Skip to content

[AMBARI-22667] Use internal LDAP configuration values rather than ambari.properties#77

Merged
rlevas merged 1 commit into
apache:trunkfrom
smolnar82:AMBARI-22667
Jan 10, 2018
Merged

[AMBARI-22667] Use internal LDAP configuration values rather than ambari.properties#77
rlevas merged 1 commit into
apache:trunkfrom
smolnar82:AMBARI-22667

Conversation

@smolnar82
Copy link
Copy Markdown
Contributor

@smolnar82 smolnar82 commented Jan 9, 2018

@rlevas @zeroflag @echekanskiy

Local build result:

[INFO] ------------------------------------------------------------------------
[INFO] BUILD SUCCESS
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 33:51 min
[INFO] Finished at: 2018-01-09T16:35:33+01:00
[INFO] Final Memory: 215M/897M
[INFO] ------------------------------------------------------------------------

Besides updating the unit tests I also conducted integration tests against a sample LDAP server (ldap.forumsys.com:389):

  • uid=boyle with proper credentials (password=password) was able to use the API; retrieved HTTP response code of 200
  • uid=boyle with wrong credentials (password!=password) was not able to use the API; retrieved HTTP response code of 403

Continuously checked ambari-server.log to see if LDAP configuration is loaded/reloaded from the DB.

rlevas
rlevas suggested changes Jan 9, 2018
View reviewed changes
Comment thread ambari-server/src/main/java/org/apache/ambari/server/utils/PasswordUtils.java Outdated
Copy link
Copy Markdown
Contributor

@rlevas rlevas Jan 9, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Missing JavaDoc

Copy link
Copy Markdown
Contributor Author

@smolnar82 smolnar82 Jan 10, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixed all missing Javadoc issues

Comment thread ambari-server/src/main/java/org/apache/ambari/server/utils/PasswordUtils.java Outdated
Copy link
Copy Markdown
Contributor

@rlevas rlevas Jan 9, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Missing JavaDoc

Comment thread ambari-server/src/main/java/org/apache/ambari/server/utils/PasswordUtils.java Outdated
Copy link
Copy Markdown
Contributor

@rlevas rlevas Jan 9, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Missing JavaDoc

@vivekratnavel vivekratnavel changed the title AMBARI-22667: Use internal LDAP configuration values rather than ambari.properties [AMBARI-22667] Use internal LDAP configuration values rather than ambari.properties Jan 10, 2018
@vivekratnavel
Copy link
Copy Markdown
Contributor

vivekratnavel commented Jan 10, 2018

@smolnar82 Please read the How to Contribute guide - https://cwiki.apache.org/confluence/display/AMBARI/How+to+Contribute

I have edited the title of this PR for consistency.

@smolnar82
Copy link
Copy Markdown
Contributor Author

smolnar82 commented Jan 10, 2018

@vivekratnavel OK; sorry for missing the brackets...I'll include them going forward

zeroflag
zeroflag reviewed Jan 10, 2018
View reviewed changes
Comment thread ambari-server/src/main/java/org/apache/ambari/server/utils/PasswordUtils.java Outdated
Copy link
Copy Markdown
Contributor

@zeroflag zeroflag Jan 10, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do we need both printStackTrace + logging here?

Copy link
Copy Markdown
Contributor Author

@smolnar82 smolnar82 Jan 10, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixed

zeroflag
zeroflag reviewed Jan 10, 2018
View reviewed changes
Comment thread ambari-server/src/main/java/org/apache/ambari/server/utils/PasswordUtils.java Outdated
Copy link
Copy Markdown
Contributor

@zeroflag zeroflag Jan 10, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would have put this into something like Password.fromFile(path, default), because this part doesn't need the Configuration/CredentialStore dependency.
Also please consider returning a Password objects instead of String/char[] arrays.

Storing password in strings is not perfectly safe because there is no way of deleting it from the memory after it is not needed on the other hand a char[] can be nulled out. So a Password class that wraps a char[] array would be easier to enhance with this ability.

Copy link
Copy Markdown
Contributor Author

@smolnar82 smolnar82 Jan 10, 2018
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Generally I agree...
However this is out of scope of this task. Let me create a new JIRA to cover this topic.

@smolnar82 smolnar82 force-pushed the AMBARI-22667 branch 2 times, most recently from f5378f2 to 58a433d Compare January 10, 2018 09:17
rlevas
rlevas suggested changes Jan 10, 2018
View reviewed changes
Comment thread ambari-server/src/main/java/org/apache/ambari/server/utils/PasswordUtils.java Outdated
Copy link
Copy Markdown
Contributor

@rlevas rlevas Jan 10, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We should be using logging methods rather than printStackTrace.

Copy link
Copy Markdown
Contributor Author

@smolnar82 smolnar82 Jan 10, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixed

AMBARI-22667: Use internal LDAP configuration values rather than amba…
0aaf8c8 
…ri.properties values when accessing the configured LDAP server for LDAP sync and authentication
@rlevas rlevas requested a review from echekanskiy January 10, 2018 16:00
@rlevas rlevas merged commit 0341a36 into apache:trunk Jan 10, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@echekanskiy echekanskiy Awaiting requested review from echekanskiy

2 more reviewers

@zeroflag zeroflag zeroflag approved these changes

@rlevas rlevas rlevas approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@smolnar82 @vivekratnavel @zeroflag @rlevas