From e3f1ab09c9d5a0cc7cbd8116118a1ee500fd059e Mon Sep 17 00:00:00 2001
From: Adrian Damian <Adrian.Damian@nrc-cnrc.gc.ca>
Date: Wed, 29 Oct 2014 13:44:39 -0700
Subject: [PATCH] Changed LdapConfig in a properties file to be found in
~/config/
---
.../config/.dbrc_example | 2 +
.../config/LdapConfig.properties | 17 +-
.../nrc/cadc/ac/server/ldap/LdapConfig.java | 194 ++++++++++--------
.../ca/nrc/cadc/ac/server/ldap/LdapDAO.java | 2 +-
4 files changed, 117 insertions(+), 98 deletions(-)
create mode 100644 projects/cadcAccessControl-Server/config/.dbrc_example
diff --git a/projects/cadcAccessControl-Server/config/.dbrc_example b/projects/cadcAccessControl-Server/config/.dbrc_example
new file mode 100644
index 00000000..aa38ac93
--- /dev/null
+++ b/projects/cadcAccessControl-Server/config/.dbrc_example
@@ -0,0 +1,2 @@
+#server proxyuser proxyUserDN password driver serverURL
+<serverType in LdapConfig.properties: LDAP or DEVLDAP> <proxyUser in LdapConfig.properties> <proxyUserLdapDN> <password> N/A N/A
diff --git a/projects/cadcAccessControl-Server/config/LdapConfig.properties b/projects/cadcAccessControl-Server/config/LdapConfig.properties
index af73b275..8063559f 100644
--- a/projects/cadcAccessControl-Server/config/LdapConfig.properties
+++ b/projects/cadcAccessControl-Server/config/LdapConfig.properties
@@ -1,9 +1,8 @@
-# This are the configuration fields required by the Ldap ldap-dao unit tests
-server = mach275.cadc.dao.nrc.ca
-port = 389
-admin = uid=webproxy,ou=administrators,ou=topologymanagement,o=netscaperoot
-passwd = go4it
-usersDn = ou=Users,ou=ds,dc=canfar,dc=net
-groupsDn = ou=Groups,ou=ds,dc=canfar,dc=net
-deletedGroupsDN = ou=DeletedGroups,ou=ds,dc=canfar,dc=net
-testGroupsDN = ou=TestGroups,ou=ds,dc=canfar,dc=net
\ No newline at end of file
+# This are the configuration fields required by the Ldap
+server = <name of server>
+port = <389 or 636>
+serverType = <DEVLDAP or LDAP or...>
+proxyUser = <name of proxy user>
+usersDn = <DN of users branch>
+groupsDn = <DN of groups branch>
+adminGroupsDn = <DN of admin groups>
diff --git a/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapConfig.java b/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapConfig.java
index 17bd814f..17a4ae81 100755
--- a/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapConfig.java
+++ b/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapConfig.java
@@ -68,14 +68,24 @@
*/
package ca.nrc.cadc.ac.server.ldap;
+import java.io.FileNotFoundException;
import java.io.IOException;
-import java.net.URL;
-import java.util.Properties;
+import java.util.List;
import org.apache.log4j.Logger;
+import ca.nrc.cadc.db.ConnectionConfig;
+import ca.nrc.cadc.db.DBConfig;
+import ca.nrc.cadc.util.MultiValuedProperties;
+import ca.nrc.cadc.util.PropertiesReader;
import ca.nrc.cadc.util.StringUtil;
+/**
+ * Reads and stores the LDAP configuration information. The information
+ *
+ * @author adriand
+ *
+ */
public class LdapConfig
{
private static final Logger logger = Logger.getLogger(LdapConfig.class);
@@ -84,125 +94,130 @@ public class LdapConfig
".properties";
public static final String LDAP_SERVER = "server";
public static final String LDAP_PORT = "port";
- public static final String LDAP_ADMIN = "admin";
- public static final String LDAP_PASSWD = "passwd";
+ public static final String LDAP_SERVER_TYPE = "serverType";
+ public static final String LDAP_SERVER_PROXY_USER = "proxyUser";
public static final String LDAP_USERS_DN = "usersDn";
public static final String LDAP_GROUPS_DN = "groupsDn";
public static final String LDAP_ADMIN_GROUPS_DN = "adminGroupsDn";
-
- public static final String LDAP_AVAIL_TEST_GROUP = "availabilityTestGroup";
- public static final String LDAP_AVAIL_TEST_CALLING_USER_DN = "availabilityTestCallingUserDN";
private String usersDN;
