diff options
author | James Y Knight <jyknight@google.com> | 2011-01-04 02:40:32 -0500 |
---|---|---|
committer | Shawn O. Pearce <sop@google.com> | 2011-06-24 09:21:38 -0700 |
commit | 773e8e30f1ca2277d54480e0502ac5433a9442a1 (patch) | |
tree | 7ea007c9ccc08f87b6543fa62f8bbda938895b7d | |
parent | 30174be3842e3167ff01b76ff85811b013dca601 (diff) |
Ignore PartialResultException from LDAP.
This exception occurs when the server isn't following referrals for
you, and thus the result contains a referral. That happens when you're
using Active Directory. You almost certainly don't really want to
follow referrals in AD *anyways*, so just ignore these exceptions, so
we can still use the actual data.
Inspired by:
https://src.springframework.org/svn/spring-ldap/trunk/core/src/main/java/org/springframework/ldap/core/LdapTemplate.java
Change-Id: I484145a2e262173de6b3ac4081608bd684577916
Signed-Off-By: James Y Knight <jyknight@google.com>
(cherry picked from commit 1244ed057467ae07f4f0c6a7d70104ed3a5117dd)
3 files changed, 22 insertions, 12 deletions
diff --git a/Documentation/config-gerrit.txt b/Documentation/config-gerrit.txt index decbc728f1..8f751b4f8c 100644 --- a/Documentation/config-gerrit.txt +++ b/Documentation/config-gerrit.txt @@ -1264,9 +1264,8 @@ server is attempted. + _(Optional)_ How an LDAP referral should be handled if it is encountered during directory traversal. Set to `follow` to -automatically follow any referrals, or `ignore` to stop and fail -with `javax.naming.PartialResultException: Unprocessed Continuation -Reference(s)` +automatically follow any referrals, or `ignore` to ignore the +referrals. + By default, `ignore`. diff --git a/gerrit-server/src/main/java/com/google/gerrit/server/auth/ldap/Helper.java b/gerrit-server/src/main/java/com/google/gerrit/server/auth/ldap/Helper.java index 675202cc4d..a9ea853557 100644 --- a/gerrit-server/src/main/java/com/google/gerrit/server/auth/ldap/Helper.java +++ b/gerrit-server/src/main/java/com/google/gerrit/server/auth/ldap/Helper.java @@ -38,6 +38,7 @@ import javax.naming.Context; import javax.naming.Name; import javax.naming.NamingEnumeration; import javax.naming.NamingException; +import javax.naming.PartialResultException; import javax.naming.directory.Attribute; import javax.naming.directory.DirContext; import javax.naming.directory.InitialDirContext; @@ -168,9 +169,12 @@ import javax.net.ssl.SSLSocketFactory; final Attribute groupAtt = account.getAll(schema.accountMemberField); if (groupAtt != null) { final NamingEnumeration<?> groups = groupAtt.getAll(); - while (groups.hasMore()) { - final String nextDN = (String) groups.next(); - recursivelyExpandGroups(groupDNs, schema, ctx, nextDN); + try { + while (groups.hasMore()) { + final String nextDN = (String) groups.next(); + recursivelyExpandGroups(groupDNs, schema, ctx, nextDN); + } + } catch (PartialResultException e) { } } } @@ -203,9 +207,12 @@ import javax.net.ssl.SSLSocketFactory; ctx.getAttributes(compositeGroupName).get(schema.accountMemberField); if (in != null) { final NamingEnumeration<?> groups = in.getAll(); - while (groups.hasMore()) { - final String nextDN = (String) groups.next(); - recursivelyExpandGroups(groupDNs, schema, ctx, nextDN); + try { + while (groups.hasMore()) { + final String nextDN = (String) groups.next(); + recursivelyExpandGroups(groupDNs, schema, ctx, nextDN); + } + } catch (PartialResultException e) { } } } catch (NamingException e) { @@ -316,4 +323,4 @@ import javax.net.ssl.SSLSocketFactory; } } } -}
\ No newline at end of file +} diff --git a/gerrit-server/src/main/java/com/google/gerrit/server/auth/ldap/LdapQuery.java b/gerrit-server/src/main/java/com/google/gerrit/server/auth/ldap/LdapQuery.java index 70ce779140..7d1e37d88f 100644 --- a/gerrit-server/src/main/java/com/google/gerrit/server/auth/ldap/LdapQuery.java +++ b/gerrit-server/src/main/java/com/google/gerrit/server/auth/ldap/LdapQuery.java @@ -25,6 +25,7 @@ import java.util.Set; import javax.naming.NamingEnumeration; import javax.naming.NamingException; +import javax.naming.PartialResultException; import javax.naming.directory.Attribute; import javax.naming.directory.BasicAttribute; import javax.naming.directory.DirContext; @@ -69,8 +70,11 @@ class LdapQuery { res = ctx.search(base, pattern.getRawPattern(), pattern.bind(params), sc); try { final List<Result> r = new ArrayList<Result>(); - while (res.hasMore()) { - r.add(new Result(res.next())); + try { + while (res.hasMore()) { + r.add(new Result(res.next())); + } + } catch (PartialResultException e) { } return r; } finally { |