You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by cp...@apache.org on 2016/05/05 13:49:24 UTC
[07/15] directory-fortress-core git commit: working on getting junit
tests running after refactor
working on getting junit tests running after refactor
Project: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/repo
Commit: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/commit/ae713f3b
Tree: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/tree/ae713f3b
Diff: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/diff/ae713f3b
Branch: refs/heads/master
Commit: ae713f3b0a73ae47144fbd26c2913eeb503d3ecd
Parents: d0924b2
Author: clp207 <cl...@psu.edu>
Authored: Tue Apr 26 14:52:01 2016 -0400
Committer: clp207 <cl...@psu.edu>
Committed: Tue Apr 26 14:52:01 2016 -0400
----------------------------------------------------------------------
.../core/ldap/LdapConnectionProvider.java | 363 +++++++++++++++++++
.../fortress/core/ldap/LdapDataProvider.java | 278 +-------------
.../directory/fortress/core/ldap/LdapUtil.java | 60 ---
.../directory/fortress/core/util/Config.java | 44 ++-
.../fortress/core/util/cache/CacheMgr.java | 10 +-
5 files changed, 426 insertions(+), 329 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/ae713f3b/src/main/java/org/apache/directory/fortress/core/ldap/LdapConnectionProvider.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/core/ldap/LdapConnectionProvider.java b/src/main/java/org/apache/directory/fortress/core/ldap/LdapConnectionProvider.java
new file mode 100644
index 0000000..dd56e93
--- /dev/null
+++ b/src/main/java/org/apache/directory/fortress/core/ldap/LdapConnectionProvider.java
@@ -0,0 +1,363 @@
+package org.apache.directory.fortress.core.ldap;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import org.apache.commons.lang.StringUtils;
+import org.apache.commons.pool.PoolableObjectFactory;
+import org.apache.commons.pool.impl.GenericObjectPool;
+import org.apache.directory.api.ldap.codec.api.LdapApiService;
+import org.apache.directory.api.ldap.codec.api.LdapApiServiceFactory;
+import org.apache.directory.api.ldap.codec.standalone.StandaloneLdapApiService;
+import org.apache.directory.api.ldap.model.exception.LdapException;
+import org.apache.directory.fortress.core.CfgRuntimeException;
+import org.apache.directory.fortress.core.GlobalErrIds;
+import org.apache.directory.fortress.core.GlobalIds;
+import org.apache.directory.fortress.core.util.LocalConfig;
+import org.apache.directory.fortress.core.util.crypto.EncryptUtil;
+import org.apache.directory.ldap.client.api.LdapConnection;
+import org.apache.directory.ldap.client.api.LdapConnectionConfig;
+import org.apache.directory.ldap.client.api.LdapConnectionPool;
+import org.apache.directory.ldap.client.api.ValidatingPoolableLdapConnectionFactory;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+public class LdapConnectionProvider {
+
+ private static final String CLS_NM = LdapConnectionProvider.class.getName();
+ private static final Logger LOG = LoggerFactory.getLogger( CLS_NM );
+
+ private static final String LDAP_LOG_POOL_UID = "log.admin.user";
+ private static final String LDAP_LOG_POOL_PW = "log.admin.pw";
+ private static final String LDAP_LOG_POOL_MIN = "min.log.conn";
+ private static final String LDAP_LOG_POOL_MAX = "max.log.conn";
+
+ private static final String ENABLE_LDAP_STARTTLS = "enable.ldap.starttls";
+
+ private boolean IS_SSL;
+ private boolean IS_SET_TRUST_STORE_PROP;
+ private boolean IS_SSL_DEBUG;
+
+ /**
+ * The Admin connection pool
+ */
+ private static LdapConnectionPool adminPool;
+
+ /**
+ * The Log connection pool
+ */
+ private static LdapConnectionPool logPool;
+
+ /**
+ * The User connection pool
+ */
+ private static LdapConnectionPool userPool;
+
+ private static volatile LdapConnectionProvider INSTANCE = null;
+
+ public static LdapConnectionProvider getInstance() {
+ if(INSTANCE == null) {
+ synchronized (LdapConnectionProvider.class) {
+ if(INSTANCE == null){
