fix LDAP timeout handling for LdapCtx

also adds read timeout

Author: Vladimir Kotal

plugins/src/main/java/opengrok/auth/plugin/configuration/Configuration.java

@@ -18,7 +18,7 @@
  */
 
  /*
- * Copyright (c) 2016, 2017, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2016, 2020, Oracle and/or its affiliates. All rights reserved.
  */
 package opengrok.auth.plugin.configuration;
 
@@ -39,6 +39,9 @@
 import opengrok.auth.plugin.ldap.LdapServer;
 import opengrok.auth.plugin.util.WebHooks;
 
+/**
+ * Encapsulates configuration for LDAP plugins.
+ */
 public class Configuration implements Serializable {
 
     private static final long serialVersionUID = -1;
@@ -49,6 +52,7 @@ public class Configuration implements Serializable {
     private WebHooks webHooks;
     private int searchTimeout;
     private int connectTimeout;
+    private int readTimeout;
     private int countLimit;
 
     public void setServers(List<LdapServer> servers) {
@@ -91,6 +95,14 @@ public void setConnectTimeout(int timeout) {
         this.connectTimeout = timeout;
     }
 
+    public int getReadTimeout() {
+        return this.readTimeout;
+    }
+
+    public void setReadTimeout(int timeout) {
+        this.readTimeout = timeout;
+    }
+
     public int getCountLimit() {
         return this.countLimit;
     }

plugins/src/main/java/opengrok/auth/plugin/ldap/LdapFacade.java

@@ -179,7 +179,7 @@ private void addAttrToMap(Map<String, Set<String>> map, Attribute attr) throws N
     }
 
     public LdapFacade(Configuration cfg) {
-        setServers(cfg.getServers(), cfg.getConnectTimeout());
+        setServers(cfg.getServers(), cfg.getConnectTimeout(), cfg.getReadTimeout());
         setInterval(cfg.getInterval());
         setSearchBase(cfg.getSearchBase());
         setWebHooks(cfg.getWebHooks());
@@ -219,12 +219,15 @@ public List<LdapServer> getServers() {
         return servers;
     }
 
-    public LdapFacade setServers(List<LdapServer> servers, int timeout) {
+    public LdapFacade setServers(List<LdapServer> servers, int connectTimeout, int readTimeout) {
         this.servers = servers;
-        // Inherit connect timeout from server pool configuration.
+        // Inherit timeout values from server pool configuration.
         for (LdapServer server : servers) {
-            if (server.getConnectTimeout() == 0 && timeout != 0) {
-                server.setConnectTimeout(timeout);
+            if (server.getConnectTimeout() == 0 && connectTimeout != 0) {
+                server.setConnectTimeout(connectTimeout);
+            }
+            if (server.getReadTimeout() == 0 && readTimeout != 0) {
+                server.setReadTimeout(readTimeout);
             }
         }
         return this;

plugins/src/main/java/opengrok/auth/plugin/ldap/LdapServer.java

@@ -18,7 +18,7 @@
  */
 
 /*
- * Copyright (c) 2016, 2017, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2016, 2020, Oracle and/or its affiliates. All rights reserved.
  */
 package opengrok.auth.plugin.ldap;
 
@@ -48,17 +48,20 @@ public class LdapServer implements Serializable {
 
     private static final Logger LOGGER = Logger.getLogger(LdapServer.class.getName());
 
-    private static final String LDAP_TIMEOUT_PARAMETER = "com.sun.jndi.ldap.connect.connectTimeout";
+    private static final String LDAP_CONNECT_TIMEOUT_PARAMETER = "com.sun.jndi.ldap.connect.timeout";
+    private static final String LDAP_READ_TIMEOUT_PARAMETER = "com.sun.jndi.ldap.read.timeout";
     private static final String LDAP_CONTEXT_FACTORY = "com.sun.jndi.ldap.LdapCtxFactory";
-    /**
-     * Default connectTimeout for connecting.
-     */
-    private static final int LDAP_CONNECT_TIMEOUT = 5000; // ms
+
+    // default connectTimeout value in milliseconds
+    private static final int LDAP_CONNECT_TIMEOUT = 5000;
+    // default readTimeout value in milliseconds
+    private static final int LDAP_READ_TIMEOUT = 3000;
 
     private String url;
     private String username;
     private String password;
     private int connectTimeout;
+    private int readTimeout;
     private int interval = 10 * 1000;
 
     private Hashtable<String, String> env;
@@ -121,6 +124,15 @@ public LdapServer setConnectTimeout(int connectTimeout) {
         return this;
     }
 
+    public int getReadTimeout() {
+        return readTimeout;
+    }
+
+    public LdapServer setReadTimeout(int readTimeout) {
+        this.readTimeout = readTimeout;
+        return this;
+    }
+
     public int getInterval() {
         return interval;
     }
@@ -248,7 +260,10 @@ private synchronized LdapContext connect() {
                 env.put(Context.SECURITY_CREDENTIALS, this.password);
             }
             if (this.connectTimeout > 0) {
-                env.put(LDAP_TIMEOUT_PARAMETER, Integer.toString(this.connectTimeout));
+                env.put(LDAP_CONNECT_TIMEOUT_PARAMETER, Integer.toString(this.connectTimeout));
+            }
+            if (this.readTimeout > 0) {
+                env.put(LDAP_READ_TIMEOUT_PARAMETER, Integer.toString(this.readTimeout));
             }
 
             try {
@@ -341,7 +356,8 @@ private static Hashtable<String, String> prepareEnv() {
         Hashtable<String, String> e = new Hashtable<String, String>();
 
         e.put(Context.INITIAL_CONTEXT_FACTORY, LDAP_CONTEXT_FACTORY);
-        e.put(LDAP_TIMEOUT_PARAMETER, Integer.toString(LDAP_CONNECT_TIMEOUT));
+        e.put(LDAP_CONNECT_TIMEOUT_PARAMETER, Integer.toString(LDAP_CONNECT_TIMEOUT));
+        e.put(LDAP_READ_TIMEOUT_PARAMETER, Integer.toString(LDAP_READ_TIMEOUT));
 
         return e;
     }
@@ -353,12 +369,16 @@ public String toString() {
         sb.append(getUrl());
 
         if (getConnectTimeout() > 0) {
-            sb.append(" timeout: ");
+            sb.append(", connect timeout: ");
             sb.append(getConnectTimeout());
         }
+        if (getReadTimeout() > 0) {
+            sb.append(", read timeout: ");
+            sb.append(getReadTimeout());
+        }
 
         if (getUsername() != null && !getUsername().isEmpty()) {
-            sb.append(" username: ");
+            sb.append(", username: ");
             sb.append(getUsername());
         }
 

plugins/src/test/java/opengrok/auth/plugin/LdapServerTest.java

@@ -107,4 +107,13 @@ public void testEmptyAddressArray() throws UnknownHostException {
         Mockito.when(serverSpy.getAddresses(any())).thenReturn(new InetAddress[]{});
         assertFalse(serverSpy.isReachable());
     }
+
+    @Test
+    public void testToString() {
+        LdapServer server = new LdapServer("ldaps://foo.bar.com", "foo", "bar");
+        server.setConnectTimeout(2000);
+        server.setReadTimeout(1000);
+        assertEquals("ldaps://foo.bar.com, connect timeout: 2000, read timeout: 1000, username: foo",
+                server.toString());
+    }
 }

plugins/src/test/java/opengrok/auth/plugin/ldap/LdapFacadeTest.java

@@ -14,6 +14,7 @@
 import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.Collections;
+import java.util.stream.Collectors;
 
 import static org.junit.Assert.assertEquals;
 import static org.junit.Assert.assertTrue;
@@ -35,14 +36,31 @@ public void testSearchControlsConfig() {
         assertEquals(countLimit, controls.getCountLimit());
     }
 
+    private LdapServer getSpyLdapServer(String name) throws UnknownHostException {
+        LdapServer server1 = new LdapServer(name);
+        LdapServer serverSpy1 = Mockito.spy(server1);
+        Mockito.when(serverSpy1.getAddresses(any())).thenReturn(new InetAddress[]{InetAddress.getLocalHost()});
+        Mockito.when(serverSpy1.isWorking()).thenReturn(true);
+        return serverSpy1;
+    }
+
     @Test
-    public void testConnectTimeoutInheritance() {
+    public void testConnectTimeoutInheritance() throws UnknownHostException {
         Configuration config = new Configuration();
-        config.setServers(Collections.singletonList(new LdapServer("http://foo.bar")));
-        int timeoutValue = 42;
-        config.setConnectTimeout(timeoutValue);
+
+        LdapServer[] servers = {getSpyLdapServer("ldap://foo.com"), getSpyLdapServer("ldap://bar.com")};
+        config.setServers(Arrays.asList(servers));
+
+        int connectTimeoutValue = 42;
+        config.setConnectTimeout(connectTimeoutValue);
+        int readTimeoutValue = 24;
+        config.setReadTimeout(readTimeoutValue);
+
         LdapFacade facade = new LdapFacade(config);
-        assertTrue(facade.getServers().stream().anyMatch(s -> s.getConnectTimeout() == timeoutValue));
+        assertEquals(Collections.singleton(connectTimeoutValue),
+                facade.getServers().stream().map(s -> s.getConnectTimeout()).collect(Collectors.toSet()));
+        assertEquals(Collections.singleton(readTimeoutValue),
+                facade.getServers().stream().map(s -> s.getReadTimeout()).collect(Collectors.toSet()));
     }
 
     @Test
@@ -74,7 +92,7 @@ public void testToStringPositive() throws UnknownHostException {
         int timeoutValue = 3;
         config.setConnectTimeout(timeoutValue);
         LdapFacade facade = new LdapFacade(config);
-        assertEquals("{server=ldap://foo.com timeout: 3, searchBase=dc=foo,dc=com}",
+        assertEquals("{server=ldap://foo.com, connect timeout: 3, searchBase=dc=foo,dc=com}",
                 facade.toString());
     }