Skip to content

O
Openfire
Commit 4755fbec authored by Alex Mateescu's avatar Alex Mateescu Committed by alexm
Browse files
Options

OF-704 Made LDAP connection timeout configurable for non-SSL connections 

git-svn-id: http://svn.igniterealtime.org/svn/repos/openfire/trunk@13754 b35dd754-fafc-0310-a699-88a17e54d16e
parent f96fceeb
Hide whitespace changes
Inline Side-by-side
Showing with 240 additions and 217 deletions
src/java/org/jivesoftware/openfire/ldap/LdapManager.java
View file @ 4755fbec
...@@ -95,7 +95,7 @@ import org.slf4j.LoggerFactory; ...@@ -95,7 +95,7 @@ import org.slf4j.LoggerFactory;
*/ */
public class LdapManager { public class LdapManager {
private static final Logger Log = LoggerFactory.getLogger(LdapManager.class); private static final Logger Log = LoggerFactory.getLogger(LdapManager.class);
private static LdapManager instance; private static LdapManager instance;
static { static {
...@@ -161,6 +161,7 @@ public class LdapManager { ...@@ -161,6 +161,7 @@ public class LdapManager {
private Collection<String> hosts = new ArrayList<String>(); private Collection<String> hosts = new ArrayList<String>();
private int port; private int port;
private int connTimeout = -1;
private int readTimeout = -1; private int readTimeout = -1;
private String usernameField; private String usernameField;
private String usernameSuffix; private String usernameSuffix;
...@@ -189,7 +190,7 @@ public class LdapManager { ...@@ -189,7 +190,7 @@ public class LdapManager {
private boolean posixMode = false; private boolean posixMode = false;
private String groupSearchFilter = null; private String groupSearchFilter = null;
private Map<String, String> properties; private final Map<String, String> properties;
/** /**
* Provides singleton access to an instance of the LdapManager class. * Provides singleton access to an instance of the LdapManager class.
...@@ -263,6 +264,15 @@ public class LdapManager { ...@@ -263,6 +264,15 @@ public class LdapManager {
Log.error(nfe.getMessage(), nfe); Log.error(nfe.getMessage(), nfe);
} }
} }
String cTimeout = properties.get("ldap.connectionTimeout");
if (cTimeout != null) {
try {
this.connTimeout = Integer.parseInt(cTimeout);
}
catch (NumberFormatException nfe) {
Log.error(nfe.getMessage(), nfe);
}
}
String timeout = properties.get("ldap.readTimeout"); String timeout = properties.get("ldap.readTimeout");
if (timeout != null) { if (timeout != null) {
try { try {
...@@ -471,8 +481,9 @@ public class LdapManager { ...@@ -471,8 +481,9 @@ public class LdapManager {
boolean debug = Log.isDebugEnabled(); boolean debug = Log.isDebugEnabled();
if (debug) { if (debug) {
Log.debug("LdapManager: Creating a DirContext in LdapManager.getContext()..."); Log.debug("LdapManager: Creating a DirContext in LdapManager.getContext()...");
if (!sslEnabled && !startTlsEnabled) if (!sslEnabled && !startTlsEnabled) {
Log.debug("LdapManager: Warning: Using unencrypted connection to LDAP service!"); Log.debug("LdapManager: Warning: Using unencrypted connection to LDAP service!");
}
} }
// Set up the environment for creating the initial context // Set up the environment for creating the initial context
...@@ -486,18 +497,18 @@ public class LdapManager { ...@@ -486,18 +497,18 @@ public class LdapManager {
"org.jivesoftware.util.SimpleSSLSocketFactory"); "org.jivesoftware.util.SimpleSSLSocketFactory");
env.put(Context.SECURITY_PROTOCOL, "ssl"); env.put(Context.SECURITY_PROTOCOL, "ssl");
} }
// Use simple authentication to connect as the admin. // Use simple authentication to connect as the admin.
if (adminDN != null) { if (adminDN != null) {
/* If startTLS is requested we MUST NOT bind() before /* If startTLS is requested we MUST NOT bind() before
* the secure connection has been established. */ * the secure connection has been established. */
if (!(startTlsEnabled && !sslEnabled)) { if (!(startTlsEnabled && !sslEnabled)) {
env.put(Context.SECURITY_AUTHENTICATION, "simple"); env.put(Context.SECURITY_AUTHENTICATION, "simple");
env.put(Context.SECURITY_PRINCIPAL, adminDN); env.put(Context.SECURITY_PRINCIPAL, adminDN);
if (adminPassword != null) { if (adminPassword != null) {
env.put(Context.SECURITY_CREDENTIALS, adminPassword); env.put(Context.SECURITY_CREDENTIALS, adminPassword);
} }
} }
} }
// No login information so attempt to use anonymous login. // No login information so attempt to use anonymous login.
