http://git-wip-us.apache.org/repos/asf/ambari/blob/b0f1e340/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/model/JWTAuthenticationToken.java ---------------------------------------------------------------------- diff --git a/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/model/JWTAuthenticationToken.java b/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/model/JWTAuthenticationToken.java deleted file mode 100644 index 35175b6..0000000 --- a/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/model/JWTAuthenticationToken.java +++ /dev/null @@ -1,53 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ -package org.apache.ambari.logsearch.web.model; - -import org.springframework.security.authentication.AbstractAuthenticationToken; -import org.springframework.security.core.GrantedAuthority; - -import java.util.Collection; - -public class JWTAuthenticationToken extends AbstractAuthenticationToken { - - private String credential; - - private String principal; - - public JWTAuthenticationToken(String principal, String credential) { - super((Collection)null); - this.principal = principal; - this.credential = credential; - } - - public JWTAuthenticationToken(String principal, String credential, Collection<? extends GrantedAuthority> authorities) { - super(authorities); - this.principal = principal; - this.credential = credential; - } - - @Override - public Object getCredentials() { - return credential; - } - - @Override - public Object getPrincipal() { - return principal; - } -}
http://git-wip-us.apache.org/repos/asf/ambari/blob/b0f1e340/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/model/Privilege.java ---------------------------------------------------------------------- diff --git a/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/model/Privilege.java b/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/model/Privilege.java deleted file mode 100644 index 949a1ab..0000000 --- a/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/model/Privilege.java +++ /dev/null @@ -1,42 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ -package org.apache.ambari.logsearch.web.model; - -public class Privilege { - - private String name; - - public String getName() { - return name; - } - - public void setName(String name) { - this.name = name; - } - - @Override - public String toString() { - StringBuilder builder = new StringBuilder(); - builder.append("Privilege [name="); - builder.append(name); - builder.append("]"); - return builder.toString(); - } - -} http://git-wip-us.apache.org/repos/asf/ambari/blob/b0f1e340/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/model/Role.java ---------------------------------------------------------------------- diff --git a/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/model/Role.java b/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/model/Role.java deleted file mode 100644 index 9b08424..0000000 --- a/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/model/Role.java +++ /dev/null @@ -1,64 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ -package org.apache.ambari.logsearch.web.model; - -import java.util.List; - -import org.springframework.security.core.GrantedAuthority; - -public class Role implements GrantedAuthority { - - private static final long serialVersionUID = 1L; - private String name; - - private List<Privilege> privileges; - - public String getName() { - return name; - } - - public void setName(String name) { - this.name = name; - } - - @Override - public String getAuthority() { - return this.name; - } - - public List<Privilege> getPrivileges() { - return privileges; - } - - public void setPrivileges(List<Privilege> privileges) { - this.privileges = privileges; - } - - @Override - public String toString() { - StringBuilder builder = new StringBuilder(); - builder.append("Role [name="); - builder.append(name); - builder.append(", privileges="); - builder.append(privileges); - builder.append("]"); - return builder.toString(); - } - -} http://git-wip-us.apache.org/repos/asf/ambari/blob/b0f1e340/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/model/User.java ---------------------------------------------------------------------- diff --git a/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/model/User.java b/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/model/User.java deleted file mode 100644 index 2bd0ed2..0000000 --- a/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/model/User.java +++ /dev/null @@ -1,167 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ -package org.apache.ambari.logsearch.web.model; - -import java.util.Collection; -import java.util.List; - -import org.springframework.security.core.GrantedAuthority; -import org.springframework.security.core.userdetails.UserDetails; - -public class User implements UserDetails { - private static final long serialVersionUID = 1L; - - private String username; - private String password; - private String email; - private String firstName; - private String lastName; - - /* Spring Security fields*/ - private List<GrantedAuthority> authorities; - private boolean accountNonExpired = true; - private boolean accountNonLocked = true; - private boolean credentialsNonExpired = true; - private boolean enabled = true; - - public User(String userName2, String userPassword, List<GrantedAuthority> grantedAuths) { - this.username = userName2; - this.password = userPassword; - this.authorities = grantedAuths; - - } - - public User() { - // TODO Auto-generated constructor stub - } - - @Override - public String getUsername() { - return username; - } - - public void setUsername(String username) { - this.username = username; - } - - @Override - public String getPassword() { - return password; - } - - public void setPassword(String password) { - this.password = password; - } - - public String getFirstName() { - return firstName; - } - - public void setFirstName(String firstName) { - this.firstName = firstName; - } - - public String getLastName() { - return lastName; - } - - public void setLastName(String lastName) { - this.lastName = lastName; - } - - public String getEmail() { - return email; - } - - public void setEmail(String email) { - this.email = email; - } - - @Override - public Collection<? extends GrantedAuthority> getAuthorities() { - return this.authorities; - } - - public void setAuthorities(List<GrantedAuthority> authorities) { - this.authorities = authorities; - } - - - @Override - public boolean isAccountNonExpired() { - return this.accountNonExpired; - } - - public void setAccountNonExpired(boolean accountNonExpired) { - this.accountNonExpired = accountNonExpired; - } - - @Override - public boolean isAccountNonLocked() { - return this.accountNonLocked; - } - - public void setAccountNonLocked(boolean accountNonLocked) { - this.accountNonLocked = accountNonLocked; - } - - @Override - public boolean isCredentialsNonExpired() { - return this.credentialsNonExpired; - } - - public void setCredentialsNonExpired(boolean credentialsNonExpired) { - this.credentialsNonExpired = credentialsNonExpired; - } - - @Override - public boolean isEnabled() { - return this.enabled; - } - - public void setEnabled(boolean enabled) { - this.enabled = enabled; - } - - @Override - public String toString() { - StringBuilder builder = new StringBuilder(); - builder.append("User [username="); - builder.append(username); - builder.append(", email="); - builder.append(email); - builder.append(", firstName="); - builder.append(firstName); - builder.append(", lastName="); - builder.append(lastName); - builder.append(", authorities="); - builder.append(authorities); - builder.append(", accountNonExpired="); - builder.append(accountNonExpired); - builder.append(", accountNonLocked="); - builder.append(accountNonLocked); - builder.append(", credentialsNonExpired="); - builder.append(credentialsNonExpired); - builder.append(", enabled="); - builder.append(enabled); - builder.append("]"); - return builder.toString(); - } - -} http://git-wip-us.apache.org/repos/asf/ambari/blob/b0f1e340/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/security/LdapProperties.java ---------------------------------------------------------------------- diff --git a/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/security/LdapProperties.java b/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/security/LdapProperties.java deleted file mode 100644 index 82e71fe..0000000 --- a/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/security/LdapProperties.java +++ /dev/null @@ -1,365 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ -package org.apache.ambari.logsearch.web.security; - -import org.apache.commons.lang.StringUtils; - -import java.util.ArrayList; -import java.util.Collections; -import