private String groupsDN;
private String adminGroupsDN;
private String server;
private int port;
- private String adminUserDN;
- private String adminPasswd;
+ private String proxyUserDN;
+ private String proxyPasswd;
- private String availabilityTestGroup;
- private String availabilityTestCallingUserDN;
+ public String getProxyUserDN()
+ {
+ return proxyUserDN;
+ }
+
+ public String getProxyPasswd()
+ {
+ return proxyPasswd;
+ }
public static LdapConfig getLdapConfig()
{
- Properties config = new Properties();
- URL url = null;
- try
- {
- url = LdapConfig.class.getClassLoader().getResource(CONFIG);
- logger.debug("Using config from: " + url);
- if (url != null)
- {
- config.load(url.openStream());
- }
- else
- {
- throw new IOException("File not found");
- }
- }
- catch (Exception ex)
+ PropertiesReader pr = new PropertiesReader(CONFIG);
+
+ MultiValuedProperties config = pr.getAllProperties();
+
+ if (config.keySet() == null)
{
- throw new RuntimeException("failed to read " + CONFIG +
- " from " + url, ex);
+ throw new RuntimeException("failed to read any LDAP property ");
}
-
- String server = config.getProperty(LDAP_SERVER);
- if (!StringUtil.hasText(server))
+
+ List<String> prop = config.getProperty(LDAP_SERVER);
+ if ((prop == null) || (prop.size() != 1))
{
throw new RuntimeException("failed to read property " +
LDAP_SERVER);
}
+ String server = prop.get(0);
- String port = config.getProperty(LDAP_PORT);
- if (!StringUtil.hasText(port))
+ prop = config.getProperty(LDAP_PORT);
+ if ((prop == null) || (prop.size() != 1))
{
throw new RuntimeException("failed to read property " + LDAP_PORT);
}
+ int port = Integer.valueOf(prop.get(0));
- String ldapAdmin = config.getProperty(LDAP_ADMIN);
- if (!StringUtil.hasText(ldapAdmin))
+ prop = config.getProperty(LDAP_SERVER_TYPE);
+ if ((prop == null) || (prop.size() != 1))
{
- throw new RuntimeException("failed to read property " + LDAP_ADMIN);
+ throw new RuntimeException("failed to read property " +
+ LDAP_SERVER_TYPE);
}
-
- String ldapPasswd = config.getProperty(LDAP_PASSWD);
- if (!StringUtil.hasText(ldapPasswd))
+ String serverType = prop.get(0);
+ if (!"LDAP".equalsIgnoreCase(serverType) &&
+ !"DEVLDAP".equalsIgnoreCase(serverType))
+ {
+ throw new RuntimeException("Unknow server type: " + serverType +
+ " (valid: LDAP and DEVLDAP)");
+ }
+
+ prop = config.getProperty(LDAP_SERVER_PROXY_USER);
+ if ((prop == null) || (prop.size() != 1))
{
throw new RuntimeException("failed to read property " +
- LDAP_PASSWD);
+ LDAP_SERVER_PROXY_USER);
}
-
- String ldapUsersDn = config.getProperty(LDAP_USERS_DN);
- if (!StringUtil.hasText(ldapUsersDn))
+ String ldapProxy = prop.get(0);
+
+ prop = config.getProperty(LDAP_USERS_DN);
+ if ((prop == null) || (prop.size() != 1))
{
throw new RuntimeException("failed to read property " +
LDAP_USERS_DN);
}
+ String ldapUsersDn = prop.get(0);
- String ldapGroupsDn = config.getProperty(LDAP_GROUPS_DN);
- if (!StringUtil.hasText(ldapGroupsDn))
+ prop = config.getProperty(LDAP_GROUPS_DN);
+ if ((prop == null) || (prop.size() != 1))
{
throw new RuntimeException("failed to read property " +
LDAP_GROUPS_DN);
}
+ String ldapGroupsDn = prop.get(0);
- String ldapAdminGroupsDn = config.getProperty(LDAP_ADMIN_GROUPS_DN);
- if (!StringUtil.hasText(ldapAdminGroupsDn))
+ prop = config.getProperty(LDAP_ADMIN_GROUPS_DN);
+ if ((prop == null) || (prop.size() != 1))
{
throw new RuntimeException("failed to read property " +
LDAP_ADMIN_GROUPS_DN);
}
+ String ldapAdminGroupsDn = prop.get(0);
- String availGroup = config.getProperty(LDAP_AVAIL_TEST_GROUP);
- if (!StringUtil.hasText(availGroup))
+ DBConfig dbConfig;
+ try
{
- throw new RuntimeException("failed to read property " +
- LDAP_AVAIL_TEST_GROUP);
+ dbConfig = new DBConfig();
+ }
+ catch (FileNotFoundException e)
+ {
