Search in sources :

Example 6 with ExternalLdapConfig

use of com.zimbra.cs.ldap.LdapServerConfig.ExternalLdapConfig in project zm-mailbox by Zimbra.

the class TestLdapConnection method backgroundHealthCheck.

@Test
public void backgroundHealthCheck() throws Exception {
    SKIP_FOR_INMEM_LDAP_SERVER(SkipTestReason.CONNECTION_POOL_HEALTH_CHECK);
    // 5 secs
    final long BACKGROUND_HEALTH_CHECK_INTERVAL = 5000;
    Map<KnownKey, String> lcKeysToModify = new HashMap<KnownKey, String>();
    lcKeysToModify.put(LC.ldap_connect_pool_health_check_on_checkout_enabled, "false");
    // lcKeysToModify.put(LC.ldap_connect_pool_health_check_after_exception_enabled, "false");
    // lcKeysToModify.put(LC.ldap_connect_pool_health_check_background_enabled, "true");
    lcKeysToModify.put(LC.ldap_connect_pool_health_check_background_interval_millis, Long.valueOf(BACKGROUND_HEALTH_CHECK_INTERVAL).toString());
    Map<KnownKey, String> origLCKeyValues = setLocalConfig(lcKeysToModify);
    final int MAX_POOL_SIZE = LC.ldap_connect_pool_maxsize.intValue();
    final int NUM_CONNS = 10;
    ExternalLdapConfig ldapConfig = new ExternalLdapConfig(LDAP_URL_BACKGROUND, START_TLS_ENABLED, null, BIND_DN, BIND_PASSWORD, null, null);
    LDAPConnectionPool connPool = populateConnPool(ldapConfig, NUM_CONNS);
    // stop ldap server here
    System.out.println("Before health check, availConns = " + connPool.getCurrentAvailableConnections());
    stopLdap();
    // wait for the health check interval to trigger health check
    long waitFor = BACKGROUND_HEALTH_CHECK_INTERVAL + 1000;
    System.out.println("Waiting for " + waitFor + " msecs");
    Thread.sleep(waitFor);
    System.out.println("After health check, availConns = " + connPool.getCurrentAvailableConnections());
    assertEquals(0, connPool.getCurrentAvailableConnections());
    // put the config key back
    setLocalConfig(origLCKeyValues);
    startLdap();
    // get a connection now, should be successful
    UBIDLdapContext zlc = getContext(ldapConfig);
    closeContext(zlc);
}
Also used : LDAPConnectionPool(com.unboundid.ldap.sdk.LDAPConnectionPool) KnownKey(com.zimbra.common.localconfig.KnownKey) ExternalLdapConfig(com.zimbra.cs.ldap.LdapServerConfig.ExternalLdapConfig) HashMap(java.util.HashMap) UBIDLdapContext(com.zimbra.cs.ldap.unboundid.UBIDLdapContext) Test(org.junit.Test)

Example 7 with ExternalLdapConfig

use of com.zimbra.cs.ldap.LdapServerConfig.ExternalLdapConfig in project zm-mailbox by Zimbra.

the class UBIDLdapContext method externalLdapAuthenticate.

static void externalLdapAuthenticate(String[] urls, boolean wantStartTLS, String bindDN, String password, String note) throws ServiceException {
    ExternalLdapConfig config = new ExternalLdapConfig(urls, wantStartTLS, null, bindDN, password, null, note);
    ldapAuthenticate(config, bindDN, password, LdapUsage.LDAP_AUTH_EXTERNAL);
}
Also used : ExternalLdapConfig(com.zimbra.cs.ldap.LdapServerConfig.ExternalLdapConfig)

Example 8 with ExternalLdapConfig

use of com.zimbra.cs.ldap.LdapServerConfig.ExternalLdapConfig in project zm-mailbox by Zimbra.

the class TestLdapConnection method onCheckoutHealthCheck.

