Merge "Support multiple URLs for LDAP server"
This commit is contained in:
commit
8eacd48ede
|
@ -1942,3 +1942,16 @@ Connection pool configuration is part of the ``[ldap]`` configuration section:
|
||||||
# End user auth connection lifetime in seconds. (integer value)
|
# End user auth connection lifetime in seconds. (integer value)
|
||||||
auth_pool_connection_lifetime=60
|
auth_pool_connection_lifetime=60
|
||||||
|
|
||||||
|
Specifying Multiple LDAP servers
|
||||||
|
--------------------------------
|
||||||
|
|
||||||
|
Multiple LDAP server URLs can be provided to keystone to provide
|
||||||
|
high-availability support for a single LDAP backend. To specify multiple LDAP
|
||||||
|
servers, simply change the ``url`` option in the ``[ldap]`` section. The new
|
||||||
|
option should list the different servers, each separated by a comma. For
|
||||||
|
example:
|
||||||
|
|
||||||
|
.. code-block:: ini
|
||||||
|
|
||||||
|
[ldap]
|
||||||
|
url = "ldap://localhost,ldap://backup.localhost"
|
||||||
|
|
|
@ -570,7 +570,10 @@ FILE_OPTIONS = {
|
||||||
],
|
],
|
||||||
'ldap': [
|
'ldap': [
|
||||||
cfg.StrOpt('url', default='ldap://localhost',
|
cfg.StrOpt('url', default='ldap://localhost',
|
||||||
help='URL for connecting to the LDAP server.'),
|
help='URL(s) for connecting to the LDAP server. Multiple '
|
||||||
|
'ldap URLs may be specfied as a comma separated '
|
||||||
|
'string. The first URL to successfully bind is used '
|
||||||
|
'for the connection.'),
|
||||||
cfg.StrOpt('user',
|
cfg.StrOpt('user',
|
||||||
help='User BindDN to query the LDAP server.'),
|
help='User BindDN to query the LDAP server.'),
|
||||||
cfg.StrOpt('password', secret=True,
|
cfg.StrOpt('password', secret=True,
|
||||||
|
|
|
@ -286,6 +286,17 @@ class LDAPDeleteTreeTest(unit.TestCase):
|
||||||
conn.search_s, grandchild_dn, ldap.SCOPE_BASE)
|
conn.search_s, grandchild_dn, ldap.SCOPE_BASE)
|
||||||
|
|
||||||
|
|
||||||
|
class MultiURLTests(unit.TestCase):
|
||||||
|
"""Tests for setting multiple LDAP URLs."""
|
||||||
|
|
||||||
|
def test_multiple_urls_with_comma(self):
|
||||||
|
urls = 'ldap://localhost,ldap://backup.localhost'
|
||||||
|
self.config_fixture.config(group='ldap', url=urls)
|
||||||
|
base_ldap = ks_ldap.BaseLdap(CONF)
|
||||||
|
ldap_connection = base_ldap.get_connection()
|
||||||
|
self.assertEqual(urls, ldap_connection.conn.conn._uri)
|
||||||
|
|
||||||
|
|
||||||
class SslTlsTest(unit.TestCase):
|
class SslTlsTest(unit.TestCase):
|
||||||
"""Tests for the SSL/TLS functionality in keystone.common.ldap.core."""
|
"""Tests for the SSL/TLS functionality in keystone.common.ldap.core."""
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue