knox-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From dillido...@apache.org
Subject [2/3] git commit: KNOX-369: add support for new config param groupSearchBase
Date Thu, 15 May 2014 00:30:06 GMT
KNOX-369: add support for new config param groupSearchBase


Project: http://git-wip-us.apache.org/repos/asf/knox/repo
Commit: http://git-wip-us.apache.org/repos/asf/knox/commit/5de7465b
Tree: http://git-wip-us.apache.org/repos/asf/knox/tree/5de7465b
Diff: http://git-wip-us.apache.org/repos/asf/knox/diff/5de7465b

Branch: refs/heads/master
Commit: 5de7465b2505b4c49f0c37d93aabc368eb6abc18
Parents: 2759abe
Author: Dilli Dorai Arumugam <darumugam@hortonworks.com>
Authored: Wed May 14 17:14:25 2014 -0700
Committer: Dilli Dorai Arumugam <darumugam@hortonworks.com>
Committed: Wed May 14 17:14:25 2014 -0700

----------------------------------------------------------------------
 .../gateway/shirorealm/KnoxLdapRealm.java       | 25 ++++++++++++++++----
 .../gateway/shirorealm/KnoxLdapRealmTest.java   |  7 ++++++
 2 files changed, 27 insertions(+), 5 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/knox/blob/5de7465b/gateway-provider-security-shiro/src/main/java/org/apache/hadoop/gateway/shirorealm/KnoxLdapRealm.java
----------------------------------------------------------------------
diff --git a/gateway-provider-security-shiro/src/main/java/org/apache/hadoop/gateway/shirorealm/KnoxLdapRealm.java
b/gateway-provider-security-shiro/src/main/java/org/apache/hadoop/gateway/shirorealm/KnoxLdapRealm.java
index 1d6009d..22a54e9 100644
--- a/gateway-provider-security-shiro/src/main/java/org/apache/hadoop/gateway/shirorealm/KnoxLdapRealm.java
+++ b/gateway-provider-security-shiro/src/main/java/org/apache/hadoop/gateway/shirorealm/KnoxLdapRealm.java
@@ -117,10 +117,11 @@ public class KnoxLdapRealm extends JndiLdapRealm {
         ONELEVEL_SCOPE.setSearchScope(SearchControls.ONELEVEL_SCOPE);
     }
 
-    private String userSearchBase;
  
     private String searchBase;
-    // typical alue: groupOfNames, groupOfUniqueNames, groupOfUrls
+    private String userSearchBase;
+    private String groupSearchBase;
+
     private String groupObjectClass = "groupOfNames";
     
     //  typical value: member, uniqueMember, meberUrl
@@ -189,10 +190,16 @@ public class KnoxLdapRealm extends JndiLdapRealm {
         final LdapContextFactory ldapContextFactory) throws NamingException {
         final Set<String> roleNames = new HashSet();
         final Set<String> groupNames = new HashSet();
-        
+       
+        String base =  (groupSearchBase != null && !groupSearchBase.isEmpty()) ?

+            groupSearchBase : searchBase;
+
         // ldapsearch -h localhost -p 33389 -D uid=guest,ou=people,dc=hadoop,dc=apache,dc=org
-w  guest-password 
         //       -b dc=hadoop,dc=apache,dc=org -s sub '(objectclass=*)'
-        final NamingEnumeration<SearchResult> searchResultEnum = ldapCtx.search(searchBase,
"objectClass="+groupObjectClass, SUBTREE_SCOPE);
+        final NamingEnumeration<SearchResult> searchResultEnum = ldapCtx.search(
+            base, 
+            "objectClass=" + groupObjectClass, 
+            SUBTREE_SCOPE);
         
         while (searchResultEnum.hasMore()) { // searchResults contains all the groups in
search scope
             final SearchResult group = searchResultEnum.next();
@@ -286,7 +293,15 @@ public class KnoxLdapRealm extends JndiLdapRealm {
     public void setUserSearchBase(String userSearchBase) {
       this.userSearchBase = userSearchBase;
     }
- 
+
+    public String getGroupSearchBase() {
+        return groupSearchBase;
+    }
+
+    public void setGroupSearchBase(String groupSearchBase) {
+      this.groupSearchBase = groupSearchBase;
+    }
+
     public String getGroupObjectClass() {
       return groupObjectClass;
     }

http://git-wip-us.apache.org/repos/asf/knox/blob/5de7465b/gateway-provider-security-shiro/src/test/java/org/apache/hadoop/gateway/shirorealm/KnoxLdapRealmTest.java
----------------------------------------------------------------------
diff --git a/gateway-provider-security-shiro/src/test/java/org/apache/hadoop/gateway/shirorealm/KnoxLdapRealmTest.java
b/gateway-provider-security-shiro/src/test/java/org/apache/hadoop/gateway/shirorealm/KnoxLdapRealmTest.java
index 3306896..2e2eb9d 100644
--- a/gateway-provider-security-shiro/src/test/java/org/apache/hadoop/gateway/shirorealm/KnoxLdapRealmTest.java
+++ b/gateway-provider-security-shiro/src/test/java/org/apache/hadoop/gateway/shirorealm/KnoxLdapRealmTest.java
@@ -66,5 +66,12 @@ public class KnoxLdapRealmTest {
     assertEquals(realm.getUserSearchBase(), "dc=knox,dc=example,dc=com");
   }
   
+  @Test
+  public void setGetGroupSearchBase() {
+    KnoxLdapRealm realm = new KnoxLdapRealm();
+    realm.setGroupSearchBase("dc=knox,dc=example,dc=com");
+    assertEquals(realm.getGroupSearchBase(), "dc=knox,dc=example,dc=com");
+  }
+  
   
 }


Mime
View raw message