+ INSTANCE = new LdapConnectionProvider();
+ }
+ }
+ }
+ return INSTANCE;
+ }
+
+ public LdapConnectionProvider(){
+ init();
+ }
+
+ private void init()
+ {
+ IS_SSL = (
+ LocalConfig.getInstance().getProperty( GlobalIds.ENABLE_LDAP_SSL ) != null &&
+ LocalConfig.getInstance().getProperty( GlobalIds.ENABLE_LDAP_SSL ).equalsIgnoreCase( "true" ) &&
+ LocalConfig.getInstance().getProperty( GlobalIds.TRUST_STORE ) != null &&
+ LocalConfig.getInstance().getProperty( GlobalIds.TRUST_STORE_PW ) != null );
+
+ IS_SET_TRUST_STORE_PROP = (
+ IS_SSL &&
+ LocalConfig.getInstance().getProperty( GlobalIds.SET_TRUST_STORE_PROP ) != null &&
+ LocalConfig.getInstance().getProperty( GlobalIds.SET_TRUST_STORE_PROP ).equalsIgnoreCase( "true" ) );
+
+ IS_SSL_DEBUG = ( ( LocalConfig.getInstance().getProperty( GlobalIds.ENABLE_LDAP_SSL_DEBUG ) != null ) && ( LocalConfig
+ .getInstance().getProperty( GlobalIds.ENABLE_LDAP_SSL_DEBUG ).equalsIgnoreCase( "true" ) ) );
+
+
+ String host = LocalConfig.getInstance().getProperty( GlobalIds.LDAP_HOST, "localhost" );
+ int port = LocalConfig.getInstance().getInt( GlobalIds.LDAP_PORT, 389 );
+ int min = LocalConfig.getInstance().getInt( GlobalIds.LDAP_ADMIN_POOL_MIN, 1 );
+ int max = LocalConfig.getInstance().getInt( GlobalIds.LDAP_ADMIN_POOL_MAX, 10 );
+ int logmin = LocalConfig.getInstance().getInt( LDAP_LOG_POOL_MIN, 1 );
+ int logmax = LocalConfig.getInstance().getInt( LDAP_LOG_POOL_MAX, 10 );
+ LOG.info( "LDAP POOL: host=[{}], port=[{}], min=[{}], max=[{}]", host, port, min, max );
+
+ if ( IS_SET_TRUST_STORE_PROP )
+ {
+ LOG.info( "Set JSSE truststore properties in Apache LDAP client:" );
+ LOG.info( "javax.net.ssl.trustStore: {}", LocalConfig.getInstance().getProperty( GlobalIds.TRUST_STORE ) );
+ LOG.info( "javax.net.debug: {}", IS_SSL_DEBUG );
+ System.setProperty( "javax.net.ssl.trustStore", LocalConfig.getInstance().getProperty( GlobalIds.TRUST_STORE ) );
+ System.setProperty( "javax.net.ssl.trustStorePassword", LocalConfig.getInstance().getProperty( GlobalIds.TRUST_STORE_PW ) );
+ System.setProperty( "javax.net.debug", Boolean.valueOf( IS_SSL_DEBUG ).toString() );
+ }
+
+ LdapConnectionConfig config = new LdapConnectionConfig();
+ config.setLdapHost( host );
+ config.setLdapPort( port );
+ config.setName( LocalConfig.getInstance().getProperty( GlobalIds.LDAP_ADMIN_POOL_UID, "" ) );
+
+ config.setUseSsl( IS_SSL );
+ //config.setTrustManagers( new NoVerificationTrustManager() );
+
+ if(LocalConfig.getInstance().getBoolean(ENABLE_LDAP_STARTTLS, false)){
+ config.setUseTls(true);
+ }
+
+ if ( IS_SSL && StringUtils.isNotEmpty( LocalConfig.getInstance().getProperty( GlobalIds.TRUST_STORE ) )
+ && StringUtils.isNotEmpty( LocalConfig.getInstance().getProperty( GlobalIds.TRUST_STORE_PW ) ) )
+ {
+ // validate certificates but allow self-signed certs if within this truststore:
+ config.setTrustManagers( new LdapClientTrustStoreManager( LocalConfig.getInstance().getProperty( GlobalIds.TRUST_STORE ), LocalConfig.getInstance().getProperty( GlobalIds.TRUST_STORE_PW )
+ .toCharArray(), null,
+ true ) );
+ }
+
+ String adminPw;
+ if ( EncryptUtil.isEnabled() )
+ {
+ adminPw = EncryptUtil.getInstance().decrypt( LocalConfig.getInstance().getProperty( GlobalIds.LDAP_ADMIN_POOL_PW ) );
+ }
+ else
+ {
+ adminPw = LocalConfig.getInstance().getProperty( GlobalIds.LDAP_ADMIN_POOL_PW );
+ }
+
+ config.setCredentials( adminPw );
+ try
+ {
+ List<String> listExOps = new ArrayList<>();
+ listExOps.add( "org.openldap.accelerator.impl.createSession.RbacCreateSessionFactory" );
+ listExOps.add( "org.openldap.accelerator.impl.checkAccess.RbacCheckAccessFactory" );
+ listExOps.add( "org.openldap.accelerator.impl.addRole.RbacAddRoleFactory" );
+ listExOps.add( "org.openldap.accelerator.impl.dropRole.RbacDropRoleFactory" );
+ listExOps.add( "org.openldap.accelerator.impl.deleteSession.RbacDeleteSessionFactory" );
+ listExOps.add( "org.openldap.accelerator.impl.sessionRoles.RbacSessionRolesFactory" );
