Skip to content
Permalink
Browse files
Got the RelaxControl working again. Also parameterized the max and bl…
…ock connection pool settings in properties
  • Loading branch information
shawnmckinney committed Jun 24, 2021
1 parent faf737e commit 32d7dc13f840408d1381d41267f9fa3acd84a041
Show file tree
Hide file tree
Showing 10 changed files with 89 additions and 99 deletions.
@@ -311,6 +311,9 @@
<replace file="${dst.bootstrap.conf}" token="@USR_MAX_CONN@" value="${user.max.conn}"/>
<replace file="${dst.bootstrap.conf}" token="@VALIDATE_CONN_IDLE@" value="${all.validate.conn.idle}"/>
<replace file="${dst.bootstrap.conf}" token="@VALIDATE_CONN_BORROW@" value="${all.validate.conn.borrow}"/>
<replace file="${dst.bootstrap.conf}" token="@MAX_CONN_BLOCK@" value="${all.max.conn.block}"/>
<replace file="${dst.bootstrap.conf}" token="@MAX_CONN_BLOCK_TIME@" value="${all.max.conn.block.time}"/>
<replace file="${dst.bootstrap.conf}" token="@REGISTER_RELAX_CONTROL@" value="${temp.enable.relax.control}"/>
<replace file="${dst.bootstrap.conf}" token="@CFG_CRYPTO_PROP@" value="${crypto.prop}"/>
<replace file="${dst.bootstrap.conf}" token="@SERVER_TYPE@" value="${ldap.server.type}"/>
<replace file="${dst.bootstrap.conf}" token="@ROLE_OCCUPANTS@" value="${role.occupants}"/>
@@ -350,6 +353,9 @@
<replace file="${dst.remote.conf}" token="@USR_MIN_CONN@" value="${user.min.conn}"/>
<replace file="${dst.remote.conf}" token="@VALIDATE_CONN_IDLE@" value="${all.validate.conn.idle}"/>
<replace file="${dst.remote.conf}" token="@VALIDATE_CONN_BORROW@" value="${all.validate.conn.borrow}"/>
<replace file="${dst.remote.conf}" token="@MAX_CONN_BLOCK@" value="${all.max.conn.block}"/>
<replace file="${dst.remote.conf}" token="@MAX_CONN_BLOCK_TIME@" value="${all.max.conn.block.time}"/>
<replace file="${dst.remote.conf}" token="@REGISTER_RELAX_CONTROL@" value="${temp.enable.relax.control}"/>
<replace file="${dst.remote.conf}" token="@USR_MAX_CONN@" value="${user.max.conn}"/>
<replace file="${dst.remote.conf}" token="@CFG_CRYPTO_PROP@" value="${crypto.prop}"/>
<replace file="${dst.remote.conf}" token="@ENABLE_REST@" value="${enable.mgr.impl.rest}"/>
@@ -118,6 +118,12 @@ user.max.conn=10
all.validate.conn.borrow=false
# Applies to all pools, connection validated when idle with dummy ldapsearch. (default is false)
all.validate.conn.idle=false
# Applies to all pools, when all connections are exhausted will block. (default is true)
all.max.conn.block=true
# Applies to all pools, when all connections are exhausted will block for this many milliseconds. (default is 5000)
all.max.conn.block.time=5000
# Set to true if using API 2.0.2 and need relax control (default is false):
temp.enable.relax.control=false

########################################################################
# 3. GROUP OBJECT CLASS DEFINITIONS
@@ -52,6 +52,17 @@ log.admin.pw=@CFG_LOG_ROOT_PW@
min.log.conn=@LOG_MIN_CONN@
max.log.conn=@LOG_MAX_CONN@

# Applies to all pools, connection validated on retrieval with dummy ldapsearch. (default is false)
validate.conn.borrow=@VALIDATE_CONN_BORROW@
# Applies to all pools, connection validated when idle with dummy ldapsearch. (default is false)
validate.conn.idle=@VALIDATE_CONN_IDLE@
# Applies to all pools, when all connections are exhausted will block. (default is true)
max.conn.block=@MAX_CONN_BLOCK@
# Applies to all pools, when all connections are exhausted will block for this many milliseconds. (default is 5000)
max.conn.block.time=@MAX_CONN_BLOCK_TIME@
# Set to true if using API 2.0.2 and need relax control (default is false):
enable.relax.control.registration=@REGISTER_RELAX_CONTROL@

validate.conn.borrow=@VALIDATE_CONN_BORROW@
validate.conn.idle=@VALIDATE_CONN_IDLE@

