[
https://issues.apache.org/jira/browse/AMBARI-22667?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16319032#comment-16319032
]
ASF GitHub Bot commented on AMBARI-22667:
-----------------------------------------
smolnar82 opened a new pull request #77: AMBARI-22667: Use internal LDAP
configuration values rather than ambari.properties
URL: https://github.com/apache/ambari/pull/77
@rlevas @zeroflag @echekanskiy
Local build result:
[INFO]
------------------------------------------------------------------------
[INFO] BUILD SUCCESS
[INFO]
------------------------------------------------------------------------
[INFO] Total time: 33:51 min
[INFO] Finished at: 2018-01-09T16:35:33+01:00
[INFO] Final Memory: 215M/897M
[INFO]
------------------------------------------------------------------------
Besides updating the unit tests I also conducted integration tests against a
sample LDAP server (ldap.forumsys.com:389):
- uid=boyle with proper credentials (password=password) was able to use the
API; retrieved HTTP response code of 200
- uid=boyle with wrong credentials (password!=password) was not able to use
the API; retrieved HTTP response code of 403
Continuously checked ambari-server.log to see if LDAP configuration is
loaded/reloaded from the DB.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
> Use internal LDAP configuration values rather than ambari.properties values
> when accessing the configured LDAP server
> ---------------------------------------------------------------------------------------------------------------------
>
> Key: AMBARI-22667
> URL: https://issues.apache.org/jira/browse/AMBARI-22667
> Project: Ambari
> Issue Type: Task
> Components: ambari-server
> Affects Versions: 3.0.0
> Reporter: Sandor Molnar
> Assignee: Sandor Molnar
> Priority: Critical
> Labels: ldap
> Fix For: 3.0.0
>
>
> Use internal LDAP configuration values rather than ambari.properties values
> when accessing the configured LDAP server for LDAP sync and authentication.
> * Deprecate {{setup-ldap}} from the {{ambari-server}} script.
> ** Rather then perform any operations, alert user to configure LDAP
> integration from the Ambari UI
> * Lookup LDAP-specific properties from the Ambari configuration data under
> the "ldap-configuration" category.
> * Remove relevant properties from
> {{org.apache.ambari.server.configuration.Configuration}}
> ** ambari.ldap.isConfigured
> ** authentication.ldap.useSSL
> ** authentication.ldap.primaryUrl
> ** authentication.ldap.secondaryUrl
> ** authentication.ldap.baseDn
> ** authentication.ldap.bindAnonymously
> ** authentication.ldap.managerDn
> ** authentication.ldap.managerPassword
> ** authentication.ldap.dnAttribute
> ** authentication.ldap.usernameAttribute
> ** authentication.ldap.username.forceLowercase
> ** authentication.ldap.userBase
> ** authentication.ldap.userObjectClass
> ** authentication.ldap.groupBase
> ** authentication.ldap.groupObjectClass
> ** authentication.ldap.groupNamingAttr
> ** authentication.ldap.groupMembershipAttr
> ** authorization.ldap.adminGroupMappingRules
> ** authentication.ldap.userSearchFilter
> ** authentication.ldap.alternateUserSearchEnabled
> ** authentication.ldap.alternateUserSearchFilter
> ** authorization.ldap.groupSearchFilter
> ** authentication.ldap.referral
> ** authentication.ldap.pagination.enabled
> ** authentication.ldap.sync.userMemberReplacePattern
> ** authentication.ldap.sync.groupMemberReplacePattern
> ** authentication.ldap.sync.userMemberFilter
> ** authentication.ldap.sync.groupMemberFilter
> ** ldap.sync.username.collision.behavior
>
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