java.util.List; - -/** - * Describes LDAP Server connection parameters - */ -public class LdapProperties { - private String primaryUrl; - private String secondaryUrl; - private boolean useSsl; - private boolean anonymousBind; - private String managerDn; - private String managerPassword; - private String baseDN; - private String dnAttribute; - private String referralMethod; - - // LDAP group properties - private String groupBase; - private String groupObjectClass; - private String groupMembershipAttr; - private String groupNamingAttr; - private String adminGroupMappingRules; - private boolean groupMappingEnabled; - - // LDAP user properties - private String userBase; - private String userObjectClass; - private String usernameAttribute; - private String userSearchBase = ""; - - private String groupSearchFilter; - private static final String userSearchFilter = "({attribute}={0})"; - - public List<String> getLdapUrls() { - String protocol = useSsl ? "ldaps://" : "ldap://"; - - if (StringUtils.isEmpty(primaryUrl) || primaryUrl.equalsIgnoreCase("none")) { - return Collections.emptyList(); - } else { - List<String> list = new ArrayList<String>(); - list.add(protocol + primaryUrl); - if (StringUtils.isNotEmpty(secondaryUrl)) { - list.add(protocol + secondaryUrl); - } - return list; - } - } - - public String getPrimaryUrl() { - return primaryUrl; - } - - public void setPrimaryUrl(String primaryUrl) { - this.primaryUrl = primaryUrl; - } - - public String getSecondaryUrl() { - return secondaryUrl; - } - - public void setSecondaryUrl(String secondaryUrl) { - this.secondaryUrl = secondaryUrl; - } - - public boolean isUseSsl() { - return useSsl; - } - - public void setUseSsl(boolean useSsl) { - this.useSsl = useSsl; - } - - public boolean isAnonymousBind() { - return anonymousBind; - } - - public void setAnonymousBind(boolean anonymousBind) { - this.anonymousBind = anonymousBind; - } - - public String getManagerDn() { - return managerDn; - } - - public void setManagerDn(String managerDn) { - this.managerDn = managerDn; - } - - public String getManagerPassword() { - return managerPassword; - } - - public void setManagerPassword(String managerPassword) { - this.managerPassword = managerPassword; - } - - public String getBaseDN() { - return baseDN; - } - - public void setBaseDN(String baseDN) { - this.baseDN = baseDN; - } - - public String getUserSearchBase() { - return userSearchBase; - } - - public void setUserSearchBase(String userSearchBase) { - this.userSearchBase = userSearchBase; - } - - public String getUserSearchFilter() { - return userSearchFilter.replace("{attribute}", usernameAttribute); - } - - public String getUsernameAttribute() { - return usernameAttribute; - } - - public void setUsernameAttribute(String usernameAttribute) { - this.usernameAttribute = usernameAttribute; - } - - public String getGroupBase() { - return groupBase; - } - - public void setGroupBase(String groupBase) { - this.groupBase = groupBase; - } - - public String getGroupObjectClass() { - return groupObjectClass; - } - - public void setGroupObjectClass(String groupObjectClass) { - this.groupObjectClass = groupObjectClass; - } - - public String getGroupMembershipAttr() { - return groupMembershipAttr; - } - - public void setGroupMembershipAttr(String groupMembershipAttr) { - this.groupMembershipAttr = groupMembershipAttr; - } - - public String getGroupNamingAttr() { - return groupNamingAttr; - } - - public void setGroupNamingAttr(String groupNamingAttr) { - this.groupNamingAttr = groupNamingAttr; - } - - public String getAdminGroupMappingRules() { - return adminGroupMappingRules; - } - - public void setAdminGroupMappingRules(String adminGroupMappingRules) { - this.adminGroupMappingRules = adminGroupMappingRules; - } - - public String getGroupSearchFilter() { - return groupSearchFilter; - } - - public void setGroupSearchFilter(String groupSearchFilter) { - this.groupSearchFilter = groupSearchFilter; - } - - public boolean isGroupMappingEnabled() { - return groupMappingEnabled; - } - - public void setGroupMappingEnabled(boolean groupMappingEnabled) { - this.groupMappingEnabled = groupMappingEnabled; - } - - public void setUserBase(String userBase) { - this.userBase = userBase; - } - - public void setUserObjectClass(String userObjectClass) { - this.userObjectClass = userObjectClass; - } - - public String getUserBase() { - return userBase; - } - - public String getUserObjectClass() { - return userObjectClass; - } - - public String getDnAttribute() { - return dnAttribute; - } - - public void setDnAttribute(String dnAttribute) { - this.dnAttribute = dnAttribute; - } - - public void setReferralMethod(String referralMethod) { - this.referralMethod = referralMethod; - } - - public String getReferralMethod() { - return referralMethod; - } - - @Override - public boolean equals(Object obj) { - if (this == obj) - return true; - if (obj == null || getClass() != obj.getClass()) - return false; - - LdapProperties that = (LdapProperties) obj; - - if (primaryUrl != null ? !primaryUrl.equals(that.primaryUrl) - : that.primaryUrl != null) - return false; - if (secondaryUrl != null ? !secondaryUrl.equals(that.secondaryUrl) - : that.secondaryUrl != null) - return false; - if (useSsl != that.useSsl) - return false; - if (anonymousBind != that.anonymousBind) - return false; - if (managerDn != null ? !managerDn.equals(that.managerDn) - : that.managerDn != null) - return false; - if (managerPassword != null ? !managerPassword - .equals(that.managerPassword) : that.managerPassword != null) - return false; - if (baseDN != null ? !baseDN.equals(that.baseDN) : that.baseDN != null) - return false; - if (userBase != null ? !userBase.equals(that.userBase) - : that.userBase != null) - return false; - if (userObjectClass != null ? !userObjectClass - .equals(that.userObjectClass) : that.userObjectClass != null) - return false; - if (usernameAttribute != null ? !usernameAttribute - .equals(that.usernameAttribute) - : that.usernameAttribute != null) - return false; - if (groupBase != null ? !groupBase.equals(that.groupBase) - : that.groupBase != null) - return false; - if (groupObjectClass != null ? !groupObjectClass - .equals(that.groupObjectClass) : that.groupObjectClass != null) - return false; - if (groupMembershipAttr != null ? !groupMembershipAttr - .equals(that.groupMembershipAttr) - : that.groupMembershipAttr != null) - return false; - if (groupNamingAttr != null ? !groupNamingAttr - .equals(that.groupNamingAttr) : that.groupNamingAttr != null) - return false; - if (adminGroupMappingRules != null ? !adminGroupMappingRules - .equals(that.adminGroupMappingRules) - : that.adminGroupMappingRules != null) - return false; - if (groupSearchFilter != null ? !groupSearchFilter - .equals(that.groupSearchFilter) - : that.groupSearchFilter != null) - return false; - if (dnAttribute != null ? !dnAttribute.equals(that.dnAttribute) - : that.dnAttribute != null) - return false; - if (referralMethod != null ? !referralMethod - .equals(that.referralMethod) : that.referralMethod != null) - return false; - - return true; - } - - @Override - public int hashCode() { - int result = primaryUrl != null ? primaryUrl.hashCode() : 0; - result = 31 * result - + (secondaryUrl != null ? secondaryUrl.hashCode() : 0); - result = 31 * result + (useSsl ? 1 : 0); - result = 31 * result + (anonymousBind ? 1 : 0); - result = 31 * result + (managerDn != null ? managerDn.hashCode() : 0); - result = 31 * result - + (managerPassword != null ? managerPassword.hashCode() : 0); - result = 31 * result + (baseDN != null ? baseDN.hashCode() : 0); - result = 31 * result + (userBase != null ? userBase.hashCode() : 0); - result = 31 * result - + (userObjectClass != null ? userObjectClass.hashCode() : 0); - result = 31 - * result - + (usernameAttribute != null ? usernameAttribute.hashCode() : 0); - result = 31 * result + (groupBase != null ? groupBase.hashCode() : 0); - result = 31 * result - + (groupObjectClass != null ? groupObjectClass.hashCode() : 0); - result = 31 - * result - + (groupMembershipAttr != null ? groupMembershipAttr.hashCode() - : 0); - result = 31 * result - + (groupNamingAttr != null ? groupNamingAttr.hashCode() : 0); - result = 31 - * result - + (adminGroupMappingRules != null ? adminGroupMappingRules - .hashCode() : 0); - result = 31 - * result - + (groupSearchFilter != null ? groupSearchFilter.hashCode() : 0); - result = 31 * result - + (dnAttribute != null ? dnAttribute.hashCode() : 0); - result = 31 * result - + (referralMethod != null ? referralMethod.hashCode() : 0); - return result; - } - - @Override - public String toString() { - return "LdapProperties [primaryUrl=" + primaryUrl + ", secondaryUrl=" - + secondaryUrl + ", useSsl=" + useSsl + ", anonymousBind=" - + anonymousBind + ", managerDn=" + managerDn - + ", managerPassword=" + managerPassword == null ? "null" - : "****" + ", baseDN=" + baseDN + ", dnAttribute=" - + dnAttribute + ", referralMethod=" + referralMethod - + ", groupBase=" + groupBase + ", groupObjectClass=" - + groupObjectClass + ", groupMembershipAttr=" - + groupMembershipAttr + ", groupNamingAttr=" - + groupNamingAttr + ", adminGroupMappingRules=" - + adminGroupMappingRules + ", groupMappingEnabled=" - + groupMappingEnabled + ", userBase=" + userBase - + ", userObjectClass=" + userObjectClass - + ", usernameAttribute=" + usernameAttribute - + ", userSearchBase=" + userSearchBase - + ", groupSearchFilter=" + groupSearchFilter + "]"; - } - -} http://git-wip-us.apache.org/repos/asf/ambari/blob/b0f1e340/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/security/LdapPropertyName.java ---------------------------------------------------------------------- diff --git a/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/security/LdapPropertyName.java b/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/security/LdapPropertyName.java deleted file mode 100644 index 370c94b..0000000 --- a/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/security/LdapPropertyName.java +++ /dev/null @@ -1,58 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ -package org.apache.ambari.logsearch.web.security; - -public class LdapPropertyName { - - public static final String LDAP_USE_SSL_KEY = "authentication.ldap.useSSL"; - public static final String LDAP_PRIMARY_URL_KEY = "authentication.ldap.primaryUrl"; - public static final String LDAP_SECONDARY_URL_KEY = "authentication.ldap.secondaryUrl"; - public static final String LDAP_BASE_DN_KEY = "authentication.ldap.baseDn"; - public static final String LDAP_BIND_ANONYMOUSLY_KEY = "authentication.ldap.bindAnonymously"; - public static final String LDAP_MANAGER_DN_KEY = "authentication.ldap.managerDn"; - public static final String LDAP_MANAGER_PASSWORD_KEY = "authentication.ldap.managerPassword"; - public static final String LDAP_DN_ATTRIBUTE_KEY = "authentication.ldap.dnAttribute"; - public static final String LDAP_USERNAME_ATTRIBUTE_KEY = "authentication.ldap.usernameAttribute"; - public static final String LDAP_USER_BASE_KEY = "authentication.ldap.userBase"; - public static final String LDAP_USER_OBJECT_CLASS_KEY = "authentication.ldap.userObjectClass"; - public static final String LDAP_GROUP_BASE_KEY = "authentication.ldap.groupBase"; - public static final String LDAP_GROUP_OBJECT_CLASS_KEY = "authentication.ldap.groupObjectClass"; - public static final String LDAP_GROUP_NAMING_ATTR_KEY = "authentication.ldap.groupNamingAttr"; - public static final String LDAP_GROUP_MEMEBERSHIP_ATTR_KEY = "authentication.ldap.groupMembershipAttr"; - public static final String LDAP_ADMIN_GROUP_MAPPING_RULES_KEY = "authorization.ldap.adminGroupMappingRules"; - public static final String LDAP_GROUP_SEARCH_FILTER_KEY = "authorization.ldap.groupSearchFilter"; - public static final String LDAP_REFERRAL_KEY = "authentication.ldap.referral"; - - // default - public static final String LDAP_BIND_ANONYMOUSLY_DEFAULT = "true"; - public static final String LDAP_PRIMARY_URL_DEFAULT = "localhost:389"; - public static final String LDAP_BASE_DN_DEFAULT = "dc=example,dc=com"; - public static final String LDAP_USERNAME_ATTRIBUTE_DEFAULT = "uid"; - public static final String LDAP_DN_ATTRIBUTE_DEFAULT = "dn"; - public static final String LDAP_USER_BASE_DEFAULT = "ou=people,dc=example,dc=com"; - public static final String LDAP_USER_OBJECT_CLASS_DEFAULT = "person"; - public static final String LDAP_GROUP_BASE_DEFAULT = "ou=groups,dc=example,dc=com"; - public static final String LDAP_GROUP_OBJECT_CLASS_DEFAULT = "group"; - public static final String LDAP_GROUP_NAMING_ATTR_DEFAULT = "cn"; - public static final String LDAP_GROUP_MEMBERSHIP_ATTR_DEFAULT = "member"; - public static final String LDAP_ADMIN_GROUP_MAPPING_RULES_DEFAULT = "Logsearch Administrators"; - public static final String LDAP_GROUP_SEARCH_FILTER_DEFAULT = ""; - public static final String LDAP_REFERRAL_DEFAULT = "ignore"; - -} http://git-wip-us.apache.org/repos/asf/ambari/blob/b0f1e340/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/security/LdapUtil.java ---------------------------------------------------------------------- diff --git a/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/security/LdapUtil.java b/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/security/LdapUtil.java deleted file mode 100644 index 6248e74..0000000 --- a/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/security/LdapUtil.java +++ /dev/null @@ -1,115 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ -package org.apache.ambari.logsearch.web.security; - -import java.io.IOException; -import java.util.Properties; - -import org.apache.ambari.logsearch.common.PropertiesHelper; -import org.apache.ambari.logsearch.common.XMLPropertiesHelper; -import org.apache.log4j.Logger; -import org.springframework.core.io.ClassPathResource; - -public class LdapUtil { - - private static Logger logger = Logger.getLogger(LdapUtil.class); - - /** - * Gets parameters of LDAP server to connect to - * - * @return LdapServerProperties object representing connection parameters - */ - public static LdapProperties getLdapServerProperties(Properties properties) { - LdapProperties ldapServerProperties = new LdapProperties(); - - ldapServerProperties.setPrimaryUrl(properties.getProperty(LdapPropertyName.LDAP_PRIMARY_URL_KEY, - LdapPropertyName.LDAP_PRIMARY_URL_DEFAULT)); - ldapServerProperties.setSecondaryUrl(properties.getProperty(LdapPropertyName.LDAP_SECONDARY_URL_KEY)); - ldapServerProperties.setUseSsl("true".equalsIgnoreCase(properties - .getProperty(LdapPropertyName.LDAP_USE_SSL_KEY))); - ldapServerProperties.setAnonymousBind("true".equalsIgnoreCase(properties.getProperty( - LdapPropertyName.LDAP_BIND_ANONYMOUSLY_KEY, LdapPropertyName.LDAP_BIND_ANONYMOUSLY_DEFAULT))); - ldapServerProperties.setManagerDn(properties.getProperty(LdapPropertyName.LDAP_MANAGER_DN_KEY)); - String ldapPasswordProperty = properties.getProperty(LdapPropertyName.LDAP_MANAGER_PASSWORD_KEY); - // TODO read password from password file - ldapServerProperties.setManagerPassword(ldapPasswordProperty); - ldapServerProperties.setBaseDN(properties.getProperty(LdapPropertyName.LDAP_BASE_DN_KEY, - LdapPropertyName.LDAP_BASE_DN_DEFAULT)); - ldapServerProperties.setUsernameAttribute(properties.getProperty(LdapPropertyName.LDAP_USERNAME_ATTRIBUTE_KEY, - LdapPropertyName.LDAP_USERNAME_ATTRIBUTE_DEFAULT)); - - ldapServerProperties.setUserBase(properties.getProperty(LdapPropertyName.LDAP_USER_BASE_KEY, - LdapPropertyName.LDAP_USER_BASE_DEFAULT)); - ldapServerProperties.setUserObjectClass(properties.getProperty(LdapPropertyName.LDAP_USER_OBJECT_CLASS_KEY, - LdapPropertyName.LDAP_USER_OBJECT_CLASS_DEFAULT)); - ldapServerProperties.setDnAttribute(properties.getProperty(LdapPropertyName.LDAP_DN_ATTRIBUTE_KEY, - LdapPropertyName.LDAP_DN_ATTRIBUTE_DEFAULT)); - - ldapServerProperties.setGroupBase(properties.getProperty(LdapPropertyName.LDAP_GROUP_BASE_KEY, - LdapPropertyName.LDAP_GROUP_BASE_DEFAULT)); - ldapServerProperties.setGroupObjectClass(properties.getProperty(LdapPropertyName.LDAP_GROUP_OBJECT_CLASS_KEY, - LdapPropertyName.LDAP_GROUP_OBJECT_CLASS_DEFAULT)); - ldapServerProperties.setGroupMembershipAttr(properties.getProperty( - LdapPropertyName.LDAP_GROUP_MEMEBERSHIP_ATTR_KEY, LdapPropertyName.LDAP_GROUP_MEMBERSHIP_ATTR_DEFAULT)); - ldapServerProperties.setGroupNamingAttr(properties.getProperty(LdapPropertyName.LDAP_GROUP_NAMING_ATTR_KEY, - LdapPropertyName.LDAP_GROUP_NAMING_ATTR_DEFAULT)); - ldapServerProperties.setAdminGroupMappingRules(properties.getProperty( - LdapPropertyName.LDAP_ADMIN_GROUP_MAPPING_RULES_KEY, - LdapPropertyName.LDAP_ADMIN_GROUP_MAPPING_RULES_DEFAULT)); - ldapServerProperties.setGroupSearchFilter(properties.getProperty(LdapPropertyName.LDAP_GROUP_SEARCH_FILTER_KEY, - LdapPropertyName.LDAP_GROUP_SEARCH_FILTER_DEFAULT)); - ldapServerProperties.setReferralMethod(properties.getProperty(LdapPropertyName.LDAP_REFERRAL_KEY, - LdapPropertyName.LDAP_REFERRAL_DEFAULT)); - - if (properties.containsKey(LdapPropertyName.LDAP_GROUP_BASE_KEY) - || properties.containsKey(LdapPropertyName.LDAP_GROUP_OBJECT_CLASS_KEY) - || properties.containsKey(LdapPropertyName.LDAP_GROUP_MEMEBERSHIP_ATTR_KEY) - || properties.containsKey(LdapPropertyName.LDAP_GROUP_NAMING_ATTR_KEY) - || properties.containsKey(LdapPropertyName.LDAP_ADMIN_GROUP_MAPPING_RULES_KEY) - || properties.containsKey(LdapPropertyName.LDAP_GROUP_SEARCH_FILTER_KEY)) { - ldapServerProperties.setGroupMappingEnabled(true); - } - - return ldapServerProperties; - } - - /** - * @return - */ - public static