mirror of
				https://github.com/apache/cloudstack.git
				synced 2025-10-26 08:42:29 +01:00 
			
		
		
		
	CLOUDSTACK-10239: Fallback to default provider if needed (#2430)
Fallback to default provider if needed.
This commit is contained in:
		
							parent
							
								
									22d6718fe3
								
							
						
					
					
						commit
						6aadbc5219
					
				| @ -54,11 +54,11 @@ public class LinkDomainToLdapCmd extends BaseCmd { | ||||
|     @Parameter(name = ApiConstants.TYPE, type = CommandType.STRING, required = true, description = "type of the ldap name. GROUP or OU") | ||||
|     private String type; | ||||
| 
 | ||||
|     @Parameter(name = ApiConstants.LDAP_DOMAIN, type = CommandType.STRING, required = true, description = "name of the group or OU in LDAP") | ||||
|     @Parameter(name = ApiConstants.LDAP_DOMAIN, type = CommandType.STRING, required = false, description = "name of the group or OU in LDAP") | ||||
|     private String ldapDomain; | ||||
| 
 | ||||
|     @Deprecated | ||||
|     @Parameter(name = ApiConstants.NAME, type = CommandType.STRING, required = true, description = "name of the group or OU in LDAP") | ||||
|     @Parameter(name = ApiConstants.NAME, type = CommandType.STRING, required = false, description = "name of the group or OU in LDAP") | ||||
|     private String name; | ||||
| 
 | ||||
|     @Parameter(name = ApiConstants.ADMIN, type = CommandType.STRING, required = false, description = "domain admin username in LDAP ") | ||||
|  | ||||
| @ -25,6 +25,7 @@ import javax.naming.NamingException; | ||||
| import javax.naming.ldap.InitialLdapContext; | ||||
| import javax.naming.ldap.LdapContext; | ||||
| 
 | ||||
| import org.apache.commons.lang3.StringUtils; | ||||
| import org.apache.log4j.Logger; | ||||
| 
 | ||||
| public class LdapContextFactory { | ||||
| @ -40,12 +41,10 @@ public class LdapContextFactory { | ||||
|         _ldapConfiguration = ldapConfiguration; | ||||
|     } | ||||
| 
 | ||||
|     // TODO add optional domain (optional only for backwards compatibility) | ||||
|     public LdapContext createBindContext(Long domainId) throws NamingException, IOException { | ||||
|         return createBindContext(null, domainId); | ||||
|     } | ||||
| 
 | ||||
|     // TODO add optional domain (optional only for backwards compatibility) | ||||
|     public LdapContext createBindContext(final String providerUrl, Long domainId) throws NamingException, IOException { | ||||
|         final String bindPrincipal = _ldapConfiguration.getBindPrincipal(domainId); | ||||
|         final String bindPassword = _ldapConfiguration.getBindPassword(domainId); | ||||
| @ -80,9 +79,13 @@ public class LdapContextFactory { | ||||
| 
 | ||||
|     private Hashtable<String, String> getEnvironment(final String principal, final String password, final String providerUrl, final boolean isSystemContext, Long domainId) { | ||||
|         final String factory = _ldapConfiguration.getFactory(); | ||||
|         final String url = providerUrl == null ? _ldapConfiguration.getProviderUrl(domainId) : providerUrl; | ||||
|         String url = providerUrl == null ? _ldapConfiguration.getProviderUrl(domainId) : providerUrl; | ||||
|         if (StringUtils.isEmpty(url) && domainId != null) { | ||||
|             //try a default ldap implementation | ||||
|             url = _ldapConfiguration.getProviderUrl(null); | ||||
|         } | ||||
| 
 | ||||
|         final Hashtable<String, String> environment = new Hashtable<String, String>(); | ||||
|         final Hashtable<String, String> environment = new Hashtable<>(); | ||||
| 
 | ||||
|         environment.put(Context.INITIAL_CONTEXT_FACTORY, factory); | ||||
