[45/50] [abbrv] hadoop git commit: HADOOP-15950. Failover for LdapGroupsMapping. Contributed by Lukas Majercak.
HADOOP-15950. Failover for LdapGroupsMapping. Contributed by Lukas Majercak.
Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo
Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/1f8c879d
Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/1f8c879d
Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/1f8c879d
Branch: refs/heads/branch-2-jhung-test
Commit: 1f8c879d169cce8855f6865939fb9f14b147c6b4
Parents: 15ce8df
Author: Giovanni Matteo Fumarola
Authored: Mon Dec 3 12:10:05 2018 -0800
Committer: Jonathan Hung
Committed: Fri Dec 14 16:03:56 2018 -0800
--
.../hadoop/security/LdapGroupsMapping.java | 163 +--
.../src/main/resources/core-default.xml | 28 +++-
.../src/site/markdown/GroupsMapping.md | 54 +-
.../hadoop/security/TestLdapGroupsMapping.java | 80 -
.../security/TestLdapGroupsMappingBase.java | 76 -
.../TestLdapGroupsMappingWithFailover.java | 142
.../TestLdapGroupsMappingWithOneQuery.java | 16 +-
.../TestLdapGroupsMappingWithPosixGroup.java| 10 +-
8 files changed, 450 insertions(+), 119 deletions(-)
--
http://git-wip-us.apache.org/repos/asf/hadoop/blob/1f8c879d/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/LdapGroupsMapping.java
--
diff --git
a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/LdapGroupsMapping.java
b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/LdapGroupsMapping.java
index 6beaa9e..83eb5ad 100644
---
a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/LdapGroupsMapping.java
+++
b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/LdapGroupsMapping.java
@@ -25,6 +25,7 @@ import java.nio.charset.StandardCharsets;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Hashtable;
+import java.util.Iterator;
import java.util.List;
import java.util.HashSet;
import java.util.Collection;
@@ -40,7 +41,10 @@ import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import javax.naming.ldap.LdapName;
import javax.naming.ldap.Rdn;
+import javax.naming.spi.InitialContextFactory;
+import com.google.common.collect.Iterators;
+import com.sun.jndi.ldap.LdapCtxFactory;
import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.classification.InterfaceStability;
import org.apache.hadoop.conf.Configurable;
@@ -83,7 +87,7 @@ public class LdapGroupsMapping
public static final String LDAP_CONFIG_PREFIX =
"hadoop.security.group.mapping.ldap";
/*
- * URL of the LDAP server
+ * URL of the LDAP server(s)
*/
public static final String LDAP_URL_KEY = LDAP_CONFIG_PREFIX + ".url";
public static final String LDAP_URL_DEFAULT = "";
@@ -232,6 +236,20 @@ public class LdapGroupsMapping
LDAP_CONFIG_PREFIX + ".read.timeout.ms";
public static final int READ_TIMEOUT_DEFAULT = 60 * 1000; // 60 seconds
+ public static final String LDAP_NUM_ATTEMPTS_KEY =
+ LDAP_CONFIG_PREFIX + ".num.attempts";
+ public static final int LDAP_NUM_ATTEMPTS_DEFAULT = 3;
+
+ public static final String LDAP_NUM_ATTEMPTS_BEFORE_FAILOVER_KEY =
+ LDAP_CONFIG_PREFIX + ".num.attempts.before.failover";
+ public static final int LDAP_NUM_ATTEMPTS_BEFORE_FAILOVER_DEFAULT =
+ LDAP_NUM_ATTEMPTS_DEFAULT;
+
+ public static final String LDAP_CTX_FACTORY_CLASS_KEY =
+ LDAP_CONFIG_PREFIX + ".ctx.factory.class";
+ public static final Class
+ LDAP_CTX_FACTORY_CLASS_DEFAULT = LdapCtxFactory.class;
+
private static final Logger LOG =
LoggerFactory.getLogger(LdapGroupsMapping.class);
@@ -242,8 +260,10 @@ public class LdapGroupsMapping
private DirContext ctx;
private Configuration conf;
-
- private String ldapUrl;
+
+ private Iterator ldapUrls;
+ private String currentLdapUrl;
+
private boolean useSsl;
private String keystore;
private String keystorePass;
@@ -258,14 +278,15 @@ public class LdapGroupsMapping
private String memberOfAttr;
private String groupMemberAttr;
private String groupNameAttr;
- private intgroupHierarchyLevels;
+ private int groupHierarchyLevels;
private String posixUidAttr;
private String posixGidAttr;
private boolean isPosix;
private boolean useOneQuery;
+ private int numAttempts;
+ private int numAttemptsBeforeFailover;
+ private Class ldapCxtFactoryClass;
- public static final int RECONNECT_RETRY_COUNT = 3;
-
/**
* Returns list of groups for a user.
*
@@ -279,20 +300,31 @@ public class LdapGroupsMapping
@Override
public synchronized List getGroups(String user) {
/*
- * Normal garbage collection takes care of
[31/50] [abbrv] hadoop git commit: HADOOP-15950. Failover for LdapGroupsMapping. Contributed by Lukas Majercak.
HADOOP-15950. Failover for LdapGroupsMapping. Contributed by Lukas Majercak.
Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo
Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/46f0f4c1
Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/46f0f4c1
Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/46f0f4c1
Branch: refs/heads/branch-2-jhung-test
Commit: 46f0f4c1d1ad91d02beaa63659345238174266e4
Parents: a121955
Author: Inigo Goiri
Authored: Mon Dec 3 13:23:10 2018 -0800
Committer: Jonathan Hung
Committed: Fri Dec 14 16:03:56 2018 -0800
--
.../hadoop/security/LdapGroupsMapping.java | 163 +--
.../src/main/resources/core-default.xml | 28 +++-
.../src/site/markdown/GroupsMapping.md | 54 +-
.../hadoop/security/TestLdapGroupsMapping.java | 80 -
.../security/TestLdapGroupsMappingBase.java | 76 -
.../TestLdapGroupsMappingWithFailover.java | 142
.../TestLdapGroupsMappingWithOneQuery.java | 16 +-
.../TestLdapGroupsMappingWithPosixGroup.java| 10 +-
8 files changed, 450 insertions(+), 119 deletions(-)
--
http://git-wip-us.apache.org/repos/asf/hadoop/blob/46f0f4c1/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/LdapGroupsMapping.java
--
diff --git
a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/LdapGroupsMapping.java
b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/LdapGroupsMapping.java
index 6beaa9e..83eb5ad 100644
---
a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/LdapGroupsMapping.java
+++
b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/LdapGroupsMapping.java
@@ -25,6 +25,7 @@ import java.nio.charset.StandardCharsets;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Hashtable;
+import java.util.Iterator;
import java.util.List;
import java.util.HashSet;
import java.util.Collection;
@@ -40,7 +41,10 @@ import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import javax.naming.ldap.LdapName;
import javax.naming.ldap.Rdn;
+import javax.naming.spi.InitialContextFactory;
+import com.google.common.collect.Iterators;
+import com.sun.jndi.ldap.LdapCtxFactory;
import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.classification.InterfaceStability;
import org.apache.hadoop.conf.Configurable;
@@ -83,7 +87,7 @@ public class LdapGroupsMapping
public static final String LDAP_CONFIG_PREFIX =
"hadoop.security.group.mapping.ldap";
/*
- * URL of the LDAP server
+ * URL of the LDAP server(s)
*/
public static final String LDAP_URL_KEY = LDAP_CONFIG_PREFIX + ".url";
public static final String LDAP_URL_DEFAULT = "";
@@ -232,6 +236,20 @@ public class LdapGroupsMapping
LDAP_CONFIG_PREFIX + ".read.timeout.ms";
public static final int READ_TIMEOUT_DEFAULT = 60 * 1000; // 60 seconds
+ public static final String LDAP_NUM_ATTEMPTS_KEY =
+ LDAP_CONFIG_PREFIX + ".num.attempts";
+ public static final int LDAP_NUM_ATTEMPTS_DEFAULT = 3;
+
+ public static final String LDAP_NUM_ATTEMPTS_BEFORE_FAILOVER_KEY =
+ LDAP_CONFIG_PREFIX + ".num.attempts.before.failover";
+ public static final int LDAP_NUM_ATTEMPTS_BEFORE_FAILOVER_DEFAULT =
+ LDAP_NUM_ATTEMPTS_DEFAULT;
+
+ public static final String LDAP_CTX_FACTORY_CLASS_KEY =
+ LDAP_CONFIG_PREFIX + ".ctx.factory.class";
+ public static final Class
+ LDAP_CTX_FACTORY_CLASS_DEFAULT = LdapCtxFactory.class;
+
private static final Logger LOG =
LoggerFactory.getLogger(LdapGroupsMapping.class);
@@ -242,8 +260,10 @@ public class LdapGroupsMapping
private DirContext ctx;
private Configuration conf;
-
- private String ldapUrl;
+
+ private Iterator ldapUrls;
+ private String currentLdapUrl;
+
private boolean useSsl;
private String keystore;
private String keystorePass;
@@ -258,14 +278,15 @@ public class LdapGroupsMapping
private String memberOfAttr;
private String groupMemberAttr;
private String groupNameAttr;
- private intgroupHierarchyLevels;
+ private int groupHierarchyLevels;
private String posixUidAttr;
private String posixGidAttr;
private boolean isPosix;
private boolean useOneQuery;
+ private int numAttempts;
+ private int numAttemptsBeforeFailover;
+ private Class ldapCxtFactoryClass;
- public static final int RECONNECT_RETRY_COUNT = 3;
-
/**
* Returns list of groups for a user.
*
@@ -279,20 +300,31 @@ public class LdapGroupsMapping
@Override
public synchronized List getGroups(String user) {
/*
- * Normal garbage collection takes care of removing
[36/50] [abbrv] hadoop git commit: HADOOP-15950. Failover for LdapGroupsMapping. Contributed by Lukas Majercak.
HADOOP-15950. Failover for LdapGroupsMapping. Contributed by Lukas Majercak.
Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo
Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/c9a3aa64
Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/c9a3aa64
Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/c9a3aa64
Branch: refs/heads/HDFS-12943
Commit: c9a3aa64dc95b097c51070f71a3b1a2ad126b2b9
Parents: ef3b03b
Author: Giovanni Matteo Fumarola
Authored: Mon Dec 3 12:10:05 2018 -0800
Committer: Giovanni Matteo Fumarola
Committed: Mon Dec 3 12:10:05 2018 -0800
--
.../hadoop/security/LdapGroupsMapping.java | 163 +--
.../src/main/resources/core-default.xml | 28 +++-
.../src/site/markdown/GroupsMapping.md | 54 +-
.../hadoop/security/TestLdapGroupsMapping.java | 80 -
.../security/TestLdapGroupsMappingBase.java | 76 -
.../TestLdapGroupsMappingWithFailover.java | 142
.../TestLdapGroupsMappingWithOneQuery.java | 16 +-
.../TestLdapGroupsMappingWithPosixGroup.java| 10 +-
8 files changed, 450 insertions(+), 119 deletions(-)
--
http://git-wip-us.apache.org/repos/asf/hadoop/blob/c9a3aa64/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/LdapGroupsMapping.java
--
diff --git
a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/LdapGroupsMapping.java
b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/LdapGroupsMapping.java
index 6beaa9e..83eb5ad 100644
---
a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/LdapGroupsMapping.java
+++
b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/LdapGroupsMapping.java
@@ -25,6 +25,7 @@ import java.nio.charset.StandardCharsets;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Hashtable;
+import java.util.Iterator;
import java.util.List;
import java.util.HashSet;
import java.util.Collection;
@@ -40,7 +41,10 @@ import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import javax.naming.ldap.LdapName;
import javax.naming.ldap.Rdn;
+import javax.naming.spi.InitialContextFactory;
+import com.google.common.collect.Iterators;
+import com.sun.jndi.ldap.LdapCtxFactory;
import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.classification.InterfaceStability;
import org.apache.hadoop.conf.Configurable;
@@ -83,7 +87,7 @@ public class LdapGroupsMapping
public static final String LDAP_CONFIG_PREFIX =
"hadoop.security.group.mapping.ldap";
/*
- * URL of the LDAP server
+ * URL of the LDAP server(s)
*/
public static final String LDAP_URL_KEY = LDAP_CONFIG_PREFIX + ".url";
public static final String LDAP_URL_DEFAULT = "";
@@ -232,6 +236,20 @@ public class LdapGroupsMapping
LDAP_CONFIG_PREFIX + ".read.timeout.ms";
public static final int READ_TIMEOUT_DEFAULT = 60 * 1000; // 60 seconds
+ public static final String LDAP_NUM_ATTEMPTS_KEY =
+ LDAP_CONFIG_PREFIX + ".num.attempts";
+ public static final int LDAP_NUM_ATTEMPTS_DEFAULT = 3;
+
+ public static final String LDAP_NUM_ATTEMPTS_BEFORE_FAILOVER_KEY =
+ LDAP_CONFIG_PREFIX + ".num.attempts.before.failover";
+ public static final int LDAP_NUM_ATTEMPTS_BEFORE_FAILOVER_DEFAULT =
+ LDAP_NUM_ATTEMPTS_DEFAULT;
+
+ public static final String LDAP_CTX_FACTORY_CLASS_KEY =
+ LDAP_CONFIG_PREFIX + ".ctx.factory.class";
+ public static final Class
+ LDAP_CTX_FACTORY_CLASS_DEFAULT = LdapCtxFactory.class;
+
private static final Logger LOG =
LoggerFactory.getLogger(LdapGroupsMapping.class);
@@ -242,8 +260,10 @@ public class LdapGroupsMapping
private DirContext ctx;
private Configuration conf;
-
- private String ldapUrl;
+
+ private Iterator ldapUrls;
+ private String currentLdapUrl;
+
private boolean useSsl;
private String keystore;
private String keystorePass;
@@ -258,14 +278,15 @@ public class LdapGroupsMapping
private String memberOfAttr;
private String groupMemberAttr;
private String groupNameAttr;
- private intgroupHierarchyLevels;
+ private int groupHierarchyLevels;
private String posixUidAttr;
private String posixGidAttr;
private boolean isPosix;
private boolean useOneQuery;
+ private int numAttempts;
+ private int numAttemptsBeforeFailover;
+ private Class ldapCxtFactoryClass;
- public static final int RECONNECT_RETRY_COUNT = 3;
-
/**
* Returns list of groups for a user.