LdapProperties loadLdapProperties() { - LdapProperties ldapServerProperties = null; - String ldapConfigFileName = PropertiesHelper.getProperty("logsearch.login.ldap.config", "logsearch-admin-site.xml"); - Properties props = null; - ClassPathResource resource = new ClassPathResource(ldapConfigFileName); - if (resource != null) { - try { - props = new Properties(); - new XMLPropertiesHelper().loadFromXml(props, resource.getInputStream()); - ldapServerProperties = getLdapServerProperties(props); - } catch (IOException e) { - logger.error("Ldap configudation file loading failed : " + e.getMessage()); - } - } - if (ldapServerProperties == null) { - logger.error("ldapServerProperties object is not created."); - } - return ldapServerProperties; - } - -} http://git-wip-us.apache.org/repos/asf/ambari/blob/b0f1e340/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/security/LogsearchAbstractAuthenticationProvider.java ---------------------------------------------------------------------- diff --git a/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/security/LogsearchAbstractAuthenticationProvider.java b/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/security/LogsearchAbstractAuthenticationProvider.java deleted file mode 100644 index 1c7bf3b..0000000 --- a/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/security/LogsearchAbstractAuthenticationProvider.java +++ /dev/null @@ -1,48 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ -package org.apache.ambari.logsearch.web.security; - -import java.util.ArrayList; -import java.util.List; - -import org.springframework.security.authentication.AuthenticationProvider; -import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; -import org.springframework.security.core.GrantedAuthority; -import org.springframework.security.core.authority.SimpleGrantedAuthority; - -abstract class LogsearchAbstractAuthenticationProvider implements AuthenticationProvider { - - protected enum AuthMethod { - LDAP, FILE, EXTERNAL_AUTH, SIMPLE - }; - - @Override - public boolean supports(Class<?> authentication) { - return UsernamePasswordAuthenticationToken.class.isAssignableFrom(authentication); - } - - /** - * GET Default GrantedAuthority - */ - protected List<GrantedAuthority> getAuthorities() { - List<GrantedAuthority> grantedAuths = new ArrayList<>(); - grantedAuths.add(new SimpleGrantedAuthority("ROLE_USER")); - return grantedAuths; - } -} http://git-wip-us.apache.org/repos/asf/ambari/blob/b0f1e340/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/security/LogsearchAuthenticationProvider.java ---------------------------------------------------------------------- diff --git a/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/security/LogsearchAuthenticationProvider.java b/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/security/LogsearchAuthenticationProvider.java deleted file mode 100644 index 711e3ec..0000000 --- a/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/security/LogsearchAuthenticationProvider.java +++ /dev/null @@ -1,117 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ -package org.apache.ambari.logsearch.web.security; - -import java.util.HashMap; - -import org.apache.ambari.logsearch.util.JSONUtil; -import org.apache.log4j.Level; -import org.apache.log4j.Logger; -import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; -import org.springframework.security.core.Authentication; -import org.springframework.security.core.AuthenticationException; -import org.springframework.security.web.authentication.WebAuthenticationDetails; - -import javax.inject.Inject; -import javax.inject.Named; - -@Named -public class LogsearchAuthenticationProvider extends LogsearchAbstractAuthenticationProvider { - private static final Logger logger = Logger .getLogger(LogsearchAuthenticationProvider.class); - private static final Logger auditLogger = Logger.getLogger("org.apache.ambari.logsearch.audit"); - - @Inject - private LogsearchLdapAuthenticationProvider ldapAuthenticationProvider; - - @Inject - private LogsearchFileAuthenticationProvider fileAuthenticationProvider; - - @Inject - private LogsearchExternalServerAuthenticationProvider externalServerAuthenticationProvider; - - @Inject - private LogsearchSimpleAuthenticationProvider simpleAuthenticationProvider; - - @Override - public Authentication authenticate(Authentication inAuthentication) throws AuthenticationException { - logger.info("Authenticating user:" + inAuthentication.getName() + ", userDetail=" + inAuthentication.toString()); - logger.info("authentication.class=" + inAuthentication.getClass().getName()); - - HashMap<String, Object> auditRecord = new HashMap<String, Object>(); - auditRecord.put("user", inAuthentication.getName()); - auditRecord.put("principal", inAuthentication.getPrincipal().toString()); - auditRecord.put("auth_class", inAuthentication.getClass().getName()); - if (inAuthentication instanceof UsernamePasswordAuthenticationToken) { - UsernamePasswordAuthenticationToken authClass = (UsernamePasswordAuthenticationToken) inAuthentication; - Object details = authClass.getDetails(); - if (details instanceof WebAuthenticationDetails) { - WebAuthenticationDetails webAuthentication = (WebAuthenticationDetails) details; - auditRecord.put("remote_ip", webAuthentication.getRemoteAddress()); - auditRecord.put("session", webAuthentication.getSessionId()); - } - } - - boolean isSuccess = false; - try { - Authentication authentication = inAuthentication; - AuthenticationException authException = null; - - for (AuthMethod authMethod : AuthMethod.values()) { - try { - authentication = doAuth(authentication, authMethod); - if (authentication != null && authentication.isAuthenticated()) { - logger.info("Authenticated using method=" + authMethod.name() + ", user=" + authentication.getName()); - auditRecord.put("result", "allowed"); - isSuccess = true; - auditRecord.put("authType", authMethod.name()); - return authentication; - } - } catch (AuthenticationException ex) { - if (authException == null) { - authException = ex; - } - } catch (Exception e) { - logger.error(e, e.getCause()); - } - } - - auditRecord.put("result", "denied"); - logger.warn("Authentication failed for user=" + inAuthentication.getName() + ", userDetail=" + inAuthentication.toString()); - if (authException != null) { - auditRecord.put("reason", authException.getMessage()); - throw authException; - } - return authentication; - } finally { - String jsonStr = JSONUtil.mapToJSON(auditRecord); - auditLogger.log(isSuccess ? Level.INFO : Level.WARN, jsonStr); - } - } - - private Authentication doAuth(Authentication authentication, AuthMethod authMethod) { - switch (authMethod) { - case LDAP: return ldapAuthenticationProvider.authenticate(authentication); - case FILE: return fileAuthenticationProvider.authenticate(authentication); - case EXTERNAL_AUTH: return externalServerAuthenticationProvider.authenticate(authentication); - case SIMPLE: return simpleAuthenticationProvider.authenticate(authentication); - default: logger.error("Invalid authentication method :" + authMethod.name()); - } - return authentication; - } -} http://git-wip-us.apache.org/repos/asf/ambari/blob/b0f1e340/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/security/LogsearchExternalServerAuthenticationProvider.java ---------------------------------------------------------------------- diff --git a/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/security/LogsearchExternalServerAuthenticationProvider.java b/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/security/LogsearchExternalServerAuthenticationProvider.java deleted file mode 100644 index e23f0a2..0000000 --- a/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/security/LogsearchExternalServerAuthenticationProvider.java +++ /dev/null @@ -1,139 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ -package org.apache.ambari.logsearch.web.security; - -import java.util.ArrayList; -import java.util.List; - -import javax.inject.Inject; -import javax.inject.Named; - -import org.apache.ambari.logsearch.common.ExternalServerClient; -import org.apache.ambari.logsearch.common.PropertiesHelper; -import org.apache.ambari.logsearch.conf.AuthPropsConfig; -import org.apache.ambari.logsearch.util.JSONUtil; -import org.apache.commons.lang.StringEscapeUtils; -import org.apache.commons.lang.StringUtils; -import org.apache.log4j.Logger; -import org.springframework.security.authentication.BadCredentialsException; -import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; -import org.springframework.security.core.Authentication; -import org.springframework.security.core.AuthenticationException; - -/** - * - * Authentication provider to authenticate user from external-server using REST - * call - */ -@Named -public class LogsearchExternalServerAuthenticationProvider extends LogsearchAbstractAuthenticationProvider { - - private static Logger LOG = Logger.getLogger(LogsearchExternalServerAuthenticationProvider.class); - - private static final String ALLOWED_ROLE_PROP = "logsearch.roles.allowed"; - - private static enum PrivilegeInfo { - PERMISSION_LABEL("permission_label"), - PERMISSION_NAME("permission_name"), - PRINCIPAL_NAME("principal_name"), - PRINCIPAL_TYPE("principal_type"), - PRIVILEGE_ID("privilege_id"), - TYPE("type"), - USER_NAME("user_name"); - - private String propertyKey; - - private PrivilegeInfo(String name) { - this.propertyKey = name; - } - - public String toString() { - return propertyKey; - } - } - - @Inject - private ExternalServerClient externalServerClient; - - @Inject - private AuthPropsConfig authPropsConfig; - - /** - * Authenticating user from external-server using REST call - * - * @param authentication the authentication request object. - * @return a fully authenticated object including credentials. - * @throws AuthenticationException if authentication fails. - */ - @Override - public Authentication authenticate(Authentication authentication) throws AuthenticationException { - if (!authPropsConfig.isAuthExternalEnabled()) { - LOG.debug("external server auth is disabled."); - return authentication; - } - - String username = authentication.getName(); - String password = (String) authentication.getCredentials(); - if (StringUtils.isBlank(username)) { - throw new BadCredentialsException("Username can't be null or empty."); - } - if (StringUtils.isBlank(password)) { - throw new BadCredentialsException("Password can't be null or empty."); - } - password = StringEscapeUtils.unescapeHtml(password); - username = StringEscapeUtils.unescapeHtml(username); - - try { - String finalLoginUrl = authPropsConfig.getExternalAuthLoginUrl().replace("$USERNAME", username); - String responseObj = (String) externalServerClient.sendGETRequest(finalLoginUrl, String.class, username, password); - if (!isAllowedRole(responseObj)) { - LOG.error(username + " doesn't have permission"); - throw new BadCredentialsException("Invalid User"); - } - } catch (Exception e) { - LOG.error("Login failed for username :" + username + " Error :" + e.getLocalizedMessage()); - throw new BadCredentialsException("Bad credentials"); - } - authentication = new UsernamePasswordAuthenticationToken(username, password, getAuthorities()); - return authentication; - } - - /** - * Return true/false based on PEMISSION NAME return boolean - */ - private boolean isAllowedRole(String responseJson) { - String allowedRoleList[] = PropertiesHelper.getPropertyStringList(ALLOWED_ROLE_PROP); - - List<String> values = new ArrayList<>(); - JSONUtil.getValuesOfKey(responseJson, PrivilegeInfo.PERMISSION_NAME.toString(), values); - if (values.isEmpty()) - return true; - - if (allowedRoleList.length > 0 && responseJson != null) { - for (String allowedRole : allowedRoleList) { - for (String role : values) { - if (role.equals(allowedRole)) { - return true; - } - } - } - } - return false; - } -} http://git-wip-us.apache.org/repos/asf/ambari/blob/b0f1e340/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/security/LogsearchFileAuthenticationProvider.java ---------------------------------------------------------------------- diff --git a/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/security/LogsearchFileAuthenticationProvider.java b/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/security/LogsearchFileAuthenticationProvider.java deleted file mode 100644 index 8c12e0a..0000000 --- a/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/security/LogsearchFileAuthenticationProvider.java +++ /dev/null @@ -1,88 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ -package org.apache.ambari.logsearch.web.security; - -import java.util.Collection; - -import org.apache.ambari.logsearch.conf.AuthPropsConfig; -import org.apache.ambari.logsearch.util.CommonUtil; -import org.apache.commons.lang.StringEscapeUtils; -import org.apache.commons.lang.StringUtils; -import org.apache.log4j.Logger; -import org.springframework.security.authentication.BadCredentialsException; -import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; -import org.springframework.security.core.Authentication; -import org.springframework.security.core.AuthenticationException; -import org.springframework.security.core.GrantedAuthority; -import org.springframework.security.core.userdetails.UserDetails; -import org.springframework.security.core.userdetails.UserDetailsService; - -import javax.inject.Inject; -import javax.inject.Named; - -@Named -public class LogsearchFileAuthenticationProvider extends LogsearchAbstractAuthenticationProvider { - - private static final Logger logger = Logger.getLogger(LogsearchFileAuthenticationProvider.class); - - @Inject - private AuthPropsConfig authPropsConfig; - - @Inject - private UserDetailsService userDetailsService; - - @Override - public Authentication authenticate(Authentication authentication) throws AuthenticationException { - if (!authPropsConfig.isAuthFileEnabled()) { - logger.debug("File auth is disabled."); - return authentication; - } - - String username = authentication.getName(); - String password = (String) authentication.getCredentials(); - if (StringUtils.isBlank(username)) { - throw new BadCredentialsException("Username can't be null or empty."); - } - if (StringUtils.isBlank(password)) { - throw new BadCredentialsException("Password can't be null or empty."); - } - // html unescape - password = StringEscapeUtils.unescapeHtml(password); - username = StringEscapeUtils.unescapeHtml(username); - - UserDetails user = userDetailsService.loadUserByUsername(username); - if (user == null) { - logger.error("Username not found."); - throw new BadCredentialsException("User not found."); - } - if (StringUtils.isEmpty(user.getPassword())) { - logger.error("Password can't be null or empty."); - throw new BadCredentialsException("Password can't be null or empty."); - } - String encPassword = CommonUtil.encryptPassword(username, password); - if (!encPassword.equals(user.getPassword())) { - logger.error("Wrong password for user=" + username); - throw new BadCredentialsException("Wrong password."); - } - - Collection<? extends GrantedAuthority> authorities = user.getAuthorities(); - authentication = new UsernamePasswordAuthenticationToken(username, encPassword, authorities); - return authentication; - } -} http://git-wip-us.apache.org/repos/asf/ambari/blob/b0f1e340/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/security/LogsearchLdapAuthenticationProvider.java ---------------------------------------------------------------------- diff --git a/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/security/LogsearchLdapAuthenticationProvider.java b/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/security/LogsearchLdapAuthenticationProvider.java deleted file mode 100644 index ed4d7ef..0000000 --- a/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/security/LogsearchLdapAuthenticationProvider.java +++ /dev/null @@ -1,187 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ -package org.apache.ambari.logsearch.web.security; - -import java.util.List; - -import org.apache.ambari.logsearch.conf.AuthPropsConfig; -import org.apache.log4j.Logger; -import org.springframework.ldap.CommunicationException; -import org.springframework.ldap.core.support.LdapContextSource; -import org.springframework.security.authentication.BadCredentialsException; -import org.springframework.security.core.Authentication; -import org.springframework.security.core.AuthenticationException; -import org.springframework.security.core.userdetails.UsernameNotFoundException; -import org.springframework.security.ldap.authentication.LdapAuthenticationProvider; -import org.springframework.security.ldap.search.FilterBasedLdapUserSearch; - -import javax.annotation.PostConstruct; -import javax.inject.Inject; -import javax.inject.Named; - -@Named -public class LogsearchLdapAuthenticationProvider extends - LogsearchAbstractAuthenticationProvider { - - private static Logger logger = Logger - .getLogger(LogsearchLdapAuthenticationProvider.class); - - private static LdapProperties ldapServerProperties = null; - private static LdapAuthenticationProvider ldapAuthProvider = null; - private String logStatement = ""; - - @Inject - private AuthPropsConfig authPropsConfig; - - public LogsearchLdapAuthenticationProvider() { - } - - @PostConstruct - public void postConstruct() { - logger.debug("Creating object of ldap auth provider "); - if (authPropsConfig.isAuthLdapEnabled()) { - ldapAuthProvider = loadLdapAuthenticationProvider(); - } else { - logger.info("Ldap auth is disabled"); - } - } - - @Override - public Authentication authenticate(Authentication authentication) - throws AuthenticationException { - if (!authPropsConfig.isAuthLdapEnabled()) { - logger.debug("Ldap auth is disabled"); - return authentication; - } - try { - LdapAuthenticationProvider authProvider = loadLdapAuthenticationProvider(); - if (authProvider != null) { - return authProvider.authenticate(authentication); - } else { - return authentication; - } - } catch (AuthenticationException e) { - logger.info("Got exception during LDAP authentication attempt", e); - // Try to help in troubleshooting - Throwable cause = e.getCause(); - if (cause != null) { - if ((cause != e) - && (cause instanceof org.springframework.ldap.AuthenticationException)) { - logger.warn( - "Looks like LDAP manager credentials (that are used for " - + "connecting to LDAP server) are invalid.", - e); - } - } - } catch (CommunicationException e) { - logger.error(e); - } catch (Exception e) { - logger.error(e, e.getCause()); - } - if (authentication != null && !authentication.isAuthenticated()) { - logger.warn("Ldap authentication failed. username=" - + authentication.getName() + ", details=" - + authentication.getDetails()); - throw new BadCredentialsException("Invalid credentials!!"); - } - return authentication; - } - - /** - * Reloads LDAP Context Source and depending objects if properties were - * changed - * - * @return corresponding LDAP authentication provider - */ - private LdapAuthenticationProvider loadLdapAuthenticationProvider() { - if (reloadLdapServerProperties()) { - logger.info("LDAP Properties changed - rebuilding Context"); - LdapContextSource springSecurityContextSource = new LdapContextSource(); - List<String> ldapUrls = ldapServerProperties.getLdapUrls(); - logStatement = "ldapUrls=" + ldapUrls; - if (ldapUrls == null || ldapUrls.size() == 0) { - logger.info("LDAP URL is empty. So won't initialize LDAP provider"); - return null; - } - - springSecurityContextSource.setUrls(ldapUrls - .toArray(new String[ldapUrls.size()])); - springSecurityContextSource.setBase(ldapServerProperties - .getBaseDN()); - logStatement = logStatement + ", baseDN=" - + ldapServerProperties.getBaseDN(); - - if (!ldapServerProperties.isAnonymousBind()) { - springSecurityContextSource.setUserDn(ldapServerProperties - .getManagerDn()); - logStatement = logStatement + ", managerDN=" - + ldapServerProperties.getManagerDn(); - springSecurityContextSource.setPassword(ldapServerProperties - .getManagerPassword()); - } - - try { - springSecurityContextSource.afterPropertiesSet(); - } catch (Exception e) { - logger.error("LDAP Context Source not loaded ", e); - throw new UsernameNotFoundException( - "LDAP Context Source not loaded. ldapDetails=" - + logStatement, e); - } - - String userSearchBase = ldapServerProperties.getUserSearchBase(); - logStatement = logStatement + ", userSearchBase=" + userSearchBase; - String userSearchFilter = ldapServerProperties - .getUserSearchFilter(); - logStatement = logStatement + ", userSearchFilter=" - + userSearchFilter; - - logger.info("LDAP properties=" + logStatement); - FilterBasedLdapUserSearch userSearch = new FilterBasedLdapUserSearch( - userSearchBase, userSearchFilter, - springSecurityContextSource); - - LogsearchLdapBindAuthenticator bindAuthenticator = new LogsearchLdapBindAuthenticator( - springSecurityContextSource, ldapServerProperties); - bindAuthenticator.setUserSearch(userSearch); - - LdapAuthenticationProvider authenticationProvider = new LdapAuthenticationProvider( - bindAuthenticator); - ldapAuthProvider = authenticationProvider; - - } - return ldapAuthProvider; - } - - /** - * Reloads LDAP Server properties from configuration - * - * @return true if properties were reloaded - */ - private boolean reloadLdapServerProperties() { - LdapProperties properties = LdapUtil.loadLdapProperties(); - if (!properties.equals(ldapServerProperties)) { - logger.info("Reloading properties"); - ldapServerProperties = properties; - return true; - } - return false; - } - -} http://git-wip-us.apache.org/repos/asf/ambari/blob/b0f1e340/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/security/LogsearchLdapBindAuthenticator.java ---------------------------------------------------------------------- diff --git a/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/security/LogsearchLdapBindAuthenticator.java b/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/security/LogsearchLdapBindAuthenticator.java deleted file mode 100644 index 10f7507..0000000 --- a/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/security/LogsearchLdapBindAuthenticator.java +++ /dev/null @@ -1,46 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ -package org.apache.ambari.logsearch.web.security; - -import org.apache.log4j.Logger; -import org.springframework.ldap.core.DirContextOperations; -import org.springframework.ldap.core.support.BaseLdapPathContextSource; -import org.springframework.security.core.Authentication; -import org.springframework.security.ldap.authentication.BindAuthenticator; - -public class LogsearchLdapBindAuthenticator extends BindAuthenticator { - private static Logger logger = Logger - .getLogger(LogsearchLdapBindAuthenticator.class); - - LdapProperties ldapServerProperties; - - public LogsearchLdapBindAuthenticator( - BaseLdapPathContextSource contextSource, - LdapProperties ldapServerProperties) { - super(contextSource); - this.ldapServerProperties = ldapServerProperties; - logger.info("LDAP properties=" + ldapServerProperties); - } - - @Override - public DirContextOperations authenticate(Authentication authentication) { - return super.authenticate(authentication); - } - -} http://git-wip-us.apache.org/repos/asf/ambari/blob/b0f1e340/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/security/LogsearchSimpleAuthenticationProvider.java ---------------------------------------------------------------------- diff --git a/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/security/LogsearchSimpleAuthenticationProvider.java b/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/security/LogsearchSimpleAuthenticationProvider.java deleted file mode 100644 index 3506264..0000000 --- a/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/security/LogsearchSimpleAuthenticationProvider.java +++ /dev/null @@ -1,61 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ -package org.apache.ambari.logsearch.web.security; - -import org.apache.ambari.logsearch.conf.AuthPropsConfig; -import org.apache.ambari.logsearch.web.model.User; -import org.apache.commons.lang.StringEscapeUtils; -import org.apache.commons.lang.StringUtils; -import org.apache.log4j.Logger; -import org.springframework.security.authentication.BadCredentialsException; -import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; -import org.springframework.security.core.Authentication; -import org.springframework.security.core.AuthenticationException; - -import javax.inject.Inject; -import javax.inject.Named; - -@Named -public class LogsearchSimpleAuthenticationProvider extends LogsearchAbstractAuthenticationProvider { - - private static final Logger logger = Logger.getLogger(LogsearchSimpleAuthenticationProvider.class); - - @Inject - private AuthPropsConfig authPropsConfig; - - @Override - public Authentication authenticate(Authentication authentication) throws AuthenticationException { - if (!authPropsConfig.isAuthSimpleEnabled()) { - logger.debug("Simple auth is disabled"); - return authentication; - } - - String username = authentication.getName(); - String password = (String) authentication.getCredentials(); - username = StringEscapeUtils.unescapeHtml(username); - if (StringUtils.isBlank(username)) { - throw new BadCredentialsException("Username can't be null or empty."); - } - - User user = new User(); - user.setUsername(username); - authentication = new UsernamePasswordAuthenticationToken(username, password, getAuthorities()); - return authentication; - } -} http://git-wip-us.apache.org/repos/asf/ambari/blob/b0f1e340/ambari-logsearch/ambari-logsearch-portal/src/main/resources/HadoopServiceConfig.json ---------------------------------------------------------------------- diff --git a/ambari-logsearch/ambari-logsearch-portal/src/main/resources/HadoopServiceConfig.json b/ambari-logsearch/ambari-logsearch-portal/src/main/resources/HadoopServiceConfig.json deleted file mode 100644 index dd4bf6b..0000000 --- a/ambari-logsearch/ambari-logsearch-portal/src/main/resources/HadoopServiceConfig.json +++ /dev/null @@ -1,488 +0,0 @@ -{ - "service": { - "accumulo": { - "label": "Accumulo", - "components": [ - { - "name": "accumulo_gc" - }, - { - "name": "accumulo_master" - }, - { - "name": "accumulo_monitor" - }, - { - "name": "accumulo_tracer" - }, - { - "name": "accumulo_tserver" - } - ], - "dependencies": [ - ] - }, - "atlas": { - "label": "Atlas", - "components": [ - { - "name": "atlas_app" - } - ], - "dependencies": [ - ] - }, - "ambari": { - "label": "Ambari", - "components": [ - { - "name": "ambari_agent" - }, - { - "name": "ambari_server" - }, - { - "name": "ambari_alerts" - }, - { - "name": "ambari_audit" - }, - { - "name": "ambari_config_changes" - }, - { - "name": "ambari_eclipselink" - }, - { - "name": "ambari_server_check_database" - } - ], - "dependencies": [ - ] - }, - "ams": { - "label": "AMS", - "components": [ - { - "name": "ams_hbase_master" - }, - { - "name": "ams_hbase_regionserver" - }, - { - "name": "ams_collector" - }, - { - "name": "ams_monitor" - }, - { - "name": "ams_grafana" - } - ], - "dependencies": [ - ] - }, - "falcon": { - "label": "Falcon", - "components": [ - { - "name": "falcon_app" - } - ], - "dependencies": [ - ] - }, - "flume": { - "label": "Flume", - "components": [ - { - "name": "flume_handler" - } - ], - "dependencies": [ - ] - }, - "hbase": { - "label": "HBase", - "components": [ - { - "name": "hbase_master" - }, - { - "name": "hbase_regionserver" - }, - { - "name": "hbase_phoenix_server" - } - ], - "dependencies": [ - { - "service": "hdfs", - "components": [ - "hdfs_namenode" - ] - } - ] - }, - "hdfs": { - "label": "HDFS", - "components": [ - { - "name": "hdfs_datanode" - }, - { - "name": "hdfs_namenode" - }, - { - "name": "hdfs_journalnode" - }, - { - "name": "hdfs_secondarynamenode" - }, - { - "name": "hdfs_zkfc" - }, - { - "name": "hdfs_nfs3" - }, - { - "name": "hdfs_audit", - "rowtype": "audit" - } - ], - "dependencies": [ - ] - }, - "hive": { - "label": "Hive", - "components": [ - { - "name": "hive_hiveserver2" - }, - { - "name": "hive_metastore" - }, - { - "name": "webhcat_server" - } - ], - "dependencies": [ - { - "service": "hdfs", - "components": [ - "hdfs_namenode" - ] - } - ] - }, - "infra" : { - "label" : "Infra", - "components": [ - { - "name": "infra_solr" - } - ], - "dependencies": [ - ] - }, - "kafka": { - "label": "Kafka", - "components": [ - { - "name": "kafka_controller" - }, - { - "name": "kafka_request" - }, - { - "name": "kafka_logcleaner" - }, - { - "name": "kafka_server" - }, - { - "name": "kafka_statechange" - } - ], - "dependencies": [ - { - "service": "zookeeper", - "components": [ - "zookeeper" - ] - } - ] - }, - "knox": { - "label": "Knox", - "components": [ - { - "name": "knox_gateway" - }, - { - "name": "knox_cli" - }, - { - "name": "knox_ldap" - } - ], - "dependencies": [ - ] - }, - "nifi": { - "label": "NiFi", - "components": [ - { - "name": "nifi_app" - }, - { - "name": "nifi_bootstrap" - }, - { - "name": "nifi_setup" - }, - { - "name": "nifi_user" - } - ], - "dependencies": [ - ] - }, - "mapred": { - "label": "MapReduce", - "components": [ - { - "name": "mapred_historyserver" - } - ], - "dependencies": [ - ] - }, - "logsearch": { - "label": "Logsearch", - "components": [ - { - "name": "logsearch_app" - }, - { - "name": "logsearch_feeder" - }, - { - "name": "logsearch_perf" - }, - { - "name": "logsearch_solr" - } - ], - "dependencies": [ - ] - }, - "ranger": { - "label": "Ranger", - "components": [ - { - "name": "ranger_admin" - }, - { - "name": "ranger_dbpatch" - }, - { - "name": "ranger_kms" - }, - { - "name": "ranger_usersync" - } - ], - "dependencies": [ - { - "service": "hdfs", - "required": "optional", - "components": [ - "hdfs_namenode" - ] - }, - { - "service": "hbase", - "required": "optional", - "components": [ - "hbase_master", - "hbase_regionserver" - ] - }, - { - "service": "hive", - "required": "optional", - "components": [ - "hive_hiveserver2" - ] - }, - { - "service": "kafka", - "required": "optional", - "components": [ - "kafka_ranger" - ] - }, - { - "service": "knox", - "required": "optional", - "components": [ - "knox_gateway" - ] - }, - { - "service": "storm", - "required": "optional", - "components": [ - "storm_supervisor" - ] - }, - { - "service": "yarn", - "required": "optional", - "components": [ - "yarn_resourcemanager" - ] - } - ] - }, - "oozie": { - "label": "Oozie", - "components": [ - { - "name": "oozie_app" - } - ], - "dependencies": [ - ] - }, - "hst": { - "label": "SmartSense", - "components": [ - { - "name": "hst_server" - }, - { - "name": "hst_agent" - }, - { - "name": "activity_analyzer" - }, - { - "name": "activity_explorer" - } - ], - "dependencies": [ - ] - }, - "spark": { - "label": "Spark", - "components": [ - { - "name": "spark_jobhistory_server" - }, - { - "name": "spark_thriftserver" - }, - { - "name": "livy_server" - } - ], - "dependencies": [ - ] - }, - "spark2": { - "label": "Spark 2", - "components": [ - { - "name": "spark2_jobhistory_server" - }, - { - "name": "spark2_thriftserver" - } - ], - "dependencies": [ - ] - }, - "storm": { - "label": "Storm", - "components": [ - { - "name": "storm_drpc" - }, - { - "name": "storm_logviewer" - }, - { - "name": "storm_nimbus" - }, - { - "name": "storm_supervisor" - }, - { - "name": "storm_ui" - }, - { - "name": "storm_worker" - } - ], - "dependencies": [ - ] - }, - "yarn": { - "label": "YARN", - "components": [ - { - "name": "yarn_nodemanager" - }, - { - "name": "yarn_resourcemanager" - }, - { - "name": "yarn_timelineserver" - }, - { - "name": "yarn_historyserver" - }, - { - "name": "yarn_jobsummary" - } - ], - "dependencies": [ - ] - }, - "zeppelin": { - "label": "Zeppelin", - "components": [ - { - "name": "zeppelin" - } - ], - "dependencies": [ - ] - }, - "zookeeper": { - "label": "ZooKeeper", - "components": [ - { - "name": "zookeeper" - } - ], - "dependencies": [ - ] - }, - "System": { - "label": "System", - "components": [ - { - "name": "system_message" - }, - { - "name": "secure_log" - } - ], - "dependencies": [ - ] - } - } -} http://git-wip-us.apache.org/repos/asf/ambari/blob/b0f1e340/ambari-logsearch/ambari-logsearch-portal/src/main/resources/default.properties ---------------------------------------------------------------------- diff --git a/ambari-logsearch/ambari-logsearch-portal/src/main/resources/default.properties b/ambari-logsearch/ambari-logsearch-portal/src/main/resources/default.properties deleted file mode 100644 index cbfe157..0000000 --- a/ambari-logsearch/ambari-logsearch-portal/src/main/resources/default.properties +++ /dev/null @@ -1,29 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one or more -# contributor license agreements. See the NOTICE file distributed with -# this work for additional information regarding copyright ownership. -# The ASF licenses this file to You under the Apache License, Version 2.0 -# (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - - -#Note: Simple will be supported only if both file and ldap is disabled. -logsearch.auth.file.enable=true -logsearch.auth.ldap.enable=false -logsearch.auth.simple.enable=false - -logsearch.logfeeder.include.default.level=FATAL,ERROR,WARN,INFO,DEBUG,TRACE - -#login config -logsearch.login.credentials.file=user_pass.json -logsearch.login.ldap.config=logsearch-admin-site.xml - -logsearch.cert.folder.location=/etc/ambari-logsearch-portal/conf/keys -logsearch.cert.algorithm=sha256WithRSAEncryption http://git-wip-us.apache.org/repos/asf/ambari/blob/b0f1e340/ambari-logsearch/ambari-logsearch-portal/src/main/resources/log4j.xml ---------------------------------------------------------------------- diff --git a/ambari-logsearch/ambari-logsearch-portal/src/main/resources/log4j.xml b/ambari-logsearch/ambari-logsearch-portal/src/main/resources/log4j.xml deleted file mode 100644 index 547841a..0000000 --- a/ambari-logsearch/ambari-logsearch-portal/src/main/resources/log4j.xml +++ /dev/null @@ -1,119 +0,0 @@ -<?xml version="1.0" encoding="UTF-8" ?> -<!-- Licensed to the Apache Software Foundation (ASF) under one or more contributor - license agreements. See the NOTICE file distributed with this work for additional - information regarding copyright ownership. The ASF licenses this file to - You under the Apache License, Version 2.0 (the "License"); you may not use - this file except in compliance with the License. You may obtain a copy of - the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required - by applicable law or agreed to in writing, software distributed under the - License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS - OF ANY KIND, either express or implied. See the License for the specific - language governing permissions and limitations under the License. --> -<!DOCTYPE log4j:configuration SYSTEM "log4j.dtd"> -<log4j:configuration xmlns:log4j="http://jakarta.apache.org/log4j/"> - <appender name="console" class="org.apache.log4j.ConsoleAppender"> - <param name="Target" value="System.out" /> - <layout class="org.apache.log4j.PatternLayout"> - <param name="ConversionPattern" value="%d [%t] %-5p %C{6} (%F:%L) - %m%n" /> - </layout> - </appender> - - <!