http://git-wip-us.apache.org/repos/asf/ambari/blob/17b48bf4/ambari-server/src/main/java/org/apache/ambari/server/security/ldap/LdapUserGroupMemberDto.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/security/ldap/LdapUserGroupMemberDto.java b/ambari-server/src/main/java/org/apache/ambari/server/security/ldap/LdapUserGroupMemberDto.java new file mode 100644 index 0000000..319b831 --- /dev/null +++ b/ambari-server/src/main/java/org/apache/ambari/server/security/ldap/LdapUserGroupMemberDto.java @@ -0,0 +1,82 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.ambari.server.security.ldap; + +/** + * Pojo with information about LDAP membership. + */ +public class LdapUserGroupMemberDto { + /** + * Name of the group. + */ + private final String groupName; + + /** + * Name of the user. + */ + private final String userName; + + /** + * Constructor. + * + * @param groupName group name + * @param userName user name + */ + public LdapUserGroupMemberDto(String groupName, String userName) { + this.groupName = groupName; + this.userName = userName; + } + + /** + * Get the group name. + * + * @return the group name + */ + public String getGroupName() { + return groupName; + } + + /** + * Get the user name. + * + * @return the user name + */ + public String getUserName() { + return userName; + } + + @Override + public boolean equals(Object o) { + if (this == o) return true; + if (o == null || getClass() != o.getClass()) return false; + + LdapUserGroupMemberDto that = (LdapUserGroupMemberDto) o; + + if (userName != null ? !userName.equals(that.userName) : that.userName != null) return false; + if (groupName != null ? !groupName.equals(that.groupName) : that.groupName != null) return false; + + return true; + } + + @Override + public int hashCode() { + int result = userName != null ? userName.hashCode() : 0; + result = 31 * result + (groupName != null ? groupName.hashCode() : 0); + return result; + } +}
http://git-wip-us.apache.org/repos/asf/ambari/blob/17b48bf4/ambari-server/src/main/python/ambari-server.py ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/python/ambari-server.py b/ambari-server/src/main/python/ambari-server.py index 81b79d1..35ba17b 100755 --- a/ambari-server/src/main/python/ambari-server.py +++ b/ambari-server/src/main/python/ambari-server.py @@ -2940,11 +2940,11 @@ def setup_ldap(): LDAP_PRIMARY_URL_DEFAULT = get_value_from_properties(properties, ldap_property_list_reqd[0]) LDAP_SECONDARY_URL_DEFAULT = get_value_from_properties(properties, ldap_property_list_reqd[1]) LDAP_USE_SSL_DEFAULT = get_value_from_properties(properties, ldap_property_list_reqd[2], "false") - LDAP_USER_CLASS_DEFAULT = get_value_from_properties(properties, ldap_property_list_reqd[3], "person") + LDAP_USER_CLASS_DEFAULT = get_value_from_properties(properties, ldap_property_list_reqd[3], "posixAccount") LDAP_USER_ATT_DEFAULT = get_value_from_properties(properties, ldap_property_list_reqd[4], "uid") - LDAP_GROUP_CLASS_DEFAULT = get_value_from_properties(properties, ldap_property_list_reqd[5], "groupOfUniqueNames") + LDAP_GROUP_CLASS_DEFAULT = get_value_from_properties(properties, ldap_property_list_reqd[5], "posixGroup") LDAP_GROUP_ATT_DEFAULT = get_value_from_properties(properties, ldap_property_list_reqd[6], "cn") - LDAP_GROUP_MEMBER_DEFAULT = get_value_from_properties(properties, ldap_property_list_reqd[7], "uniqueMember") + LDAP_GROUP_MEMBER_DEFAULT = get_value_from_properties(properties, ldap_property_list_reqd[7], "memberUid") LDAP_BASE_DN_DEFAULT = get_value_from_properties(properties, ldap_property_list_reqd[8]) LDAP_BIND_DEFAULT = get_value_from_properties(properties, ldap_property_list_reqd[9], "false") LDAP_MGR_DN_DEFAULT = get_value_from_properties(properties, ldap_property_list_opt[0]) http://git-wip-us.apache.org/repos/asf/ambari/blob/17b48bf4/ambari-server/src/main/resources/META-INF/persistence.xml ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/META-INF/persistence.xml b/ambari-server/src/main/resources/META-INF/persistence.xml index dfbf93e..2d8fedb 100644 --- a/ambari-server/src/main/resources/META-INF/persistence.xml +++ b/ambari-server/src/main/resources/META-INF/persistence.xml @@ -75,7 +75,11 @@ <!