Skip to content
Permalink
Browse files
FC-290 - Pool connection validation switch
  • Loading branch information
shawnmckinney committed Mar 21, 2021
1 parent 5afc21f commit 88d965c970e385c44bb4ef7a5fcd27dd2b3245c5
Show file tree
Hide file tree
Showing 7 changed files with 24 additions and 8 deletions.
@@ -309,6 +309,7 @@
<replace file="${dst.bootstrap.conf}" token="@LOG_MAX_CONN@" value="${log.max.conn}"/>
<replace file="${dst.bootstrap.conf}" token="@USR_MIN_CONN@" value="${user.min.conn}"/>
<replace file="${dst.bootstrap.conf}" token="@USR_MAX_CONN@" value="${user.max.conn}"/>
<replace file="${dst.bootstrap.conf}" token="@VALIDATE_CONN@" value="${validate.conn}"/>
<replace file="${dst.bootstrap.conf}" token="@CFG_CRYPTO_PROP@" value="${crypto.prop}"/>
<replace file="${dst.bootstrap.conf}" token="@SERVER_TYPE@" value="${ldap.server.type}"/>
<replace file="${dst.bootstrap.conf}" token="@ROLE_OCCUPANTS@" value="${role.occupants}"/>
@@ -346,6 +347,7 @@
<replace file="${dst.remote.conf}" token="@LOG_MIN_CONN@" value="${log.min.conn}"/>
<replace file="${dst.remote.conf}" token="@LOG_MAX_CONN@" value="${log.max.conn}"/>
<replace file="${dst.remote.conf}" token="@USR_MIN_CONN@" value="${user.min.conn}"/>
<replace file="${dst.remote.conf}" token="@VALIDATE_CONN@" value="${validate.conn}"/>
<replace file="${dst.remote.conf}" token="@USR_MAX_CONN@" value="${user.max.conn}"/>
<replace file="${dst.remote.conf}" token="@CFG_CRYPTO_PROP@" value="${crypto.prop}"/>
<replace file="${dst.remote.conf}" token="@ENABLE_REST@" value="${enable.mgr.impl.rest}"/>
@@ -119,6 +119,9 @@ user.max.conn=10
min.log.conn=1
max.log.conn=3

# Applies to all pools, connection validated on retrieval with dummy ldapsearch. (default is true)
validate.conn=true

########################################################################
# 3. GROUP OBJECT CLASS DEFINITIONS
########################################################################
@@ -158,4 +161,4 @@ group.properties=configParameter
# 5. RFC2307 OBJECT CLASS DEFINITIONS
########################################################################
# Boolean value. If true, requires rfc2307bis schema because posixUser and posixGroup must be auxiliary object classes to work with ftRls which is structural..
rfc2307=false
rfc2307=false
@@ -52,6 +52,8 @@ log.admin.pw=@CFG_LOG_ROOT_PW@
min.log.conn=@LOG_MIN_CONN@
max.log.conn=@LOG_MAX_CONN@

validate.conn=@VALIDATE_CONN@

# Disable storing user membership on role object, default is true:
role.occupants=@ROLE_OCCUPANTS@

@@ -170,4 +172,4 @@ clientside.sorting=true
attr.delimiter=$

# These are used to enable RFC2307bis support on User and Role entities:
rfc2307=@IS_RFC2307@
rfc2307=@IS_RFC2307@
@@ -58,6 +58,8 @@ max.admin.conn=@ADM_MAX_CONN@
min.user.conn=@USR_MIN_CONN@
max.user.conn=@USR_MAX_CONN@

validate.conn=@VALIDATE_CONN@

# These credentials are used for read/write access to all nodes under slapd access log suffix:
log.admin.user=@LOG_ROOT_DN@
# For corresponding log user:
@@ -72,6 +72,9 @@ user.max.conn=10
log.min.conn=1
log.max.conn=3

# Applies to all pools, connection validated on retrieval with dummy ldapsearch. (default is true)
validate.conn=true

#These are passwords used for LDAP audit log service accounts:
# Audit Pool:
log.admin.user=cn=manager,${log.suffix}
@@ -214,4 +217,4 @@ db.sess.dir=${db.root}/rbacsess
db.audit.dir=${db.root}/rbacaudit
db.rbac.dir=${db.root}/rbacoverlay
db.bak.audit.dir=${db.root}/backup/rbacaudit
db.bak.sess.dir=${db.root}/backup/rbacsess
db.bak.sess.dir=${db.root}/backup/rbacsess
@@ -455,6 +455,10 @@
public static final String LDAP_LOG_POOL_TEST_IDLE = "log.conn.test.idle";
public static final String LDAP_LOG_POOL_EVICT_RUN_MILLIS = "log.conn.evict.run.millis";

/**
* Applies to all pools, connection validated on retrieval with dummy ldapsearch.
*/
public static final String LDAP_VALIDATE_CONN = "validate.conn";

// Used for TLS/SSL client-side configs:
public static final String ENABLE_LDAP_SSL = "enable.ldap.ssl";
@@ -591,4 +595,4 @@
* Attribute name for property ARBAC02 enforcement boolean.
*/
public static final String IS_ARBAC02 = "is.arbac02";
}
}
@@ -125,7 +125,7 @@ private void init()
int max = Config.getInstance().getInt( GlobalIds.LDAP_ADMIN_POOL_MAX, 10 );
int logmin = Config.getInstance().getInt( GlobalIds.LDAP_LOG_POOL_MIN, 1 );
int logmax = Config.getInstance().getInt( GlobalIds.LDAP_LOG_POOL_MAX, 10 );

boolean validate = Config.getInstance().getBoolean( GlobalIds.LDAP_VALIDATE_CONN, true );
boolean testWhileIdle = Config.getInstance().getBoolean( GlobalIds.LDAP_ADMIN_POOL_TEST_IDLE, true );
boolean logTestWhileIdle = Config.getInstance().getBoolean( GlobalIds.LDAP_LOG_POOL_TEST_IDLE, true );

@@ -195,7 +195,7 @@ private void init()

// Create the Admin pool
adminPool = new LdapConnectionPool( poolFactory );
adminPool.setTestOnBorrow( true );
adminPool.setTestOnBorrow( validate );
adminPool.setWhenExhaustedAction( GenericObjectPool.WHEN_EXHAUSTED_GROW );
adminPool.setMaxActive( max );
adminPool.setMinIdle( min );
@@ -206,7 +206,7 @@ private void init()

// Create the User pool
userPool = new LdapConnectionPool( poolFactory );
userPool.setTestOnBorrow( true );
userPool.setTestOnBorrow( validate );
userPool.setWhenExhaustedAction( GenericObjectPool.WHEN_EXHAUSTED_GROW );
userPool.setMaxActive( max );
userPool.setMinIdle( min );
@@ -250,7 +250,7 @@ private void init()
logConfig.setCredentials( logPw );
poolFactory = new ValidatingPoolableLdapConnectionFactory( logConfig );
logPool = new LdapConnectionPool( poolFactory );
logPool.setTestOnBorrow( true );
logPool.setTestOnBorrow( validate );
logPool.setWhenExhaustedAction( GenericObjectPool.WHEN_EXHAUSTED_GROW );
logPool.setMaxActive( logmax );
logPool.setMinIdle( logmin );

0 comments on commit 88d965c

Please sign in to comment.