+ throw new RuntimeException("failed to find .dbrc file ");
+ }
+ catch (IOException e)
+ {
+ throw new RuntimeException("failed to read .dbrc file ");
}
-
- String availUser = config.getProperty(LDAP_AVAIL_TEST_CALLING_USER_DN);
- if (!StringUtil.hasText(availUser))
+ ConnectionConfig cc = dbConfig.getConnectionConfig(serverType, ldapProxy);
+ if ( (cc == null) || (cc.getUsername() == null) || (cc.getPassword() == null))
{
- throw new RuntimeException("failed to read property " +
- LDAP_AVAIL_TEST_CALLING_USER_DN);
+ throw new RuntimeException("failed to find connection info in ~/.dbrc");
}
-
- return new LdapConfig(server, Integer.valueOf(port), ldapAdmin,
- ldapPasswd, ldapUsersDn, ldapGroupsDn,
- ldapAdminGroupsDn, availGroup, availUser);
+
+ return new LdapConfig(server, Integer.valueOf(port), cc.getUsername(),
+ cc.getPassword(), ldapUsersDn, ldapGroupsDn,
+ ldapAdminGroupsDn);
}
- public LdapConfig(String server, int port, String adminUserDN,
- String adminPasswd, String usersDN, String groupsDN,
- String adminGroupsDN)
- {
- this(server, port, adminUserDN, adminPasswd, usersDN, groupsDN, adminGroupsDN, null, null);
- }
- public LdapConfig(String server, int port, String adminUserDN,
- String adminPasswd, String usersDN, String groupsDN,
- String adminGroupsDN, String availGroup, String availUser)
+ public LdapConfig(String server, int port, String proxyUserDN,
+ String proxyPasswd, String usersDN, String groupsDN,
+ String adminGroupsDN)
{
if (!StringUtil.hasText(server))
{
@@ -213,11 +228,11 @@ public class LdapConfig
throw new IllegalArgumentException("Illegal LDAP server port: " +
port);
}
- if (!StringUtil.hasText(adminUserDN))
+ if (!StringUtil.hasText(proxyUserDN))
{
throw new IllegalArgumentException("Illegal Admin DN");
}
- if (!StringUtil.hasText(adminPasswd))
+ if (!StringUtil.hasText(proxyPasswd))
{
throw new IllegalArgumentException("Illegal Admin password");
}
@@ -234,16 +249,16 @@ public class LdapConfig
throw new IllegalArgumentException("Illegal admin groups LDAP DN");
}
-
this.server = server;
this.port = port;
- this.adminUserDN = adminUserDN;
- this.adminPasswd = adminPasswd;
+ this.proxyUserDN = proxyUserDN;
+ this.proxyPasswd = proxyPasswd;
this.usersDN = usersDN;
this.groupsDN = groupsDN;
this.adminGroupsDN = adminGroupsDN;
- this.availabilityTestGroup = availGroup;
- this.availabilityTestCallingUserDN = availUser;
+ logger.debug(proxyPasswd);
+ logger.debug(proxyUserDN);
+ logger.debug(toString());
}
public String getUsersDN()
@@ -273,22 +288,25 @@ public class LdapConfig
public String getAdminUserDN()
{
- return this.adminUserDN;
+ return this.proxyUserDN;
}
public String getAdminPasswd()
{
- return this.adminPasswd;
- }
-
- public String getAvailabilityTestGroup()
- {
- return this.availabilityTestGroup;
+ return this.proxyPasswd;
}
-
- public String getAvailabilityTestCallingUserDN()
+
+ public String toString()
{
- return this.availabilityTestCallingUserDN;
+ StringBuilder sb = new StringBuilder();
+ sb.append("server = ");
+ sb.append(server);
+ sb.append(" port = ");
+ sb.append(port);
+ sb.append(" proxyUserDN = ");
+ sb.append(proxyUserDN);
+ sb.append(" proxyPasswd = ");
+ sb.append(proxyPasswd);
+ return sb.toString();
}
-
}
diff --git a/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapDAO.java b/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapDAO.java
index c33961f3..e889fe24 100755
--- a/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapDAO.java
+++ b/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapDAO.java
@@ -119,7 +119,7 @@ public abstract class LdapDAO
if (conn == null)
{
conn = new LDAPConnection(config.getServer(), config.getPort());
- conn.bind(config.getAdminUserDN(), config.getAdminPasswd());
+ conn.bind(config.getProxyUserDN(), config.getProxyPasswd());
}
return conn;
--
GitLab