You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ambari.apache.org by ol...@apache.org on 2018/09/24 19:47:19 UTC
[ambari] 04/12: Some additional fixes
This is an automated email from the ASF dual-hosted git repository.
oleewere pushed a commit to branch branch-feature-logsearch-ga
in repository https://gitbox.apache.org/repos/asf/ambari.git
commit 53496dc91211d91ccb53a07dd32883a869f49d78
Author: Oliver Szabo <ol...@gmail.com>
AuthorDate: Fri Sep 21 16:47:07 2018 +0200
Some additional fixes
---
.../main/java/org/apache/ambari/logsearch/conf/SecurityConfig.java | 2 +-
.../logsearch/web/security/LogsearchAuthenticationProvider.java | 3 ++-
.../logsearch/web/security/LogsearchFileAuthenticationProvider.java | 6 +++---
3 files changed, 6 insertions(+), 5 deletions(-)
diff --git a/ambari-logsearch/ambari-logsearch-server/src/main/java/org/apache/ambari/logsearch/conf/SecurityConfig.java b/ambari-logsearch/ambari-logsearch-server/src/main/java/org/apache/ambari/logsearch/conf/SecurityConfig.java
index fc985af..b1ca062 100644
--- a/ambari-logsearch/ambari-logsearch-server/src/main/java/org/apache/ambari/logsearch/conf/SecurityConfig.java
+++ b/ambari-logsearch/ambari-logsearch-server/src/main/java/org/apache/ambari/logsearch/conf/SecurityConfig.java
@@ -189,7 +189,7 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Bean
public LdapAuthoritiesPopulator ldapAuthoritiesPopulator() {
- if (StringUtils.isNotBlank(authPropsConfig.getLdapAuthConfig().getLdapGroupSearchBase())) {
+ if (authPropsConfig.isAuthLdapEnabled() || StringUtils.isNotBlank(authPropsConfig.getLdapAuthConfig().getLdapGroupSearchBase())) {
final DefaultLdapAuthoritiesPopulator ldapAuthoritiesPopulator =
new DefaultLdapAuthoritiesPopulator(ldapContextSource(), authPropsConfig.getLdapAuthConfig().getLdapGroupSearchBase());
ldapAuthoritiesPopulator.setGroupSearchFilter(authPropsConfig.getLdapAuthConfig().getLdapGroupSearchFilter());
diff --git a/ambari-logsearch/ambari-logsearch-server/src/main/java/org/apache/ambari/logsearch/web/security/LogsearchAuthenticationProvider.java b/ambari-logsearch/ambari-logsearch-server/src/main/java/org/apache/ambari/logsearch/web/security/LogsearchAuthenticationProvider.java
index cfa948d..6682b5c 100644
--- a/ambari-logsearch/ambari-logsearch-server/src/main/java/org/apache/ambari/logsearch/web/security/LogsearchAuthenticationProvider.java
+++ b/ambari-logsearch/ambari-logsearch-server/src/main/java/org/apache/ambari/logsearch/web/security/LogsearchAuthenticationProvider.java
@@ -20,6 +20,7 @@ package org.apache.ambari.logsearch.web.security;
import java.util.HashMap;
+import javax.annotation.Nullable;
import javax.inject.Inject;
import javax.inject.Named;
@@ -29,7 +30,6 @@ import org.apache.log4j.Logger;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
-import org.springframework.security.ldap.authentication.LdapAuthenticationProvider;
import org.springframework.security.web.authentication.WebAuthenticationDetails;
@Named
@@ -47,6 +47,7 @@ public class LogsearchAuthenticationProvider extends LogsearchAbstractAuthentica
private LogsearchSimpleAuthenticationProvider simpleAuthenticationProvider;
@Inject
+ @Nullable
private LogsearchLdapAuthenticationProvider ldapAuthenticationProvider;
@Override
diff --git a/ambari-logsearch/ambari-logsearch-server/src/main/java/org/apache/ambari/logsearch/web/security/LogsearchFileAuthenticationProvider.java b/ambari-logsearch/ambari-logsearch-server/src/main/java/org/apache/ambari/logsearch/web/security/LogsearchFileAuthenticationProvider.java
index 1f04bdf..7c375d2 100644
--- a/ambari-logsearch/ambari-logsearch-server/src/main/java/org/apache/ambari/logsearch/web/security/LogsearchFileAuthenticationProvider.java
+++ b/ambari-logsearch/ambari-logsearch-server/src/main/java/org/apache/ambari/logsearch/web/security/LogsearchFileAuthenticationProvider.java
@@ -79,14 +79,14 @@ public class LogsearchFileAuthenticationProvider extends LogsearchAbstractAuthen
logger.error("Password can't be null or empty.");
throw new BadCredentialsException("Password can't be null or empty.");
}
- String encPassword = passwordEncoder.encode(password);
- if (!passwordEncoder.matches(user.getPassword(), encPassword)) {
+ //String encPassword = passwordEncoder.encode(password);
+ if (!passwordEncoder.matches(password, user.getPassword())) {
logger.error("Wrong password for user=" + username);
throw new BadCredentialsException("Wrong password.");
}
Collection<? extends GrantedAuthority> authorities = user.getAuthorities();
- authentication = new UsernamePasswordAuthenticationToken(username, encPassword, authorities);
+ authentication = new UsernamePasswordAuthenticationToken(username, user.getPassword(), authorities);
return authentication;
}