Merge "Improve LDAP login times, transfer 40x less data."

This commit is contained in:
Shawn Pearce
2015-01-30 05:47:36 +00:00
committed by Gerrit Code Review

View File

@@ -279,7 +279,8 @@ import javax.security.auth.login.LoginException;
try { try {
final Name compositeGroupName = new CompositeName().add(groupDN); final Name compositeGroupName = new CompositeName().add(groupDN);
final Attribute in = final Attribute in =
ctx.getAttributes(compositeGroupName).get(schema.accountMemberField); ctx.getAttributes(compositeGroupName, schema.accountMemberFieldArray)
.get(schema.accountMemberField);
if (in != null) { if (in != null) {
final NamingEnumeration<?> groups = in.getAll(); final NamingEnumeration<?> groups = in.getAll();
try { try {
@@ -308,6 +309,7 @@ import javax.security.auth.login.LoginException;
final ParameterizedString accountEmailAddress; final ParameterizedString accountEmailAddress;
final ParameterizedString accountSshUserName; final ParameterizedString accountSshUserName;
final String accountMemberField; final String accountMemberField;
final String[] accountMemberFieldArray;
final List<LdapQuery> accountQueryList; final List<LdapQuery> accountQueryList;
final List<String> groupBases; final List<String> groupBases;
@@ -372,7 +374,10 @@ import javax.security.auth.login.LoginException;
accountMemberField = accountMemberField =
LdapRealm.optdef(config, "accountMemberField", type.accountMemberField()); LdapRealm.optdef(config, "accountMemberField", type.accountMemberField());
if (accountMemberField != null) { if (accountMemberField != null) {
accountMemberFieldArray = new String[] {accountMemberField};
accountAtts.add(accountMemberField); accountAtts.add(accountMemberField);
} else {
accountMemberFieldArray = null;
} }
final SearchScope accountScope = LdapRealm.scope(config, "accountScope"); final SearchScope accountScope = LdapRealm.scope(config, "accountScope");