use of com.zimbra.cs.ldap.LdapServerConfig.ExternalLdapConfig in project zm-mailbox by Zimbra.
the class TestLdapConnection method backgroundHealthCheck.
@Test
public void backgroundHealthCheck() throws Exception {
SKIP_FOR_INMEM_LDAP_SERVER(SkipTestReason.CONNECTION_POOL_HEALTH_CHECK);
// 5 secs
final long BACKGROUND_HEALTH_CHECK_INTERVAL = 5000;
Map<KnownKey, String> lcKeysToModify = new HashMap<KnownKey, String>();
lcKeysToModify.put(LC.ldap_connect_pool_health_check_on_checkout_enabled, "false");
// lcKeysToModify.put(LC.ldap_connect_pool_health_check_after_exception_enabled, "false");
// lcKeysToModify.put(LC.ldap_connect_pool_health_check_background_enabled, "true");
lcKeysToModify.put(LC.ldap_connect_pool_health_check_background_interval_millis, Long.valueOf(BACKGROUND_HEALTH_CHECK_INTERVAL).toString());
Map<KnownKey, String> origLCKeyValues = setLocalConfig(lcKeysToModify);
final int MAX_POOL_SIZE = LC.ldap_connect_pool_maxsize.intValue();
final int NUM_CONNS = 10;
ExternalLdapConfig ldapConfig = new ExternalLdapConfig(LDAP_URL_BACKGROUND, START_TLS_ENABLED, null, BIND_DN, BIND_PASSWORD, null, null);
LDAPConnectionPool connPool = populateConnPool(ldapConfig, NUM_CONNS);
// stop ldap server here
System.out.println("Before health check, availConns = " + connPool.getCurrentAvailableConnections());
stopLdap();
// wait for the health check interval to trigger health check
long waitFor = BACKGROUND_HEALTH_CHECK_INTERVAL + 1000;
System.out.println("Waiting for " + waitFor + " msecs");
Thread.sleep(waitFor);
System.out.println("After health check, availConns = " + connPool.getCurrentAvailableConnections());
assertEquals(0, connPool.getCurrentAvailableConnections());
// put the config key back
setLocalConfig(origLCKeyValues);
startLdap();
// get a connection now, should be successful
UBIDLdapContext zlc = getContext(ldapConfig);
closeContext(zlc);
}
use of com.zimbra.cs.ldap.LdapServerConfig.ExternalLdapConfig in project zm-mailbox by Zimbra.
the class UBIDLdapContext method externalLdapAuthenticate.
static void externalLdapAuthenticate(String[] urls, boolean wantStartTLS, String bindDN, String password, String note) throws ServiceException {
ExternalLdapConfig config = new ExternalLdapConfig(urls, wantStartTLS, null, bindDN, password, null, note);
ldapAuthenticate(config, bindDN, password, LdapUsage.LDAP_AUTH_EXTERNAL);
}
use of com.zimbra.cs.ldap.LdapServerConfig.ExternalLdapConfig in project zm-mailbox by Zimbra.
the class TestLdapConnection method onCheckoutHealthCheck.
@Test
public void onCheckoutHealthCheck() throws Exception {
SKIP_FOR_INMEM_LDAP_SERVER(SkipTestReason.CONNECTION_POOL_HEALTH_CHECK);
Map<KnownKey, String> lcKeysToModify = new HashMap<KnownKey, String>();
lcKeysToModify.put(LC.ldap_connect_pool_health_check_on_checkout_enabled, "true");
// lcKeysToModify.put(LC.ldap_connect_pool_health_check_after_exception_enabled, "false");
// lcKeysToModify.put(LC.ldap_connect_pool_health_check_background_enabled, "false");
Map<KnownKey, String> origLCKeyValues = setLocalConfig(lcKeysToModify);
final int NUM_CONNS = 10;
ExternalLdapConfig ldapConfig = new ExternalLdapConfig(LDAP_URL_ON_CHECKOUT, START_TLS_ENABLED, null, BIND_DN, BIND_PASSWORD, null, null);
LDAPConnectionPool connPool = populateConnPool(ldapConfig, NUM_CONNS);
// stop ldap server here
System.out.println("Before health check, availConns = " + connPool.getCurrentAvailableConnections());
stopLdap();
// try to get a connection from the pool to trigger health check
boolean caughtException = false;
try {
UBIDLdapContext zlc = getContext(ldapConfig);
} catch (ServiceException e) {
caughtException = true;
}
assertTrue(caughtException);
System.out.println("After health check, availConns = " + connPool.getCurrentAvailableConnections());
assertEquals(0, connPool.getCurrentAvailableConnections());
// put the config key back
setLocalConfig(origLCKeyValues);
startLdap();
// get a connection now, should be successful
UBIDLdapContext zlc = getContext(ldapConfig);
closeContext(zlc);
}
use of com.zimbra.cs.ldap.LdapServerConfig.ExternalLdapConfig in project zm-mailbox by Zimbra.
the class TestLdapConnection method afterExceptionHealthCheck.