--<property name="javax.persistence.jdbc.driver" value="org.postgresql.Driver" />--> <property name="eclipselink.cache.size.default" value="10000" /> <property name="eclipselink.jdbc.batch-writing" value="JDBC"/> + <property name="eclipselink.jdbc.batch-writing.size" value="4000"/> + <property name="eclipselink.jdbc.sequence-connection-pool" value="true" /> <property name="eclipselink.weaving" value="static" /> + + <!--<property name="eclipselink.logging.level.sql" value="FINEST" />--> <!--<property name="eclipselink.id-validation" value="NULL" />--> </properties> http://git-wip-us.apache.org/repos/asf/ambari/blob/17b48bf4/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariLdapDataPopulatorTest.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariLdapDataPopulatorTest.java b/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariLdapDataPopulatorTest.java deleted file mode 100644 index 23f53cf..0000000 --- a/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariLdapDataPopulatorTest.java +++ /dev/null @@ -1,261 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.apache.ambari.server.security.authorization; - -import java.util.ArrayList; -import java.util.Collections; -import java.util.Date; -import java.util.HashMap; -import java.util.HashSet; -import java.util.List; -import java.util.Map; -import java.util.Set; - -import junit.framework.Assert; - -import org.apache.ambari.server.AmbariException; -import org.apache.ambari.server.configuration.Configuration; -import org.apache.ambari.server.orm.entities.GroupEntity; -import org.apache.ambari.server.orm.entities.MemberEntity; -import org.apache.ambari.server.orm.entities.PrincipalEntity; -import org.apache.ambari.server.orm.entities.PrivilegeEntity; -import org.apache.ambari.server.orm.entities.UserEntity; -import org.easymock.Capture; -import org.easymock.EasyMock; -import org.easymock.IAnswer; -import org.junit.Test; -import org.springframework.ldap.core.LdapTemplate; - -public class AmbariLdapDataPopulatorTest { - private static class AmbariLdapDataPopulatorTestInstance extends AmbariLdapDataPopulator { - - public AmbariLdapDataPopulatorTestInstance(Configuration configuration, - Users users) { - super(configuration, users); - this.ldapServerProperties = EasyMock.createNiceMock(LdapServerProperties.class); - } - - final LdapTemplate ldapTemplate = EasyMock.createNiceMock(LdapTemplate.class); - - @Override - protected LdapTemplate loadLdapTemplate() { - return ldapTemplate; - } - - public LdapServerProperties getLdapServerProperties() { - return this.ldapServerProperties; - } - } - - @Test - public void testRefreshGroupMembers() throws AmbariException { - final Configuration configuration = EasyMock.createNiceMock(Configuration.class); - final Users users = EasyMock.createNiceMock(Users.class); - - final GroupEntity ldapGroup = new GroupEntity(); - ldapGroup.setGroupId(1); - ldapGroup.setGroupName("ldapGroup"); - ldapGroup.setLdapGroup(true); - ldapGroup.setMemberEntities(new HashSet<MemberEntity>()); - - final User ldapUserWithoutGroup = createLdapUserWithoutGroup(); - final User ldapUserWithGroup = createLdapUserWithGroup(ldapGroup); - final User localUserWithoutGroup = createLocalUserWithoutGroup(); - final User localUserWithGroup = createLocalUserWithGroup(ldapGroup); - - final AmbariLdapDataPopulator populator = new AmbariLdapDataPopulatorTestInstance(configuration, users) { - @Override - protected Set<String> getExternalLdapGroupMembers(String groupName) { - return new HashSet<String>() { - { - add(ldapUserWithGroup.getUserName()); - add(ldapUserWithoutGroup.getUserName()); - } - }; - } - - @Override - protected Map<String, User> getInternalUsers() { - return new HashMap<String, User>() { - { - put(localUserWithGroup.getUserName(), localUserWithGroup); - put(localUserWithoutGroup.getUserName(), localUserWithoutGroup); - } - }; - } - - @Override - protected Map<String, User> getInternalMembers(String groupName) { - return new HashMap<String, User>() { - { - put(localUserWithGroup.getUserName(), localUserWithGroup); - } - }; - } - }; - - users.createUser(EasyMock.<String> anyObject(), EasyMock.<String> anyObject()); - EasyMock.expectLastCall().times(2); - - users.addMemberToGroup(EasyMock.<String> anyObject(), EasyMock.<String> anyObject()); - EasyMock.expectLastCall().times(2); - - EasyMock.replay(users); - - populator.refreshGroupMembers(ldapGroup.getGroupName()); - - EasyMock.verify(users); - } - - @Test - public void testIsLdapEnabled_badConfiguration() { - final Configuration configuration = EasyMock.createNiceMock(Configuration.class); - final Users users = EasyMock.createNiceMock(Users.class); - - final AmbariLdapDataPopulator populator = new AmbariLdapDataPopulatorTestInstance(configuration, users); - - EasyMock.expect(configuration.isLdapConfigured()).andReturn(true); - EasyMock.expect(populator.loadLdapTemplate().list(EasyMock. <String>anyObject())).andThrow(new NullPointerException()).once(); - EasyMock.replay(populator.loadLdapTemplate(), configuration); - - Assert.assertFalse(populator.isLdapEnabled()); - EasyMock.verify(populator.loadLdapTemplate(), configuration); - } - - @Test - public void testIsLdapEnabled_reallyEnabled() { - final Configuration configuration = EasyMock.createNiceMock(Configuration.class); - final Users users = EasyMock.createNiceMock(Users.class); - - final AmbariLdapDataPopulator populator = new AmbariLdapDataPopulatorTestInstance(configuration, users); - - EasyMock.expect(configuration.isLdapConfigured()).andReturn(true); - EasyMock.expect(populator.loadLdapTemplate().list(EasyMock. <String>anyObject())).andReturn(Collections.emptyList()).once(); - EasyMock.replay(populator.loadLdapTemplate(),configuration); - - Assert.assertTrue(populator.isLdapEnabled()); - EasyMock.verify(populator.loadLdapTemplate(), configuration); - } - - @Test - public void testIsLdapEnabled_reallyDisabled() { - final Configuration configuration = EasyMock.createNiceMock(Configuration.class); - final Users users = EasyMock.createNiceMock(Users.class); - - final AmbariLdapDataPopulator populator = new AmbariLdapDataPopulatorTestInstance(configuration, users); - - EasyMock.expect(configuration.isLdapConfigured()).andReturn(false); - EasyMock.replay(populator.loadLdapTemplate(), configuration); - - Assert.assertFalse(populator.isLdapEnabled()); - EasyMock.verify(populator.loadLdapTemplate(), configuration); - } - - @Test - @SuppressWarnings("serial") - public void testCleanUpLdapUsersWithoutGroup() throws AmbariException { - final Configuration configuration = EasyMock.createNiceMock(Configuration.class); - final Users users = EasyMock.createNiceMock(Users.class); - - final GroupEntity ldapGroup = new GroupEntity(); - ldapGroup.setGroupId(1); - ldapGroup.setGroupName("ldapGroup"); - ldapGroup.setLdapGroup(true); - ldapGroup.setMemberEntities(new HashSet<MemberEntity>()); - - final User ldapUserWithoutGroup = createLdapUserWithoutGroup(); - final User ldapUserWithGroup = createLdapUserWithGroup(ldapGroup); - final User localUserWithoutGroup = createLocalUserWithoutGroup(); - final User localUserWithGroup = createLocalUserWithGroup(ldapGroup); - - final List<User> allUsers = new ArrayList<User>() { - { - add(ldapUserWithoutGroup); - add(ldapUserWithGroup); - add(localUserWithoutGroup); - add(localUserWithGroup); - } - }; - EasyMock.expect(users.getAllUsers()).andReturn(new ArrayList<User>(allUsers)); - - final List<User> removedUsers = new ArrayList<User>(); - final Capture<User> userCapture = new Capture<User>(); - users.removeUser(EasyMock.capture(userCapture)); - EasyMock.expectLastCall().andAnswer(new IAnswer<Void>() { - @Override - public Void answer() throws Throwable { - removedUsers.add(userCapture.getValue()); - allUsers.remove(userCapture.getValue()); - return null; - } - }); - - EasyMock.replay(users); - - final AmbariLdapDataPopulator populator = new AmbariLdapDataPopulatorTestInstance(configuration, users); - populator.cleanUpLdapUsersWithoutGroup(); - - Assert.assertEquals(removedUsers.size(), 1); - Assert.assertEquals(allUsers.size(), 3); - Assert.assertTrue(allUsers.contains(ldapUserWithGroup)); - Assert.assertTrue(allUsers.contains(localUserWithoutGroup)); - Assert.assertTrue(allUsers.contains(localUserWithGroup)); - Assert.assertEquals(removedUsers.get(0), ldapUserWithoutGroup); - - EasyMock.verify(users); - } - - private