Uploaded image for project: 'PicketLink'
  1. PicketLink
  2. PLINK-403

IDM not able to handle Ldap server restarts

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Critical Critical
    • PLINK_2.6.0.CR3
    • PLINK_2.6.0.CR1
    • IDM
    • None

      I have application, which is using Picketlink+Ldap. Now when I restart my Ldap server, I am not able to use my application anymore. It fails with exceptions like:

      16:22:52,806 ERROR [org.picketlink.idm.identity.store.ldap] Could not query server using DN [ou=People,o=portal,o=gatein,dc=example,dc=com] and filter [(&((uid=joseph)(objectClass=organizationalPerson)(objectClass=inetOrgPerson)))]
javax.naming.CommunicationException: connection closed [Root exception is java.io.IOException: connection closed]; remaining name 'ou=People,o=portal,o=gatein,dc=example,dc=com'
	at com.sun.jndi.ldap.LdapCtx.doSearch(LdapCtx.java:1983)
	at com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1827)
	at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1752)
	at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(ComponentDirContext.java:368)
	at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:338)
	at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:321)
	at javax.naming.directory.InitialDirContext.search(InitialDirContext.java:248)
	at org.picketlink.idm.ldap.internal.LDAPOperationManager.search(LDAPOperationManager.java:249)
	at org.picketlink.idm.ldap.internal.LDAPIdentityStore.fetchQueryResults(LDAPIdentityStore.java:213)
	at org.picketlink.idm.query.internal.DefaultIdentityQuery.getResultList(DefaultIdentityQuery.java:137)
	at org.picketlink.idm.model.basic.BasicModel.getUser(BasicModel.java:89)
	at 
....
Caused by: java.io.IOException: connection closed
	at com.sun.jndi.ldap.LdapClient.ensureOpen(LdapClient.java:1558)
	at com.sun.jndi.ldap.LdapClient.search(LdapClient.java:503)
	at com.sun.jndi.ldap.LdapCtx.doSearch(LdapCtx.java:1965)
	... 59 more

      As a workaround, I need to either restart my application, or reinitialize whole IDM including PartitionManager. The cause seems to be in the fact that LdapOperationManager uses just single LdapContext created at the construction time of LdapOperationManager. It seems that when underlying connection is closed, the LdapOperationManager.context object is unusable.

      The solution might be to introduce support for connection pools (Note that GateIn+Picketlink IDM 1.X uses connection pooling and is able to handle Ldap restarts correctly)

              anil.saldhana Anil Saldanha (Inactive)
              mposolda@redhat.com Marek Posolda
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                Resolved: