JBoss Portal SVN: r13933 - modules/identity/branches.
by portal-commits@lists.jboss.org
Author: mputz
Date: 2010-05-10 09:32:25 -0400 (Mon, 10 May 2010)
New Revision: 13933
Added:
modules/identity/branches/JBP_IDENTITY_BRANCH_1_1_JBEPP-351/
Log:
Patch branch for JBEPP-351: Leaks in LDAP connection pooling
Copied: modules/identity/branches/JBP_IDENTITY_BRANCH_1_1_JBEPP-351 (from rev 13932, modules/identity/branches/JBP_IDENTITY_BRANCH_1_1)
14 years
JBoss Portal SVN: r13932 - modules/identity/branches/JBP_IDENTITY_BRANCH_1_1/identity/src/main/java/org/jboss/portal/identity/ldap.
by portal-commits@lists.jboss.org
Author: bdaw
Date: 2010-05-06 04:36:23 -0400 (Thu, 06 May 2010)
New Revision: 13932
Modified:
modules/identity/branches/JBP_IDENTITY_BRANCH_1_1/identity/src/main/java/org/jboss/portal/identity/ldap/LDAPExtRoleModuleImpl.java
modules/identity/branches/JBP_IDENTITY_BRANCH_1_1/identity/src/main/java/org/jboss/portal/identity/ldap/LDAPRoleModuleImpl.java
modules/identity/branches/JBP_IDENTITY_BRANCH_1_1/identity/src/main/java/org/jboss/portal/identity/ldap/LDAPStaticGroupMembershipModuleImpl.java
modules/identity/branches/JBP_IDENTITY_BRANCH_1_1/identity/src/main/java/org/jboss/portal/identity/ldap/LDAPStaticRoleMembershipModuleImpl.java
modules/identity/branches/JBP_IDENTITY_BRANCH_1_1/identity/src/main/java/org/jboss/portal/identity/ldap/LDAPUserModuleImpl.java
Log:
JBPORTAL-2476 - Fix leaks in JNDI connection pooling
Modified: modules/identity/branches/JBP_IDENTITY_BRANCH_1_1/identity/src/main/java/org/jboss/portal/identity/ldap/LDAPExtRoleModuleImpl.java
===================================================================
--- modules/identity/branches/JBP_IDENTITY_BRANCH_1_1/identity/src/main/java/org/jboss/portal/identity/ldap/LDAPExtRoleModuleImpl.java 2010-04-27 02:59:17 UTC (rev 13931)
+++ modules/identity/branches/JBP_IDENTITY_BRANCH_1_1/identity/src/main/java/org/jboss/portal/identity/ldap/LDAPExtRoleModuleImpl.java 2010-05-06 08:36:23 UTC (rev 13932)
@@ -79,7 +79,9 @@
}
SearchResult res = (SearchResult)sr.iterator().next();
DirContext ctx = (DirContext)res.getObject();
- return createRoleInstance(res.getAttributes(),ctx.getNameInNamespace());
+ Role role = createRoleInstance(res.getAttributes(),ctx.getNameInNamespace());
+ ctx.close();
+ return role;
}
catch (NoSuchElementException e)
@@ -126,6 +128,7 @@
SearchResult res = (SearchResult)iterator.next();
DirContext ctx = (DirContext)res.getObject();
roles.add(createRoleInstance(res.getAttributes(),ctx.getNameInNamespace()));
+ ctx.close();
}
}
catch (Exception e)
@@ -191,6 +194,7 @@
SearchResult res = (SearchResult)iter.next();
DirContext ctx = (DirContext)res.getObject();
rf.add(createRoleInstance(res.getAttributes(),ctx.getNameInNamespace()));
+ ctx.close();
}
}
catch (NoSuchElementException e)
Modified: modules/identity/branches/JBP_IDENTITY_BRANCH_1_1/identity/src/main/java/org/jboss/portal/identity/ldap/LDAPRoleModuleImpl.java
===================================================================
--- modules/identity/branches/JBP_IDENTITY_BRANCH_1_1/identity/src/main/java/org/jboss/portal/identity/ldap/LDAPRoleModuleImpl.java 2010-04-27 02:59:17 UTC (rev 13931)
+++ modules/identity/branches/JBP_IDENTITY_BRANCH_1_1/identity/src/main/java/org/jboss/portal/identity/ldap/LDAPRoleModuleImpl.java 2010-05-06 08:36:23 UTC (rev 13932)
@@ -55,6 +55,9 @@
public Role findRoleByName(String name) throws IdentityException, IllegalArgumentException
{
+
+ DirContext ctx = null;
+
try
{
log.debug("findRoleByName(): name = " + name);
