Hi, Find the diff attached.
Thanks, Nipuni On Thu, Aug 14, 2014 at 3:41 PM, Johann Nallathamby <joh...@wso2.com> wrote: > Hi Nipuni, > > better have null checks and initialize default value otherwise there could > be issues in migrating from old version to new version. > > Thanks, > Johann. > > > On Thu, Aug 14, 2014 at 2:21 PM, Nipuni Perera <nip...@wso2.com> wrote: > >> Hi, >> >> I have added 2 new properties and set values as "users" and "groups" as >> follows, so that they will be used as default values. >> >> <Property >> name="OrganizationalSubContextUserContextName">users</Property> >> <Property >> name="OrganizationalSubContextGroupContextName">groups</Property> >> >> I guess a null check is not required as the default values are set as >> above. Find the updated patch attached. >> >> Thanks, >> Nipuni >> >> >> On Thu, Aug 14, 2014 at 1:32 PM, Johann Nallathamby <joh...@wso2.com> >> wrote: >> >>> Hi Nipuni, >>> >>> Two more suggestions. >>> >>> 1. The same fix needs to be done for the Groups as well. You can define >>> a new property for this also. >>> >>> 2. If these two properties are not there we can go with the default >>> values like before, 'users' and 'groups'. >>> >>> Regards, >>> Johann. >>> >>> >>> On Thu, Aug 14, 2014 at 1:25 PM, Nipuni Perera <nip...@wso2.com> wrote: >>> >>>> Hi, >>>> >>>> Please find the attached patch for the issue. I have added a new >>>> property to tenant-mgt.xml. >>>> >>>> <Property name="OrganizationalSubContextAttributeValue">user</Property> >>>> >>>> Removed the constant "LDAPConstants.USER_CONTEXT_NAME" and used the >>>> value of newly added property instead. >>>> >>>> >>>> >>>> tenantMgtConfig.getTenantStoreProperties().get(UserCoreConstants.TenantMgtConfig.PROPERTY_ORG_SUB_CONTEXT_ATTRIBUTE_VALUE); >>>> >>>> Thanks, >>>> Nipuni >>>> >>>> >>>> On Wed, Aug 13, 2014 at 8:53 PM, Johann Nallathamby <joh...@wso2.com> >>>> wrote: >>>> >>>>> Hi Nipuni, >>>>> >>>>> >>>>> On Wed, Aug 13, 2014 at 10:52 AM, Nipuni Perera <nip...@wso2.com> >>>>> wrote: >>>>> >>>>>> Hi, >>>>>> >>>>>> I am working on issue[1]. According to the existing implementation >>>>>> the constant "LDAPConstants.USER_CONTEXT_NAME" has been used in several >>>>>> places to build OrganizationalSubContextAttribute. If the tenant-mgt.xml >>>>>> is >>>>>> updated to read value of property "OrganizationalSubContextAttribute" as >>>>>> follows, (current implementation reads only "ou" value: <Property >>>>>> name="OrganizationalSubContextAttribute">ou</Property> ) >>>>>> >>>>>> <Property >>>>>> name="OrganizationalSubContextAttribute">ou=users</Property> >>>>>> >>>>> >>>>> Better to have it as a separate property rather than having it as part >>>>> of OrganizationSubContextAttribute. You can introduce a new property for >>>>> the value only. Otherwise it looks odd and half complete like. >>>>> >>>>>> >>>>>> >>>>>> Implementation should updated as below, >>>>>> >>>>>> 1. CommonHybridLDAPTenantManager.java[3] (line 177), >>>>>> CommonLDAPRealmConfigBuilder.java[2] (line 120) and >>>>>> FileSystemRealmConfigBuilder.java[4] (line 123) should updated >>>>>> accordingly. >>>>>> Is this a proper solution? Is there a limited set of values that can >>>>>> be set >>>>>> to OrganizationalSubContextAttribute? >>>>>> 2. It seems line 161 of [3] should read the value >>>>>> "PROPERTY_ORGANIZATIONAL_ATTRIBUTE" instead of " >>>>>> PROPERTY_ORG_SUB_CONTEXT_ATTRIBUTE". This works fine as the >>>>>> default configuration set values of both properties to "ou" >>>>>> >>>>>> eg: current tenant-mgt.xml contains properties below; >>>>>> >>>>>> <Property name="OrganizationalAttribute">ou</Property> >>>>>> <Property >>>>>> name="OrganizationalSubContextObjectClass">organizationalUnit</Property> >>>>>> <Property >>>>>> name="OrganizationalSubContextAttribute">ou</Property> >>>>>> >>>>>> Thus the correction should be to change, >>>>>> >>>>>> String organizationNameAttribute = tenantMgtConfig. >>>>>> getTenantStoreProperties().get( UserCoreConstants.TenantMgtConfig. >>>>>> PROPERTY_ORG_SUB_CONTEXT_ATTRIBUTE); >>>>>> >>>>>> to >>>>>> >>>>>> String organizationNameAttribute = tenantMgtConfig. >>>>>> getTenantStoreProperties().get( UserCoreConstants.TenantMgtConfig. >>>>>> PROPERTY_ORGANIZATIONAL_ATTRIBUTE); >>>>>> >>>>> >>>>> This fix is correct. >>>>> >>>>> >>>>>> >>>>>> [1] https://wso2.org/jira/browse/CARBON-14863 >>>>>> [2] >>>>>> https://github.com/wso2-dev/carbon4-kernel/blob/master/core/org.wso2.carbon.user.core/src/main/java/org/wso2/carbon/user/core/config/multitenancy/CommonLDAPRealmConfigBuilder.java >>>>>> [3] >>>>>> https://github.com/wso2-dev/carbon4-kernel/blob/master/core/org.wso2.carbon.user.core/src/main/java/org/wso2/carbon/user/core/tenant/CommonHybridLDAPTenantManager.java >>>>>> [4] >>>>>> https://github.com/wso2-dev/carbon4-kernel/blob/master/core/org.wso2.carbon.user.core/src/main/java/org/wso2/carbon/user/core/config/multitenancy/FileSystemRealmConfigBuilder.java >>>>>> >>>>>> Thanks, >>>>>> Nipuni >>>>>> -- >>>>>> Nipuni Perera >>>>>> Software Engineer; WSO2 Inc.; http://wso2.com >>>>>> Email: nip...@wso2.com >>>>>> Git hub profile: https://github.com/nipuni >>>>>> Mobile: +94 (71) 5626680 >>>>>> <http://wso2.com> >>>>>> >>>>>> >>>>> >>>>> >>>>> -- >>>>> Thanks & Regards, >>>>> >>>>> *Johann Dilantha Nallathamby* >>>>> Associate Technical Lead & Product Lead of WSO2 Identity Server >>>>> Integration Technologies Team >>>>> WSO2, Inc. >>>>> lean.enterprise.middleware >>>>> >>>>> Mobile - *+94777776950* >>>>> Blog - *http://nallaa.wordpress.com <http://nallaa.wordpress.com>* >>>>> >>>> >>>> >>>> >>>> -- >>>> Nipuni Perera >>>> Software Engineer; WSO2 Inc.; http://wso2.com >>>> Email: nip...@wso2.com >>>> Git hub profile: https://github.com/nipuni >>>> Mobile: +94 (71) 5626680 >>>> <http://wso2.com> >>>> >>>> >>> >>> >>> -- >>> Thanks & Regards, >>> >>> *Johann Dilantha Nallathamby* >>> Associate Technical Lead & Product Lead of WSO2 Identity Server >>> Integration Technologies Team >>> WSO2, Inc. >>> lean.enterprise.middleware >>> >>> Mobile - *+94777776950* >>> Blog - *http://nallaa.wordpress.com <http://nallaa.wordpress.com>* >>> >> >> >> >> -- >> Nipuni Perera >> Software Engineer; WSO2 Inc.; http://wso2.com >> Email: nip...@wso2.com >> Git hub profile: https://github.com/nipuni >> Mobile: +94 (71) 5626680 >> <http://wso2.com> >> >> > > > -- > Thanks & Regards, > > *Johann Dilantha Nallathamby* > Associate Technical Lead & Product Lead of WSO2 Identity Server > Integration Technologies Team > WSO2, Inc. > lean.enterprise.middleware > > Mobile - *+94777776950* > Blog - *http://nallaa.wordpress.com <http://nallaa.wordpress.com>* > -- Nipuni Perera Software Engineer; WSO2 Inc.; http://wso2.com Email: nip...@wso2.com Git hub profile: https://github.com/nipuni Mobile: +94 (71) 5626680 <http://wso2.com>
