Uploaded image for project: 'Grouper'
  1. Grouper
  2. GRP-1474

ldap loader set pool options when using configFileFromClasspath

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Open
    • Priority: Minor
    • Resolution: Unresolved
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: grouperLoader
    • Labels:
      None

      Description

      In the grouper-loader.properties file, there are two ways to set up properties for LDAP sources. The primary way, and the one most documented, is to define a series of "ldap.<sourceId>.*" properties that set up the LDAP config, the pool, and the optional validator function. However, a second way to configure a source is via the property "ldap.<sourceId>.configFileFromClasspath". In this method, the properties defined in the file refered to in configFileFromClasspath are in the format "edu.vt.middleware.ldap.*", and are parsed directly by vt-ldap functions, and not by Grouper wrappers. This means that a larger set of the vt-ldap properties can be set, rather than just the ones Grouper functions are coded to handle.

      However, parameters for pooling defined in the file are ignored. They can still be set in the grouper-loader.properties as their "ldap.<sourceId>.*" versions, the same as for method #1.

      I have a pull request that allows the pooling options to be set in the external file. I can also update the documentation to show how to use the configFileFromClasspath alternative. This brings the loader config closer in line to the sources.xml/subject.properties option for an external file via ldapProperties_file, which could already handle pool settings.

      The validator-specific properties that can be set for the source (see GRP-1428) can't be set in the external file, as vt-ldap has no way to handle it. These will need to continue to be set in grouper-loader.properties, as per method #1.

      Example:

      grouper-loader.properties

      ldap.personLdap.configFileFromClasspath = ldap.personLdap.properties
      ldap.personLdap.validator = CompareLdapValidator
      ldap.personLdap.validatorCompareDn = ou=groups,dc=example,dc=com
      ldap.personLdap.validatorCompareSearchFilterString = (ou=groups)
      

      ldap.personLdap.properties

      edu.vt.middleware.ldap.ldapUrl = ldap://ldap.example.com
      edu.vt.middleware.ldap.bindDn = cn=grouper.svc,ou=applications,dc=example,dc=com
      edu.vt.middleware.ldap.bindCredential = XXXXXXXXXXX
      edu.vt.middleware.ldap.pool.minPoolSize = 3
      edu.vt.middleware.ldap.pool.maxPoolSize = 5
      edu.vt.middleware.ldap.pool.validateOnCheckOut = false
      edu.vt.middleware.ldap.pool.validateOnCheckIn = false
      edu.vt.middleware.ldap.pool.validatePeriodically = true
      edu.vt.middleware.ldap.pool.validateTimerPeriod = 270000
      edu.vt.middleware.ldap.searchResultHandlers=edu.vt.middleware.ldap.handler.FqdnSearchResultHandler,edu.internet2.middleware.grouper.ldap.handler.RangeSearchResultHandler
      
      

        Smart Checklist

          Attachments

            Activity

              People

              • Assignee:
                chris.hyzer@at.internet2.edu Chris Hyzer (upenn.edu)
                Reporter:
                chad.redman@at.internet2.edu Chad Redman (unc.edu)
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated: