Uploaded image for project: 'Ambari'
  1. Ambari
  2. AMBARI-22481

Make Ambari LDAP configuration API consistent with existing API

    XMLWordPrintableJSON

Details

    • Task
    • Status: Resolved
    • Critical
    • Resolution: Fixed
    • 2.7.0
    • 2.7.0
    • ambari-server
    • None

    Description

      Make Ambari configuration API consistent with existing API.

      The current API entry point (as of AMBARI-21307) to set and test the LDAP configuration is /api/v1/ldapconfigs. This should be more inline with the existing entry point for Ambari server related data... /api/v1/services/AMBARI/components/AMBARI_SERVER.

      The new API entry point for Ambari server related configuration data should be /api/v1/services/AMBARI/components/AMBARI_SERVER/configurations. For the LDAP-specific configuration, the configuration category is "ldap-configuration".

      See AMBARI-22418 for examples on setting and getting this configuration.

      For testing the configuration, the following directives should be used:

      • op=test-connection
      • op=test-attributes
      • op=detect-attributes

      For example:
      Test the connection for a new set of configuration data

      URL
      POST /api/v1/services/AMBARI/components/AMBARI_SERVER/configurations?op=test-connection
      Payload
      {
  "Configuration": {    
    "category" : "ldap-configuration",
    "properties": {
        "ambari.ldap.connectivity.server.host": "ldap.forumsys.com",
        "ambari.ldap.connectivity.server.port": "389",
        "ambari.ldap.connectivity.anonymous_bind": "true",
        "ambari.ldap.attributes.user.search_base": "dc=example,dc=com",
        "ambari.ldap.attributes.user.object_class": "person",
        "ambari.ldap.attributes.user.name_attr": "uid",
        "ambari.ldap.attributes.group.object_class": "groupOfUniqueNames",
        "ambari.ldap.attributes.group.name_attr": "cn",
        "ambari.ldap.attributes.group.member_attr": "uniqueMember",
        "ambari.ldap.attributes.group.search_base": "dc=example,dc=com"
      }
  }
}
      Success Response
      Status 201: Created
{
  "operationResults" : {
    "test-connection" : {
      "status" : "success"
    }
  }
}
      Error Response
      Status 201: Created
{
  "operationResults" : {
    "test-connection" : {
      "status" : "error",
      "message" : "An unexpected error has occurred."
    }
  }
}

      Test the connection for an updated set of configuration data

      URL
      PUT /api/v1/services/AMBARI/components/AMBARI_SERVER/configurations/ldap-configuration?op=test-connection
      Payload
      {
  "Configuration": {    
    "category" : "ldap-configuration",
    "properties": {
        "ambari.ldap.connectivity.server.host": "new.ldap.host.com"
      }
  }
}
      Success Response
      Status 200: OK
{
  "operationResults" : {
    "test-connection" : {
      "status" : "success"
    }
  }
}
      Error Response
      Status 200: OK
{
  "operationResults" : {
    "test-connection" : {
      "status" : "error",
      "message" : "An unexpected error has occurred."
    }
  }
}

      Test the attributes of a user for a new set of configuration data

      URL
      POST /api/v1/services/AMBARI/components/AMBARI_SERVER/configurations?op=test-attributes
      Payload
      {
  "Configuration": {    
    "category" : "ldap-configuration",
    "properties": {
        "ambari.ldap.connectivity.server.host": "ldap.forumsys.com",
        "ambari.ldap.connectivity.server.port": "389",
        "ambari.ldap.connectivity.anonymous_bind": "true",
        "ambari.ldap.attributes.user.search_base": "dc=example,dc=com",
        "ambari.ldap.attributes.user.object_class": "person",
        "ambari.ldap.attributes.user.name_attr": "uid",
        "ambari.ldap.attributes.group.object_class": "groupOfUniqueNames",
        "ambari.ldap.attributes.group.name_attr": "cn",
        "ambari.ldap.attributes.group.member_attr": "uniqueMember",
        "ambari.ldap.attributes.group.search_base": "dc=example,dc=com"
      }
  },
 "RequestInfo":{
  	"parameters":{
  		"ambari.ldap.test.user.name": "euclid"
  	}
  }
}
      Success Response
      Status 201: Created
{
  "operationResults" : {
    "test-attributes" : {
      "status" : "success",
      "response" : {
        "groups" : [
          "Mathematicians"
        ]
      }
    }
  }
}
      Error Response
      Status 201: Created
{
  "operationResults" : {
    "test-attributes" : {
      "status" : "error",
      "message" : "An unexpected error has occurred."
    }
  }
}

      Test the attributes of a user for an updated set of configuration data

      URL
      PUT /api/v1/services/AMBARI/components/AMBARI_SERVER/configurations/ldap-configuration?op=test-attributes
      Payload
      {
  "Configuration": {    
    "category" : "ldap-configuration",
    "properties": {
        "ambari.ldap.attributes.group.member_attr": "uniqueMember"
      }
  },
 "RequestInfo":{
  	"parameters":{
  		"ambari.ldap.test.user.name": "euclid"
  	}
  }
}
      Success Response
      Status 200: OK
{
  "operationResults" : {
    "test-attributes" : {
      "status" : "success",
      "response" : {
        "groups" : [
          "Mathematicians"
        ]
      }
    }
  }
}
      Error Response
      Status 200: OK
{
  "operationResults" : {
    "test-attributes" : {
      "status" : "error",
      "message" : "An unexpected error has occurred."
    }
  }
}

      Detect the attributes for a user and a group for a new set of configuration data

      URL
      POST /api/v1/services/AMBARI/components/AMBARI_SERVER/configurations?op=detect-attributes
      Payload
      {
  "Configuration": {    
    "category" : "ldap-configuration",
    "properties": {
        "ambari.ldap.connectivity.server.host": "ldap.forumsys.com",
        "ambari.ldap.connectivity.server.port": "389",
        "ambari.ldap.connectivity.anonymous_bind": "true",
        "ambari.ldap.attributes.user.search_base": "dc=example,dc=com",
        "ambari.ldap.attributes.group.search_base": "dc=example,dc=com"
      }
  }
}
      Success Response
      Status 201: Created
{
  "operationResults" : {
    "detect-attributes" : {
      "status" : "success",
      "response" : {
        "attributes" : {
          "ambari.ldap.attributes.group.name_attr" : "cn",
          "ambari.ldap.attributes.user.object_class" : "person",
          "ambari.ldap.attributes.group.member_attr" : "memberUid",
          "ambari.ldap.attributes.user.group_member_attr" : "N/A",
          "ambari.ldap.attributes.user.search_base" : "dc=example,dc=com",
          "ambari.ldap.attributes.group.object_class" : "posixGroup",
          "ambari.ldap.attributes.group.search_base" : "dc=example,dc=com",
          "ambari.ldap.connectivity.server.host" : "ldap.forumsys.com",
          "ambari.ldap.connectivity.anonymous_bind" : "true",
          "ambari.ldap.connectivity.server.port" : "389",
          "ambari.ldap.attributes.user.name_attr" : "sAMAccountName"
        }
      }
    }
  }
}
      Error Response
      Status 201: Created
{
  "operationResults" : {
    "detect-attributes" : {
      "status" : "error",
      "message" : "An unexpected error has occurred."
    }
  }
}

      Detect the attributes for a user and a group for an updated set of configuration data

      URL
      PUT /api/v1/services/AMBARI/components/AMBARI_SERVER/configurations/ldap-configuration?op=test-attributes
      Payload
      {
  "Configuration": {    
    "category" : "ldap-configuration",
    "properties": {
      "ambari.ldap.connectivity.anonymous_bind": "false",
      "ambari.ldap.connectivity.bind_dn": "cn=read-only-admin,dc=example,dc=com",
      "ambari.ldap.connectivity.bind_password": "password"
    }
  }
}
      Success Response
      Status 200: OK
{
  "operationResults" : {
    "detect-attributes" : {
      "status" : "success",
      "response" : {
        "attributes" : {
          "ambari.ldap.connectivity.bind_password" : "password",
          "ambari.ldap.attributes.group.name_attr" : "cn",
          "ambari.ldap.attributes.user.object_class" : "person",
          "ambari.ldap.attributes.group.member_attr" : "memberUid",
          "ambari.ldap.attributes.user.group_member_attr" : "N/A",
          "ambari.ldap.attributes.user.search_base" : "dc=example,dc=com",
          "ambari.ldap.connectivity.bind_dn" : "cn=read-only-admin,dc=example,dc=com",
          "ambari.ldap.attributes.group.object_class" : "posixGroup",
          "ambari.ldap.attributes.group.search_base" : "dc=example,dc=com",
          "ambari.ldap.connectivity.server.host" : "ldap.forumsys.com",
          "ambari.ldap.connectivity.anonymous_bind" : "false",
          "ambari.ldap.connectivity.server.port" : "389",
          "ambari.ldap.attributes.user.name_attr" : "sAMAccountName"
        }
      }
    }
  }
}
      Error Response
      Status 200: OK
{
  "operationResults" : {
    "detect-attributes" : {
      "status" : "error",
      "message" : "An unexpected error has occurred."
    }
  }
}

      Attachments

        1. AMBARI-22481_trunk_02.patch
          145 kB
          Robert Levas
        2. AMBARI-22481_trunk_01.patch
          146 kB
          Robert Levas

        Issue Links

          links to

          Web Link ReviewBoard

          Activity

            People

              rlevas Robert Levas
              rlevas Robert Levas
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: