Hi Abhinandan, It should be there. I have it marked as public so the following link should work as well:
https://google-melange.appspot.com/gsoc/proposal/review/google/gsoc2013/imduffy15/1 Thanks! Ian On 6 May 2013 12:32, Abhinandan Prateek <agneya2...@hotmail.com> wrote: > I am unable to see the proposal in melange website. Am I missing something > ? > > -abhi > > On 04/05/13 6:56 PM, "Sebastien Goasguen" <run...@gmail.com> wrote: > > >Ian thanks a lot for your proposal and submission. > > > >This project has been proposed by Abhinandan Prateek, so I am copying him > >in this email so he can comment. > > > >@Abhi, you need to access the google melange site and find Ian's proposal > > > >-Sebastien > > > >On May 3, 2013, at 12:40 PM, Ian Duffy <i...@ianduffy.ie> wrote: > > > >> Hi, > >> > >> Sorry just noticed that the attachment appeared to have got stripped, > >>here > >> is the contents of the PDF. Alternatively I have uploaded it here: > >> http://ianduffy.ie/Cloudstack-LDAP.pdf > >> > >> *Apache Cloudstack Google Summer of Code Project: LDAP user > >>provisioning* > >> > >> > >> Need to automate the way the LDAP users are provisioned into cloud > >>stack. > >> This will mean better integration with a LDAP server, ability to import > >> users and a way to define how the LDAP user maps to the cloudstack > >>users. > >> > >> > >> Abstract > >> > >> > >> > >> The aim of this project is to provide an easier mechanism to provision > >> users from LDAP into cloudstack. Currently cloudstack provides > >> authentication LDAP authentication. In this authentication users must > >>be > >> first setup in cloudstack. Once the user is setup in cloudstack they > >>can > >> authenticate using their ldap username and password. > >> > >> > >> > >> This feature aims to extend the current functionality to make user setup > >> align with LDAP group. > >> > >> > >> Deliverables > >> > >> ñ Service that retrieves a list of ldap users from the configured group > >> > >> ñ Extension of cloudstack UI ³Add User² screen to offer user list from > >> LDAP > >> > >> ñ Add service for saving new user with details from LDAP > >> > >> ñ BDD unit and acceptance automated testing > >> > >> ñ Document change details > >> > >> > >> Quantifiable results > >> > >> > >> Given A need to add new user to cloudstack and LDAP is setup > >> > >> When > >> > >> You open the ³Add User² screen > >> > >> Then > >> > >> A table of users appears for the current list of users (not already > >>created > >> on cloudstack) from the LDAP group displaying their a checkbox, > >>username, > >> name and email address. The timezone dropdown will still be available > >> beside each user. > >> Given A need to add new user to cloudstack and LDAP is not setup > >> > >> When > >> > >> You open the ³Add User² screen > >> > >> Then > >> > >> The current add user screen and functionality is provided > >> Given A need to add new user to cloudstack and LDAP is setup > >> > >> When > >> > >> You open the ³Add User² screen and mandatory information is missing > >> > >> Then > >> > >> These fields will be editable to enable you populate the name or email > >> address > >> > >> > >> Given A need to add new user to cloudstack, LDAP is setup but user is > >>in > >> the ldap query group > >> > >> When > >> > >> You open the ³Add User² screen > >> > >> Then > >> > >> There is a list of LDAP users displayed but your current user is > >>present in > >> the list > >> Given A need to add new user to cloudstack, LDAP is setup but user > >>is > >> not in the query group > >> > >> When > >> > >> You open the ³Add User² screen > >> > >> Then > >> > >> There is a list of LDAP users displayed but your current user is not in > >>the > >> list > >> Given You need to add group of new users to cloudstack > >> > >> When > >> > >> You open the ³Add User² screen, select the users and hit save > >> > >> Then > >> > >> The list of new users are saved to the database > >> > >> > >> Given You need to add group of new users to cloudstack > >> > >> When > >> > >> You open the ³Add User² screen, select the users and hit save > >> > >> Then > >> > >> The list of new users are saved to the database > >> > >> > >> Given You have created a new LDAP user on cloudstack > >> > >> When > >> > >> The user authenticates against cloudstack with the right credentials > >> > >> Then > >> > >> They are authorised in cloudstack > >> Given A user wants to edit an LDAP user > >> > >> When > >> > >> They open the Edit User screen > >> > >> Then > >> > >> The password fields are disabled and cannot be changed > >> The design document *Ldap User List Service* > >> > >> > >> > >> *name*: ldapUserList > >> > >> *responseObject*: LDAPUserResponse {username, email, name} > >> > >> *parameter*: listType:enum {NEW, EXISTING, ALL} (Default to ALL if no > >> option provided) > >> > >> > >> > >> Create a new API service call for retreiving the list of users from > >>LDAP. > >> This will call a new ConfigurationService which will retrieve the list > >>of > >> users using the configured search base and the query filter. The list > >>may > >> be filtered in the ConfigurationService based on listType parameter. > >> > >> > >> > >> *Ldap Available Service* > >> > >> > >> > >> *name*: ldapAvailable > >> > >> *responseObject*: LDAPAvailableResponse {available:boolean} > >> > >> > >> > >> Create a new API service call verifying LDAP is setup correctly > >>verifying > >> the following configuration elements are all