etan39
/
cloudstack
mirror of https://github.com/apache/cloudstack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add SSL Support 

Signed-off-by: Abhinandan Prateek <aprateek@apache.org>
This commit is contained in:
Ian Duffy 2013-08-02 09:28:19 +01:00 committed by Abhinandan Prateek
parent 23f0187d05
commit 00c17add3c
23 changed files with 1092 additions and 950 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

98
plugins/user-authenticators/ldap/src/org/apache/cloudstack/api/command/LdapAddConfigurationCmd.java
View File

@ -2,8 +2,6 @@ package org.apache.cloudstack.api.command;
import javax.inject.Inject;
import org.apache.log4j.Logger;
import org.apache.cloudstack.api.APICommand;
import org.apache.cloudstack.api.ApiErrorCode;
import org.apache.cloudstack.api.BaseCmd;
@ -11,70 +9,74 @@ import org.apache.cloudstack.api.Parameter;
import org.apache.cloudstack.api.ServerApiException;
import org.apache.cloudstack.api.response.LdapConfigurationResponse;
import org.apache.cloudstack.ldap.LdapManager;
import org.apache.log4j.Logger;
import com.cloud.exception.InvalidParameterValueException;
import com.cloud.user.Account;
@APICommand(name = "addLdapConfiguration", description = "Add a new Ldap Configuration", responseObject = LdapConfigurationResponse.class, since = "4.2.0")
public class LdapAddConfigurationCmd extends BaseCmd {
public static final Logger s_logger = Logger.getLogger(LdapAddConfigurationCmd.class.getName());
private static final String s_name = "ldapconfigurationresponse";
public static final Logger s_logger = Logger
.getLogger(LdapAddConfigurationCmd.class.getName());
private static final String s_name = "ldapconfigurationresponse";
@Inject
private LdapManager _ldapManager;
@Inject
private LdapManager _ldapManager;
@Parameter(name = "hostname", type = CommandType.STRING, required = true, description = "Hostname")
private String hostname;
@Parameter(name = "hostname", type = CommandType.STRING, required = true, description = "Hostname")
private String hostname;
@Parameter(name = "port", type = CommandType.INTEGER, required = true, description = "Port")
private int port;
@Parameter(name = "port", type = CommandType.INTEGER, required = true, description = "Port")
private int port;
public LdapAddConfigurationCmd() {
super();
}
public LdapAddConfigurationCmd() {
super();
}
public LdapAddConfigurationCmd(final LdapManager ldapManager) {
super();
_ldapManager = ldapManager;
}
public LdapAddConfigurationCmd(final LdapManager ldapManager) {
super();
_ldapManager = ldapManager;
}
@Override
public void execute() throws ServerApiException {
try {
final LdapConfigurationResponse response = _ldapManager.addConfiguration(hostname, port);
response.setObjectName("LdapAddConfiguration");
response.setResponseName(getCommandName());
setResponseObject(response);
} catch (final InvalidParameterValueException e) {
throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, e.toString());
}
@Override
public void execute() throws ServerApiException {
try {
final LdapConfigurationResponse response = _ldapManager
.addConfiguration(hostname, port);
response.setObjectName("LdapAddConfiguration");
response.setResponseName(getCommandName());
setResponseObject(response);
} catch (final InvalidParameterValueException e) {
throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR,
e.toString());
}
}
}
@Override
public String getCommandName() {
return s_name;
}
@Override
public String getCommandName() {
return s_name;
}
@Override
public long getEntityOwnerId() {
return Account.ACCOUNT_ID_SYSTEM;
}
@Override
public long getEntityOwnerId() {
return Account.ACCOUNT_ID_SYSTEM;
}
public String getHostname() {
return hostname;
}
public String getHostname() {
return hostname;
}
public int getPort() {
return port;
}
public int getPort() {
return port;
}
public void setHostname(final String hostname) {
this.hostname = hostname;
}
public void setHostname(final String hostname) {
this.hostname = hostname;
}
public void setPort(final int port) {
this.port = port;
}
public void setPort(final int port) {
this.port = port;
}
}

187
plugins/user-authenticators/ldap/src/org/apache/cloudstack/api/command/LdapCreateAccount.java
View File

@ -23,9 +23,6 @@ import java.util.Map;
import javax.inject.Inject;
import javax.naming.NamingException;
import org.apache.log4j.Logger;
import org.bouncycastle.util.encoders.Base64;
import org.apache.cloudstack.api.APICommand;
import org.apache.cloudstack.api.ApiConstants;
import org.apache.cloudstack.api.ApiErrorCode;
@ -37,6 +34,8 @@ import org.apache.cloudstack.api.response.DomainResponse;
import org.apache.cloudstack.context.CallContext;
import org.apache.cloudstack.ldap.LdapManager;
import org.apache.cloudstack.ldap.LdapUser;
import org.apache.log4j.Logger;
import org.bouncycastle.util.encoders.Base64;
import com.cloud.user.Account;
import com.cloud.user.AccountService;
@ -44,105 +43,121 @@ import com.cloud.user.UserAccount;
@APICommand(name = "ldapCreateAccount", description = "Creates an account from an LDAP user", responseObject = AccountResponse.class, since = "4.2.0")
public class LdapCreateAccount extends BaseCmd {
public static final Logger s_logger = Logger.getLogger(LdapCreateAccount.class.getName());
private static final String s_name = "createaccountresponse";
public static final Logger s_logger = Logger
.getLogger(LdapCreateAccount.class.getName());
private static final String s_name = "createaccountresponse";
@Inject
private LdapManager _ldapManager;
@Inject
private LdapManager _ldapManager;
@Parameter(name = ApiConstants.ACCOUNT, type = CommandType.STRING, description = "Creates the user under the specified account. If no account is specified, the username will be used as the account name.")
private String accountName;
@Parameter(name = ApiConstants.ACCOUNT, type = CommandType.STRING, description = "Creates the user under the specified account. If no account is specified, the username will be used as the account name.")
private String accountName;
@Parameter(name = ApiConstants.ACCOUNT_TYPE, type = CommandType.SHORT, required = true, description = "Type of the account. Specify 0 for user, 1 for root admin, and 2 for domain admin")
private Short accountType;
@Parameter(name = ApiConstants.ACCOUNT_TYPE, type = CommandType.SHORT, required = true, description = "Type of the account. Specify 0 for user, 1 for root admin, and 2 for domain admin")
private Short accountType;
@Parameter(name = ApiConstants.DOMAIN_ID, type = CommandType.UUID, entityType = DomainResponse.class,
description = "Creates the user under the specified domain.")
private Long domainId;
@Parameter(name = ApiConstants.DOMAIN_ID, type = CommandType.UUID, entityType = DomainResponse.class, description = "Creates the user under the specified domain.")
private Long domainId;
@Parameter(name = ApiConstants.TIMEZONE, type = CommandType.STRING, description = "Specifies a timezone for this command. For more information on the timezone parameter, see Time Zone Format.")
private String timezone;
@Parameter(name = ApiConstants.TIMEZONE, type = CommandType.STRING, description = "Specifies a timezone for this command. For more information on the timezone parameter, see Time Zone Format.")
private String timezone;
@Parameter(name = ApiConstants.USERNAME, type = CommandType.STRING, required = true, description = "Unique username.")
private String username;
@Parameter(name = ApiConstants.USERNAME, type = CommandType.STRING, required = true, description = "Unique username.")
private String username;
@Parameter(name = ApiConstants.NETWORK_DOMAIN, type = CommandType.STRING, description = "Network domain for the account's networks")
private String networkDomain;
@Parameter(name = ApiConstants.NETWORK_DOMAIN, type = CommandType.STRING, description = "Network domain for the account's networks")
private String networkDomain;
@Parameter(name = ApiConstants.ACCOUNT_DETAILS, type = CommandType.MAP, description = "details for account used to store specific parameters")
private Map<String, String> details;
@Parameter(name = ApiConstants.ACCOUNT_DETAILS, type = CommandType.MAP, description = "details for account used to store specific parameters")
private Map<String, String> details;
@Parameter(name = ApiConstants.ACCOUNT_ID, type = CommandType.STRING, description = "Account UUID, required for adding account from external provisioning system")
private String accountUUID;
@Parameter(name = ApiConstants.ACCOUNT_ID, type = CommandType.STRING, description = "Account UUID, required for adding account from external provisioning system")
private String accountUUID;
@Parameter(name = ApiConstants.USER_ID, type = CommandType.STRING, description = "User UUID, required for adding account from external provisioning system")
private String userUUID;
@Parameter(name = ApiConstants.USER_ID, type = CommandType.STRING, description = "User UUID, required for adding account from external provisioning system")
private String userUUID;
public LdapCreateAccount() {
super();
}
public LdapCreateAccount() {
super();
}
public LdapCreateAccount(final LdapManager ldapManager, final AccountService accountService) {
super();
_ldapManager = ldapManager;
_accountService = accountService;
}
public LdapCreateAccount(final LdapManager ldapManager,
final AccountService accountService) {
super();
_ldapManager = ldapManager;
_accountService = accountService;
}
@Override
public void execute() throws ServerApiException {
updateCallContext();
try {
LdapUser user = _ldapManager.getUser(username);
validateUser(user);
UserAccount userAccount = _accountService.createUserAccount(username, generatePassword(), user.getFirstname(), user.getLastname(), user.getEmail(), timezone,
accountName, accountType, domainId, networkDomain, details, accountUUID, userUUID);
if (userAccount != null) {
AccountResponse response = _responseGenerator.createUserAccountResponse(userAccount);
response.setResponseName(getCommandName());
setResponseObject(response);
} else {
throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, "Failed to create a user account");
}
} catch (NamingException e) {
throw new ServerApiException(ApiErrorCode.RESOURCE_UNAVAILABLE_ERROR, "No LDAP user exists with the username of " + username);
}
}
@Override
public void execute() throws ServerApiException {
updateCallContext();
try {
LdapUser user = _ldapManager.getUser(username);
validateUser(user);
UserAccount userAccount = _accountService.createUserAccount(
username, generatePassword(), user.getFirstname(),
user.getLastname(), user.getEmail(), timezone, accountName,
accountType, domainId, networkDomain, details, accountUUID,
userUUID);
if (userAccount != null) {
AccountResponse response = _responseGenerator
.createUserAccountResponse(userAccount);
response.setResponseName(getCommandName());
setResponseObject(response);
} else {
throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR,
"Failed to create a user account");
}
} catch (NamingException e) {
throw new ServerApiException(
ApiErrorCode.RESOURCE_UNAVAILABLE_ERROR,
"No LDAP user exists with the username of " + username);
}
}
private void updateCallContext() {
CallContext.current().setEventDetails("Account Name: " + accountName + ", Domain Id:" + domainId);
}
private String generatePassword() throws ServerApiException {
try {
SecureRandom randomGen = SecureRandom.getInstance("SHA1PRNG");
byte bytes[] = new byte[20];
randomGen.nextBytes(bytes);
return Base64.encode(bytes).toString();
} catch (NoSuchAlgorithmException e) {
throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR,
"Failed to generate random password");
}
}
private String generatePassword() throws ServerApiException {
try {
SecureRandom randomGen = SecureRandom.getInstance("SHA1PRNG");
byte bytes[] = new byte[20];
randomGen.nextBytes(bytes);
return Base64.encode(bytes).toString();
} catch (NoSuchAlgorithmException e) {
throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, "Failed to generate random password");
}
}
@Override
public String getCommandName() {
return s_name;
}
@Override
public String getCommandName() {
return s_name;
}
@Override
public long getEntityOwnerId() {
return Account.ACCOUNT_ID_SYSTEM;
}
@Override
public long getEntityOwnerId() {
return Account.ACCOUNT_ID_SYSTEM;
}
private void updateCallContext() {
CallContext.current().setEventDetails(
"Account Name: " + accountName + ", Domain Id:" + domainId);
}
private boolean validateUser(LdapUser user) throws ServerApiException {
if (user.getEmail() == null) {
throw new ServerApiException(ApiErrorCode.RESOURCE_UNAVAILABLE_ERROR, username + " has no email address set within LDAP");
}
if (user.getFirstname() == null) {
throw new ServerApiException(ApiErrorCode.RESOURCE_UNAVAILABLE_ERROR, username + " has no firstname set within LDAP");
}
if (user.getLastname() == null) {
throw new ServerApiException(ApiErrorCode.RESOURCE_UNAVAILABLE_ERROR, username + " has no lastname set within LDAP");
}
return true;
}
private boolean validateUser(LdapUser user) throws ServerApiException {
if (user.getEmail() == null) {
throw new ServerApiException(
ApiErrorCode.RESOURCE_UNAVAILABLE_ERROR, username
+ " has no email address set within LDAP");
}
if (user.getFirstname() == null) {
throw new ServerApiException(
ApiErrorCode.RESOURCE_UNAVAILABLE_ERROR, username
+ " has no firstname set within LDAP");
}
if (user.getLastname() == null) {
throw new ServerApiException(
ApiErrorCode.RESOURCE_UNAVAILABLE_ERROR, username
+ " has no lastname set within LDAP");
}
return true;
}
}

70
plugins/user-authenticators/ldap/src/org/apache/cloudstack/api/command/LdapDeleteConfigurationCmd.java
View File

@ -18,8 +18,6 @@ package org.apache.cloudstack.api.command;
import javax.inject.Inject;
import org.apache.log4j.Logger;
import org.apache.cloudstack.api.APICommand;
import org.apache.cloudstack.api.ApiErrorCode;
import org.apache.cloudstack.api.BaseCmd;
@ -27,50 +25,54 @@ import org.apache.cloudstack.api.Parameter;
import org.apache.cloudstack.api.ServerApiException;
import org.apache.cloudstack.api.response.LdapConfigurationResponse;
import org.apache.cloudstack.ldap.LdapManager;
import org.apache.log4j.Logger;
import com.cloud.exception.InvalidParameterValueException;
import com.cloud.user.Account;
@APICommand(name = "deleteLdapConfiguration", description = "Remove an Ldap Configuration", responseObject = LdapConfigurationResponse.class, since = "4.2.0")
public class LdapDeleteConfigurationCmd extends BaseCmd {
public static final Logger s_logger = Logger.getLogger(LdapDeleteConfigurationCmd.class.getName());
private static final String s_name = "ldapconfigurationresponse";
public static final Logger s_logger = Logger
.getLogger(LdapDeleteConfigurationCmd.class.getName());
private static final String s_name = "ldapconfigurationresponse";
@Inject
private LdapManager _ldapManager;
@Inject
private LdapManager _ldapManager;
@Parameter(name = "hostname", type = CommandType.STRING, required = true, description = "Hostname")
private String hostname;
@Parameter(name = "hostname", type = CommandType.STRING, required = true, description = "Hostname")
private String hostname;
public LdapDeleteConfigurationCmd() {
super();
}
public LdapDeleteConfigurationCmd() {
super();
}
public LdapDeleteConfigurationCmd(final LdapManager ldapManager) {
super();
_ldapManager = ldapManager;
}
public LdapDeleteConfigurationCmd(final LdapManager ldapManager) {
super();
_ldapManager = ldapManager;
}
@Override
public void execute() throws ServerApiException {
try {
final LdapConfigurationResponse response = _ldapManager.deleteConfiguration(hostname);
response.setObjectName("LdapDeleteConfiguration");
response.setResponseName(getCommandName());
setResponseObject(response);
} catch (final InvalidParameterValueException e) {
throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, e.toString());
}
@Override
public void execute() throws ServerApiException {
try {
final LdapConfigurationResponse response = _ldapManager
.deleteConfiguration(hostname);
response.setObjectName("LdapDeleteConfiguration");
response.setResponseName(getCommandName());
setResponseObject(response);
} catch (final InvalidParameterValueException e) {
throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR,
e.toString());
}
}
}
@Override
public String getCommandName() {
return s_name;
}
@Override
public String getCommandName() {
return s_name;
}
@Override
public long getEntityOwnerId() {
return Account.ACCOUNT_ID_SYSTEM;
}
@Override
public long getEntityOwnerId() {
return Account.ACCOUNT_ID_SYSTEM;
}
}

91
plugins/user-authenticators/ldap/src/org/apache/cloudstack/api/command/LdapListAllUsersCmd.java
View File

@ -21,8 +21,6 @@ import java.util.List;
import javax.inject.Inject;
import org.apache.log4j.Logger;
import org.apache.cloudstack.api.APICommand;
import org.apache.cloudstack.api.BaseListCmd;
import org.apache.cloudstack.api.ServerApiException;
@ -31,59 +29,62 @@ import org.apache.cloudstack.api.response.ListResponse;
import org.apache.cloudstack.ldap.LdapManager;
import org.apache.cloudstack.ldap.LdapUser;
import org.apache.cloudstack.ldap.NoLdapUserMatchingQueryException;
import org.apache.log4j.Logger;
import com.cloud.user.Account;
@APICommand(name = "listAllLdapUsers", responseObject = LdapUserResponse.class, description = "Lists all LDAP Users", since = "4.2.0")
public class LdapListAllUsersCmd extends BaseListCmd {
public static final Logger s_logger = Logger.getLogger(LdapListAllUsersCmd.class.getName());
private static final String s_name = "ldapuserresponse";
@Inject
private LdapManager _ldapManager;
public static final Logger s_logger = Logger
.getLogger(LdapListAllUsersCmd.class.getName());
private static final String s_name = "ldapuserresponse";
@Inject
private LdapManager _ldapManager;
public LdapListAllUsersCmd() {
super();
}
public LdapListAllUsersCmd() {
super();
}
public LdapListAllUsersCmd(final LdapManager ldapManager) {
super();
_ldapManager = ldapManager;
}
public LdapListAllUsersCmd(final LdapManager ldapManager) {
super();
_ldapManager = ldapManager;
}
private List<LdapUserResponse> createLdapUserResponse(List<LdapUser> users) {
final List<LdapUserResponse> ldapResponses = new ArrayList<LdapUserResponse>();
for (final LdapUser user : users) {
final LdapUserResponse ldapResponse = _ldapManager.createLdapUserResponse(user);
ldapResponse.setObjectName("LdapUser");
ldapResponses.add(ldapResponse);
}
return ldapResponses;
}
private List<LdapUserResponse> createLdapUserResponse(List<LdapUser> users) {
final List<LdapUserResponse> ldapResponses = new ArrayList<LdapUserResponse>();
for (final LdapUser user : users) {
final LdapUserResponse ldapResponse = _ldapManager
.createLdapUserResponse(user);
ldapResponse.setObjectName("LdapUser");
ldapResponses.add(ldapResponse);
}
return ldapResponses;
}
@Override
public void execute() throws ServerApiException {
List<LdapUserResponse> ldapResponses = null;
final ListResponse<LdapUserResponse> response = new ListResponse<LdapUserResponse>();
try {
final List<LdapUser> users = _ldapManager.getUsers();
ldapResponses = createLdapUserResponse(users);
} catch (final NoLdapUserMatchingQueryException ex) {
ldapResponses = new ArrayList<LdapUserResponse>();
} finally {
response.setResponses(ldapResponses);
response.setResponseName(getCommandName());
setResponseObject(response);
}
}
@Override
public void execute() throws ServerApiException {
List<LdapUserResponse> ldapResponses = null;
final ListResponse<LdapUserResponse> response = new ListResponse<LdapUserResponse>();
try {
final List<LdapUser> users = _ldapManager.getUsers();
ldapResponses = createLdapUserResponse(users);
} catch (final NoLdapUserMatchingQueryException ex) {
ldapResponses = new ArrayList<LdapUserResponse>();
} finally {
response.setResponses(ldapResponses);
response.setResponseName(getCommandName());
setResponseObject(response);
}
}
@Override
public String getCommandName() {
return s_name;
}
@Override
public String getCommandName() {
return s_name;
}
@Override
public long getEntityOwnerId() {
return Account.ACCOUNT_ID_SYSTEM;
}
@Override
public long getEntityOwnerId() {
return Account.ACCOUNT_ID_SYSTEM;
}
}

114
plugins/user-authenticators/ldap/src/org/apache/cloudstack/api/command/LdapListConfigurationCmd.java
View File

