Yair Zaslavsky has uploaded a new change for review. Change subject: aaa: Remove dependency at builtin on Common config ......................................................................
aaa: Remove dependency at builtin on Common config Change-Id: I1384a99f73ab605b61bce8dcdfd63e222b0001fa Topic: AAA Signed-off-by: Yair Zaslavsky <[email protected]> --- M backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/InitBackendServicesOnStartupBean.java M backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/internal/InternalAuthz.java M backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/DirectorySearchTask.java M backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/DirectorySearcher.java M backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/GSSAPIDirContextAuthenticationStrategy.java M backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/GetRootDSE.java M backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/KerberosLdapAuthn.java M backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/KerberosLdapAuthz.java M backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/KerberosManager.java M backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/LDAPTemplateWrapper.java M backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/LdapBrokerUtils.java M backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/PrepareLdapConnectionTask.java M backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/UsersDomainsCacheManagerService.java M backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/UsersObjectIdQueryGenerator.java M backend/manager/modules/utils/src/main/java/org/ovirt/engine/core/utils/collections/DomainsPasswordMap.java 15 files changed, 67 insertions(+), 66 deletions(-) git pull ssh://gerrit.ovirt.org:29418/ovirt-engine refs/changes/07/27607/1 diff --git a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/InitBackendServicesOnStartupBean.java b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/InitBackendServicesOnStartupBean.java index 2e5e18e..505940b 100644 --- a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/InitBackendServicesOnStartupBean.java +++ b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/InitBackendServicesOnStartupBean.java @@ -137,7 +137,7 @@ dirConfig.put("config.authz.user.name", Config.<String> getValue(ConfigValues.AdminUser)); dirConfig.put("config.authz.user.id", "fdfc627c-d875-11e0-90f0-83df133b58cc"); dirConfig.put("config.query.filter.size", - Config.<Integer> getValue(ConfigValues.MaxLDAPQueryPartsNumber)); + Config.<Integer> getValue(ConfigValues.MaxLDAPQueryPartsNumber).toString()); ExtensionsManager.getInstance().load(dirConfig); } @@ -166,6 +166,12 @@ domain = domain.trim(); if (!domain.isEmpty()) { Properties authConfig = new Properties(); + + Properties config = new Properties(); + attachConfigValuesFromDb(config); + config.put("config.change.password.url", blankIfNull(passwordChangeUrlPerDomain.get(domain))); + config.put("config.change.password.msg", blankIfNull(passwordChangeMsgPerDomain.get(domain))); + authConfig.put(Base.ConfigKeys.NAME, String.format("builtin-authn-%1$s", domain)); authConfig.put(Base.ConfigKeys.PROVIDES, Authn.class.getName()); authConfig.put(Base.ConfigKeys.ENABLED, "true"); @@ -175,8 +181,7 @@ "org.ovirt.engine.extensions.aaa.builtin.kerberosldap.KerberosLdapAuthn"); authConfig.put("ovirt.engine.aaa.authn.profile.name", domain); authConfig.put("ovirt.engine.aaa.authn.authz.plugin", domain); - authConfig.put("config.change.password.url", blankIfNull(passwordChangeUrlPerDomain.get(domain))); - authConfig.put("config.change.password.msg", blankIfNull(passwordChangeMsgPerDomain.get(domain))); + authConfig.put("config", config); ExtensionsManager.getInstance().load(authConfig); Properties dirConfig = new Properties(); @@ -186,8 +191,7 @@ dirConfig.put(Base.ConfigKeys.BINDINGS_JBOSSMODULE_MODULE, "org.ovirt.engine.extensions.builtin"); dirConfig.put(Base.ConfigKeys.BINDINGS_JBOSSMODULE_CLASS, "org.ovirt.engine.extensions.aaa.builtin.kerberosldap.KerberosLdapAuthz"); - dirConfig.put("config.query.filter.size", - Config.