You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@mina.apache.org by "Emmanuel Lecharny (JIRA)" <ji...@apache.org> on 2010/11/13 12:12:15 UTC

[jira] Commented: (FTPSERVER-391) LDAP support

    [ https://issues.apache.org/jira/browse/FTPSERVER-391?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12931654#action_12931654 ] 

Emmanuel Lecharny commented on FTPSERVER-391:
---------------------------------------------

Good job !!!

Some few notes :
- when doing an authenticate(), no need to get the user first to check if it exists before doing the bind. Do the bind directly, you'll avoid one round trip with the LDAP server (if teh user does not exist anyway, the bindLdap will fail). Also if the password is encrypted, you won't be able to compare what you got from LDAP with the real password.
- When using Enumeration, dont forget to *close* them. If you don't, you'll get some leaking resources at some point (for instance, if you are usig a pool of LDAP connections, at some point, you will have delays as the connection attribution system will have to wait for a enumeration to be closed to release a connection or for a connection timeout to occur).
- Also consider returning an Entry instead of a NamingEnumeration. Returning such a data structure requires the user to close it, something nobody is likely to know...

JNDI is really FUBR wrt connection and enumeration handling, requiring that you close both of them manually. And don't expect a NamingEnumeration to be closed when you close the connection it is originated from : this won't happen. Thanks the JNDI designer for such a lame behaviour...
- The cache can be implemented using the commons.collection LRUMap. You'll spare tens of line of codes, and a lot of debugging. Note that LRUMap is *not* synchronized, so you'll have to use a synchronized version of this data Structure : Collections.synchronizedMap(Map)

http://commons.apache.org/collections/apidocs/org/apache/commons/collections/map/LRUMap.html
- There are some missing Javadoc on public methods.

Nothing seriously broken, otherwise, AFAICT. Again, good job !

> LDAP support
> ------------
>
>                 Key: FTPSERVER-391
>                 URL: https://issues.apache.org/jira/browse/FTPSERVER-391
>             Project: FtpServer
>          Issue Type: New Feature
>          Components: Core
>            Reporter: Andrey Domas
>             Fix For: 1.1.0
>
>         Attachments: mina-1.1.0-ldap.patch
>
>
> Patch with cached LDAP support.
> Features:
>  *  Authorization from LDAP(JNDI client implementation).
>  * Cache for the search results in a directory for authentication (password is cached in the successful bindu).
>     Cache options:
>       - ttl - time to live of the object in the cache (seconds)
>       - size - max. cache size(number of the objects)
>       - check-interval - interval of the periodic cleaning job(search and remove expired objects, seconds)
>  * User preferences received from LDAP attributes:
>       username
>       home directory
>       enabled - if present then the user has the login permission)
>       write permission - if present then the user has the write permission under home directory

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.