Skip to content
Permalink
Browse files
FC-290 - Pool connection validation switch, testOnIdle also to false …
…by default
  • Loading branch information
shawnmckinney committed Mar 23, 2021
1 parent b4fe6de commit b56a5ff5d57307c714f0e11e23c133b8e8163f0e
Show file tree
Hide file tree
Showing 8 changed files with 31 additions and 17 deletions.
@@ -95,7 +95,10 @@ This section describes the properties needed to control fortress core.
max.log.conn=3
# Applies to all pools, connection validated on retrieval with dummy ldapsearch. (default is false)
all.validate.conn=false
all.validate.conn.borrow=false
# Applies to all pools, connection validated when idle with dummy ldapsearch. (default is false)
all.validate.conn.idle=false
```

5. Give coordinates to the Config node that contains all of the other Fortress properties. This will match your LDAP's server's config node per Fortress Core setup.
@@ -309,7 +309,8 @@
<replace file="${dst.bootstrap.conf}" token="@LOG_MAX_CONN@" value="${log.max.conn}"/>
<replace file="${dst.bootstrap.conf}" token="@USR_MIN_CONN@" value="${user.min.conn}"/>
<replace file="${dst.bootstrap.conf}" token="@USR_MAX_CONN@" value="${user.max.conn}"/>
<replace file="${dst.bootstrap.conf}" token="@VALIDATE_CONN@" value="${all.validate.conn}"/>
<replace file="${dst.bootstrap.conf}" token="@VALIDATE_CONN_IDLE@" value="${all.validate.conn.idle}"/>
<replace file="${dst.bootstrap.conf}" token="@VALIDATE_CONN_BORROW@" value="${all.validate.conn.borrow}"/>
<replace file="${dst.bootstrap.conf}" token="@CFG_CRYPTO_PROP@" value="${crypto.prop}"/>
<replace file="${dst.bootstrap.conf}" token="@SERVER_TYPE@" value="${ldap.server.type}"/>
<replace file="${dst.bootstrap.conf}" token="@ROLE_OCCUPANTS@" value="${role.occupants}"/>
@@ -347,7 +348,8 @@
<replace file="${dst.remote.conf}" token="@LOG_MIN_CONN@" value="${log.min.conn}"/>
<replace file="${dst.remote.conf}" token="@LOG_MAX_CONN@" value="${log.max.conn}"/>
<replace file="${dst.remote.conf}" token="@USR_MIN_CONN@" value="${user.min.conn}"/>
<replace file="${dst.remote.conf}" token="@VALIDATE_CONN@" value="${all.validate.conn}"/>
<replace file="${dst.remote.conf}" token="@VALIDATE_CONN_IDLE@" value="${all.validate.conn.idle}"/>
<replace file="${dst.remote.conf}" token="@VALIDATE_CONN_BORROW@" value="${all.validate.conn.borrow}"/>
<replace file="${dst.remote.conf}" token="@USR_MAX_CONN@" value="${user.max.conn}"/>
<replace file="${dst.remote.conf}" token="@CFG_CRYPTO_PROP@" value="${crypto.prop}"/>
<replace file="${dst.remote.conf}" token="@ENABLE_REST@" value="${enable.mgr.impl.rest}"/>
@@ -73,7 +73,6 @@ ldap.max.batch.size=1000
#trust.store.onclasspath=false
#trust.store=/fully/qualified/path/to/mytruststore


# These are the connection parameters used for LDAP service account:
root.dn=uid=admin,ou=system
# This admin pass is bound for fortress.properties used by 'admin' pooled connections:
@@ -116,7 +115,9 @@ user.min.conn=1
user.max.conn=10

# Applies to all pools, connection validated on retrieval with dummy ldapsearch. (default is false)
all.validate.conn=false
all.validate.conn.borrow=false
# Applies to all pools, connection validated when idle with dummy ldapsearch. (default is false)
all.validate.conn.idle=false

########################################################################
# 3. GROUP OBJECT CLASS DEFINITIONS
@@ -52,7 +52,8 @@ log.admin.pw=@CFG_LOG_ROOT_PW@
min.log.conn=@LOG_MIN_CONN@
max.log.conn=@LOG_MAX_CONN@

validate.conn=@VALIDATE_CONN@
validate.conn.borrow=@VALIDATE_CONN_BORROW@
validate.conn.idle=@VALIDATE_CONN_IDLE@

# Disable storing user membership on role object, default is true:
role.occupants=@ROLE_OCCUPANTS@
@@ -58,7 +58,10 @@ max.admin.conn=@ADM_MAX_CONN@
min.user.conn=@USR_MIN_CONN@
max.user.conn=@USR_MAX_CONN@

validate.conn=@VALIDATE_CONN@
# Applies to all pools, connection validated on retrieval with dummy ldapsearch. (default is false)
validate.conn.borrow=@VALIDATE_CONN_BORROW@
# Applies to all pools, connection validated when idle with dummy ldapsearch. (default is false)
validate.conn.idle=@VALIDATE_CONN_IDLE@

# These credentials are used for read/write access to all nodes under slapd access log suffix:
log.admin.user=@LOG_ROOT_DN@
@@ -73,7 +73,9 @@ log.min.conn=1
log.max.conn=3

# Applies to all pools, connection validated on retrieval with dummy ldapsearch. (default is false)
all.validate.conn=false
all.validate.conn.borrow=false
# Applies to all pools, connection validated when idle with dummy ldapsearch. (default is false)
all.validate.conn.idle=false

#These are passwords used for LDAP audit log service accounts:
# Audit Pool:
@@ -458,7 +458,11 @@
/**
* Applies to all pools, connection validated on retrieval with dummy ldapsearch.