|         environment.put(Context.PROVIDER_URL, url); | ||||
|  | ||||
| @ -52,7 +52,6 @@ public interface LdapManager extends PluggableService { | ||||
|     @Deprecated | ||||
|     LdapConfigurationResponse deleteConfiguration(String hostname, int port, Long domainId) throws InvalidParameterValueException; | ||||
| 
 | ||||
|     // TODO username is only unique withing domain scope (add domain id to call) | ||||
|     LdapUser getUser(final String username, Long domainId) throws NoLdapUserMatchingQueryException; | ||||
| 
 | ||||
|     LdapUser getUser(String username, String type, String name, Long domainId) throws NoLdapUserMatchingQueryException; | ||||
|  | ||||
| @ -313,7 +313,7 @@ public class LdapManagerImpl implements LdapManager, LdapValidator { | ||||
| 
 | ||||
|     @Override | ||||
|     public LinkDomainToLdapResponse linkDomainToLdap(LinkDomainToLdapCmd cmd) { | ||||
|         Validate.isTrue(_ldapConfiguration.getBaseDn(cmd.getDomainId()) == null, "can not configure an ldap server and an ldap group/ou to a domain"); | ||||
|         Validate.isTrue(_ldapConfiguration.getBaseDn(cmd.getDomainId()) == null, "can not link a domain unless a basedn is configured for it."); | ||||
|         Validate.notEmpty(cmd.getLdapDomain(), "ldapDomain cannot be empty, please supply a GROUP or OU name"); | ||||
|         return linkDomainToLdap(cmd.getDomainId(),cmd.getType(),cmd.getLdapDomain(),cmd.getAccountType()); | ||||
|     } | ||||
| @ -356,8 +356,9 @@ public class LdapManagerImpl implements LdapManager, LdapValidator { | ||||
|         return _ldapTrustMapDao.findGroupInDomain(domainId, group); | ||||
|     } | ||||
| 
 | ||||
|     @Override public LinkAccountToLdapResponse linkAccountToLdap(LinkAccountToLdapCmd cmd) { | ||||
|         Validate.notNull(_ldapConfiguration.getBaseDn(cmd.getDomainId()), "can not configure an ldap server and an ldap group/ou to a domain"); | ||||
|     @Override | ||||
|     public LinkAccountToLdapResponse linkAccountToLdap(LinkAccountToLdapCmd cmd) { | ||||
|         Validate.notNull(_ldapConfiguration.getBaseDn(cmd.getDomainId()), "can not link an account to ldap in a domain for which no basdn is configured"); | ||||
|         Validate.notNull(cmd.getDomainId(), "domainId cannot be null."); | ||||
|         Validate.notEmpty(cmd.getAccountName(), "accountName cannot be empty."); | ||||
|         Validate.notEmpty(cmd.getLdapDomain(), "ldapDomain cannot be empty, please supply a GROUP or OU name"); | ||||
|  | ||||
| @ -62,10 +62,10 @@ public class LdapCreateAccountCmdTest implements LdapConfigurationChanger { | ||||
|     } | ||||
| 
 | ||||
|     @Test(expected = ServerApiException.class) | ||||
|     public void failedCreationDueToANullResponseFromCloudstackAccountCreater() throws Exception { | ||||
|     public void failedCreationDueToANullResponseFromCloudstackAccountCreator() throws Exception { | ||||
|         // We have an LdapManager, AccountService and LdapCreateAccountCmd | ||||
|         LdapUser mrMurphy = new LdapUser("rmurphy", "rmurphy@cloudstack.org", "Ryan", "Murphy", "cn=rmurphy,ou=engineering,dc=cloudstack,dc=org", "engineering", false, null); | ||||
|         when(ldapManager.getUser(anyString(), isNull(Long.class))).thenReturn(mrMurphy); | ||||
|         when(ldapManager.getUser(anyString(), isNull(Long.class))).thenReturn(mrMurphy).thenReturn(mrMurphy); | ||||
|         ldapCreateAccountCmd.execute(); | ||||
|         fail("An exception should have been thrown: " + ServerApiException.class); | ||||
|     } | ||||
|  | ||||
		Loading…
	
	
			
			x
			
			
		
	
		Reference in New Issue
	
	Block a user