Author: trang_vu
Date: 2011-11-23 07:37:54 -0500 (Wed, 23 Nov 2011)
New Revision: 5234
Added:
core/branches/2.3.x/patch/2.3.11-GA/COR-237/
core/branches/2.3.x/patch/2.3.11-GA/COR-237/readme.txt
Removed:
core/branches/2.3.x/patch/2.3.10/COR-237/
Modified:
core/branches/2.3.x/exo.core.component.ldap/src/main/java/org/exoplatform/services/ldap/impl/LDAPServiceImpl.java
core/branches/2.3.x/exo.core.component.organization.ldap/src/main/java/org/exoplatform/services/organization/ldap/ADUserDAOImpl.java
core/branches/2.3.x/exo.core.component.organization.ldap/src/main/java/org/exoplatform/services/organization/ldap/MembershipDAOImpl.java
core/branches/2.3.x/exo.core.component.organization.ldap/src/main/java/org/exoplatform/services/organization/ldap/OrganizationLdapInitializer.java
Log:
COR-237: minConnection and maxConnection params in the ldap configuration are not used
Fix description
Use minConnection and maxConnection to set up com.sun.jndi.ldap.connect.pool.initsize and
com.sun.jndi.ldap.connect.pool.prefsize, precisely:
* com.sun.jndi.ldap.connect.pool.initsize and com.sun.jndi.ldap.connect.pool.prefsize
are set to minConnection if minConnection > 0
* com.sun.jndi.ldap.connect.pool.maxsize are set to maxConnection if maxConnection
> 0
Modified:
core/branches/2.3.x/exo.core.component.ldap/src/main/java/org/exoplatform/services/ldap/impl/LDAPServiceImpl.java
===================================================================
---
core/branches/2.3.x/exo.core.component.ldap/src/main/java/org/exoplatform/services/ldap/impl/LDAPServiceImpl.java 2011-11-23
12:32:33 UTC (rev 5233)
+++
core/branches/2.3.x/exo.core.component.ldap/src/main/java/org/exoplatform/services/ldap/impl/LDAPServiceImpl.java 2011-11-23
12:37:54 UTC (rev 5234)
@@ -83,9 +83,20 @@
env.put(Context.SECURITY_AUTHENTICATION, config.getAuthenticationType());
env.put(Context.SECURITY_PRINCIPAL, config.getRootDN());
env.put(Context.SECURITY_CREDENTIALS, config.getPassword());
- // TODO move it in configuration ?
+
env.put("com.sun.jndi.ldap.connect.timeout", "60000");
+ if (config.getMinConnection() > 0)
+ {
+ System.setProperty("com.sun.jndi.ldap.connect.pool.initsize",
Integer.toString(config.getMinConnection()));
+ System.setProperty("com.sun.jndi.ldap.connect.pool.prefsize",
Integer.toString(config.getMinConnection()));
+ }
+
+ if (config.getMaxConnection() > 0)
+ {
+ System.setProperty("com.sun.jndi.ldap.connect.pool.maxsize",
Integer.toString(config.getMaxConnection()));
+ }
+
env.put("com.sun.jndi.ldap.connect.pool", "true");
env.put("java.naming.ldap.version", config.getVerion());
env.put("java.naming.ldap.attributes.binary", "tokenGroups");
@@ -239,13 +250,19 @@
SearchControls constraints = new SearchControls();
constraints.setSearchScope(SearchControls.ONELEVEL_SCOPE);
NamingEnumeration<SearchResult> results = ctx.search(name,
"(objectclass=*)", constraints);
- while (results.hasMore())
+ try
{
- SearchResult sr = results.next();
- unbind(ctx, sr.getNameInNamespace());
+ while (results.hasMore())
+ {
+ SearchResult sr = results.next();
+ unbind(ctx, sr.getNameInNamespace());
+ }
+ // close search results enumeration
}
- // close search results enumeration
- results.close();
+ finally
+ {
+ results.close();
+ }
ctx.unbind(name);
}
Modified:
