This is an automated email from the ASF dual-hosted git repository.

benjobs pushed a commit to branch dev
in repository https://gitbox.apache.org/repos/asf/incubator-streampark.git


The following commit(s) were added to refs/heads/dev by this push:
     new 067318eb8 [Improve] Resolve the issue of program startup LDAP health 
check failed (#2638)
067318eb8 is described below

commit 067318eb8c5139a292b78cde194683edb1908f54
Author: ChunFuWu <[email protected]>
AuthorDate: Sun Apr 16 17:11:31 2023 +0800

    [Improve] Resolve the issue of program startup LDAP health check failed 
(#2638)
---
 .../console/system/security/impl/LdapService.java  | 57 ++++++++++++----------
 .../src/main/resources/application.yml             |  5 ++
 2 files changed, 36 insertions(+), 26 deletions(-)

diff --git 
a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/system/security/impl/LdapService.java
 
b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/system/security/impl/LdapService.java
index be5de6519..71ecc819f 100644
--- 
a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/system/security/impl/LdapService.java
+++ 
b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/system/security/impl/LdapService.java
@@ -40,6 +40,9 @@ import java.util.Properties;
 @Slf4j
 public class LdapService {
 
+  @Value("${ldap.enable:#{false}}")
+  private Boolean enable;
+
   @Value("${ldap.urls:#{null}}")
   private String ldapUrls;
 
@@ -66,35 +69,37 @@ public class LdapService {
    * @return user email
    */
   public String ldapLogin(String userId, String userPwd) {
-    Properties searchEnv = getManagerLdapEnv();
-    try {
-      LdapContext ctx = new InitialLdapContext(searchEnv, null);
-      SearchControls sc = new SearchControls();
-      sc.setReturningAttributes(new String[] {ldapEmailAttribute});
-      sc.setSearchScope(SearchControls.SUBTREE_SCOPE);
-      EqualsFilter filter = new EqualsFilter(ldapUserIdentifyingAttribute, 
userId);
-      NamingEnumeration<SearchResult> results = ctx.search(ldapBaseDn, 
filter.toString(), sc);
-      if (results.hasMore()) {
-        SearchResult result = results.next();
-        NamingEnumeration attrs = result.getAttributes().getAll();
-        while (attrs.hasMore()) {
-          searchEnv.put(Context.SECURITY_PRINCIPAL, 
result.getNameInNamespace());
-          searchEnv.put(Context.SECURITY_CREDENTIALS, userPwd);
-          try {
-            new InitialDirContext(searchEnv);
-          } catch (Exception e) {
-            log.warn("invalid ldap credentials or ldap search error", e);
-            return null;
-          }
-          Attribute attr = (Attribute) attrs.next();
-          if (attr.getID().equals(ldapEmailAttribute)) {
-            return (String) attr.get();
+    if (enable) {
+      Properties searchEnv = getManagerLdapEnv();
+      try {
+        LdapContext ctx = new InitialLdapContext(searchEnv, null);
+        SearchControls sc = new SearchControls();
+        sc.setReturningAttributes(new String[] {ldapEmailAttribute});
+        sc.setSearchScope(SearchControls.SUBTREE_SCOPE);
+        EqualsFilter filter = new EqualsFilter(ldapUserIdentifyingAttribute, 
userId);
+        NamingEnumeration<SearchResult> results = ctx.search(ldapBaseDn, 
filter.toString(), sc);
+        if (results.hasMore()) {
+          SearchResult result = results.next();
+          NamingEnumeration<? extends Attribute> attrs = 
result.getAttributes().getAll();
+          while (attrs.hasMore()) {
+            searchEnv.put(Context.SECURITY_PRINCIPAL, 
result.getNameInNamespace());
+            searchEnv.put(Context.SECURITY_CREDENTIALS, userPwd);
+            try {
+              new InitialDirContext(searchEnv);
+            } catch (Exception e) {
+              log.warn("invalid ldap credentials or ldap search error", e);
+              return null;
+            }
+            Attribute attr = attrs.next();
+            if (attr.getID().equals(ldapEmailAttribute)) {
+              return (String) attr.get();
+            }
           }
         }
+      } catch (NamingException e) {
+        log.error("ldap search error", e);
+        return null;
       }
-    } catch (NamingException e) {
-      log.error("ldap search error", e);
-      return null;
     }
     return null;
   }
diff --git 
a/streampark-console/streampark-console-service/src/main/resources/application.yml
 
b/streampark-console/streampark-console-service/src/main/resources/application.yml
index d21c11666..5b832f547 100644
--- 
a/streampark-console/streampark-console-service/src/main/resources/application.yml
+++ 
b/streampark-console/streampark-console-service/src/main/resources/application.yml
@@ -78,6 +78,9 @@ management:
       show-details: always
       probes:
         enabled: true
+  health:
+    ldap:
+      enabled: false
 
 streampark:
   proxy:
@@ -130,6 +133,8 @@ streampark:
     anonUrl: >
 
 ldap:
+  # Is ldap enabled? If so, please modify the urls
+  enable: false
   ## AD server IP, default port 389
   urls: ldap://99.99.99.99:389
   ## Login Account

Reply via email to