[jira] [Commented] (FC-42) Avoid pulling a new connection from the LDAP connection pool

Wed, 20 May 2015 06:35:41 -0700 

    [ 
https://issues.apache.org/jira/browse/FC-42?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14552325#comment-14552325
 ] 

Shawn McKinney commented on FC-42:
----------------------------------

** begin paste from doc **
This is a MOSTLY safe way to handle connections in a pool. If one would like to 
use a slightly less expensive pool factory, the 
DefaultPoolableLdapConnectionFactory may be the right choice.
** end paste

Safety is good.  Will use in fortress-core.  There are three different pools 
maintained currently:
1. admin pool - used for privileged ldap ops like CRUD
2. log pool - used for privileged ldap ops (read) to slapd access log
3. user pool - user binds and password ops only.

Definitely want this new connection pool for #3 because under no circumstances 
should credentials be retained between ops.  Is there a way to clear out the 
connection without performing a rebind?

For 1 & 2 need to think.  The use case for those is to maintain pool of bound 
connections with privileged service account user.  Definitely don't want to 
perform rebinds upon replacement.  Looking at doc, I don't believe it will.  
Not sure about the TLS ops, need to be sure.

** begin paste from doc **
A factory for creating LdapConnection objects managed by LdapConnectionPool. A 
bind operation is executed upon return if any of the following operations were 
performed on the connection while it was checked out:
bind()
anonymousBind()
bind(String)
bind(String, String)
bind(Dn)
bind(Dn, String)
bind(BindRequest)
extended(String) where oid is StartTLS
extended(String, byte[]) where oid is StartTLS
extended(String) where oid is StartTLS
extended(String, byte[]) where oid is StartTLS
extended(ExtendedRequest) where ExtendedRequest is StartTLS
** end paste **

> Avoid pulling a new connection from the LDAP connection pool
> ------------------------------------------------------------
>
>                 Key: FC-42
>                 URL: https://issues.apache.org/jira/browse/FC-42
>             Project: FORTRESS
>          Issue Type: Improvement
>    Affects Versions: 1.0.0-RC39
>            Reporter: Emmanuel Lecharny
>             Fix For: 1.0.0-RC41
>
>
> Atm, everytime we want to send a request to the LDAP server, we are acquiring 
> a connection from the LDAP pool of connections. It's quite expensive, as each 
> connection has to be rebind everytime we push it back, and we do a validation 
> (thus a read) everytime we ask back a connection. 
> If we were to pass the connection we picked in the first call to all the 
> methods, we would save those costly Bind and check. 



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to