[
https://issues.apache.org/jira/browse/KNOX-3336?focusedWorklogId=1024131&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-1024131
]
ASF GitHub Bot logged work on KNOX-3336:
----------------------------------------
Author: ASF GitHub Bot
Created on: 08/Jun/26 16:24
Start Date: 08/Jun/26 16:24
Worklog Time Spent: 10m
Work Description: hanicz opened a new pull request, #1250:
URL: https://github.com/apache/knox/pull/1250
[KNOX-3336](https://issues.apache.org/jira/browse/KNOX-3336) - New LDAP
Service Factory
## What changes were proposed in this pull request?
- Moved the LDAP Service creation into its own factory class to follow the
existing pattern
- Bugfix: If `ldap.enabled` was set to `false` initially reloadable configs
wouldn't mater because the LDAP service was unable to start. The isLDAPEnabled
guard is no longer needed in DefaultGatewayServices because
KnoxLDAPService.init() already handles it — when disabled, it simply sets
enabled = false and returns, making start()/stop() no-ops. The service object
is lightweight when inert, and keeping it alive lets onGatewayConfigChanged()
dynamically enable LDAP without a gateway restart.
## How was this patch tested?
Unit tests, local test with reloadable.
Manual test:
Started a local Knox and LDAP instance. Changed the knoxsso ldap port to
3890 and tried to login into the homepage which failed. Updated the
gateway-reloadable.xml with the below ldap configs and I was able to log into
the homepage.
```
2026-06-08 18:00:34,783 INFO knox.gateway
(GatewayServer.java:refreshGatewayConfig(275)) - Refreshed gateway config
2026-06-08 18:00:34,786 INFO services.ldap
(KnoxLDAPService.java:onGatewayConfigChanged(87)) - Reloading LDAP configuration
2026-06-08 18:00:34,798 INFO services.ldap
(KnoxLDAPServerManager.java:stop(240)) - Stopping LDAP service on port 0
2026-06-08 18:00:34,798 INFO services.ldap
(KnoxLDAPServerManager.java:stop(260)) - LDAP service stopped successfully
2026-06-08 18:00:34,800 INFO services.ldap
(InterceptorFactory.java:createInterceptor(49)) - Creating interceptor: backend
(via ServiceLoader)
2026-06-08 18:00:34,801 INFO services.ldap
(BackendFactory.java:createBackend(46)) - Loading backend: ldap (via
ServiceLoader)
2026-06-08 18:00:34,804 INFO services.ldap
(LdapProxyBackend.java:<init>(146)) - Loading backend: localldap (via Proxying
dc=proxy,dc=com to ldap://localhost:33389 (dc=hadoop,dc=apache,dc=org) with uid
attribute using group searches)
2026-06-08 18:00:34,819 INFO services.ldap
(LdapProxyBackend.java:initializeConnectionPool(201)) - Loading backend: ldap
(via Initialized connection pool with maxActive=8)
2026-06-08 18:00:34,819 INFO services.ldap
(KnoxLDAPServerManager.java:start(133)) - Starting LDAP service on port 3,890
with base DN: dc=proxy,dc=com
2026-06-08 18:00:35,110 INFO services.ldap
(KnoxLDAPServerManager.java:start(186)) - LDAP service started successfully on
port 3,890
```
knoxsso.xml:
```
<param>
<name>main.ldapRealm.contextFactory.url</name>
<value>ldap://localhost:3890</value>
</param>
```
gateway-reloadable.xml
```
<!
Issue Time Tracking
-------------------
Worklog Id: (was: 1024131)
Remaining Estimate: 0h
Time Spent: 10m
> Improve LDAP Service creation with dedicated factory class
> ----------------------------------------------------------
>
> Key: KNOX-3336
> URL: https://issues.apache.org/jira/browse/KNOX-3336
> Project: Apache Knox
> Issue Type: Improvement
> Components: Server
> Affects Versions: 2.1.0
> Reporter: Tamás Hanicz
> Assignee: Tamás Hanicz
> Priority: Major
> Time Spent: 10m
> Remaining Estimate: 0h
>
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