+ LdapApiService ldapApiService = new StandaloneLdapApiService( new ArrayList<String>(), listExOps );
+
+ if ( !LdapApiServiceFactory.isInitialized() )
+ {
+ LdapApiServiceFactory.initialize( ldapApiService );
+ }
+ config.setLdapApiService( ldapApiService );
+ }
+ catch ( Exception ex )
+ {
+ String error = "Exception caught initializing Admin Pool: " + ex;
+ throw new CfgRuntimeException( GlobalErrIds.FT_APACHE_LDAP_POOL_INIT_FAILED, error, ex );
+ }
+
+ PoolableObjectFactory<LdapConnection> poolFactory = new ValidatingPoolableLdapConnectionFactory( config );
+
+ // Create the Admin pool
+ adminPool = new LdapConnectionPool( poolFactory );
+ adminPool.setTestOnBorrow( true );
+ adminPool.setWhenExhaustedAction( GenericObjectPool.WHEN_EXHAUSTED_GROW );
+ adminPool.setMaxActive( max );
+ adminPool.setMinIdle( min );
+ adminPool.setMaxIdle( -1 );
+ //adminPool.setMaxWait( 0 );
+
+ // Create the User pool
+ userPool = new LdapConnectionPool( poolFactory );
+ userPool.setTestOnBorrow( true );
+ userPool.setWhenExhaustedAction( GenericObjectPool.WHEN_EXHAUSTED_GROW );
+ userPool.setMaxActive( max );
+ userPool.setMinIdle( min );
+ userPool.setMaxIdle( -1 );
+
+ // This pool of access log connections is used by {@link org.apache.directory.fortress.AuditMgr}.
+ // To enable, set {@code log.admin.user} && {@code log.admin.pw} inside fortress.properties file:
+ if ( StringUtils.isNotEmpty( LDAP_LOG_POOL_UID ) && StringUtils.isNotEmpty( LDAP_LOG_POOL_PW ) )
+ {
+ // Initializing the log pool in static block requires static props set within fortress.properties.
+ // To make this dynamic requires moving this code outside of static block AND storing the connection metadata inside fortress config node (in ldap).
+ LdapConnectionConfig logConfig = new LdapConnectionConfig();
+ logConfig.setLdapHost( host );
+ logConfig.setLdapPort( port );
+ logConfig.setName( LocalConfig.getInstance().getProperty( GlobalIds.LDAP_ADMIN_POOL_UID, "" ) );
+
+ logConfig.setUseSsl( IS_SSL );
+
+ if ( IS_SSL && StringUtils.isNotEmpty( LocalConfig.getInstance().getProperty( GlobalIds.TRUST_STORE ) )
+ && StringUtils.isNotEmpty( LocalConfig.getInstance().getProperty( GlobalIds.TRUST_STORE_PW ) ) )
+ {
+ // validate certificates but allow self-signed certs if within this truststore:
+ logConfig.setTrustManagers( new LdapClientTrustStoreManager( LocalConfig.getInstance().getProperty( GlobalIds.TRUST_STORE ),
+ LocalConfig.getInstance().getProperty( GlobalIds.TRUST_STORE_PW ).toCharArray(),
+ null, true ) );
+ }
+
+ logConfig.setName( LocalConfig.getInstance().getProperty( LDAP_LOG_POOL_UID, "" ) );
+ String logPw;
+ if ( EncryptUtil.isEnabled() )
+ {
+ logPw = EncryptUtil.getInstance().decrypt( LocalConfig.getInstance().getProperty( LDAP_LOG_POOL_PW ) );
+ }
+ else
+ {
+ logPw = LocalConfig.getInstance().getProperty( LDAP_LOG_POOL_PW );
+ }
+ logConfig.setCredentials( logPw );
+ poolFactory = new ValidatingPoolableLdapConnectionFactory( logConfig );
+ logPool = new LdapConnectionPool( poolFactory );
+ logPool.setTestOnBorrow( true );
+ logPool.setWhenExhaustedAction( GenericObjectPool.WHEN_EXHAUSTED_GROW );
+ logPool.setMaxActive( logmax );
+ logPool.setMinIdle( logmin );
+ }
+ }
+
+
+ /**
+ * Calls the PoolMgr to close the Admin LDAP connection.
+ *
+ * @param connection handle to ldap connection object.
+ */
+ public void closeAdminConnection( LdapConnection connection )
+ {
+ try
+ {
+ adminPool.releaseConnection( connection );
+ }
+ catch ( Exception e )
+ {
+ throw new RuntimeException( e.getMessage(), e );
+ }
+ }
+
+
+ /**
+ * Calls the PoolMgr to close the Log LDAP connection.
+ *
+ * @param connection handle to ldap connection object.
+ */
+ public void closeLogConnection( LdapConnection connection )
+ {
+ try
+ {
+ logPool.releaseConnection( connection );
+ }
+ catch ( Exception e )
+ {
+ throw new RuntimeException( e.getMessage(), e );
+ }
+ }
+
+
+ /**
+ * Calls the PoolMgr to close the User LDAP connection.
+ *
+ * @param connection handle to ldap connection object.
+ */
+ public void closeUserConnection( LdapConnection connection )
+ {
+ try
+ {
+ userPool.releaseConnection( connection );
+ }
+ catch ( Exception e )
+ {
+ throw new RuntimeException( e.getMessage(), e );
+ }
+ }
+
+
+ /**
+ * Calls the PoolMgr to get an Admin connection to the LDAP server.
+ *
+ * @return ldap connection.
+ * @throws LdapException If we had an issue getting an LDAP connection
+ */
+ public LdapConnection getAdminConnection() throws LdapException
+ {
+ try
+ {
+ return adminPool.getConnection();
+ }
+ catch ( Exception e )
+ {
+ throw new LdapException( e.getMessage(), e );
+ }
+ }
+
+
+ /**
+ * Calls the PoolMgr to get an Log connection to the LDAP server.
+ *
+ * @return ldap connection.
+ * @throws LdapException If we had an issue getting an LDAP connection
+ */
+ public LdapConnection getLogConnection() throws LdapException
+ {
+ try
+ {
+ return logPool.getConnection();
+ }
+ catch ( Exception e )
+ {
+ throw new LdapException( e.getMessage(), e );
+ }
+ }
+
+
+ /**
+ * Calls the PoolMgr to get an User connection to the LDAP server.
+ *
+ * @return ldap connection.
+ * @throws LdapException If we had an issue getting an LDAP connection
+ */
+ public LdapConnection getUserConnection() throws LdapException
+ {
+ try
+ {
+ return userPool.getConnection();
+ }
+ catch ( Exception e )
+ {
+ throw new LdapException( e.getMessage(), e );
+ }
+ }
+
+ /**
+ * Closes all the ldap connection pools.
+ */
+ public static void closeAllConnectionPools(){
+ try{
+ LOG.info("Closing admin pool");
+ adminPool.close();
+ }
+ catch(Exception e){
+ LOG.warn("Error closing admin pool: " + e.getMessage());
+ }
+
+ try{
+ LOG.info("Closing user pool");
+ userPool.close();
+ }
+ catch(Exception e){
+ LOG.warn("Error closing user pool: " + e.getMessage());
+ }
+
+ try{
+ LOG.info("Closing log pool");
+ logPool.close();
+ }
+ catch(Exception e){
+ LOG.warn("Error closing log pool: " + e.getMessage());
+ }
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/ae713f3b/src/main/java/org/apache/directory/fortress/core/ldap/LdapDataProvider.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/core/ldap/LdapDataProvider.java b/src/main/java/org/apache/directory/fortress/core/ldap/LdapDataProvider.java
index 6c6979d..aa14e36 100644
--- a/src/main/java/org/apache/directory/fortress/core/ldap/LdapDataProvider.java
+++ b/src/main/java/org/apache/directory/fortress/core/ldap/LdapDataProvider.java
@@ -30,11 +30,6 @@ import java.util.Set;
import java.util.TreeSet;
import org.apache.commons.lang.StringUtils;
-import org.apache.commons.pool.PoolableObjectFactory;
-import org.apache.commons.pool.impl.GenericObjectPool;
-import org.apache.directory.api.ldap.codec.api.LdapApiService;
-import org.apache.directory.api.ldap.codec.api.LdapApiServiceFactory;
-import org.apache.directory.api.ldap.codec.standalone.StandaloneLdapApiService;
import org.apache.directory.api.ldap.extras.controls.ppolicy.PasswordPolicy;
import org.apache.directory.api.ldap.extras.controls.ppolicy.PasswordPolicyImpl;
import org.apache.directory.api.ldap.extras.controls.ppolicy_impl.PasswordPolicyDecorator;
@@ -67,8 +62,6 @@ import org.apache.directory.api.ldap.model.message.SearchScope;
import org.apache.directory.api.ldap.model.message.controls.ProxiedAuthz;
import org.apache.directory.api.ldap.model.message.controls.ProxiedAuthzImpl;
import org.apache.directory.api.ldap.model.name.Dn;
-import org.apache.directory.fortress.core.CfgRuntimeException;
-import org.apache.directory.fortress.core.GlobalErrIds;
import org.apache.directory.fortress.core.GlobalIds;
import org.apache.directory.fortress.core.model.Constraint;
import org.apache.directory.fortress.core.model.ConstraintUtil;
@@ -76,12 +69,7 @@ import org.apache.directory.fortress.core.model.FortEntity;
import org.apache.directory.fortress.core.model.Hier;
import org.apache.directory.fortress.core.model.Relationship;
import org.apache.directory.fortress.core.util.Config;
-import org.apache.directory.fortress.core.util.LocalConfig;
-import org.apache.directory.fortress.core.util.crypto.EncryptUtil;
import org.apache.directory.ldap.client.api.LdapConnection;
-import org.apache.directory.ldap.client.api.LdapConnectionConfig;
