knox-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From kmin...@apache.org
Subject [1/2] KNOX-208: Upgrade ApacheDS for demo LDAP server to ApacheDS2.
Date Wed, 27 Nov 2013 22:39:42 GMT
Updated Branches:
  refs/heads/master c9b2e5514 -> 0af32a368


http://git-wip-us.apache.org/repos/asf/incubator-knox/blob/0af32a36/gateway-test-ldap/src/main/java/org/apache/hadoop/gateway/security/ldap/BaseDirectoryServiceFactory.java
----------------------------------------------------------------------
diff --git a/gateway-test-ldap/src/main/java/org/apache/hadoop/gateway/security/ldap/BaseDirectoryServiceFactory.java
b/gateway-test-ldap/src/main/java/org/apache/hadoop/gateway/security/ldap/BaseDirectoryServiceFactory.java
new file mode 100644
index 0000000..dc3468d
--- /dev/null
+++ b/gateway-test-ldap/src/main/java/org/apache/hadoop/gateway/security/ldap/BaseDirectoryServiceFactory.java
@@ -0,0 +1,290 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.hadoop.gateway.security.ldap;
+
+import org.apache.commons.io.FileUtils;
+import org.apache.directory.api.ldap.model.constants.SchemaConstants;
+import org.apache.directory.api.ldap.model.schema.LdapComparator;
+import org.apache.directory.api.ldap.model.schema.SchemaManager;
+import org.apache.directory.api.ldap.model.schema.comparators.NormalizingComparator;
+import org.apache.directory.api.ldap.model.schema.registries.ComparatorRegistry;
+import org.apache.directory.api.ldap.model.schema.registries.SchemaLoader;
+import org.apache.directory.api.ldap.schemaextractor.SchemaLdifExtractor;
+import org.apache.directory.api.ldap.schemaextractor.impl.DefaultSchemaLdifExtractor;
+import org.apache.directory.api.ldap.schemaloader.LdifSchemaLoader;
+import org.apache.directory.api.ldap.schemamanager.impl.DefaultSchemaManager;
+import org.apache.directory.api.util.exception.Exceptions;
+import org.apache.directory.server.constants.ServerDNConstants;
+import org.apache.directory.server.core.DefaultDirectoryService;
+import org.apache.directory.server.core.api.CacheService;
+import org.apache.directory.server.core.api.DirectoryService;
+import org.apache.directory.server.core.api.InstanceLayout;
+import org.apache.directory.server.core.api.partition.Partition;
+import org.apache.directory.server.core.api.schema.SchemaPartition;
+import org.apache.directory.server.core.factory.DefaultDirectoryServiceFactory;
+import org.apache.directory.server.core.factory.DirectoryServiceFactory;
+import org.apache.directory.server.core.factory.JdbmPartitionFactory;
+import org.apache.directory.server.core.factory.PartitionFactory;
+import org.apache.directory.server.core.partition.ldif.LdifPartition;
+import org.apache.directory.server.i18n.I18n;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.io.File;
+import java.io.IOException;
+import java.util.List;
+
+
+/**
+ * A Default factory for DirectoryService.
+ * This is a copy of org.apache.directory.server.core.factory.DefaultDirectoryServiceFactory
+ * created to control how the DirectoryService is created.  This can be removed
+ * when http://svn.apache.org/r1546144 in ApacheDS 2.0.0-M16 is available.
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ */
+public class BaseDirectoryServiceFactory implements DirectoryServiceFactory
+{
+  /** A logger for this class */
+  private static final Logger LOG = LoggerFactory.getLogger( DefaultDirectoryServiceFactory.class
);
+
+  /** The directory service. */
+  private DirectoryService directoryService;
+
+  /** The partition factory. */
+  private PartitionFactory partitionFactory;
+
+
+  public BaseDirectoryServiceFactory()
+  {
+    directoryService = createDirectoryService();
+    partitionFactory = createPartitionFactory();
+  }
+
+  protected DirectoryService createDirectoryService() {
+    DirectoryService result;
+    try
+    {
+      // Creating the instance here so that
+      // we we can set some properties like accesscontrol, anon access
+      // before starting up the service
+      result = new DefaultDirectoryService();
+
+      // No need to register a shutdown hook during tests because this
+      // starts a lot of threads and slows down test execution
+      result.setShutdownHookEnabled( false );
+    }
+    catch ( Exception e )
+    {
+      throw new RuntimeException( e );
+    }
+    return result;
+  }
+
+  protected PartitionFactory createPartitionFactory() {
+    PartitionFactory result;
+    try
+    {
+      String typeName = System.getProperty( "apacheds.partition.factory" );
+      if ( typeName != null )
+      {
+        Class<? extends PartitionFactory> type = ( Class<? extends PartitionFactory>
) Class.forName( typeName );
+        result = type.newInstance();
+      }
+      else
+      {
+        result = new JdbmPartitionFactory();
+      }
+    }
+    catch ( Exception e )
+    {
+      LOG.error( "Error instantiating custom partition factory", e );
+      throw new RuntimeException( e );
+    }
+    return result;
+  }
+
+  /**
+   * {@inheritDoc}
+   */
+  public void init( String name ) throws Exception
+  {
+    if ( ( directoryService != null ) && directoryService.isStarted() )
+    {
+      return;
+    }
+
+    build( name );
+  }
+
+
+  /**
+   * Build the working directory
+   */
+  private void buildInstanceDirectory( String name ) throws IOException
+  {
+    String instanceDirectory = System.getProperty( "workingDirectory" );
+