else { else {
...@@ -507,19 +518,20 @@ public class LdapManager { ...@@ -507,19 +518,20 @@ public class LdapManager {
if (ldapDebugEnabled) { if (ldapDebugEnabled) {
env.put("com.sun.jndi.ldap.trace.ber", System.err); env.put("com.sun.jndi.ldap.trace.ber", System.err);
} }
if (connectionPoolEnabled) { if (connectionPoolEnabled) {
if (!startTlsEnabled) if (!startTlsEnabled) {
env.put("com.sun.jndi.ldap.connect.pool", "true"); env.put("com.sun.jndi.ldap.connect.pool", "true");
else { } else {
if (debug) { if (debug) {
// See http://java.sun.com/products/jndi/tutorial/ldap/connect/pool.html // See http://java.sun.com/products/jndi/tutorial/ldap/connect/pool.html
// "When Not to Use Pooling" // "When Not to Use Pooling"
Log.debug("LdapManager: connection pooling was requested but has been disabled because of StartTLS."); Log.debug("LdapManager: connection pooling was requested but has been disabled because of StartTLS.");
} }
env.put("com.sun.jndi.ldap.connect.pool", "false"); env.put("com.sun.jndi.ldap.connect.pool", "false");
} }
} else } else {
env.put("com.sun.jndi.ldap.connect.pool", "false"); env.put("com.sun.jndi.ldap.connect.pool", "false");
}
if (followReferrals) { if (followReferrals) {
env.put(Context.REFERRAL, "follow"); env.put(Context.REFERRAL, "follow");
...@@ -533,55 +545,57 @@ public class LdapManager { ...@@ -533,55 +545,57 @@ public class LdapManager {
} }
// Create new initial context // Create new initial context
JiveInitialLdapContext context = new JiveInitialLdapContext(env, null); JiveInitialLdapContext context = new JiveInitialLdapContext(env, null);
// TLS http://www.ietf.org/rfc/rfc2830.txt ("1.3.6.1.4.1.1466.20037") // TLS http://www.ietf.org/rfc/rfc2830.txt ("1.3.6.1.4.1.1466.20037")
if (startTlsEnabled && !sslEnabled) { if (startTlsEnabled && !sslEnabled) {
if (debug) { if (debug) {
Log.debug("LdapManager: ... StartTlsRequest"); Log.debug("LdapManager: ... StartTlsRequest");
} }
if (followReferrals) if (followReferrals) {
Log.warn("\tConnections to referrals are unencrypted! If you do not want this, please turn off ldap.autoFollowReferrals"); Log.warn("\tConnections to referrals are unencrypted! If you do not want this, please turn off ldap.autoFollowReferrals");
}
// Perform a StartTLS extended operation
StartTlsResponse tls = (StartTlsResponse) // Perform a StartTLS extended operation
context.extendedOperation(new StartTlsRequest()); StartTlsResponse tls = (StartTlsResponse)
context.extendedOperation(new StartTlsRequest());
/* Open a TLS connection (over the existing LDAP association) and
get details of the negotiated TLS session: cipher suite, /* Open a TLS connection (over the existing LDAP association) and
peer certificate, etc. */ get details of the negotiated TLS session: cipher suite,
try { peer certificate, etc. */
SSLSession session = tls.negotiate(new org.jivesoftware.util.SimpleSSLSocketFactory()); try {
SSLSession session = tls.negotiate(new org.jivesoftware.util.SimpleSSLSocketFactory());
context.setTlsResponse(tls);
context.setSslSession(session); context.setTlsResponse(tls);
context.setSslSession(session);
if (debug) {
Log.debug("LdapManager: ... peer host: " if (debug) {
+ session.getPeerHost() Log.debug("LdapManager: ... peer host: "
+ ", CipherSuite: " + session.getCipherSuite()); + session.getPeerHost()
} + ", CipherSuite: " + session.getCipherSuite());
}
/* Set login credentials only if SSL session has been
* negotiated successfully - otherwise user/password /* Set login credentials only if SSL session has been
* could be transmitted in clear text. */ * negotiated successfully - otherwise user/password
if (adminDN != null) { * could be transmitted in clear text. */
context.addToEnvironment( if (adminDN != null) {
Context.SECURITY_AUTHENTICATION, context.addToEnvironment(
"simple"); Context.SECURITY_AUTHENTICATION,
context.addToEnvironment( "simple");
Context.SECURITY_PRINCIPAL, context.addToEnvironment(
adminDN); Context.SECURITY_PRINCIPAL,
if (adminPassword != null) adminDN);
context.addToEnvironment( if (adminPassword != null) {
Context.SECURITY_CREDENTIALS, context.addToEnvironment(
adminPassword); Context.SECURITY_CREDENTIALS,
} adminPassword);
} catch (java.io.IOException ex) { }
Log.error(ex.getMessage(), ex); }
} } catch (java.io.IOException ex) {
} Log.error(ex.getMessage(), ex);
}
}
if (debug) { if (debug) {
Log.debug("LdapManager: ... context created successfully, returning."); Log.debug("LdapManager: ... context created successfully, returning.");
} }
...@@ -602,8 +616,9 @@ public class LdapManager { ...@@ -602,8 +616,9 @@ public class LdapManager {
if (debug) { if (debug) {
Log.debug("LdapManager: In LdapManager.checkAuthentication(userDN, password), userDN is: " + userDN + "..."); Log.debug("LdapManager: In LdapManager.checkAuthentication(userDN, password), userDN is: " + userDN + "...");
if (!sslEnabled && !startTlsEnabled) if (!sslEnabled && !startTlsEnabled) {
Log.debug("LdapManager: Warning: Using unencrypted connection to LDAP service!"); Log.debug("LdapManager: Warning: Using unencrypted connection to LDAP service!");
}
} }
JiveInitialLdapContext ctx = null; JiveInitialLdapContext ctx = null;
...@@ -621,18 +636,22 @@ public class LdapManager { ...@@ -621,18 +636,22 @@ public class LdapManager {
/* If startTLS is requested we MUST NOT bind() before /* If startTLS is requested we MUST NOT bind() before
* the secure connection has been established. */ * the secure connection has been established. */
if (!(startTlsEnabled && !sslEnabled)) { if (!(startTlsEnabled && !sslEnabled)) {
env.put(Context.SECURITY_AUTHENTICATION, "simple"); env.put(Context.SECURITY_AUTHENTICATION, "simple");
env.put(Context.SECURITY_PRINCIPAL, userDN + "," + baseDN); env.put(Context.SECURITY_PRINCIPAL, userDN + "," + baseDN);
env.put(Context.SECURITY_CREDENTIALS, password); env.put(Context.SECURITY_CREDENTIALS, password);
} else { } else {
if (followReferrals) if (followReferrals) {
Log.warn("\tConnections to referrals are unencrypted! If you do not want this, please turn off ldap.autoFollowReferrals"); Log.warn("\tConnections to referrals are unencrypted! If you do not want this, please turn off ldap.autoFollowReferrals");
} }
}
// Specify timeout to be 10 seconds, only on non SSL since SSL connections
// break with a timeout. // Set only on non SSL since SSL connections break with a timeout.
