[
https://issues.apache.org/jira/browse/AMQ-3845?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Dejan Bosanac resolved AMQ-3845.
--------------------------------
Resolution: Fixed
Fix Version/s: 5.7.0
Fixed with svn revision 1348761. I added some logic around handling a context
and recreating it if necessary.
> CachedLDAPAuthorizationMap doesn't handle the ldap connectino dying
> -------------------------------------------------------------------
>
> Key: AMQ-3845
> URL: https://issues.apache.org/jira/browse/AMQ-3845
> Project: ActiveMQ
> Issue Type: Bug
> Components: Broker
> Affects Versions: 5.6.0
> Reporter: Mike Bryant
> Assignee: Dejan Bosanac
> Labels: authorization, ldap, quick_to_fix, security
> Fix For: 5.7.0
>
> Original Estimate: 10m
> Remaining Estimate: 10m
>
> If the ldap connection dies for some reason (ldap server restarting etc.),
> the broker will continue to attempt to use the old connection for
> authorization, resulting in all attempts to use the broker being denied.
> In CachedLDAPAuthorizationMap.java, the open() function just returns the
> context if one exists. Instead, it should check to see if the context is
> still valid, and if not create one.
> Alternatively, the caching of the ldap connection can be removed entirely,
> and then in the refreshInterval>0 case, a new ldap connection will be made
> each refresh interval (default setting: every 5 minutes).
> i.e. delete these lines:
> if (context != null) {
> return context;
> }
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