core/branches/2.3.x/exo.core.component.organization.ldap/src/main/java/org/exoplatform/services/organization/ldap/ADUserDAOImpl.java
===================================================================
---
core/branches/2.3.x/exo.core.component.organization.ldap/src/main/java/org/exoplatform/services/organization/ldap/ADUserDAOImpl.java 2011-11-23
12:32:33 UTC (rev 5233)
+++
core/branches/2.3.x/exo.core.component.organization.ldap/src/main/java/org/exoplatform/services/organization/ldap/ADUserDAOImpl.java 2011-11-23
12:37:54 UTC (rev 5234)
@@ -123,24 +123,24 @@
@Override
protected void saveUserPassword(User user, String userDN) throws Exception
{
- Object v =
ldapService.getLdapContext().getEnvironment().get(Context.SECURITY_PROTOCOL);
- if (v == null)
- return;
- String security = String.valueOf(v);
- if (!security.equalsIgnoreCase("ssl"))
- return;
- String newQuotedPassword = "\"" + user.getPassword() +
"\"";
- byte[] newUnicodePassword = newQuotedPassword.getBytes("UTF-16LE");
- ModificationItem[] mods = new ModificationItem[2];
- mods[0] =
- new ModificationItem(DirContext.REPLACE_ATTRIBUTE, new
BasicAttribute(ldapAttrMapping.userPassword,
- newUnicodePassword));
- mods[1] =
- new ModificationItem(DirContext.REPLACE_ATTRIBUTE, new
BasicAttribute("userAccountControl", Integer
- .toString(UF_NORMAL_ACCOUNT + UF_PASSWORD_EXPIRED)));
LdapContext ctx = ldapService.getLdapContext();
try
{
+ Object v = ctx.getEnvironment().get(Context.SECURITY_PROTOCOL);
+ if (v == null)
+ return;
+ String security = String.valueOf(v);
+ if (!security.equalsIgnoreCase("ssl"))
+ return;
+ String newQuotedPassword = "\"" + user.getPassword() +
"\"";
+ byte[] newUnicodePassword = newQuotedPassword.getBytes("UTF-16LE");
+ ModificationItem[] mods = new ModificationItem[2];
+ mods[0] =
+ new ModificationItem(DirContext.REPLACE_ATTRIBUTE, new
BasicAttribute(ldapAttrMapping.userPassword,
+ newUnicodePassword));
+ mods[1] =
+ new ModificationItem(DirContext.REPLACE_ATTRIBUTE, new
BasicAttribute("userAccountControl",
+ Integer.toString(UF_NORMAL_ACCOUNT + UF_PASSWORD_EXPIRED)));
for (int err = 0;; err++)
{
try
Modified:
core/branches/2.3.x/exo.core.component.organization.ldap/src/main/java/org/exoplatform/services/organization/ldap/MembershipDAOImpl.java
===================================================================
---
core/branches/2.3.x/exo.core.component.organization.ldap/src/main/java/org/exoplatform/services/organization/ldap/MembershipDAOImpl.java 2011-11-23
12:32:33 UTC (rev 5233)
+++
core/branches/2.3.x/exo.core.component.organization.ldap/src/main/java/org/exoplatform/services/organization/ldap/MembershipDAOImpl.java 2011-11-23
12:37:54 UTC (rev 5234)
@@ -401,15 +401,23 @@
+ ldapAttrMapping.membershipTypeMemberValue + "=" + userDN
+ "))";
NamingEnumeration<SearchResult> results =
findMembershipsInGroup(ctx, groupId, filter);
- if (results.hasMoreElements())
+ try
{
- // SearchResult sr = results.next();
- // if (haveUser(sr.getAttributes(), userDN)) {
- // membership = createMembershipObject(userName, groupId, type);
- // }
- membership = createMembershipObject(userName, groupId, type);
+ if (results.hasMoreElements())
+ {
+ // SearchResult sr = results.next();
+ // if (haveUser(sr.getAttributes(), userDN)) {
+ // membership = createMembershipObject(userName, groupId, type);
+ // }
+ membership = createMembershipObject(userName, groupId, type);
