Examples with DebugTimer org.apache.jackrabbit.oak.commons.DebugTimer used on opensource projects

Example 1 with DebugTimer

use of org.apache.jackrabbit.oak.commons.DebugTimer in project jackrabbit-oak by apache.

the class LdapIdentityProvider method authenticate.

@Override
public ExternalUser authenticate(@Nonnull Credentials credentials) throws ExternalIdentityException, LoginException {
    if (!(credentials instanceof SimpleCredentials)) {
        log.debug("LDAP IDP can only authenticate SimpleCredentials.");
        return null;
    }
    final SimpleCredentials creds = (SimpleCredentials) credentials;
    final ExternalUser user = getUser(creds.getUserID());
    if (user != null) {
        // see http://tools.ietf.org/html/rfc4513#section-5.1.1 for details.
        if (creds.getPassword().length == 0) {
            throw new LoginException("Refusing to authenticate against LDAP server: Empty passwords not allowed.");
        }
        // authenticate
        LdapConnection connection = null;
        try {
            DebugTimer timer = new DebugTimer();
            if (userPool == null) {
                connection = userConnectionFactory.makeObject();
            } else {
                connection = userPool.getConnection();
            }
            timer.mark("connect");
            connection.bind(user.getExternalId().getId(), new String(creds.getPassword()));
            timer.mark("bind");
            if (log.isDebugEnabled()) {
                log.debug("authenticate({}) {}", user.getId(), timer.getString());
            }
        } catch (LdapAuthenticationException e) {
            throw new LoginException("Unable to authenticate against LDAP server: " + e.getMessage());
        } catch (Exception e) {
            throw new ExternalIdentityException("Error while binding user credentials", e);
        } finally {
            if (connection != null) {
                try {
                    if (userPool == null) {
                        userConnectionFactory.destroyObject(connection);
                    } else {
                        userPool.releaseConnection(connection);
                    }
                } catch (Exception e) {
                // ignore
                }
            }
        }
    }
    return user;
}

Example 2 with DebugTimer

use of org.apache.jackrabbit.oak.commons.DebugTimer in project jackrabbit-oak by apache.

the class ExternalLoginModule method syncUser.

/**
 * Initiates synchronization of the external user.
 * @param user the external user
 * @throws SyncException if an error occurs
 */
private void syncUser(@Nonnull ExternalUser user) throws SyncException {
    Root root = getRoot();
    if (root == null) {
        throw new SyncException("Cannot synchronize user. root == null");
    }
    UserManager userManager = getUserManager();
    if (userManager == null) {
        throw new SyncException("Cannot synchronize user. userManager == null");
    }
    int numAttempt = 0;
    while (numAttempt++ < MAX_SYNC_ATTEMPTS) {
        SyncContext context = null;
        try {
            DebugTimer timer = new DebugTimer();
            context = syncHandler.createContext(idp, userManager, new ValueFactoryImpl(root, NamePathMapper.DEFAULT));
            SyncResult syncResult = context.sync(user);
            timer.mark("sync");
            if (root.hasPendingChanges()) {
                root.commit();
                timer.mark("commit");
            }
            debug("syncUser({}) {}, status: {}", user.getId(), timer.getString(), syncResult.getStatus().toString());
            return;
        } catch (CommitFailedException e) {
            log.warn("User synchronization failed during commit: {}. (attempt {}/{})", e.toString(), numAttempt, MAX_SYNC_ATTEMPTS);
            root.refresh();
        } finally {
            if (context != null) {
                context.close();
            }
        }
    }
    throw new SyncException("User synchronization failed during commit after " + MAX_SYNC_ATTEMPTS + " attempts");
}

Example 3 with DebugTimer

use of org.apache.jackrabbit.oak.commons.DebugTimer in project jackrabbit-oak by apache.

the class LdapIdentityProvider method getGroup.

@Override
public ExternalGroup getGroup(@Nonnull String name) throws ExternalIdentityException {
    DebugTimer timer = new DebugTimer();
    LdapConnection connection = connect();
    timer.mark("connect");
    try {
        Entry entry = getEntry(connection, config.getGroupConfig(), name, config.getCustomAttributes());
        timer.mark("lookup");
        if (log.isDebugEnabled()) {
            log.debug("getGroup({}) {}", name, timer.getString());
        }
        if (entry != null) {
            return createGroup(entry, name);
        } else {
            return null;
        }
    } catch (LdapException | CursorException e) {
        throw lookupFailedException(e, timer);
    } finally {
        disconnect(connection);
    }
}

Example 4 with DebugTimer

use of org.apache.jackrabbit.oak.commons.DebugTimer in project jackrabbit-oak by apache.

the class LdapIdentityProvider method getDeclaredGroupRefs.

