portals-jetspeed-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From a..@apache.org
Subject svn commit: r504946 - in /portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap: AbstractLdapDao.java LdapBindingConfig.java LdapContextProxy.java
Date Thu, 08 Feb 2007 16:36:52 GMT
Author: ate
Date: Thu Feb  8 08:36:52 2007
New Revision: 504946

URL: http://svn.apache.org/viewvc?view=rev&rev=504946
Log:
JS2-575: A proxy based solution for lost ldap connections.
The LdapContextProxy will automatically try to reconnect and retry a failed operation when
the connection was broken.
Note: this is a different solution as proposed by Eivinn Hustveit (see JS2-575), but much
less intrusive.

Added:
    portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/LdapContextProxy.java
  (with props)
Modified:
    portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/AbstractLdapDao.java
    portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/LdapBindingConfig.java

Modified: portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/AbstractLdapDao.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/AbstractLdapDao.java?view=diff&rev=504946&r1=504945&r2=504946
==============================================================================
--- portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/AbstractLdapDao.java
(original)
+++ portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/AbstractLdapDao.java
Thu Feb  8 08:36:52 2007
@@ -14,9 +14,6 @@
  */
 package org.apache.jetspeed.security.spi.impl.ldap;
 
-import java.util.Properties;
-
-import javax.naming.Context;
 import javax.naming.Name;
 import javax.naming.NameParser;
 import javax.naming.NamingEnumeration;
@@ -24,7 +21,6 @@
 import javax.naming.directory.DirContext;
 import javax.naming.directory.SearchControls;
 import javax.naming.directory.SearchResult;
-import javax.naming.ldap.InitialLdapContext;
 import javax.naming.ldap.LdapContext;
 
 import org.apache.commons.lang.StringUtils;
@@ -89,31 +85,12 @@
      */
     protected void bindToServer(String rootDn, String rootPassword) throws SecurityException
     {
-        validateDn(rootDn);
-        validatePassword(rootPassword);
-
-        try
+        if ( ctx == null )
         {
-            Properties env = new Properties();
-            env.put(Context.INITIAL_CONTEXT_FACTORY, this.ldapBindingConfig.getInitialContextFactory());
-            env.put(Context.PROVIDER_URL, this.ldapBindingConfig.getLdapScheme() + "://"
+ this.ldapBindingConfig.getLdapServerName() + ":"
-                    + this.ldapBindingConfig.getLdapServerPort() + "/" + this.ldapBindingConfig.getRootContext());
-            env.put(Context.SECURITY_PRINCIPAL, rootDn);
-            env.put(Context.SECURITY_CREDENTIALS, rootPassword);
-            env.put(Context.SECURITY_AUTHENTICATION, this.ldapBindingConfig.getLdapSecurityLevel());
-            if ( !StringUtils.isEmpty(this.ldapBindingConfig.getLdapSecurityProtocol()) )
-            {
-                env.put(Context.SECURITY_PROTOCOL, this.ldapBindingConfig.getLdapSecurityProtocol());
-            }
-            if ( !StringUtils.isEmpty(this.ldapBindingConfig.getLdapSocketFactory()) )
-            {
-                env.put("java.naming.ldap.factory.socket", this.ldapBindingConfig.getLdapSocketFactory());
-            }
-            ctx = new InitialLdapContext(env, null);
-        }
-        catch (NamingException ne)
-        {
-            throw new SecurityException(ne);
+            validateDn(rootDn);
+            validatePassword(rootPassword);
+
+            ctx = LdapContextProxy.createProxy(ldapBindingConfig);
         }
     }
 

Modified: portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/LdapBindingConfig.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/LdapBindingConfig.java?view=diff&rev=504946&r1=504945&r2=504946
==============================================================================
--- portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/LdapBindingConfig.java
(original)
+++ portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/LdapBindingConfig.java
Thu Feb  8 08:36:52 2007
@@ -14,6 +14,8 @@
  */
 package org.apache.jetspeed.security.spi.impl.ldap;
 
+import javax.naming.ldap.LdapContext;
+
 import org.apache.commons.configuration.ConfigurationException;
 import org.apache.commons.configuration.PropertiesConfiguration;
 import org.apache.commons.lang.StringUtils;
@@ -31,6 +33,8 @@
 {
     /** The logger. */
     private static final Log logger = LogFactory.getLog(LdapBindingConfig.class);
+    
+    private LdapContext context;
 
     private String initialContextFactory;
     private String ldapSocketFactory;
@@ -256,6 +260,16 @@
         {
             logger.error("Could not configure LdapBindingConfig: " + ce);
         }
+    }
+    
+    LdapContext getContext()
+    {
+        return context;
+    }
+    
+    void setContext(LdapContext context)
+    {
+        this.context = context;
     }
 