@ -21,8 +21,6 @@ import java.util.List;
import javax.inject.Inject;
import org.apache.log4j.Logger;
import org.apache.cloudstack.api.APICommand;
import org.apache.cloudstack.api.BaseListCmd;
import org.apache.cloudstack.api.Parameter;
@ -30,77 +28,83 @@ import org.apache.cloudstack.api.response.LdapConfigurationResponse;
import org.apache.cloudstack.api.response.ListResponse;
import org.apache.cloudstack.ldap.LdapConfigurationVO;
import org.apache.cloudstack.ldap.LdapManager;
import org.apache.log4j.Logger;
import com.cloud.user.Account;
import com.cloud.utils.Pair;
@APICommand(name = "listLdapConfigurations", responseObject = LdapConfigurationResponse.class, description = "Lists all LDAP configurations", since = "4.2.0")
public class LdapListConfigurationCmd extends BaseListCmd {
public static final Logger s_logger = Logger.getLogger(LdapListConfigurationCmd.class.getName());
public static final Logger s_logger = Logger
.getLogger(LdapListConfigurationCmd.class.getName());
private static final String s_name = "ldapconfigurationresponse";
private static final String s_name = "ldapconfigurationresponse";
@Inject
private LdapManager _ldapManager;
@Inject
private LdapManager _ldapManager;
@Parameter(name = "hostname", type = CommandType.STRING, required = false, description = "Hostname")
private String hostname;
@Parameter(name = "hostname", type = CommandType.STRING, required = false, description = "Hostname")
private String hostname;
@Parameter(name = "port", type = CommandType.INTEGER, required = false, description = "Port")
private int port;
@Parameter(name = "port", type = CommandType.INTEGER, required = false, description = "Port")
private int port;
public LdapListConfigurationCmd() {
super();
}
public LdapListConfigurationCmd() {
super();
}
public LdapListConfigurationCmd(final LdapManager ldapManager) {
super();
_ldapManager = ldapManager;
}
public LdapListConfigurationCmd(final LdapManager ldapManager) {
super();
_ldapManager = ldapManager;
}
private List<LdapConfigurationResponse> createLdapConfigurationResponses(List<? extends LdapConfigurationVO> configurations) {
final List<LdapConfigurationResponse> responses = new ArrayList<LdapConfigurationResponse>();
for (final LdapConfigurationVO resource : configurations) {
final LdapConfigurationResponse configurationResponse = _ldapManager.createLdapConfigurationResponse(resource);
configurationResponse.setObjectName("LdapConfiguration");
responses.add(configurationResponse);
}
return responses;
}
private List<LdapConfigurationResponse> createLdapConfigurationResponses(
List<? extends LdapConfigurationVO> configurations) {
final List<LdapConfigurationResponse> responses = new ArrayList<LdapConfigurationResponse>();
for (final LdapConfigurationVO resource : configurations) {
final LdapConfigurationResponse configurationResponse = _ldapManager
.createLdapConfigurationResponse(resource);
configurationResponse.setObjectName("LdapConfiguration");
responses.add(configurationResponse);
}
return responses;
}
@Override
public void execute() {
final Pair<List<? extends LdapConfigurationVO>, Integer> result = _ldapManager.listConfigurations(this);
final List<LdapConfigurationResponse> responses = createLdapConfigurationResponses(result.first());
final ListResponse<LdapConfigurationResponse> response = new ListResponse<LdapConfigurationResponse>();
response.setResponses(responses, result.second());
response.setResponseName(getCommandName());
setResponseObject(response);
}
@Override
public void execute() {
final Pair<List<? extends LdapConfigurationVO>, Integer> result = _ldapManager
.listConfigurations(this);
final List<LdapConfigurationResponse> responses = createLdapConfigurationResponses(result
.first());
final ListResponse<LdapConfigurationResponse> response = new ListResponse<LdapConfigurationResponse>();
response.setResponses(responses, result.second());
response.setResponseName(getCommandName());
setResponseObject(response);
}
@Override
public String getCommandName() {
return s_name;
}
@Override
public String getCommandName() {
return s_name;
}
@Override
public long getEntityOwnerId() {
return Account.ACCOUNT_ID_SYSTEM;
}
@Override
public long getEntityOwnerId() {
return Account.ACCOUNT_ID_SYSTEM;
}
public String getHostname() {
return hostname;
}
public String getHostname() {
return hostname;
}
public int getPort() {
return port;
}
public int getPort() {
return port;
}
public void setHostname(final String hostname) {
this.hostname = hostname;
}
public void setHostname(final String hostname) {
this.hostname = hostname;
}
public void setPort(final int port) {
this.port = port;
}
public void setPort(final int port) {
this.port = port;
}
}

97
plugins/user-authenticators/ldap/src/org/apache/cloudstack/api/command/LdapUserSearchCmd.java
View File

@ -21,8 +21,6 @@ import java.util.List;
import javax.inject.Inject;
import org.apache.log4j.Logger;
import org.apache.cloudstack.api.APICommand;
import org.apache.cloudstack.api.BaseListCmd;
import org.apache.cloudstack.api.Parameter;
@ -31,66 +29,69 @@ import org.apache.cloudstack.api.response.ListResponse;
import org.apache.cloudstack.ldap.LdapManager;
import org.apache.cloudstack.ldap.LdapUser;
import org.apache.cloudstack.ldap.NoLdapUserMatchingQueryException;
import org.apache.log4j.Logger;
import com.cloud.user.Account;
@APICommand(name = "searchLdap", responseObject = LdapUserResponse.class, description = "Searches LDAP based on the username attribute", since = "4.2.0")
public class LdapUserSearchCmd extends BaseListCmd {
public static final Logger s_logger = Logger.getLogger(LdapUserSearchCmd.class.getName());
private static final String s_name = "ldapuserresponse";
@Inject
private LdapManager _ldapManager;
public static final Logger s_logger = Logger
.getLogger(LdapUserSearchCmd.class.getName());
private static final String s_name = "ldapuserresponse";
@Inject
private LdapManager _ldapManager;
@Parameter(name = "query", type = CommandType.STRING, entityType = LdapUserResponse.class, required = true, description = "query to search using")
private String query;
@Parameter(name = "query", type = CommandType.STRING, entityType = LdapUserResponse.class, required = true, description = "query to search using")
private String query;
public LdapUserSearchCmd() {
super();
}
public LdapUserSearchCmd() {
super();
}
public LdapUserSearchCmd(final LdapManager ldapManager) {
super();
_ldapManager = ldapManager;
}
public LdapUserSearchCmd(final LdapManager ldapManager) {
super();
_ldapManager = ldapManager;
}
private List<LdapUserResponse> createLdapUserResponse(List<LdapUser> users) {
final List<LdapUserResponse> ldapUserResponses = new ArrayList<LdapUserResponse>();
if (users != null) {
for (final LdapUser user : users) {
final LdapUserResponse ldapUserResponse = _ldapManager.createLdapUserResponse(user);
ldapUserResponse.setObjectName("LdapUser");
ldapUserResponses.add(ldapUserResponse);
}
}
return ldapUserResponses;
}
private List<LdapUserResponse> createLdapUserResponse(List<LdapUser> users) {
final List<LdapUserResponse> ldapUserResponses = new ArrayList<LdapUserResponse>();
if (users != null) {
for (final LdapUser user : users) {
final LdapUserResponse ldapUserResponse = _ldapManager
.createLdapUserResponse(user);
ldapUserResponse.setObjectName("LdapUser");
ldapUserResponses.add(ldapUserResponse);
}
}
return ldapUserResponses;
}
@Override
public void execute() {
final ListResponse<LdapUserResponse> response = new ListResponse<LdapUserResponse>();
List<LdapUser> users = null;
@Override
public void execute() {
final ListResponse<LdapUserResponse> response = new ListResponse<LdapUserResponse>();
List<LdapUser> users = null;
try {
users = _ldapManager.searchUsers(query);
} catch (final NoLdapUserMatchingQueryException e) {
s_logger.debug(e.getMessage());
}
try {
users = _ldapManager.searchUsers(query);
} catch (final NoLdapUserMatchingQueryException e) {
s_logger.debug(e.getMessage());
}
final List<LdapUserResponse> ldapUserResponses = createLdapUserResponse(users);
final List<LdapUserResponse> ldapUserResponses = createLdapUserResponse(users);
response.setResponses(ldapUserResponses);
response.setResponseName(getCommandName());
setResponseObject(response);
}
response.setResponses(ldapUserResponses);
response.setResponseName(getCommandName());
setResponseObject(response);
}
@Override
public String getCommandName() {
return s_name;
}
@Override
public String getCommandName() {
return s_name;
}
@Override
public long getEntityOwnerId() {
return Account.ACCOUNT_ID_SYSTEM;
}
@Override
public long getEntityOwnerId() {
return Account.ACCOUNT_ID_SYSTEM;
}
}

61
plugins/user-authenticators/ldap/src/org/apache/cloudstack/api/response/LdapConfigurationResponse.java
View File

@ -16,48 +16,47 @@
// under the License.
package org.apache.cloudstack.api.response;
import com.google.gson.annotations.SerializedName;
import org.apache.cloudstack.api.BaseResponse;
import com.cloud.serializer.Param;
import com.google.gson.annotations.SerializedName;
public class LdapConfigurationResponse extends BaseResponse {
@SerializedName("hostname")
@Param(description = "hostname")
private String hostname;
@SerializedName("hostname")
@Param(description = "hostname")
private String hostname;
@SerializedName("port")
@Param(description = "port")
private int port;
@SerializedName("port")
@Param(description = "port")
private int port;
public LdapConfigurationResponse() {
super();
}
public LdapConfigurationResponse() {
super();
}
public LdapConfigurationResponse(final String hostname) {
super();
this.hostname = hostname;
}
public LdapConfigurationResponse(final String hostname) {
super();
this.hostname = hostname;
}
public LdapConfigurationResponse(final String hostname, final int port) {
this.hostname = hostname;
this.port = port;
}
public LdapConfigurationResponse(final String hostname, final int port) {
this.hostname = hostname;
this.port = port;
}
public String getHostname() {
return hostname;
}
public String getHostname() {
return hostname;
}
public int getPort() {
return port;
}
public int getPort() {
return port;
}
public void setHostname(final String hostname) {
this.hostname = hostname;
}
public void setHostname(final String hostname) {
this.hostname = hostname;
}
public void setPort(final int port) {
this.port = port;
}
public void setPort(final int port) {
this.port = port;
}
}

