From 82aa9f4a96877549b1a0c064d6e84adf860e0202 Mon Sep 17 00:00:00 2001 From: Chris Cosby Date: Thu, 21 Apr 2011 17:12:29 -0400 Subject: [PATCH] Add inhibitInferRootDN to LDAP module. This allows rootDN to be blank, import for some broken AD servers accessed via LDAP. Originally-Committed-As: 9d43b581fd6a5c3f8585503a1bc464db720da8e0 --- .../main/java/hudson/security/LDAPSecurityRealm.java | 11 +++++++++-- .../hudson/security/LDAPSecurityRealm/config.jelly | 2 ++ .../hudson/security/LDAPSecurityRealmTest.groovy | 4 ++-- 3 files changed, 13 insertions(+), 4 deletions(-) diff --git a/core/src/main/java/hudson/security/LDAPSecurityRealm.java b/core/src/main/java/hudson/security/LDAPSecurityRealm.java index 5e07c26..9b038eb 100644 --- a/core/src/main/java/hudson/security/LDAPSecurityRealm.java +++ b/core/src/main/java/hudson/security/LDAPSecurityRealm.java @@ -222,6 +222,12 @@ public class LDAPSecurityRealm extends AbstractPasswordBasedSecurityRealm { */ public final String rootDN; + /** + * Allow the rootDN to be inferred? Default is false. + * If true, allow rootDN to be blank. + */ + public final boolean inhibitInferRootDN; + /** * Specifies the relative DN from {@link #rootDN the root DN}. * This is used to narrow down the search space when doing user search. @@ -281,11 +287,12 @@ public class LDAPSecurityRealm extends AbstractPasswordBasedSecurityRealm { private transient LdapTemplate ldapTemplate; @DataBoundConstructor - public LDAPSecurityRealm(String server, String rootDN, String userSearchBase, String userSearch, String groupSearchBase, String managerDN, String managerPassword) { + public LDAPSecurityRealm(String server, String rootDN, String userSearchBase, String userSearch, String groupSearchBase, String managerDN, String managerPassword, boolean inhibitInferRootDN) { this.server = server.trim(); this.managerDN = fixEmpty(managerDN); this.managerPassword = Scrambler.scramble(fixEmpty(managerPassword)); - if(fixEmptyAndTrim(rootDN)==null) rootDN= fixNull(inferRootDN(server)); + this.inhibitInferRootDN = inhibitInferRootDN; + if(!inhibitInferRootDN && fixEmptyAndTrim(rootDN)==null) rootDN= fixNull(inferRootDN(server)); this.rootDN = rootDN.trim(); this.userSearchBase = fixNull(userSearchBase).trim(); userSearch = fixEmptyAndTrim(userSearch); diff --git a/core/src/main/resources/hudson/security/LDAPSecurityRealm/config.jelly b/core/src/main/resources/hudson/security/LDAPSecurityRealm/config.jelly index 0f8cc20..a6951e5 100644 --- a/core/src/main/resources/hudson/security/LDAPSecurityRealm/config.jelly +++ b/core/src/main/resources/hudson/security/LDAPSecurityRealm/config.jelly @@ -31,6 +31,8 @@ THE SOFTWARE. + diff --git a/test/src/test/groovy/hudson/security/LDAPSecurityRealmTest.groovy b/test/src/test/groovy/hudson/security/LDAPSecurityRealmTest.groovy index ab50fdc..0f12ddf 100644 --- a/test/src/test/groovy/hudson/security/LDAPSecurityRealmTest.groovy +++ b/test/src/test/groovy/hudson/security/LDAPSecurityRealmTest.groovy @@ -42,7 +42,7 @@ public class LDAPSecurityRealmTest extends HudsonTestCase { * basic syntax errors and such. */ void testGroovyBeanDef() { - hudson.securityRealm = new LDAPSecurityRealm("ldap.itd.umich.edu",null,null,null,null,null,null); + hudson.securityRealm = new LDAPSecurityRealm("ldap.itd.umich.edu",null,null,null,null,null,null,null); println hudson.securityRealm.securityComponents // force the component creation } @@ -65,4 +65,4 @@ public class LDAPSecurityRealmTest extends HudsonTestCase { assertSame(d1.attributes,d3.attributes); assertNotSame(d1.attributes,d2.attributes); } -} \ No newline at end of file +}