-import org.apache.directory.ldap.client.api.LdapConnectionPool;
-import org.apache.directory.ldap.client.api.ValidatingPoolableLdapConnectionFactory;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -105,191 +93,12 @@ public abstract class LdapDataProvider
private static final int MAX_DEPTH = 100;
private static final LdapCounters COUNTERS = new LdapCounters();
- // Used for slapd access log {@link org.apache.directory.fortress.core.rbacAuditDAO}
- private static final String LDAP_LOG_POOL_UID = "log.admin.user";
- private static final String LDAP_LOG_POOL_PW = "log.admin.pw";
- private static final String LDAP_LOG_POOL_MIN = "min.log.conn";
- private static final String LDAP_LOG_POOL_MAX = "max.log.conn";
-
- private static final String ENABLE_LDAP_STARTTLS = "enable.ldap.starttls";
-
- private boolean IS_SSL;
- private boolean IS_SET_TRUST_STORE_PROP;
- private boolean IS_SSL_DEBUG;
-
- /**
- * The Admin connection pool
- */
- private static LdapConnectionPool adminPool;
-
- /**
- * The Log connection pool
- */
- private static LdapConnectionPool logPool;
-
- /**
- * The User connection pool
- */
- private static LdapConnectionPool userPool;
-
private static final PasswordPolicy PP_REQ_CTRL = new PasswordPolicyImpl();
-
- public LdapDataProvider(){
- init();
- }
- private void init()
- {
- IS_SSL = (
- LocalConfig.getInstance().getProperty( GlobalIds.ENABLE_LDAP_SSL ) != null &&
- LocalConfig.getInstance().getProperty( GlobalIds.ENABLE_LDAP_SSL ).equalsIgnoreCase( "true" ) &&
- LocalConfig.getInstance().getProperty( GlobalIds.TRUST_STORE ) != null &&
- LocalConfig.getInstance().getProperty( GlobalIds.TRUST_STORE_PW ) != null );
-
- IS_SET_TRUST_STORE_PROP = (
- IS_SSL &&
- LocalConfig.getInstance().getProperty( GlobalIds.SET_TRUST_STORE_PROP ) != null &&
- LocalConfig.getInstance().getProperty( GlobalIds.SET_TRUST_STORE_PROP ).equalsIgnoreCase( "true" ) );
-
- IS_SSL_DEBUG = ( ( LocalConfig.getInstance().getProperty( GlobalIds.ENABLE_LDAP_SSL_DEBUG ) != null ) && ( LocalConfig
- .getInstance().getProperty( GlobalIds.ENABLE_LDAP_SSL_DEBUG ).equalsIgnoreCase( "true" ) ) );
-
-
- String host = LocalConfig.getInstance().getProperty( GlobalIds.LDAP_HOST, "localhost" );
- int port = LocalConfig.getInstance().getInt( GlobalIds.LDAP_PORT, 389 );
- int min = LocalConfig.getInstance().getInt( GlobalIds.LDAP_ADMIN_POOL_MIN, 1 );
- int max = LocalConfig.getInstance().getInt( GlobalIds.LDAP_ADMIN_POOL_MAX, 10 );
- int logmin = LocalConfig.getInstance().getInt( LDAP_LOG_POOL_MIN, 1 );
- int logmax = LocalConfig.getInstance().getInt( LDAP_LOG_POOL_MAX, 10 );
- LOG.info( "LDAP POOL: host=[{}], port=[{}], min=[{}], max=[{}]", host, port, min, max );
-
- if ( IS_SET_TRUST_STORE_PROP )
- {
- LOG.info( "Set JSSE truststore properties in Apache LDAP client:" );
- LOG.info( "javax.net.ssl.trustStore: {}", LocalConfig.getInstance().getProperty( GlobalIds.TRUST_STORE ) );
- LOG.info( "javax.net.debug: {}", IS_SSL_DEBUG );
- System.setProperty( "javax.net.ssl.trustStore", LocalConfig.getInstance().getProperty( GlobalIds.TRUST_STORE ) );
- System.setProperty( "javax.net.ssl.trustStorePassword", LocalConfig.getInstance().getProperty( GlobalIds.TRUST_STORE_PW ) );
- System.setProperty( "javax.net.debug", Boolean.valueOf( IS_SSL_DEBUG ).toString() );
- }
-
- LdapConnectionConfig config = new LdapConnectionConfig();
- config.setLdapHost( host );
- config.setLdapPort( port );
- config.setName( LocalConfig.getInstance().getProperty( GlobalIds.LDAP_ADMIN_POOL_UID, "" ) );
-
- config.setUseSsl( IS_SSL );
- //config.setTrustManagers( new NoVerificationTrustManager() );
-
- if(LocalConfig.getInstance().getBoolean(ENABLE_LDAP_STARTTLS, false)){
- config.setUseTls(true);
- }
-
- if ( IS_SSL && StringUtils.isNotEmpty( LocalConfig.getInstance().getProperty( GlobalIds.TRUST_STORE ) )
- && StringUtils.isNotEmpty( LocalConfig.getInstance().getProperty( GlobalIds.TRUST_STORE_PW ) ) )
- {
- // validate certificates but allow self-signed certs if within this truststore:
- config.setTrustManagers( new LdapClientTrustStoreManager( LocalConfig.getInstance().getProperty( GlobalIds.TRUST_STORE ), LocalConfig.getInstance().getProperty( GlobalIds.TRUST_STORE_PW )
- .toCharArray(), null,
