knox-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From dillido...@apache.org
Subject [1/3] git commit: KNOX-368: add support for new config param userSearchBase
Date Thu, 15 May 2014 00:30:05 GMT
Repository: knox
Updated Branches:
  refs/heads/master 25fc2375e -> a0efb4b4c


KNOX-368: add support for new config param userSearchBase


Project: http://git-wip-us.apache.org/repos/asf/knox/repo
Commit: http://git-wip-us.apache.org/repos/asf/knox/commit/2759abe4
Tree: http://git-wip-us.apache.org/repos/asf/knox/tree/2759abe4
Diff: http://git-wip-us.apache.org/repos/asf/knox/diff/2759abe4

Branch: refs/heads/master
Commit: 2759abe4766849f506d95268f0e16a604ea55c80
Parents: 25fc237
Author: Dilli Dorai Arumugam <darumugam@hortonworks.com>
Authored: Wed May 14 17:03:50 2014 -0700
Committer: Dilli Dorai Arumugam <darumugam@hortonworks.com>
Committed: Wed May 14 17:03:50 2014 -0700

----------------------------------------------------------------------
 .../hadoop/gateway/shirorealm/KnoxLdapRealm.java | 19 ++++++++++++++++---
 .../gateway/shirorealm/KnoxLdapRealmTest.java    |  7 +++++++
 2 files changed, 23 insertions(+), 3 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/knox/blob/2759abe4/gateway-provider-security-shiro/src/main/java/org/apache/hadoop/gateway/shirorealm/KnoxLdapRealm.java
----------------------------------------------------------------------
diff --git a/gateway-provider-security-shiro/src/main/java/org/apache/hadoop/gateway/shirorealm/KnoxLdapRealm.java
b/gateway-provider-security-shiro/src/main/java/org/apache/hadoop/gateway/shirorealm/KnoxLdapRealm.java
index 07cedf2..1d6009d 100644
--- a/gateway-provider-security-shiro/src/main/java/org/apache/hadoop/gateway/shirorealm/KnoxLdapRealm.java
+++ b/gateway-provider-security-shiro/src/main/java/org/apache/hadoop/gateway/shirorealm/KnoxLdapRealm.java
@@ -116,7 +116,9 @@ public class KnoxLdapRealm extends JndiLdapRealm {
         SUBTREE_SCOPE.setSearchScope(SearchControls.SUBTREE_SCOPE);
         ONELEVEL_SCOPE.setSearchScope(SearchControls.ONELEVEL_SCOPE);
     }
-    
+
+    private String userSearchBase;
+ 
     private String searchBase;
     // typical alue: groupOfNames, groupOfUniqueNames, groupOfUrls
     private String groupObjectClass = "groupOfNames";
@@ -276,7 +278,15 @@ public class KnoxLdapRealm extends JndiLdapRealm {
     public void setSearchBase(String searchBase) {
       this.searchBase = searchBase;
     }
-    
+
+    public String getUserSearchBase() {
+        return userSearchBase;
+    }
+
+    public void setUserSearchBase(String userSearchBase) {
+      this.userSearchBase = userSearchBase;
+    }
+ 
     public String getGroupObjectClass() {
       return groupObjectClass;
     }
@@ -446,6 +456,9 @@ public class KnoxLdapRealm extends JndiLdapRealm {
         return super.getUserDn(principal);
       }
 
+      String base = (userSearchBase != null && !userSearchBase.isEmpty()) ? 
+          userSearchBase : searchBase;
+
       // search for userDn and return
       String userDn = null;
       LdapContext systemLdapCtx = null;
@@ -454,7 +467,7 @@ public class KnoxLdapRealm extends JndiLdapRealm {
           String searchFilter = String.format("(&(objectclass=%1$s)(%2$s=%3$s))", 
               userObjectClass, userSearchAttributeName, principal);
           final NamingEnumeration<SearchResult> searchResultEnum = systemLdapCtx.search(
-              searchBase, 
+              base, 
               searchFilter,
               SUBTREE_SCOPE);
           if (searchResultEnum.hasMore()) { // searchResults contains all the groups in search
scope

http://git-wip-us.apache.org/repos/asf/knox/blob/2759abe4/gateway-provider-security-shiro/src/test/java/org/apache/hadoop/gateway/shirorealm/KnoxLdapRealmTest.java
----------------------------------------------------------------------
diff --git a/gateway-provider-security-shiro/src/test/java/org/apache/hadoop/gateway/shirorealm/KnoxLdapRealmTest.java
b/gateway-provider-security-shiro/src/test/java/org/apache/hadoop/gateway/shirorealm/KnoxLdapRealmTest.java
index 81f863c..3306896 100644
--- a/gateway-provider-security-shiro/src/test/java/org/apache/hadoop/gateway/shirorealm/KnoxLdapRealmTest.java
+++ b/gateway-provider-security-shiro/src/test/java/org/apache/hadoop/gateway/shirorealm/KnoxLdapRealmTest.java
@@ -59,5 +59,12 @@ public class KnoxLdapRealmTest {
     assertEquals(realm.getUserObjectClass(), "inetuser");
   }
   
+  @Test
+  public void setGetUserSearchBase() {
+    KnoxLdapRealm realm = new KnoxLdapRealm();
+    realm.setUserSearchBase("dc=knox,dc=example,dc=com");
+    assertEquals(realm.getUserSearchBase(), "dc=knox,dc=example,dc=com");
+  }
+  
   
 }


Mime
View raw message