opendev/gerrit
Code Issues Proposed changes

Fix LDAP connection pool configuration.

Browse Source 
Commit cd04bbc1 introduced LDAP connection pooling but it made a wrong
assumption that connection pool settings can be provided as env
variables.

According to [1] and also [2] the LDAP connection pool configuration is
done via JVM system properties. Only "com.sun.jndi.ldap.connect.pool" is
specified as an env variable.

[1] http://docs.oracle.com/javase/7/docs/technotes/guides/jndi/jndi-ldap.html#POOL
[2] http://stackoverflow.com/questions/22411967/which-ldap-jndi-provider-pool-settings-are-system-properties-and-which-are-envi

Change-Id: I71eb1934a23d658a1801afcd125895c59b69581e
This commit is contained in:
Saša Živkov
2015-01-19 17:04:43 +01:00
committed by Edwin Kempin
parent 303701adaa
commit 5049f5123b
2 changed files with 20 additions and 92 deletions
Download Patch File Download Diff File Expand all files Collapse all files

42
gerrit-server/src/main/java/com/google/gerrit/server/auth/ldap/Helper.java
View File

@@ -60,37 +60,6 @@ import javax.security.auth.login.LoginException;
@Singleton class Helper {
static final String LDAP_UUID = "ldap:";
static private Map<String, String> getPoolProperties(Config config) {
if (LdapRealm.optional(config, "useConnectionPooling", false)) {
Map<String, String> r = Maps.newHashMap();
r.put("com.sun.jndi.ldap.connect.pool", "true");
String poolDebug = LdapRealm.optional(config, "poolDebug");
String poolTimeout = LdapRealm.optional(config, "poolTimeout");
r.put("com.sun.jndi.ldap.connect.pool.authentication",
LdapRealm.optional(config, "poolAuthentication", "none simple"));
if (poolDebug != null) {
r.put("com.sun.jndi.ldap.connect.pool.debug", poolDebug);
}
r.put("com.sun.jndi.ldap.connect.pool.initsize",
String.valueOf(LdapRealm.optional(config, "poolInitsize", 1)));
r.put("com.sun.jndi.ldap.connect.pool.maxsize",
String.valueOf(LdapRealm.optional(config, "poolMaxsize", 0)));
r.put("com.sun.jndi.ldap.connect.pool.prefsize",
String.valueOf(LdapRealm.optional(config, "poolPrefsize", 0)));
r.put("com.sun.jndi.ldap.connect.pool.protocol",
LdapRealm.optional(config, "poolProtocol", "plain"));
if (poolTimeout != null) {
r.put("com.sun.jndi.ldap.connect.pool.timeout", Long
.toString(ConfigUtil.getTimeUnit(poolTimeout, 0,
TimeUnit.MILLISECONDS)));
}
return r;
}
return null;
}
private final Cache<String, ImmutableSet<String>> parentGroups;
private final Config config;
private final String server;
@@ -102,7 +71,7 @@ import javax.security.auth.login.LoginException;
private volatile LdapSchema ldapSchema;
private final String readTimeoutMillis;
private final String connectTimeoutMillis;
private final Map<String, String> connectionPoolConfig;
private final boolean useConnectionPooling;
@Inject
Helper(@GerritServerConfig final Config config,
@@ -133,7 +102,8 @@ import javax.security.auth.login.LoginException;
connectTimeoutMillis = null;
}
this.parentGroups = parentGroups;
this.connectionPoolConfig = getPoolProperties(config);
this.useConnectionPooling =
LdapRealm.optional(config, "useConnectionPooling", false);
}
private Properties createContextProperties() {
@@ -150,14 +120,14 @@ import javax.security.auth.login.LoginException;
if (connectTimeoutMillis != null) {
env.put("com.sun.jndi.ldap.connect.timeout", connectTimeoutMillis);
}
if (useConnectionPooling) {
env.put("com.sun.jndi.ldap.connect.pool", "true");
}
return env;
}
DirContext open() throws NamingException, LoginException {
final Properties env = createContextProperties();
if (connectionPoolConfig != null) {
env.putAll(connectionPoolConfig);
}
env.put(Context.SECURITY_AUTHENTICATION, authentication);
env.put(Context.REFERRAL, referral);
if ("GSSAPI".equals(authentication)) {