@@ -62,6 +62,12 @@ max.user.conn=@USR_MAX_CONN@
validate.conn.borrow=@VALIDATE_CONN_BORROW@
# Applies to all pools, connection validated when idle with dummy ldapsearch. (default is false)
validate.conn.idle=@VALIDATE_CONN_IDLE@
# Applies to all pools, when all connections are exhausted will block. (default is true)
max.conn.block=@MAX_CONN_BLOCK@
# Applies to all pools, when all connections are exhausted will block for this many milliseconds. (default is 5000)
max.conn.block.time=@MAX_CONN_BLOCK_TIME@
# Set to true if using API 2.0.2 and need relax control (default is false):
enable.relax.control.registration=@REGISTER_RELAX_CONTROL@

# These credentials are used for read/write access to all nodes under slapd access log suffix:
log.admin.user=@LOG_ROOT_DN@
@@ -76,6 +76,12 @@ log.max.conn=3
all.validate.conn.borrow=false
# Applies to all pools, connection validated when idle with dummy ldapsearch. (default is false)
all.validate.conn.idle=false
# Applies to all pools, when all connections are exhausted will block. (default is true)
all.max.conn.block=true
# Applies to all pools, when all connections are exhausted will block for this many milliseconds. (default is 5000)
all.max.conn.block.time=5000
# Set to true if using API 2.0.2 and need relax control (default is false):
temp.enable.relax.control=false

#These are passwords used for LDAP audit log service accounts:
# Audit Pool:
@@ -463,7 +463,14 @@
* Applies to all pools, connection validated when idle with dummy ldapsearch.
*/
public static final String TEST_ON_IDLE = "validate.conn.idle";

/**
* Applies to all pools, when all connections are exhausted will block. (default is true)
*/
public static final String IS_MAX_CONN_BLOCK = "max.conn.block";
/**
* Applies to all pools, when all connections are exhausted will block for this many milliseconds. (default is 5000)
*/
public static final String MAX_CONN_BLOCK_TIME = "max.conn.block.time";
// Used for TLS/SSL client-side configs:
public static final String ENABLE_LDAP_SSL = "enable.ldap.ssl";
public static final String ENABLE_LDAP_STARTTLS = "enable.ldap.starttls";
@@ -23,22 +23,19 @@
import java.util.List;

import org.apache.commons.lang.StringUtils;
import org.apache.commons.pool.PoolableObjectFactory;
import org.apache.commons.pool.impl.GenericObjectPool;
import org.apache.commons.pool2.PooledObjectFactory;
import org.apache.directory.api.ldap.codec.api.ControlFactory;
import org.apache.directory.api.ldap.codec.api.LdapApiService;
import org.apache.directory.api.ldap.codec.api.LdapApiServiceFactory;
import org.apache.directory.api.ldap.codec.osgi.DefaultLdapCodecService;
import org.apache.directory.api.ldap.codec.standalone.StandaloneLdapApiService;
import org.apache.directory.api.ldap.model.exception.LdapException;
import org.apache.directory.fortress.core.CfgRuntimeException;
import org.apache.directory.fortress.core.GlobalErrIds;
import org.apache.directory.fortress.core.GlobalIds;
import org.apache.directory.fortress.core.util.Config;
import org.apache.directory.fortress.core.util.EncryptUtil;
import org.apache.directory.ldap.client.api.LdapConnection;
import org.apache.directory.ldap.client.api.LdapConnectionConfig;
import org.apache.directory.ldap.client.api.LdapConnectionPool;
import org.apache.directory.ldap.client.api.ValidatingPoolableLdapConnectionFactory;
import org.apache.directory.ldap.client.api.*;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@@ -128,6 +125,8 @@ private void init()
int logmax = Config.getInstance().getInt( GlobalIds.LDAP_LOG_POOL_MAX, 10 );
boolean testOnBorrow = Config.getInstance().getBoolean( GlobalIds.TEST_ON_BORROW, false );
boolean testWhileIdle = Config.getInstance().getBoolean( GlobalIds.TEST_ON_IDLE, false );
boolean isBlockOnMaxConnection = Config.getInstance().getBoolean( GlobalIds.IS_MAX_CONN_BLOCK, true );
int maxConnBlockTime = Config.getInstance().getInt( GlobalIds.MAX_CONN_BLOCK_TIME, 5000 );
int timeBetweenEvictionRunMillis = Config.getInstance().getInt( GlobalIds.LDAP_ADMIN_POOL_EVICT_RUN_MILLIS, 1000 * 60 * 30 );
int logTimeBetweenEvictionRunMillis = Config.getInstance().getInt( GlobalIds.LDAP_LOG_POOL_EVICT_RUN_MILLIS, 1000 * 60 * 30 );

@@ -165,8 +164,16 @@ private void init()
{
adminPw = Config.getInstance().getProperty( GlobalIds.LDAP_ADMIN_POOL_PW, true );
}

config.setCredentials( adminPw );

