You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by sm...@apache.org on 2021/03/21 13:16:51 UTC
[directory-fortress-core] branch jmeter updated: FC-290 - Pool
connection validation switch
This is an automated email from the ASF dual-hosted git repository.
smckinney pushed a commit to branch jmeter
in repository https://gitbox.apache.org/repos/asf/directory-fortress-core.git
The following commit(s) were added to refs/heads/jmeter by this push:
new 88d965c FC-290 - Pool connection validation switch
88d965c is described below
commit 88d965c970e385c44bb4ef7a5fcd27dd2b3245c5
Author: Shawn McKinney <sm...@symas.com>
AuthorDate: Sun Mar 21 08:16:46 2021 -0500
FC-290 - Pool connection validation switch
---
build-config.xml | 2 ++
build.properties.example | 5 ++++-
config/bootstrap/fortress.properties.src | 4 +++-
config/fortress.properties.src | 2 ++
slapd.properties.example | 5 ++++-
src/main/java/org/apache/directory/fortress/core/GlobalIds.java | 6 +++++-
.../directory/fortress/core/ldap/LdapConnectionProvider.java | 8 ++++----
7 files changed, 24 insertions(+), 8 deletions(-)
diff --git a/build-config.xml b/build-config.xml
index ea68140..2a9aca1 100644
--- a/build-config.xml
+++ b/build-config.xml
@@ -309,6 +309,7 @@
<replace file="${dst.bootstrap.conf}" token="@LOG_MAX_CONN@" value="${log.max.conn}"/>
<replace file="${dst.bootstrap.conf}" token="@USR_MIN_CONN@" value="${user.min.conn}"/>
<replace file="${dst.bootstrap.conf}" token="@USR_MAX_CONN@" value="${user.max.conn}"/>
+ <replace file="${dst.bootstrap.conf}" token="@VALIDATE_CONN@" value="${validate.conn}"/>
<replace file="${dst.bootstrap.conf}" token="@CFG_CRYPTO_PROP@" value="${crypto.prop}"/>
<replace file="${dst.bootstrap.conf}" token="@SERVER_TYPE@" value="${ldap.server.type}"/>
<replace file="${dst.bootstrap.conf}" token="@ROLE_OCCUPANTS@" value="${role.occupants}"/>
@@ -346,6 +347,7 @@
<replace file="${dst.remote.conf}" token="@LOG_MIN_CONN@" value="${log.min.conn}"/>
<replace file="${dst.remote.conf}" token="@LOG_MAX_CONN@" value="${log.max.conn}"/>
<replace file="${dst.remote.conf}" token="@USR_MIN_CONN@" value="${user.min.conn}"/>
+ <replace file="${dst.remote.conf}" token="@VALIDATE_CONN@" value="${validate.conn}"/>
<replace file="${dst.remote.conf}" token="@USR_MAX_CONN@" value="${user.max.conn}"/>
<replace file="${dst.remote.conf}" token="@CFG_CRYPTO_PROP@" value="${crypto.prop}"/>
<replace file="${dst.remote.conf}" token="@ENABLE_REST@" value="${enable.mgr.impl.rest}"/>
diff --git a/build.properties.example b/build.properties.example
index 31d30a9..89e0b26 100644
--- a/build.properties.example
+++ b/build.properties.example
@@ -119,6 +119,9 @@ user.max.conn=10
min.log.conn=1
max.log.conn=3
+# Applies to all pools, connection validated on retrieval with dummy ldapsearch. (default is true)
+validate.conn=true
+
########################################################################
# 3. GROUP OBJECT CLASS DEFINITIONS
########################################################################
@@ -158,4 +161,4 @@ group.properties=configParameter
# 5. RFC2307 OBJECT CLASS DEFINITIONS
########################################################################
# Boolean value. If true, requires rfc2307bis schema because posixUser and posixGroup must be auxiliary object classes to work with ftRls which is structural..