*
@@ -279,20 +300,31 @@ public class LdapGroupsMapping
@Override
public synchronized List getGroups(String user) {
/*
- * Normal garbage collection takes care of
[07/50] [abbrv] hadoop git commit: HADOOP-15950. Failover for LdapGroupsMapping. Contributed by Lukas Majercak.
HADOOP-15950. Failover for LdapGroupsMapping. Contributed by Lukas Majercak.
Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo
Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/c9a3aa64
Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/c9a3aa64
Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/c9a3aa64
Branch: refs/heads/HDDS-4
Commit: c9a3aa64dc95b097c51070f71a3b1a2ad126b2b9
Parents: ef3b03b
Author: Giovanni Matteo Fumarola
Authored: Mon Dec 3 12:10:05 2018 -0800
Committer: Giovanni Matteo Fumarola
Committed: Mon Dec 3 12:10:05 2018 -0800
--
.../hadoop/security/LdapGroupsMapping.java | 163 +--
.../src/main/resources/core-default.xml | 28 +++-
.../src/site/markdown/GroupsMapping.md | 54 +-
.../hadoop/security/TestLdapGroupsMapping.java | 80 -
.../security/TestLdapGroupsMappingBase.java | 76 -
.../TestLdapGroupsMappingWithFailover.java | 142
.../TestLdapGroupsMappingWithOneQuery.java | 16 +-
.../TestLdapGroupsMappingWithPosixGroup.java| 10 +-
8 files changed, 450 insertions(+), 119 deletions(-)
--
http://git-wip-us.apache.org/repos/asf/hadoop/blob/c9a3aa64/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/LdapGroupsMapping.java
--
diff --git
a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/LdapGroupsMapping.java
b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/LdapGroupsMapping.java
index 6beaa9e..83eb5ad 100644
---
a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/LdapGroupsMapping.java
+++
b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/LdapGroupsMapping.java
@@ -25,6 +25,7 @@ import java.nio.charset.StandardCharsets;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Hashtable;
+import java.util.Iterator;
import java.util.List;
import java.util.HashSet;
import java.util.Collection;
@@ -40,7 +41,10 @@ import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import javax.naming.ldap.LdapName;
import javax.naming.ldap.Rdn;
+import javax.naming.spi.InitialContextFactory;
+import com.google.common.collect.Iterators;
+import com.sun.jndi.ldap.LdapCtxFactory;
import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.classification.InterfaceStability;
import org.apache.hadoop.conf.Configurable;
@@ -83,7 +87,7 @@ public class LdapGroupsMapping
public static final String LDAP_CONFIG_PREFIX =
"hadoop.security.group.mapping.ldap";
/*
- * URL of the LDAP server
+ * URL of the LDAP server(s)
*/
public static final String LDAP_URL_KEY = LDAP_CONFIG_PREFIX + ".url";
public static final String LDAP_URL_DEFAULT = "";
@@ -232,6 +236,20 @@ public class LdapGroupsMapping
LDAP_CONFIG_PREFIX + ".read.timeout.ms";
public static final int READ_TIMEOUT_DEFAULT = 60 * 1000; // 60 seconds
+ public static final String LDAP_NUM_ATTEMPTS_KEY =
+ LDAP_CONFIG_PREFIX + ".num.attempts";
+ public static final int LDAP_NUM_ATTEMPTS_DEFAULT = 3;
+
+ public static final String LDAP_NUM_ATTEMPTS_BEFORE_FAILOVER_KEY =
+ LDAP_CONFIG_PREFIX + ".num.attempts.before.failover";
+ public static final int LDAP_NUM_ATTEMPTS_BEFORE_FAILOVER_DEFAULT =
+ LDAP_NUM_ATTEMPTS_DEFAULT;
+
+ public static final String LDAP_CTX_FACTORY_CLASS_KEY =
+ LDAP_CONFIG_PREFIX + ".ctx.factory.class";
+ public static final Class
+ LDAP_CTX_FACTORY_CLASS_DEFAULT = LdapCtxFactory.class;
+
private static final Logger LOG =
LoggerFactory.getLogger(LdapGroupsMapping.class);
@@ -242,8 +260,10 @@ public class LdapGroupsMapping
private DirContext ctx;
private Configuration conf;
-
- private String ldapUrl;
+
+ private Iterator ldapUrls;
+ private String currentLdapUrl;
+
private boolean useSsl;
private String keystore;
private String keystorePass;
@@ -258,14 +278,15 @@ public class LdapGroupsMapping
private String memberOfAttr;
private String groupMemberAttr;
private String groupNameAttr;
- private intgroupHierarchyLevels;
+ private int groupHierarchyLevels;
private String posixUidAttr;
private String posixGidAttr;
private boolean isPosix;
private boolean useOneQuery;
+ private int numAttempts;
+ private int numAttemptsBeforeFailover;
+ private Class ldapCxtFactoryClass;
- public static final int RECONNECT_RETRY_COUNT = 3;
-
/**
* Returns list of groups for a user.
*
@@ -279,20 +300,31 @@ public class LdapGroupsMapping
@Override
public synchronized List getGroups(String user) {
/*
- * Normal garbage collection takes care of
[2/2] hadoop git commit: HADOOP-15950. Failover for LdapGroupsMapping. Contributed by Lukas Majercak.
HADOOP-15950. Failover for LdapGroupsMapping. Contributed by Lukas Majercak.