117
plugins/user-authenticators/ldap/src/org/apache/cloudstack/api/response/LdapUserResponse.java
View File

@ -16,83 +16,84 @@
// under the License.
package org.apache.cloudstack.api.response;
import com.google.gson.annotations.SerializedName;
import org.apache.cloudstack.api.BaseResponse;
import com.cloud.serializer.Param;
import com.google.gson.annotations.SerializedName;
public class LdapUserResponse extends BaseResponse {
@SerializedName("email")
@Param(description = "The user's email")
private String email;
@SerializedName("email")
@Param(description = "The user's email")
private String email;
@SerializedName("principal")
@Param(description = "The user's principle")
private String principal;
@SerializedName("principal")
@Param(description = "The user's principle")
private String principal;
@SerializedName("firstname")
@Param(description = "The user's firstname")
private String firstname;
@SerializedName("firstname")
@Param(description = "The user's firstname")
private String firstname;
@SerializedName("lastname")
@Param(description = "The user's lastname")
private String lastname;
@SerializedName("lastname")
@Param(description = "The user's lastname")
private String lastname;
@SerializedName("username")
@Param(description = "The user's username")
private String username;
@SerializedName("username")
@Param(description = "The user's username")
private String username;
public LdapUserResponse() {
super();
}
public LdapUserResponse() {
super();
}
public LdapUserResponse(final String username, final String email, final String firstname, final String lastname, final String principal) {
super();
this.username = username;
this.email = email;
this.firstname = firstname;
this.lastname = lastname;
this.principal = principal;
}
public LdapUserResponse(final String username, final String email,
final String firstname, final String lastname,
final String principal) {
super();
this.username = username;
this.email = email;
this.firstname = firstname;
this.lastname = lastname;
this.principal = principal;
}
public String getEmail() {
return email;
}
public String getEmail() {
return email;
}
public String getFirstname() {
return firstname;
}
public String getFirstname() {
return firstname;
}
public String getLastname() {
return lastname;
}
public String getLastname() {
return lastname;
}
public String getPrincipal() {
return principal;
}
public String getPrincipal() {
return principal;
}
public String getUsername() {
return username;
}
public String getUsername() {
return username;
}
public void setEmail(final String email) {
this.email = email;
}
public void setEmail(final String email) {
this.email = email;
}
public void setFirstname(final String firstname) {
this.firstname = firstname;
}
public void setFirstname(final String firstname) {
this.firstname = firstname;
}
public void setLastname(final String lastname) {
this.lastname = lastname;
}
public void setLastname(final String lastname) {
this.lastname = lastname;
}
public void setPrincipal(final String principal) {
this.principal = principal;
}
public void setPrincipal(final String principal) {
this.principal = principal;
}
public void setUsername(final String username) {
this.username = username;
}
public void setUsername(final String username) {
this.username = username;
}
}

73
plugins/user-authenticators/ldap/src/org/apache/cloudstack/ldap/LdapAuthenticator.java
View File

@ -20,54 +20,59 @@ import java.util.Map;
import javax.inject.Inject;
import org.apache.log4j.Logger;
import org.apache.cloudstack.api.command.LdapListConfigurationCmd;
import org.apache.log4j.Logger;
import com.cloud.server.auth.DefaultUserAuthenticator;
import com.cloud.user.UserAccount;
import com.cloud.user.dao.UserAccountDao;
public class LdapAuthenticator extends DefaultUserAuthenticator {
private static final Logger s_logger = Logger.getLogger(LdapAuthenticator.class.getName());
private static final Logger s_logger = Logger
.getLogger(LdapAuthenticator.class.getName());
@Inject
private LdapManager _ldapManager;
@Inject
private UserAccountDao _userAccountDao;
@Inject
private LdapManager _ldapManager;
@Inject
private UserAccountDao _userAccountDao;
public LdapAuthenticator() {
super();
}
public LdapAuthenticator() {
super();
}
public LdapAuthenticator(final LdapManager ldapManager, final UserAccountDao userAccountDao) {
super();
_ldapManager = ldapManager;
_userAccountDao = userAccountDao;
}
public LdapAuthenticator(final LdapManager ldapManager,
final UserAccountDao userAccountDao) {
super();
_ldapManager = ldapManager;
_userAccountDao = userAccountDao;
}
@Override
public boolean authenticate(final String username, final String password, final Long domainId, final Map<String, Object[]> requestParameters) {
@Override
public boolean authenticate(final String username, final String password,
final Long domainId, final Map<String, Object[]> requestParameters) {
final UserAccount user = _userAccountDao.getUserAccount(username, domainId);
final UserAccount user = _userAccountDao.getUserAccount(username,
domainId);
if (user == null) {
s_logger.debug("Unable to find user with " + username + " in domain " + domainId);
return false;
} else if (isLdapConfigurationPresent()) {
return _ldapManager.canAuthenticate(username, password);
} else {
return false;
}
}
if (user == null) {
s_logger.debug("Unable to find user with " + username
+ " in domain " + domainId);
return false;
} else if (isLdapConfigurationPresent()) {
return _ldapManager.canAuthenticate(username, password);
} else {
return false;
}
}
@Override
public String encode(final String password) {
return password;
}
@Override
public String encode(final String password) {
return password;
}
private boolean isLdapConfigurationPresent() {
return _ldapManager.listConfigurations(new LdapListConfigurationCmd(_ldapManager)).second() > 0;
}
private boolean isLdapConfigurationPresent() {
return _ldapManager.listConfigurations(
new LdapListConfigurationCmd(_ldapManager)).second() > 0;
}
}

171
plugins/user-authenticators/ldap/src/org/apache/cloudstack/ldap/LdapConfiguration.java
View File

@ -27,94 +27,123 @@ import com.cloud.configuration.dao.ConfigurationDao;
import com.cloud.utils.Pair;
public class LdapConfiguration {
private final static String factory = "com.sun.jndi.ldap.LdapCtxFactory";
private final static String factory = "com.sun.jndi.ldap.LdapCtxFactory";
private final static int scope = SearchControls.SUBTREE_SCOPE;
private final static int scope = SearchControls.SUBTREE_SCOPE;
@Inject
private ConfigurationDao _configDao;
@Inject
private ConfigurationDao _configDao;
@Inject
private LdapManager _ldapManager;
@Inject
private LdapManager _ldapManager;
public LdapConfiguration() {
}
public LdapConfiguration() {
}
public LdapConfiguration(final ConfigurationDao configDao, final LdapManager ldapManager) {
_configDao = configDao;
_ldapManager = ldapManager;
}
public LdapConfiguration(final ConfigurationDao configDao,
final LdapManager ldapManager) {
_configDao = configDao;
_ldapManager = ldapManager;
}
public String getAuthentication() {
if ((getBindPrincipal() == null) && (getBindPassword() == null)) {
return "none";
} else {
return "simple";
}
}
public String getAuthentication() {
if ((getBindPrincipal() == null) && (getBindPassword() == null)) {
return "none";
} else {
return "simple";
}
}
public String getBaseDn() {
return _configDao.getValue("ldap.basedn");
}
public String getBaseDn() {
return _configDao.getValue("ldap.basedn");
}
public String getBindPassword() {
return _configDao.getValue("ldap.bind.password");
}
public String getBindPassword() {
return _configDao.getValue("ldap.bind.password");
}
public String getBindPrincipal() {
return _configDao.getValue("ldap.bind.principal");
}
public String getBindPrincipal() {
return _configDao.getValue("ldap.bind.principal");
}
public String getEmailAttribute() {
final String emailAttribute = _configDao.getValue("ldap.email.attribute");
return emailAttribute == null ? "mail" : emailAttribute;
}
public String getEmailAttribute() {
final String emailAttribute = _configDao
.getValue("ldap.email.attribute");
return emailAttribute == null ? "mail" : emailAttribute;
}
public String getFactory() {
return factory;
}
public String getFactory() {
return factory;
}
public String getFirstnameAttribute() {
final String firstnameAttribute = _configDao.getValue("ldap.firstname.attribute");
return firstnameAttribute == null ? "givenname" : firstnameAttribute;
}
public String getFirstnameAttribute() {
final String firstnameAttribute = _configDao
.getValue("ldap.firstname.attribute");
return firstnameAttribute == null ? "givenname" : firstnameAttribute;
}
public String getLastnameAttribute() {
final String lastnameAttribute = _configDao.getValue("ldap.lastname.attribute");
return lastnameAttribute == null ? "sn" : lastnameAttribute;
}
public String getLastnameAttribute() {
final String lastnameAttribute = _configDao
.getValue("ldap.lastname.attribute");
return lastnameAttribute == null ? "sn" : lastnameAttribute;
}
public String getProviderUrl() {
final Pair<List<? extends LdapConfigurationVO>, Integer> result = _ldapManager.listConfigurations(new LdapListConfigurationCmd(_ldapManager));
final StringBuilder providerUrls = new StringBuilder();
String delim = "";
for (final LdapConfigurationVO resource : result.first()) {
final String providerUrl = "ldap://" + resource.getHostname() + ":" + resource.getPort();
providerUrls.append(delim).append(providerUrl);
delim = " ";
}
return providerUrls.toString();
}
public String getProviderUrl() {
final String protocol = getSSLStatus() == true ? "ldaps://" : "ldap://";
final Pair<List<? extends LdapConfigurationVO>, Integer> result = _ldapManager
.listConfigurations(new LdapListConfigurationCmd(_ldapManager));
final StringBuilder providerUrls = new StringBuilder();
String delim = "";
for (final LdapConfigurationVO resource : result.first()) {
final String providerUrl = protocol + resource.getHostname() + ":"
+ resource.getPort();
providerUrls.append(delim).append(providerUrl);
delim = " ";
}
return providerUrls.toString();
}
public String[] getReturnAttributes() {
return new String[] {getUsernameAttribute(), getEmailAttribute(), getFirstnameAttribute(), getLastnameAttribute()};
}
public String[] getReturnAttributes() {
return new String[] { getUsernameAttribute(), getEmailAttribute(),
getFirstnameAttribute(), getLastnameAttribute() };
}
public int getScope() {
return scope;
}
public int getScope() {
return scope;
}
public String getUsernameAttribute() {
final String usernameAttribute = _configDao.getValue("ldap.username.attribute");
return usernameAttribute == null ? "uid" : usernameAttribute;
}
public String getSearchGroupPrinciple() {
return _configDao.getValue("ldap.search.group.principle");
}
public String getUserObject() {
final String userObject = _configDao.getValue("ldap.user.object");
return userObject == null ? "inetOrgPerson" : userObject;
}
public boolean getSSLStatus() {
boolean sslStatus = false;
String dbValueForSSLStatus = _configDao.getValue("ldap.ssl.enabled");
if (dbValueForSSLStatus != null) {
sslStatus = dbValueForSSLStatus == "false" ? false : true;
}
if (getTrustStore() == null || getTrustStorePassword() == null) {
sslStatus = false;
}
return sslStatus;
}
public String getSearchGroupPrinciple() {
return _configDao.getValue("ldap.search.group.principle");
}
public String getTrustStore() {
return _configDao.getValue("ldap.truststore");
}
public String getTrustStorePassword() {
return _configDao.getValue("ldap.truststore.password");
}
public String getUsernameAttribute() {
final String usernameAttribute = _configDao
.getValue("ldap.username.attribute");
return usernameAttribute == null ? "uid" : usernameAttribute;
}
public String getUserObject() {
final String userObject = _configDao.getValue("ldap.user.object");
return userObject == null ? "inetOrgPerson" : userObject;
}
}