@Test
// after-exception health check is not supported.
@Ignore
public void afterExceptionHealthCheck() throws Exception {
Map<KnownKey, String> lcKeysToModify = new HashMap<KnownKey, String>();
lcKeysToModify.put(LC.ldap_connect_pool_health_check_on_checkout_enabled, "false");
// lcKeysToModify.put(LC.ldap_connect_pool_health_check_after_exception_enabled, "true");
// lcKeysToModify.put(LC.ldap_connect_pool_health_check_background_enabled, "false");
Map<KnownKey, String> origLCKeyValues = setLocalConfig(lcKeysToModify);
final int NUM_CONNS = 10;
ExternalLdapConfig ldapConfig = new ExternalLdapConfig(LDAP_URL_AFTER_EXCEPTION, START_TLS_ENABLED, null, BIND_DN, BIND_PASSWORD, null, null);
LDAPConnectionPool connPool = populateConnPool(ldapConfig, NUM_CONNS);
// stop ldap server here
System.out.println("Before health check, availConns = " + connPool.getCurrentAvailableConnections());
stopLdap();
// try to get a connection from the pool
// unlike on checkout health check, this will NOT trigger a health check
// it will just return one connection from the pool
UBIDLdapContext zlcTest = getContext(ldapConfig);
// use the connection - now we should get an exception, and a health check
// should be triggered.
boolean caughtException = false;
try {
zlcTest.getAttributes(LdapConstants.DN_ROOT_DSE, null);
} catch (ServiceException e) {
caughtException = true;
// e.printStackTrace();
} finally {
// if this is called, it somehow increments the CurrentAvailableConnections count
// in the connection pool - it should not, because the connection is already defunced
// (LDAPConnectionPool.releaseConnectionAfterException() was called).
//
// The CurrentAvailableConnections count drop back to NUM_CONNS - 1 after one minute.
// closeContext(zlcTest);
}
assertTrue(caughtException);
System.out.println("After health check, availConns = " + connPool.getCurrentAvailableConnections());
int secs = 0;
while (true) {
Thread.sleep(1000);
secs++;
int junk = connPool.getCurrentAvailableConnections();
System.out.println("After health check, availConns = " + junk + " " + secs);
if (junk < NUM_CONNS) {
break;
}
}
// unlink on-checkout and beckground modes, the after-exception mode removes only
// the bad connection. To support this, we need to call
// LDAPConnectionPool.releaseConnectionAfterException(LDAPConnection connection, LDAPException exception)
// after an exception is caught.
// For some reason this only work in Eclipse because of timing issue.
assertEquals(NUM_CONNS - 1, connPool.getCurrentAvailableConnections());
// put the config key back
setLocalConfig(origLCKeyValues);
startLdap();
// get a connection now, should be successful
UBIDLdapContext zlc = getContext(ldapConfig);
closeContext(zlc);
}
use of com.zimbra.cs.ldap.LdapServerConfig.ExternalLdapConfig in project zm-mailbox by Zimbra.
the class LdapProvisioning method ldapAuthenticate.
/*
* search for the auth DN for the user, authneticate to the result DN
*/
private void ldapAuthenticate(String[] url, boolean wantStartTLS, String password, String searchBase, String searchFilter, String searchDn, String searchPassword) throws ServiceException {
if (password == null || password.equals("")) {
throw AccountServiceException.AuthFailedServiceException.AUTH_FAILED("empty password");
}
ExternalLdapConfig config = new ExternalLdapConfig(url, wantStartTLS, null, searchDn, searchPassword, null, "external LDAP auth");
String resultDn = null;
String tooMany = null;
ZLdapContext zlc = null;
try {
zlc = LdapClient.getExternalContext(config, LdapUsage.LDAP_AUTH_EXTERNAL);
ZSearchResultEnumeration ne = zlc.searchDir(searchBase, filterFactory.fromFilterString(FilterId.LDAP_AUTHENTICATE, searchFilter), ZSearchControls.SEARCH_CTLS_SUBTREE());
while (ne.hasMore()) {
ZSearchResultEntry sr = ne.next();
if (resultDn == null) {
resultDn = sr.getDN();
} else {
tooMany = sr.getDN();
break;
}
}
ne.close();
} finally {
LdapClient.closeContext(zlc);
}
if (tooMany != null) {
ZimbraLog.account.warn(String.format("ldapAuthenticate searchFilter returned more then one result: (dn1=%s, dn2=%s, filter=%s)", resultDn, tooMany, searchFilter));
throw AccountServiceException.AuthFailedServiceException.AUTH_FAILED("too many results from search filter!");
} else if (resultDn == null) {
throw AccountServiceException.AuthFailedServiceException.AUTH_FAILED("empty search");
}
if (ZimbraLog.account.isDebugEnabled())
ZimbraLog.account.debug("search filter matched: " + resultDn);
ldapAuthenticate(url, wantStartTLS, resultDn, password);
}
Aggregations