if (!sslEnabled) { if (!sslEnabled) {
env.put("com.sun.jndi.ldap.connect.timeout", "10000"); if (connTimeout > 0) {
env.put("com.sun.jndi.ldap.connect.timeout", String.valueOf(connTimeout));
} else {
env.put("com.sun.jndi.ldap.connect.timeout", "10000");
}
} }
if (readTimeout > 0) { if (readTimeout > 0) {
env.put("com.sun.jndi.ldap.read.timeout", String.valueOf(readTimeout)); env.put("com.sun.jndi.ldap.read.timeout", String.valueOf(readTimeout));
...@@ -651,48 +670,48 @@ public class LdapManager { ...@@ -651,48 +670,48 @@ public class LdapManager {
Log.debug("LdapManager: Created context values, attempting to create context..."); Log.debug("LdapManager: Created context values, attempting to create context...");
} }
ctx = new JiveInitialLdapContext(env, null); ctx = new JiveInitialLdapContext(env, null);
if (startTlsEnabled && !sslEnabled) { if (startTlsEnabled && !sslEnabled) {
if (debug) { if (debug) {
Log.debug("LdapManager: ... StartTlsRequest"); Log.debug("LdapManager: ... StartTlsRequest");
} }
// Perform a StartTLS extended operation // Perform a StartTLS extended operation
StartTlsResponse tls = (StartTlsResponse) StartTlsResponse tls = (StartTlsResponse)
ctx.extendedOperation(new StartTlsRequest()); ctx.extendedOperation(new StartTlsRequest());
/* Open a TLS connection (over the existing LDAP association) and /* Open a TLS connection (over the existing LDAP association) and
get details of the negotiated TLS session: cipher suite, get details of the negotiated TLS session: cipher suite,
peer certificate, etc. */ peer certificate, etc. */
try { try {
SSLSession session = tls.negotiate(new org.jivesoftware.util.SimpleSSLSocketFactory()); SSLSession session = tls.negotiate(new org.jivesoftware.util.SimpleSSLSocketFactory());
ctx.setTlsResponse(tls); ctx.setTlsResponse(tls);
ctx.setSslSession(session); ctx.setSslSession(session);
if (debug) { if (debug) {
Log.debug("LdapManager: ... peer host: " Log.debug("LdapManager: ... peer host: "
+ session.getPeerHost() + session.getPeerHost()
+ ", CipherSuite: " + session.getCipherSuite()); + ", CipherSuite: " + session.getCipherSuite());
} }
ctx.addToEnvironment(Context.SECURITY_AUTHENTICATION, "simple"); ctx.addToEnvironment(Context.SECURITY_AUTHENTICATION, "simple");
ctx.addToEnvironment(Context.SECURITY_PRINCIPAL, ctx.addToEnvironment(Context.SECURITY_PRINCIPAL,
userDN + "," + baseDN); userDN + "," + baseDN);
ctx.addToEnvironment(Context.SECURITY_CREDENTIALS, password); ctx.addToEnvironment(Context.SECURITY_CREDENTIALS, password);
} catch (java.io.IOException ex) { } catch (java.io.IOException ex) {
Log.error(ex.getMessage(), ex); Log.error(ex.getMessage(), ex);
} }
// make at least one lookup to check authorization // make at least one lookup to check authorization
lookupExistence( lookupExistence(
ctx, ctx,
userDN + "," + baseDN, userDN + "," + baseDN,
new String[] {usernameField}); new String[] {usernameField});
} }
if (debug) { if (debug) {
Log.debug("LdapManager: ... context created successfully, returning."); Log.debug("LdapManager: ... context created successfully, returning.");
} }
...@@ -718,13 +737,13 @@ public class LdapManager { ...@@ -718,13 +737,13 @@ public class LdapManager {
env.put("java.naming.ldap.factory.socket", "org.jivesoftware.util.SimpleSSLSocketFactory"); env.put("java.naming.ldap.factory.socket", "org.jivesoftware.util.SimpleSSLSocketFactory");
env.put(Context.SECURITY_PROTOCOL, "ssl"); env.put(Context.SECURITY_PROTOCOL, "ssl");
} }
/* If startTLS is requested we MUST NOT bind() before /* If startTLS is requested we MUST NOT bind() before
* the secure connection has been established. */ * the secure connection has been established. */
if (!(startTlsEnabled && !sslEnabled)) { if (!(startTlsEnabled && !sslEnabled)) {
env.put(Context.SECURITY_AUTHENTICATION, "simple"); env.put(Context.SECURITY_AUTHENTICATION, "simple");
env.put(Context.SECURITY_PRINCIPAL, userDN + "," + alternateBaseDN); env.put(Context.SECURITY_PRINCIPAL, userDN + "," + alternateBaseDN);
env.put(Context.SECURITY_CREDENTIALS, password); env.put(Context.SECURITY_CREDENTIALS, password);
} }
// Specify timeout to be 10 seconds, only on non SSL since SSL connections // Specify timeout to be 10 seconds, only on non SSL since SSL connections
// break with a timemout. // break with a timemout.
