IdP AuthN LDAP Connection Pooling + Directory with disabled anonymous binds...

Daniel Fisher dfisher at vt.edu
Wed Apr 27 00:18:55 EDT 2016


On Mon, Apr 25, 2016 at 7:48 PM, Jeremy A Scott <jeremy.scott at wisc.edu>
wrote:

> I'd like to use the pools as they were originally intended, so what are
> the options/config for returning the connections to the pool in a known
> state with BindPassivator?
>

Modify the bindConnectionConfig bean to use a connectionInitializer:

<bean id="bindConnectionConfig" parent="connectionConfig"
p:connectionInitializer-ref="bindConnectionInitializer" />

Modify the bindConnectionPool bean to use a passivator:

<bean id="bindConnectionPool"
class="org.ldaptive.pool.BlockingConnectionPool" parent="connectionPool"
        p:connectionFactory-ref="bindConnectionFactory" p:name="bind-pool"
p:passivator-ref="bindPassivator" />

Add a bindPassivator bean:

<bean id="bindPassivator" class="org.ldaptive.pool.BindPassivator">
  <property name="bindRequest">
    <bean class="org.ldaptive.BindRequest" p:dn=
"#{'%{idp.authn.LDAP.bindDN:undefined}'.trim()}">
        <property name="credential">
            <bean class="org.ldaptive.Credential">
                <constructor-arg
value="%{idp.authn.LDAP.bindDNCredential:undefined}" />
            </bean>
        </property>
    </bean>
  </property>
</bean>

--Daniel Fisher
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20160427/b13704e4/attachment.html>


More information about the users mailing list