[GitHub] nifi-registry issue #29: NIFIREG-33 Add LDAP and JWT auth support

Mon, 06 Nov 2017 12:53:39 -0800 

Github user bbende commented on the issue:

    https://github.com/apache/nifi-registry/pull/29
  
    @kevdoran I looked into the issue with the app not shutting down cleanly... 
taking  a thread dump showed:
    
    ```
    " (ldap-user-group-provider) - background sync thread" #28 prio=5 
os_prio=31 tid=0x00007f86f06f2000 nid=0x140b waiting on condition 
[0x0000700002cf5000]
       java.lang.Thread.State: TIMED_WAITING (parking)
            at sun.misc.Unsafe.park(Native Method)
            - parking to wait for  <0x00000007a1560750> (a 
java.util.concurrent.locks.AbstractQueuedSynchronizer$ConditionObject)
            at 
java.util.concurrent.locks.LockSupport.parkNanos(LockSupport.java:215)
            at 
java.util.concurrent.locks.AbstractQueuedSynchronizer$ConditionObject.awaitNanos(AbstractQueuedSynchronizer.java:2078)
            at 
java.util.concurrent.ScheduledThreadPoolExecutor$DelayedWorkQueue.take(ScheduledThreadPoolExecutor.java:1093)
            at 
java.util.concurrent.ScheduledThreadPoolExecutor$DelayedWorkQueue.take(ScheduledThreadPoolExecutor.java:809)
            at 
java.util.concurrent.ThreadPoolExecutor.getTask(ThreadPoolExecutor.java:1074)
            at 
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1134)
            at 
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
            at java.lang.Thread.run(Thread.java:748)
    ```
    Digging in further, I realized we don't have a concept of shutting down 
extensions, even though the authorizer, user/group provider, and policy 
providers do have a preDestruction method which would have shutdown that thread 
if we called it.
    
    Tested a change where I made AuthorizerFactory extend DisposableBean and 
added:
    ```
    @Override
        public void destroy() throws Exception {
            if (authorizers != null) {
                authorizers.entrySet().stream().forEach(e -> 
e.getValue().preDestruction());
            }
    
            if (accessPolicyProviders != null) {
                accessPolicyProviders.entrySet().stream().forEach(e -> 
e.getValue().preDestruction());
            }
    
            if (userGroupProviders != null) {
                userGroupProviders.entrySet().stream().forEach(e -> 
e.getValue().preDestruction());
            }
        }
    ```
    This appears to work, so if you can add that for AuthorizerFactory and 
LoginIdentityProviderFactory then we should be good for that one.


---

Reply via email to