- true ) );
- }
-
- String adminPw;
- if ( EncryptUtil.isEnabled() )
- {
- adminPw = EncryptUtil.getInstance().decrypt( LocalConfig.getInstance().getProperty( GlobalIds.LDAP_ADMIN_POOL_PW ) );
- }
- else
- {
- adminPw = LocalConfig.getInstance().getProperty( GlobalIds.LDAP_ADMIN_POOL_PW );
- }
-
- config.setCredentials( adminPw );
- try
- {
- List<String> listExOps = new ArrayList<>();
- listExOps.add( "org.openldap.accelerator.impl.createSession.RbacCreateSessionFactory" );
- listExOps.add( "org.openldap.accelerator.impl.checkAccess.RbacCheckAccessFactory" );
- listExOps.add( "org.openldap.accelerator.impl.addRole.RbacAddRoleFactory" );
- listExOps.add( "org.openldap.accelerator.impl.dropRole.RbacDropRoleFactory" );
- listExOps.add( "org.openldap.accelerator.impl.deleteSession.RbacDeleteSessionFactory" );
- listExOps.add( "org.openldap.accelerator.impl.sessionRoles.RbacSessionRolesFactory" );
- LdapApiService ldapApiService = new StandaloneLdapApiService( new ArrayList<String>(), listExOps );
-
- if ( !LdapApiServiceFactory.isInitialized() )
- {
- LdapApiServiceFactory.initialize( ldapApiService );
- }
- config.setLdapApiService( ldapApiService );
- }
- catch ( Exception ex )
- {
- String error = "Exception caught initializing Admin Pool: " + ex;
- throw new CfgRuntimeException( GlobalErrIds.FT_APACHE_LDAP_POOL_INIT_FAILED, error, ex );
- }
-
- PoolableObjectFactory<LdapConnection> poolFactory = new ValidatingPoolableLdapConnectionFactory( config );
-
- // Create the Admin pool
- adminPool = new LdapConnectionPool( poolFactory );
- adminPool.setTestOnBorrow( true );
- adminPool.setWhenExhaustedAction( GenericObjectPool.WHEN_EXHAUSTED_GROW );
- adminPool.setMaxActive( max );
- adminPool.setMinIdle( min );
- adminPool.setMaxIdle( -1 );
- //adminPool.setMaxWait( 0 );
-
- // Create the User pool
- userPool = new LdapConnectionPool( poolFactory );
- userPool.setTestOnBorrow( true );
- userPool.setWhenExhaustedAction( GenericObjectPool.WHEN_EXHAUSTED_GROW );
- userPool.setMaxActive( max );
- userPool.setMinIdle( min );
- userPool.setMaxIdle( -1 );
-
- // This pool of access log connections is used by {@link org.apache.directory.fortress.AuditMgr}.
- // To enable, set {@code log.admin.user} && {@code log.admin.pw} inside fortress.properties file:
- if ( StringUtils.isNotEmpty( LDAP_LOG_POOL_UID ) && StringUtils.isNotEmpty( LDAP_LOG_POOL_PW ) )
- {
- // Initializing the log pool in static block requires static props set within fortress.properties.
- // To make this dynamic requires moving this code outside of static block AND storing the connection metadata inside fortress config node (in ldap).
- LdapConnectionConfig logConfig = new LdapConnectionConfig();
- logConfig.setLdapHost( host );
- logConfig.setLdapPort( port );
- logConfig.setName( LocalConfig.getInstance().getProperty( GlobalIds.LDAP_ADMIN_POOL_UID, "" ) );
-
- logConfig.setUseSsl( IS_SSL );
-
- if ( IS_SSL && StringUtils.isNotEmpty( LocalConfig.getInstance().getProperty( GlobalIds.TRUST_STORE ) )
- && StringUtils.isNotEmpty( LocalConfig.getInstance().getProperty( GlobalIds.TRUST_STORE_PW ) ) )
- {
- // validate certificates but allow self-signed certs if within this truststore:
- logConfig.setTrustManagers( new LdapClientTrustStoreManager( LocalConfig.getInstance().getProperty( GlobalIds.TRUST_STORE ),
- LocalConfig.getInstance().getProperty( GlobalIds.TRUST_STORE_PW ).toCharArray(),
- null, true ) );
- }
+ public LdapDataProvider(){
- logConfig.setName( LocalConfig.getInstance().getProperty( LDAP_LOG_POOL_UID, "" ) );
- String logPw;
- if ( EncryptUtil.isEnabled() )
- {
- logPw = EncryptUtil.getInstance().decrypt( LocalConfig.getInstance().getProperty( LDAP_LOG_POOL_PW ) );
- }
- else
- {
- logPw = LocalConfig.getInstance().getProperty( LDAP_LOG_POOL_PW );
- }
- logConfig.setCredentials( logPw );
- poolFactory = new ValidatingPoolableLdapConnectionFactory( logConfig );
- logPool = new LdapConnectionPool( poolFactory );
- logPool.setTestOnBorrow( true );
- logPool.setWhenExhaustedAction( GenericObjectPool.WHEN_EXHAUSTED_GROW );
- logPool.setMaxActive( logmax );
- logPool.setMinIdle( logmin );
- }
}
-
/**
* Given a contextId and a fortress param name return the LDAP dn.
