Merge remote-tracking branch 'origin/master'

docs-core/src/main/java/com/sismics/docs/core/util/authentication/LdapAuthenticationHandler.java

@@ -13,10 +13,9 @@ import org.apache.directory.api.ldap.model.entry.Attribute;
 import org.apache.directory.api.ldap.model.entry.Entry;
 import org.apache.directory.api.ldap.model.entry.Value;
 import org.apache.directory.api.ldap.model.message.SearchScope;
-import org.apache.directory.ldap.client.api.DefaultLdapConnectionFactory;
+import org.apache.directory.ldap.client.api.LdapConnection;
 import org.apache.directory.ldap.client.api.LdapConnectionConfig;
-import org.apache.directory.ldap.client.api.LdapConnectionPool;
-import org.apache.directory.ldap.client.api.ValidatingPoolableLdapConnectionFactory;
+import org.apache.directory.ldap.client.api.LdapNetworkConnection;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -35,32 +34,14 @@ public class LdapAuthenticationHandler implements AuthenticationHandler {
     private static final Logger log = LoggerFactory.getLogger(LdapAuthenticationHandler.class);
 
     /**
-     * LDAP connection pool.
+     * Get a LDAP connection.
+     * @return LdapConnection
      */
-    private static LdapConnectionPool pool;
-
-    /**
-     * Reset the LDAP pool.
-     */
-    public static void reset() {
-        if (pool != null) {
-            try {
-                pool.close();
-            } catch (Exception e) {
-                // NOP
-            }
-        }
-        pool = null;
-    }
-
-    /**
-     * Initialize the LDAP pool.
-     */
-    private static void init() {
+    private LdapConnection getConnection() {
         ConfigDao configDao = new ConfigDao();
         Config ldapEnabled = configDao.getById(ConfigType.LDAP_ENABLED);
-        if (pool != null || ldapEnabled == null || !Boolean.parseBoolean(ldapEnabled.getValue())) {
-            return;
+        if (ldapEnabled == null || !Boolean.parseBoolean(ldapEnabled.getValue())) {
+            return null;
         }
 
         LdapConnectionConfig config = new LdapConnectionConfig();
@@ -70,25 +51,23 @@ public class LdapAuthenticationHandler implements AuthenticationHandler {
         config.setName(ConfigUtil.getConfigStringValue(ConfigType.LDAP_ADMIN_DN));
         config.setCredentials(ConfigUtil.getConfigStringValue(ConfigType.LDAP_ADMIN_PASSWORD));
 
-        DefaultLdapConnectionFactory factory = new DefaultLdapConnectionFactory(config);
-        pool = new LdapConnectionPool(new ValidatingPoolableLdapConnectionFactory(factory), null);
+        return new LdapNetworkConnection(config);
     }
 
     @Override
     public User authenticate(String username, String password) {
-        init();
-        if (pool == null) {
-            return null;
-        }
-
         // Fetch and authenticate the user
         Entry userEntry;
-        try {
-            EntryCursor cursor = pool.getConnection().search(ConfigUtil.getConfigStringValue(ConfigType.LDAP_BASE_DN),
+        try (LdapConnection ldapConnection = getConnection()) {
+            if (ldapConnection == null) {
+                return null;
+            }
+
+            EntryCursor cursor = ldapConnection.search(ConfigUtil.getConfigStringValue(ConfigType.LDAP_BASE_DN),
                     ConfigUtil.getConfigStringValue(ConfigType.LDAP_FILTER).replace("USERNAME", username), SearchScope.SUBTREE);
             if (cursor.next()) {
                 userEntry = cursor.get();
-                pool.getConnection().bind(userEntry.getDn(), password);
+                ldapConnection.bind(userEntry.getDn(), password);
             } else {
                 // User not found
                 return null;

docs-web/src/main/java/com/sismics/docs/rest/resource/AppResource.java

@@ -14,7 +14,6 @@ import com.sismics.docs.core.model.jpa.File;
 import com.sismics.docs.core.service.InboxService;
 import com.sismics.docs.core.util.ConfigUtil;
 import com.sismics.docs.core.util.DirectoryUtil;
-import com.sismics.docs.core.util.authentication.LdapAuthenticationHandler;
 import com.sismics.docs.core.util.jpa.PaginatedList;
 import com.sismics.docs.core.util.jpa.PaginatedLists;
 import com.sismics.docs.rest.constant.BaseFunction;
@@ -27,12 +26,6 @@ import com.sismics.util.context.ThreadLocalContext;
 import com.sismics.util.log4j.LogCriteria;
 import com.sismics.util.log4j.LogEntry;
 import com.sismics.util.log4j.MemoryAppender;
-import org.apache.commons.lang3.StringUtils;
-import org.apache.log4j.Appender;
-import org.apache.log4j.Level;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
 import jakarta.json.Json;
 import jakarta.json.JsonArrayBuilder;
 import jakarta.json.JsonObjectBuilder;
@@ -40,6 +33,12 @@ import jakarta.persistence.EntityManager;
 import jakarta.persistence.Query;
 import jakarta.ws.rs.*;
 import jakarta.ws.rs.core.Response;
+import org.apache.commons.lang3.StringUtils;
+import org.apache.log4j.Appender;
+import org.apache.log4j.Level;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
 import java.io.IOException;
 import java.nio.file.DirectoryStream;
 import java.nio.file.Files;
@@ -854,9 +853,6 @@ public class AppResource extends BaseResource {
             configDao.update(ConfigType.LDAP_ENABLED, Boolean.FALSE.toString());
         }
 
-        // Reset the LDAP pool to reconnect with the new configuration
-        LdapAuthenticationHandler.reset();
-
         return Response.ok().build();
     }
 }

pom.xml

@@ -46,7 +46,7 @@
     <com.icegreen.greenmail.version>1.6.14</com.icegreen.greenmail.version>
     <org.jsoup.jsoup.version>1.15.4</org.jsoup.jsoup.version>
     <com.squareup.okhttp3.okhttp.version>4.10.0</com.squareup.okhttp3.okhttp.version>
-    <org.apache.directory.api.api-all.version>2.1.2</org.apache.directory.api.api-all.version>
+    <org.apache.directory.api.api-all.version>2.1.3</org.apache.directory.api.api-all.version>
 
     <org.glassfish.jersey.version>3.0.10</org.glassfish.jersey.version>
     <jakarta.servlet.jakarta.servlet-api.version>5.0.0</jakarta.servlet.jakarta.servlet-api.version>