-rfc2307=false
\ No newline at end of file
+rfc2307=false
diff --git a/config/bootstrap/fortress.properties.src b/config/bootstrap/fortress.properties.src
index 1e28650..fa64bb2 100755
--- a/config/bootstrap/fortress.properties.src
+++ b/config/bootstrap/fortress.properties.src
@@ -52,6 +52,8 @@ log.admin.pw=@CFG_LOG_ROOT_PW@
min.log.conn=@LOG_MIN_CONN@
max.log.conn=@LOG_MAX_CONN@
+validate.conn=@VALIDATE_CONN@
+
# Disable storing user membership on role object, default is true:
role.occupants=@ROLE_OCCUPANTS@
@@ -170,4 +172,4 @@ clientside.sorting=true
attr.delimiter=$
# These are used to enable RFC2307bis support on User and Role entities:
-rfc2307=@IS_RFC2307@
\ No newline at end of file
+rfc2307=@IS_RFC2307@
diff --git a/config/fortress.properties.src b/config/fortress.properties.src
index 138e2c2..7526f96 100755
--- a/config/fortress.properties.src
+++ b/config/fortress.properties.src
@@ -58,6 +58,8 @@ max.admin.conn=@ADM_MAX_CONN@
min.user.conn=@USR_MIN_CONN@
max.user.conn=@USR_MAX_CONN@
+validate.conn=@VALIDATE_CONN@
+
# These credentials are used for read/write access to all nodes under slapd access log suffix:
log.admin.user=@LOG_ROOT_DN@
# For corresponding log user:
diff --git a/slapd.properties.example b/slapd.properties.example
index d2afc05..d371cf3 100644
--- a/slapd.properties.example
+++ b/slapd.properties.example
@@ -72,6 +72,9 @@ user.max.conn=10
log.min.conn=1
log.max.conn=3
+# Applies to all pools, connection validated on retrieval with dummy ldapsearch. (default is true)
+validate.conn=true
+
#These are passwords used for LDAP audit log service accounts:
# Audit Pool:
log.admin.user=cn=manager,${log.suffix}
@@ -214,4 +217,4 @@ db.sess.dir=${db.root}/rbacsess
db.audit.dir=${db.root}/rbacaudit
db.rbac.dir=${db.root}/rbacoverlay
db.bak.audit.dir=${db.root}/backup/rbacaudit
-db.bak.sess.dir=${db.root}/backup/rbacsess
\ No newline at end of file
+db.bak.sess.dir=${db.root}/backup/rbacsess
diff --git a/src/main/java/org/apache/directory/fortress/core/GlobalIds.java b/src/main/java/org/apache/directory/fortress/core/GlobalIds.java
index 352fc43..f9b49d6 100755
--- a/src/main/java/org/apache/directory/fortress/core/GlobalIds.java
+++ b/src/main/java/org/apache/directory/fortress/core/GlobalIds.java
@@ -455,6 +455,10 @@ public final class GlobalIds
public static final String LDAP_LOG_POOL_TEST_IDLE = "log.conn.test.idle";
public static final String LDAP_LOG_POOL_EVICT_RUN_MILLIS = "log.conn.evict.run.millis";
+ /**
+ * Applies to all pools, connection validated on retrieval with dummy ldapsearch.
+ */
+ public static final String LDAP_VALIDATE_CONN = "validate.conn";
// Used for TLS/SSL client-side configs:
public static final String ENABLE_LDAP_SSL = "enable.ldap.ssl";
@@ -591,4 +595,4 @@ public final class GlobalIds
* Attribute name for property ARBAC02 enforcement boolean.
*/
public static final String IS_ARBAC02 = "is.arbac02";
-}
\ No newline at end of file
+}
diff --git a/src/main/java/org/apache/directory/fortress/core/ldap/LdapConnectionProvider.java b/src/main/java/org/apache/directory/fortress/core/ldap/LdapConnectionProvider.java
index 5a9adec..6c59481 100644
--- a/src/main/java/org/apache/directory/fortress/core/ldap/LdapConnectionProvider.java
+++ b/src/main/java/org/apache/directory/fortress/core/ldap/LdapConnectionProvider.java
@@ -125,7 +125,7 @@ public class LdapConnectionProvider
int max = Config.getInstance().getInt( GlobalIds.LDAP_ADMIN_POOL_MAX, 10 );
int logmin = Config.getInstance().getInt( GlobalIds.LDAP_LOG_POOL_MIN, 1 );
int logmax = Config.getInstance().getInt( GlobalIds.LDAP_LOG_POOL_MAX, 10 );
-
+ boolean validate = Config.getInstance().getBoolean( GlobalIds.LDAP_VALIDATE_CONN, true );
boolean testWhileIdle = Config.getInstance().getBoolean( GlobalIds.LDAP_ADMIN_POOL_TEST_IDLE, true );
boolean logTestWhileIdle = Config.getInstance().getBoolean( GlobalIds.LDAP_LOG_POOL_TEST_IDLE, true );
@@ -195,7 +195,7 @@ public class LdapConnectionProvider
// Create the Admin pool
adminPool = new LdapConnectionPool( poolFactory );
- adminPool.setTestOnBorrow( true );
+ adminPool.setTestOnBorrow( validate );
adminPool.setWhenExhaustedAction( GenericObjectPool.WHEN_EXHAUSTED_GROW );
adminPool.setMaxActive( max );
adminPool.setMinIdle( min );
@@ -206,7 +206,7 @@ public class LdapConnectionProvider
// Create the User pool
userPool = new LdapConnectionPool( poolFactory );
- userPool.setTestOnBorrow( true );
+ userPool.setTestOnBorrow( validate );
userPool.setWhenExhaustedAction( GenericObjectPool.WHEN_EXHAUSTED_GROW );
userPool.setMaxActive( max );
userPool.setMinIdle( min );
@@ -250,7 +250,7 @@ public class LdapConnectionProvider
logConfig.setCredentials( logPw );
poolFactory = new ValidatingPoolableLdapConnectionFactory( logConfig );
logPool = new LdapConnectionPool( poolFactory );
- logPool.setTestOnBorrow( true );
+ logPool.setTestOnBorrow( validate );
logPool.setWhenExhaustedAction( GenericObjectPool.WHEN_EXHAUSTED_GROW );
logPool.setMaxActive( logmax );
logPool.setMinIdle( logmin );