-- <appender name="rolling_file" class="org.apache.log4j.RollingFileAppender"> - <param name="file" value="logs/logsearch-app.log" /> - <param name="Threshold" value="info" /> - <param name="append" value="true" /> - <param name="maxFileSize" value="10MB" /> - <param name="maxBackupIndex" value="10" /> - <layout class="org.apache.log4j.PatternLayout"> - <param name="ConversionPattern" value="%d [%t] %-5p %C{6} (%F:%L) - %m%n" /> - </layout> - </appender> - - <appender name="audit_rolling_file" class="org.apache.log4j.RollingFileAppender"> - <param name="file" value="logs/logsearch-audit.log" /> - <param name="Threshold" value="info" /> - <param name="append" value="true" /> - <param name="maxFileSize" value="10MB" /> - <param name="maxBackupIndex" value="10" /> - <layout class="org.apache.log4j.PatternLayout"> - <param name="ConversionPattern" value="%d [%t] %-5p %C{6} (%F:%L) - %m%n" /> - </layout> - </appender> - - <appender name="performance_analyzer" class="org.apache.log4j.RollingFileAppender"> - <param name="file" value="logs/logsearch-performance.log" /> - <param name="Threshold" value="info" /> - <param name="append" value="true" /> - <param name="maxFileSize" value="10MB" /> - <param name="maxBackupIndex" value="10" /> - - <layout class="org.apache.log4j.PatternLayout"> - <param name="ConversionPattern" value="%d [%t] %-5p %C{6} (%F:%L) - %m%n" /> - </layout> - </appender> - --> - -<!-- logsearch appender config for the all above appender --> - - <appender name="rolling_file_json" - class="org.apache.ambari.logsearch.appender.LogsearchRollingFileAppender"> - <param name="file" value="target/logs/logsearch-app.json" /> - <param name="Threshold" value="info" /> - <param name="append" value="true" /> - <param name="maxFileSize" value="10MB" /> - <param name="maxBackupIndex" value="10" /> - <layout class="org.apache.ambari.logsearch.appender.LogsearchConversion" /> -</appender> - - <appender name="audit_rolling_file_json" - class="org.apache.ambari.logsearch.appender.LogsearchRollingFileAppender"> - <param name="file" value="target/logs/logsearch-audit.json" /> - <param name="Threshold" value="info" /> - <param name="append" value="true" /> - <param name="maxFileSize" value="10MB" /> - <param name="maxBackupIndex" value="10" /> - <layout class="org.apache.ambari.logsearch.appender.LogsearchConversion" /> - </appender> - - <appender name="performance_analyzer_json" - class="org.apache.ambari.logsearch.appender.LogsearchRollingFileAppender"> - <param name="file" value="target/logs/logsearch-performance.json" /> - <param name="Threshold" value="info" /> - <param name="append" value="true" /> - <param name="maxFileSize" value="10MB" /> - <param name="maxBackupIndex" value="10" /> - <layout class="org.apache.ambari.logsearch.appender.LogsearchConversion" /> - </appender> - - <!-- Logs to suppress BEGIN --> - <category name="org.apache.solr.common.cloud.ZkStateReader" additivity="false"> - <priority value="error" /> - <appender-ref ref="console" /> - </category> - <!-- Logs to suppress END --> - - <logger name="org.apache.ambari.logsearch.audit" - additivity="true"> - <!-- <appender-ref ref="audit_rolling_file" />--> - <appender-ref ref="audit_rolling_file_json" /> - </logger> - - <logger name="org.apache.ambari.logsearch.performance" - additivity="false"> - <!-- <appender-ref ref="performance_analyzer" />--> - <appender-ref ref="performance_analyzer_json" /> - </logger> - - <logger name="org.apache.ambari.logsearch" additivity="false"> - <!-- <appender-ref ref="console" /> --> - <!-- <appender-ref ref="rolling_file" />--> - <appender-ref ref="rolling_file_json" /> - </logger> - - <root> - <level value="warn" /> - <!-- <appender-ref ref="console" /> --> - <!--<appender-ref ref="rolling_file" />--> - <appender-ref ref="rolling_file_json" /> - </root> -</log4j:configuration> http://git-wip-us.apache.org/repos/asf/ambari/blob/b0f1e340/ambari-logsearch/ambari-logsearch-portal/src/main/resources/logsearch-admin-site.xml ---------------------------------------------------------------------- diff --git a/ambari-logsearch/ambari-logsearch-portal/src/main/resources/logsearch-admin-site.xml b/ambari-logsearch/ambari-logsearch-portal/src/main/resources/logsearch-admin-site.xml deleted file mode 100644 index 049172a..0000000 --- a/ambari-logsearch/ambari-logsearch-portal/src/main/resources/logsearch-admin-site.xml +++ /dev/null @@ -1,116 +0,0 @@ -<!-- Licensed under the Apache License, Version 2.0 (the "License"); you - may not use this file except in compliance with the License. You may obtain - a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless - required by applicable law or agreed to in writing, software distributed - under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES - OR CONDITIONS OF ANY KIND, either express or implied. See the License for - the specific language governing permissions and limitations under the License. - See accompanying LICENSE file. --> - - -<configuration> - <property> - <name>authentication.ldap.primaryUrl</name> - <value></value> - <display-name></display-name> - <description>The hostname and port for the LDAP or AD server. Example: my.ldap.server:389</description> - </property> - <property> - <name>authentication.ldap.useSSL</name> - <value>false</value> - <display-name></display-name> - <description>If true, use SSL when connecting to the LDAP or AD server.</description> - </property> - <property> - <name>authentication.ldap.baseDn</name> - <value>dc=example,dc=com</value> - <display-name></display-name> - <description>The root Distinguished Name to search in the directory for users. Example: ou=people,dc=hadoop,dc=apache,dc=org</description> - </property> - <property> - <name>authentication.ldap.bindAnonymously</name> - <value>false</value> - <display-name></display-name> - <description>If true, bind to the LDAP or AD server anonymously</description> - </property> - <property> - <name>authentication.ldap.managerDn</name> - <value>cn=Manager,dc=example,dc=com</value> - <display-name></display-name> - <description>If Bind anonymous is set to false, the Distinguished Name (âDNâ) for the manager. - Example: uid=hdfs,ou=people,dc=hadoop,dc=apache,dc=org</description> - </property> - <property> - <name>authentication.ldap.managerPassword</name> - <value></value> - <display-name></display-name> - <property-type>PASSWORD</property-type> - <description>If Bind anonymous is set to false, the password for the manager</description> - </property> - <property> - <name>authentication.ldap.dnAttribute</name> - <value>dn</value> - <display-name></display-name> - <description></description> - </property> - <property> - <name>authentication.ldap.usernameAttribute</name> - <value>uid</value> - <display-name></display-name> - <description>The attribute for username. Example: uid</description> - </property> - <property> - <name>authentication.ldap.userBase</name> - <value>ou=people,dc=example,dc=com</value> - <display-name></display-name> - <description></description> - </property> - <property> - <name>authentication.ldap.userObjectClass</name> - <value>person</value> - <display-name></display-name> - <description>The object class that is used for users. Example: organizationalPerson</description> - </property> - <property> - <name>authentication.ldap.groupBase</name> - <value>ou=groups,dc=example,dc=com"</value> - <display-name></display-name> - <description></description> - </property> - <property> - <name>authentication.ldap.groupObjectClass</name> - <value>group</value> - <display-name></display-name> - <description>The object class that is used for groups. Example: groupOfUniqueNames</description> - </property> - <property> - <name>authentication.ldap.groupNamingAttr</name> - <value>cn</value> - <display-name></display-name> - <description>The attribute for group name.</description> - </property> - <property> - <name>authentication.ldap.groupMembershipAttr</name> - <value>member</value> - <display-name></display-name> - <description>The attribute for group membership. Example: uniqueMember</description> - </property> - <property> - <name>authorization.ldap.adminGroupMappingRules</name> - <value>Logsearch Administrators</value> - <display-name></display-name> - <description></description> - </property> - <property> - <name>authorization.ldap.groupSearchFilter</name> - <value></value> - <display-name></display-name> - <description></description> - </property> - <property> - <name>authentication.ldap.referral</name> - <value>ignore</value> - <display-name></display-name> - <description>Determines if LDAP referrals should be followed, or ignored.</description> - </property> -</configuration> \ No newline at end of file