<Integer> getValue(ConfigValues.MaxLDAPQueryPartsNumber)); + dirConfig.put("config", config); ExtensionsManager.getInstance().load(dirConfig); } } @@ -197,4 +201,25 @@ return value == null ? "" : value; } + private void attachConfigValuesFromDb(Properties props) { + attachConfigValueFromDb(props, ConfigValues.LdapServers); + attachConfigValueFromDb(props, ConfigValues.LDAPServerPort); + attachConfigValueFromDb(props, ConfigValues.AdUserName); + attachConfigValueFromDb(props, ConfigValues.AdUserPassword); + attachConfigValueFromDb(props, ConfigValues.LDAPSecurityAuthentication); + attachConfigValueFromDb(props, ConfigValues.AuthenticationMethod); + attachConfigValueFromDb(props, ConfigValues.LDAPProviderTypes); + attachConfigValueFromDb(props, ConfigValues.LDAPQueryTimeout); + attachConfigValueFromDb(props, ConfigValues.DomainName); + attachConfigValueFromDb(props, ConfigValues.SASL_QOP); + attachConfigValueFromDb(props, ConfigValues.LDAPConnectTimeout); + attachConfigValueFromDb(props, ConfigValues.MaxLDAPQueryPartsNumber); + attachConfigValueFromDb(props, ConfigValues.LDAPOperationTimeout); + attachConfigValueFromDb(props, ConfigValues.LdapQueryPageSize); + } + + private void attachConfigValueFromDb(Properties props, ConfigValues key) { + props.put("config." + key.name(), Config.getValue(key).toString()); + } + } diff --git a/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/internal/InternalAuthz.java b/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/internal/InternalAuthz.java index 3e28277..9849527 100644 --- a/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/internal/InternalAuthz.java +++ b/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/internal/InternalAuthz.java @@ -100,6 +100,7 @@ ).mput( Authz.ContextKeys.QUERY_MAX_FILTER_SIZE, configuration.get("config.query.filter.size") + ) ).mput( Base.ContextKeys.BUILD_INTERFACE_VERSION, Base.INTERFACE_VERSION_CURRENT); diff --git a/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/DirectorySearchTask.java b/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/DirectorySearchTask.java index 5f60c6c..41a874e 100644 --- a/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/DirectorySearchTask.java +++ b/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/DirectorySearchTask.java @@ -5,8 +5,6 @@ import javax.naming.directory.SearchControls; -import org.ovirt.engine.core.common.config.Config; -import org.ovirt.engine.core.common.config.ConfigValues; import org.springframework.ldap.core.ContextMapperCallbackHandler; public class DirectorySearchTask implements Callable<List<?>> { @@ -37,7 +35,7 @@ controls.setCountLimit(resultcount); // Added this in order to prevent a warning saying: "the returning obj flag wasn't set, setting it to true" controls.setReturningObjFlag(true); - controls.setTimeLimit(Config.<Integer> getValue(ConfigValues.LDAPQueryTimeout) * 1000); + controls.setTimeLimit(Integer.parseInt(Config.getProperty("LDAPQueryTimeout")) * 1000); ldapTemplate.search("", queryExecution.getFilter(), diff --git a/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/DirectorySearcher.java b/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/DirectorySearcher.java index 7728f3a..3e55f1f 100644 --- a/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/DirectorySearcher.java +++ b/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/DirectorySearcher.java @@ -7,9 +7,9 @@ import java.util.List; import org.apache.commons.lang.StringUtils; -import org.ovirt.engine.extensions.aaa.builtin.kerberosldap.serverordering.LdapServersOrderingAlgorithmFactory; import org.ovirt.engine.core.utils.log.Log; import org.ovirt.engine.core.utils.log.LogFactory; +import org.ovirt.engine.extensions.aaa.builtin.kerberosldap.serverordering.LdapServersOrderingAlgorithmFactory; public class DirectorySearcher { @@ -21,6 +21,7 @@ private final LdapCredentials ldapCredentials; private Exception ex; + private static final ExceptionHandler<LdapSearchExceptionHandlingResponse, LdapCredentials> handler = new LdapSearchExceptionHandler(); diff --git a/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/GSSAPIDirContextAuthenticationStrategy.java b/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/GSSAPIDirContextAuthenticationStrategy.java index 764a6fc..99f916e 100644 --- a/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/GSSAPIDirContextAuthenticationStrategy.java +++ b/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/GSSAPIDirContextAuthenticationStrategy.java @@ -15,8 +15,6 @@ import javax.security.auth.login.LoginContext; import javax.security.auth.login.LoginException; -import org.ovirt.engine.core.common.config.Config; -import org.ovirt.engine.core.common.config.ConfigValues; import org.ovirt.engine.core.utils.kerberos.AuthenticationResult; import org.ovirt.engine.core.utils.kerberos.KerberosReturnCodeParser; import org.ovirt.engine.core.utils.log.Log; @@ -73,7 +71,7 @@ @Override public void setupEnvironment(Hashtable env, String userDn, String password) throws NamingException { env.put(Context.SECURITY_AUTHENTICATION, GSS_API_AUTHENTICATION); - String qopValue = Config.<String>getValue(ConfigValues.SASL_QOP); + String qopValue = Config.getProperty("SASL_QOP"); env.put("javax.security.sasl.qop", qopValue); } diff --git a/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/GetRootDSE.java b/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/GetRootDSE.java index 640ee94..3b1ba72 100644 --- a/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/GetRootDSE.java +++ b/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/GetRootDSE.java @@ -12,9 +12,6 @@ import javax.naming.directory.SearchControls; import javax.naming.directory.SearchResult; -import org.apache.commons.lang.StringUtils; -import org.ovirt.engine.core.common.config.Config; -import org.ovirt.engine.core.common.config.ConfigValues; import org.ovirt.engine.core.ldap.LdapProviderType; import org.ovirt.engine.core.utils.log.Log; import org.ovirt.engine.core.utils.log.LogFactory; @@ -59,7 +56,7 @@ searchControls.setSearchScope(queryExecution.getSearchScope()); // Added this in order to prevent a warning saying: "the returning obj flag wasn't set, setting it to true" searchControls.setReturningObjFlag(true); - searchControls.setTimeLimit(Config.<Integer> getValue(ConfigValues.LDAPOperationTimeout) * 1000); + searchControls.setTimeLimit(Integer.parseInt(Config.getProperty("LDAPOperationTimeout")) * 1000); NamingEnumeration<SearchResult> search = ctx.search(queryExecution.getBaseDN(), queryExecution.getFilter(), searchControls); @@ -103,18 +100,6 @@ protected DirContext createContext(Hashtable<String, String> env) throws NamingException { return new InitialDirContext(env); - } - - - private void updateProviderTypeInConfig(String domain, String type) { - String[] types = Config.<String> getValue(ConfigValues.LDAPProviderTypes).split(","); - for (int x = 0; x < types.length; x++) { - if (types[x].startsWith(domain)) { - types[x] = domain + ":" + type; - break; - } - } - Config.getConfigUtils().setStringValue(ConfigValues.LDAPProviderTypes.name(), StringUtils.join(types, ",")); } public Attributes getDomainAttributes(LdapProviderType general, String domain) { diff --git a/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/KerberosLdapAuthn.java b/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/KerberosLdapAuthn.java index 75cfa20..d0f2d48 100644 --- a/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/KerberosLdapAuthn.java +++ b/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/KerberosLdapAuthn.java @@ -48,6 +48,7 @@ private void doInit(ExtMap inputMap, ExtMap outputMap) { context = inputMap.<ExtMap> get(Base.InvokeKeys.CONTEXT); configuration = context.<Properties> get(Base.ContextKeys.CONFIGURATION); + Config.setConfiguration((Properties) configuration.get("config")); broker = LdapFactory.getInstance(getAuthzName()); context.<List<String>> get( Base.ContextKeys.CONFIGURATION_SENSITIVE_KEYS diff --git a/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/KerberosLdapAuthz.java b/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/KerberosLdapAuthz.java index 68dfb19..cad7eea 100644 --- a/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/KerberosLdapAuthz.java +++ b/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/KerberosLdapAuthz.java @@ -184,6 +184,7 @@ private void doInit(ExtMap inputMap, ExtMap outputMap) { context = inputMap.<ExtMap> get(Base.InvokeKeys.CONTEXT); configuration = context.