+    if ( instanceDirectory == null )
+    {
+      instanceDirectory = System.getProperty( "java.io.tmpdir" ) + "/server-work-" + name;
+    }
+
+    InstanceLayout instanceLayout = new InstanceLayout( instanceDirectory );
+
+    if ( instanceLayout.getInstanceDirectory().exists() )
+    {
+      try
+      {
+        FileUtils.deleteDirectory( instanceLayout.getInstanceDirectory() );
+      }
+      catch ( IOException e )
+      {
+        LOG.warn( "couldn't delete the instance directory before initializing the DirectoryService",
e );
+      }
+    }
+
+    directoryService.setInstanceLayout( instanceLayout );
+  }
+
+
+  /**
+   * Inits the schema and schema partition.
+   */
+  private void initSchema() throws Exception
+  {
+    File workingDirectory = directoryService.getInstanceLayout().getPartitionsDirectory();
+
+    // Extract the schema on disk (a brand new one) and load the registries
+    File schemaRepository = new File( workingDirectory, "schema" );
+    SchemaLdifExtractor extractor = new DefaultSchemaLdifExtractor( workingDirectory );
+
+    try
+    {
+      extractor.extractOrCopy();
+    }
+    catch ( IOException ioe )
+    {
+      // The schema has already been extracted, bypass
+    }
+
+    SchemaLoader loader = new LdifSchemaLoader( schemaRepository );
+    SchemaManager schemaManager = new DefaultSchemaManager( loader );
+
+    // We have to load the schema now, otherwise we won't be able
+    // to initialize the Partitions, as we won't be able to parse
+    // and normalize their suffix Dn
+    schemaManager.loadAllEnabled();
+
+    // Tell all the normalizer comparators that they should not normalize anything
+    ComparatorRegistry comparatorRegistry = schemaManager.getComparatorRegistry();
+
+    for ( LdapComparator<?> comparator : comparatorRegistry )
+    {
+      if ( comparator instanceof NormalizingComparator )
+      {
+        ( ( NormalizingComparator ) comparator ).setOnServer();
+      }
+    }
+
+    directoryService.setSchemaManager( schemaManager );
+
+    // Init the LdifPartition
+    LdifPartition ldifPartition = new LdifPartition( schemaManager /*, directoryService.getDnFactory()*/
);
+    ldifPartition.setPartitionPath( new File( workingDirectory, "schema" ).toURI() );
+    SchemaPartition schemaPartition = new SchemaPartition( schemaManager );
+    schemaPartition.setWrappedPartition( ldifPartition );
+    directoryService.setSchemaPartition( schemaPartition );
+
+    List<Throwable> errors = schemaManager.getErrors();
+
+    if ( errors.size() != 0 )
+    {
+      throw new Exception( I18n.err( I18n.ERR_317, Exceptions.printErrors( errors ) ) );
+    }
+  }
+
+
+  /**
+   * Inits the system partition.
+   *
+   * @throws Exception the exception
+   */
+  private void initSystemPartition() throws Exception
+  {
+    // change the working directory to something that is unique
+    // on the system and somewhere either under target directory
+    // or somewhere in a temp area of the machine.
+
+    // Inject the System Partition
+    Partition systemPartition = partitionFactory.createPartition(
+        directoryService.getSchemaManager(),
+        //directoryService.getDnFactory(),
+        "system",
+        ServerDNConstants.SYSTEM_DN,
+        500,
+        new File( directoryService.getInstanceLayout().getPartitionsDirectory(), "system"
) );
+    systemPartition.setSchemaManager( directoryService.getSchemaManager() );
+
+    partitionFactory.addIndex( systemPartition, SchemaConstants.OBJECT_CLASS_AT, 100 );
+
+    directoryService.setSystemPartition( systemPartition );
+  }
+
+
+  /**
+   * Builds the directory server instance.
+   *
+   * @param name the instance name
+   */
+  private void build( String name ) throws Exception
+  {
+    directoryService.setInstanceId( name );
+    buildInstanceDirectory( name );
+
+    CacheService cacheService = new CacheService();
+    cacheService.initialize( directoryService.getInstanceLayout() );
+
+    directoryService.setCacheService( cacheService );
+
+    // Init the service now
+    initSchema();
+    initSystemPartition();
+
+    directoryService.startup();
+  }
+
+
+  /**
+   * {@inheritDoc}
+   */
+  public DirectoryService getDirectoryService() throws Exception
+  {
+    return directoryService;
+  }
+
+
+  /**
+   * {@inheritDoc}
+   */
+  public PartitionFactory getPartitionFactory() throws Exception
+  {
+    return partitionFactory;
+  }
+}
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/incubator-knox/blob/0af32a36/gateway-test-ldap/src/main/java/org/apache/hadoop/gateway/security/ldap/SimpleDirectoryService.java
----------------------------------------------------------------------
diff --git a/gateway-test-ldap/src/main/java/org/apache/hadoop/gateway/security/ldap/SimpleDirectoryService.java
b/gateway-test-ldap/src/main/java/org/apache/hadoop/gateway/security/ldap/SimpleDirectoryService.java
new file mode 100644
index 0000000..68fa1da
--- /dev/null
+++ b/gateway-test-ldap/src/main/java/org/apache/hadoop/gateway/security/ldap/SimpleDirectoryService.java
@@ -0,0 +1,29 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.hadoop.gateway.security.ldap;
+
+public class SimpleDirectoryService extends BaseDirectoryService {
+
+  public SimpleDirectoryService() throws Exception {
+  }
+
+  protected void showSecurityWarnings() throws Exception {
+    // NoOp - This prevents confusing warnings from being output.
+  }
+
+}