     /**

Added: portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/LdapContextProxy.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/LdapContextProxy.java?view=auto&rev=504946
==============================================================================
--- portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/LdapContextProxy.java
(added)
+++ portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/LdapContextProxy.java
Thu Feb  8 08:36:52 2007
@@ -0,0 +1,156 @@
+/*
+ * Copyright 2000-2004 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the  "License"); 
+ * you may not use this file except in compliance with the License. 
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" 
+ * BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 
+ * See the License for the specific language governing permissions and 
+ * limitations under the License.
+ */
+package org.apache.jetspeed.security.spi.impl.ldap;
+
+import java.lang.reflect.InvocationHandler;
+import java.lang.reflect.InvocationTargetException;
+import java.lang.reflect.Method;
+import java.lang.reflect.Proxy;
+import java.util.Properties;
+
+import javax.naming.CommunicationException;
+import javax.naming.Context;
+import javax.naming.NamingException;
+import javax.naming.ServiceUnavailableException;
+import javax.naming.ldap.InitialLdapContext;
+import javax.naming.ldap.LdapContext;
+
+import org.apache.commons.lang.StringUtils;
+
+/**
+ * Proxy providing recoverable LdapContext connections.
+ * 
+ * @author <a href="mailto:ate@douma.nu">Ate Douma</a>
+ * @version $Id$
+ */
+public class LdapContextProxy implements InvocationHandler
+{
+    private Properties env;
+    private LdapContext ctx;
+    
+    public static LdapContext createProxy(LdapBindingConfig config)
+    {
+        LdapContext proxy = config.getContext();
+        
+        if ( proxy == null || !(Proxy.getInvocationHandler(proxy) instanceof LdapContextProxy))
+        {
+            proxy = (LdapContext)Proxy.newProxyInstance(LdapContext.class.getClassLoader(),new
Class[]{LdapContext.class}, new LdapContextProxy(config));
+            config.setContext(proxy);
+        }
+        return proxy;
+    }
+    
+    private LdapContextProxy(LdapBindingConfig ldapBindingConfig)
+    {
+        env = new Properties();
+        env.put(Context.INITIAL_CONTEXT_FACTORY, ldapBindingConfig.getInitialContextFactory());
+        env.put(Context.PROVIDER_URL, ldapBindingConfig.getLdapScheme() + "://" + ldapBindingConfig.getLdapServerName()
+ ":"
+                + ldapBindingConfig.getLdapServerPort() + "/" + ldapBindingConfig.getRootContext());
+        env.put(Context.SECURITY_PRINCIPAL, ldapBindingConfig.getRootDn());
+        env.put(Context.SECURITY_CREDENTIALS, ldapBindingConfig.getRootPassword());
+        env.put(Context.SECURITY_AUTHENTICATION, ldapBindingConfig.getLdapSecurityLevel());
+        if ( !StringUtils.isEmpty(ldapBindingConfig.getLdapSecurityProtocol()) )
+        {
+            env.put(Context.SECURITY_PROTOCOL, ldapBindingConfig.getLdapSecurityProtocol());
+        }
+        if ( !StringUtils.isEmpty(ldapBindingConfig.getLdapSocketFactory()) )
+        {
+            env.put("java.naming.ldap.factory.socket", ldapBindingConfig.getLdapSocketFactory());
+        }
+    }
+    
+    private LdapContext getCtx() throws NamingException
+    {
+        if ( ctx == null )
+        {
+            ctx = new InitialLdapContext(env, null);
+        }
+        return ctx;
+    }
+    
+    private void closeCtx()
+    {
+        if ( ctx != null )
+        {
+            try
+            {
+                ctx.close();
+            }
+            catch (Exception e)
+            {
+            }
+            ctx = null;
+        }
+    }
+    /*
+     * (non-Javadoc)
+     * 
+     * @see java.lang.reflect.InvocationHandler#invoke(java.lang.Object,
+     *      java.lang.reflect.Method, java.lang.Object[])
+     */
+    public synchronized Object invoke(Object proxy, Method m, Object[] args) throws Throwable
+    {
+        Object result = null;
+        boolean close = "close".equals(m.getName()) && args.length == 0;
+        if ( close && ctx == null )
+        {
+            // don't need to do anything
+            ;
+        }
+        else
+        {
+            LdapContext ctx = getCtx();
+            
+            try
+            {
+                result = m.invoke(ctx,args);
+                if ( close )
+                {
+                    closeCtx();
+                }
+            }
+            catch (Throwable t)
+            {
+                closeCtx();
+                
+                if ( t instanceof InvocationTargetException)
+                {
+                    t = ((InvocationTargetException)t).getTargetException();
+                }
+                if (t instanceof ServiceUnavailableException || t instanceof CommunicationException)
+                {
+                    try
+                    {
+                        ctx = getCtx();
+                        result = m.invoke(ctx,args);
+                    }
+                    catch (Throwable t2)
+                    {
+                        closeCtx();
+                        if ( t2 instanceof InvocationTargetException)
+                        {
+                            t2 = ((InvocationTargetException)t2).getTargetException();
+                        }
+                        
+                        throw t2;
+                    }
+                }
+                throw t;
+            }
+        }
+        return result;
+    }
+}

Propchange: portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/LdapContextProxy.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/LdapContextProxy.java
------------------------------------------------------------------------------
    svn:keywords = Id



---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org


Mime
View raw message