@Test
public void onCheckoutHealthCheck() throws Exception {
    SKIP_FOR_INMEM_LDAP_SERVER(SkipTestReason.CONNECTION_POOL_HEALTH_CHECK);
    Map<KnownKey, String> lcKeysToModify = new HashMap<KnownKey, String>();
    lcKeysToModify.put(LC.ldap_connect_pool_health_check_on_checkout_enabled, "true");
    // lcKeysToModify.put(LC.ldap_connect_pool_health_check_after_exception_enabled, "false");
    // lcKeysToModify.put(LC.ldap_connect_pool_health_check_background_enabled, "false");
    Map<KnownKey, String> origLCKeyValues = setLocalConfig(lcKeysToModify);
    final int NUM_CONNS = 10;
    ExternalLdapConfig ldapConfig = new ExternalLdapConfig(LDAP_URL_ON_CHECKOUT, START_TLS_ENABLED, null, BIND_DN, BIND_PASSWORD, null, null);
    LDAPConnectionPool connPool = populateConnPool(ldapConfig, NUM_CONNS);
    // stop ldap server here
    System.out.println("Before health check, availConns = " + connPool.getCurrentAvailableConnections());
    stopLdap();
    // try to get a connection from the pool to trigger health check
    boolean caughtException = false;
    try {
        UBIDLdapContext zlc = getContext(ldapConfig);
    } catch (ServiceException e) {
        caughtException = true;
    }
    assertTrue(caughtException);
    System.out.println("After health check, availConns = " + connPool.getCurrentAvailableConnections());
    assertEquals(0, connPool.getCurrentAvailableConnections());
    // put the config key back
    setLocalConfig(origLCKeyValues);
    startLdap();
    // get a connection now, should be successful
    UBIDLdapContext zlc = getContext(ldapConfig);
    closeContext(zlc);
}
Also used : LDAPConnectionPool(com.unboundid.ldap.sdk.LDAPConnectionPool) KnownKey(com.zimbra.common.localconfig.KnownKey) ExternalLdapConfig(com.zimbra.cs.ldap.LdapServerConfig.ExternalLdapConfig) ServiceException(com.zimbra.common.service.ServiceException) HashMap(java.util.HashMap) UBIDLdapContext(com.zimbra.cs.ldap.unboundid.UBIDLdapContext) Test(org.junit.Test)

Example 9 with ExternalLdapConfig

use of com.zimbra.cs.ldap.LdapServerConfig.ExternalLdapConfig in project zm-mailbox by Zimbra.

the class TestLdapConnection method afterExceptionHealthCheck.

@Test
// after-exception health check is not supported.
@Ignore
public void afterExceptionHealthCheck() throws Exception {
    Map<KnownKey, String> lcKeysToModify = new HashMap<KnownKey, String>();
    lcKeysToModify.put(LC.ldap_connect_pool_health_check_on_checkout_enabled, "false");
    // lcKeysToModify.put(LC.ldap_connect_pool_health_check_after_exception_enabled, "true");
    // lcKeysToModify.put(LC.ldap_connect_pool_health_check_background_enabled, "false");
    Map<KnownKey, String> origLCKeyValues = setLocalConfig(lcKeysToModify);
    final int NUM_CONNS = 10;
    ExternalLdapConfig ldapConfig = new ExternalLdapConfig(LDAP_URL_AFTER_EXCEPTION, START_TLS_ENABLED, null, BIND_DN, BIND_PASSWORD, null, null);
    LDAPConnectionPool connPool = populateConnPool(ldapConfig, NUM_CONNS);
    // stop ldap server here
    System.out.println("Before health check, availConns = " + connPool.getCurrentAvailableConnections());
    stopLdap();
    // try to get a connection from the pool
    // unlike on checkout health check, this will NOT trigger a health check
    // it will just return one connection from the pool
    UBIDLdapContext zlcTest = getContext(ldapConfig);
    // use the connection - now we should get an exception, and a health check 
    // should be triggered.
    boolean caughtException = false;
    try {
        zlcTest.getAttributes(LdapConstants.DN_ROOT_DSE, null);
    } catch (ServiceException e) {
        caughtException = true;
    // e.printStackTrace();
    } finally {
    // if this is called, it somehow increments the CurrentAvailableConnections count
    // in the connection pool - it should not, because the connection is already defunced
    // (LDAPConnectionPool.releaseConnectionAfterException() was called).
    // 
    // The CurrentAvailableConnections count drop back to NUM_CONNS - 1 after one minute.
    // closeContext(zlcTest);
    }
    assertTrue(caughtException);
    System.out.println("After health check, availConns = " + connPool.getCurrentAvailableConnections());
    int secs = 0;
    while (true) {
        Thread.sleep(1000);
        secs++;
        int junk = connPool.getCurrentAvailableConnections();
        System.out.println("After health check, availConns = " + junk + " " + secs);
        if (junk < NUM_CONNS) {
            break;
        }
    }
    // unlink on-checkout and beckground modes, the after-exception mode removes only 
    // the bad connection.   To support this, we need to call 
    // LDAPConnectionPool.releaseConnectionAfterException(LDAPConnection connection, LDAPException exception) 
    // after an exception is caught.
    // For some reason this only work in Eclipse because of timing issue.
    assertEquals(NUM_CONNS - 1, connPool.getCurrentAvailableConnections());
    // put the config key back
    setLocalConfig(origLCKeyValues);
    startLdap();
    // get a connection now, should be successful
    UBIDLdapContext zlc = getContext(ldapConfig);
    closeContext(zlc);
}
Also used : LDAPConnectionPool(com.unboundid.ldap.sdk.LDAPConnectionPool) KnownKey(com.zimbra.common.localconfig.KnownKey) ExternalLdapConfig(com.zimbra.cs.ldap.LdapServerConfig.ExternalLdapConfig) ServiceException(com.zimbra.common.service.ServiceException) HashMap(java.util.HashMap) UBIDLdapContext(com.zimbra.cs.ldap.unboundid.UBIDLdapContext) Ignore(org.junit.Ignore) Test(org.junit.Test)