http://git-wip-us.apache.org/repos/asf/incubator-knox/blob/0af32a36/gateway-test-ldap/src/main/java/org/apache/hadoop/gateway/security/ldap/SimpleDirectoryServiceFactory.java
----------------------------------------------------------------------
diff --git a/gateway-test-ldap/src/main/java/org/apache/hadoop/gateway/security/ldap/SimpleDirectoryServiceFactory.java
b/gateway-test-ldap/src/main/java/org/apache/hadoop/gateway/security/ldap/SimpleDirectoryServiceFactory.java
new file mode 100644
index 0000000..72a05ff
--- /dev/null
+++ b/gateway-test-ldap/src/main/java/org/apache/hadoop/gateway/security/ldap/SimpleDirectoryServiceFactory.java
@@ -0,0 +1,34 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.hadoop.gateway.security.ldap;
+
+import org.apache.directory.server.core.api.DirectoryService;
+
+public class SimpleDirectoryServiceFactory extends BaseDirectoryServiceFactory {
+
+  protected DirectoryService createDirectoryService() {
+    DirectoryService result;
+    try {
+      result = new SimpleDirectoryService();
+    } catch( Exception e ) {
+      throw new RuntimeException( e );
+    }
+    return result;
+  }
+
+}

http://git-wip-us.apache.org/repos/asf/incubator-knox/blob/0af32a36/gateway-test-ldap/src/main/java/org/apache/hadoop/gateway/security/ldap/SimpleLdapDirectoryServer.java
----------------------------------------------------------------------
diff --git a/gateway-test-ldap/src/main/java/org/apache/hadoop/gateway/security/ldap/SimpleLdapDirectoryServer.java
b/gateway-test-ldap/src/main/java/org/apache/hadoop/gateway/security/ldap/SimpleLdapDirectoryServer.java
new file mode 100644
index 0000000..0400f37
--- /dev/null
+++ b/gateway-test-ldap/src/main/java/org/apache/hadoop/gateway/security/ldap/SimpleLdapDirectoryServer.java
@@ -0,0 +1,76 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.hadoop.gateway.security.ldap;
+
+import org.apache.commons.io.FileUtils;
+import org.apache.directory.server.core.api.CoreSession;
+import org.apache.directory.server.core.api.DirectoryService;
+import org.apache.directory.server.core.api.partition.Partition;
+import org.apache.directory.server.core.factory.DirectoryServiceFactory;
+import org.apache.directory.server.ldap.LdapServer;
+import org.apache.directory.server.protocol.shared.store.LdifFileLoader;
+import org.apache.directory.server.protocol.shared.transport.Transport;
+
+import java.io.File;
+import java.io.FileNotFoundException;
+import java.util.UUID;
+
+public class SimpleLdapDirectoryServer {
+
+  private DirectoryServiceFactory factory;
+
+  private DirectoryService service;
+
+  private LdapServer server;
+
+  public SimpleLdapDirectoryServer( String rootDn, File usersLdif, Transport... transports
) throws Exception {
+    if( !usersLdif.exists() ) {
+      throw new FileNotFoundException( usersLdif.getAbsolutePath() );
+    }
+
+    factory = new SimpleDirectoryServiceFactory();
+    factory.init( UUID.randomUUID().toString() );
+    service = factory.getDirectoryService();
+
+    Partition partition = factory.getPartitionFactory().createPartition(
+        service.getSchemaManager(), "users", rootDn, 500, service.getInstanceLayout().getInstanceDirectory()
);
+    service.addPartition( partition );
+
+    CoreSession session = service.getAdminSession();
+    LdifFileLoader lfl = new LdifFileLoader( session, usersLdif, null );
+    lfl.execute();
+
+    server = new LdapServer();
+    server.setTransports( transports );
+    server.setDirectoryService( service );
+  }
+
+  public void start() throws Exception {
+    service.startup();
+    server.start();
+  }
+
+  public void stop( boolean clean ) throws Exception {
+    server.stop();
+    service.shutdown();
+    if( clean ) {
+      FileUtils.deleteDirectory( service.getInstanceLayout().getInstanceDirectory() );
+    }
+  }
+
+}

http://git-wip-us.apache.org/repos/asf/incubator-knox/blob/0af32a36/gateway-test-ldap/src/main/resources/log4j.properties
----------------------------------------------------------------------
diff --git a/gateway-test-ldap/src/main/resources/log4j.properties b/gateway-test-ldap/src/main/resources/log4j.properties
index 0ac181c..40b5546 100644
--- a/gateway-test-ldap/src/main/resources/log4j.properties
+++ b/gateway-test-ldap/src/main/resources/log4j.properties
@@ -14,11 +14,12 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-log4j.rootLogger=INFO,stdout
+log4j.rootLogger=ERROR,stdout
 log4j.threshhold=ALL
 log4j.appender.stdout=org.apache.log4j.ConsoleAppender
 log4j.appender.stdout.layout=org.apache.log4j.PatternLayout
 log4j.appender.stdout.layout.ConversionPattern=%d{ISO8601} %-5p %m%n
 
-log4j.logger.org.apache.hadoop.gateway=INFO
+#log4j.logger.org.apache.directory=INFO
+#log4j.logger.org.apache.hadoop.gateway=INFO
 #log4j.logger.org.apache.hadoop.gateway=DEBUG
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/incubator-knox/blob/0af32a36/gateway-test-ldap/src/main/resources/users.ldif
----------------------------------------------------------------------
diff --git a/gateway-test-ldap/src/main/resources/users.ldif b/gateway-test-ldap/src/main/resources/users.ldif
index 25c40de..f75edb8 100644
--- a/gateway-test-ldap/src/main/resources/users.ldif
+++ b/gateway-test-ldap/src/main/resources/users.ldif
@@ -1,4 +1,3 @@
-##########################################################################
 # Licensed to the Apache Software Foundation (ASF) under one
 # or more contributor license agreements.  See the NOTICE file
 # distributed with this work for additional information
@@ -14,42 +13,32 @@
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
-##########################################################################
 
 version: 1
 
-dn: ou=groups,dc=hadoop,dc=apache,dc=org
-objectclass:top
-objectclass:organizationalUnit
-ou: groups
+dn: dc=hadoop,dc=apache,dc=org
+objectclass: organization
+objectclass: dcObject
+o: Hadoop at Apache.org
+dc: hadoop
+description: Makers of Hadoop
 
+# entry for a sample people container
+# please replace with site specific values
 dn: ou=people,dc=hadoop,dc=apache,dc=org
 objectclass:top
 objectclass:organizationalUnit
 ou: people
 
-dn: uid=allowedUser,ou=people,dc=hadoop,dc=apache,dc=org
-objectclass:top
-objectclass:person
-objectclass:organizationalPerson
-objectclass:inetOrgPerson
-cn: CraigWalls
-sn: Walls
-uid: allowedUser
-userPassword:password
-
-dn: uid=deniedUser,ou=people,dc=hadoop,dc=apache,dc=org
+# entry for a sample end user
+# please replace with site specific values
+dn: uid=guest,ou=people,dc=hadoop,dc=apache,dc=org
 objectclass:top
 objectclass:person
 objectclass:organizationalPerson
 objectclass:inetOrgPerson
-cn: JohnSmith
-sn: Smith
-uid: deniedUser
-userPassword:password
+cn: Guest
+sn: User
+uid: guest
+userPassword:guest-password
 
-dn: cn=admin,ou=groups,dc=hadoop,dc=apache,dc=org
-objectclass:top
-objectclass:groupOfNames
-cn: admin
-member: uid=allowedUser,ou=people,dc=hadoop,dc=apache,dc=org

http://git-wip-us.apache.org/repos/asf/incubator-knox/blob/0af32a36/gateway-test-ldap/src/test/java/org/apache/hadoop/gateway/security/EmbeddedApacheDirectoryServerTest.java
----------------------------------------------------------------------
diff --git a/gateway-test-ldap/src/test/java/org/apache/hadoop/gateway/security/EmbeddedApacheDirectoryServerTest.java
b/gateway-test-ldap/src/test/java/org/apache/hadoop/gateway/security/EmbeddedApacheDirectoryServerTest.java
deleted file mode 100644
index bdaf1b7..0000000
--- a/gateway-test-ldap/src/test/java/org/apache/hadoop/gateway/security/EmbeddedApacheDirectoryServerTest.java
+++ /dev/null
@@ -1,94 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements.  See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership.  The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.hadoop.gateway.security;
-
-import org.apache.hadoop.test.category.ManualTests;
-import org.junit.AfterClass;
-import org.junit.BeforeClass;
-import org.junit.Test;
-import org.junit.experimental.categories.Category;
-
-import javax.naming.Context;
-import javax.naming.NamingException;
-import javax.naming.directory.DirContext;
-import javax.naming.directory.InitialDirContext;
-import java.io.IOException;
-import java.net.URL;
-import java.util.Hashtable;
-
-import static org.junit.Assert.fail;
-
-@Category( ManualTests.class )
-public class EmbeddedApacheDirectoryServerTest {
-
-  private static EmbeddedApacheDirectoryServer ldap;
-
-  @Test
-  public void demoWait() throws IOException {
-    System.out.println( "Press any key to exit LDAP server." );
-    System.in.read();
-  }
-
-  @BeforeClass
-  public static void setupSuite() throws Exception{
-    URL usersUrl = ClassLoader.getSystemResource( "users.ldif" );
-    ldap = new EmbeddedApacheDirectoryServer( "dc=hadoop,dc=apache,dc=org", null, 33389 );
-    ldap.start();
-    ldap.loadLdif( usersUrl );
-  }
-
-  @AfterClass
-  public static void cleanupSuite() throws Exception {
-    ldap.stop();
-  }
-
-  @Test
-  @SuppressWarnings("unchecked")
-  public void testJndiLdapAuthenticate() {
-
-    Hashtable env = new Hashtable();
-    env.put( Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory" );
-    env.put( Context.PROVIDER_URL, "ldap://localhost:33389" );
-    env.put( Context.SECURITY_AUTHENTICATION, "simple" );
-    env.put( Context.SECURITY_PRINCIPAL, "uid=allowedUser,ou=people,dc=hadoop,dc=apache,dc=org"
);
-    env.put( Context.SECURITY_CREDENTIALS, "password" );
-
-    try {
-      DirContext ctx = new InitialDirContext( env );
-      ctx.close();
-    } catch( NamingException e ) {
-      e.printStackTrace();
-      fail( "Should have been able to find the allowedUser and create initial context." );
-    }
-
-    env = new Hashtable();
-    env.put( Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory" );
-    env.put( Context.PROVIDER_URL, "ldap://localhost:33389" );
-    env.put( Context.SECURITY_AUTHENTICATION, "simple" );
-    env.put( Context.SECURITY_PRINCIPAL, "uid=allowedUser,ou=people,dc=hadoop,dc=apache,dc=org"
);
-    env.put( Context.SECURITY_CREDENTIALS, "invalid-password" );
-
-    try {
-      DirContext ctx = new InitialDirContext( env );
-      fail( "Should have thrown a NamingException to indicate invalid credentials." );
-    } catch( NamingException e ) {
-      // This exception is expected.
-    }
-  }
-
-}

http://git-wip-us.apache.org/repos/asf/incubator-knox/blob/0af32a36/gateway-test-ldap/src/test/java/org/apache/hadoop/gateway/security/ldap/SimpleLdapServerTest.java
----------------------------------------------------------------------
diff --git a/gateway-test-ldap/src/test/java/org/apache/hadoop/gateway/security/ldap/SimpleLdapServerTest.java
b/gateway-test-ldap/src/test/java/org/apache/hadoop/gateway/security/ldap/SimpleLdapServerTest.java
new file mode 100644
index 0000000..b148cfa
--- /dev/null
+++ b/gateway-test-ldap/src/test/java/org/apache/hadoop/gateway/security/ldap/SimpleLdapServerTest.java
@@ -0,0 +1,88 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.hadoop.gateway.security.ldap;
+
+import org.apache.directory.api.ldap.model.exception.LdapAuthenticationException;
+import org.apache.directory.api.ldap.model.exception.LdapException;
+import org.apache.directory.ldap.client.api.LdapConnection;
+import org.apache.directory.ldap.client.api.LdapNetworkConnection;
+import org.apache.directory.server.protocol.shared.transport.TcpTransport;
+import org.apache.directory.server.protocol.shared.transport.Transport;
+import org.junit.AfterClass;
+import org.junit.BeforeClass;
+import org.junit.Test;
+
+import java.io.File;
+import java.io.IOException;
+import java.net.ServerSocket;
+
+import static org.junit.Assert.fail;
+
+public class SimpleLdapServerTest {
+
+  private static int port;
+  private static File ldifFile;
+  private static SimpleLdapDirectoryServer ldap;
+
+  @BeforeClass
+  public static void setup() throws Exception {
+    port = findFreePort();
+    ldifFile = new File( ClassLoader.getSystemResource( "users.ldif" ).toURI() );
+    ldap = new SimpleLdapDirectoryServer( "dc=hadoop,dc=apache,dc=org", ldifFile, new Transport[]{
new TcpTransport( port ) } );
+    ldap.start();
+  }
+
+  @AfterClass
+  public static void cleanup() throws Exception {
+    if( ldap != null ) {
+      ldap.stop( true );
+    }
+  }
+
+  private static int findFreePort() throws IOException {
+    ServerSocket socket = new ServerSocket(0);
+    int port = socket.getLocalPort();
+    socket.close();
+    return port;
+  }
+
+  @Test
+  public void test() throws LdapException, IOException {
+    LdapConnection connection = new LdapNetworkConnection( "localhost", port );
+
+    connection.bind( "uid=guest,ou=people,dc=hadoop,dc=apache,dc=org", "guest-password" );
+
+    try {
+      connection.bind( "uid=nobody,ou=people,dc=hadoop,dc=apache,dc=org", "guest-password"
);
+      fail( "Expected LdapAuthenticatinoException" );
+    } catch ( LdapAuthenticationException e ) {
+      // Expected
+    }
+
+    try {
+      connection.bind( "uid=guest,ou=people,dc=hadoop,dc=apache,dc=org", "wrong-password"
);
+      fail( "Expected LdapAuthenticatinoException" );
+    } catch ( LdapAuthenticationException e ) {
+      // Expected
+    }
+
+    connection.close();
+  }
+
+}
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/incubator-knox/blob/0af32a36/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayBasicFuncTest.java
----------------------------------------------------------------------
diff --git a/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayBasicFuncTest.java
b/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayBasicFuncTest.java
index 0c7c486..b8c8ace 100644
--- a/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayBasicFuncTest.java
+++ b/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayBasicFuncTest.java
@@ -246,7 +246,7 @@ public class GatewayBasicFuncTest {
         .header("X-XSRF-Header", "jksdhfkhdsf")
         .queryParam( "op", "MKDIRS" )
         .expect()
-            //.log().all();
+        //.log().all()
         .statusCode( HttpStatus.SC_OK )
         .contentType( "application/json" )
         .content( "boolean", is( true ) )
@@ -277,7 +277,7 @@ public class GatewayBasicFuncTest {
         .header("X-XSRF-Header", "jksdhfkhdsf")
         .queryParam( "op", "CREATE" )
         .expect()
-            //.log().ifError()
+        //.log().ifError()
         .statusCode( HttpStatus.SC_TEMPORARY_REDIRECT )
         .when().put( driver.getUrl("WEBHDFS") + "/v1" + root + "/dir/file" );
     String location = response.getHeader( "Location" );