54
plugins/user-authenticators/ldap/src/org/apache/cloudstack/ldap/LdapConfigurationVO.java
View File

@ -28,39 +28,39 @@ import org.apache.cloudstack.api.InternalIdentity;
@Entity
@Table(name = "ldap_configuration")
public class LdapConfigurationVO implements InternalIdentity {
@Column(name = "hostname")
private String hostname;
@Column(name = "hostname")
private String hostname;
@Id
@GeneratedValue(strategy = GenerationType.IDENTITY)
@Column(name = "id")
private Long id;
@Id
@GeneratedValue(strategy = GenerationType.IDENTITY)
@Column(name = "id")
private Long id;
@Column(name = "port")
private int port;
@Column(name = "port")
private int port;
public LdapConfigurationVO() {
}
public LdapConfigurationVO() {
}
public LdapConfigurationVO(final String hostname, final int port) {
this.hostname = hostname;
this.port = port;
}
public LdapConfigurationVO(final String hostname, final int port) {
this.hostname = hostname;
this.port = port;
}
public String getHostname() {
return hostname;
}
public String getHostname() {
return hostname;
}
@Override
public long getId() {
return id;
}
@Override
public long getId() {
return id;
}
public int getPort() {
return port;
}
public int getPort() {
return port;
}
public void setId(long id) {
this.id = id;
}
public void setId(long id) {
this.id = id;
}
}

136
plugins/user-authenticators/ldap/src/org/apache/cloudstack/ldap/LdapContextFactory.java
View File

@ -27,77 +27,99 @@ import javax.naming.directory.InitialDirContext;
import org.apache.log4j.Logger;
public class LdapContextFactory {
private static final Logger s_logger = Logger.getLogger(LdapContextFactory.class.getName());
private static final Logger s_logger = Logger
.getLogger(LdapContextFactory.class.getName());
@Inject
private LdapConfiguration _ldapConfiguration;
@Inject
private LdapConfiguration _ldapConfiguration;
public LdapContextFactory() {
}
public LdapContextFactory() {
}
public LdapContextFactory(final LdapConfiguration ldapConfiguration) {
_ldapConfiguration = ldapConfiguration;
}
public LdapContextFactory(final LdapConfiguration ldapConfiguration) {
_ldapConfiguration = ldapConfiguration;
}
public DirContext createBindContext() throws NamingException {
return createBindContext(null);
}
public DirContext createBindContext() throws NamingException {
return createBindContext(null);
}
public DirContext createBindContext(final String providerUrl) throws NamingException {
final String bindPrincipal = _ldapConfiguration.getBindPrincipal();
final String bindPassword = _ldapConfiguration.getBindPassword();
return createInitialDirContext(bindPrincipal, bindPassword, providerUrl, true);
}
public DirContext createBindContext(final String providerUrl)
throws NamingException {
final String bindPrincipal = _ldapConfiguration.getBindPrincipal();
final String bindPassword = _ldapConfiguration.getBindPassword();
return createInitialDirContext(bindPrincipal, bindPassword,
providerUrl, true);
}
private DirContext createInitialDirContext(final String principal, final String password, final boolean isSystemContext) throws NamingException {
return createInitialDirContext(principal, password, null, isSystemContext);
}
private DirContext createInitialDirContext(final String principal,
final String password, final boolean isSystemContext)
throws NamingException {
return createInitialDirContext(principal, password, null,
isSystemContext);
}
private DirContext createInitialDirContext(final String principal, final String password, final String providerUrl, final boolean isSystemContext) throws NamingException {
return new InitialDirContext(getEnvironment(principal, password, providerUrl, isSystemContext));
}
private DirContext createInitialDirContext(final String principal,
final String password, final String providerUrl,
final boolean isSystemContext) throws NamingException {
return new InitialDirContext(getEnvironment(principal, password,
providerUrl, isSystemContext));
}
public DirContext createUserContext(final String principal, final String password) throws NamingException {
return createInitialDirContext(principal, password, false);
}
public DirContext createUserContext(final String principal,
final String password) throws NamingException {
return createInitialDirContext(principal, password, false);
}
private Hashtable<String, String> getEnvironment(final String principal, final String password, final String providerUrl, final boolean isSystemContext) {
final String factory = _ldapConfiguration.getFactory();
final String url = providerUrl == null ? _ldapConfiguration.getProviderUrl() : providerUrl;
final String authentication = _ldapConfiguration.getAuthentication();
private Hashtable<String, String> getEnvironment(final String principal,
final String password, final String providerUrl,
final boolean isSystemContext) {
final String factory = _ldapConfiguration.getFactory();
final String url = providerUrl == null ? _ldapConfiguration
.getProviderUrl() : providerUrl;
final String authentication = _ldapConfiguration.getAuthentication();
final boolean sslStatus = _ldapConfiguration.getSSLStatus();
final Hashtable<String, String> environment = new Hashtable<String, String>();
final Hashtable<String, String> environment = new Hashtable<String, String>();
environment.put(Context.INITIAL_CONTEXT_FACTORY, factory);
environment.put(Context.PROVIDER_URL, url);
environment.put("com.sun.jndi.ldap.read.timeout", "500");
environment.put("com.sun.jndi.ldap.connect.pool", "true");
environment.put(Context.INITIAL_CONTEXT_FACTORY, factory);
environment.put(Context.PROVIDER_URL, url);
environment.put("com.sun.jndi.ldap.read.timeout", "500");
environment.put("com.sun.jndi.ldap.connect.pool", "true");
if ("none".equals(authentication) && !isSystemContext) {
environment.put(Context.SECURITY_AUTHENTICATION, "simple");
} else {
environment.put(Context.SECURITY_AUTHENTICATION, authentication);
}
if (sslStatus) {
environment.put(Context.SECURITY_PROTOCOL, "ssl");
System.setProperty("javax.net.ssl.trustStore",
_ldapConfiguration.getTrustStore());
System.setProperty("javax.net.ssl.trustStorePassword",
_ldapConfiguration.getTrustStorePassword());
}
if (principal != null) {
environment.put(Context.SECURITY_PRINCIPAL, principal);
}
if ("none".equals(authentication) && !isSystemContext) {
environment.put(Context.SECURITY_AUTHENTICATION, "simple");
} else {
environment.put(Context.SECURITY_AUTHENTICATION, authentication);
}
if (password != null) {
environment.put(Context.SECURITY_CREDENTIALS, password);
}
if (principal != null) {
environment.put(Context.SECURITY_PRINCIPAL, principal);
}
return environment;
}
if (password != null) {
environment.put(Context.SECURITY_CREDENTIALS, password);
}
public void testConnection(final String providerUrl) throws NamingException {
try {
createBindContext(providerUrl);
s_logger.info("LDAP Connection was successful");
} catch (final NamingException e) {
s_logger.warn("LDAP Connection failed");
s_logger.error(e.getMessage(), e);
throw e;
}
}
return environment;
}
public void testConnection(final String providerUrl) throws NamingException {
try {
createBindContext(providerUrl);
s_logger.info("LDAP Connection was successful");
} catch (final NamingException e) {
s_logger.warn("LDAP Connection failed");
s_logger.error(e.getMessage(), e);
throw e;
}
}
}

23
plugins/user-authenticators/ldap/src/org/apache/cloudstack/ldap/LdapManager.java
View File

@ -30,21 +30,26 @@ import com.cloud.utils.component.PluggableService;
public interface LdapManager extends PluggableService {
LdapConfigurationResponse addConfiguration(String hostname, int port) throws InvalidParameterValueException;
LdapConfigurationResponse addConfiguration(String hostname, int port)
throws InvalidParameterValueException;
boolean canAuthenticate(String username, String password);
boolean canAuthenticate(String username, String password);
LdapConfigurationResponse createLdapConfigurationResponse(LdapConfigurationVO configuration);
LdapConfigurationResponse createLdapConfigurationResponse(
LdapConfigurationVO configuration);
LdapUserResponse createLdapUserResponse(LdapUser user);
LdapUserResponse createLdapUserResponse(LdapUser user);
LdapConfigurationResponse deleteConfiguration(String hostname) throws InvalidParameterValueException;
LdapConfigurationResponse deleteConfiguration(String hostname)
throws InvalidParameterValueException;
LdapUser getUser(final String username) throws NamingException;
LdapUser getUser(final String username) throws NamingException;
List<LdapUser> getUsers() throws NoLdapUserMatchingQueryException;
List<LdapUser> getUsers() throws NoLdapUserMatchingQueryException;
Pair<List<? extends LdapConfigurationVO>, Integer> listConfigurations(LdapListConfigurationCmd cmd);
Pair<List<? extends LdapConfigurationVO>, Integer> listConfigurations(
LdapListConfigurationCmd cmd);
List<LdapUser> searchUsers(String query) throws NoLdapUserMatchingQueryException;
List<LdapUser> searchUsers(String query)
throws NoLdapUserMatchingQueryException;
}

317
plugins/user-authenticators/ldap/src/org/apache/cloudstack/ldap/LdapManagerImpl.java
View File

@ -24,9 +24,6 @@ import javax.inject.Inject;
import javax.naming.NamingException;
import javax.naming.directory.DirContext;
import org.apache.log4j.Logger;
import org.springframework.stereotype.Component;
import org.apache.cloudstack.api.LdapValidator;
import org.apache.cloudstack.api.command.LdapAddConfigurationCmd;
import org.apache.cloudstack.api.command.LdapCreateAccount;
@ -37,6 +34,8 @@ import org.apache.cloudstack.api.command.LdapUserSearchCmd;
import org.apache.cloudstack.api.response.LdapConfigurationResponse;
import org.apache.cloudstack.api.response.LdapUserResponse;
import org.apache.cloudstack.ldap.dao.LdapConfigurationDao;
import org.apache.log4j.Logger;
import org.springframework.stereotype.Component;
import com.cloud.exception.InvalidParameterValueException;
import com.cloud.utils.Pair;
@ -44,168 +43,190 @@ import com.cloud.utils.Pair;
@Component
@Local(value = LdapManager.class)
public class LdapManagerImpl implements LdapManager, LdapValidator {
private static final Logger s_logger = Logger.getLogger(LdapManagerImpl.class.getName());
private static final Logger s_logger = Logger
.getLogger(LdapManagerImpl.class.getName());
@Inject
private LdapConfigurationDao _ldapConfigurationDao;
@Inject
private LdapConfigurationDao _ldapConfigurationDao;
@Inject
private LdapContextFactory _ldapContextFactory;
@Inject
private LdapContextFactory _ldapContextFactory;
@Inject
private LdapUserManager _ldapUserManager;
@Inject
private LdapUserManager _ldapUserManager;
public LdapManagerImpl() {
super();
}
public LdapManagerImpl() {
super();
}
public LdapManagerImpl(final LdapConfigurationDao ldapConfigurationDao, final LdapContextFactory ldapContextFactory, final LdapUserManager ldapUserManager) {
super();
_ldapConfigurationDao = ldapConfigurationDao;
_ldapContextFactory = ldapContextFactory;
_ldapUserManager = ldapUserManager;
}
public LdapManagerImpl(final LdapConfigurationDao ldapConfigurationDao,
final LdapContextFactory ldapContextFactory,
final LdapUserManager ldapUserManager) {
super();
_ldapConfigurationDao = ldapConfigurationDao;
_ldapContextFactory = ldapContextFactory;
_ldapUserManager = ldapUserManager;
}
@Override
public LdapConfigurationResponse addConfiguration(final String hostname, final int port) throws InvalidParameterValueException {
LdapConfigurationVO configuration = _ldapConfigurationDao.findByHostname(hostname);
if (configuration == null) {
try {
final String providerUrl = "ldap://" + hostname + ":" + port;
_ldapContextFactory.createBindContext(providerUrl);
configuration = new LdapConfigurationVO(hostname, port);
_ldapConfigurationDao.persist(configuration);
s_logger.info("Added new ldap server with hostname: " + hostname);
return new LdapConfigurationResponse(hostname, port);
} catch (final NamingException e) {
throw new InvalidParameterValueException("Unable to bind to the given LDAP server");
}
} else {
throw new InvalidParameterValueException("Duplicate configuration");
}
}
@Override
public LdapConfigurationResponse addConfiguration(final String hostname,
final int port) throws InvalidParameterValueException {
LdapConfigurationVO configuration = _ldapConfigurationDao
.findByHostname(hostname);
if (configuration == null) {
try {
final String providerUrl = "ldap://" + hostname + ":" + port;
_ldapContextFactory.createBindContext(providerUrl);
configuration = new LdapConfigurationVO(hostname, port);
_ldapConfigurationDao.persist(configuration);
s_logger.info("Added new ldap server with hostname: "
+ hostname);
return new LdapConfigurationResponse(hostname, port);
} catch (final NamingException e) {
throw new InvalidParameterValueException(
"Unable to bind to the given LDAP server");
}
} else {
throw new InvalidParameterValueException("Duplicate configuration");
}
}
@Override
public boolean canAuthenticate(final String username, final String password) {
final String escapedUsername = LdapUtils.escapeLDAPSearchFilter(username);
try {
final LdapUser user = getUser(escapedUsername);
final String principal = user.getPrincipal();
final DirContext context = _ldapContextFactory.createUserContext(principal, password);
closeContext(context);
return true;
} catch (final NamingException e) {
s_logger.info("Failed to authenticate user: " + username + ". incorrect password.");
return false;
}
}
@Override
public boolean canAuthenticate(final String username, final String password) {
final String escapedUsername = LdapUtils
.escapeLDAPSearchFilter(username);
try {
final LdapUser user = getUser(escapedUsername);
final String principal = user.getPrincipal();
final DirContext context = _ldapContextFactory.createUserContext(
principal, password);
closeContext(context);
return true;
} catch (final NamingException e) {
s_logger.info("Failed to authenticate user: " + username
+ ". incorrect password.");
return false;
}
}
private void closeContext(final DirContext context) {
try {
if (context != null) {
context.close();
}
} catch (final NamingException e) {
s_logger.warn(e.getMessage());
}
}
private void closeContext(final DirContext context) {
try {
if (context != null) {
context.close();
}
} catch (final NamingException e) {
s_logger.warn(e.getMessage());
}
}
@Override
public LdapConfigurationResponse createLdapConfigurationResponse(final LdapConfigurationVO configuration) {
final LdapConfigurationResponse response = new LdapConfigurationResponse();
response.setHostname(configuration.getHostname());
response.setPort(configuration.getPort());
return response;
}
@Override
public LdapConfigurationResponse createLdapConfigurationResponse(
final LdapConfigurationVO configuration) {
final LdapConfigurationResponse response = new LdapConfigurationResponse();
response.setHostname(configuration.getHostname());
response.setPort(configuration.getPort());
return response;
}
@Override
public LdapUserResponse createLdapUserResponse(final LdapUser user) {
final LdapUserResponse response = new LdapUserResponse();
response.setUsername(user.getUsername());
response.setFirstname(user.getFirstname());
response.setLastname(user.getLastname());
response.setEmail(user.getEmail());
response.setPrincipal(user.getPrincipal());
return response;
}
@Override
public LdapUserResponse createLdapUserResponse(final LdapUser user) {
final LdapUserResponse response = new LdapUserResponse();
response.setUsername(user.getUsername());
response.setFirstname(user.getFirstname());
response.setLastname(user.getLastname());
response.setEmail(user.getEmail());
response.setPrincipal(user.getPrincipal());
return response;
}
@Override
public LdapConfigurationResponse deleteConfiguration(final String hostname) throws InvalidParameterValueException {
final LdapConfigurationVO configuration = _ldapConfigurationDao.findByHostname(hostname);
if (configuration == null) {
throw new InvalidParameterValueException("Cannot find configuration with hostname " + hostname);
} else {
_ldapConfigurationDao.remove(configuration.getId());
s_logger.info("Removed ldap server with hostname: " + hostname);
return new LdapConfigurationResponse(configuration.getHostname(), configuration.getPort());
}
}
@Override
public LdapConfigurationResponse deleteConfiguration(final String hostname)
throws InvalidParameterValueException {
final LdapConfigurationVO configuration = _ldapConfigurationDao
.findByHostname(hostname);
if (configuration == null) {
throw new InvalidParameterValueException(
"Cannot find configuration with hostname " + hostname);
} else {
_ldapConfigurationDao.remove(configuration.getId());
s_logger.info("Removed ldap server with hostname: " + hostname);
return new LdapConfigurationResponse(configuration.getHostname(),
configuration.getPort());
}
}
@Override
public List<Class<?>> getCommands() {
final List<Class<?>> cmdList = new ArrayList<Class<?>>();
cmdList.add(LdapUserSearchCmd.class);
cmdList.add(LdapListAllUsersCmd.class);
cmdList.add(LdapAddConfigurationCmd.class);
cmdList.add(LdapDeleteConfigurationCmd.class);
cmdList.add(LdapListConfigurationCmd.class);
cmdList.add(LdapCreateAccount.class);
return cmdList;
}
@Override
public List<Class<?>> getCommands() {
final List<Class<?>> cmdList = new ArrayList<Class<?>>();
cmdList.add(LdapUserSearchCmd.class);
cmdList.add(LdapListAllUsersCmd.class);
cmdList.add(LdapAddConfigurationCmd.class);
cmdList.add(LdapDeleteConfigurationCmd.class);
cmdList.add(LdapListConfigurationCmd.class);
cmdList.add(LdapCreateAccount.class);
return cmdList;
}
@Override
public LdapUser getUser(final String username) throws NamingException {
DirContext context = null;
try {
context = _ldapContextFactory.createBindContext();
@Override
public LdapUser getUser(final String username) throws NamingException {
DirContext context = null;
try {
context = _ldapContextFactory.createBindContext();
final String escapedUsername = LdapUtils.escapeLDAPSearchFilter(username);
return _ldapUserManager.getUser(escapedUsername, context);
final String escapedUsername = LdapUtils
.escapeLDAPSearchFilter(username);
return _ldapUserManager.getUser(escapedUsername, context);
} catch (final NamingException e) {
throw e;
} finally {
closeContext(context);
}
}
} catch (final NamingException e) {
throw e;
} finally {
closeContext(context);
}
}
@Override
public List<LdapUser> getUsers() throws NoLdapUserMatchingQueryException {
DirContext context = null;
try {
context = _ldapContextFactory.createBindContext();
return _ldapUserManager.getUsers(context);
} catch (final NamingException e) {
throw new NoLdapUserMatchingQueryException("*");
} finally {
closeContext(context);
}
}
@Override
public List<LdapUser> getUsers() throws NoLdapUserMatchingQueryException {
DirContext context = null;
try {
context = _ldapContextFactory.createBindContext();
return _ldapUserManager.getUsers(context);
} catch (final NamingException e) {
throw new NoLdapUserMatchingQueryException("*");
} finally {
closeContext(context);
}
}
@Override
public Pair<List<? extends LdapConfigurationVO>, Integer> listConfigurations(final LdapListConfigurationCmd cmd) {
final String hostname = cmd.getHostname();
final int port = cmd.getPort();
final Pair<List<LdapConfigurationVO>, Integer> result = _ldapConfigurationDao.searchConfigurations(hostname, port);
return new Pair<List<? extends LdapConfigurationVO>, Integer>(result.first(), result.second());
}
@Override
public boolean isLdapEnabled() {
return listConfigurations(new LdapListConfigurationCmd(this)).second() > 0;
}
@Override
public List<LdapUser> searchUsers(final String username) throws NoLdapUserMatchingQueryException {
DirContext context = null;
try {
context = _ldapContextFactory.createBindContext();
final String escapedUsername = LdapUtils.escapeLDAPSearchFilter(username);
return _ldapUserManager.getUsers("*" + escapedUsername + "*", context);
} catch (final NamingException e) {
throw new NoLdapUserMatchingQueryException(username);
} finally {
closeContext(context);
}
}
@Override
public Pair<List<? extends LdapConfigurationVO>, Integer> listConfigurations(
final LdapListConfigurationCmd cmd) {
final String hostname = cmd.getHostname();
final int port = cmd.getPort();
final Pair<List<LdapConfigurationVO>, Integer> result = _ldapConfigurationDao
.searchConfigurations(hostname, port);
return new Pair<List<? extends LdapConfigurationVO>, Integer>(
result.first(), result.second());
}
@Override
public boolean isLdapEnabled() {
return listConfigurations(new LdapListConfigurationCmd(this)).second() > 0;
}
@Override
public List<LdapUser> searchUsers(final String username)
throws NoLdapUserMatchingQueryException {
DirContext context = null;
try {
context = _ldapContextFactory.createBindContext();
final String escapedUsername = LdapUtils
.escapeLDAPSearchFilter(username);
return _ldapUserManager.getUsers("*" + escapedUsername + "*",
context);
} catch (final NamingException e) {
throw new NoLdapUserMatchingQueryException(username);
} finally {
closeContext(context);
}
}
}

