Repository: incubator-atlas Updated Branches: refs/heads/master 05bdbc621 -> 3b1a7d09c
ATLAS-1377: fix for Escaping comma in for LDAP properties Signed-off-by: Madhan Neethiraj <[email protected]> Project: http://git-wip-us.apache.org/repos/asf/incubator-atlas/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-atlas/commit/3b1a7d09 Tree: http://git-wip-us.apache.org/repos/asf/incubator-atlas/tree/3b1a7d09 Diff: http://git-wip-us.apache.org/repos/asf/incubator-atlas/diff/3b1a7d09 Branch: refs/heads/master Commit: 3b1a7d09c9f54a816b6e3a2c5b8f942b6052e3af Parents: 05bdbc6 Author: nixonrodrigues <[email protected]> Authored: Tue Dec 13 18:41:22 2016 +0530 Committer: Madhan Neethiraj <[email protected]> Committed: Mon Dec 19 09:53:36 2016 -0800 ---------------------------------------------------------------------- distro/src/conf/atlas-application.properties | 12 ++--- .../security/AtlasADAuthenticationProvider.java | 34 ++++++++++---- .../AtlasLdapAuthenticationProvider.java | 48 ++++++++++++-------- 3 files changed, 62 insertions(+), 32 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-atlas/blob/3b1a7d09/distro/src/conf/atlas-application.properties ---------------------------------------------------------------------- diff --git a/distro/src/conf/atlas-application.properties b/distro/src/conf/atlas-application.properties index eea46a6..6fa066b 100755 --- a/distro/src/conf/atlas-application.properties +++ b/distro/src/conf/atlas-application.properties @@ -114,12 +114,12 @@ atlas.authentication.method.file.filename=${sys:atlas.home}/conf/users-credentia ######## LDAP properties ######### #atlas.authentication.method.ldap.url=ldap://<ldap server url>:389 -#atlas.authentication.method.ldap.userDNpattern=uid={0}\,ou=People\,dc=example\,dc=com -#atlas.authentication.method.ldap.groupSearchBase=dc=example\,dc=com -#atlas.authentication.method.ldap.groupSearchFilter=(member=uid={0}\,ou=Users\,dc=example\,dc=com) +#atlas.authentication.method.ldap.userDNpattern=uid={0},ou=People,dc=example,dc=com +#atlas.authentication.method.ldap.groupSearchBase=dc=example,dc=com +#atlas.authentication.method.ldap.groupSearchFilter=(member=uid={0},ou=Users,dc=example,dc=com) #atlas.authentication.method.ldap.groupRoleAttribute=cn -#atlas.authentication.method.ldap.base.dn=dc=example\,dc=com -#atlas.authentication.method.ldap.bind.dn=cn=Manager\,dc=example\,dc=com +#atlas.authentication.method.ldap.base.dn=dc=example,dc=com +#atlas.authentication.method.ldap.bind.dn=cn=Manager,dc=example,dc=com #atlas.authentication.method.ldap.bind.password=<password> #atlas.authentication.method.ldap.referral=ignore #atlas.authentication.method.ldap.user.searchfilter=(uid={0}) @@ -130,7 +130,7 @@ atlas.authentication.method.file.filename=${sys:atlas.home}/conf/users-credentia #atlas.authentication.method.ldap.ad.domain=example.com #atlas.authentication.method.ldap.ad.url=ldap://<AD server url>:389 #atlas.authentication.method.ldap.ad.base.dn=(sAMAccountName={0}) -#atlas.authentication.method.ldap.ad.bind.dn=CN=team\,CN=Users\,DC=example\,DC=com +#atlas.authentication.method.ldap.ad.bind.dn=CN=team,CN=Users,DC=example,DC=com #atlas.authentication.method.ldap.ad.bind.password=<password> #atlas.authentication.method.ldap.ad.referral=ignore #atlas.authentication.method.ldap.ad.user.searchfilter=(sAMAccountName={0}) http://git-wip-us.apache.org/repos/asf/incubator-atlas/blob/3b1a7d09/webapp/src/main/java/org/apache/atlas/web/security/AtlasADAuthenticationProvider.java ---------------------------------------------------------------------- diff --git a/webapp/src/main/java/org/apache/atlas/web/security/AtlasADAuthenticationProvider.java b/webapp/src/main/java/org/apache/atlas/web/security/AtlasADAuthenticationProvider.java index aea939a..ecbb4ef 100644 --- a/webapp/src/main/java/org/apache/atlas/web/security/AtlasADAuthenticationProvider.java +++ b/webapp/src/main/java/org/apache/atlas/web/security/AtlasADAuthenticationProvider.java @@ -19,12 +19,14 @@ package org.apache.atlas.web.security; import java.util.List; +import java.util.Properties; import javax.annotation.PostConstruct; import org.apache.atlas.ApplicationProperties; import org.apache.atlas.web.model.User; import org.apache.commons.configuration.Configuration; +import org.apache.commons.configuration.ConfigurationConverter; import org.apache.log4j.Logger; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; import org.springframework.security.core.Authentication; @@ -105,16 +107,32 @@ public class AtlasADAuthenticationProvider extends try { Configuration configuration = ApplicationProperties.get(); - this.adDomain = configuration.getString("atlas.authentication.method.ldap.ad.domain"); - this.adURL = configuration.getString("atlas.authentication.method.ldap.ad.url"); - this.adBindDN = configuration.getString("atlas.authentication.method.ldap.ad.bind.dn"); - this.adBindPassword = configuration.getString("atlas.authentication.method.ldap.ad.bind.password"); - this.adUserSearchFilter = configuration.getString("atlas.authentication.method.ldap.ad.user.searchfilter"); - this.adBase = configuration.getString("atlas.authentication.method.ldap.ad.base.dn"); - this.adReferral = configuration.getString("atlas.authentication.method.ldap.ad.referral"); - this.adDefaultRole = configuration.getString("atlas.authentication.method.ldap.ad.default.role"); + Properties properties = ConfigurationConverter.getProperties(configuration.subset("atlas.authentication.method.ldap.ad")); + this.adDomain = properties.getProperty("domain"); + this.adURL = properties.getProperty("url"); + this.adBindDN = properties.getProperty("bind.dn"); + this.adBindPassword = properties.getProperty("bind.password"); + this.adUserSearchFilter = properties.getProperty("user.searchfilter"); + this.adBase = properties.getProperty("base.dn"); + this.adReferral = properties.getProperty("referral"); + this.adDefaultRole = properties.getProperty("default.role"); + this.groupsFromUGI = configuration.getBoolean("atlas.authentication.method.ldap.ugi-groups", true); + if(LOG.isDebugEnabled()) { + LOG.debug("AtlasADAuthenticationProvider{" + + "adURL='" + adURL + '\'' + + ", adDomain='" + adDomain + '\'' + + ", adBindDN='" + adBindDN + '\'' + + ", adUserSearchFilter='" + adUserSearchFilter + '\'' + + ", adBase='" + adBase + '\'' + + ", adReferral='" + adReferral + '\'' + + ", adDefaultRole='" + adDefaultRole + '\'' + + ", groupsFromUGI=" + groupsFromUGI + + '}'); + } + + } catch (Exception e) { LOG.error("Exception while setADProperties", e); } http://git-wip-us.apache.org/repos/asf/incubator-atlas/blob/3b1a7d09/webapp/src/main/java/org/apache/atlas/web/security/AtlasLdapAuthenticationProvider.java ---------------------------------------------------------------------- diff --git a/webapp/src/main/java/org/apache/atlas/web/security/AtlasLdapAuthenticationProvider.java b/webapp/src/main/java/org/apache/atlas/web/security/AtlasLdapAuthenticationProvider.java index 468daf6..65ee55c 100644 --- a/webapp/src/main/java/org/apache/atlas/web/security/AtlasLdapAuthenticationProvider.java +++ b/webapp/src/main/java/org/apache/atlas/web/security/AtlasLdapAuthenticationProvider.java @@ -19,10 +19,12 @@ package org.apache.atlas.web.security; import java.util.List; +import java.util.Properties; import javax.annotation.PostConstruct; import org.apache.atlas.ApplicationProperties; import org.apache.atlas.web.model.User; import org.apache.commons.configuration.Configuration; +import org.apache.commons.configuration.ConfigurationConverter; import org.apache.log4j.Logger; import org.springframework.ldap.core.support.LdapContextSource; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; @@ -127,26 +129,36 @@ public class AtlasLdapAuthenticationProvider extends private void setLdapProperties() { try { Configuration configuration = ApplicationProperties.get(); - - ldapURL = configuration.getString("atlas.authentication.method.ldap.url"); - ldapUserDNPattern = configuration.getString( - "atlas.authentication.method.ldap.userDNpattern"); - ldapGroupSearchBase = configuration.getString( - "atlas.authentication.method.ldap.groupSearchBase"); - ldapGroupSearchFilter = configuration.getString( - "atlas.authentication.method.ldap.groupSearchFilter"); - ldapGroupRoleAttribute = configuration.getString( - "atlas.authentication.method.ldap.groupRoleAttribute"); - ldapBindDN = configuration.getString("atlas.authentication.method.ldap.bind.dn"); - ldapBindPassword = configuration.getString( - "atlas.authentication.method.ldap.bind.password"); - ldapDefaultRole = configuration.getString("atlas.authentication.method.ldap.default.role"); - ldapUserSearchFilter = configuration.getString( - "atlas.authentication.method.ldap.user.searchfilter"); - ldapReferral = configuration.getString("atlas.authentication.method.ldap.ad.referral"); - ldapBase = configuration.getString("atlas.authentication.method.ldap.base.dn"); + Properties properties = ConfigurationConverter.getProperties(configuration.subset("atlas.authentication.method.ldap")); + ldapURL = properties.getProperty("url"); + ldapUserDNPattern = properties.getProperty("userDNpattern"); + ldapGroupSearchBase = properties.getProperty("groupSearchBase"); + ldapGroupSearchFilter = properties.getProperty("groupSearchFilter"); + ldapGroupRoleAttribute = properties.getProperty("groupRoleAttribute"); + ldapBindDN = properties.getProperty("bind.dn"); + ldapBindPassword = properties.getProperty("bind.password"); + ldapDefaultRole = properties.getProperty("default.role"); + ldapUserSearchFilter = properties.getProperty("user.searchfilter"); + ldapReferral = properties.getProperty("referral"); + ldapBase = properties.getProperty("base.dn"); groupsFromUGI = configuration.getBoolean("atlas.authentication.method.ldap.ugi-groups", true); + if(LOG.isDebugEnabled()) { + LOG.debug("AtlasLdapAuthenticationProvider{" + + "ldapURL='" + ldapURL + '\'' + + ", ldapUserDNPattern='" + ldapUserDNPattern + '\'' + + ", ldapGroupSearchBase='" + ldapGroupSearchBase + '\'' + + ", ldapGroupSearchFilter='" + ldapGroupSearchFilter + '\'' + + ", ldapGroupRoleAttribute='" + ldapGroupRoleAttribute + '\'' + + ", ldapBindDN='" + ldapBindDN + '\'' + + ", ldapDefaultRole='" + ldapDefaultRole + '\'' + + ", ldapUserSearchFilter='" + ldapUserSearchFilter + '\'' + + ", ldapReferral='" + ldapReferral + '\'' + + ", ldapBase='" + ldapBase + '\'' + + ", groupsFromUGI=" + groupsFromUGI + + '}'); + } + } catch (Exception e) { LOG.error("Exception while setLdapProperties", e); }