<Properties> get(Base.ContextKeys.CONFIGURATION); + Config.setConfiguration((Properties) configuration.get("config")); broker = LdapFactory.getInstance(getDirectoryName()); context.mput( Base.ContextKeys.AUTHOR, @@ -201,7 +202,7 @@ "N/A" ).mput( Authz.ContextKeys.QUERY_MAX_FILTER_SIZE, - configuration.get("config.query.filter.size") + Integer.parseInt(Config.getProperty("MaxLDAPQueryPartsNumber")) ).mput( Base.ContextKeys.BUILD_INTERFACE_VERSION, Base.INTERFACE_VERSION_CURRENT); diff --git a/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/KerberosManager.java b/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/KerberosManager.java index 90f9e03..7082669 100644 --- a/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/KerberosManager.java +++ b/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/KerberosManager.java @@ -1,7 +1,7 @@ package org.ovirt.engine.extensions.aaa.builtin.kerberosldap; import java.io.File; -import org.ovirt.engine.core.common.config.ConfigValues; + import org.ovirt.engine.core.utils.log.Log; import org.ovirt.engine.core.utils.log.LogFactory; @@ -16,9 +16,9 @@ private boolean isKerberosAuth() { boolean isKerberosAuth = false; - String authMethod = org.ovirt.engine.core.common.config.Config.<String> getValue(ConfigValues.AuthenticationMethod); - String domainName = org.ovirt.engine.core.common.config.Config.<String> getValue(ConfigValues.DomainName); - String ldapSecurityAuthentication = org.ovirt.engine.core.common.config.Config.<String> getValue(ConfigValues.LDAPSecurityAuthentication); + String authMethod = Config.getProperty("AuthenticationMethod"); + String domainName = Config.getProperty("DomainName"); + String ldapSecurityAuthentication = Config.getProperty("LDAPSecurityAuthentication"); if (authMethod.equalsIgnoreCase("LDAP")) { // If there are domains then we need to load the Kerberos configuration in case the LDAP security diff --git a/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/LDAPTemplateWrapper.java b/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/LDAPTemplateWrapper.java index 3098f10..2224876 100644 --- a/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/LDAPTemplateWrapper.java +++ b/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/LDAPTemplateWrapper.java @@ -5,8 +5,6 @@ import javax.naming.directory.SearchControls; -import org.ovirt.engine.core.common.config.Config; -import org.ovirt.engine.core.common.config.ConfigValues; import org.ovirt.engine.core.ldap.LdapProviderType; import org.ovirt.engine.core.utils.log.Log; import org.ovirt.engine.core.utils.log.LogFactory; @@ -17,6 +15,7 @@ import org.springframework.ldap.core.support.DirContextAuthenticationStrategy; import org.springframework.ldap.core.support.LdapContextSource; import org.springframework.ldap.core.support.SingleContextSource; + import com.sun.jndi.ldap.LdapCtxFactory; public abstract class LDAPTemplateWrapper { @@ -130,7 +129,7 @@ if (log.isDebugEnabled()) { log.debugFormat("LDAP query is {0}", displayFilter); } - int ldapPageSize = Config.<Integer> getValue(ConfigValues.LdapQueryPageSize); + int ldapPageSize = Integer.parseInt(Config.getProperty("LdapQueryPageSize")); PagedResultsDirContextProcessor requestControl = new PagedResultsDirContextProcessor(ldapPageSize); ldapTemplate.search(baseDN, filter, searchControls, handler, requestControl); PagedResultsCookie cookie = requestControl.getCookie(); diff --git a/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/LdapBrokerUtils.java b/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/LdapBrokerUtils.java index cb80ec6..f5d51af 100644 --- a/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/LdapBrokerUtils.java +++ b/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/LdapBrokerUtils.java @@ -12,8 +12,6 @@ import org.apache.commons.lang.StringUtils; import org.apache.commons.lang.exception.ExceptionUtils; -import org.ovirt.engine.core.common.config.Config; -import org.ovirt.engine.core.common.config.ConfigValues; import org.ovirt.engine.core.utils.log.Log; import org.ovirt.engine.core.utils.log.LogFactory; @@ -31,7 +29,7 @@ * @return */ public static List<String> getDomainsList(boolean filterInternalDomain) { - String[] domains = Config.<String> getValue(ConfigValues.DomainName).split("[,]", -1); + String[] domains = Config.getProperty("DomainName").split("[,]", -1); List<String> results = new ArrayList<String>(); for (String domain : domains) { String trimmedDomain = domain.trim(); @@ -40,7 +38,7 @@ } } if (!filterInternalDomain) { - results.add(Config.<String> getValue(ConfigValues.AdminDomain).trim()); + results.add(Config.getProperty("AdminDomain").trim()); } return results; } @@ -211,8 +209,8 @@ * this method adds to hashtable specific ldap configuration. */ public static void addLdapConfigValues(Hashtable<String, String> env){ - env.put("com.sun.jndi.ldap.read.timeout", Long.toString(Config.<Integer> getValue(ConfigValues.LDAPQueryTimeout) * 1000)); - env.put("com.sun.jndi.ldap.connect.timeout", Long.toString(Config.