http://git-wip-us.apache.org/repos/asf/incubator-knox/blob/0af32a36/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayFuncTestDriver.java
----------------------------------------------------------------------
diff --git a/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayFuncTestDriver.java
b/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayFuncTestDriver.java
index 019f392..2972258 100644
--- a/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayFuncTestDriver.java
+++ b/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayFuncTestDriver.java
@@ -22,8 +22,9 @@ import com.mycila.xmltool.XMLTag;
 import org.apache.commons.io.FileUtils;
 import org.apache.commons.io.IOUtils;
 import org.apache.commons.lang3.ArrayUtils;
+import org.apache.directory.server.protocol.shared.transport.TcpTransport;
 import org.apache.hadoop.gateway.config.GatewayConfig;
-import org.apache.hadoop.gateway.security.EmbeddedApacheDirectoryServer;
+import org.apache.hadoop.gateway.security.ldap.SimpleLdapDirectoryServer;
 import org.apache.hadoop.gateway.services.DefaultGatewayServices;
 import org.apache.hadoop.gateway.services.ServiceLifecycleException;
 import org.apache.hadoop.test.mock.MockServer;
@@ -83,7 +84,8 @@ public class GatewayFuncTestDriver {
 
   public Class<?> resourceBaseClass;
   public Map<String,Service> services = new HashMap<String,Service>();
-  public EmbeddedApacheDirectoryServer ldap;
+  public SimpleLdapDirectoryServer ldap;
+  public TcpTransport ldapTransport;
   public boolean useGateway;
   public GatewayServer gateway;
   public GatewayConfig config;
@@ -104,9 +106,9 @@ public class GatewayFuncTestDriver {
    */
   public int setupLdap( int port ) throws Exception {
     URL usersUrl = getResourceUrl( "users.ldif" );
-    ldap = new EmbeddedApacheDirectoryServer( "dc=hadoop,dc=apache,dc=org", null, port );
+    ldapTransport = new TcpTransport( port );
+    ldap = new SimpleLdapDirectoryServer( "dc=hadoop,dc=apache,dc=org", new File( usersUrl.toURI()
), ldapTransport );
     ldap.start();
-    ldap.loadLdif( usersUrl );
     log.info( "LDAP port = " + port );
     return port;
   }
@@ -165,7 +167,7 @@ public class GatewayFuncTestDriver {
     }
     services.clear();
 
-    ldap.stop();
+    ldap.stop( true );
   }
 
   public boolean isUseGateway() {
@@ -210,7 +212,7 @@ public class GatewayFuncTestDriver {
   }
 
   public String getLdapUrl() {
-    return "ldap://localhost:" + ldap.getTransport().getPort();
+    return "ldap://localhost:" + ldapTransport.getPort();
   }
 
   private static class Service {

http://git-wip-us.apache.org/repos/asf/incubator-knox/blob/0af32a36/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayLocalServiceFuncTest.java
----------------------------------------------------------------------
diff --git a/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayLocalServiceFuncTest.java
b/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayLocalServiceFuncTest.java
index c0800b5..091bfe5 100644
--- a/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayLocalServiceFuncTest.java
+++ b/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayLocalServiceFuncTest.java
@@ -20,8 +20,9 @@ package org.apache.hadoop.gateway;
 import com.mycila.xmltool.XMLDoc;
 import com.mycila.xmltool.XMLTag;
 import org.apache.commons.io.FileUtils;
+import org.apache.directory.server.protocol.shared.transport.TcpTransport;
 import org.apache.hadoop.gateway.config.GatewayConfig;
-import org.apache.hadoop.gateway.security.EmbeddedApacheDirectoryServer;
+import org.apache.hadoop.gateway.security.ldap.SimpleLdapDirectoryServer;
 import org.apache.hadoop.gateway.services.DefaultGatewayServices;
 import org.apache.hadoop.gateway.services.ServiceLifecycleException;
 import org.apache.hadoop.test.log.NoOpAppender;
@@ -61,7 +62,8 @@ public class GatewayLocalServiceFuncTest {
   public static GatewayServer gateway;
   public static String gatewayUrl;
   public static String clusterUrl;
-  public static EmbeddedApacheDirectoryServer ldap;
+  public static SimpleLdapDirectoryServer ldap;
+  public static TcpTransport ldapTransport;
 
   @BeforeClass
   public static void setupSuite() throws Exception {
@@ -73,7 +75,7 @@ public class GatewayLocalServiceFuncTest {
   @AfterClass
   public static void cleanupSuite() throws Exception {
     gateway.stop();
-    ldap.stop();
+    ldap.stop( true );
     FileUtils.deleteQuietly( new File( config.getGatewayHomeDir() ) );
     NoOpAppender.tearDown( appenders );
   }
@@ -81,10 +83,10 @@ public class GatewayLocalServiceFuncTest {
   public static void setupLdap() throws Exception {
     URL usersUrl = getResourceUrl( "users.ldif" );
     int port = findFreePort();
-    ldap = new EmbeddedApacheDirectoryServer( "dc=hadoop,dc=apache,dc=org", null, port );
+    ldapTransport = new TcpTransport( port );
+    ldap = new SimpleLdapDirectoryServer( "dc=hadoop,dc=apache,dc=org", new File( usersUrl.toURI()
), ldapTransport );
     ldap.start();
-    ldap.loadLdif( usersUrl );
-    LOG.info( "LDAP port = " + ldap.getTransport().getPort() );
+    LOG.info( "LDAP port = " + ldapTransport.getPort() );
   }
 
   public static void setupGateway() throws IOException {
@@ -139,7 +141,7 @@ public class GatewayLocalServiceFuncTest {
         .addTag( "value" ).addText( "uid={0},ou=people,dc=hadoop,dc=apache,dc=org" ).gotoParent()
         .addTag( "param" )
         .addTag( "name" ).addText( "main.ldapRealm.contextFactory.url" )
-        .addTag( "value" ).addText( "ldap://localhost:" + ldap.getTransport().getPort() ).gotoParent()
+        .addTag( "value" ).addText( "ldap://localhost:" + ldapTransport.getPort() ).gotoParent()
         .addTag( "param" )
         .addTag( "name" ).addText( "main.ldapRealm.contextFactory.authenticationMechanism"
)
         .addTag( "value" ).addText( "simple" ).gotoParent()

http://git-wip-us.apache.org/repos/asf/incubator-knox/blob/0af32a36/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewaySampleFuncTest.java
----------------------------------------------------------------------
diff --git a/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewaySampleFuncTest.java
b/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewaySampleFuncTest.java
index c55fd0a..6f009b1 100644
--- a/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewaySampleFuncTest.java
+++ b/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewaySampleFuncTest.java
@@ -19,12 +19,11 @@ package org.apache.hadoop.gateway;
 
 import com.mycila.xmltool.XMLDoc;
 import com.mycila.xmltool.XMLTag;
-import org.apache.commons.io.FileUtils;
+import org.apache.directory.server.protocol.shared.transport.TcpTransport;
 import org.apache.hadoop.gateway.config.GatewayConfig;
-import org.apache.hadoop.gateway.security.EmbeddedApacheDirectoryServer;
+import org.apache.hadoop.gateway.security.ldap.SimpleLdapDirectoryServer;
 import org.apache.hadoop.gateway.services.DefaultGatewayServices;
 import org.apache.hadoop.gateway.services.ServiceLifecycleException;
-import org.apache.hadoop.test.log.NoOpAppender;
 import org.apache.http.HttpStatus;
 import org.apache.log4j.Appender;
 import org.hamcrest.MatcherAssert;
@@ -62,7 +61,8 @@ public class GatewaySampleFuncTest {
   public static GatewayServer gateway;
   public static String gatewayUrl;
   public static String clusterUrl;
-  public static EmbeddedApacheDirectoryServer ldap;
+  public static SimpleLdapDirectoryServer ldap;
+  public static TcpTransport ldapTransport;
 
   @BeforeClass
   public static void setupSuite() throws Exception {
@@ -74,7 +74,7 @@ public class GatewaySampleFuncTest {
   @AfterClass
   public static void cleanupSuite() throws Exception {
     gateway.stop();
-    ldap.stop();
+    ldap.stop( true );
     //FileUtils.deleteQuietly( new File( config.getGatewayHomeDir() ) );
     //NoOpAppender.tearDown( appenders );
   }
@@ -82,10 +82,10 @@ public class GatewaySampleFuncTest {
   public static void setupLdap() throws Exception {
     URL usersUrl = getResourceUrl( "users.ldif" );
     int port = findFreePort();
-    ldap = new EmbeddedApacheDirectoryServer( "dc=hadoop,dc=apache,dc=org", null, port );
+    ldapTransport = new TcpTransport( port );
+    ldap = new SimpleLdapDirectoryServer( "dc=hadoop,dc=apache,dc=org", new File( usersUrl.toURI()
), ldapTransport );
     ldap.start();
-    ldap.loadLdif( usersUrl );
-    LOG.info( "LDAP port = " + ldap.getTransport().getPort() );
+    LOG.info( "LDAP port = " + ldapTransport.getPort() );
   }
 
   public static void setupGateway() throws IOException {
@@ -140,7 +140,7 @@ public class GatewaySampleFuncTest {
         .addTag( "value" ).addText( "uid={0},ou=people,dc=hadoop,dc=apache,dc=org" ).gotoParent()
         .addTag( "param" )
         .addTag( "name" ).addText( "main.ldapRealm.contextFactory.url" )
-        .addTag( "value" ).addText( "ldap://localhost:" + ldap.getTransport().getPort() ).gotoParent()
+        .addTag( "value" ).addText( "ldap://localhost:" + ldapTransport.getPort() ).gotoParent()
         .addTag( "param" )
         .addTag( "name" ).addText( "main.ldapRealm.contextFactory.authenticationMechanism"
)
         .addTag( "value" ).addText( "simple" ).gotoParent()

http://git-wip-us.apache.org/repos/asf/incubator-knox/blob/0af32a36/gateway-test/src/test/resources/log4j.properties
----------------------------------------------------------------------
diff --git a/gateway-test/src/test/resources/log4j.properties b/gateway-test/src/test/resources/log4j.properties
index 1a4b189..8904f59 100644
--- a/gateway-test/src/test/resources/log4j.properties
+++ b/gateway-test/src/test/resources/log4j.properties
@@ -23,6 +23,7 @@ log4j.appender.stdout=org.apache.log4j.ConsoleAppender
 log4j.appender.stdout.layout=org.apache.log4j.PatternLayout
 log4j.appender.stdout.layout.ConversionPattern=%5p [%c] %m%n
 
+#log4j.logger.org.apache.directory=INFO
 #log4j.logger.org.apache.hadoop.gateway=DEBUG
 
