directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Shawn McKinney (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (FC-42) Avoid pulling a new connection from the LDAP connection pool
Date Wed, 20 May 2015 13:35:01 GMT

    [ https://issues.apache.org/jira/browse/FC-42?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14552325#comment-14552325
] 

Shawn McKinney commented on FC-42:
----------------------------------

** begin paste from doc **
This is a MOSTLY safe way to handle connections in a pool. If one would like to use a slightly
less expensive pool factory, the DefaultPoolableLdapConnectionFactory may be the right choice.
** end paste

Safety is good.  Will use in fortress-core.  There are three different pools maintained currently:
1. admin pool - used for privileged ldap ops like CRUD
2. log pool - used for privileged ldap ops (read) to slapd access log
3. user pool - user binds and password ops only.

Definitely want this new connection pool for #3 because under no circumstances should credentials
be retained between ops.  Is there a way to clear out the connection without performing a
rebind?

For 1 & 2 need to think.  The use case for those is to maintain pool of bound connections
with privileged service account user.  Definitely don't want to perform rebinds upon replacement.
 Looking at doc, I don't believe it will.  Not sure about the TLS ops, need to be sure.

** begin paste from doc **
A factory for creating LdapConnection objects managed by LdapConnectionPool. A bind operation
is executed upon return if any of the following operations were performed on the connection
while it was checked out:
bind()
anonymousBind()
bind(String)
bind(String, String)
bind(Dn)
bind(Dn, String)
bind(BindRequest)
extended(String) where oid is StartTLS
extended(String, byte[]) where oid is StartTLS
extended(String) where oid is StartTLS
extended(String, byte[]) where oid is StartTLS
extended(ExtendedRequest) where ExtendedRequest is StartTLS
** end paste **

> Avoid pulling a new connection from the LDAP connection pool
> ------------------------------------------------------------
>
>                 Key: FC-42
>                 URL: https://issues.apache.org/jira/browse/FC-42
>             Project: FORTRESS
>          Issue Type: Improvement
>    Affects Versions: 1.0.0-RC39
>            Reporter: Emmanuel Lecharny
>             Fix For: 1.0.0-RC41
>
>
> Atm, everytime we want to send a request to the LDAP server, we are acquiring a connection
from the LDAP pool of connections. It's quite expensive, as each connection has to be rebind
everytime we push it back, and we do a validation (thus a read) everytime we ask back a connection.

> If we were to pass the connection we picked in the first call to all the methods, we
would save those costly Bind and check. 



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message