+ }
}
+ finally
+ {
+ results.close();
+ }
+
if (membership != null)
{
cacheHandler.put(cacheHandler.getMembershipKey(membership), membership,
CacheType.MEMBERSHIP);
Modified:
core/branches/2.3.x/exo.core.component.organization.ldap/src/main/java/org/exoplatform/services/organization/ldap/OrganizationLdapInitializer.java
===================================================================
---
core/branches/2.3.x/exo.core.component.organization.ldap/src/main/java/org/exoplatform/services/organization/ldap/OrganizationLdapInitializer.java 2011-11-23
12:32:33 UTC (rev 5233)
+++
core/branches/2.3.x/exo.core.component.organization.ldap/src/main/java/org/exoplatform/services/organization/ldap/OrganizationLdapInitializer.java 2011-11-23
12:37:54 UTC (rev 5234)
@@ -27,7 +27,10 @@
import java.util.regex.Matcher;
import java.util.regex.Pattern;
+import javax.naming.NamingEnumeration;
import javax.naming.directory.BasicAttributes;
+import javax.naming.directory.SearchControls;
+import javax.naming.directory.SearchResult;
import javax.naming.ldap.LdapContext;
/**
@@ -67,36 +70,57 @@
Matcher matcher = pattern.matcher(dn);
dn = matcher.replaceAll("=");
LdapContext context = baseHandler.ldapService.getLdapContext();
- String[] explodeDN = baseHandler.explodeDN(dn, false);
- if (explodeDN.length < 1)
- return;
- dn = explodeDN[explodeDN.length - 1];
- int i = explodeDN.length - 2;
- for (; i > -1; i--)
+ try
{
- if (!explodeDN[i].toLowerCase().startsWith("dc="))
- break;
- dn = explodeDN[i] + "," + dn;
+ String[] explodeDN = baseHandler.explodeDN(dn, false);
+ if (explodeDN.length < 1)
+ return;
+ dn = explodeDN[explodeDN.length - 1];
+ int i = explodeDN.length - 2;
+ for (; i > -1; i--)
+ {
+ if (!explodeDN[i].toLowerCase().startsWith("dc="))
+ break;
+ dn = explodeDN[i] + "," + dn;
+ }
+ createDN(dn, context);
+ for (; i > -1; i--)
+ {
+ dn = explodeDN[i] + "," + dn;
+ createDN(dn, context);
+ }
}
- createDN(dn, context);
- for (; i > -1; i--)
+ finally
{
- dn = explodeDN[i] + "," + dn;
- createDN(dn, context);
+ baseHandler.ldapService.release(context);
}
}
private void createDN(String dn, LdapContext context) throws Exception
{
+ NamingEnumeration<SearchResult> results = null;
try
{
- Object obj = context.lookupLink(dn);
- if (obj != null)
+ SearchControls control = new SearchControls();
+ control.setSearchScope(SearchControls.OBJECT_SCOPE);
+ results = context.search(dn, "(objectClass=*)", control);
+
+ if (results.hasMoreElements())
+ {
return;
+ }
}
catch (Exception exp)
{
}
+ finally
+ {
+ if (results != null)
+ {
+ results.close();
+ }
+ }
+
String nameValue = dn.substring(dn.indexOf("=") + 1,
dn.indexOf(","));
BasicAttributes attrs = new BasicAttributes();
if (dn.toLowerCase().startsWith("ou="))
@@ -139,33 +163,40 @@
LdapContext context = baseHandler.ldapService.getLdapContext();
- String[] edn = baseHandler.explodeDN(dn, false);
- String[] ebasedn = baseHandler.explodeDN(basedn, false);
+ try
+ {
+ String[] edn = baseHandler.explodeDN(dn, false);
+ String[] ebasedn = baseHandler.explodeDN(basedn, false);
- if (edn.length < 1)
- throw new IllegalArgumentException("Zerro DN length, [" + dn +
"]");
- if (ebasedn.length < 1)
- throw new IllegalArgumentException("Zerro Base DN length, [" + basedn
+ "]");
- if (edn.length < ebasedn.length)
- throw new IllegalArgumentException("DN length smaller Base DN [" + dn
