Author: trang_vu Date: 2011-11-23 07:37:54 -0500 (Wed, 23 Nov 2011) New Revision: 5234 Added: core/branches/2.3.x/patch/2.3.11-GA/COR-237/ core/branches/2.3.x/patch/2.3.11-GA/COR-237/readme.txt Removed: core/branches/2.3.x/patch/2.3.10/COR-237/ Modified: core/branches/2.3.x/exo.core.component.ldap/src/main/java/org/exoplatform/services/ldap/impl/LDAPServiceImpl.java core/branches/2.3.x/exo.core.component.organization.ldap/src/main/java/org/exoplatform/services/organization/ldap/ADUserDAOImpl.java core/branches/2.3.x/exo.core.component.organization.ldap/src/main/java/org/exoplatform/services/organization/ldap/MembershipDAOImpl.java core/branches/2.3.x/exo.core.component.organization.ldap/src/main/java/org/exoplatform/services/organization/ldap/OrganizationLdapInitializer.java Log: COR-237: minConnection and maxConnection params in the ldap configuration are not used Fix description Use minConnection and maxConnection to set up com.sun.jndi.ldap.connect.pool.initsize and com.sun.jndi.ldap.connect.pool.prefsize, precisely: * com.sun.jndi.ldap.connect.pool.initsize and com.sun.jndi.ldap.connect.pool.prefsize are set to minConnection if minConnection > 0 * com.sun.jndi.ldap.connect.pool.maxsize are set to maxConnection if maxConnection > 0 Modified: core/branches/2.3.x/exo.core.component.ldap/src/main/java/org/exoplatform/services/ldap/impl/LDAPServiceImpl.java =================================================================== --- core/branches/2.3.x/exo.core.component.ldap/src/main/java/org/exoplatform/services/ldap/impl/LDAPServiceImpl.java 2011-11-23 12:32:33 UTC (rev 5233) +++ core/branches/2.3.x/exo.core.component.ldap/src/main/java/org/exoplatform/services/ldap/impl/LDAPServiceImpl.java 2011-11-23 12:37:54 UTC (rev 5234) @@ -83,9 +83,20 @@ env.put(Context.SECURITY_AUTHENTICATION, config.getAuthenticationType()); env.put(Context.SECURITY_PRINCIPAL, config.getRootDN()); env.put(Context.SECURITY_CREDENTIALS, config.getPassword()); - // TODO move it in configuration ? + env.put("com.sun.jndi.ldap.connect.timeout", "60000"); + if (config.getMinConnection() > 0) + { + System.setProperty("com.sun.jndi.ldap.connect.pool.initsize", Integer.toString(config.getMinConnection())); + System.setProperty("com.sun.jndi.ldap.connect.pool.prefsize", Integer.toString(config.getMinConnection())); + } + + if (config.getMaxConnection() > 0) + { + System.setProperty("com.sun.jndi.ldap.connect.pool.maxsize", Integer.toString(config.getMaxConnection())); + } + env.put("com.sun.jndi.ldap.connect.pool", "true"); env.put("java.naming.ldap.version", config.getVerion()); env.put("java.naming.ldap.attributes.binary", "tokenGroups"); @@ -239,13 +250,19 @@ SearchControls constraints = new SearchControls(); constraints.setSearchScope(SearchControls.ONELEVEL_SCOPE); NamingEnumeration<SearchResult> results = ctx.search(name, "(objectclass=*)", constraints); - while (results.hasMore()) + try { - SearchResult sr = results.next(); - unbind(ctx, sr.getNameInNamespace()); + while (results.hasMore()) + { + SearchResult sr = results.next(); + unbind(ctx, sr.getNameInNamespace()); + } + // close search results enumeration } - // close search results enumeration - results.close(); + finally + { + results.close(); + } ctx.unbind(name); } Modified: core/branches/2.3.x/exo.core.component.organization.ldap/src/main/java/org/exoplatform/services/organization/ldap/ADUserDAOImpl.java =================================================================== --- core/branches/2.3.x/exo.core.component.organization.ldap/src/main/java/org/exoplatform/services/organization/ldap/ADUserDAOImpl.java 2011-11-23 12:32:33 UTC (rev 5233) +++ core/branches/2.3.x/exo.core.component.organization.ldap/src/main/java/org/exoplatform/services/organization/ldap/ADUserDAOImpl.java 2011-11-23 12:37:54 UTC (rev 5234) @@ -123,24 +123,24 @@ @Override protected void saveUserPassword(User user, String userDN) throws Exception { - Object v = ldapService.getLdapContext().getEnvironment().get(Context.SECURITY_PROTOCOL); - if (v == null) - return; - String security = String.valueOf(v); - if (!security.equalsIgnoreCase("ssl")) - return; - String newQuotedPassword = "\"" + user.getPassword() + "\""; - byte[] newUnicodePassword = newQuotedPassword.getBytes("UTF-16LE"); - ModificationItem[] mods = new ModificationItem[2]; - mods[0] = - new ModificationItem(DirContext.REPLACE_ATTRIBUTE, new BasicAttribute(ldapAttrMapping.userPassword, - newUnicodePassword)); - mods[1] = - new