set: > >> > >> ñ ldap.hostname > >> > >> ñ ldap.port > >> > >> ñ ldap.usessl > >> > >> ñ ldap.queryfilter > >> > >> ñ ldap.searchbase > >> > >> ñ ldap.dn > >> > >> ñ ldap.password > >> > >> > >> > >> The verification that all of these are set will return an available > >>boolean > >> true. If required this could perform a status check against LDAP first > >>and > >> provide warning if it fails. > >> > >> > >> *Ldap Save Users Service* > >> > >> > >> > >> *name*: ldapSaveUsers > >> > >> *responseObject*: LDAPSaveUsersResponse {list<UserResponse>} > >> > >> *parameter*: list of users > >> > >> > >> > >> Saves the list of objects instead. Following the functionality in > >> CreateUserCmd it will > >> > >> ñ Create the user via the account service > >> > >> ñ Handle the response > >> > >> > >> > >> It will be decided whether a transation should remain over whole save or > >> only over individual users. A list of UserResponse will be returned. > >> > >> > >> > >> > >> > >> > >> > >> *Extension of cloudstack UI ³Add User² screen * > >> > >> > >> > >> Extend account.js to enable it add a user list with editable fields > >>where > >> required. The new ³Add User² screen for LDAP setup. > >> > >> ñ This will make an ajax call to the ldapAvailable, ldapUserList and > >> ldapSaveUsers services > >> > >> ñ Validation will be maintained on username, email, firstname and > >>lastname > >> > >> > >> > >> *Extension of cloudstack UI ³Edit User² screen * > >> > >> > >> > >> Extend account.js to disable the password fields on the edit user > >>screen if > >> LDAP available. > >> > >> ñ This will make an ajax call to the ldapAvailable and updateUser > >>services > >> > >> ñ Validation will be maintained on username, email, firstname and > >> lastname. Additional server validation will ensure password has not > >> changed. > >> > >> > >> > >> > >> Approach > >> > >> > >> > >> To get started a development cloudstack environment with DevCloud used > >>to > >> verify changes. Then once the schedule agreed with the mentor the > >> deliverables will be broken into smaller User stories with expected > >> delivery dates set. The development cycle will focus on BDD enforcing > >>all > >> unit and acceptance tests written first. > >> > >> > >> > >> A build pipe line for continious delivery environment around cloudstack > >> here will be created, the following stages will be adopted > >> > >> > >> > >> *Stage* > >> > >> *Action* > >> > >> Commit > >> > >> Runs unit tests > >> > >> Sonar > >> > >> Runs code quality metrics > >> > >> Acceptance > >> > >> Deploys the dev cloud and runs all acceptance tests > >> > >> Deployment > >> > >> Deploy a new management server using Chef > >> > >> > >> > >> > >> About Me > >> > >> > >> > >> I am a Computer Science Student at Dublin City University in Ireland. I > >> have interests in virtualization, automation, information systems, > >> networking and web development. > >> > >> > >> > >> I was involved with a project in a K-12(educational) environment of > >>moving > >> their server systems over to a virtualized environment on ESXi. I have > >> good knowledge of programming in Java, PHP and Scripting langages. > >>During > >> the configuration of an automation system for OS deployment I > >>experienced > >> some exposure to scripting in powershell, batch, vbs and bash and > >> configuration of PXE images based of WinPE and Debian. > >> > >> Additionally I am also a mentor in an opensource teaching movement > >>called > >> CoderDojo, we teach kids from the age of 8 everything from web page, > >>HTML 5 > >> game and raspberry pi development. > >> > >> > >> > >> I¹m excited at the opportunity and learning experience that cloudstack > >>are > >> offering with this project. > >> > >> > >> References > >> > >> > >> > >> ñ https://cwiki.apache.org/CLOUDSTACK/development-101.html > >> > >> ñ > >> > >> > http://cloudstack.apache.org/docs/en-US/Apache_CloudStack/4.0.2/html/Admi > >>n_Guide/ > >> > >> ñ > >> > >> > http://cloudstack.apache.org/docs/en-US/Apache_CloudStack/4.0.2/html/API_ > >>Developers_Guide/index.html > >> > >> ñ https://issues.apache.org/jira/browse/CLOUDSTACK-2014 > >> > >> ñ > >> > >> > http://www.slideshare.net/sebastiengoasguen/apache-cloudstack-google-summ > >>er-of-code > >> > >> ñ > >> > >> > http://kirkjantzer.blogspot.co.uk/2013/03/ldap-authentication-in-cloudsta > >>ck-v401.html > >> > >> ñ http://www.ldapguru.info/ldap/ldap-search-best-practices.html > >> > >> ñ > >> > http://docs.oracle.com/javase/6/docs/technotes/guides/jndi/jndi-ldap.html > >> > >> > >> > >> > >> > >> > >> On 3 May 2013 17:35, Ian Duffy <i...@ianduffy.ie> wrote: > >> > >>> Hi, > >>> > >>> I was wondering If I could get some feedback on the attached file > >>>labeled > >>> "Cloudstack-LDAP.pdf". It outlines a design document for the project > >>> labeled "LDAP user provisioning" > >>> > >>> From my current understanding of the single sign on mechanism > >>>implemented > >>> in cloudstack a LDAP user must be created manually within the > >>>cloudstack > >>> database. Would it be preferred to: > >>> > >>> A) Create a service that polls LDAP every so often to check for new > >>>user > >>> creation. > >>> or > >>> B) Extend the login page to check LDAP after failing to find a user > >>>within > >>> the cloudstack database. On success of finding a user in LDAP a profile > >>> would automatically be created within the cloudstack database. > >>> > >>> Kind regards, > >>> Ian > >>> > > > > > > >
