activemq-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From dk...@apache.org
Subject activemq git commit: [AMQ-6529] Make sure the LDAP ACL's are definitely loaded when needed.
Date Thu, 08 Dec 2016 14:39:31 GMT
Repository: activemq
Updated Branches:
  refs/heads/activemq-5.14.x 8d1136e69 -> d3c5e8188


[AMQ-6529] Make sure the LDAP ACL's are definitely loaded when needed.


Project: http://git-wip-us.apache.org/repos/asf/activemq/repo
Commit: http://git-wip-us.apache.org/repos/asf/activemq/commit/d3c5e818
Tree: http://git-wip-us.apache.org/repos/asf/activemq/tree/d3c5e818
Diff: http://git-wip-us.apache.org/repos/asf/activemq/diff/d3c5e818

Branch: refs/heads/activemq-5.14.x
Commit: d3c5e8188d0e6ab693be4ff681c143b0bdcd7828
Parents: 8d1136e
Author: Daniel Kulp <dkulp@apache.org>
Authored: Wed Dec 7 14:27:33 2016 -0500
Committer: Daniel Kulp <dkulp@apache.org>
Committed: Thu Dec 8 09:39:17 2016 -0500

----------------------------------------------------------------------
 .../SimpleCachedLDAPAuthorizationMap.java        | 19 ++++++++++++++-----
 1 file changed, 14 insertions(+), 5 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/activemq/blob/d3c5e818/activemq-broker/src/main/java/org/apache/activemq/security/SimpleCachedLDAPAuthorizationMap.java
----------------------------------------------------------------------
diff --git a/activemq-broker/src/main/java/org/apache/activemq/security/SimpleCachedLDAPAuthorizationMap.java
b/activemq-broker/src/main/java/org/apache/activemq/security/SimpleCachedLDAPAuthorizationMap.java
index 9f888b9..44c23f6 100644
--- a/activemq-broker/src/main/java/org/apache/activemq/security/SimpleCachedLDAPAuthorizationMap.java
+++ b/activemq-broker/src/main/java/org/apache/activemq/security/SimpleCachedLDAPAuthorizationMap.java
@@ -27,6 +27,7 @@ import java.util.concurrent.ThreadFactory;
 import java.util.concurrent.ThreadPoolExecutor;
 import java.util.concurrent.TimeUnit;
 import java.util.concurrent.atomic.AtomicReference;
+import java.util.concurrent.locks.ReentrantReadWriteLock;
 
 import javax.naming.Binding;
 import javax.naming.Context;
@@ -93,7 +94,7 @@ public class SimpleCachedLDAPAuthorizationMap implements AuthorizationMap
{
     protected String groupClass = DefaultAuthorizationMap.DEFAULT_GROUP_CLASS;
 
     // Internal State
-    private long lastUpdated;
+    private long lastUpdated = -1;
 
     private static String ANY_DESCENDANT = "\\$";
 
@@ -222,8 +223,9 @@ public class SimpleCachedLDAPAuthorizationMap implements AuthorizationMap
{
      *             if there is an unrecoverable error processing the directory contents
      */
     @SuppressWarnings("rawtypes")
-    protected void query() throws Exception {
+    protected synchronized void query() throws Exception {
         DirContext currentContext = open();
+        entries.clear();
 
         final SearchControls constraints = new SearchControls();
         constraints.setSearchScope(SearchControls.SUBTREE_SCOPE);
@@ -668,11 +670,20 @@ public class SimpleCachedLDAPAuthorizationMap implements AuthorizationMap
{
      * refresh interval has elapsed.
      */
     protected void checkForUpdates() {
+        if (lastUpdated == -1) {
+            //ACL's have never been queried, but we need them NOW as we're being asked for
them. 
+            try {
+                query();
+                return;
+            } catch (Exception e) {
+                LOG.error("Error updating authorization map.  Partial policy may be applied
until the next successful update.", e);
+            }
+        }
 
         if (context != null && refreshDisabled) {
             return;
         }
-
+        
         if (context == null || (!refreshDisabled && (refreshInterval != -1 &&
System.currentTimeMillis() >= lastUpdated + refreshInterval))) {
             this.updaterService.execute(new Runnable() {
                 @Override
@@ -691,8 +702,6 @@ public class SimpleCachedLDAPAuthorizationMap implements AuthorizationMap
{
                             }
                         }
 
-                        entries.clear();
-
                         LOG.debug("Updating authorization map!");
                         try {
                             query();


Mime
View raw message