 #log4j.logger.org.eclipse.jetty=DEBUG

http://git-wip-us.apache.org/repos/asf/incubator-knox/blob/0af32a36/gateway-test/src/test/resources/org/apache/hadoop/gateway/GatewayBasicFuncTest/users.ldif
----------------------------------------------------------------------
diff --git a/gateway-test/src/test/resources/org/apache/hadoop/gateway/GatewayBasicFuncTest/users.ldif
b/gateway-test/src/test/resources/org/apache/hadoop/gateway/GatewayBasicFuncTest/users.ldif
index e5628bf..e4cc143 100644
--- a/gateway-test/src/test/resources/org/apache/hadoop/gateway/GatewayBasicFuncTest/users.ldif
+++ b/gateway-test/src/test/resources/org/apache/hadoop/gateway/GatewayBasicFuncTest/users.ldif
@@ -18,16 +18,22 @@
 
 version: 1
 
-dn: ou=groups,dc=hadoop,dc=apache,dc=org
-objectclass:top
-objectclass:organizationalUnit
-ou: groups
+dn: dc=hadoop,dc=apache,dc=org
+objectclass: organization
+objectclass: dcObject
+o: Hadoop
+dc: hadoop
 
 dn: ou=people,dc=hadoop,dc=apache,dc=org
 objectclass:top
 objectclass:organizationalUnit
 ou: people
 
+dn: ou=groups,dc=hadoop,dc=apache,dc=org
+objectclass:top
+objectclass:organizationalUnit
+ou: groups
+
 dn: uid=allowedUser,ou=people,dc=hadoop,dc=apache,dc=org
 objectclass:top
 objectclass:person

http://git-wip-us.apache.org/repos/asf/incubator-knox/blob/0af32a36/gateway-test/src/test/resources/org/apache/hadoop/gateway/GatewayLocalServiceFuncTest/users.ldif
----------------------------------------------------------------------
diff --git a/gateway-test/src/test/resources/org/apache/hadoop/gateway/GatewayLocalServiceFuncTest/users.ldif
b/gateway-test/src/test/resources/org/apache/hadoop/gateway/GatewayLocalServiceFuncTest/users.ldif
index fdd0296..b982cb3 100644
--- a/gateway-test/src/test/resources/org/apache/hadoop/gateway/GatewayLocalServiceFuncTest/users.ldif
+++ b/gateway-test/src/test/resources/org/apache/hadoop/gateway/GatewayLocalServiceFuncTest/users.ldif
@@ -16,6 +16,12 @@
 
 version: 1
 
+dn: dc=hadoop,dc=apache,dc=org
+objectclass: organization
+objectclass: dcObject
+o: Hadoop
+dc: hadoop
+
 # entry for a sample people container
 # please replace with site specific values
 dn: ou=people,dc=hadoop,dc=apache,dc=org

http://git-wip-us.apache.org/repos/asf/incubator-knox/blob/0af32a36/gateway-test/src/test/resources/org/apache/hadoop/gateway/GatewaySampleFuncTest/users.ldif
----------------------------------------------------------------------
diff --git a/gateway-test/src/test/resources/org/apache/hadoop/gateway/GatewaySampleFuncTest/users.ldif
b/gateway-test/src/test/resources/org/apache/hadoop/gateway/GatewaySampleFuncTest/users.ldif
index fdd0296..b982cb3 100644
--- a/gateway-test/src/test/resources/org/apache/hadoop/gateway/GatewaySampleFuncTest/users.ldif
+++ b/gateway-test/src/test/resources/org/apache/hadoop/gateway/GatewaySampleFuncTest/users.ldif
@@ -16,6 +16,12 @@
 
 version: 1
 
+dn: dc=hadoop,dc=apache,dc=org
+objectclass: organization
+objectclass: dcObject
+o: Hadoop
+dc: hadoop
+
 # entry for a sample people container
 # please replace with site specific values
 dn: ou=people,dc=hadoop,dc=apache,dc=org

http://git-wip-us.apache.org/repos/asf/incubator-knox/blob/0af32a36/pom.xml
----------------------------------------------------------------------
diff --git a/pom.xml b/pom.xml
index 3a52134..d069e05 100644
--- a/pom.xml
+++ b/pom.xml
@@ -715,6 +715,25 @@
                 <version>2.0.0-alpha-4</version>
             </dependency>
 
+            <!--
+            <dependency>
+                <groupId>org.apache.directory.server</groupId>
+                <artifactId>apacheds-jdbm</artifactId>
+                <version>2.0.0-M5</version>
+            </dependency>
+            -->
+            <dependency>
+                <groupId>org.apache.directory.server</groupId>
+                <artifactId>apacheds-all</artifactId>
+                <version>2.0.0-M15</version>
+                <exclusions>
+                    <exclusion>
+                        <groupId>ldapsdk</groupId>
+                        <artifactId>ldapsdk</artifactId>
+                    </exclusion>
+                </exclusions>
+            </dependency>
+            <!--
             <dependency>
                 <groupId>org.apache.directory.server</groupId>
                 <artifactId>apacheds-server-integ</artifactId>
@@ -736,7 +755,7 @@
                 <artifactId>shared-ldap</artifactId>
                 <version>0.9.17</version>
             </dependency>
-
+            -->
             <dependency>
                 <groupId>org.slf4j</groupId>
                 <artifactId>slf4j-api</artifactId>


Mime
View raw message