knox-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From dillido...@apache.org
Subject [3/3] git commit: KNOX-371: group membership lookup need to use userdn computed by search
Date Thu, 15 May 2014 00:30:07 GMT
KNOX-371: group membership lookup need to use userdn computed by search


Project: http://git-wip-us.apache.org/repos/asf/knox/repo
Commit: http://git-wip-us.apache.org/repos/asf/knox/commit/a0efb4b4
Tree: http://git-wip-us.apache.org/repos/asf/knox/tree/a0efb4b4
Diff: http://git-wip-us.apache.org/repos/asf/knox/diff/a0efb4b4

Branch: refs/heads/master
Commit: a0efb4b4c15cb0a223e33cae1c21027b02f408dc
Parents: 5de7465
Author: Dilli Dorai Arumugam <darumugam@hortonworks.com>
Authored: Wed May 14 17:29:24 2014 -0700
Committer: Dilli Dorai Arumugam <darumugam@hortonworks.com>
Committed: Wed May 14 17:29:24 2014 -0700

----------------------------------------------------------------------
 .../org/apache/hadoop/gateway/shirorealm/KnoxLdapRealm.java  | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/knox/blob/a0efb4b4/gateway-provider-security-shiro/src/main/java/org/apache/hadoop/gateway/shirorealm/KnoxLdapRealm.java
----------------------------------------------------------------------
diff --git a/gateway-provider-security-shiro/src/main/java/org/apache/hadoop/gateway/shirorealm/KnoxLdapRealm.java
b/gateway-provider-security-shiro/src/main/java/org/apache/hadoop/gateway/shirorealm/KnoxLdapRealm.java
index 22a54e9..d918cc6 100644
--- a/gateway-provider-security-shiro/src/main/java/org/apache/hadoop/gateway/shirorealm/KnoxLdapRealm.java
+++ b/gateway-provider-security-shiro/src/main/java/org/apache/hadoop/gateway/shirorealm/KnoxLdapRealm.java
@@ -217,7 +217,13 @@ public class KnoxLdapRealm extends JndiLdapRealm {
       final Set<String> roleNames, final Set<String> groupNames,
       final LdapContextFactory ldapContextFactory) throws NamingException {
    
-    String userDn = memberAttributeValuePrefix + userName + memberAttributeValueSuffix;
+    String userDn = null;
+    if (userSearchAttributeName == null || userSearchAttributeName.isEmpty()) {
+      // memberAttributeValuePrefix and memberAttributeValueSuffix were computed from memberAttributeValueTemplate
+      userDn = memberAttributeValuePrefix + userName + memberAttributeValueSuffix;
+    } else {
+      userDn = getUserDn(userName);
+    }
     Attribute attribute = group.getAttributes().get(getGroupIdAttribute()); 
     String groupName = attribute.get().toString();
     


Mime
View raw message