Ian, we figured it out. Abhi is able to see it.
thanks On May 6, 2013, at 9:58 AM, Ian Duffy <i...@ianduffy.ie> wrote: > Hi Abhinandan, > > It should be there. I have it marked as public so the following link should > work as well: > > https://google-melange.appspot.com/gsoc/proposal/review/google/gsoc2013/imduffy15/1 > > Thanks! > Ian > > On 6 May 2013 12:32, Abhinandan Prateek <agneya2...@hotmail.com> wrote: > >> I am unable to see the proposal in melange website. Am I missing something >> ? >> >> -abhi >> >> On 04/05/13 6:56 PM, "Sebastien Goasguen" <run...@gmail.com> wrote: >> >>> Ian thanks a lot for your proposal and submission. >>> >>> This project has been proposed by Abhinandan Prateek, so I am copying him >>> in this email so he can comment. >>> >>> @Abhi, you need to access the google melange site and find Ian's proposal >>> >>> -Sebastien >>> >>> On May 3, 2013, at 12:40 PM, Ian Duffy <i...@ianduffy.ie> wrote: >>> >>>> Hi, >>>> >>>> Sorry just noticed that the attachment appeared to have got stripped, >>>> here >>>> is the contents of the PDF. Alternatively I have uploaded it here: >>>> http://ianduffy.ie/Cloudstack-LDAP.pdf >>>> >>>> *Apache Cloudstack Google Summer of Code Project: LDAP user >>>> provisioning* >>>> >>>> >>>> Need to automate the way the LDAP users are provisioned into cloud >>>> stack. >>>> This will mean better integration with a LDAP server, ability to import >>>> users and a way to define how the LDAP user maps to the cloudstack >>>> users. >>>> >>>> >>>> Abstract >>>> >>>> >>>> >>>> The aim of this project is to provide an easier mechanism to provision >>>> users from LDAP into cloudstack. Currently cloudstack provides >>>> authentication LDAP authentication. In this authentication users must >>>> be >>>> first setup in cloudstack. Once the user is setup in cloudstack they >>>> can >>>> authenticate using their ldap username and password. >>>> >>>> >>>> >>>> This feature aims to extend the current functionality to make user setup >>>> align with LDAP group. >>>> >>>> >>>> Deliverables >>>> >>>> ñ Service that retrieves a list of ldap users from the configured group >>>> >>>> ñ Extension of cloudstack UI ³Add User² screen to offer user list from >>>> LDAP >>>> >>>> ñ Add service for saving new user with details from LDAP >>>> >>>> ñ BDD unit and acceptance automated testing >>>> >>>> ñ Document change details >>>> >>>> >>>> Quantifiable results >>>> >>>> >>>> Given A need to add new user to cloudstack and LDAP is setup >>>> >>>> When >>>> >>>> You open the ³Add User² screen >>>> >>>> Then >>>> >>>> A table of users appears for the current list of users (not already >>>> created >>>> on cloudstack) from the LDAP group displaying their a checkbox, >>>> username, >>>> name and email address. The timezone dropdown will still be available >>>> beside each user. >>>> Given A need to add new user to cloudstack and LDAP is not setup >>>> >>>> When >>>> >>>> You open the ³Add User² screen >>>> >>>> Then >>>> >>>> The current add user screen and functionality is provided >>>> Given A need to add new user to cloudstack and LDAP is setup >>>> >>>> When >>>> >>>> You open the ³Add User² screen and mandatory information is missing >>>> >>>> Then >>>> >>>> These fields will be editable to enable you populate the name or email >>>> address >>>> >>>> >>>> Given A need to add new user to cloudstack, LDAP is setup but user is >>>> in >>>> the ldap query group >>>> >>>> When >>>> >>>> You open the ³Add User² screen >>>> >>>> Then >>>> >>>> There is a list of LDAP users displayed but your current user is >>>> present in >>>> the list >>>> Given A need to add new user to cloudstack, LDAP is setup but user >>>> is >>>> not in the query group >>>> >>>> When >>>> >>>> You open the ³Add User² screen >>>> >>>> Then >>>> >>>> There is a list of LDAP users displayed but your current user is not in >>>> the >>>> list >>>> Given You need to add group of new users to cloudstack >>>> >>>> When >>>> >>>> You open the ³Add User² screen, select the users and hit save >>>> >>>> Then >>>> >>>> The list of new users are saved to the database >>>> >>>> >>>> Given You need to add group of new users to cloudstack >>>> >>>> When >>>> >>>> You open the ³Add User² screen, select the users and hit save >>>> >>>> Then >>>> >>>> The list of new users are saved to the database >>>> >>>> >>>> Given You have created a new LDAP user on cloudstack >>>> >>>> When >>>> >>>> The user authenticates against cloudstack with the right credentials >>>> >>>> Then >>>> >>>> They are authorised in cloudstack >>>> Given A user wants to edit an LDAP user >>>> >>>> When >>>> >>>> They open the Edit User screen >>>> >>>> Then >>>> >>>> The password fields are disabled and cannot be changed >>>> The design document *Ldap User List Service* >>>> >>>> >>>> >>>> *name*: ldapUserList >>>> >>>> *responseObject*: LDAPUserResponse {username, email, name} >>>> >>>> *parameter*: listType:enum {NEW, EXISTING, ALL} (Default to ALL if no >>>> option provided) >>>> >>>> >>>> >>>> Create a new API service call for retreiving the list of users from >>>> LDAP. >>>> This will call a new ConfigurationService which will retrieve the list >>>> of >>>> users using the configured search base and the query filter. The list >>>> may >>>> be filtered in the ConfigurationService based on listType parameter. >>>> >>>> >>>> >>>> *Ldap Available Service* >>>> >>>> >>>> >>>> *name*: ldapAvailable >>>> >>>> *responseObject*: LDAPAvailableResponse {available:boolean} >>>> >>>> >>>> >>>> Create a new API service call verifying LDAP is setup correctly >>>> verifying >>>> the following configuration elements are all set: >>>> >>>> ñ ldap.hostname >>>> >>>> ñ ldap.port >>>> >>>> ñ ldap.usessl >>>> >>>> ñ ldap.queryfilter >>>> >>>> ñ ldap.searchbase >>>> >>>> ñ ldap.dn >>>> >>>> ñ ldap.password >>>> >>>> >>>> >>>> The verification that all of these are set will return an available >>>> boolean >>>> true. If required this could perform a status check against LDAP first >>>> and >>>> provide warning if it fails. >>>> >>>> >>>> *Ldap Save Users Service* >>>> >>>> >>>> >>>> *name*: ldapSaveUsers >>>> >>>> *responseObject*: LDAPSaveUsersResponse {list<UserResponse>} >>>> >>>> *parameter*: list of users >>>> >>>> >>>> >>>> Saves the list of objects instead. Following the functionality in >>>> CreateUserCmd it will >>>> >>>> ñ Create the user via the account service >>>> >>>> ñ Handle the response >>>> >>>> >>>> >>>> It will be decided whether a transation should remain over whole save or >>>> only over individual users. A list of UserResponse will be returned. >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> *Extension of cloudstack UI ³Add User² screen * >>>> >>>> >>>> >>>> Extend account.js to enable it add a user list with editable fields >>>> where >>>> required. The new ³Add User² screen for LDAP setup. >>>> >>>> ñ This will make an ajax call to the ldapAvailable, ldapUserList and >>>> ldapSaveUsers services >>>> >>>> ñ Validation will be maintained on username, email, firstname and >>>> lastname >>>> >>>> >>>> >>>> *Extension of cloudstack UI ³Edit User² screen * >>>> >>>> >>>> >>>> Extend account.js to disable the password fields on the edit user >>>> screen if >>>> LDAP available. >>>> >>>> ñ This will make an ajax call to the ldapAvailable and updateUser >>>> services >>>> >>>> ñ Validation will be maintained on username, email, firstname and >>>> lastname. Additional server