(cherry picked from commit 5cef413a8eb8a207f2b94acc868f874b171a12f1)
Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo
Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/61a3bf46
Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/61a3bf46
Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/61a3bf46
Branch: refs/heads/branch-2.9
Commit: 61a3bf46540a753981e4d8b5dc35ee2a29cce2fc
Parents: a68a168
Author: Inigo Goiri
Authored: Mon Dec 3 13:23:10 2018 -0800
Committer: Inigo Goiri
Committed: Mon Dec 3 13:24:32 2018 -0800
--
.../hadoop/security/LdapGroupsMapping.java | 163 +--
.../src/main/resources/core-default.xml | 28 +++-
.../src/site/markdown/GroupsMapping.md | 54 +-
.../hadoop/security/TestLdapGroupsMapping.java | 80 -
.../security/TestLdapGroupsMappingBase.java | 76 -
.../TestLdapGroupsMappingWithFailover.java | 142
.../TestLdapGroupsMappingWithOneQuery.java | 16 +-
.../TestLdapGroupsMappingWithPosixGroup.java| 10 +-
8 files changed, 450 insertions(+), 119 deletions(-)
--
http://git-wip-us.apache.org/repos/asf/hadoop/blob/61a3bf46/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/LdapGroupsMapping.java
--
diff --git
a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/LdapGroupsMapping.java
b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/LdapGroupsMapping.java
index 6beaa9e..83eb5ad 100644
---
a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/LdapGroupsMapping.java
+++
b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/LdapGroupsMapping.java
@@ -25,6 +25,7 @@ import java.nio.charset.StandardCharsets;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Hashtable;
+import java.util.Iterator;
import java.util.List;
import java.util.HashSet;
import java.util.Collection;
@@ -40,7 +41,10 @@ import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import javax.naming.ldap.LdapName;
import javax.naming.ldap.Rdn;
+import javax.naming.spi.InitialContextFactory;
+import com.google.common.collect.Iterators;
+import com.sun.jndi.ldap.LdapCtxFactory;
import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.classification.InterfaceStability;
import org.apache.hadoop.conf.Configurable;
@@ -83,7 +87,7 @@ public class LdapGroupsMapping
public static final String LDAP_CONFIG_PREFIX =
"hadoop.security.group.mapping.ldap";
/*
- * URL of the LDAP server
+ * URL of the LDAP server(s)
*/
public static final String LDAP_URL_KEY = LDAP_CONFIG_PREFIX + ".url";
public static final String LDAP_URL_DEFAULT = "";
@@ -232,6 +236,20 @@ public class LdapGroupsMapping
LDAP_CONFIG_PREFIX + ".read.timeout.ms";
public static final int READ_TIMEOUT_DEFAULT = 60 * 1000; // 60 seconds
+ public static final String LDAP_NUM_ATTEMPTS_KEY =
+ LDAP_CONFIG_PREFIX + ".num.attempts";
+ public static final int LDAP_NUM_ATTEMPTS_DEFAULT = 3;
+
+ public static final String LDAP_NUM_ATTEMPTS_BEFORE_FAILOVER_KEY =
+ LDAP_CONFIG_PREFIX + ".num.attempts.before.failover";
+ public static final int LDAP_NUM_ATTEMPTS_BEFORE_FAILOVER_DEFAULT =
+ LDAP_NUM_ATTEMPTS_DEFAULT;
+
+ public static final String LDAP_CTX_FACTORY_CLASS_KEY =
+ LDAP_CONFIG_PREFIX + ".ctx.factory.class";
+ public static final Class
+ LDAP_CTX_FACTORY_CLASS_DEFAULT = LdapCtxFactory.class;
+
private static final Logger LOG =
LoggerFactory.getLogger(LdapGroupsMapping.class);
@@ -242,8 +260,10 @@ public class LdapGroupsMapping
private DirContext ctx;
private Configuration conf;
-
- private String ldapUrl;
+
+ private Iterator ldapUrls;
+ private String currentLdapUrl;
+
private boolean useSsl;
private String keystore;
private String keystorePass;
@@ -258,14 +278,15 @@ public class LdapGroupsMapping
private String memberOfAttr;
private String groupMemberAttr;
private String groupNameAttr;
- private intgroupHierarchyLevels;
+ private int groupHierarchyLevels;
private String posixUidAttr;
private String posixGidAttr;
private boolean isPosix;
private boolean useOneQuery;
+ private int numAttempts;
+ private int numAttemptsBeforeFailover;
+ private Class ldapCxtFactoryClass;
- public static final int RECONNECT_RETRY_COUNT = 3;
-
/**
* Returns list of groups for a user.
*
@@ -279,20 +300,31 @@ public class LdapGroupsMapping
@Override
public synchronized List getGroups(String user) {
/*
-
[2/2] hadoop git commit: HADOOP-15950. Failover for LdapGroupsMapping. Contributed by Lukas Majercak.
HADOOP-15950. Failover for LdapGroupsMapping. Contributed by Lukas Majercak.
Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo
Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/5cef413a
Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/5cef413a
Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/5cef413a
Branch: refs/heads/branch-2
Commit: 5cef413a8eb8a207f2b94acc868f874b171a12f1
Parents: a29eb49
Author: Inigo Goiri
Authored: Mon Dec 3 13:23:10 2018 -0800
Committer: Inigo Goiri
Committed: Mon Dec 3 13:23:10 2018 -0800
--
.../hadoop/security/LdapGroupsMapping.java | 163 +--
.../src/main/resources/core-default.xml | 28 +++-
.../src/site/markdown/GroupsMapping.md | 54 +-
.../hadoop/security/TestLdapGroupsMapping.java | 80 -
.../security/TestLdapGroupsMappingBase.java | 76 -
.../TestLdapGroupsMappingWithFailover.java | 142
.../TestLdapGroupsMappingWithOneQuery.java | 16 +-
.../TestLdapGroupsMappingWithPosixGroup.java| 10 +-
8 files changed, 450 insertions(+), 119 deletions(-)
--
http://git-wip-us.apache.org/repos/asf/hadoop/blob/5cef413a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/LdapGroupsMapping.java
--
diff --git
a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/LdapGroupsMapping.java
b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/LdapGroupsMapping.java
index 6beaa9e..83eb5ad 100644
---
a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/LdapGroupsMapping.java
+++
b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/LdapGroupsMapping.java
@@ -25,6 +25,7 @@ import java.nio.charset.StandardCharsets;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Hashtable;
+import java.util.Iterator;
import java.util.List;
import java.util.HashSet;
import java.util.Collection;
@@ -40,7 +41,10 @@ import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import javax.naming.ldap.LdapName;
import javax.naming.ldap.Rdn;
+import javax.naming.spi.InitialContextFactory;
+import com.google.common.collect.Iterators;
+import com.sun.jndi.ldap.LdapCtxFactory;
import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.classification.InterfaceStability;