@@ -79,8 +82,9 @@
throw new IdentityException("No such role " + name);
}
SearchResult res = (SearchResult)sr.iterator().next();
- DirContext ctx = (DirContext)res.getObject();
- return createRoleInstance(res.getAttributes(),ctx.getNameInNamespace());
+ ctx = (DirContext)res.getObject();
+ Role role = createRoleInstance(res.getAttributes(),ctx.getNameInNamespace());
+ return role;
}
catch (NoSuchElementException e)
@@ -91,6 +95,20 @@
{
throw new IdentityException("Role search failed.", e);
}
+ finally
+ {
+ if (ctx != null)
+ {
+ try
+ {
+ ctx.close();
+ }
+ catch (NamingException e)
+ {
+ throw new IdentityException("Failed to close LDAP connection", e);
+ }
+ }
+ }
throw new IdentityException("No role found with name: " + name);
}
@@ -124,6 +142,7 @@
SearchResult res = (SearchResult)iterator.next();
DirContext ctx = (DirContext)res.getObject();
roles.add(createRoleInstance(res.getAttributes(),ctx.getNameInNamespace()));
+ ctx.close();
}
}
catch (Exception e)
@@ -162,10 +181,12 @@
LdapContext ldapContext = getConnectionContext().createInitialContext();
+ LdapContext ctx = null;
+
try
{
//
- LdapContext ctx = (LdapContext)ldapContext.lookup(getContainerDN());
+ ctx = (LdapContext)ldapContext.lookup(getContainerDN());
//We store new entry using set of attributes. This should give more flexibility then
//extending user object from ContextDir - configure what objectClass place there
@@ -215,6 +236,7 @@
try
{
ldapContext.close();
+ ctx.close();
}
catch (NamingException e)
{
@@ -310,6 +332,7 @@
SearchResult res = (SearchResult)iter.next();
DirContext ctx = (DirContext)res.getObject();
rf.add(createRoleInstance(res.getAttributes(),ctx.getNameInNamespace()));
+ ctx.close();
}
}
catch (NoSuchElementException e)
Modified: modules/identity/branches/JBP_IDENTITY_BRANCH_1_1/identity/src/main/java/org/jboss/portal/identity/ldap/LDAPStaticGroupMembershipModuleImpl.java
===================================================================
--- modules/identity/branches/JBP_IDENTITY_BRANCH_1_1/identity/src/main/java/org/jboss/portal/identity/ldap/LDAPStaticGroupMembershipModuleImpl.java 2010-04-27 02:59:17 UTC (rev 13931)
+++ modules/identity/branches/JBP_IDENTITY_BRANCH_1_1/identity/src/main/java/org/jboss/portal/identity/ldap/LDAPStaticGroupMembershipModuleImpl.java 2010-05-06 08:36:23 UTC (rev 13932)
@@ -113,7 +113,8 @@
{
SearchResult res = (SearchResult)iterator.next();
DirContext ctx = (DirContext)res.getObject();
- roles.add(getRoleModule().createRoleInstance(res.getAttributes(),ctx.getNameInNamespace()));
+ roles.add(getRoleModule().createRoleInstance(res.getAttributes(),ctx.getNameInNamespace()));
+ ctx.close();
}
@@ -414,6 +415,8 @@
SearchResult res = (SearchResult)iterator.next();
DirContext ctx = (DirContext)res.getObject();
String roleDN = ctx.getNameInNamespace();
+ ctx.close();
+
//if role is one which we want to add
if (roleDNsToAdd.contains(roleDN))
{
@@ -424,8 +427,17 @@
//if it's not on the list we need to remove user from it
else
{
- Attribute attr = res.getAttributes().get(getMemberAttributeID());
+ //obtain Role entry attributes from directory
+ Attributes attrs = ldapContext.getAttributes(roleDN, new String[] {getMemberAttributeID()});
+ //log.debug("Role attributes: " + attrs);
+ if (attrs == null)
+ {
+ throw new IdentityException("Cannot find Role with DN: " + roleDN);
+ }
+
+ Attribute attr = attrs.get(getMemberAttributeID());
+
//can't remove the last member (if the attribute is required by schema)
//TODO: workaround this somehow.... (adding goofy user or admin instead?)
if (!(attr.size() == 1 && isMembershipAttributeRequired()))
Modified: modules/identity/branches/JBP_IDENTITY_BRANCH_1_1/identity/src/main/java/org/jboss/portal/identity/ldap/LDAPStaticRoleMembershipModuleImpl.java
===================================================================
--- modules/identity/branches/JBP_IDENTITY_BRANCH_1_1/identity/src/main/java/org/jboss/portal/identity/ldap/LDAPStaticRoleMembershipModuleImpl.java 2010-04-27 02:59:17 UTC (rev 13931)
+++ modules/identity/branches/JBP_IDENTITY_BRANCH_1_1/identity/src/main/java/org/jboss/portal/identity/ldap/LDAPStaticRoleMembershipModuleImpl.java 2010-05-06 08:36:23 UTC (rev 13932)
@@ -219,9 +219,11 @@
User user = getUserModule().createUserInstance(res.getAttributes(),ctx.getNameInNamespace());
if (userNameFilter != null && userNameFilter.length() != 0 && !user.getUserName().matches(".*" + userNameFilter + ".*"))
{
+ ctx.close();
continue;
}
users.add(user);
+ ctx.close();
}
@@ -312,6 +314,7 @@
SearchResult res = (SearchResult)iterator.next();
DirContext ctx = (DirContext)res.getObject();
String userDN = ctx.getNameInNamespace();
+ ctx.close();
//if user is one which we want to add
if (userDNsToAdd.contains(userDN))
{
@@ -322,8 +325,17 @@
//if it's not on the list we need to remove role from it
else
{
- Attribute attr = res.getAttributes().get(getMemberAttributeID());
+ //obtain Role entry attributes from directory
+ Attributes attrs = ldapContext.getAttributes(userDN, new String[] {getMemberAttributeID()});
+ //log.debug("Role attributes: " + attrs);
+ if (attrs == null)
+ {
+ throw new IdentityException("Cannot find User with DN: " + userDN);
+ }
+
+ Attribute attr = attrs.get(getMemberAttributeID());
+
attr.remove(memberOfName);
//and replace attributes
Modified: modules/identity/branches/JBP_IDENTITY_BRANCH_1_1/identity/src/main/java/org/jboss/portal/identity/ldap/LDAPUserModuleImpl.java
===================================================================
--- modules/identity/branches/JBP_IDENTITY_BRANCH_1_1/identity/src/main/java/org/jboss/portal/identity/ldap/LDAPUserModuleImpl.java 2010-04-27 02:59:17 UTC (rev 13931)
+++ modules/identity/branches/JBP_IDENTITY_BRANCH_1_1/identity/src/main/java/org/jboss/portal/identity/ldap/LDAPUserModuleImpl.java 2010-05-06 08:36:23 UTC (rev 13932)
@@ -450,6 +450,7 @@
Context ctx = (Context)res.getObject();
String dn = ctx.getNameInNamespace();
ui.add(createUserInstance(res.getAttributes(), dn));
+ ctx.close();
}
return ui;
}
14 years