*
@@ -327,7 +136,6 @@ public abstract class LdapDataProvider
}
}
-
/**
* Given a contextId return the LDAP dn that includes the suffix.
*
@@ -1398,16 +1206,9 @@ public abstract class LdapDataProvider
*
* @param connection handle to ldap connection object.
*/
- protected void closeAdminConnection( LdapConnection connection )
+ public void closeAdminConnection( LdapConnection connection )
{
- try
- {
- adminPool.releaseConnection( connection );
- }
- catch ( Exception e )
- {
- throw new RuntimeException( e.getMessage(), e );
- }
+ LdapConnectionProvider.getInstance().closeAdminConnection(connection);
}
@@ -1418,14 +1219,7 @@ public abstract class LdapDataProvider
*/
protected void closeLogConnection( LdapConnection connection )
{
- try
- {
- logPool.releaseConnection( connection );
- }
- catch ( Exception e )
- {
- throw new RuntimeException( e.getMessage(), e );
- }
+ LdapConnectionProvider.getInstance().closeLogConnection(connection);
}
@@ -1434,16 +1228,9 @@ public abstract class LdapDataProvider
*
* @param connection handle to ldap connection object.
*/
- protected void closeUserConnection( LdapConnection connection )
+ protected void closeUserConnection( LdapConnection connection )
{
- try
- {
- userPool.releaseConnection( connection );
- }
- catch ( Exception e )
- {
- throw new RuntimeException( e.getMessage(), e );
- }
+ LdapConnectionProvider.getInstance().closeUserConnection(connection);
}
@@ -1453,16 +1240,9 @@ public abstract class LdapDataProvider
* @return ldap connection.
* @throws LdapException If we had an issue getting an LDAP connection
*/
- protected LdapConnection getAdminConnection() throws LdapException
+ public LdapConnection getAdminConnection() throws LdapException
{
- try
- {
- return adminPool.getConnection();
- }
- catch ( Exception e )
- {
- throw new LdapException( e.getMessage(), e );
- }
+ return LdapConnectionProvider.getInstance().getAdminConnection();
}
@@ -1474,14 +1254,7 @@ public abstract class LdapDataProvider
*/
protected LdapConnection getLogConnection() throws LdapException
{
- try
- {
- return logPool.getConnection();
- }
- catch ( Exception e )
- {
- throw new LdapException( e.getMessage(), e );
- }
+ return LdapConnectionProvider.getInstance().getLogConnection();
}
@@ -1493,14 +1266,7 @@ public abstract class LdapDataProvider
*/
protected LdapConnection getUserConnection() throws LdapException
{
- try
- {
- return userPool.getConnection();
- }
- catch ( Exception e )
- {
- throw new LdapException( e.getMessage(), e );
- }
+ return LdapConnectionProvider.getInstance().getUserConnection();
}
@@ -1564,29 +1330,7 @@ public abstract class LdapDataProvider
* Closes all the ldap connection pools.