static int userIdCounter = 1; - - private User createUser(String name, boolean ldapUser, GroupEntity group) { - final UserEntity userEntity = new UserEntity(); - userEntity.setUserId(userIdCounter++); - userEntity.setUserName(name); - userEntity.setCreateTime(new Date()); - userEntity.setLdapUser(ldapUser); - userEntity.setActive(true); - userEntity.setMemberEntities(new HashSet<MemberEntity>()); - final PrincipalEntity principalEntity = new PrincipalEntity(); - principalEntity.setPrivileges(new HashSet<PrivilegeEntity>()); - userEntity.setPrincipal(principalEntity); - if (group != null) { - final MemberEntity member = new MemberEntity(); - member.setUser(userEntity); - member.setGroup(group); - group.getMemberEntities().add(member); - userEntity.getMemberEntities().add(member); - } - return new User(userEntity); - } - - private User createLdapUserWithoutGroup() { - return createUser("LdapUserWithoutGroup", true, null); - } - - private User createLocalUserWithoutGroup() { - return createUser("LocalUserWithoutGroup", false, null); - } - - private User createLdapUserWithGroup(GroupEntity group) { - return createUser("LdapUserWithGroup", true, group); - } - - private User createLocalUserWithGroup(GroupEntity group) { - return createUser("LocalUserWithGroup", false, group); - } -} http://git-wip-us.apache.org/repos/asf/ambari/blob/17b48bf4/ambari-server/src/test/java/org/apache/ambari/server/security/ldap/AmbariLdapDataPopulatorTest.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/java/org/apache/ambari/server/security/ldap/AmbariLdapDataPopulatorTest.java b/ambari-server/src/test/java/org/apache/ambari/server/security/ldap/AmbariLdapDataPopulatorTest.java new file mode 100644 index 0000000..906d695 --- /dev/null +++ b/ambari-server/src/test/java/org/apache/ambari/server/security/ldap/AmbariLdapDataPopulatorTest.java @@ -0,0 +1,202 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.ambari.server.security.ldap; + +import java.util.ArrayList; +import java.util.Collections; +import java.util.Date; +import java.util.HashSet; +import java.util.List; +import junit.framework.Assert; + +import org.apache.ambari.server.AmbariException; +import org.apache.ambari.server.configuration.Configuration; +import org.apache.ambari.server.orm.entities.GroupEntity; +import org.apache.ambari.server.orm.entities.MemberEntity; +import org.apache.ambari.server.orm.entities.PrincipalEntity; +import org.apache.ambari.server.orm.entities.PrivilegeEntity; +import org.apache.ambari.server.orm.entities.UserEntity; +import org.apache.ambari.server.security.authorization.LdapServerProperties; +import org.apache.ambari.server.security.authorization.User; +import org.apache.ambari.server.security.authorization.Users; +import org.apache.ambari.server.security.ldap.AmbariLdapDataPopulator; +import org.easymock.Capture; +import org.easymock.EasyMock; +import org.easymock.IAnswer; +import org.junit.Test; +import org.springframework.ldap.core.AttributesMapper; +import org.springframework.ldap.core.LdapTemplate; + +public class AmbariLdapDataPopulatorTest { + private static class AmbariLdapDataPopulatorTestInstance extends AmbariLdapDataPopulator { + + public AmbariLdapDataPopulatorTestInstance(Configuration configuration, + Users users) { + super(configuration, users); + this.ldapServerProperties = EasyMock.createNiceMock(LdapServerProperties.class); + } + + final LdapTemplate ldapTemplate = EasyMock.createNiceMock(LdapTemplate.class); + + @Override + protected LdapTemplate loadLdapTemplate() { + return ldapTemplate; + } + + public LdapServerProperties getLdapServerProperties() { + return this.ldapServerProperties; + } + } + + @Test + public void testIsLdapEnabled_badConfiguration() { + final Configuration configuration = EasyMock.createNiceMock(Configuration.class); + final Users users = EasyMock.createNiceMock(Users.class); + + final AmbariLdapDataPopulator populator = new AmbariLdapDataPopulatorTestInstance(configuration, users); + + EasyMock.expect(configuration.isLdapConfigured()).andReturn(true); + EasyMock.expect(populator.loadLdapTemplate().search(EasyMock. <String>anyObject(), EasyMock. <String>anyObject(), EasyMock. <AttributesMapper>anyObject())).andThrow(new NullPointerException()).once(); + EasyMock.replay(populator.loadLdapTemplate(), configuration); + + Assert.assertFalse(populator.isLdapEnabled()); + EasyMock.verify(populator.loadLdapTemplate(), configuration); + } + + @Test + public void testIsLdapEnabled_reallyEnabled() { + final Configuration configuration = EasyMock.createNiceMock(Configuration.class); + final Users users = EasyMock.createNiceMock(Users.class); + + final AmbariLdapDataPopulator populator = new AmbariLdapDataPopulatorTestInstance(configuration, users); + + EasyMock.expect(configuration.isLdapConfigured()).andReturn(true); + EasyMock.expect(populator.loadLdapTemplate().search(EasyMock. <String>anyObject(), EasyMock. <String>anyObject(), EasyMock. <AttributesMapper>anyObject())).andReturn(Collections.emptyList()).once(); + EasyMock.replay(populator.loadLdapTemplate(), configuration); + + Assert.assertTrue(populator.isLdapEnabled()); + EasyMock.verify(populator.loadLdapTemplate(), configuration); + } + + @Test + public void testIsLdapEnabled_reallyDisabled() { + final Configuration configuration = EasyMock.createNiceMock(Configuration.class); + final Users users = EasyMock.createNiceMock(Users.class); + + final AmbariLdapDataPopulator populator = new AmbariLdapDataPopulatorTestInstance(configuration, users); + + EasyMock.expect(configuration.isLdapConfigured()).andReturn(false); + EasyMock.replay(populator.loadLdapTemplate(), configuration); + + Assert.assertFalse(populator.isLdapEnabled()); + EasyMock.verify(populator.loadLdapTemplate(), configuration); + } + + @Test + @SuppressWarnings("serial") + public void testCleanUpLdapUsersWithoutGroup() throws AmbariException { + final Configuration configuration = EasyMock.createNiceMock(Configuration.class); + final Users users = EasyMock.createNiceMock(Users.class); + + final GroupEntity ldapGroup = new GroupEntity(); + ldapGroup.setGroupId(1); + ldapGroup.setGroupName("ldapGroup"); + ldapGroup.setLdapGroup(true); + ldapGroup.setMemberEntities(new HashSet<MemberEntity>()); + + final User ldapUserWithoutGroup = createLdapUserWithoutGroup(); + final User ldapUserWithGroup = createLdapUserWithGroup(ldapGroup); + final User localUserWithoutGroup = createLocalUserWithoutGroup(); + final User localUserWithGroup = createLocalUserWithGroup(ldapGroup); + + final List<User> allUsers = new ArrayList<User>() { + { + add(ldapUserWithoutGroup); + add(ldapUserWithGroup); + add(localUserWithoutGroup); + add(localUserWithGroup); + } + }; + EasyMock.expect(users.getAllUsers()).andReturn(new ArrayList<User>(allUsers)); + + final List<User> removedUsers = new ArrayList<User>(); + final Capture<User> userCapture = new Capture<User>(); + users.removeUser(EasyMock.capture(userCapture)); + EasyMock.expectLastCall().andAnswer(new IAnswer<Void>() { + @Override + public Void answer() throws Throwable { + removedUsers.add(userCapture.getValue()); + allUsers.remove(userCapture.getValue()); + return null; + } + }); + + EasyMock.replay(users); + + final AmbariLdapDataPopulator populator = new AmbariLdapDataPopulatorTestInstance(configuration, users); + populator.cleanUpLdapUsersWithoutGroup(); + + Assert.assertEquals(removedUsers.size(), 1); + Assert.assertEquals(allUsers.size(), 3); + Assert.assertTrue(allUsers.contains(ldapUserWithGroup)); + Assert.assertTrue(allUsers.contains(localUserWithoutGroup)); + Assert.assertTrue(allUsers.contains(localUserWithGroup)); + Assert.assertEquals(removedUsers.get(0), ldapUserWithoutGroup); + + EasyMock.verify(users); + } + + private static int userIdCounter = 1; + + private User createUser(String name, boolean ldapUser, GroupEntity group) { + final UserEntity userEntity = new UserEntity(); + userEntity.setUserId(userIdCounter++); + userEntity.setUserName(name); + userEntity.setCreateTime(new Date()); + userEntity.setLdapUser(ldapUser); + userEntity.setActive(true); + userEntity.setMemberEntities(new HashSet<MemberEntity>()); + final PrincipalEntity principalEntity = new PrincipalEntity(); + principalEntity.setPrivileges(new HashSet<PrivilegeEntity>()); + userEntity.setPrincipal(principalEntity); + if (group != null) { + final MemberEntity member = new MemberEntity(); + member.setUser(userEntity); + member.setGroup(group); + group.getMemberEntities().add(member); + userEntity.getMemberEntities().add(member); + } + return new User(userEntity); + } + + private User createLdapUserWithoutGroup() { + return createUser("LdapUserWithoutGroup", true, null); + } + + private User createLocalUserWithoutGroup() { + return createUser("LocalUserWithoutGroup", false, null); + } + + private User createLdapUserWithGroup(GroupEntity group) { + return createUser("LdapUserWithGroup", true, group); + } + + private User createLocalUserWithGroup(GroupEntity group) { + return createUser("LocalUserWithGroup", false, group); + } +} http://git-wip-us.apache.org/repos/asf/ambari/blob/17b48bf4/ambari-server/src/test/java/org/apache/ambari/server/security/ldap/LdapPerformanceTest.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/java/org/apache/ambari/server/security/ldap/LdapPerformanceTest.java b/ambari-server/src/test/java/org/apache/ambari/server/security/ldap/LdapPerformanceTest.java new file mode 100644 index 0000000..a2cb388 --- /dev/null +++ b/ambari-server/src/test/java/org/apache/ambari/server/security/ldap/LdapPerformanceTest.java @@ -0,0 +1,94 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.ambari.server.security.ldap; + +import java.util.HashSet; +import java.util.Set; + +import org.apache.ambari.server.AmbariException; +import org.apache.ambari.server.configuration.Configuration; +import org.apache.ambari.server.orm.GuiceJpaInitializer; +import org.apache.ambari.server.security.ClientSecurityType; +import org.apache.ambari.server.security.authorization.AuthorizationTestModule; +import org.apache.ambari.server.security.authorization.Users; +import org.junit.Before; +import org.junit.Ignore; +import org.junit.Test; + +import com.google.inject.Guice; +import com.google.inject.Inject; +import com.google.inject.Injector; + +/** + * Performs sync request to real LDAP server. + */ +@Ignore +public class LdapPerformanceTest { + + private static Injector injector; + + @Inject + private AmbariLdapDataPopulator populator; + + @Inject + private Users users; + + @Inject + Configuration configuration; + + final String SPRING_CONTEXT_LOCATION = "classpath:webapp/WEB-INF/spring-security.xml"; + + @Before + public void setUp() { + injector = Guice.createInjector(new AuthorizationTestModule()); + + injector.injectMembers(this); + injector.getInstance(GuiceJpaInitializer.class); + configuration.setClientSecurityType(ClientSecurityType.LDAP); + configuration.setLdap("c6402.ambari.apache.org:389", "posixAccount", "uid", + "posixGroup", "cn", "memberUid", "dc=apache,dc=org", false, + "uid=hdfs,ou=people,ou=dev,dc=apache,dc=org", "hdfs"); + } + + @Test + public void testLdapSync() throws AmbariException, InterruptedException { + long time = System.currentTimeMillis(); + Set<LdapGroupDto> groups = populator.getExternalLdapGroupInfo(); + Set<LdapUserDto> users = populator.getExternalLdapUserInfo(); + Set<String> userNames = new HashSet<String>(); + for (LdapUserDto user : users) { + userNames.add(user.getUserName()); + } + Set<String> groupNames = new HashSet<String>(); + for (LdapGroupDto group : groups) { + groupNames.add(group.getGroupName()); + } + System.out.println("Data fetch: " + (System.currentTimeMillis() - time)); + time = System.currentTimeMillis(); + LdapBatchDto batchDto = populator.synchronizeLdapUsersAndGroups(userNames, groupNames); + batchDto = populator.synchronizeLdapUsersAndGroups(userNames, groupNames); + this.users.processLdapSync(batchDto); + System.out.println("Initial sync: " + (System.currentTimeMillis() - time)); + time = System.currentTimeMillis(); + batchDto = populator.synchronizeLdapUsersAndGroups(userNames, groupNames); + this.users.processLdapSync(batchDto); + System.out.println("Subsequent sync: " + (System.currentTimeMillis() - time)); + time = System.currentTimeMillis(); + } +}