+ " >= " + basedn + "]");
+ if (edn.length < 1)
+ throw new IllegalArgumentException("Zerro DN length, [" + dn +
"]");
+ if (ebasedn.length < 1)
+ throw new IllegalArgumentException("Zerro Base DN length, [" +
basedn + "]");
+ if (edn.length < ebasedn.length)
+ throw new IllegalArgumentException("DN length smaller Base DN [" +
dn + " >= " + basedn + "]");
- String rdn = basedn;
- for (int i = 1; i <= edn.length; i++)
- {
- // for (int i=edn.length - 1; i>=0; i--) {
- String n = edn[edn.length - i];
- if (i <= ebasedn.length)
+ String rdn = basedn;
+ for (int i = 1; i <= edn.length; i++)
{
- String bn = ebasedn[ebasedn.length - i];
- if (!n.equals(bn))
- throw new IllegalArgumentException("DN does not starts with Base DN
[" + dn + " != " + basedn + "]");
+ // for (int i=edn.length - 1; i>=0; i--) {
+ String n = edn[edn.length - i];
+ if (i <= ebasedn.length)
+ {
+ String bn = ebasedn[ebasedn.length - i];
+ if (!n.equals(bn))
+ throw new IllegalArgumentException("DN does not starts with Base
DN [" + dn + " != " + basedn + "]");
+ }
+ else
+ {
+ // create RDN elem
+ rdn = n + "," + rdn;
+ createDN(rdn, context);
+ }
}
- else
- {
- // create RDN elem
- rdn = n + "," + rdn;
- createDN(rdn, context);
- }
}
+ finally
+ {
+ baseHandler.ldapService.release(context);
+ }
}
}
Added: core/branches/2.3.x/patch/2.3.11-GA/COR-237/readme.txt
===================================================================
--- core/branches/2.3.x/patch/2.3.11-GA/COR-237/readme.txt (rev
0)
+++ core/branches/2.3.x/patch/2.3.11-GA/COR-237/readme.txt 2011-11-23 12:37:54 UTC (rev
5234)
@@ -0,0 +1,70 @@
+Summary
+
+ * Status: minConnection and maxConnection params in the ldap configuration are not
used
+ * CCP Issue: CCP-1032, Product Jira Issue: COR-237.
+ * Complexity: Low
+
+The Proposal
+Problem description
+
+What is the problem to fix?
+
+ * minConnection and maxConnection params in the ldap configuration are not used
+
+Fix description
+
+How is the problem fixed?
+Use minConnection and maxConnection to set up com.sun.jndi.ldap.connect.pool.initsize and
com.sun.jndi.ldap.connect.pool.prefsize, precisely:
+
+ * com.sun.jndi.ldap.connect.pool.initsize and com.sun.jndi.ldap.connect.pool.prefsize
are set to minConnection if minConnection > 0
+ * com.sun.jndi.ldap.connect.pool.maxsize are set to maxConnection if maxConnection
> 0
+
+Patch file: COR-237.patch
+
+Tests to perform
+
+Reproduction test
+
+ * org.exoplatform.services.ldap.impl.LDAPServiceImpl does not use minConnection and
maxConnection params to init the ldap connection pool (should be used for
com.sun.jndi.ldap.connect.pool.initsize and com.sun.jndi.ldap.connect.pool.maxsize env
params).
+
+Tests performed at DevLevel
+ * Manual testing PLF 3.0.5 with configured LDAPOrganizationService
+
+Tests performed at QA/Support Level
+*
+
+Documentation changes
+
+Documentation changes:
+ * No
+
+Configuration changes
+
+Configuration changes:
+ * No
+
+Will previous configuration continue to work?
+ * Yes
+
+Risks and impacts
+
+Can this bug fix have any side effects on current client projects?
+
+ * No
+
+Is there a performance risk/cost?
+ * No
+
+Validation (PM/Support/QA)
+
+PM Comment
+
+ * Patch approved.
+
+Support Comment
+
+ * Patch validated by QA on behalf of Support.
+
+QA Feedbacks
+* Patch validated
+