Author: jbonofre
Date: Tue Nov 8 19:16:12 2011
New Revision: 1199391
URL: http://svn.apache.org/viewvc?rev=1199391&view=rev
Log:
[KARAF-985] Call close() on the DirContext in case of exception
Modified:
karaf/branches/karaf-2.2.x/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/ldap/LDAPLoginModule.java
Modified:
karaf/branches/karaf-2.2.x/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/ldap/LDAPLoginModule.java
URL:
http://svn.apache.org/viewvc/karaf/branches/karaf-2.2.x/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/ldap/LDAPLoginModule.java?rev=1199391&r1=1199390&r2=1199391&view=diff
==============================================================================
---
karaf/branches/karaf-2.2.x/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/ldap/LDAPLoginModule.java
(original)
+++
karaf/branches/karaf-2.2.x/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/ldap/LDAPLoginModule.java
Tue Nov 8 19:16:12 2011
@@ -37,9 +37,7 @@ import java.util.Hashtable;
import java.util.Map;
/**
- * <p>
* Karaf JAAS login module which uses a LDAP backend.
- * </p>
*/
public class LDAPLoginModule extends AbstractKarafLoginModule {
@@ -170,9 +168,10 @@ public class LDAPLoginModule extends Abs
}
logger.debug("Get the user DN.");
String userDN;
+ DirContext context = null;
try {
logger.debug("Initialize the JNDI LDAP Dir Context.");
- DirContext context = new InitialDirContext(env);
+ context = new InitialDirContext(env);
logger.debug("Define the subtree scope search control.");
SearchControls controls = new SearchControls();
if (userSearchSubtree) {
@@ -194,8 +193,17 @@ public class LDAPLoginModule extends Abs
userDN = (String) result.getName();
} catch (Exception e) {
throw new LoginException("Can't connect to the LDAP server: " +
e.getMessage());
+ } finally {
+ if (context != null) {
+ try {
+ context.close();
+ } catch (Exception e) {
+ // ignore
+ }
+ }
}
// step 2: bind the user using the DN
+ context = null;
try {
logger.debug("Bind user (authentication).");
env.put(Context.SECURITY_AUTHENTICATION, authentication);
@@ -203,18 +211,27 @@ public class LDAPLoginModule extends Abs
env.put(Context.SECURITY_PRINCIPAL, userDN + "," + userBaseDN);
env.put(Context.SECURITY_CREDENTIALS, password);
logger.debug("Binding the user.");
- DirContext context = new InitialDirContext(env);
+ context = new InitialDirContext(env);
logger.debug("User " + user + " successfully bound.");
context.close();
} catch (Exception e) {
logger.warn("User " + user + " authentication failed.", e);
return false;
+ } finally {
+ if (context != null) {
+ try {
+ context.close();
+ } catch (Exception e) {
+ // ignore
+ }
+ }
}
principals.add(new UserPrincipal(user));
// step 3: retrieving user roles
+ context = null;
try {
logger.debug("Get user roles.");
- DirContext context = new InitialDirContext(env);
+ context = new InitialDirContext(env);
SearchControls controls = new SearchControls();
if (roleSearchSubtree) {
controls.setSearchScope(SearchControls.SUBTREE_SCOPE);
@@ -237,6 +254,14 @@ public class LDAPLoginModule extends Abs
}
} catch (Exception e) {
throw new LoginException("Can't get user " + user + " roles: " +
e.getMessage());
+ } finally {
+ if (context != null) {
+ try {
+ context.close();
+ } catch (Exception e) {
+ // ignore
+ }
+ }
}
return true;
}
