#678: reopen ldap connection for each login

2025-12-13 17:56:20 +00:00 · 2023-06-29 21:33:05 +02:00
parent 39f96cbd28
commit 2bdb2dc34f
3 changed files with 22 additions and 47 deletions
--- a/docs-core/src/main/java/com/sismics/docs/core/util/authentication/LdapAuthenticationHandler.java
+++ b/docs-core/src/main/java/com/sismics/docs/core/util/authentication/LdapAuthenticationHandler.java
@@ -13,10 +13,9 @@ import org.apache.directory.api.ldap.model.entry.Attribute;
 import org.apache.directory.api.ldap.model.entry.Entry;
 import org.apache.directory.api.ldap.model.entry.Value;
 import org.apache.directory.api.ldap.model.message.SearchScope;
-import org.apache.directory.ldap.client.api.DefaultLdapConnectionFactory;
+import org.apache.directory.ldap.client.api.LdapConnection;
 import org.apache.directory.ldap.client.api.LdapConnectionConfig;
-import org.apache.directory.ldap.client.api.LdapConnectionPool;
-import org.apache.directory.ldap.client.api.ValidatingPoolableLdapConnectionFactory;
+import org.apache.directory.ldap.client.api.LdapNetworkConnection;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;

@@ -35,32 +34,14 @@ public class LdapAuthenticationHandler implements AuthenticationHandler {
    private static final Logger log = LoggerFactory.getLogger(LdapAuthenticationHandler.class);

    /**
-     * LDAP connection pool.
+     * Get a LDAP connection.
+     * @return LdapConnection
     */
-    private static LdapConnectionPool pool;
-
-    /**
-     * Reset the LDAP pool.
-     */
-    public static void reset() {
-        if (pool != null) {
-            try {
-                pool.close();
-            } catch (Exception e) {
-                // NOP
-            }
-        }
-        pool = null;
-    }
-
-    /**
-     * Initialize the LDAP pool.
-     */
-    private static void init() {
+    private LdapConnection getConnection() {
        ConfigDao configDao = new ConfigDao();
        Config ldapEnabled = configDao.getById(ConfigType.LDAP_ENABLED);
-        if (pool != null || ldapEnabled == null || !Boolean.parseBoolean(ldapEnabled.getValue())) {
-            return;
+        if (ldapEnabled == null || !Boolean.parseBoolean(ldapEnabled.getValue())) {
+            return null;
        }

        LdapConnectionConfig config = new LdapConnectionConfig();
@@ -70,25 +51,23 @@ public class LdapAuthenticationHandler implements AuthenticationHandler {
        config.setName(ConfigUtil.getConfigStringValue(ConfigType.LDAP_ADMIN_DN));
        config.setCredentials(ConfigUtil.getConfigStringValue(ConfigType.LDAP_ADMIN_PASSWORD));

-        DefaultLdapConnectionFactory factory = new DefaultLdapConnectionFactory(config);
-        pool = new LdapConnectionPool(new ValidatingPoolableLdapConnectionFactory(factory), null);
+        return new LdapNetworkConnection(config);
    }

    @Override
    public User authenticate(String username, String password) {
-        init();
-        if (pool == null) {
-            return null;
-        }
-
        // Fetch and authenticate the user
        Entry userEntry;
-        try {
-            EntryCursor cursor = pool.getConnection().search(ConfigUtil.getConfigStringValue(ConfigType.LDAP_BASE_DN),
+        try (LdapConnection ldapConnection = getConnection()) {
+            if (ldapConnection == null) {
+                return null;
+            }
+
+            EntryCursor cursor = ldapConnection.search(ConfigUtil.getConfigStringValue(ConfigType.LDAP_BASE_DN),
                    ConfigUtil.getConfigStringValue(ConfigType.LDAP_FILTER).replace("USERNAME", username), SearchScope.SUBTREE);
            if (cursor.next()) {
                userEntry = cursor.get();
-                pool.getConnection().bind(userEntry.getDn(), password);
+                ldapConnection.bind(userEntry.getDn(), password);
            } else {
                // User not found
                return null;