...@@ -744,46 +763,46 @@ public class LdapManager { ...@@ -744,46 +763,46 @@ public class LdapManager {
Log.debug("LdapManager: Created context values, attempting to create context..."); Log.debug("LdapManager: Created context values, attempting to create context...");
} }
ctx = new JiveInitialLdapContext(env, null); ctx = new JiveInitialLdapContext(env, null);
if (startTlsEnabled && !sslEnabled) { if (startTlsEnabled && !sslEnabled) {
if (debug) { if (debug) {
Log.debug("LdapManager: ... StartTlsRequest"); Log.debug("LdapManager: ... StartTlsRequest");
} }
// Perform a StartTLS extended operation // Perform a StartTLS extended operation
StartTlsResponse tls = (StartTlsResponse) StartTlsResponse tls = (StartTlsResponse)
ctx.extendedOperation(new StartTlsRequest()); ctx.extendedOperation(new StartTlsRequest());
/* Open a TLS connection (over the existing LDAP association) and /* Open a TLS connection (over the existing LDAP association) and
get details of the negotiated TLS session: cipher suite, get details of the negotiated TLS session: cipher suite,
peer certificate, etc. */ peer certificate, etc. */
try { try {
SSLSession session = tls.negotiate(new org.jivesoftware.util.SimpleSSLSocketFactory()); SSLSession session = tls.negotiate(new org.jivesoftware.util.SimpleSSLSocketFactory());
ctx.setTlsResponse(tls); ctx.setTlsResponse(tls);
ctx.setSslSession(session); ctx.setSslSession(session);
if (debug) { if (debug) {
Log.debug("LdapManager: ... peer host: " Log.debug("LdapManager: ... peer host: "
+ session.getPeerHost() + session.getPeerHost()
+ ", CipherSuite: " + session.getCipherSuite()); + ", CipherSuite: " + session.getCipherSuite());
} }
ctx.addToEnvironment(Context.SECURITY_AUTHENTICATION, "simple"); ctx.addToEnvironment(Context.SECURITY_AUTHENTICATION, "simple");
ctx.addToEnvironment(Context.SECURITY_PRINCIPAL, ctx.addToEnvironment(Context.SECURITY_PRINCIPAL,
userDN + "," + alternateBaseDN); userDN + "," + alternateBaseDN);
ctx.addToEnvironment(Context.SECURITY_CREDENTIALS, password); ctx.addToEnvironment(Context.SECURITY_CREDENTIALS, password);
} catch (java.io.IOException ex) { } catch (java.io.IOException ex) {
Log.error(ex.getMessage(), ex); Log.error(ex.getMessage(), ex);
} }
// make at least one lookup to check user authorization // make at least one lookup to check user authorization
lookupExistence( lookupExistence(
ctx, ctx,
userDN + "," + alternateBaseDN, userDN + "," + alternateBaseDN,
new String[] {usernameField}); new String[] {usernameField});
} }
} }
catch (NamingException e) { catch (NamingException e) {
...@@ -813,55 +832,55 @@ public class LdapManager { ...@@ -813,55 +832,55 @@ public class LdapManager {
return true; return true;
} }
/** /**
* Looks up an LDAP object by its DN and returns <tt>true</tt> if * Looks up an LDAP object by its DN and returns <tt>true</tt> if
* the search was successful. * the search was successful.
* *
* @param ctx the Context to use for the lookup. * @param ctx the Context to use for the lookup.
* @param dn the object's dn to lookup. * @param dn the object's dn to lookup.
* @return true if the lookup was successful. * @return true if the lookup was successful.
* @throws NamingException if login credentials were wrong. * @throws NamingException if login credentials were wrong.
*/ */
private Boolean lookupExistence(InitialDirContext ctx, String dn, String[] returnattrs) throws NamingException { private Boolean lookupExistence(InitialDirContext ctx, String dn, String[] returnattrs) throws NamingException {
boolean debug = Log.isDebugEnabled(); boolean debug = Log.isDebugEnabled();
if (debug) { if (debug) {
Log.debug("LdapManager: In lookupExistence(ctx, dn, returnattrs), searchdn is: " + dn); Log.debug("LdapManager: In lookupExistence(ctx, dn, returnattrs), searchdn is: " + dn);
} }
// Bind to the object's DN // Bind to the object's DN
ctx.addToEnvironment(Context.PROVIDER_URL, getProviderURL(dn)); ctx.addToEnvironment(Context.PROVIDER_URL, getProviderURL(dn));
String filter = "(&(objectClass=*))"; String filter = "(&(objectClass=*))";
SearchControls srcnt = new SearchControls(); SearchControls srcnt = new SearchControls();
srcnt.setSearchScope(SearchControls.OBJECT_SCOPE); srcnt.setSearchScope(SearchControls.OBJECT_SCOPE);
