This closes #2931
This commit is contained in:
commit
6bbd2bf857
|
@ -89,6 +89,7 @@ public class LDAPLoginModule implements LoginModule {
|
||||||
private static final String PASSWORD_CODEC = "passwordCodec";
|
private static final String PASSWORD_CODEC = "passwordCodec";
|
||||||
private static final String CONNECTION_POOL = "connectionPool";
|
private static final String CONNECTION_POOL = "connectionPool";
|
||||||
private static final String CONNECTION_TIMEOUT = "connectionTimeout";
|
private static final String CONNECTION_TIMEOUT = "connectionTimeout";
|
||||||
|
private static final String READ_TIMEOUT = "readTimeout";
|
||||||
|
|
||||||
protected DirContext context;
|
protected DirContext context;
|
||||||
|
|
||||||
|
@ -135,7 +136,8 @@ public class LDAPLoginModule implements LoginModule {
|
||||||
new LDAPLoginProperty(REFERRAL, (String) options.get(REFERRAL)),
|
new LDAPLoginProperty(REFERRAL, (String) options.get(REFERRAL)),
|
||||||
new LDAPLoginProperty(IGNORE_PARTIAL_RESULT_EXCEPTION, (String) options.get(IGNORE_PARTIAL_RESULT_EXCEPTION)),
|
new LDAPLoginProperty(IGNORE_PARTIAL_RESULT_EXCEPTION, (String) options.get(IGNORE_PARTIAL_RESULT_EXCEPTION)),
|
||||||
new LDAPLoginProperty(CONNECTION_POOL, (String) options.get(CONNECTION_POOL)),
|
new LDAPLoginProperty(CONNECTION_POOL, (String) options.get(CONNECTION_POOL)),
|
||||||
new LDAPLoginProperty(CONNECTION_TIMEOUT, (String) options.get(CONNECTION_TIMEOUT))};
|
new LDAPLoginProperty(CONNECTION_TIMEOUT, (String) options.get(CONNECTION_TIMEOUT)),
|
||||||
|
new LDAPLoginProperty(READ_TIMEOUT, (String) options.get(READ_TIMEOUT))};
|
||||||
|
|
||||||
if (isLoginPropertySet(AUTHENTICATE_USER)) {
|
if (isLoginPropertySet(AUTHENTICATE_USER)) {
|
||||||
authenticateUser = Boolean.valueOf(getLDAPPropertyValue(AUTHENTICATE_USER));
|
authenticateUser = Boolean.valueOf(getLDAPPropertyValue(AUTHENTICATE_USER));
|
||||||
|
@ -640,6 +642,9 @@ public class LDAPLoginModule implements LoginModule {
|
||||||
if (isLoginPropertySet(CONNECTION_TIMEOUT)) {
|
if (isLoginPropertySet(CONNECTION_TIMEOUT)) {
|
||||||
env.put("com.sun.jndi.ldap.connect.timeout", getLDAPPropertyValue(CONNECTION_TIMEOUT));
|
env.put("com.sun.jndi.ldap.connect.timeout", getLDAPPropertyValue(CONNECTION_TIMEOUT));
|
||||||
}
|
}
|
||||||
|
if (isLoginPropertySet(READ_TIMEOUT)) {
|
||||||
|
env.put("com.sun.jndi.ldap.read.timeout", getLDAPPropertyValue(READ_TIMEOUT));
|
||||||
|
}
|
||||||
|
|
||||||
// handle LDAP referrals
|
// handle LDAP referrals
|
||||||
// valid values are "throw", "ignore" and "follow"
|
// valid values are "throw", "ignore" and "follow"
|
||||||
|
|
|
@ -608,12 +608,37 @@ system. It is implemented by
|
||||||
for the connection to the directory server. This option must be set explicitly
|
for the connection to the directory server. This option must be set explicitly
|
||||||
to an empty string, because it has no default value.
|
to an empty string, because it has no default value.
|
||||||
|
|
||||||
- `connectionPool`. boolean, enable the ldap connection pool property
|
- `connectionPool` - boolean, enable the LDAP connection pool property
|
||||||
'com.sun.jndi.ldap.connect.pool'. Note that the pool is [configured at the jvm level with system properties](https://docs.oracle.com/javase/jndi/tutorial/ldap/connect/config.html).
|
'com.sun.jndi.ldap.connect.pool'. Note that the pool is
|
||||||
|
[configured at the jvm level with system properties](https://docs.oracle.com/javase/jndi/tutorial/ldap/connect/config.html).
|
||||||
|
|
||||||
|
- `connectionTimeout` - specifies the string representation of an integer
|
||||||
|
representing the connection timeout in milliseconds. If the LDAP provider
|
||||||
|
cannot establish a connection within that period, it aborts the connection
|
||||||
|
attempt. The integer should be greater than zero. An integer less than or
|
||||||
|
equal to zero means to use the network protocol's (i.e., TCP's) timeout
|
||||||
|
value.
|
||||||
|
|
||||||
- `connectionTimeout`. String milliseconds, that can time limit a ldap connection
|
If `connectionTimeout` is not specified, the default is to wait for the
|
||||||
attempt. The default is infinite.
|
connection to be established or until the underlying network times out.
|
||||||
|
|
||||||
|
When connection pooling has been requested for a connection, this property
|
||||||
|
also determines the maximum wait time for a connection when all connections
|
||||||
|
in the pool are in use and the maximum pool size has been reached. If the
|
||||||
|
value of this property is less than or equal to zero under such
|
||||||
|
circumstances, the provider will wait indefinitely for a connection to
|
||||||
|
become available; otherwise, the provider will abort the wait when the
|
||||||
|
maximum wait time has been exceeded. See `connectionPool` for more details.
|
||||||
|
|
||||||
|
- `readTimeout` - specifies the string representation of an integer representing
|
||||||
|
the read timeout in milliseconds for LDAP operations. If the LDAP provider
|
||||||
|
cannot get a LDAP response within that period, it aborts the read attempt.
|
||||||
|
The integer should be greater than zero. An integer less than or equal to
|
||||||
|
zero means no read timeout is specified which is equivalent to waiting for
|
||||||
|
the response infinitely until it is received.
|
||||||
|
|
||||||
|
If `readTimeout` is not specified, the default is to wait for the response
|
||||||
|
until it is received.
|
||||||
|
|
||||||
- `userBase` - selects a particular subtree of the DIT to search for user
|
- `userBase` - selects a particular subtree of the DIT to search for user
|
||||||
entries. The subtree is specified by a DN, which specifes the base node of
|
entries. The subtree is specified by a DN, which specifes the base node of
|
||||||
|
|
Loading…
Reference in New Issue