import org.apache.hadoop.conf.Configurable;
@@ -83,7 +87,7 @@ public class LdapGroupsMapping
public static final String LDAP_CONFIG_PREFIX =
"hadoop.security.group.mapping.ldap";
/*
- * URL of the LDAP server
+ * URL of the LDAP server(s)
*/
public static final String LDAP_URL_KEY = LDAP_CONFIG_PREFIX + ".url";
public static final String LDAP_URL_DEFAULT = "";
@@ -232,6 +236,20 @@ public class LdapGroupsMapping
LDAP_CONFIG_PREFIX + ".read.timeout.ms";
public static final int READ_TIMEOUT_DEFAULT = 60 * 1000; // 60 seconds
+ public static final String LDAP_NUM_ATTEMPTS_KEY =
+ LDAP_CONFIG_PREFIX + ".num.attempts";
+ public static final int LDAP_NUM_ATTEMPTS_DEFAULT = 3;
+
+ public static final String LDAP_NUM_ATTEMPTS_BEFORE_FAILOVER_KEY =
+ LDAP_CONFIG_PREFIX + ".num.attempts.before.failover";
+ public static final int LDAP_NUM_ATTEMPTS_BEFORE_FAILOVER_DEFAULT =
+ LDAP_NUM_ATTEMPTS_DEFAULT;
+
+ public static final String LDAP_CTX_FACTORY_CLASS_KEY =
+ LDAP_CONFIG_PREFIX + ".ctx.factory.class";
+ public static final Class
+ LDAP_CTX_FACTORY_CLASS_DEFAULT = LdapCtxFactory.class;
+
private static final Logger LOG =
LoggerFactory.getLogger(LdapGroupsMapping.class);
@@ -242,8 +260,10 @@ public class LdapGroupsMapping
private DirContext ctx;
private Configuration conf;
-
- private String ldapUrl;
+
+ private Iterator ldapUrls;
+ private String currentLdapUrl;
+
private boolean useSsl;
private String keystore;
private String keystorePass;
@@ -258,14 +278,15 @@ public class LdapGroupsMapping
private String memberOfAttr;
private String groupMemberAttr;
private String groupNameAttr;
- private intgroupHierarchyLevels;
+ private int groupHierarchyLevels;
private String posixUidAttr;
private String posixGidAttr;
private boolean isPosix;
private boolean useOneQuery;
+ private int numAttempts;
+ private int numAttemptsBeforeFailover;
+ private Class ldapCxtFactoryClass;
- public static final int RECONNECT_RETRY_COUNT = 3;
-
/**
* Returns list of groups for a user.
*
@@ -279,20 +300,31 @@ public class LdapGroupsMapping
@Override
public synchronized List getGroups(String user) {
/*
- * Normal garbage collection takes care of removing Context instances
[5/5] hadoop git commit: HADOOP-15950. Failover for LdapGroupsMapping. Contributed by Lukas Majercak.
HADOOP-15950. Failover for LdapGroupsMapping. Contributed by Lukas Majercak.
Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo
Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/58920ad6
Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/58920ad6
Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/58920ad6
Branch: refs/heads/branch-2.9
Commit: 58920ad6c82bb6f1cf79462f9137038092af5ee3
Parents: 7ef9556
Author: Giovanni Matteo Fumarola
Authored: Mon Dec 3 12:10:05 2018 -0800
Committer: Inigo Goiri
Committed: Mon Dec 3 12:46:47 2018 -0800
--
.../hadoop/security/LdapGroupsMapping.java | 163 +--
.../src/main/resources/core-default.xml | 28 +++-
.../src/site/markdown/GroupsMapping.md | 54 +-
.../hadoop/security/TestLdapGroupsMapping.java | 80 -
.../security/TestLdapGroupsMappingBase.java | 76 -
.../TestLdapGroupsMappingWithFailover.java | 142
.../TestLdapGroupsMappingWithOneQuery.java | 16 +-
.../TestLdapGroupsMappingWithPosixGroup.java| 10 +-
8 files changed, 450 insertions(+), 119 deletions(-)
--
http://git-wip-us.apache.org/repos/asf/hadoop/blob/58920ad6/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/LdapGroupsMapping.java
--
diff --git
a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/LdapGroupsMapping.java
b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/LdapGroupsMapping.java
index 6beaa9e..83eb5ad 100644
---
a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/LdapGroupsMapping.java
+++
b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/LdapGroupsMapping.java
@@ -25,6 +25,7 @@ import java.nio.charset.StandardCharsets;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Hashtable;
+import java.util.Iterator;
import java.util.List;
import java.util.HashSet;
import java.util.Collection;
@@ -40,7 +41,10 @@ import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import javax.naming.ldap.LdapName;
import javax.naming.ldap.Rdn;
+import javax.naming.spi.InitialContextFactory;
+import com.google.common.collect.Iterators;
+import com.sun.jndi.ldap.LdapCtxFactory;
import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.classification.InterfaceStability;
import org.apache.hadoop.conf.Configurable;
@@ -83,7 +87,7 @@ public class LdapGroupsMapping
public static final String LDAP_CONFIG_PREFIX =
"hadoop.security.group.mapping.ldap";
/*
- * URL of the LDAP server
+ * URL of the LDAP server(s)
*/
public static final String LDAP_URL_KEY = LDAP_CONFIG_PREFIX + ".url";
public static final String LDAP_URL_DEFAULT = "";
@@ -232,6 +236,20 @@ public class LdapGroupsMapping
LDAP_CONFIG_PREFIX + ".read.timeout.ms";
public static final int READ_TIMEOUT_DEFAULT = 60 * 1000; // 60 seconds
+ public static final String LDAP_NUM_ATTEMPTS_KEY =
+ LDAP_CONFIG_PREFIX + ".num.attempts";
+ public static final int LDAP_NUM_ATTEMPTS_DEFAULT = 3;
+
+ public static final String LDAP_NUM_ATTEMPTS_BEFORE_FAILOVER_KEY =
+ LDAP_CONFIG_PREFIX + ".num.attempts.before.failover";
+ public static final int LDAP_NUM_ATTEMPTS_BEFORE_FAILOVER_DEFAULT =
+ LDAP_NUM_ATTEMPTS_DEFAULT;
+
+ public static final String LDAP_CTX_FACTORY_CLASS_KEY =
+ LDAP_CONFIG_PREFIX + ".ctx.factory.class";
+ public static final Class
+ LDAP_CTX_FACTORY_CLASS_DEFAULT = LdapCtxFactory.class;
+
private static final Logger LOG =
LoggerFactory.getLogger(LdapGroupsMapping.class);
@@ -242,8 +260,10 @@ public class LdapGroupsMapping
private DirContext ctx;
private Configuration conf;
-
- private String ldapUrl;
+
+ private Iterator ldapUrls;
+ private String currentLdapUrl;
+
private boolean useSsl;
private String keystore;
private String keystorePass;
@@ -258,14 +278,15 @@ public class LdapGroupsMapping
private String memberOfAttr;
private String groupMemberAttr;
private String groupNameAttr;
- private intgroupHierarchyLevels;
+ private int groupHierarchyLevels;
private String posixUidAttr;
private String posixGidAttr;
private boolean isPosix;
private boolean useOneQuery;
+ private int numAttempts;
+ private int numAttemptsBeforeFailover;
+ private Class ldapCxtFactoryClass;
- public static final int RECONNECT_RETRY_COUNT = 3;
-
/**
* Returns list of groups for a user.