// Register Relax Control:
if ( Config.getInstance().getBoolean( "enable.relax.control.registration", false ) )
{
ControlFactory<RelaxControl> relaxControlFactory = new RelaxControlFactory( new DefaultLdapCodecService() );
(new LdapNetworkConnection()).getCodecService().registerRequestControl(relaxControlFactory);
LOG.info( "Register RelaxControl" );
}

// TODO: FIXME #4
/*
try
@@ -199,8 +206,8 @@ private void init()
adminPool = new LdapConnectionPool( poolFactory );
adminPool.setTestOnBorrow( testOnBorrow );
adminPool.setMaxTotal( max );
adminPool.setBlockWhenExhausted( true );
adminPool.setMaxWaitMillis( 5000 );
adminPool.setBlockWhenExhausted( isBlockOnMaxConnection );
adminPool.setMaxWaitMillis( maxConnBlockTime );
adminPool.setMinIdle( min );
adminPool.setMaxIdle( -1 );
adminPool.setTestWhileIdle( testWhileIdle );
@@ -210,8 +217,8 @@ private void init()
userPool = new LdapConnectionPool( poolFactory );
userPool.setTestOnBorrow( testOnBorrow );
userPool.setMaxTotal( max );
userPool.setBlockWhenExhausted( true );
userPool.setMaxWaitMillis( 5000 );
userPool.setBlockWhenExhausted( isBlockOnMaxConnection );
userPool.setMaxWaitMillis( maxConnBlockTime );
userPool.setMinIdle( min );
userPool.setMaxIdle( -1 );
userPool.setTestWhileIdle( testWhileIdle );
@@ -254,9 +261,9 @@ private void init()
poolFactory = new ValidatingPoolableLdapConnectionFactory( logConfig );
logPool = new LdapConnectionPool( poolFactory );
logPool.setTestOnBorrow( testOnBorrow );
logPool.setMaxTotal( max );
logPool.setBlockWhenExhausted( true );
logPool.setMaxWaitMillis( 5000 );
logPool.setMaxTotal( logmax );
logPool.setBlockWhenExhausted( isBlockOnMaxConnection );
logPool.setMaxWaitMillis( maxConnBlockTime );
logPool.setMinIdle( logmin );
logPool.setTestWhileIdle( testWhileIdle );
logPool.setTimeBetweenEvictionRunsMillis( logTimeBetweenEvictionRunMillis );
@@ -272,7 +272,6 @@ protected void add( LdapConnection connection, Entry entry, FortEntity entity, b
}
AddRequest addRequest = new AddRequestImpl();
addRequest.setEntry( entry );
// TODO: FIXME #2
if ( setRelaxControl )
{
addRequest.addControl( new RelaxControlImpl() );
@@ -350,7 +349,6 @@ protected void modify( LdapConnection connection, String dn, List<Modification>
{
modRequest.addModification( mod );
}
// TODO: FIXME #2
if ( setRelaxControl )
{
modRequest.addControl( new RelaxControlImpl() );

This file was deleted.

@@ -1,70 +1,47 @@
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* https://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*
*/
package org.apache.directory.fortress.core.ldap;


import org.apache.directory.api.asn1.DecoderException;
import org.apache.directory.api.asn1.util.Asn1Buffer;
import org.apache.directory.api.ldap.codec.api.CodecControl;
import org.apache.directory.api.ldap.codec.api.ControlContainer;
import org.apache.directory.api.ldap.codec.api.ControlFactory;
import org.apache.directory.api.ldap.codec.api.AbstractControlFactory;
import org.apache.directory.api.ldap.codec.api.LdapApiService;
import org.apache.directory.api.ldap.model.message.Control;


/**
* A codec {@link ControlFactory} implementation for {@link RelaxControl} controls.
*
* @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
*/
public class RelaxControlFactory implements ControlFactory<RelaxControl>
public class RelaxControlFactory extends AbstractControlFactory<RelaxControl>
{
/** The LDAP codec responsible for encoding and decoding Cascade Controls */
private LdapApiService codec;


/**
* Creates a new instance of TransactionSpecificationFactory.
* Creates a new instance of ManageDsaITFactory.
*
* @param codec The LDAP codec
*/
public RelaxControlFactory( LdapApiService codec )
{
this.codec = codec;
super( codec, RelaxControl.OID );
}


/**
* {@inheritDoc}
*/
@Override
public String getOid()
public RelaxControl newControl()
{
return RelaxControl.OID;
return new RelaxControlImpl();
}


/**
* {@inheritDoc}
*/
@Override
public CodecControl<RelaxControl> newControl()
{
return new RelaxControlDecorator( codec, new RelaxControlImpl() );
}


public void encodeValue(Asn1Buffer var1, Control var2)
{

}

public void decodeValue(ControlContainer var1, Control var2, byte[] var3) throws DecoderException
{

}

public void decodeValue(Control var1, byte[] var2) throws DecoderException
{

}

}

0 comments on commit 32d7dc1

Please sign in to comment.