use of org.apache.directory.ldap.client.api.LookupLdapConnectionValidator in project jackrabbit-oak by apache.
the class LdapIdentityProvider method init.
//------------------------------------------------------------< private >---
/**
* Initializes the ldap identity provider.
*/
private void init() {
if (adminConnectionFactory != null) {
throw new IllegalStateException("Provider already initialized.");
}
// make sure the JVM supports the TLSv1.1
try {
enabledSSLProtocols = null;
SSLContext.getInstance("TLSv1.1");
} catch (NoSuchAlgorithmException e) {
log.warn("JDK does not support TLSv1.1. Disabling it.");
enabledSSLProtocols = new String[] { "TLSv1" };
}
// setup admin connection pool
LdapConnectionConfig cc = createConnectionConfig();
String bindDN = config.getBindDN();
if (bindDN != null && !bindDN.isEmpty()) {
cc.setName(bindDN);
cc.setCredentials(config.getBindPassword());
}
adminConnectionFactory = new ValidatingPoolableLdapConnectionFactory(cc);
if (config.getAdminPoolConfig().lookupOnValidate()) {
adminConnectionFactory.setValidator(new LookupLdapConnectionValidator());
} else {
adminConnectionFactory.setValidator(new DefaultLdapConnectionValidator());
}
if (config.getAdminPoolConfig().getMaxActive() != 0) {
adminPool = new LdapConnectionPool(adminConnectionFactory);
adminPool.setTestOnBorrow(true);
adminPool.setMaxActive(config.getAdminPoolConfig().getMaxActive());
adminPool.setWhenExhaustedAction(GenericObjectPool.WHEN_EXHAUSTED_BLOCK);
}
// setup unbound connection pool. let's create a new version of the config
cc = createConnectionConfig();
userConnectionFactory = new PoolableUnboundConnectionFactory(cc);
if (config.getUserPoolConfig().lookupOnValidate()) {
userConnectionFactory.setValidator(new UnboundLookupConnectionValidator());
} else {
userConnectionFactory.setValidator(new UnboundConnectionValidator());
}
if (config.getUserPoolConfig().getMaxActive() != 0) {
userPool = new UnboundLdapConnectionPool(userConnectionFactory);
userPool.setTestOnBorrow(true);
userPool.setMaxActive(config.getUserPoolConfig().getMaxActive());
userPool.setWhenExhaustedAction(GenericObjectPool.WHEN_EXHAUSTED_BLOCK);
}
log.info("LdapIdentityProvider initialized: {}", config);
}
Aggregations