You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ambari.apache.org by nc...@apache.org on 2015/12/01 19:20:16 UTC
[26/50] ambari git commit: AMBARI-13943. Ambari LDAP integration
cannot handle LDAP directories with multiple entries for the same user.
(Oliver Szabo via rnettleton)
AMBARI-13943. Ambari LDAP integration cannot handle LDAP directories with multiple entries for the same user. (Oliver Szabo via rnettleton)
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/fd1181f4
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/fd1181f4
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/fd1181f4
Branch: refs/heads/branch-dev-patch-upgrade
Commit: fd1181f474e39492653fc70ccbf86d31f192a1e6
Parents: 93bf1d3
Author: Bob Nettleton <rn...@hortonworks.com>
Authored: Mon Nov 30 14:02:12 2015 -0500
Committer: Bob Nettleton <rn...@hortonworks.com>
Committed: Mon Nov 30 14:02:35 2015 -0500
----------------------------------------------------------------------
.../server/security/authorization/LdapServerProperties.java | 6 ++++--
.../security/authorization/LdapServerPropertiesTest.java | 5 +++--
2 files changed, 7 insertions(+), 4 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ambari/blob/fd1181f4/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/LdapServerProperties.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/LdapServerProperties.java b/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/LdapServerProperties.java
index f28ee50..8eeaf35 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/LdapServerProperties.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/LdapServerProperties.java
@@ -53,7 +53,7 @@ public class LdapServerProperties {
private String userSearchBase = "";
private String groupSearchFilter;
- private static final String userSearchFilter = "({attribute}={0})";
+ private static final String userSearchFilter = "(&({attribute}={0})(objectClass={userObjectClass}))";
//LDAP pagination properties
private boolean paginationEnabled = true;
@@ -138,7 +138,9 @@ public class LdapServerProperties {
}
public String getUserSearchFilter() {
- return userSearchFilter.replace("{attribute}", usernameAttribute);
+ return userSearchFilter
+ .replace("{attribute}", usernameAttribute)
+ .replace("{userObjectClass}", userObjectClass);
}
public String getUsernameAttribute() {
http://git-wip-us.apache.org/repos/asf/ambari/blob/fd1181f4/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/LdapServerPropertiesTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/LdapServerPropertiesTest.java b/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/LdapServerPropertiesTest.java
index 9043439..0797239 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/LdapServerPropertiesTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/LdapServerPropertiesTest.java
@@ -57,6 +57,7 @@ public class LdapServerPropertiesTest {
ldapServerProperties.setUseSsl(false);
ldapServerProperties.setPrimaryUrl("1.2.3.4:389");
ldapServerProperties.setUsernameAttribute("uid");
+ ldapServerProperties.setUserObjectClass("dummyObjectClass");
}
@Test
@@ -76,9 +77,9 @@ public class LdapServerPropertiesTest {
@Test
public void testGetUserSearchFilter() throws Exception {
- assertEquals(INCORRECT_USER_SEARCH_FILTER, "(uid={0})", ldapServerProperties.getUserSearchFilter());
+ assertEquals(INCORRECT_USER_SEARCH_FILTER, "(&(uid={0})(objectClass=dummyObjectClass))", ldapServerProperties.getUserSearchFilter());
ldapServerProperties.setUsernameAttribute("anotherName");
- assertEquals(INCORRECT_USER_SEARCH_FILTER, "(anotherName={0})", ldapServerProperties.getUserSearchFilter());
+ assertEquals(INCORRECT_USER_SEARCH_FILTER, "(&(anotherName={0})(objectClass=dummyObjectClass))", ldapServerProperties.getUserSearchFilter());
}
@Test