<Integer> getValue(ConfigValues.LDAPConnectTimeout) * 1000)); + env.put("com.sun.jndi.ldap.read.timeout", Long.toString(Integer.parseInt(Config.getProperty("LDAPQueryTimeout")) * 1000)); + env.put("com.sun.jndi.ldap.connect.timeout", Long.toString(Integer.parseInt(Config.getProperty("LDAPConnectTimeout")) * 1000)); } /** diff --git a/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/PrepareLdapConnectionTask.java b/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/PrepareLdapConnectionTask.java index a943f1e..fc94018 100644 --- a/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/PrepareLdapConnectionTask.java +++ b/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/PrepareLdapConnectionTask.java @@ -3,8 +3,6 @@ import java.net.URI; import java.util.concurrent.Callable; -import org.ovirt.engine.core.common.config.Config; -import org.ovirt.engine.core.common.config.ConfigValues; import org.ovirt.engine.core.utils.log.Log; import org.ovirt.engine.core.utils.log.LogFactory; import org.ovirt.engine.core.utils.kerberos.AuthenticationResult; @@ -46,7 +44,7 @@ searcher.getExplicitAuth(), searcher.getExplicitBaseDN(), searcher.getDomainObject(domain).getLdapProviderType(), - Config.<Integer> getValue(ConfigValues.LDAPQueryTimeout) * 1000); + Integer.parseInt(Config.getProperty("LDAPQueryTimeout")) * 1000); ldapctx.afterPropertiesSet(); } catch (Exception e) { log.error("Error connecting to directory server", e); diff --git a/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/UsersDomainsCacheManagerService.java b/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/UsersDomainsCacheManagerService.java index 63bd0ee..d7b643d 100644 --- a/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/UsersDomainsCacheManagerService.java +++ b/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/UsersDomainsCacheManagerService.java @@ -10,12 +10,10 @@ import org.apache.commons.lang.StringUtils; import org.ovirt.engine.core.common.businessentities.LdapGroup; -import org.ovirt.engine.core.common.config.Config; -import org.ovirt.engine.core.common.config.ConfigValues; import org.ovirt.engine.core.common.utils.EnumUtils; -import org.ovirt.engine.core.utils.collections.DomainsPasswordMap; import org.ovirt.engine.core.ldap.LdapProviderType; import org.ovirt.engine.core.ldap.LdapSRVLocator; +import org.ovirt.engine.core.utils.collections.DomainsPasswordMap; import org.ovirt.engine.core.utils.dns.DnsSRVLocator.DnsSRVResult; import org.ovirt.engine.core.utils.kerberos.AuthenticationResult; import org.ovirt.engine.core.utils.kerberos.KerberosUtils; @@ -23,13 +21,6 @@ import org.ovirt.engine.core.utils.log.LogFactory; -// Here we use a Singleton bean -// The @Startup annotation is to make sure the bean is initialized on startup. -// @ConcurrencyManagement - we use bean managed concurrency: -// Singletons that use bean-managed concurrency allow full concurrent access to all the -// business and timeout methods in the singleton. -// The developer of the singleton is responsible for ensuring that the state of the singleton is synchronized across all clients. -// The @DependsOn annotation is in order to make sure it is started after the stated beans are initialized public class UsersDomainsCacheManagerService implements UsersDomainsCacheManager { private static final Log log = LogFactory.getLog(UsersDomainsCacheManagerService.class); @@ -53,10 +44,10 @@ private static volatile UsersDomainsCacheManagerService instance = null; private void fillLdapServersMap() { - String ldapServerPerDomainEntry = Config.<String> getValue(ConfigValues.LdapServers); + String ldapServerPerDomainEntry = Config.getProperty("LdapServers"); if (!ldapServerPerDomainEntry.isEmpty()) { String[] domainServerPairs = ldapServerPerDomainEntry.split(","); - int ldapPort = Config.<Integer> getValue(ConfigValues.LDAPServerPort); + int ldapPort = Integer.parseInt(Config.getProperty("LDAPServerPort")); for (String domainServerPair : domainServerPairs) { String[] parts = domainServerPair.split(":"); @@ -85,7 +76,7 @@ // use // Note that every change in one will probably require the same change in the other private void fillUsersMap() { - String userPerDomainEntry = Config.<String> getValue(ConfigValues.AdUserName); + String userPerDomainEntry = Config.getProperty("AdUserName"); if (!userPerDomainEntry.isEmpty()) { String[] domainUserPairs = userPerDomainEntry.split(","); @@ -100,12 +91,12 @@ } private void fillPasswordsMap() { - passwordPerDomain = Config.