Example 10 with ExternalLdapConfig

use of com.zimbra.cs.ldap.LdapServerConfig.ExternalLdapConfig in project zm-mailbox by Zimbra.

the class LdapProvisioning method ldapAuthenticate.

/*
     * search for the auth DN for the user, authneticate to the result DN
     */
private void ldapAuthenticate(String[] url, boolean wantStartTLS, String password, String searchBase, String searchFilter, String searchDn, String searchPassword) throws ServiceException {
    if (password == null || password.equals("")) {
        throw AccountServiceException.AuthFailedServiceException.AUTH_FAILED("empty password");
    }
    ExternalLdapConfig config = new ExternalLdapConfig(url, wantStartTLS, null, searchDn, searchPassword, null, "external LDAP auth");
    String resultDn = null;
    String tooMany = null;
    ZLdapContext zlc = null;
    try {
        zlc = LdapClient.getExternalContext(config, LdapUsage.LDAP_AUTH_EXTERNAL);
        ZSearchResultEnumeration ne = zlc.searchDir(searchBase, filterFactory.fromFilterString(FilterId.LDAP_AUTHENTICATE, searchFilter), ZSearchControls.SEARCH_CTLS_SUBTREE());
        while (ne.hasMore()) {
            ZSearchResultEntry sr = ne.next();
            if (resultDn == null) {
                resultDn = sr.getDN();
            } else {
                tooMany = sr.getDN();
                break;
            }
        }
        ne.close();
    } finally {
        LdapClient.closeContext(zlc);
    }
    if (tooMany != null) {
        ZimbraLog.account.warn(String.format("ldapAuthenticate searchFilter returned more then one result: (dn1=%s, dn2=%s, filter=%s)", resultDn, tooMany, searchFilter));
        throw AccountServiceException.AuthFailedServiceException.AUTH_FAILED("too many results from search filter!");
    } else if (resultDn == null) {
        throw AccountServiceException.AuthFailedServiceException.AUTH_FAILED("empty search");
    }
    if (ZimbraLog.account.isDebugEnabled())
        ZimbraLog.account.debug("search filter matched: " + resultDn);
    ldapAuthenticate(url, wantStartTLS, resultDn, password);
}
Also used : ExternalLdapConfig(com.zimbra.cs.ldap.LdapServerConfig.ExternalLdapConfig) ZLdapContext(com.zimbra.cs.ldap.ZLdapContext) ZSearchResultEnumeration(com.zimbra.cs.ldap.ZSearchResultEnumeration) ZSearchResultEntry(com.zimbra.cs.ldap.ZSearchResultEntry)

Aggregations

ExternalLdapConfig (com.zimbra.cs.ldap.LdapServerConfig.ExternalLdapConfig)11 ZLdapContext (com.zimbra.cs.ldap.ZLdapContext)6 LDAPConnectionPool (com.unboundid.ldap.sdk.LDAPConnectionPool)3 KnownKey (com.zimbra.common.localconfig.KnownKey)3 UBIDLdapContext (com.zimbra.cs.ldap.unboundid.UBIDLdapContext)3 HashMap (java.util.HashMap)3 Test (org.junit.Test)3 ServiceException (com.zimbra.common.service.ServiceException)2 ZSearchResultEntry (com.zimbra.cs.ldap.ZSearchResultEntry)2 SearchGalResult (com.zimbra.cs.account.Provisioning.SearchGalResult)1 GalSearchConfig (com.zimbra.cs.gal.GalSearchConfig)1 LdapInvalidAttrValueException (com.zimbra.cs.ldap.LdapException.LdapInvalidAttrValueException)1 LdapSizeLimitExceededException (com.zimbra.cs.ldap.LdapException.LdapSizeLimitExceededException)1 SearchLdapOptions (com.zimbra.cs.ldap.SearchLdapOptions)1 ZLdapFilter (com.zimbra.cs.ldap.ZLdapFilter)1 FilterId (com.zimbra.cs.ldap.ZLdapFilterFactory.FilterId)1 ZSearchResultEnumeration (com.zimbra.cs.ldap.ZSearchResultEnumeration)1 Ignore (org.junit.Ignore)1