[ https://issues.apache.org/jira/browse/JAMES-1313?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Norman Maurer resolved JAMES-1313. ---------------------------------- Resolution: Fixed Fix Version/s: (was: 3.0-beta3) 3.0-beta4 Assignee: Norman Maurer Thanks again for the patch. I just committed it. Sorry for taking so long but I lost track of it :( > more effective getUserByName(String name) in > org.apache.james.user.ldap.ReadOnlyUsersLDAPRepository > ---------------------------------------------------------------------------------------------------- > > Key: JAMES-1313 > URL: https://issues.apache.org/jira/browse/JAMES-1313 > Project: JAMES Server > Issue Type: Improvement > Components: UsersStore & UsersRepository > Affects Versions: 3.0-beta3 > Reporter: Peter Kvokacka > Assignee: Norman Maurer > Priority: Minor > Labels: patch > Fix For: 3.0-beta4 > > Attachments: ReadOnlyUsersLDAPRepository.java.patch > > > Hello > I'd like to use james in my current project, but I find LDAP implementation > of usersRepository to be not very effective. > Especially method getUserByName(String name) in > org.apache.james.user.ldap.ReadOnlyUsersLDAPRepository seems to search all > users in LDAP with userBase and after that it goes through the result in > memory and looking for specific user. Which produce search like this with > potencialy big resultset: > SEARCH REQ conn=26 op=6 msgID=7 base="ou=people,dc=mycompany,dc=sk" > scope=wholeSubtree filter="(objectClass=inetOrgPerson)" > attrs="distinguishedName" > SEARCH RES conn=26 op=6 msgID=7 result=0 nentries=438 etime=169 > SEARCH REQ conn=26 op=7 msgID=8 > base="uid=somebody,ou=people,dc=mycompany,dc=sk" scope=baseObject > filter="(objectClass=*)" attrs="ALL" > SEARCH RES conn=26 op=7 msgID=8 result=0 nentries=1 etime=1 > ... X more, where X is size-1 of userBase subtree > I suggest a patch that (at least in my case) does simple search instead: > <repository name="LocalUsers" > class="org.apache.james.user.ldap.ReadOnlyUsersLDAPRepository" > ldapHost="ldaps://ldap.mycomapny.local:1636" > principal="cn=admin" > credentials="***" > userBase="ou=people,dc=mycompany,dc=sk" > userIdAttribute="uid" > userObjectClass="inetOrgPerson"/> > SEARCH REQ conn=26 op=1 msgID=2 > base="uid=test0123,ou=people,dc=mycompany,dc=sk" scope=baseObject > filter="(objectClass=inetOrgPerson)" attrs="uid" > SEARCH RES conn=26 op=1 msgID=2 result=0 nentries=1 etime=1 > There is only one assumption that distinguishedName for each entry in > userBase is "userIdAttribute=$name,userBase", where $name is username. I > don't think of it as of a strong restriction, but you should consider that > and decide for yourself. It works just fine for me. > Also it looks like getUserByNameCaseInsensitive(String name) is not used > anywhere, so you can stick with current implementation for now. > Peter > Index: > src/main/java/org/apache/james/user/ldap/ReadOnlyUsersLDAPRepository.java > =================================================================== > --- src/main/java/org/apache/james/user/ldap/ReadOnlyUsersLDAPRepository.java > (revision 1169673) > +++ src/main/java/org/apache/james/user/ldap/ReadOnlyUsersLDAPRepository.java > (working copy) > @@ -351,16 +351,23 @@ > * Propagated by the underlying LDAP communication layer. > */ > private ReadOnlyLDAPUser buildUser(String userDN) throws NamingException > { > - ReadOnlyLDAPUser result; > > - Attributes userAttributes = > ldapConnection.getLdapContext().getAttributes(userDN); > + SearchControls sc = new SearchControls(); > + sc.setSearchScope(SearchControls.OBJECT_SCOPE); > + sc.setReturningAttributes(new String[] {userIdAttribute}); > + sc.setCountLimit(1); > + > + NamingEnumeration<SearchResult> sr = > ldapConnection.getLdapContext().search(userDN, "(objectClass=" + > userObjectClass + ")", sc); > + > + if (!sr.hasMore()) > + return null; > + > + Attributes userAttributes = sr.next().getAttributes(); > Attribute userName = userAttributes.get(userIdAttribute); > + > + return new ReadOnlyLDAPUser(userName.get().toString(), userDN, > ldapHost); > + } > > - result = new ReadOnlyLDAPUser(userName.get().toString(), userDN, > ldapHost); > - > - return result; > - } > - > /* > * (non-Javadoc) > * > @@ -425,23 +432,14 @@ > */ > public User getUserByName(String name) throws UsersRepositoryException { > try { > - Iterator<ReadOnlyLDAPUser> userIt = > buildUserCollection(getValidUsers()).iterator(); > - while (userIt.hasNext()) { > - ReadOnlyLDAPUser u = userIt.next(); > - if (u.getUserName().equals(name)) { > - return u; > - } > - } > - > + return buildUser(userIdAttribute + "=" + name + "," + userBase); > } catch (NamingException e) { > log.error("Unable to retrieve user from ldap", e); > throw new UsersRepositoryException("Unable to retrieve user from > ldap", e); > - > + > } > - return null; > + } > > - } > - > /* > * (non-Javadoc) > * -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira --------------------------------------------------------------------- To unsubscribe, e-mail: server-dev-unsubscr...@james.apache.org For additional commands, e-mail: server-dev-h...@james.apache.org