LdapConnectionHandler.java

/*
 * JBoss, Home of Professional Open Source.
 * Copyright 2014, Red Hat, Inc., and individual contributors
 * as indicated by the @author tags. See the copyright.txt file in the
 * distribution for a full listing of individual contributors.
 *
 * This is free software; you can redistribute it and/or modify it
 * under the terms of the GNU Lesser General Public License as
 * published by the Free Software Foundation; either version 2.1 of
 * the License, or (at your option) any later version.
 *
 * This software is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
 * Lesser General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public
 * License along with this software; if not, write to the Free
 * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
 * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
 */

package org.jboss.as.domain.management.security;

import java.io.Closeable;
import java.io.IOException;
import java.net.URI;
import java.util.HashMap;
import java.util.Map;

import javax.naming.NamingException;
import javax.naming.directory.DirContext;

import org.jboss.as.domain.management.connections.ldap.LdapConnectionManager;

/**
 * Utility for managing LDAP connections.
 *
 * An instance of this utility is created at the start of authentication processing and is used both for authentication and
 * group loading, connections returned by this connection without specifying a {@code bindDn} and {@code bindCredential} will be
 * cached until {@code close()} is called.
 *
 * This class is not thread safe and must not be shared by multiple threads concurrently.
 *
 * @author <a href="mailto:darran.lofthouse@jboss.com">Darran Lofthouse</a>
 */
class LdapConnectionHandler implements LdapConnectionManager, Closeable {

    /**
     * The base LdapConnectionManager for obtaining connections.
     */
    private final LdapConnectionManager ldapConnectionManager;

    private final LdapConnectionHandler parent;
    private Map<URI, LdapConnectionHandler> cachedLdapConnectionHandlers = null;
    private DirContext cachedDirContext;

    private LdapConnectionHandler(final LdapConnectionManager ldapConnectionManager) {
        this.ldapConnectionManager = ldapConnectionManager;
        parent = null;
    }

    private LdapConnectionHandler(final LdapConnectionHandler parent, final LdapConnectionManager ldapConnectionManager) {
        this.parent = parent;
        this.ldapConnectionManager = ldapConnectionManager;
    }

    static LdapConnectionHandler newInstance(final LdapConnectionManager ldapConnectionManager) {
        return new LdapConnectionHandler(ldapConnectionManager);
    }

    @Override
    public DirContext getConnection() throws NamingException {
        if (cachedDirContext != null) {
            return cachedDirContext;
        }

        return (cachedDirContext = ldapConnectionManager.getConnection());
    }

    @Override
    public void verifyIdentity(String bindDn, String bindCredential) throws NamingException {
        ldapConnectionManager.verifyIdentity(bindDn, bindCredential);
    }

    @Override
    public LdapConnectionHandler findForReferral(URI referralUri) {
        if (cachedLdapConnectionHandlers != null && cachedLdapConnectionHandlers.containsKey(referralUri)) {
            return cachedLdapConnectionHandlers.get(referralUri);
        }

        LdapConnectionManager nextConnectionManager = ldapConnectionManager.findForReferral(referralUri);
        if (nextConnectionManager == null) {
            return null;
        }

        final LdapConnectionHandler nextLdapConnectionHandler;
        if (nextConnectionManager == ldapConnectionManager) {
            /*
             * This would cover a referral to a different DN on the same server.
             */
            nextLdapConnectionHandler = this;
        } else {
            nextLdapConnectionHandler = new LdapConnectionHandler(this, nextConnectionManager);
        }
        cache(referralUri, nextLdapConnectionHandler);
        return nextLdapConnectionHandler;
    }

    @Override
    public void close() throws IOException {
        safeClose(cachedDirContext);
        if (cachedLdapConnectionHandlers != null) {
            for (LdapConnectionHandler current : cachedLdapConnectionHandlers.values()) {
                if (current != null) {
                    current.close();
                }
            }
            cachedLdapConnectionHandlers.clear();
        }
    }

    private void safeClose(DirContext d) {
        if (d != null) {
            try {
                d.close();
            } catch (Exception ignored) {
            }
        }
    }

    private void cache(final URI uri, final LdapConnectionHandler handler) {
        if (parent != null) {
            parent.cache(uri, handler);
        } else {
            if (cachedLdapConnectionHandlers == null) {
                cachedLdapConnectionHandlers = new HashMap<URI, LdapConnectionHandler>(1);
            }
            cachedLdapConnectionHandlers.put(uri, handler);
        }

    }

}