etan39
/
cloudstack
mirror of https://github.com/apache/cloudstack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add Support for member of filter 

Signed-off-by: Abhinandan Prateek <aprateek@apache.org>
This commit is contained in:
Ian Duffy 2013-08-02 09:27:58 +01:00 committed by Abhinandan Prateek
parent 532e04db1a
commit 23f0187d05
4 changed files with 16 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
plugins/user-authenticators/ldap/src/org/apache/cloudstack/ldap/LdapConfiguration.java
View File

@ -113,4 +113,8 @@ public class LdapConfiguration {
final String userObject = _configDao.getValue("ldap.user.object");
return userObject == null ? "inetOrgPerson" : userObject;
}
public String getSearchGroupPrinciple() {
return _configDao.getValue("ldap.search.group.principle");
}
}

11
plugins/user-authenticators/ldap/src/org/apache/cloudstack/ldap/LdapUserManager.java
View File

@ -90,8 +90,15 @@ public class LdapUserManager {
controls.setSearchScope(_ldapConfiguration.getScope());
controls.setReturningAttributes(_ldapConfiguration.getReturnAttributes());
final String filter = "(&(objectClass=" + _ldapConfiguration.getUserObject() + ")" + "("
+ _ldapConfiguration.getUsernameAttribute() + "=" + (username == null ? "*" : username) + "))";
final String userObjectFilter = "(objectClass=" + _ldapConfiguration.getUserObject() + ")";
final String usernameFilter = "(" + _ldapConfiguration.getUsernameAttribute() + "=" + (username == null ? "*" : username) + ")";
String memberOfFilter = "";
if(_ldapConfiguration.getSearchGroupPrinciple() != null) {
memberOfFilter = "(memberof=" + _ldapConfiguration.getSearchGroupPrinciple() + ")";
}
final String filter = "(&" + userObjectFilter + usernameFilter + memberOfFilter + ")";
return context.search(_ldapConfiguration.getBaseDn(), filter, controls);
}

1
server/src/com/cloud/configuration/Config.java
View File

@ -433,6 +433,7 @@ public enum Config {
LdapLastnameAttribute("Advanced", ManagementServer.class, String.class, "ldap.lastname.attribute", "sn", "Sets the lastname attribute used within LDAP", null),
LdapUsernameAttribute("Advanced", ManagementServer.class, String.class, "ldap.username.attribute", "uid", "Sets the username attribute used within LDAP", null),
LdapUserObject("Advanced", ManagementServer.class, String.class, "ldap.user.object", "inetOrgPerson", "Sets the object type of users within LDAP", null),
LdapSearchGroupPrinciple("Advanced", ManagementServer.class, String.class, "ldap.search.group.principle", null, "Sets the principle of the group that users must be a member of", null),
// VMSnapshots
VMSnapshotMax("Advanced", VMSnapshotManager.class, Integer.class, "vmsnapshot.max", "10", "Maximum vm snapshots for a vm", null),

2
setup/db/db/schema-410to420.sql
View File

@ -2150,6 +2150,8 @@ INSERT IGNORE INTO `cloud`.`configuration` VALUES ('Advanced', 'DEFAULT', 'manag
INSERT IGNORE INTO `cloud`.`configuration` VALUES ('Advanced', 'DEFAULT', 'management-server', 'ldap.lastname.attribute', 'sn', 'Sets the lastname attribute used within LDAP');
INSERT IGNORE INTO `cloud`.`configuration` VALUES ('Advanced', 'DEFAULT', 'management-server', 'ldap.user.object', 'inetOrgPerson', 'Sets the object type of users within LDAP');
INSERT IGNORE INTO `cloud`.`configuration` VALUES ('Advanced', 'DEFAULT', 'management-server', 'ldap.basedn', NULL, 'Sets the basedn for LDAP');
INSERT IGNORE INTO `cloud`.`configuration` VALUES ('Advanced', 'DEFAULT', 'management-server', 'ldap.search.group.principle', NULL, 'Sets the principle of the group that users must be a member of');
CREATE TABLE `cloud`.`ldap_configuration` (
`id` bigint unsigned NOT NULL auto_increment COMMENT 'id',