Uploaded image for project: 'Jackrabbit Oak'
  1. Jackrabbit Oak
  2. OAK-4005

LdapIdentityProvider.getEntries() is prone to OOME.

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Closed
    • Minor
    • Resolution: Fixed
    • 1.0.27, 1.2.11, 1.3.15, 1.4.0
    • 1.2.19, 1.4.7, 1.6.0
    • auth-ldap
    • None

    Description

      The public methods LdapIdentityProvider.listUsers() and LdapIdentityProvider.listGroups() both call LdapIdentityProvider.getEntries(...), which tries to collect all matching results from the backend in one LinkedList. Since typical LDAP directories are quite huge, this will usually yield an OutOfMemoryError.
      We'd need a cursor with connection handling here.

      Attachments

        Issue Links

          blocks

          Improvement - An improvement or enhancement to an existing feature or task. OAK-4678 Backport OAK-4344 and OAK-4005

          • Major - Major loss of function.
          • Closed
          relates to

          Bug - A problem which impairs or prevents the functions of the product. OAK-4679 Backport OAK-4119, OAK-4101, OAK-4087 and OAK-4344

          • Blocker - Blocks development and/or testing work, production could not run
          • Closed

          Activity

            People

              baedke Manfred Baedke
              baedke Manfred Baedke
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: