ReadOnlyUsersLDAPRepository should use search instead of list for finding users
-------------------------------------------------------------------------------
Key: JAMES-1020
URL: https://issues.apache.org/jira/browse/JAMES-1020
Project: JAMES Server
Issue Type: Improvement
Components: UsersStore & UsersRepository
Affects Versions: Trunk
Reporter: Jeff Huff
The ReadOnlyUsersLDAPRepository uses the SimpleLDAPConnection to call list() on
the configured baseDN. That method returns only nodes at the given base node,
it does not search the sub scope. It also returns elements that are not really
nodes like referrals. The result is a NullPointerException when connecting to
ActiveDirectory instances and listing all users.
An attached patch suggests an additional configuration parameter for the
userObjectClass and calls search() instead of list() with a SearchCriteria set
to search the given base and the sub scope as an alternative implementation.
It seems that the SimpleLDAPConnection which is created once, can timout and
cause all subsequent queries to fail with socket exceptions.
We should consider using spring-ldap to handle pooling and connection cleanup.
http://www.springsource.org/ldap
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
