This is all Karaf 4.1.1 - sorry for not mentioning this earlier.
On Tue, 21 Feb 2023 at 18:01, Paul McCulloch <[email protected]> wrote:
> Matt,
> From memory (& less than stellar comments) I believe the issue is in
> concurrent access to getCache() & clear()
>
> public static LDAPCache getCache(LDAPOptions options) {
> LDAPCache cache = CACHES.get(options);
> if (cache == null) {
> CACHES.putIfAbsent(options, new LDAPCache(options));
> cache = CACHES.get(options);
> }
> return cache;
> }
>
> If clear() is called by another thread between the putIfAbsent() and get()
> then null is returned.
>
> A second issue (and this is just from memory & Karaf code review, so I may
> be mistaken) is that the LDAP cache is cleared in
> LDAPLoginModule.initialize(), but this method is called every time a user
> authenticates - so the cache is never used.
>
> Paul
>
>
> On Tue, 21 Feb 2023 at 15:27, Matt Pavlovich <[email protected]> wrote:
>
>> Paul-
>>
>> What issues have you found with the LDAP caching module? Please share, so
>> I can open a JIRA and fix it.
>>
>> Thanks!
>> Matt Pavlovich
>>
>> On Feb 21, 2023, at 4:42 AM, Paul McCulloch <[email protected]>
>> wrote:
>>
>> I use a DS component which instantiates an
>> org.apache.karaf.jaas.config.JaasRealm and registers it
>> via org.osgi.framework.BundleContext.registerService(Class<JaasRealm>,
>> JaasRealm, Dictionary<String, ?>).
>>
>> My DS component uses Config Admnin to configure the realm. I wrap the
>> standard Karaf LDAP module in my own caching proxy (as I found concurrency
>> issues
>> with org.apache.karaf.jaas.modules.ldap.LDAPCache.getCache(LDAPOptions)).
>>
>> I can't share the code, but I can answer any questions you have.
>>
>> Paul
>>
>> On Tue, 21 Feb 2023 at 08:09, Maurice Betzel <[email protected]>
>> wrote:
>>
>>> Dear community,
>>>
>>>
>>>
>>> I am building a new custom Karaf assembly and would like to avoid
>>> installing aries blueprint just for creating an LDAP login module.
>>>
>>> Does anybody have any experience with alternatives like declarative
>>> services or low-level activator setup willing to share the knowledge?
>>>
>>>
>>>
>>> Met vriendelijke groet / Mit freundlichen Grüßen / Kind regards,
>>>
>>> Maurice Betzel
>>> Principal Software Engineer
>>>
>>> Al onze verrichtingen geschieden op basis van de Algemene voorwaarden
>>> der Expediteurs van België, gepubliceerd in de bijlage tot het Belgisch
>>> Staatsblad dd. 24 juni 2005 onder nr. 0090237. De tekst van deze
>>> voorwaarden wordt op uw verzoek gratis toegezonden.
>>> All our transactions are subject to the General Conditions of the
>>> Belgian Forwarders Association which have been published under nr. 0090237
>>> in the "Bijlage tot het Belgisch Staatsblad" dated June 24th, 2005, and is
>>> available free of charge upon request.
>>> Toutes nos opérations se font sur base des Conditions Générales des
>>> Expéditeurs de Belgique. Le texte en a été publié dans l' Annexe au
>>> Moniteur Belge du 24 juin 2005 sous le n° 0090237. Ce texte sera vous
>>> envoyé gratuitment sur demande.
>>> Email confidentiality notice:
>>> This email and any files transmitted with it are confidential and
>>> intended only for the use of the recipient. If you have received this email
>>> in error please notify its sender.
>>>
>>
>>