validation will ensure password has not >>>> changed. >>>> >>>> >>>> >>>> >>>> Approach >>>> >>>> >>>> >>>> To get started a development cloudstack environment with DevCloud used >>>> to >>>> verify changes. Then once the schedule agreed with the mentor the >>>> deliverables will be broken into smaller User stories with expected >>>> delivery dates set. The development cycle will focus on BDD enforcing >>>> all >>>> unit and acceptance tests written first. >>>> >>>> >>>> >>>> A build pipe line for continious delivery environment around cloudstack >>>> here will be created, the following stages will be adopted >>>> >>>> >>>> >>>> *Stage* >>>> >>>> *Action* >>>> >>>> Commit >>>> >>>> Runs unit tests >>>> >>>> Sonar >>>> >>>> Runs code quality metrics >>>> >>>> Acceptance >>>> >>>> Deploys the dev cloud and runs all acceptance tests >>>> >>>> Deployment >>>> >>>> Deploy a new management server using Chef >>>> >>>> >>>> >>>> >>>> About Me >>>> >>>> >>>> >>>> I am a Computer Science Student at Dublin City University in Ireland. I >>>> have interests in virtualization, automation, information systems, >>>> networking and web development. >>>> >>>> >>>> >>>> I was involved with a project in a K-12(educational) environment of >>>> moving >>>> their server systems over to a virtualized environment on ESXi. I have >>>> good knowledge of programming in Java, PHP and Scripting langages. >>>> During >>>> the configuration of an automation system for OS deployment I >>>> experienced >>>> some exposure to scripting in powershell, batch, vbs and bash and >>>> configuration of PXE images based of WinPE and Debian. >>>> >>>> Additionally I am also a mentor in an opensource teaching movement >>>> called >>>> CoderDojo, we teach kids from the age of 8 everything from web page, >>>> HTML 5 >>>> game and raspberry pi development. >>>> >>>> >>>> >>>> I¹m excited at the opportunity and learning experience that cloudstack >>>> are >>>> offering with this project. >>>> >>>> >>>> References >>>> >>>> >>>> >>>> ñ https://cwiki.apache.org/CLOUDSTACK/development-101.html >>>> >>>> ñ >>>> >>>> >> http://cloudstack.apache.org/docs/en-US/Apache_CloudStack/4.0.2/html/Admi >>>> n_Guide/ >>>> >>>> ñ >>>> >>>> >> http://cloudstack.apache.org/docs/en-US/Apache_CloudStack/4.0.2/html/API_ >>>> Developers_Guide/index.html >>>> >>>> ñ https://issues.apache.org/jira/browse/CLOUDSTACK-2014 >>>> >>>> ñ >>>> >>>> >> http://www.slideshare.net/sebastiengoasguen/apache-cloudstack-google-summ >>>> er-of-code >>>> >>>> ñ >>>> >>>> >> http://kirkjantzer.blogspot.co.uk/2013/03/ldap-authentication-in-cloudsta >>>> ck-v401.html >>>> >>>> ñ http://www.ldapguru.info/ldap/ldap-search-best-practices.html >>>> >>>> ñ >>>> >> http://docs.oracle.com/javase/6/docs/technotes/guides/jndi/jndi-ldap.html >>>> >>>> >>>> >>>> >>>> >>>> >>>> On 3 May 2013 17:35, Ian Duffy <i...@ianduffy.ie> wrote: >>>> >>>>> Hi, >>>>> >>>>> I was wondering If I could get some feedback on the attached file >>>>> labeled >>>>> "Cloudstack-LDAP.pdf". It outlines a design document for the project >>>>> labeled "LDAP user provisioning" >>>>> >>>>> From my current understanding of the single sign on mechanism >>>>> implemented >>>>> in cloudstack a LDAP user must be created manually within the >>>>> cloudstack >>>>> database. Would it be preferred to: >>>>> >>>>> A) Create a service that polls LDAP every so often to check for new >>>>> user >>>>> creation. >>>>> or >>>>> B) Extend the login page to check LDAP after failing to find a user >>>>> within >>>>> the cloudstack database. On success of finding a user in LDAP a profile >>>>> would automatically be created within the cloudstack database. >>>>> >>>>> Kind regards, >>>>> Ian >>>>> >>> >>> >> >> >>
