NIFI-3390 Added support for multiple LDAP servers. This closes #1441

2017-01-24 19:18:42 +01:00 · 2017-01-24 19:18:42 +01:00 · c15111d985
parent a1ecea3600
commit c15111d985
3 changed files with 5 additions and 5 deletions
--- a/nifi-docs/src/main/asciidoc/administration-guide.adoc
+++ b/nifi-docs/src/main/asciidoc/administration-guide.adoc
@ -322,7 +322,7 @@ nifi.security.user.login.identity.provider=ldap-provider
 |`Referral Strategy` | Strategy for handling referrals. Possible values are FOLLOW, IGNORE, THROW.
 |`Connect Timeout` | Duration of connect timeout. (i.e. 10 secs).
 |`Read Timeout` | Duration of read timeout. (i.e. 10 secs).
-|`Url` | Url of the LDAP servier (i.e. ldap://<hostname>:<port>).
+|`Url` | Space-separated list of URLs of the LDAP servers (i.e. ldap://<hostname>:<port>).
 |`User Search Base` | Base DN for searching for users (i.e. CN=Users,DC=example,DC=com).
 |`User Search Filter` | Filter for searching for users against the 'User Search Base'. (i.e. sAMAccountName={0}). The user specified name is inserted into '{0}'.
 |`Identity Strategy` | Strategy to identify users. Possible values are USE_DN and USE_USERNAME. The default functionality if this property is missing is USE_DN in order to retain backward
--- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-resources/src/main/resources/conf/login-identity-providers.xml
+++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-resources/src/main/resources/conf/login-identity-providers.xml
@ -50,7 +50,7 @@
        'Connect Timeout' - Duration of connect timeout. (i.e. 10 secs).
        'Read Timeout' - Duration of read timeout. (i.e. 10 secs).
       
-        'Url' - Url of the LDAP servier (i.e. ldap://<hostname>:<port>).
+        'Url' - Space-separated list of URLs of the LDAP servers (i.e. ldap://<hostname>:<port>).
        'User Search Base' - Base DN for searching for users (i.e. CN=Users,DC=example,DC=com).
        'User Search Filter' - Filter for searching for users against the 'User Search Base'.
            (i.e. sAMAccountName={0}). The user specified name is inserted into '{0}'.
--- a/nifi-nar-bundles/nifi-ldap-iaa-providers-bundle/nifi-ldap-iaa-providers/src/main/java/org/apache/nifi/ldap/LdapProvider.java
+++ b/nifi-nar-bundles/nifi-ldap-iaa-providers-bundle/nifi-ldap-iaa-providers/src/main/java/org/apache/nifi/ldap/LdapProvider.java
@ -174,14 +174,14 @@ public class LdapProvider implements LoginIdentityProvider {
        context.setReferral(referralStrategy.getValue());

        // url
-        final String url = configurationContext.getProperty("Url");
+        final String urls = configurationContext.getProperty("Url");

-        if (StringUtils.isBlank(url)) {
+        if (StringUtils.isBlank(urls)) {
            throw new ProviderCreationException("LDAP identity provider 'Url' must be specified.");
        }

        // connection
-        context.setUrl(url);
+        context.setUrls(StringUtils.split(urls));

        // search criteria
        final String userSearchBase = configurationContext.getProperty("User Search Base");