ModificationItem(DirContext.REPLACE_ATTRIBUTE, new BasicAttribute("userAccountControl", Integer - .toString(UF_NORMAL_ACCOUNT + UF_PASSWORD_EXPIRED))); LdapContext ctx = ldapService.getLdapContext(); try { + Object v = ctx.getEnvironment().get(Context.SECURITY_PROTOCOL); + if (v == null) + return; + String security = String.valueOf(v); + if (!security.equalsIgnoreCase("ssl")) + return; + String newQuotedPassword = "\"" + user.getPassword() + "\""; + byte[] newUnicodePassword = newQuotedPassword.getBytes("UTF-16LE"); + ModificationItem[] mods = new ModificationItem[2]; + mods[0] = + new ModificationItem(DirContext.REPLACE_ATTRIBUTE, new BasicAttribute(ldapAttrMapping.userPassword, + newUnicodePassword)); + mods[1] = + new ModificationItem(DirContext.REPLACE_ATTRIBUTE, new BasicAttribute("userAccountControl", + Integer.toString(UF_NORMAL_ACCOUNT + UF_PASSWORD_EXPIRED))); for (int err = 0;; err++) { try Modified: core/branches/2.3.x/exo.core.component.organization.ldap/src/main/java/org/exoplatform/services/organization/ldap/MembershipDAOImpl.java =================================================================== --- core/branches/2.3.x/exo.core.component.organization.ldap/src/main/java/org/exoplatform/services/organization/ldap/MembershipDAOImpl.java 2011-11-23 12:32:33 UTC (rev 5233) +++ core/branches/2.3.x/exo.core.component.organization.ldap/src/main/java/org/exoplatform/services/organization/ldap/MembershipDAOImpl.java 2011-11-23 12:37:54 UTC (rev 5234) @@ -401,15 +401,23 @@ + ldapAttrMapping.membershipTypeMemberValue + "=" + userDN + "))"; NamingEnumeration<SearchResult> results = findMembershipsInGroup(ctx, groupId, filter); - if (results.hasMoreElements()) + try { - // SearchResult sr = results.next(); - // if (haveUser(sr.getAttributes(), userDN)) { - // membership = createMembershipObject(userName, groupId, type); - // } - membership = createMembershipObject(userName, groupId, type); + if (results.hasMoreElements()) + { + // SearchResult sr = results.next(); + // if (haveUser(sr.getAttributes(), userDN)) { + // membership = createMembershipObject(userName, groupId, type); + // } + membership = createMembershipObject(userName, groupId, type); + } } + finally + { + results.close(); + } + if (membership != null) { cacheHandler.put(cacheHandler.getMembershipKey(membership), membership, CacheType.MEMBERSHIP); Modified: core/branches/2.3.x/exo.core.component.organization.ldap/src/main/java/org/exoplatform/services/organization/ldap/OrganizationLdapInitializer.java =================================================================== --- core/branches/2.3.x/exo.core.component.organization.ldap/src/main/java/org/exoplatform/services/organization/ldap/OrganizationLdapInitializer.java 2011-11-23 12:32:33 UTC (rev 5233) +++ core/branches/2.3.x/exo.core.component.organization.ldap/src/main/java/org/exoplatform/services/organization/ldap/OrganizationLdapInitializer.java 2011-11-23 12:37:54 UTC (rev 5234) @@ -27,7 +27,10 @@ import java.util.regex.Matcher; import java.util.regex.Pattern; +import javax.naming.NamingEnumeration; import javax.naming.directory.BasicAttributes; +import javax.naming.directory.SearchControls; +import javax.naming.directory.SearchResult; import javax.naming.ldap.LdapContext; /** @@ -67,36 +70,57 @@ Matcher matcher = pattern.matcher(dn); dn = matcher.replaceAll("="); LdapContext context = baseHandler.ldapService.getLdapContext(); - String[] explodeDN = baseHandler.explodeDN(dn, false); - if (explodeDN.length < 1) - return; - dn = explodeDN[explodeDN.length - 1]; - int i = explodeDN.length - 2; - for (; i > -1; i--) + try { - if (!explodeDN[i].toLowerCase().startsWith("dc=")) - break; - dn = explodeDN[i] + "," + dn; + String[] explodeDN = baseHandler.explodeDN(dn, false); + if (explodeDN.length < 1) + return; + dn = explodeDN[explodeDN.length - 1]; + int i = explodeDN.length - 2; + for (; i > -1; i--) + { + if (!explodeDN[i].toLowerCase().startsWith("dc=")) + break; + dn = explodeDN[i] + "," + dn; + } + createDN(dn, context); + for (; i > -1; i--) + { + dn = explodeDN[i] + "," + dn; + createDN(dn, context); + } } - createDN(dn, context); - for (; i > -1; i--) + finally { - dn = explodeDN[i] + "," + dn; - createDN(dn, context); + baseHandler.ldapService.release(context); } } private void createDN(String dn, LdapContext context) throws Exception { + NamingEnumeration<SearchResult> results = null; try { - Object