<DomainsPasswordMap> getValue(ConfigValues.AdUserPassword); + passwordPerDomain = new DomainsPasswordMap(Config.getProperty("AdUserPassword")); } private void fillLdapSecurityAuthenticationMap() { - String ldapSecurityAuthEntry = Config.<String> getValue(ConfigValues.LDAPSecurityAuthentication); + String ldapSecurityAuthEntry = Config.getProperty("LDAPSecurityAuthentication"); if (!ldapSecurityAuthEntry.isEmpty()) { String[] ldapSecurityPairs = ldapSecurityAuthEntry.split(","); @@ -124,7 +115,8 @@ public void init() { log.info("Start initializing " + getClass().getSimpleName()); - String authMethod = Config.<String> getValue(ConfigValues.AuthenticationMethod); + + String authMethod = Config.getProperty("AuthenticationMethod"); if (!authMethod.equalsIgnoreCase("LDAP")) { return; } @@ -162,7 +154,7 @@ */ protected Map<String, LdapProviderType> parseLDAPProviders() { Map<String, LdapProviderType> domainProviderTypes = new HashMap<String, LdapProviderType>(); - for (String pair : StringUtils.split(Config.<String> getValue(ConfigValues.LDAPProviderTypes), ",")) { + for (String pair : StringUtils.split(Config.getProperty("LDAPProviderTypes"), ",")) { if (pair != null) { String[] split = StringUtils.split(pair, ":"); if (split != null && split[0] != null && split[1] != null) { @@ -231,7 +223,7 @@ } private void constructLDAPUrlOnDNSFailure(Domain domain) { - int ldapPort = Config.<Integer> getValue(ConfigValues.LDAPServerPort); + int ldapPort = Integer.parseInt(Config.getProperty("LDAPServerPort")); StringBuilder ldapURL = new StringBuilder(); ldapURL.append("ldap://";).append(domain.getName()).append(":").append(ldapPort); try { diff --git a/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/UsersObjectIdQueryGenerator.java b/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/UsersObjectIdQueryGenerator.java index 83b6e6a..802e36e 100644 --- a/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/UsersObjectIdQueryGenerator.java +++ b/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/UsersObjectIdQueryGenerator.java @@ -6,8 +6,6 @@ import java.util.ArrayList; import java.util.List; -import org.ovirt.engine.core.common.config.Config; -import org.ovirt.engine.core.common.config.ConfigValues; import org.ovirt.engine.core.compat.Guid; /** @@ -16,7 +14,7 @@ public class UsersObjectIdQueryGenerator extends LdapQueryDataGeneratorBase<Guid> { public List<LdapQueryData> getLdapQueriesData(String domain) { - int queryLimit = Config.<Integer> getValue(ConfigValues.MaxLDAPQueryPartsNumber); + int queryLimit = Integer.parseInt("MaxLDAPQueryPartsNumber"); List<LdapQueryData> results = new ArrayList<LdapQueryData>(); LdapQueryData subQueryData = new LdapQueryDataImpl(); diff --git a/backend/manager/modules/utils/src/main/java/org/ovirt/engine/core/utils/collections/DomainsPasswordMap.java b/backend/manager/modules/utils/src/main/java/org/ovirt/engine/core/utils/collections/DomainsPasswordMap.java index ea9d8c0..d26b319 100644 --- a/backend/manager/modules/utils/src/main/java/org/ovirt/engine/core/utils/collections/DomainsPasswordMap.java +++ b/backend/manager/modules/utils/src/main/java/org/ovirt/engine/core/utils/collections/DomainsPasswordMap.java @@ -12,6 +12,7 @@ public class DomainsPasswordMap implements Map<String, String> { private final Map<String, String> map; + private String csvOfDomainToPassword; /** * This structure is a map of domains to decrypted password. It initializes from a comma separated list of @@ -23,6 +24,7 @@ * @param certAlias */ public DomainsPasswordMap(String csvOfDomainToPassword) { + this.csvOfDomainToPassword = csvOfDomainToPassword; if (!csvOfDomainToPassword.isEmpty()) { String[] domainPasswordPairs = csvOfDomainToPassword.split(","); map = new HashMap<String, String>(domainPasswordPairs.length); @@ -43,6 +45,10 @@ } } + public String toString() { + return csvOfDomainToPassword; + } + @Override public int size() { return map.size(); -- To view, visit http://gerrit.ovirt.org/27607 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: newchange Gerrit-Change-Id: I1384a99f73ab605b61bce8dcdfd63e222b0001fa Gerrit-PatchSet: 1 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Yair Zaslavsky <[email protected]> _______________________________________________ Engine-patches mailing list [email protected] http://lists.ovirt.org/mailman/listinfo/engine-patches