// -----------------------------------------------------------< internal >---
/**
 * Collects the declared (direct) groups of an identity
 * @param ref reference to the identity
 * @return map of identities where the key is the DN of the LDAP entity
 */
Map<String, ExternalIdentityRef> getDeclaredGroupRefs(ExternalIdentityRef ref) throws ExternalIdentityException {
    if (!isMyRef(ref)) {
        return Collections.emptyMap();
    }
    String searchFilter = config.getMemberOfSearchFilter(ref.getId());
    LdapConnection connection = null;
    SearchCursor searchCursor = null;
    try {
        // Create the SearchRequest object
        SearchRequest req = new SearchRequestImpl();
        req.setScope(SearchScope.SUBTREE);
        String idAttribute = config.getGroupConfig().getIdAttribute();
        req.addAttributes(idAttribute == null ? SchemaConstants.NO_ATTRIBUTE : idAttribute);
        req.setTimeLimit((int) config.getSearchTimeout());
        req.setBase(new Dn(config.getGroupConfig().getBaseDN()));
        req.setFilter(searchFilter);
        if (log.isDebugEnabled()) {
            log.debug("getDeclaredGroupRefs: using SearchRequest {}.", req);
        }
        Map<String, ExternalIdentityRef> groups = new HashMap<String, ExternalIdentityRef>();
        DebugTimer timer = new DebugTimer();
        connection = connect();
        timer.mark("connect");
        searchCursor = connection.search(req);
        timer.mark("search");
        while (searchCursor.next()) {
            Response response = searchCursor.get();
            if (response instanceof SearchResultEntry) {
                Entry resultEntry = ((SearchResultEntry) response).getEntry();
                ExternalIdentityRef groupRef = new ExternalIdentityRef(resultEntry.getDn().toString(), this.getName());
                groups.put(groupRef.getId(), groupRef);
            }
        }
        timer.mark("iterate");
        if (log.isDebugEnabled()) {
            log.debug("getDeclaredGroupRefs: search below {} with {} found {} entries. {}", config.getGroupConfig().getBaseDN(), searchFilter, groups.size(), timer.getString());
        }
        return groups;
    } catch (Exception e) {
        log.error("Error during ldap membership search.", e);
        throw new ExternalIdentityException("Error during ldap membership search.", e);
    } finally {
        if (searchCursor != null) {
            try {
                searchCursor.close();
            } catch (IOException e) {
                log.warn("Failed to close search cursor.", e);
            }
        }
        disconnect(connection);
    }
}

Example 5 with DebugTimer

use of org.apache.jackrabbit.oak.commons.DebugTimer in project jackrabbit-oak by apache.

the class DefaultSyncContext method sync.

/**
 * {@inheritDoc}
 */
@Nonnull
@Override
public SyncResult sync(@Nonnull ExternalIdentity identity) throws SyncException {
    ExternalIdentityRef ref = identity.getExternalId();
    if (!isSameIDP(ref)) {
        // create result in accordance with sync(String) where status is FOREIGN
        boolean isGroup = (identity instanceof ExternalGroup);
        return new DefaultSyncResultImpl(new DefaultSyncedIdentity(identity.getId(), ref, isGroup, -1), SyncResult.Status.FOREIGN);
    }
    try {
        DebugTimer timer = new DebugTimer();
        DefaultSyncResultImpl ret;
        boolean created = false;
        if (identity instanceof ExternalUser) {
            User user = getAuthorizable(identity, User.class);
            timer.mark("find");
            if (user == null) {
                user = createUser((ExternalUser) identity);
                timer.mark("create");
                created = true;
            }
            ret = syncUser((ExternalUser) identity, user);
            timer.mark("sync");
        } else if (identity instanceof ExternalGroup) {
            Group group = getAuthorizable(identity, Group.class);
            timer.mark("find");
            if (group == null) {
                group = createGroup((ExternalGroup) identity);
                timer.mark("create");
                created = true;
            }
            ret = syncGroup((ExternalGroup) identity, group);
            timer.mark("sync");
        } else {
            throw new IllegalArgumentException("identity must be user or group but was: " + identity);
        }
        if (log.isDebugEnabled()) {
            log.debug("sync({}) -> {} {}", ref.getString(), identity.getId(), timer.getString());
        }
        if (created) {
            ret.setStatus(SyncResult.Status.ADD);
        }
        return ret;
    } catch (RepositoryException e) {
        throw new SyncException(e);
    }
}