*
@@ -279,20 +300,31 @@ public class LdapGroupsMapping
@Override
public synchronized List getGroups(String user) {
/*
- * Normal garbage collection takes care of removing
[4/5] hadoop git commit: HADOOP-15950. Failover for LdapGroupsMapping. Contributed by Lukas Majercak.
HADOOP-15950. Failover for LdapGroupsMapping. Contributed by Lukas Majercak.
Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo
Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/b98ffbe3
Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/b98ffbe3
Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/b98ffbe3
Branch: refs/heads/branch-2
Commit: b98ffbe3f228b706b8e547f82e134233ab691443
Parents: 74e4098
Author: Giovanni Matteo Fumarola
Authored: Mon Dec 3 12:10:05 2018 -0800
Committer: Inigo Goiri
Committed: Mon Dec 3 12:46:30 2018 -0800
--
.../hadoop/security/LdapGroupsMapping.java | 163 +--
.../src/main/resources/core-default.xml | 28 +++-
.../src/site/markdown/GroupsMapping.md | 54 +-
.../hadoop/security/TestLdapGroupsMapping.java | 80 -
.../security/TestLdapGroupsMappingBase.java | 76 -
.../TestLdapGroupsMappingWithFailover.java | 142
.../TestLdapGroupsMappingWithOneQuery.java | 16 +-
.../TestLdapGroupsMappingWithPosixGroup.java| 10 +-
8 files changed, 450 insertions(+), 119 deletions(-)
--
http://git-wip-us.apache.org/repos/asf/hadoop/blob/b98ffbe3/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/LdapGroupsMapping.java
--
diff --git
a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/LdapGroupsMapping.java
b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/LdapGroupsMapping.java
index 6beaa9e..83eb5ad 100644
---
a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/LdapGroupsMapping.java
+++
b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/LdapGroupsMapping.java
@@ -25,6 +25,7 @@ import java.nio.charset.StandardCharsets;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Hashtable;
+import java.util.Iterator;
import java.util.List;
import java.util.HashSet;
import java.util.Collection;
@@ -40,7 +41,10 @@ import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import javax.naming.ldap.LdapName;
import javax.naming.ldap.Rdn;
+import javax.naming.spi.InitialContextFactory;
+import com.google.common.collect.Iterators;
+import com.sun.jndi.ldap.LdapCtxFactory;
import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.classification.InterfaceStability;
import org.apache.hadoop.conf.Configurable;
@@ -83,7 +87,7 @@ public class LdapGroupsMapping
public static final String LDAP_CONFIG_PREFIX =
"hadoop.security.group.mapping.ldap";
/*
- * URL of the LDAP server
+ * URL of the LDAP server(s)
*/
public static final String LDAP_URL_KEY = LDAP_CONFIG_PREFIX + ".url";
public static final String LDAP_URL_DEFAULT = "";
@@ -232,6 +236,20 @@ public class LdapGroupsMapping
LDAP_CONFIG_PREFIX + ".read.timeout.ms";
public static final int READ_TIMEOUT_DEFAULT = 60 * 1000; // 60 seconds
+ public static final String LDAP_NUM_ATTEMPTS_KEY =
+ LDAP_CONFIG_PREFIX + ".num.attempts";
+ public static final int LDAP_NUM_ATTEMPTS_DEFAULT = 3;
+
+ public static final String LDAP_NUM_ATTEMPTS_BEFORE_FAILOVER_KEY =
+ LDAP_CONFIG_PREFIX + ".num.attempts.before.failover";
+ public static final int LDAP_NUM_ATTEMPTS_BEFORE_FAILOVER_DEFAULT =
+ LDAP_NUM_ATTEMPTS_DEFAULT;
+
+ public static final String LDAP_CTX_FACTORY_CLASS_KEY =
+ LDAP_CONFIG_PREFIX + ".ctx.factory.class";
+ public static final Class
+ LDAP_CTX_FACTORY_CLASS_DEFAULT = LdapCtxFactory.class;
+
private static final Logger LOG =
LoggerFactory.getLogger(LdapGroupsMapping.class);
@@ -242,8 +260,10 @@ public class LdapGroupsMapping
private DirContext ctx;
private Configuration conf;
-
- private String ldapUrl;
+
+ private Iterator ldapUrls;
+ private String currentLdapUrl;
+
private boolean useSsl;
private String keystore;
private String keystorePass;
@@ -258,14 +278,15 @@ public class LdapGroupsMapping
private String memberOfAttr;
private String groupMemberAttr;
private String groupNameAttr;
- private intgroupHierarchyLevels;
+ private int groupHierarchyLevels;
private String posixUidAttr;
private String posixGidAttr;
private boolean isPosix;
private boolean useOneQuery;
+ private int numAttempts;
+ private int numAttemptsBeforeFailover;
+ private Class ldapCxtFactoryClass;
- public static final int RECONNECT_RETRY_COUNT = 3;
-
/**
* Returns list of groups for a user.
*
@@ -279,20 +300,31 @@ public class LdapGroupsMapping
@Override
public synchronized List getGroups(String user) {
/*
- * Normal garbage collection takes care of removing
[3/5] hadoop git commit: HADOOP-15950. Failover for LdapGroupsMapping. Contributed by Lukas Majercak.
HADOOP-15950. Failover for LdapGroupsMapping. Contributed by Lukas Majercak.
Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo
Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/25fdf2ba
Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/25fdf2ba
Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/25fdf2ba
Branch: refs/heads/branch-3.0
Commit: 25fdf2ba6ceefef0db57682ba52f169761ca6e61
Parents: 0683468
Author: Giovanni Matteo Fumarola
Authored: Mon Dec 3 12:10:05 2018 -0800
Committer: Inigo Goiri
Committed: Mon Dec 3 12:45:51 2018 -0800
--
.../hadoop/security/LdapGroupsMapping.java | 163 +--
.../src/main/resources/core-default.xml | 28 +++-
.../src/site/markdown/GroupsMapping.md | 54 +-
.../hadoop/security/TestLdapGroupsMapping.java | 80 -
.../security/TestLdapGroupsMappingBase.java | 76 -
.../TestLdapGroupsMappingWithFailover.java | 142
.../TestLdapGroupsMappingWithOneQuery.java | 16 +-
.../TestLdapGroupsMappingWithPosixGroup.java| 10 +-
8 files changed, 450 insertions(+), 119 deletions(-)
--
http://git-wip-us.apache.org/repos/asf/hadoop/blob/25fdf2ba/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/LdapGroupsMapping.java
--
diff --git
a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/LdapGroupsMapping.java
b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/LdapGroupsMapping.java
index 6beaa9e..83eb5ad 100644
---
a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/LdapGroupsMapping.java
+++
b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/LdapGroupsMapping.java
@@ -25,6 +25,7 @@ import java.nio.charset.StandardCharsets;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Hashtable;
+import java.util.Iterator;
import java.util.List;
import java.util.HashSet;
import java.util.Collection;
@@ -40,7 +41,10 @@ import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import javax.naming.ldap.LdapName;
import javax.naming.ldap.Rdn;
+import javax.naming.spi.InitialContextFactory;
+import com.google.common.collect.Iterators;
+import com.sun.jndi.ldap.LdapCtxFactory;
import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.classification.InterfaceStability;
import org.apache.hadoop.conf.Configurable;
@@ -83,7 +87,7 @@ public class LdapGroupsMapping
public static final String LDAP_CONFIG_PREFIX =
"hadoop.security.group.mapping.ldap";
/*
- * URL of the LDAP server
+ * URL of the LDAP server(s)
*/
public static final String LDAP_URL_KEY = LDAP_CONFIG_PREFIX + ".url";
public static final String LDAP_URL_DEFAULT = "";
@@ -232,6 +236,20 @@ public class LdapGroupsMapping
LDAP_CONFIG_PREFIX + ".read.timeout.ms";
public static final int READ_TIMEOUT_DEFAULT = 60 * 1000; // 60 seconds
+ public static final String LDAP_NUM_ATTEMPTS_KEY =
+ LDAP_CONFIG_PREFIX + ".num.attempts";
+ public static final int LDAP_NUM_ATTEMPTS_DEFAULT = 3;
+
+ public static final String LDAP_NUM_ATTEMPTS_BEFORE_FAILOVER_KEY =
+ LDAP_CONFIG_PREFIX + ".num.attempts.before.failover";
+ public static final int LDAP_NUM_ATTEMPTS_BEFORE_FAILOVER_DEFAULT =
+ LDAP_NUM_ATTEMPTS_DEFAULT;
+
+ public static final String LDAP_CTX_FACTORY_CLASS_KEY =
+ LDAP_CONFIG_PREFIX + ".ctx.factory.class";
+ public static final Class
+ LDAP_CTX_FACTORY_CLASS_DEFAULT = LdapCtxFactory.class;
+
private static final Logger LOG =
LoggerFactory.getLogger(LdapGroupsMapping.class);
@@ -242,8 +260,10 @@ public class LdapGroupsMapping
private DirContext ctx;
private Configuration conf;
-
- private String ldapUrl;
+
+ private Iterator ldapUrls;
+ private String currentLdapUrl;
+
private boolean useSsl;
private String keystore;
private String keystorePass;
@@ -258,14 +278,15 @@ public class LdapGroupsMapping
private String memberOfAttr;
private String groupMemberAttr;
private String groupNameAttr;
- private intgroupHierarchyLevels;
+ private int groupHierarchyLevels;
private String posixUidAttr;
private String posixGidAttr;
private boolean isPosix;
private boolean useOneQuery;
+ private int numAttempts;
+ private int numAttemptsBeforeFailover;
+ private Class ldapCxtFactoryClass;
- public static final int RECONNECT_RETRY_COUNT = 3;
-
/**
* Returns list of groups for a user.
*
@@ -279,20 +300,31 @@ public class LdapGroupsMapping
@Override
public synchronized List getGroups(String user) {
/*
- * Normal garbage collection takes care of removing
[1/5] hadoop git commit: HADOOP-15950. Failover for LdapGroupsMapping. Contributed by Lukas Majercak.
Repository: hadoop Updated Branches: refs/heads/branch-2 74e40981e -> b98ffbe3f refs/heads/branch-2.9 7ef9556fc -> 58920ad6c refs/heads/branch-3.0 0683468d5 -> 25fdf2ba6 refs/heads/branch-3.1 2cb9479bf -> 023e42fa0 refs/heads/branch-3.2 6b01e4d2a -> 7cfcabc47 HADOOP-15950. Failover for LdapGroupsMapping. Contributed by Lukas Majercak. Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/7cfcabc4 Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/7cfcabc4 Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/7cfcabc4 Branch: refs/heads/branch-3.2 Commit: 7cfcabc473f1e72d0337ffbcc4b4c548e6851afc Parents: 6b01e4d Author: Giovanni Matteo Fumarola Authored: Mon Dec 3 12:10:05 2018 -0800 Committer: Inigo Goiri Committed: Mon Dec 3 12:44:19 2018 -0800 -- .../hadoop/security/LdapGroupsMapping.java | 163 +-- .../src/main/resources/core-default.xml | 28 +++- .../src/site/markdown/GroupsMapping.md | 54 +- .../hadoop/security/TestLdapGroupsMapping.java | 80 - .../security/TestLdapGroupsMappingBase.java | 76 - .../TestLdapGroupsMappingWithFailover.java | 142 .../TestLdapGroupsMappingWithOneQuery.java | 16 +- .../TestLdapGroupsMappingWithPosixGroup.java| 10 +- 8 files changed, 450 insertions(+), 119 deletions(-) -- http://git-wip-us.apache.org/repos/asf/hadoop/blob/7cfcabc4/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/LdapGroupsMapping.java -- diff --git a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/LdapGroupsMapping.java b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/LdapGroupsMapping.java index 6beaa9e..83eb5ad 100644 --- a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/LdapGroupsMapping.java +++ b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/LdapGroupsMapping.java @@ -25,6 +25,7 @@ import java.nio.charset.StandardCharsets; import java.util.ArrayList; import java.util.Collections; import java.util.Hashtable; +import java.util.Iterator; import java.util.List; import java.util.HashSet; import java.util.Collection; @@ -40,7 +41,10 @@ import javax.naming.directory.SearchControls; import javax.naming.directory.SearchResult; import javax.naming.ldap.LdapName; import javax.naming.ldap.Rdn; +import javax.naming.spi.InitialContextFactory; +import com.google.common.collect.Iterators; +import com.sun.jndi.ldap.LdapCtxFactory; import org.apache.hadoop.classification.InterfaceAudience; import org.apache.hadoop.classification.InterfaceStability; import org.apache.hadoop.conf.Configurable; @@ -83,7 +87,7 @@ public class LdapGroupsMapping public static final String LDAP_CONFIG_PREFIX = "hadoop.security.group.mapping.ldap"; /* - * URL of the LDAP server + * URL of the LDAP server(s) */ public static final String LDAP_URL_KEY = LDAP_CONFIG_PREFIX + ".url"; public static final String LDAP_URL_DEFAULT = ""; @@ -232,6 +236,20 @@ public class LdapGroupsMapping LDAP_CONFIG_PREFIX + ".read.timeout.ms"; public static final int READ_TIMEOUT_DEFAULT = 60 * 1000; // 60 seconds + public static final String LDAP_NUM_ATTEMPTS_KEY = + LDAP_CONFIG_PREFIX + ".num.attempts"; + public static final int LDAP_NUM_ATTEMPTS_DEFAULT = 3; + + public static final String LDAP_NUM_ATTEMPTS_BEFORE_FAILOVER_KEY = + LDAP_CONFIG_PREFIX + ".num.attempts.before.failover"; + public static final int LDAP_NUM_ATTEMPTS_BEFORE_FAILOVER_DEFAULT = + LDAP_NUM_ATTEMPTS_DEFAULT; + + public static final String LDAP_CTX_FACTORY_CLASS_KEY = + LDAP_CONFIG_PREFIX + ".ctx.factory.class"; + public static final Class + LDAP_CTX_FACTORY_CLASS_DEFAULT = LdapCtxFactory.class; + private static final Logger LOG = LoggerFactory.getLogger(LdapGroupsMapping.class); @@ -242,8 +260,10 @@ public class LdapGroupsMapping private DirContext ctx; private Configuration conf; - - private String ldapUrl; + + private Iterator ldapUrls; + private String currentLdapUrl; + private boolean useSsl; private String keystore; private String keystorePass; @@ -258,14 +278,15 @@ public class LdapGroupsMapping private String memberOfAttr; private String groupMemberAttr; private String groupNameAttr; - private intgroupHierarchyLevels; + private int groupHierarchyLevels; private String posixUidAttr; private String posixGidAttr; private boolean isPosix; private boolean useOneQuery; + private int numAttempts; + private int numAttemptsBeforeFailover; + private Class ldapCxtFactoryClass; - public static final int
hadoop git commit: HADOOP-15950. Failover for LdapGroupsMapping. Contributed by Lukas Majercak.
