private DirSearch createDirSearch(String user, String password) throws AuthenticationException { if (StringUtils.isBlank(user)) { throw new AuthenticationException("Error validating LDAP user:" + " a null or blank user name has been provided"); } if (StringUtils.isBlank(password) || password.getBytes()[0] == 0) { throw new AuthenticationException("Error validating LDAP user:" + " a null or blank password has been provided"); } List<String> principals = LdapUtils.createCandidatePrincipals(conf, user); for (Iterator<String> iterator = principals.iterator(); iterator.hasNext();) { String principal = iterator.next(); try { return searchFactory.getInstance(conf, principal, password); } catch (AuthenticationException ex) { if (!iterator.hasNext()) { throw ex; } } } throw new AuthenticationException( String.format("No candidate principals for %s was found.", user)); }
@Test public void testCreateCandidatePrincipalsForUserDn() { HiveConf conf = new HiveConf(); String userDn = "cn=user1,ou=CORP,dc=mycompany,dc=com"; List<String> expected = Arrays.asList(userDn); List<String> actual = LdapUtils.createCandidatePrincipals(conf, userDn); assertEquals(expected, actual); }
@Test public void testCreateCandidatePrincipalsForUserWithDomain() { HiveConf conf = new HiveConf(); String userWithDomain = "user1@mycompany.com"; List<String> expected = Arrays.asList(userWithDomain); List<String> actual = LdapUtils.createCandidatePrincipals(conf, userWithDomain); assertEquals(expected, actual); }
@Test public void testCreateCandidatePrincipals() { HiveConf conf = new HiveConf(); conf.setVar(HiveConf.ConfVars.HIVE_SERVER2_PLAIN_LDAP_BASEDN, "dc=mycompany,dc=com"); conf.setVar(HiveConf.ConfVars.HIVE_SERVER2_PLAIN_LDAP_USERDNPATTERN, "cn=%s,ou=CORP1,dc=mycompany,dc=com:cn=%s,ou=CORP2,dc=mycompany,dc=com"); List<String> expected = Arrays.asList( "cn=user1,ou=CORP1,dc=mycompany,dc=com", "cn=user1,ou=CORP2,dc=mycompany,dc=com"); List<String> actual = LdapUtils.createCandidatePrincipals(conf, "user1"); Collections.sort(expected); Collections.sort(actual); assertEquals(expected, actual); }
@Test public void testCreateCandidatePrincipalsLdapDomain() { HiveConf conf = new HiveConf(); conf.setVar(HiveConf.ConfVars.HIVE_SERVER2_PLAIN_LDAP_DOMAIN, "mycompany.com"); List<String> expected = Arrays.asList("user1@mycompany.com"); List<String> actual = LdapUtils.createCandidatePrincipals(conf, "user1"); assertEquals(expected, actual); }
@Test public void testCreateCandidatePrincipalsUserPatternsDefaultBaseDn() { HiveConf conf = new HiveConf(); conf.setVar(HiveConf.ConfVars.HIVE_SERVER2_PLAIN_LDAP_GUIDKEY, "sAMAccountName"); conf.setVar(HiveConf.ConfVars.HIVE_SERVER2_PLAIN_LDAP_BASEDN, "dc=mycompany,dc=com"); List<String> expected = Arrays.asList("sAMAccountName=user1,dc=mycompany,dc=com"); List<String> actual = LdapUtils.createCandidatePrincipals(conf, "user1"); assertEquals(expected, actual); }
private DirSearch createDirSearch(String user, String password) throws AuthenticationException { if (StringUtils.isBlank(user)) { throw new AuthenticationException("Error validating LDAP user:" + " a null or blank user name has been provided"); } if (StringUtils.isBlank(password) || password.getBytes()[0] == 0) { throw new AuthenticationException("Error validating LDAP user:" + " a null or blank password has been provided"); } List<String> principals = LdapUtils.createCandidatePrincipals(conf, user); for (Iterator<String> iterator = principals.iterator(); iterator.hasNext();) { String principal = iterator.next(); try { return searchFactory.getInstance(conf, principal, password); } catch (AuthenticationException ex) { if (!iterator.hasNext()) { throw ex; } } } throw new AuthenticationException( String.format("No candidate principals for %s was found.", user)); }