srcnt.setReturningAttributes(returnattrs); srcnt.setReturningAttributes(returnattrs);
NamingEnumeration<SearchResult> answer = null; NamingEnumeration<SearchResult> answer = null;
try { try {
answer = ctx.search( answer = ctx.search(
"", "",
filter, filter,
srcnt); srcnt);
} catch (javax.naming.NameNotFoundException nex) { } catch (javax.naming.NameNotFoundException nex) {
// DN not found // DN not found
} catch (NamingException ex){ } catch (NamingException ex){
throw ex; throw ex;
} }
if (answer == null || !answer.hasMoreElements()) if (answer == null || !answer.hasMoreElements())
{ {
Log.debug("LdapManager: .... lookupExistence: DN not found."); Log.debug("LdapManager: .... lookupExistence: DN not found.");
return false; return false;
} }
else else
{ {
Log.debug("LdapManager: .... lookupExistence: DN found."); Log.debug("LdapManager: .... lookupExistence: DN found.");
return true; return true;
} }
} }
/** /**
* Finds a user's dn using their username. Normally, this search will * Finds a user's dn using their username. Normally, this search will
* be performed using the field "uid", but this can be changed by setting * be performed using the field "uid", but this can be changed by setting
...@@ -1296,7 +1315,7 @@ public class LdapManager { ...@@ -1296,7 +1315,7 @@ public class LdapManager {
properties.put("ldap.startTlsEnabled", Boolean.toString(startTlsEnabled)); properties.put("ldap.startTlsEnabled", Boolean.toString(startTlsEnabled));
} }
/** /**
* Returns the LDAP field name that the username lookup will be performed * Returns the LDAP field name that the username lookup will be performed
* on. By default this is "uid". * on. By default this is "uid".
...@@ -1412,10 +1431,11 @@ public class LdapManager { ...@@ -1412,10 +1431,11 @@ public class LdapManager {
* @return the starting DN used for performing searches. * @return the starting DN used for performing searches.
*/ */
public String getBaseDN() { public String getBaseDN() {
if (encloseDNs) if (encloseDNs) {
return getEnclosedDN(baseDN); return getEnclosedDN(baseDN);
else } else {
return baseDN; return baseDN;
}
} }
/** /**
...@@ -1517,10 +1537,11 @@ public class LdapManager { ...@@ -1517,10 +1537,11 @@ public class LdapManager {
* @return the starting DN used for performing searches. * @return the starting DN used for performing searches.
*/ */
public String getAdminDN() { public String getAdminDN() {
if (encloseDNs) if (encloseDNs) {
return getEnclosedDN(adminDN); return getEnclosedDN(adminDN);
else } else {
return adminDN; return adminDN;
}
} }
/** /**
...@@ -1782,21 +1803,21 @@ public class LdapManager { ...@@ -1782,21 +1803,21 @@ public class LdapManager {
this.groupSearchFilter = groupSearchFilter; this.groupSearchFilter = groupSearchFilter;
properties.put("ldap.groupSearchFilter", groupSearchFilter); properties.put("ldap.groupSearchFilter", groupSearchFilter);
} }
public boolean isEnclosingDNs() { public boolean isEnclosingDNs() {
String encloseStr = properties.get("ldap.encloseDNs"); String encloseStr = properties.get("ldap.encloseDNs");
if (encloseStr != null) { if (encloseStr != null) {
encloseDNs = Boolean.valueOf(encloseStr); encloseDNs = Boolean.valueOf(encloseStr);
} else { } else {
encloseDNs = true; encloseDNs = true;
} }
return encloseDNs; return encloseDNs;
} }
public void setIsEnclosingDNs(boolean enable) { public void setIsEnclosingDNs(boolean enable) {
this.encloseDNs = enable; this.encloseDNs = enable;
properties.put("ldap.encloseDNs", Boolean.toString(enable)); properties.put("ldap.encloseDNs", Boolean.toString(enable));
} }
/** /**
...@@ -1831,7 +1852,9 @@ public class LdapManager { ...@@ -1831,7 +1852,9 @@ public class LdapManager {
} }
Boolean clientSideSort = false; Boolean clientSideSort = false;
String clientSideSortStr = properties.get("ldap.clientSideSorting"); String clientSideSortStr = properties.get("ldap.clientSideSorting");
if (clientSideSortStr != null) clientSideSort = Boolean.valueOf(clientSideSortStr); if (clientSideSortStr != null) {
clientSideSort = Boolean.valueOf(clientSideSortStr);
}
LdapContext ctx = null; LdapContext ctx = null;
LdapContext ctx2 = null; LdapContext ctx2 = null;
try { try {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment

Technounit-GROUP 2023