activemq-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From dk...@apache.org
Subject activemq git commit: [AMQ-6529] Make sure the LDAP ACL's are definitely loaded when needed.
Date Wed, 07 Dec 2016 19:41:00 GMT
Repository: activemq
Updated Branches:
  refs/heads/master 4b3f07e90 -> 1a2e3eb0c


[AMQ-6529] Make sure the LDAP ACL's are definitely loaded when needed.


Project: http://git-wip-us.apache.org/repos/asf/activemq/repo
Commit: http://git-wip-us.apache.org/repos/asf/activemq/commit/1a2e3eb0
Tree: http://git-wip-us.apache.org/repos/asf/activemq/tree/1a2e3eb0
Diff: http://git-wip-us.apache.org/repos/asf/activemq/diff/1a2e3eb0

Branch: refs/heads/master
Commit: 1a2e3eb0c76b0a44244f8f4bd69b3dfe1331741b
Parents: 4b3f07e
Author: Daniel Kulp <dkulp@apache.org>
Authored: Wed Dec 7 14:27:33 2016 -0500
Committer: Daniel Kulp <dkulp@apache.org>
Committed: Wed Dec 7 14:29:36 2016 -0500

----------------------------------------------------------------------
 .../SimpleCachedLDAPAuthorizationMap.java        | 19 ++++++++++++++-----
 1 file changed, 14 insertions(+), 5 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/activemq/blob/1a2e3eb0/activemq-broker/src/main/java/org/apache/activemq/security/SimpleCachedLDAPAuthorizationMap.java
----------------------------------------------------------------------
diff --git a/activemq-broker/src/main/java/org/apache/activemq/security/SimpleCachedLDAPAuthorizationMap.java
b/activemq-broker/src/main/java/org/apache/activemq/security/SimpleCachedLDAPAuthorizationMap.java
index 9f888b9..44c23f6 100644
--- a/activemq-broker/src/main/java/org/apache/activemq/security/SimpleCachedLDAPAuthorizationMap.java
+++ b/activemq-broker/src/main/java/org/apache/activemq/security/SimpleCachedLDAPAuthorizationMap.java
@@ -27,6 +27,7 @@ import java.util.concurrent.ThreadFactory;
 import java.util.concurrent.ThreadPoolExecutor;
 import java.util.concurrent.TimeUnit;
 import java.util.concurrent.atomic.AtomicReference;
+import java.util.concurrent.locks.ReentrantReadWriteLock;
 
 import javax.naming.Binding;
 import javax.naming.Context;
@@ -93,7 +94,7 @@ public class SimpleCachedLDAPAuthorizationMap implements AuthorizationMap
{
     protected String groupClass = DefaultAuthorizationMap.DEFAULT_GROUP_CLASS;
 
     // Internal State
-    private long lastUpdated;
+    private long lastUpdated = -1;
 
     private static String ANY_DESCENDANT = "\\$";
 
@@ -222,8 +223,9 @@ public class SimpleCachedLDAPAuthorizationMap implements AuthorizationMap
{
      *             if there is an unrecoverable error processing the directory contents
      */
     @SuppressWarnings("rawtypes")
-    protected void query() throws Exception {
+    protected synchronized void query() throws Exception {
         DirContext currentContext = open();
+        entries.clear();
 
         final SearchControls constraints = new SearchControls();
         constraints.setSearchScope(SearchControls.SUBTREE_SCOPE);
@@ -668,11 +670,20 @@ public class SimpleCachedLDAPAuthorizationMap implements AuthorizationMap
{
      * refresh interval has elapsed.
      */
     protected void checkForUpdates() {
+        if (lastUpdated == -1) {
+            //ACL's have never been queried, but we need them NOW as we're being asked for
them. 
+            try {
+                query();
+                return;
+            } catch (Exception e) {
+                LOG.error("Error updating authorization map.  Partial policy may be applied
until the next successful update.", e);
+            }
+        }
 
         if (context != null && refreshDisabled) {
             return;
         }
-
+        
         if (context == null || (!refreshDisabled && (refreshInterval != -1 &&
System.currentTimeMillis() >= lastUpdated + refreshInterval))) {
             this.updaterService.execute(new Runnable() {
                 @Override
@@ -691,8 +702,6 @@ public class SimpleCachedLDAPAuthorizationMap implements AuthorizationMap
{
                             }
                         }
 
-                        entries.clear();
-
                         LOG.debug("Updating authorization map!");
                         try {
                             query();


Mime
View raw message