diff --git a/core/org.wso2.carbon.user.core/src/main/java/org/wso2/carbon/user/core/UserCoreConstants.java b/core/org.wso2.carbon.user.core/src/main/java/org/wso2/carbon/user/core/UserCoreConstants.java index c1067ab..f3627a8 100644 --- a/core/org.wso2.carbon.user.core/src/main/java/org/wso2/carbon/user/core/UserCoreConstants.java +++ b/core/org.wso2.carbon.user.core/src/main/java/org/wso2/carbon/user/core/UserCoreConstants.java @@ -247,6 +247,10 @@ public class UserCoreConstants { "OrganizationalSubContextObjectClass"; public static final String PROPERTY_ORG_SUB_CONTEXT_ATTRIBUTE = "OrganizationalSubContextAttribute"; + public static final String PROPERTY_ORG_SUB_CONTEXT_USER_CONTEXT_VALUE = + "OrganizationalSubContextUserContextName"; + public static final String PROPERTY_ORG_SUB_CONTEXT_GROUP_CONTEXT_VALUE = + "OrganizationalSubContextGroupContextName"; public static final String PROPERTY_MULTI_TENANT_REALM_CONFIG_BUILDER = "MultiTenantRealmConfigBuilder"; diff --git a/core/org.wso2.carbon.user.core/src/main/java/org/wso2/carbon/user/core/config/multitenancy/CommonLDAPRealmConfigBuilder.java b/core/org.wso2.carbon.user.core/src/main/java/org/wso2/carbon/user/core/config/multitenancy/CommonLDAPRealmConfigBuilder.java index d7ff3da..49d3127 100644 --- a/core/org.wso2.carbon.user.core/src/main/java/org/wso2/carbon/user/core/config/multitenancy/CommonLDAPRealmConfigBuilder.java +++ b/core/org.wso2.carbon.user.core/src/main/java/org/wso2/carbon/user/core/config/multitenancy/CommonLDAPRealmConfigBuilder.java @@ -117,8 +117,16 @@ public class CommonLDAPRealmConfigBuilder implements MultiTenantRealmConfigBuild //eg: ou=users String orgSubContextAttribute = tenantMgtConfig.getTenantStoreProperties().get( UserCoreConstants.TenantMgtConfig.PROPERTY_ORG_SUB_CONTEXT_ATTRIBUTE); - String userContextRDN = orgSubContextAttribute + "=" + - LDAPConstants.USER_CONTEXT_NAME; + String userContextRDN; + if (tenantMgtConfig.getTenantStoreProperties().get( + UserCoreConstants.TenantMgtConfig.PROPERTY_ORG_SUB_CONTEXT_USER_CONTEXT_VALUE) != null) { + userContextRDN = orgSubContextAttribute + "=" + tenantMgtConfig.getTenantStoreProperties().get( + UserCoreConstants.TenantMgtConfig.PROPERTY_ORG_SUB_CONTEXT_USER_CONTEXT_VALUE); + } else { + //if property value is not set use default value + userContextRDN = orgSubContextAttribute + "=" + LDAPConstants.USER_CONTEXT_NAME; + } + //eg: ou=users,o=cse.org, dc=cloud, dc=com String userSearchBase = userContextRDN + "," + organizationRDN + "," + partitionDN; @@ -150,9 +158,17 @@ public class CommonLDAPRealmConfigBuilder implements MultiTenantRealmConfigBuild //if read ldap group is enabled, set the tenant specific group search base if (("true").equals(bootStrapConfig. getUserStoreProperty(UserCoreConstants.RealmConfig.READ_GROUPS_ENABLED))) { + String groupContextRDN; //eg: ou=groups - String groupContextRDN = orgSubContextAttribute + "=" + - LDAPConstants.GROUP_CONTEXT_NAME; + if (tenantMgtConfig.getTenantStoreProperties(). + get(UserCoreConstants.TenantMgtConfig.PROPERTY_ORG_SUB_CONTEXT_GROUP_CONTEXT_VALUE) != null) { + groupContextRDN = orgSubContextAttribute + "=" + tenantMgtConfig.getTenantStoreProperties(). + get(UserCoreConstants.TenantMgtConfig.PROPERTY_ORG_SUB_CONTEXT_GROUP_CONTEXT_VALUE); + } else { + //if property value is not set use default value + groupContextRDN = orgSubContextAttribute + "=" + LDAPConstants.GROUP_CONTEXT_NAME; + } + //eg: ou=users,o=cse.org, dc=cloud, dc=com String groupSearchBase = groupContextRDN + "," + organizationRDN + "," + partitionDN; diff --git a/core/org.wso2.carbon.user.core/src/main/java/org/wso2/carbon/user/core/config/multitenancy/FileSystemRealmConfigBuilder.java b/core/org.wso2.carbon.user.core/src/main/java/org/wso2/carbon/user/core/config/multitenancy/FileSystemRealmConfigBuilder.java index 3d748bc..d70c6da 100644 --- a/core/org.wso2.carbon.user.core/src/main/java/org/wso2/carbon/user/core/config/multitenancy/FileSystemRealmConfigBuilder.java +++ b/core/org.wso2.carbon.user.core/src/main/java/org/wso2/carbon/user/core/config/multitenancy/FileSystemRealmConfigBuilder.java @@ -120,8 +120,15 @@ public class FileSystemRealmConfigBuilder implements MultiTenantRealmConfigBuild //eg: ou=users String orgSubContextAttribute = tenantMgtConfig.getTenantStoreProperties().get( UserCoreConstants.TenantMgtConfig.PROPERTY_ORG_SUB_CONTEXT_ATTRIBUTE); - String userContextRDN = orgSubContextAttribute + "=" + - LDAPConstants.USER_CONTEXT_NAME; + String userContextRDN; + if (tenantMgtConfig.getTenantStoreProperties().get( + UserCoreConstants.TenantMgtConfig.PROPERTY_ORG_SUB_CONTEXT_USER_CONTEXT_VALUE) != null) { + userContextRDN = orgSubContextAttribute + "=" + tenantMgtConfig.getTenantStoreProperties().get( + UserCoreConstants.TenantMgtConfig.PROPERTY_ORG_SUB_CONTEXT_USER_CONTEXT_VALUE); + } else { + //if property is not set use default value + userContextRDN = orgSubContextAttribute + "=" + LDAPConstants.USER_CONTEXT_NAME; + } //eg: ou=users,o=cse.org, dc=cloud, dc=com String userSearchBase = userContextRDN + "," + organizationRDN + "," + partitionDN; @@ -131,8 +138,15 @@ public class FileSystemRealmConfigBuilder implements MultiTenantRealmConfigBuild //if read ldap group is enabled, set the tenant specific group search base if (("true").equals(bootStrapConfig.getUserStoreProperty(LDAPConstants.READ_LDAP_GROUPS))) { //eg: ou=groups - String groupContextRDN = orgSubContextAttribute + "=" + - LDAPConstants.GROUP_CONTEXT_NAME; + String groupContextRDN; + if (tenantMgtConfig.getTenantStoreProperties().get( + UserCoreConstants.TenantMgtConfig.PROPERTY_ORG_SUB_CONTEXT_GROUP_CONTEXT_VALUE) != null) { + groupContextRDN = orgSubContextAttribute + "=" + tenantMgtConfig.getTenantStoreProperties().get( + UserCoreConstants.TenantMgtConfig.PROPERTY_ORG_SUB_CONTEXT_GROUP_CONTEXT_VALUE); + } else { + //if property is not set use default value + groupContextRDN = orgSubContextAttribute + "=" + LDAPConstants.GROUP_CONTEXT_NAME; + } //eg: ou=users,o=cse.org, dc=cloud, dc=com String groupSearchBase = groupContextRDN + "," + organizationRDN + "," + partitionDN; diff --git a/core/org.wso2.carbon.user.core/src/main/java/org/wso2/carbon/user/core/ldap/LDAPConstants.java b/core/org.wso2.carbon.user.core/src/main/java/org/wso2/carbon/user/core/ldap/LDAPConstants.java index 913c71f..c29d1b3 100644 --- a/core/org.wso2.carbon.user.core/src/main/java/org/wso2/carbon/user/core/ldap/LDAPConstants.java +++ b/core/org.wso2.carbon.user.core/src/main/java/org/wso2/carbon/user/core/ldap/LDAPConstants.java @@ -63,9 +63,9 @@ public class LDAPConstants { public static final String SHARED_GROUP_SEARCH_BASE = "SharedGroupSearchBase"; public static final String SHARED_GROUP_NAME_LIST_FILTER = GROUP_NAME_LIST_FILTER; // "SharedGroupNameListFilter"; public static final String SHARED_GROUP_NAME_SEARCH_FILTER = ROLE_NAME_FILTER; // "SharedGroupNameSearchFilter"; - + //used in tenant management - public static final String USER_CONTEXT_NAME = "users"; + public static final String USER_CONTEXT_NAME = "user"; public static final String GROUP_CONTEXT_NAME = "groups"; //password diff --git a/core/org.wso2.carbon.user.core/src/main/java/org/wso2/carbon/user/core/tenant/CommonHybridLDAPTenantManager.java b/core/org.wso2.carbon.user.core/src/main/java/org/wso2/carbon/user/core/tenant/CommonHybridLDAPTenantManager.java index cffd0d5..74e9feb 100644 --- a/core/org.wso2.carbon.user.core/src/main/java/org/wso2/carbon/user/core/tenant/CommonHybridLDAPTenantManager.java +++ b/core/org.wso2.carbon.user.core/src/main/java/org/wso2/carbon/user/core/tenant/CommonHybridLDAPTenantManager.java @@ -30,7 +30,6 @@ import javax.sql.DataSource; import org.apache.axiom.om.OMElement; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; -import org.wso2.carbon.context.CarbonContext; import org.wso2.carbon.user.api.RealmConfiguration; import org.wso2.carbon.user.api.TenantMgtConfiguration; import org.wso2.carbon.user.core.UserCoreConstants; @@ -159,32 +158,61 @@ public class CommonHybridLDAPTenantManager extends JDBCTenantManager { //create user store String organizationNameAttribute = tenantMgtConfig.getTenantStoreProperties().get( - UserCoreConstants.TenantMgtConfig.PROPERTY_ORG_SUB_CONTEXT_ATTRIBUTE); + UserCoreConstants.TenantMgtConfig.PROPERTY_ORGANIZATIONAL_ATTRIBUTE); //eg:o=cse.org,dc=wso2,dc=com String dnOfOrganizationalContext = organizationNameAttribute + "=" + orgName + "," + partitionDN; - createOrganizationalSubContext(dnOfOrganizationalContext, - LDAPConstants.USER_CONTEXT_NAME, initialDirContext); - + if (tenantMgtConfig.getTenantStoreProperties().get( + UserCoreConstants.TenantMgtConfig.PROPERTY_ORG_SUB_CONTEXT_USER_CONTEXT_VALUE) != null) { + createOrganizationalSubContext(dnOfOrganizationalContext, tenantMgtConfig.getTenantStoreProperties().get( + UserCoreConstants.TenantMgtConfig.PROPERTY_ORG_SUB_CONTEXT_USER_CONTEXT_VALUE), initialDirContext); + } else { + //if property value is not set use default value + createOrganizationalSubContext(dnOfOrganizationalContext, LDAPConstants.USER_CONTEXT_NAME, initialDirContext); + } //create group store - createOrganizationalSubContext(dnOfOrganizationalContext, - LDAPConstants.GROUP_CONTEXT_NAME, initialDirContext); + if (tenantMgtConfig.getTenantStoreProperties().get( + UserCoreConstants.TenantMgtConfig.PROPERTY_ORG_SUB_CONTEXT_GROUP_CONTEXT_VALUE) != null) { + createOrganizationalSubContext(dnOfOrganizationalContext, tenantMgtConfig.getTenantStoreProperties().get( + UserCoreConstants.TenantMgtConfig.PROPERTY_ORG_SUB_CONTEXT_GROUP_CONTEXT_VALUE), initialDirContext); + } else { + //if property value is not set use default value + createOrganizationalSubContext(dnOfOrganizationalContext, LDAPConstants.GROUP_CONTEXT_NAME, initialDirContext); + } //create admin entry String orgSubContextAttribute = tenantMgtConfig.getTenantStoreProperties().get( UserCoreConstants.TenantMgtConfig.PROPERTY_ORG_SUB_CONTEXT_ATTRIBUTE); //eg: ou=users,o=cse.org,dc=wso2,dc=com - String dnOfUserContext = orgSubContextAttribute + "=" + LDAPConstants.USER_CONTEXT_NAME - + "," + dnOfOrganizationalContext; + String dnOfUserContext; + if (tenantMgtConfig.getTenantStoreProperties().get( + UserCoreConstants.TenantMgtConfig.PROPERTY_ORG_SUB_CONTEXT_USER_CONTEXT_VALUE) != null) { + dnOfUserContext = orgSubContextAttribute + "=" + tenantMgtConfig.getTenantStoreProperties().get( + UserCoreConstants.TenantMgtConfig.PROPERTY_ORG_SUB_CONTEXT_USER_CONTEXT_VALUE) + + "," + dnOfOrganizationalContext; + } else { + //if property value is not set use default value + dnOfUserContext = orgSubContextAttribute + "=" + LDAPConstants.USER_CONTEXT_NAME + + "," + dnOfOrganizationalContext; + } + String dnOfUserEntry = createAdminEntry(dnOfUserContext, tenant, initialDirContext); //create admin group if write ldap group is enabled if (("true").equals(realmConfig.getUserStoreProperty( UserCoreConstants.RealmConfig.WRITE_GROUPS_ENABLED))) { //construct dn of group context: eg:ou=groups,o=cse.org,dc=wso2,dc=com - String dnOfGroupContext = orgSubContextAttribute + "=" + - LDAPConstants.GROUP_CONTEXT_NAME + "," + - dnOfOrganizationalContext; + String dnOfGroupContext; + if (tenantMgtConfig.getTenantStoreProperties().get( + UserCoreConstants.TenantMgtConfig.PROPERTY_ORG_SUB_CONTEXT_GROUP_CONTEXT_VALUE) != null) { + dnOfGroupContext = orgSubContextAttribute + "=" + tenantMgtConfig.getTenantStoreProperties().get( + UserCoreConstants.TenantMgtConfig.PROPERTY_ORG_SUB_CONTEXT_GROUP_CONTEXT_VALUE) + "," + + dnOfOrganizationalContext; + } else { + //if property value is not set use default value + dnOfGroupContext = orgSubContextAttribute + "=" + LDAPConstants.GROUP_CONTEXT_NAME + "," + + dnOfOrganizationalContext; + } createAdminGroup(dnOfGroupContext, dnOfUserEntry, initialDirContext); } } diff --git a/core/org.wso2.carbon.user.core/src/main/resources/tenant-mgt.xml b/core/org.wso2.carbon.user.core/src/main/resources/tenant-mgt.xml index ec9c4dc..253543e 100644 --- a/core/org.wso2.carbon.user.core/src/main/resources/tenant-mgt.xml +++ b/core/org.wso2.carbon.user.core/src/main/resources/tenant-mgt.xml @@ -28,6 +28,8 @@ <Property name="OrganizationalAttribute">ou</Property> <Property name="OrganizationalSubContextObjectClass">organizationalUnit</Property> <Property name="OrganizationalSubContextAttribute">ou</Property> + <Property name="OrganizationalSubContextUserContextName">users</Property> + <Property name="OrganizationalSubContextGroupContextName">groups</Property> </TenantManager> </TenantManagers>
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev