use of org.ldaptive.CompareConnectionValidator in project cas by apereo.
the class LdapUtils method newLdaptivePooledConnectionFactory.
/**
* New pooled connection factory pooled connection factory.
*
* @param l the ldap properties
* @return the pooled connection factory
*/
public static PooledConnectionFactory newLdaptivePooledConnectionFactory(final AbstractLdapProperties l) {
val cc = newLdaptiveConnectionConfig(l);
LOGGER.debug("Creating LDAP connection pool configuration for [{}]", l.getLdapUrl());
val pooledCf = new PooledConnectionFactory(cc);
pooledCf.setMinPoolSize(l.getMinPoolSize());
pooledCf.setMaxPoolSize(l.getMaxPoolSize());
pooledCf.setValidateOnCheckOut(l.isValidateOnCheckout());
pooledCf.setValidatePeriodically(l.isValidatePeriodically());
pooledCf.setBlockWaitTime(Beans.newDuration(l.getBlockWaitTime()));
val strategy = new IdlePruneStrategy();
strategy.setIdleTime(Beans.newDuration(l.getIdleTime()));
strategy.setPrunePeriod(Beans.newDuration(l.getPrunePeriod()));
pooledCf.setPruneStrategy(strategy);
val validator = l.getValidator();
switch(validator.getType().trim().toLowerCase()) {
case "compare":
val compareRequest = new CompareRequest(validator.getDn(), validator.getAttributeName(), validator.getAttributeValue());
val compareValidator = new CompareConnectionValidator(compareRequest);
compareValidator.setValidatePeriod(Beans.newDuration(l.getValidatePeriod()));
compareValidator.setValidateTimeout(Beans.newDuration(l.getValidateTimeout()));
pooledCf.setValidator(compareValidator);
break;
case "none":
LOGGER.debug("No validator is configured for the LDAP connection pool of [{}]", l.getLdapUrl());
break;
case "search":
default:
val searchRequest = new SearchRequest();
searchRequest.setBaseDn(validator.getBaseDn());
searchRequest.setFilter(validator.getSearchFilter());
searchRequest.setReturnAttributes(ReturnAttributes.NONE.value());
searchRequest.setSearchScope(SearchScope.valueOf(validator.getScope()));
searchRequest.setSizeLimit(1);
val searchValidator = new SearchConnectionValidator(searchRequest);
searchValidator.setValidatePeriod(Beans.newDuration(l.getValidatePeriod()));
searchValidator.setValidateTimeout(Beans.newDuration(l.getValidateTimeout()));
pooledCf.setValidator(searchValidator);
break;
}
pooledCf.setFailFastInitialize(l.isFailFast());
if (StringUtils.isNotBlank(l.getPoolPassivator())) {
val pass = AbstractLdapProperties.LdapConnectionPoolPassivator.valueOf(l.getPoolPassivator().toUpperCase());
switch(pass) {
case BIND:
if (StringUtils.isNotBlank(l.getBindDn()) && StringUtils.isNoneBlank(l.getBindCredential())) {
val bindRequest = new SimpleBindRequest(l.getBindDn(), l.getBindCredential());
pooledCf.setPassivator(new BindConnectionPassivator(bindRequest));
LOGGER.debug("Created [{}] passivator for [{}]", l.getPoolPassivator(), l.getLdapUrl());
} else {
val values = Arrays.stream(AbstractLdapProperties.LdapConnectionPoolPassivator.values()).filter(v -> v != AbstractLdapProperties.LdapConnectionPoolPassivator.BIND).collect(Collectors.toList());
LOGGER.warn("[{}] pool passivator could not be created for [{}] given bind credentials are not specified. " + "If you are dealing with LDAP in such a way that does not require bind credentials, you may need to " + "set the pool passivator setting to one of [{}]", l.getPoolPassivator(), l.getLdapUrl(), values);
}
break;
default:
break;
}
}
LOGGER.debug("Initializing ldap connection pool for [{}] and bindDn [{}]", l.getLdapUrl(), l.getBindDn());
pooledCf.initialize();
return pooledCf;
}
Aggregations