94
plugins/user-authenticators/ldap/src/org/apache/cloudstack/ldap/LdapUser.java
View File

@ -17,59 +17,61 @@
package org.apache.cloudstack.ldap;
public class LdapUser implements Comparable<LdapUser> {
private final String email;
private final String principal;
private final String firstname;
private final String lastname;
private final String username;
private final String email;
private final String principal;
private final String firstname;
private final String lastname;
private final String username;
public LdapUser(final String username, final String email, final String firstname, final String lastname, final String principal) {
this.username = username;
this.email = email;
this.firstname = firstname;
this.lastname = lastname;
this.principal = principal;
}
public LdapUser(final String username, final String email,
final String firstname, final String lastname,
final String principal) {
this.username = username;
this.email = email;
this.firstname = firstname;
this.lastname = lastname;
this.principal = principal;
}
@Override
public int compareTo(final LdapUser other) {
return getUsername().compareTo(other.getUsername());
}
@Override
public int compareTo(final LdapUser other) {
return getUsername().compareTo(other.getUsername());
}
@Override
public boolean equals(final Object other) {
if (this == other) {
return true;
}
if (other instanceof LdapUser) {
final LdapUser otherLdapUser = (LdapUser)other;
return getUsername().equals(otherLdapUser.getUsername());
}
return false;
}
@Override
public boolean equals(final Object other) {
if (this == other) {
return true;
}
if (other instanceof LdapUser) {
final LdapUser otherLdapUser = (LdapUser) other;
return getUsername().equals(otherLdapUser.getUsername());
}
return false;
}
public String getEmail() {
return email;
}
public String getEmail() {
return email;
}
public String getFirstname() {
return firstname;
}
public String getFirstname() {
return firstname;
}
public String getLastname() {
return lastname;
}
public String getLastname() {
return lastname;
}
public String getPrincipal() {
return principal;
}
public String getPrincipal() {
return principal;
}
public String getUsername() {
return username;
}
public String getUsername() {
return username;
}
@Override
public int hashCode() {
return getUsername().hashCode();
}
@Override
public int hashCode() {
return getUsername().hashCode();
}
}

152
plugins/user-authenticators/ldap/src/org/apache/cloudstack/ldap/LdapUserManager.java
View File

@ -30,76 +30,94 @@ import javax.naming.directory.SearchResult;
public class LdapUserManager {
@Inject
private LdapConfiguration _ldapConfiguration;
@Inject
private LdapConfiguration _ldapConfiguration;
public LdapUserManager() {
}
public LdapUserManager(final LdapConfiguration ldapConfiguration) {
_ldapConfiguration = ldapConfiguration;
}
private LdapUser createUser(final SearchResult result) throws NamingException {
final Attributes attributes = result.getAttributes();
final String username = LdapUtils.getAttributeValue(attributes, _ldapConfiguration.getUsernameAttribute());
final String email = LdapUtils.getAttributeValue(attributes, _ldapConfiguration.getEmailAttribute());
final String firstname = LdapUtils.getAttributeValue(attributes, _ldapConfiguration.getFirstnameAttribute());
final String lastname = LdapUtils.getAttributeValue(attributes, _ldapConfiguration.getLastnameAttribute());
final String principal = result.getName() + "," + _ldapConfiguration.getBaseDn();
return new LdapUser(username, email, firstname, lastname, principal);
}
public LdapUser getUser(final String username, final DirContext context) throws NamingException {
final NamingEnumeration<SearchResult> result = searchUsers(username, context);
if (result.hasMoreElements()) {
return createUser(result.nextElement());
} else {
throw new NamingException("No user found for username " + username);
}
}
public List<LdapUser> getUsers(final DirContext context) throws NamingException {
return getUsers(null, context);
}
public List<LdapUser> getUsers(final String username, final DirContext context) throws NamingException {
final NamingEnumeration<SearchResult> results = searchUsers(username, context);
final List<LdapUser> users = new ArrayList<LdapUser>();
while (results.hasMoreElements()) {
final SearchResult result = results.nextElement();
users.add(createUser(result));
}
Collections.sort(users);
return users;
}
public NamingEnumeration<SearchResult> searchUsers(final DirContext context) throws NamingException {
return searchUsers(null, context);
}
public NamingEnumeration<SearchResult> searchUsers(final String username, final DirContext context) throws NamingException {
final SearchControls controls = new SearchControls();
controls.setSearchScope(_ldapConfiguration.getScope());
controls.setReturningAttributes(_ldapConfiguration.getReturnAttributes());
final String userObjectFilter = "(objectClass=" + _ldapConfiguration.getUserObject() + ")";
final String usernameFilter = "(" + _ldapConfiguration.getUsernameAttribute() + "=" + (username == null ? "*" : username) + ")";
String memberOfFilter = "";
if(_ldapConfiguration.getSearchGroupPrinciple() != null) {
memberOfFilter = "(memberof=" + _ldapConfiguration.getSearchGroupPrinciple() + ")";
public LdapUserManager() {
}
public LdapUserManager(final LdapConfiguration ldapConfiguration) {
_ldapConfiguration = ldapConfiguration;
}
final String filter = "(&" + userObjectFilter + usernameFilter + memberOfFilter + ")";
private LdapUser createUser(final SearchResult result)
throws NamingException {
final Attributes attributes = result.getAttributes();
return context.search(_ldapConfiguration.getBaseDn(), filter, controls);
}
final String username = LdapUtils.getAttributeValue(attributes,
_ldapConfiguration.getUsernameAttribute());
final String email = LdapUtils.getAttributeValue(attributes,
_ldapConfiguration.getEmailAttribute());
final String firstname = LdapUtils.getAttributeValue(attributes,
_ldapConfiguration.getFirstnameAttribute());
final String lastname = LdapUtils.getAttributeValue(attributes,
_ldapConfiguration.getLastnameAttribute());
final String principal = result.getName() + ","
+ _ldapConfiguration.getBaseDn();
return new LdapUser(username, email, firstname, lastname, principal);
}
public LdapUser getUser(final String username, final DirContext context)
throws NamingException {
final NamingEnumeration<SearchResult> result = searchUsers(username,
context);
if (result.hasMoreElements()) {
return createUser(result.nextElement());
} else {
throw new NamingException("No user found for username " + username);
}
}
public List<LdapUser> getUsers(final DirContext context)
throws NamingException {
return getUsers(null, context);
}
public List<LdapUser> getUsers(final String username,
final DirContext context) throws NamingException {
final NamingEnumeration<SearchResult> results = searchUsers(username,
context);
final List<LdapUser> users = new ArrayList<LdapUser>();
while (results.hasMoreElements()) {
final SearchResult result = results.nextElement();
users.add(createUser(result));
}
Collections.sort(users);
return users;
}
public NamingEnumeration<SearchResult> searchUsers(final DirContext context)
throws NamingException {
return searchUsers(null, context);
}
public NamingEnumeration<SearchResult> searchUsers(final String username,
final DirContext context) throws NamingException {
final SearchControls controls = new SearchControls();
controls.setSearchScope(_ldapConfiguration.getScope());
controls.setReturningAttributes(_ldapConfiguration
.getReturnAttributes());
final String userObjectFilter = "(objectClass="
+ _ldapConfiguration.getUserObject() + ")";
final String usernameFilter = "("
+ _ldapConfiguration.getUsernameAttribute() + "="
+ (username == null ? "*" : username) + ")";
String memberOfFilter = "";
if (_ldapConfiguration.getSearchGroupPrinciple() != null) {
memberOfFilter = "(memberof="
+ _ldapConfiguration.getSearchGroupPrinciple() + ")";
}
final String filter = "(&" + userObjectFilter + usernameFilter
+ memberOfFilter + ")";
return context.search(_ldapConfiguration.getBaseDn(), filter, controls);
}
}

71
plugins/user-authenticators/ldap/src/org/apache/cloudstack/ldap/LdapUtils.java
View File

@ -21,41 +21,42 @@ import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
public final class LdapUtils {
public static String escapeLDAPSearchFilter(final String filter) {
final StringBuilder sb = new StringBuilder();
for (char character : filter.toCharArray()) {
switch (character) {
case '\\':
sb.append("\\5c");
break;
case '*':
sb.append("\\2a");
break;
case '(':
sb.append("\\28");
break;
case ')':
sb.append("\\29");
break;
case '\u0000':
sb.append("\\00");
break;
default:
sb.append(character);
}
}
return sb.toString();
}
public static String escapeLDAPSearchFilter(final String filter) {
final StringBuilder sb = new StringBuilder();
for (char character : filter.toCharArray()) {
switch (character) {
case '\\':
sb.append("\\5c");
break;
case '*':
sb.append("\\2a");
break;
case '(':
sb.append("\\28");
break;
case ')':
sb.append("\\29");
break;
case '\u0000':
sb.append("\\00");
break;
default:
sb.append(character);
}
}
return sb.toString();
}
public static String getAttributeValue(final Attributes attributes, final String attributeName) throws NamingException {
final Attribute attribute = attributes.get(attributeName);
if (attribute != null) {
final Object value = attribute.get();
return String.valueOf(value);
}
return null;
}
public static String getAttributeValue(final Attributes attributes,
final String attributeName) throws NamingException {
final Attribute attribute = attributes.get(attributeName);
if (attribute != null) {
final Object value = attribute.get();
return String.valueOf(value);
}
return null;
}
private LdapUtils() {
}
private LdapUtils() {
}
}

18
plugins/user-authenticators/ldap/src/org/apache/cloudstack/ldap/NoLdapUserMatchingQueryException.java
View File

@ -17,16 +17,16 @@
package org.apache.cloudstack.ldap;
public class NoLdapUserMatchingQueryException extends Exception {
private static final long serialVersionUID = 7124360347208388174L;
private static final long serialVersionUID = 7124360347208388174L;
private final String query;
private final String query;
public NoLdapUserMatchingQueryException(final String query) {
super("No users matching: " + query);
this.query = query;
}
public NoLdapUserMatchingQueryException(final String query) {
super("No users matching: " + query);
this.query = query;
}
public String getQuery() {
return query;
}
public String getQuery() {
return query;
}
}

18
plugins/user-authenticators/ldap/src/org/apache/cloudstack/ldap/NoSuchLdapUserException.java
View File

@ -17,15 +17,15 @@
package org.apache.cloudstack.ldap;
public class NoSuchLdapUserException extends Exception {
private static final long serialVersionUID = 6782938919658010900L;
private final String username;
private static final long serialVersionUID = 6782938919658010900L;
private final String username;
public NoSuchLdapUserException(final String username) {
super("No such user: " + username);
this.username = username;
}
public NoSuchLdapUserException(final String username) {
super("No such user: " + username);
this.username = username;
}
public String getUsername() {
return username;
}
public String getUsername() {
return username;
}
}

8
plugins/user-authenticators/ldap/src/org/apache/cloudstack/ldap/dao/LdapConfigurationDao.java
View File

@ -23,8 +23,10 @@ import org.apache.cloudstack.ldap.LdapConfigurationVO;
import com.cloud.utils.Pair;
import com.cloud.utils.db.GenericDao;
public interface LdapConfigurationDao extends GenericDao<LdapConfigurationVO, Long> {
LdapConfigurationVO findByHostname(String hostname);
public interface LdapConfigurationDao extends
GenericDao<LdapConfigurationVO, Long> {
LdapConfigurationVO findByHostname(String hostname);
Pair<List<LdapConfigurationVO>, Integer> searchConfigurations(String hostname, int port);
Pair<List<LdapConfigurationVO>, Integer> searchConfigurations(
String hostname, int port);
}

66
plugins/user-authenticators/ldap/src/org/apache/cloudstack/ldap/dao/LdapConfigurationDaoImpl.java
View File

@ -20,9 +20,8 @@ import java.util.List;
import javax.ejb.Local;
import org.springframework.stereotype.Component;
import org.apache.cloudstack.ldap.LdapConfigurationVO;
import org.springframework.stereotype.Component;
import com.cloud.utils.Pair;
import com.cloud.utils.db.GenericDaoBase;
@ -31,36 +30,43 @@ import com.cloud.utils.db.SearchCriteria;
import com.cloud.utils.db.SearchCriteria.Op;
@Component
@Local(value = {LdapConfigurationDao.class})
public class LdapConfigurationDaoImpl extends GenericDaoBase<LdapConfigurationVO, Long> implements LdapConfigurationDao {
private final SearchBuilder<LdapConfigurationVO> hostnameSearch;
private final SearchBuilder<LdapConfigurationVO> listAllConfigurationsSearch;
@Local(value = { LdapConfigurationDao.class })
public class LdapConfigurationDaoImpl extends
GenericDaoBase<LdapConfigurationVO, Long> implements
LdapConfigurationDao {
private final SearchBuilder<LdapConfigurationVO> hostnameSearch;
private final SearchBuilder<LdapConfigurationVO> listAllConfigurationsSearch;
public LdapConfigurationDaoImpl() {
super();
hostnameSearch = createSearchBuilder();
hostnameSearch.and("hostname", hostnameSearch.entity().getHostname(), SearchCriteria.Op.EQ);
hostnameSearch.done();
public LdapConfigurationDaoImpl() {
super();
hostnameSearch = createSearchBuilder();
hostnameSearch.and("hostname", hostnameSearch.entity().getHostname(),
SearchCriteria.Op.EQ);
hostnameSearch.done();
listAllConfigurationsSearch = createSearchBuilder();
listAllConfigurationsSearch.and("hostname", listAllConfigurationsSearch.entity().getHostname(), Op.EQ);
listAllConfigurationsSearch.and("port", listAllConfigurationsSearch.entity().getPort(), Op.EQ);
listAllConfigurationsSearch.done();
}
listAllConfigurationsSearch = createSearchBuilder();
listAllConfigurationsSearch.and("hostname", listAllConfigurationsSearch
.entity().getHostname(), Op.EQ);
listAllConfigurationsSearch.and("port", listAllConfigurationsSearch
.entity().getPort(), Op.EQ);
listAllConfigurationsSearch.done();
}
@Override
public LdapConfigurationVO findByHostname(final String hostname) {
final SearchCriteria<LdapConfigurationVO> sc = hostnameSearch.create();
sc.setParameters("hostname", hostname);
return findOneBy(sc);
}
@Override
public LdapConfigurationVO findByHostname(final String hostname) {
final SearchCriteria<LdapConfigurationVO> sc = hostnameSearch.create();
sc.setParameters("hostname", hostname);
return findOneBy(sc);
}
@Override
public Pair<List<LdapConfigurationVO>, Integer> searchConfigurations(final String hostname, final int port) {
final SearchCriteria<LdapConfigurationVO> sc = listAllConfigurationsSearch.create();
if (hostname != null) {
sc.setParameters("hostname", hostname);
}
return searchAndCount(sc, null);
}
@Override
public Pair<List<LdapConfigurationVO>, Integer> searchConfigurations(
final String hostname, final int port) {
final SearchCriteria<LdapConfigurationVO> sc = listAllConfigurationsSearch
.create();
if (hostname != null) {
sc.setParameters("hostname", hostname);
}
return searchAndCount(sc, null);
}
}

3
server/src/com/cloud/configuration/Config.java
View File

@ -434,6 +434,9 @@ public enum Config {
LdapUsernameAttribute("Advanced", ManagementServer.class, String.class, "ldap.username.attribute", "uid", "Sets the username attribute used within LDAP", null),
LdapUserObject("Advanced", ManagementServer.class, String.class, "ldap.user.object", "inetOrgPerson", "Sets the object type of users within LDAP", null),
LdapSearchGroupPrinciple("Advanced", ManagementServer.class, String.class, "ldap.search.group.principle", null, "Sets the principle of the group that users must be a member of", null),
LdapSSLEnabled("Advanced", ManagementServer.class, String.class, "ldap.ssl.enabled", "false", "Enables/Disables SSL support for LDAP", null),
LdapTrustStore("Advanced", ManagementServer.class, String.class, "ldap.truststore", null, "Sets the path to the truststore to use for SSL", null),
LdapTrustStorePassword("Advanced", ManagementServer.class, String.class, "ldap.truststore.password", null, "Sets the password for the truststore", null),
// VMSnapshots
VMSnapshotMax("Advanced", VMSnapshotManager.class, Integer.class, "vmsnapshot.max", "10", "Maximum vm snapshots for a vm", null),

3
setup/db/db/schema-410to420.sql
View File

@ -2151,6 +2151,9 @@ INSERT IGNORE INTO `cloud`.`configuration` VALUES ('Advanced', 'DEFAULT', 'manag
INSERT IGNORE INTO `cloud`.`configuration` VALUES ('Advanced', 'DEFAULT', 'management-server', 'ldap.user.object', 'inetOrgPerson', 'Sets the object type of users within LDAP');
INSERT IGNORE INTO `cloud`.`configuration` VALUES ('Advanced', 'DEFAULT', 'management-server', 'ldap.basedn', NULL, 'Sets the basedn for LDAP');
INSERT IGNORE INTO `cloud`.`configuration` VALUES ('Advanced', 'DEFAULT', 'management-server', 'ldap.search.group.principle', NULL, 'Sets the principle of the group that users must be a member of');
INSERT IGNORE INTO `cloud`.`configuration` VALUES ('Advanced', 'DEFAULT', 'management-server', 'ldap.ssl.enabled', 'false', 'Enables/Disables SSL support for LDAP');
INSERT IGNORE INTO `cloud`.`configuration` VALUES ('Advanced', 'DEFAULT', 'management-server', 'ldap.truststore', NULL, 'Sets the path to the truststore to use for LDAP SSL');
INSERT IGNORE INTO `cloud`.`configuration` VALUES ('Advanced', 'DEFAULT', 'management-server', 'ldap.truststore.password', NULL, 'Sets the password for the truststore');
CREATE TABLE `cloud`.`ldap_configuration` (