Uploaded image for project: 'Grouper'
  1. Grouper
  2. GRP-1151

subject api needs ability to use ldap.properties for vt-ldap

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 2.1.5, 2.2.1
    • Fix Version/s: 2.2.1.patch, 2.2.2, 2.3.0
    • Component/s: subject API
    • Labels:
      None

      Description

      ----Original Message----
      From: oharsta@gmail.com oharsta@gmail.com
      Sent: Monday, July 06, 2015 9:52 AM
      To: grouper-dev@internet2.edu; Chris Hyzer
      Subject: Re: [grouper-dev] RE: [grouper] Grouper 2.1.5 loses track of ldap connection (#43)

      Hi,

      I'm a colleague of Hans and took over the problem we are having with invalid
      Ldap connections not being cleaned up after a Ldap restart.

      When I look into the source code (tag GROUPER_2_1_5) then I can't see how your
      suggestion could work. Basically the LdapSourceAdapter reads the properties
      file specified by ldapProperties_file. It uses the properties file to read the
      credentials and the additional key-values related to tuning the Ldap pool
      (e.g. edu.vt.middleware.ldap.pool.validateOnCheckOut) end up in
      DefaultLdapFactory#config#additionalEnvironmentProperties

      However when the pool is created (LdapSourceAdapter#initializeLdap line 291):

      DefaultLdapFactory factory = new DefaultLdapFactory(ldapConfig);

      try {
      ldapPool = new SoftLimitLdapPool(factory);
      ldapPool.initialize();
      the SoftLimitLdapPool constructor used is the one where the factory is
      supplied on the SoftLimitLdapPool and not the other constructor where also the
      LdapPoolConfig is provided. As such the SoftLimitLdapPool is initialized with
      a new default LdapPoolConfig and the tuning properties specified in the
      ldapProperties_file are never used. I debugged our test environment and
      confirmed this.

      Maybe I'm missing something but I think using the single argument constructor
      for the SoftLimitLdapPool with only the factory being provided and not the
      LdapPoolConfig is a bug. Could you confirm this?

      Again maybe I'm missing something, but when I examined the code I can't figure
      out where the SoftLimitLdapPool being used could ever pick up the tuning
      properties in the ldapProperties_file as it's creates a new default
      LdapPoolConfig which does not validate anything and has a
      DEFAULT_VALIDATE_ON_CHECKOUT of false.

      Thanks,
      Okke

        Smart Checklist

          Attachments

            Activity

              People

              Assignee:
              chris.hyzer@at.internet2.edu Chris Hyzer (upenn.edu)
              Reporter:
              chris.hyzer@at.internet2.edu Chris Hyzer (upenn.edu)
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: