activemq-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Dejan Bosanac (JIRA)" <j...@apache.org>
Subject [jira] [Resolved] (AMQ-3845) CachedLDAPAuthorizationMap doesn't handle the ldap connectino dying
Date Mon, 11 Jun 2012 09:29:43 GMT

     [ https://issues.apache.org/jira/browse/AMQ-3845?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Dejan Bosanac resolved AMQ-3845.
--------------------------------

       Resolution: Fixed
    Fix Version/s: 5.7.0

Fixed with svn revision 1348761. I added some logic around handling a context and recreating
it if necessary.
                
> CachedLDAPAuthorizationMap doesn't handle the ldap connectino dying
> -------------------------------------------------------------------
>
>                 Key: AMQ-3845
>                 URL: https://issues.apache.org/jira/browse/AMQ-3845
>             Project: ActiveMQ
>          Issue Type: Bug
>          Components: Broker
>    Affects Versions: 5.6.0
>            Reporter: Mike Bryant
>            Assignee: Dejan Bosanac
>              Labels: authorization, ldap, quick_to_fix, security
>             Fix For: 5.7.0
>
>   Original Estimate: 10m
>  Remaining Estimate: 10m
>
> If the ldap connection dies for some reason (ldap server restarting etc.), the broker
will continue to attempt to use the old connection for authorization, resulting in all attempts
to use the broker being denied.
> In CachedLDAPAuthorizationMap.java, the open() function just returns the context if one
exists. Instead, it should check to see if the context is still valid, and if not create one.
> Alternatively, the caching of the ldap connection can be removed entirely, and then in
the refreshInterval>0 case, a new ldap connection will be made each refresh interval (default
setting: every 5 minutes).
> i.e. delete these lines:
>         if (context != null) {
>             return context;
>         }

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message