*/
public static void closeAllConnectionPools(){
- try{
- LOG.info("Closing admin pool");
- adminPool.close();
- }
- catch(Exception e){
- LOG.warn("Error closing admin pool: " + e.getMessage());
- }
-
- try{
- LOG.info("Closing user pool");
- userPool.close();
- }
- catch(Exception e){
- LOG.warn("Error closing user pool: " + e.getMessage());
- }
-
- try{
- LOG.info("Closing log pool");
- logPool.close();
- }
- catch(Exception e){
- LOG.warn("Error closing log pool: " + e.getMessage());
- }
+ LdapConnectionProvider.getInstance().closeAllConnectionPools();
}
}
http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/ae713f3b/src/main/java/org/apache/directory/fortress/core/ldap/LdapUtil.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/core/ldap/LdapUtil.java b/src/main/java/org/apache/directory/fortress/core/ldap/LdapUtil.java
index f0ccf81..7519275 100644
--- a/src/main/java/org/apache/directory/fortress/core/ldap/LdapUtil.java
+++ b/src/main/java/org/apache/directory/fortress/core/ldap/LdapUtil.java
@@ -1,7 +1,5 @@
package org.apache.directory.fortress.core.ldap;
-import org.apache.directory.fortress.core.GlobalIds;
-import org.apache.directory.fortress.core.util.Config;
public class LdapUtil {
@@ -23,64 +21,6 @@ public class LdapUtil {
}
return INSTANCE;
}
-
- /**
- *
- */
- private static char[] loadLdapEscapeChars()
- {
- if ( !LdapUtil.getInstance().isLdapfilterSizeFound() )
- {
- return null;
- }
-
- char[] ldapMetaChars = new char[LdapUtil.getInstance().getLdapFilterSize()];
-
- for ( int i = 1;; i++ )
- {
- String prop = GlobalIds.LDAP_FILTER + i;
- String value = Config.getInstance().getProperty( prop );
-
- if ( value == null )
- {
- break;
- }
-
- ldapMetaChars[i - 1] = value.charAt( 0 );
- }
-
- return ldapMetaChars;
- }
-
-
- /**
- *
- */
- private static String[] loadValidLdapVals()
- {
- if ( !LdapUtil.getInstance().isLdapfilterSizeFound() )
- {
- return null;
- }
-
- String[] ldapReplacements = new String[LdapUtil.getInstance().getLdapFilterSize()];
-
- for ( int i = 1;; i++ )
- {
- String prop = GlobalIds.LDAP_SUB + i;
- String value = Config.getInstance().getProperty( prop );
-
- if ( value == null )
- {
- break;
- }
-
- ldapReplacements[i - 1] = value;
- }
-
- return ldapReplacements;
- }
-
public boolean isLdapfilterSizeFound() {
return ldapfilterSizeFound;
http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/ae713f3b/src/main/java/org/apache/directory/fortress/core/util/Config.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/core/util/Config.java b/src/main/java/org/apache/directory/fortress/core/util/Config.java
index 4efc574..0a4cdfd 100755
--- a/src/main/java/org/apache/directory/fortress/core/util/Config.java
+++ b/src/main/java/org/apache/directory/fortress/core/util/Config.java
@@ -89,9 +89,11 @@ public final class Config
}
}
- //init ldap util vals since config is stored ons erver
+ //init ldap util vals since config is stored on server
boolean ldapfilterSizeFound = ( getProperty( GlobalIds.LDAP_FILTER_SIZE_PROP ) != null );
LdapUtil.getInstance().setLdapfilterSizeFound(ldapfilterSizeFound);
+ LdapUtil.getInstance().setLdapMetaChars( loadLdapEscapeChars() );
+ LdapUtil.getInstance().setLdapReplVals( loadValidLdapVals() );
try
{
@@ -130,6 +132,46 @@ public final class Config
init();
}
+ private char[] loadLdapEscapeChars()
+ {
+ char[] ldapMetaChars = new char[LdapUtil.getInstance().getLdapFilterSize()];
+
+ for ( int i = 1;; i++ )
+ {
+ String prop = GlobalIds.LDAP_FILTER + i;
+ String value = getProperty( prop );
+
+ if ( value == null )
+ {
+ break;
+ }
+
+ ldapMetaChars[i - 1] = value.charAt( 0 );
+ }
+
+ return ldapMetaChars;
+ }
+
+ private String[] loadValidLdapVals()
+ {
+ String[] ldapReplacements = new String[LdapUtil.getInstance().getLdapFilterSize()];
+
+ for ( int i = 1;; i++ )
+ {
+ String prop = GlobalIds.LDAP_SUB + i;
+ String value = getProperty( prop );
+
+ if ( value == null )
+ {
+ break;
+ }
+
+ ldapReplacements[i - 1] = value;
+ }
+
+ return ldapReplacements;
+ }
+
/**
* Gets the prop attribute as String value from the apache commons cfg component.
*
http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/ae713f3b/src/main/java/org/apache/directory/fortress/core/util/cache/CacheMgr.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/core/util/cache/CacheMgr.java b/src/main/java/org/apache/directory/fortress/core/util/cache/CacheMgr.java
index 843cf35..32bfd2e 100644
--- a/src/main/java/org/apache/directory/fortress/core/util/cache/CacheMgr.java
+++ b/src/main/java/org/apache/directory/fortress/core/util/cache/CacheMgr.java
@@ -20,6 +20,8 @@
package org.apache.directory.fortress.core.util.cache;
import net.sf.ehcache.CacheManager;
+import net.sf.ehcache.Ehcache;
+import net.sf.ehcache.constructs.blocking.BlockingCache;
import org.apache.directory.fortress.core.CfgException;
import org.apache.directory.fortress.core.CfgRuntimeException;
@@ -98,7 +100,13 @@ public final class CacheMgr
*/
public Cache getCache( String cacheName )
{
- return CacheFactory.createInstance( cacheName, mEhCacheImpl );
+ Ehcache cache = mEhCacheImpl.getEhcache( cacheName );
+ if(cache != null){
+ return new EhCacheImpl( cacheName, new BlockingCache(cache) );
+ }
+ else{
+ return CacheFactory.createInstance( cacheName, mEhCacheImpl );
+ }
}
/**