obj = context.lookupLink(dn); - if (obj != null) + SearchControls control = new SearchControls(); + control.setSearchScope(SearchControls.OBJECT_SCOPE); + results = context.search(dn, "(objectClass=*)", control); + + if (results.hasMoreElements()) + { return; + } } catch (Exception exp) { } + finally + { + if (results != null) + { + results.close(); + } + } + String nameValue = dn.substring(dn.indexOf("=") + 1, dn.indexOf(",")); BasicAttributes attrs = new BasicAttributes(); if (dn.toLowerCase().startsWith("ou=")) @@ -139,33 +163,40 @@ LdapContext context = baseHandler.ldapService.getLdapContext(); - String[] edn = baseHandler.explodeDN(dn, false); - String[] ebasedn = baseHandler.explodeDN(basedn, false); + try + { + String[] edn = baseHandler.explodeDN(dn, false); + String[] ebasedn = baseHandler.explodeDN(basedn, false); - if (edn.length < 1) - throw new IllegalArgumentException("Zerro DN length, [" + dn + "]"); - if (ebasedn.length < 1) - throw new IllegalArgumentException("Zerro Base DN length, [" + basedn + "]"); - if (edn.length < ebasedn.length) - throw new IllegalArgumentException("DN length smaller Base DN [" + dn + " >= " + basedn + "]"); + if (edn.length < 1) + throw new IllegalArgumentException("Zerro DN length, [" + dn + "]"); + if (ebasedn.length < 1) + throw new IllegalArgumentException("Zerro Base DN length, [" + basedn + "]"); + if (edn.length < ebasedn.length) + throw new IllegalArgumentException("DN length smaller Base DN [" + dn + " >= " + basedn + "]"); - String rdn = basedn; - for (int i = 1; i <= edn.length; i++) - { - // for (int i=edn.length - 1; i>=0; i--) { - String n = edn[edn.length - i]; - if (i <= ebasedn.length) + String rdn = basedn; + for (int i = 1; i <= edn.length; i++) { - String bn = ebasedn[ebasedn.length - i]; - if (!n.equals(bn)) - throw new IllegalArgumentException("DN does not starts with Base DN [" + dn + " != " + basedn + "]"); + // for (int i=edn.length - 1; i>=0; i--) { + String n = edn[edn.length - i]; + if (i <= ebasedn.length) + { + String bn = ebasedn[ebasedn.length - i]; + if (!n.equals(bn)) + throw new IllegalArgumentException("DN does not starts with Base DN [" + dn + " != " + basedn + "]"); + } + else + { + // create RDN elem + rdn = n + "," + rdn; + createDN(rdn, context); + } } - else - { - // create RDN elem - rdn = n + "," + rdn; - createDN(rdn, context); - } } + finally + { + baseHandler.ldapService.release(context); + } } } Added: core/branches/2.3.x/patch/2.3.11-GA/COR-237/readme.txt =================================================================== --- core/branches/2.3.x/patch/2.3.11-GA/COR-237/readme.txt (rev 0) +++ core/branches/2.3.x/patch/2.3.11-GA/COR-237/readme.txt 2011-11-23 12:37:54 UTC (rev 5234) @@ -0,0 +1,70 @@ +Summary + + * Status: minConnection and maxConnection params in the ldap configuration are not used + * CCP Issue: CCP-1032, Product Jira Issue: COR-237. + * Complexity: Low + +The Proposal +Problem description + +What is the problem to fix? + + * minConnection and maxConnection params in the ldap configuration are not used + +Fix description + +How is the problem fixed? +Use minConnection and maxConnection to set up com.sun.jndi.ldap.connect.pool.initsize and com.sun.jndi.ldap.connect.pool.prefsize, precisely: + + * com.sun.jndi.ldap.connect.pool.initsize and com.sun.jndi.ldap.connect.pool.prefsize are set to minConnection if minConnection > 0 + * com.sun.jndi.ldap.connect.pool.maxsize are set to maxConnection if maxConnection > 0 + +Patch file: COR-237.patch + +Tests to perform + +Reproduction test + + * org.exoplatform.services.ldap.impl.LDAPServiceImpl does not use minConnection and maxConnection params to init the ldap connection pool (should be used for com.sun.jndi.ldap.connect.pool.initsize and com.sun.jndi.ldap.connect.pool.maxsize env params). + +Tests performed at DevLevel + * Manual testing PLF 3.0.5 with configured LDAPOrganizationService + +Tests performed at QA/Support Level +* + +Documentation changes + +Documentation changes: + * No + +Configuration changes + +Configuration changes: + * No + +Will previous configuration continue to work? + * Yes + +Risks and impacts + +Can this bug fix have any side effects on current client projects? + + * No + +Is there a performance risk/cost? + * No + +Validation (PM/Support/QA) + +PM Comment + + * Patch approved. + +Support Comment + + * Patch validated by QA on behalf of Support. + +QA Feedbacks +* Patch validated +