James Server
  1. James Server
  2. JAMES-1020

ReadOnlyUsersLDAPRepository should use search instead of list for finding users

    Details

      Description

      The ReadOnlyUsersLDAPRepository uses the SimpleLDAPConnection to call list() on the configured baseDN. That method returns only nodes at the given base node, it does not search the sub scope. It also returns elements that are not really nodes like referrals. The result is a NullPointerException when connecting to ActiveDirectory instances and listing all users.

      An attached patch suggests an additional configuration parameter for the userObjectClass and calls search() instead of list() with a SearchCriteria set to search the given base and the sub scope as an alternative implementation.

      It seems that the SimpleLDAPConnection which is created once, can timout and cause all subsequent queries to fail with socket exceptions.

      We should consider using spring-ldap to handle pooling and connection cleanup.

      http://www.springsource.org/ldap

        Activity

          People

          • Assignee:
            Norman Maurer
            Reporter:
            Jeff Huff
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development