*/
public static final String LDAP_VALIDATE_CONN = "validate.conn";
public static final String TEST_ON_BORROW = "validate.conn.borrow";
/**
* Applies to all pools, connection validated when idle with dummy ldapsearch.
*/
public static final String TEST_ON_IDLE = "validate.conn.idle";

// Used for TLS/SSL client-side configs:
public static final String ENABLE_LDAP_SSL = "enable.ldap.ssl";
@@ -125,10 +125,8 @@ private void init()
int max = Config.getInstance().getInt( GlobalIds.LDAP_ADMIN_POOL_MAX, 10 );
int logmin = Config.getInstance().getInt( GlobalIds.LDAP_LOG_POOL_MIN, 1 );
int logmax = Config.getInstance().getInt( GlobalIds.LDAP_LOG_POOL_MAX, 10 );
boolean validate = Config.getInstance().getBoolean( GlobalIds.LDAP_VALIDATE_CONN, false );
boolean testWhileIdle = Config.getInstance().getBoolean( GlobalIds.LDAP_ADMIN_POOL_TEST_IDLE, true );
boolean logTestWhileIdle = Config.getInstance().getBoolean( GlobalIds.LDAP_LOG_POOL_TEST_IDLE, true );

boolean testOnBorrow = Config.getInstance().getBoolean( GlobalIds.TEST_ON_BORROW, false );
boolean testWhileIdle = Config.getInstance().getBoolean( GlobalIds.TEST_ON_IDLE, false );
int timeBetweenEvictionRunMillis = Config.getInstance().getInt( GlobalIds.LDAP_ADMIN_POOL_EVICT_RUN_MILLIS, 1000 * 60 * 30 );
int logTimeBetweenEvictionRunMillis = Config.getInstance().getInt( GlobalIds.LDAP_LOG_POOL_EVICT_RUN_MILLIS, 1000 * 60 * 30 );

@@ -195,7 +193,7 @@ private void init()

// Create the Admin pool
adminPool = new LdapConnectionPool( poolFactory );
adminPool.setTestOnBorrow( validate );
adminPool.setTestOnBorrow( testOnBorrow );
adminPool.setWhenExhaustedAction( GenericObjectPool.WHEN_EXHAUSTED_GROW );
adminPool.setMaxActive( max );
adminPool.setMinIdle( min );
@@ -206,7 +204,7 @@ private void init()

// Create the User pool
userPool = new LdapConnectionPool( poolFactory );
userPool.setTestOnBorrow( validate );
userPool.setTestOnBorrow( testOnBorrow );
userPool.setWhenExhaustedAction( GenericObjectPool.WHEN_EXHAUSTED_GROW );
userPool.setMaxActive( max );
userPool.setMinIdle( min );
@@ -250,11 +248,11 @@ private void init()
logConfig.setCredentials( logPw );
poolFactory = new ValidatingPoolableLdapConnectionFactory( logConfig );
logPool = new LdapConnectionPool( poolFactory );
logPool.setTestOnBorrow( validate );
logPool.setTestOnBorrow( testOnBorrow );
logPool.setWhenExhaustedAction( GenericObjectPool.WHEN_EXHAUSTED_GROW );
logPool.setMaxActive( logmax );
logPool.setMinIdle( logmin );
logPool.setTestWhileIdle( logTestWhileIdle );
logPool.setTestWhileIdle( testWhileIdle );
logPool.setTimeBetweenEvictionRunsMillis( logTimeBetweenEvictionRunMillis );
}
}

0 comments on commit b56a5ff

Please sign in to comment.