Loading projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapDAO.java +7 −1 Original line number Diff line number Diff line Loading @@ -70,6 +70,7 @@ package ca.nrc.cadc.ac.server.ldap; import ca.nrc.cadc.auth.DNPrincipal; import ca.nrc.cadc.net.TransientException; import ca.nrc.cadc.profiler.Profiler; import com.unboundid.ldap.sdk.DN; import com.unboundid.ldap.sdk.LDAPConnection; import com.unboundid.ldap.sdk.LDAPException; Loading @@ -95,6 +96,8 @@ public abstract class LdapDAO LdapConfig config; DN subjDN = null; private Profiler profiler = new Profiler(LdapDAO.class); public LdapDAO(LdapConfig config) { if (config == null) Loading @@ -119,7 +122,9 @@ public abstract class LdapDAO { conn = new LDAPConnection(getSocketFactory(), config.getServer(), config.getPort()); profiler.checkpoint("new-LDAPConnection"); conn.bind(config.getAdminUserDN(), config.getAdminPasswd()); profiler.checkpoint("LDAPConnection.bind-adminUser"); } return conn; Loading @@ -132,6 +137,7 @@ public abstract class LdapDAO if (config.isSecure()) { socketFactory = createSSLSocketFactory(); profiler.checkpoint("createSSLSocketFactory"); } else { Loading projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapGroupDAO.java +47 −16 Original line number Diff line number Diff line Loading @@ -89,12 +89,14 @@ import ca.nrc.cadc.ac.User; import ca.nrc.cadc.ac.UserNotFoundException; import ca.nrc.cadc.ac.server.GroupDetailSelector; import ca.nrc.cadc.net.TransientException; import ca.nrc.cadc.profiler.Profiler; import ca.nrc.cadc.util.StringUtil; import com.unboundid.ldap.sdk.AddRequest; import com.unboundid.ldap.sdk.Attribute; import com.unboundid.ldap.sdk.DN; import com.unboundid.ldap.sdk.Filter; import com.unboundid.ldap.sdk.LDAPConnection; import com.unboundid.ldap.sdk.LDAPException; import com.unboundid.ldap.sdk.LDAPResult; import com.unboundid.ldap.sdk.LDAPSearchException; Loading @@ -105,8 +107,11 @@ import com.unboundid.ldap.sdk.ResultCode; import com.unboundid.ldap.sdk.SearchRequest; import com.unboundid.ldap.sdk.SearchResult; import com.unboundid.ldap.sdk.SearchResultEntry; import com.unboundid.ldap.sdk.SearchResultListener; import com.unboundid.ldap.sdk.SearchResultReference; import com.unboundid.ldap.sdk.SearchScope; import com.unboundid.ldap.sdk.controls.ProxiedAuthorizationV2RequestControl; import java.util.LinkedList; public class LdapGroupDAO<T extends Principal> extends LdapDAO { Loading @@ -125,6 +130,8 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO "entrydn", "cn", "nsaccountlock", "owner", "modifytimestamp", "description", "uniquemember" }; private Profiler profiler = new Profiler(LdapDAO.class); private LdapUserDAO<T> userPersist; // this gets filled by the LdapgroupPersistence Loading Loading @@ -347,17 +354,48 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO { try { Filter filter = Filter.createPresenceFilter("cn"); String [] attributes = new String[] {"cn", "nsaccountlock"}; Filter filter = Filter.createNOTFilter(Filter.createPresenceFilter("nsaccountlock")); filter = Filter.createANDFilter(filter, Filter.create("(cn=*)")); SearchRequest searchRequest = new SearchRequest(config.getGroupsDN(), SearchScope.SUB, filter, attributes); final List<String> groupNames = new LinkedList<String>(); SearchRequest searchRequest = new SearchRequest( new SearchResultListener() { long t1 = System.currentTimeMillis(); public void searchEntryReturned(SearchResultEntry sre) { String gname = sre.getAttributeValue("cn"); groupNames.add(gname); long t2 = System.currentTimeMillis(); long dt = t2 - t1; if (groupNames.size() == 1) { logger.debug("first row: " + dt + "ms"); t1 = t2; } if ( (groupNames.size() % 100) == 0) { logger.debug("found: " + groupNames.size() + " " + dt + "ms"); t1 = t2; } } public void searchReferenceReturned(SearchResultReference srr) { throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates. } }, config.getGroupsDN(), SearchScope.ONE, filter, PUB_GROUP_ATTRS); SearchResult searchResult = null; try { searchResult = getConnection().search(searchRequest); LDAPConnection con = getConnection(); profiler.checkpoint("getGroupNames.getConnection"); searchResult = con.search(searchRequest); profiler.checkpoint("getGroupNames.search"); } catch (LDAPSearchException e) { Loading @@ -372,14 +410,7 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO } LdapDAO.checkLdapResult(searchResult.getResultCode()); List<String> groupNames = new ArrayList<String>(); for (SearchResultEntry next : searchResult.getSearchEntries()) { if (!next.hasAttribute("nsaccountlock")) { groupNames.add(next.getAttributeValue("cn")); } } profiler.checkpoint("checkLdapResult"); return groupNames; } Loading @@ -389,9 +420,9 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO LdapDAO.checkLdapResult(e1.getResultCode()); throw new IllegalStateException("Unexpected exception: " + e1.getMatchedDN(), e1); } } /** * Get the group with members. * Loading Loading
projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapDAO.java +7 −1 Original line number Diff line number Diff line Loading @@ -70,6 +70,7 @@ package ca.nrc.cadc.ac.server.ldap; import ca.nrc.cadc.auth.DNPrincipal; import ca.nrc.cadc.net.TransientException; import ca.nrc.cadc.profiler.Profiler; import com.unboundid.ldap.sdk.DN; import com.unboundid.ldap.sdk.LDAPConnection; import com.unboundid.ldap.sdk.LDAPException; Loading @@ -95,6 +96,8 @@ public abstract class LdapDAO LdapConfig config; DN subjDN = null; private Profiler profiler = new Profiler(LdapDAO.class); public LdapDAO(LdapConfig config) { if (config == null) Loading @@ -119,7 +122,9 @@ public abstract class LdapDAO { conn = new LDAPConnection(getSocketFactory(), config.getServer(), config.getPort()); profiler.checkpoint("new-LDAPConnection"); conn.bind(config.getAdminUserDN(), config.getAdminPasswd()); profiler.checkpoint("LDAPConnection.bind-adminUser"); } return conn; Loading @@ -132,6 +137,7 @@ public abstract class LdapDAO if (config.isSecure()) { socketFactory = createSSLSocketFactory(); profiler.checkpoint("createSSLSocketFactory"); } else { Loading
projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapGroupDAO.java +47 −16 Original line number Diff line number Diff line Loading @@ -89,12 +89,14 @@ import ca.nrc.cadc.ac.User; import ca.nrc.cadc.ac.UserNotFoundException; import ca.nrc.cadc.ac.server.GroupDetailSelector; import ca.nrc.cadc.net.TransientException; import ca.nrc.cadc.profiler.Profiler; import ca.nrc.cadc.util.StringUtil; import com.unboundid.ldap.sdk.AddRequest; import com.unboundid.ldap.sdk.Attribute; import com.unboundid.ldap.sdk.DN; import com.unboundid.ldap.sdk.Filter; import com.unboundid.ldap.sdk.LDAPConnection; import com.unboundid.ldap.sdk.LDAPException; import com.unboundid.ldap.sdk.LDAPResult; import com.unboundid.ldap.sdk.LDAPSearchException; Loading @@ -105,8 +107,11 @@ import com.unboundid.ldap.sdk.ResultCode; import com.unboundid.ldap.sdk.SearchRequest; import com.unboundid.ldap.sdk.SearchResult; import com.unboundid.ldap.sdk.SearchResultEntry; import com.unboundid.ldap.sdk.SearchResultListener; import com.unboundid.ldap.sdk.SearchResultReference; import com.unboundid.ldap.sdk.SearchScope; import com.unboundid.ldap.sdk.controls.ProxiedAuthorizationV2RequestControl; import java.util.LinkedList; public class LdapGroupDAO<T extends Principal> extends LdapDAO { Loading @@ -125,6 +130,8 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO "entrydn", "cn", "nsaccountlock", "owner", "modifytimestamp", "description", "uniquemember" }; private Profiler profiler = new Profiler(LdapDAO.class); private LdapUserDAO<T> userPersist; // this gets filled by the LdapgroupPersistence Loading Loading @@ -347,17 +354,48 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO { try { Filter filter = Filter.createPresenceFilter("cn"); String [] attributes = new String[] {"cn", "nsaccountlock"}; Filter filter = Filter.createNOTFilter(Filter.createPresenceFilter("nsaccountlock")); filter = Filter.createANDFilter(filter, Filter.create("(cn=*)")); SearchRequest searchRequest = new SearchRequest(config.getGroupsDN(), SearchScope.SUB, filter, attributes); final List<String> groupNames = new LinkedList<String>(); SearchRequest searchRequest = new SearchRequest( new SearchResultListener() { long t1 = System.currentTimeMillis(); public void searchEntryReturned(SearchResultEntry sre) { String gname = sre.getAttributeValue("cn"); groupNames.add(gname); long t2 = System.currentTimeMillis(); long dt = t2 - t1; if (groupNames.size() == 1) { logger.debug("first row: " + dt + "ms"); t1 = t2; } if ( (groupNames.size() % 100) == 0) { logger.debug("found: " + groupNames.size() + " " + dt + "ms"); t1 = t2; } } public void searchReferenceReturned(SearchResultReference srr) { throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates. } }, config.getGroupsDN(), SearchScope.ONE, filter, PUB_GROUP_ATTRS); SearchResult searchResult = null; try { searchResult = getConnection().search(searchRequest); LDAPConnection con = getConnection(); profiler.checkpoint("getGroupNames.getConnection"); searchResult = con.search(searchRequest); profiler.checkpoint("getGroupNames.search"); } catch (LDAPSearchException e) { Loading @@ -372,14 +410,7 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO } LdapDAO.checkLdapResult(searchResult.getResultCode()); List<String> groupNames = new ArrayList<String>(); for (SearchResultEntry next : searchResult.getSearchEntries()) { if (!next.hasAttribute("nsaccountlock")) { groupNames.add(next.getAttributeValue("cn")); } } profiler.checkpoint("checkLdapResult"); return groupNames; } Loading @@ -389,9 +420,9 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO LdapDAO.checkLdapResult(e1.getResultCode()); throw new IllegalStateException("Unexpected exception: " + e1.getMatchedDN(), e1); } } /** * Get the group with members. * Loading
