[
https://issues.apache.org/jira/browse/FTPSERVER-391?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12931654#action_12931654
]
Emmanuel Lecharny commented on FTPSERVER-391:
---------------------------------------------
Good job !!!
Some few notes :
- when doing an authenticate(), no need to get the user first to check if it
exists before doing the bind. Do the bind directly, you'll avoid one round trip
with the LDAP server (if teh user does not exist anyway, the bindLdap will
fail). Also if the password is encrypted, you won't be able to compare what you
got from LDAP with the real password.
- When using Enumeration, dont forget to *close* them. If you don't, you'll get
some leaking resources at some point (for instance, if you are usig a pool of
LDAP connections, at some point, you will have delays as the connection
attribution system will have to wait for a enumeration to be closed to release
a connection or for a connection timeout to occur).
- Also consider returning an Entry instead of a NamingEnumeration. Returning
such a data structure requires the user to close it, something nobody is likely
to know...
JNDI is really FUBR wrt connection and enumeration handling, requiring that you
close both of them manually. And don't expect a NamingEnumeration to be closed
when you close the connection it is originated from : this won't happen. Thanks
the JNDI designer for such a lame behaviour...
- The cache can be implemented using the commons.collection LRUMap. You'll
spare tens of line of codes, and a lot of debugging. Note that LRUMap is *not*
synchronized, so you'll have to use a synchronized version of this data
Structure : Collections.synchronizedMap(Map)
http://commons.apache.org/collections/apidocs/org/apache/commons/collections/map/LRUMap.html
- There are some missing Javadoc on public methods.
Nothing seriously broken, otherwise, AFAICT. Again, good job !
> LDAP support
> ------------
>
> Key: FTPSERVER-391
> URL: https://issues.apache.org/jira/browse/FTPSERVER-391
> Project: FtpServer
> Issue Type: New Feature
> Components: Core
> Reporter: Andrey Domas
> Fix For: 1.1.0
>
> Attachments: mina-1.1.0-ldap.patch
>
>
> Patch with cached LDAP support.
> Features:
> * Authorization from LDAP(JNDI client implementation).
> * Cache for the search results in a directory for authentication (password
> is cached in the successful bindu).
> Cache options:
> - ttl - time to live of the object in the cache (seconds)
> - size - max. cache size(number of the objects)
> - check-interval - interval of the periodic cleaning job(search and
> remove expired objects, seconds)
> * User preferences received from LDAP attributes:
> username
> home directory
> enabled - if present then the user has the login permission)
> write permission - if present then the user has the write permission
> under home directory
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