Repository: hadoop Updated Branches: refs/heads/trunk ef3b03b75 -> c9a3aa64d HADOOP-15950. Failover for LdapGroupsMapping. Contributed by Lukas Majercak. Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/c9a3aa64 Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/c9a3aa64 Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/c9a3aa64 Branch: refs/heads/trunk Commit: c9a3aa64dc95b097c51070f71a3b1a2ad126b2b9 Parents: ef3b03b Author: Giovanni Matteo Fumarola Authored: Mon Dec 3 12:10:05 2018 -0800 Committer: Giovanni Matteo Fumarola Committed: Mon Dec 3 12:10:05 2018 -0800 -- .../hadoop/security/LdapGroupsMapping.java | 163 +-- .../src/main/resources/core-default.xml | 28 +++- .../src/site/markdown/GroupsMapping.md | 54 +- .../hadoop/security/TestLdapGroupsMapping.java | 80 - .../security/TestLdapGroupsMappingBase.java | 76 - .../TestLdapGroupsMappingWithFailover.java | 142 .../TestLdapGroupsMappingWithOneQuery.java | 16 +- .../TestLdapGroupsMappingWithPosixGroup.java| 10 +- 8 files changed, 450 insertions(+), 119 deletions(-) -- http://git-wip-us.apache.org/repos/asf/hadoop/blob/c9a3aa64/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/LdapGroupsMapping.java -- diff --git a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/LdapGroupsMapping.java b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/LdapGroupsMapping.java index 6beaa9e..83eb5ad 100644 --- a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/LdapGroupsMapping.java +++ b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/LdapGroupsMapping.java @@ -25,6 +25,7 @@ import java.nio.charset.StandardCharsets; import java.util.ArrayList; import java.util.Collections; import java.util.Hashtable; +import java.util.Iterator; import java.util.List; import java.util.HashSet; import java.util.Collection; @@ -40,7 +41,10 @@ import javax.naming.directory.SearchControls; import javax.naming.directory.SearchResult; import javax.naming.ldap.LdapName; import javax.naming.ldap.Rdn; +import javax.naming.spi.InitialContextFactory; +import com.google.common.collect.Iterators; +import com.sun.jndi.ldap.LdapCtxFactory; import org.apache.hadoop.classification.InterfaceAudience; import org.apache.hadoop.classification.InterfaceStability; import org.apache.hadoop.conf.Configurable; @@ -83,7 +87,7 @@ public class LdapGroupsMapping public static final String LDAP_CONFIG_PREFIX = "hadoop.security.group.mapping.ldap"; /* - * URL of the LDAP server + * URL of the LDAP server(s) */ public static final String LDAP_URL_KEY = LDAP_CONFIG_PREFIX + ".url"; public static final String LDAP_URL_DEFAULT = ""; @@ -232,6 +236,20 @@ public class LdapGroupsMapping LDAP_CONFIG_PREFIX + ".read.timeout.ms"; public static final int READ_TIMEOUT_DEFAULT = 60 * 1000; // 60 seconds + public static final String LDAP_NUM_ATTEMPTS_KEY = + LDAP_CONFIG_PREFIX + ".num.attempts"; + public static final int LDAP_NUM_ATTEMPTS_DEFAULT = 3; + + public static final String LDAP_NUM_ATTEMPTS_BEFORE_FAILOVER_KEY = + LDAP_CONFIG_PREFIX + ".num.attempts.before.failover"; + public static final int LDAP_NUM_ATTEMPTS_BEFORE_FAILOVER_DEFAULT = + LDAP_NUM_ATTEMPTS_DEFAULT; + + public static final String LDAP_CTX_FACTORY_CLASS_KEY = + LDAP_CONFIG_PREFIX + ".ctx.factory.class"; + public static final Class + LDAP_CTX_FACTORY_CLASS_DEFAULT = LdapCtxFactory.class; + private static final Logger LOG = LoggerFactory.getLogger(LdapGroupsMapping.class); @@ -242,8 +260,10 @@ public class LdapGroupsMapping private DirContext ctx; private Configuration conf; - - private String ldapUrl; + + private Iterator ldapUrls; + private String currentLdapUrl; + private boolean useSsl; private String keystore; private String keystorePass; @@ -258,14 +278,15 @@ public class LdapGroupsMapping private String memberOfAttr; private String groupMemberAttr; private String groupNameAttr; - private intgroupHierarchyLevels; + private int groupHierarchyLevels; private String posixUidAttr; private String posixGidAttr; private boolean isPosix; private boolean useOneQuery; + private int numAttempts; + private int numAttemptsBeforeFailover; + private Class ldapCxtFactoryClass; - public static final int RECONNECT_RETRY_COUNT = 3; - /** * Returns list of groups for a user. * @@ -279,20 +300,31 @@ public class LdapGroupsMapping @Override public synchronized List
