE_DN_DEFAULT)), False),\
- ldap_property_list_reqd[5]:(LDAP_BIND_DEFAULT, "Bind anonymously* [true/false] {0}: ".format(get_prompt_default(LDAP_BIND_DEFAULT)), False)\
+ ldap_property_list_reqd[3]:(LDAP_USER_CLASS_DEFAULT, "User object class* {0}: ".format(get_prompt_default(LDAP_USER_CLASS_DEFAULT)), False),\
+ ldap_property_list_reqd[4]:(LDAP_USER_ATT_DEFAULT, "User name attribute* {0}: ".format(get_prompt_default(LDAP_USER_ATT_DEFAULT)), False),\
+ ldap_property_list_reqd[5]:(LDAP_GROUP_CLASS_DEFAULT, "Group object class* {0}: ".format(get_prompt_default(LDAP_GROUP_CLASS_DEFAULT)), False),\
+ ldap_property_list_reqd[6]:(LDAP_GROUP_ATT_DEFAULT, "Group name attribute* {0}: ".format(get_prompt_default(LDAP_GROUP_ATT_DEFAULT)), False),\
+ ldap_property_list_reqd[7]:(LDAP_GROUP_MEMBER_DEFAULT, "Group member attribute* {0}: ".format(get_prompt_default(LDAP_GROUP_MEMBER_DEFAULT)), False),\
+ ldap_property_list_reqd[8]:(LDAP_BASE_DN_DEFAULT, "Base DN* {0}: ".format(get_prompt_default(LDAP_BASE_DN_DEFAULT)), False),\
+ ldap_property_list_reqd[9]:(LDAP_BIND_DEFAULT, "Bind anonymously* [true/false] {0}: ".format(get_prompt_default(LDAP_BIND_DEFAULT)), False),\
}
ldap_property_value_map = {}
for idx, key in enumerate(ldap_property_list_reqd):
if idx in [0, 1]:
pattern = REGEX_HOSTNAME_PORT
- elif idx in [2, 5]:
+ elif idx in [2, 9]:
pattern = REGEX_TRUE_FALSE
else:
pattern = REGEX_ANYTHING
http://git-wip-us.apache.org/repos/asf/ambari/blob/b6f4e586/ambari-server/src/test/python/TestAmbariServer.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/python/TestAmbariServer.py b/ambari-server/src/test/python/TestAmbariServer.py
index ea3e72b..b76e2bd 100644
--- a/ambari-server/src/test/python/TestAmbariServer.py
+++ b/ambari-server/src/test/python/TestAmbariServer.py
@@ -4440,7 +4440,7 @@ MIIFHjCCAwYCCQDpHKOBI+Lt0zANBgkqhkiG9w0BAQUFADBRMQswCQYDVQQGEwJV
}
get_ambari_properties_method.return_value = configs
- raw_input_mock.side_effect = ['a:3', 'b:b', 'host', 'b:2', 'false', 'uid', 'base', 'true']
+ raw_input_mock.side_effect = ['a:3', 'b:b', 'hody', 'b:2', 'false', 'user', 'uid', 'group', 'cn', 'member', 'base', 'true']
ambari_server.SILENT = False
get_YN_input_method.return_value = True
@@ -4451,7 +4451,11 @@ MIIFHjCCAwYCCQDpHKOBI+Lt0zANBgkqhkiG9w0BAQUFADBRMQswCQYDVQQGEwJV
"authentication.ldap.primaryUrl": "a:3",
"authentication.ldap.secondaryUrl": "b:2",
"authentication.ldap.useSSL": "false",
+ "authentication.ldap.userObjectClass": "user",
"authentication.ldap.usernameAttribute": "uid",
+ "authentication.ldap.groupObjectClass": "group",
+ "authentication.ldap.groupNamingAttr": "cn",
+ "authentication.ldap.groupMembershipAttr": "member",
"authentication.ldap.baseDn": "base",
"authentication.ldap.bindAnonymously": "true",
"client.security": "ldap"
@@ -4465,7 +4469,7 @@ MIIFHjCCAwYCCQDpHKOBI+Lt0zANBgkqhkiG9w0BAQUFADBRMQswCQYDVQQGEwJV
self.assertTrue(8, raw_input_mock.call_count)
raw_input_mock.reset_mock()
- raw_input_mock.side_effect = ['a:3', '', 'b:2', 'false', 'uid', 'base', 'true']
+ raw_input_mock.side_effect = ['a:3', '', 'b:2', 'false', 'user', 'uid', 'group', 'cn', 'member', 'base', 'true']
ambari_server.setup_ldap()
@@ -4473,7 +4477,11 @@ MIIFHjCCAwYCCQDpHKOBI+Lt0zANBgkqhkiG9w0BAQUFADBRMQswCQYDVQQGEwJV
{
"authentication.ldap.primaryUrl": "a:3",
"authentication.ldap.useSSL": "false",
+ "authentication.ldap.userObjectClass": "user",
"authentication.ldap.usernameAttribute": "uid",
+ "authentication.ldap.groupObjectClass": "group",
+ "authentication.ldap.groupNamingAttr": "cn",
+ "authentication.ldap.groupMembershipAttr": "member",
"authentication.ldap.baseDn": "base",
"authentication.ldap.bindAnonymously": "true",
"client.security": "ldap"
@@ -4563,10 +4571,14 @@ MIIFHjCCAwYCCQDpHKOBI+Lt0zANBgkqhkiG9w0BAQUFADBRMQswCQYDVQQGEwJV
"authentication.ldap.primaryUrl": "test",
"authentication.ldap.secondaryUrl": "test",
"authentication.ldap.useSSL": "false",
+ "authentication.ldap.userObjectClass": "test",
"authentication.ldap.usernameAttribute": "test",
"authentication.ldap.baseDn": "test",
"authentication.ldap.bindAnonymously": "false",
"authentication.ldap.managerDn": "test",
+ "authentication.ldap.groupObjectClass": "test",
+ "authentication.ldap.groupMembershipAttr": "test",
+ "authentication.ldap.groupNamingAttr": "test",
"client.security": "ldap", \
ambari_server.LDAP_MGR_PASSWORD_PROPERTY: ambari_server.get_alias_string( \
ambari_server.LDAP_MGR_PASSWORD_ALIAS)