Java LDAP 优雅断开连接
目前从 java 我正在使用以下代码连接到 LDAP,非常典型的示例:
Currently from java I am connecting to LDAP with the following code, very typical example:
Hashtable<String, String> env = new Hashtable<String, String>();
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL, url);
env.put(Context.SECURITY_AUTHENTICATION, "simple");
env.put(Context.SECURITY_PRINCIPAL, user);
env.put(Context.SECURITY_CREDENTIALS, password);
LdapContext ctx = null;
try
{
ctx = new InitialLdapContext(env, null);
return true;
}
catch (NamingException ex)
{
return false;
}
finally
{
if (ctx != null)
{
try {
ctx.close();
} catch (NamingException e) {
log.warn(e.getMessage());
}
}
}
这适用于对用户进行身份验证.但是,LDAP 管理员告诉我,当绑定不成功时,我没有正常断开连接.LDAP 端的错误是(例如):
This works in terms of authenticating the user. However the LDAP administrator is telling me that I am not disconnecting gracefully when the bind is not successful. The error on the LDAP side is (e.g.):
[24/Jan/2013:13:20:44 -0500] conn=249 op=-1 msgId=-1 - 从 [ipaddress]:44724 关闭 - A1 - 客户端中止连接 -
[24/Jan/2013:13:20:44 -0500] conn=249 op=-1 msgId=-1 - closing from [ipaddress]:44724 - A1 - Client aborted connection -
他还说,当认证成功时,断开连接是优雅的.我想这是因为我在那种情况下执行了 ctx.close()
.
He also says when it is a successful authentication, the disconnection is graceful. I guess this is because I do the ctx.close()
in that situation.
但是,当身份验证失败时,new InitialLdapContext(env, null)
行实际上会引发异常.因此不会返回任何上下文,也不会在任何上下文上调用 close.
However, when authentication fails, there's actually an exception thrown from the new InitialLdapContext(env, null)
line. Therefore no context is returned, and no close is called on any context.
有没有办法在尝试验证之前检索某种连接对象,以便之后无论验证是否成功都可以关闭它?
Is there some way to retrieve some kind of connection object, before attempting the authentication, so that I can close it afterwards whether or not auth was successful?
推荐答案
他为什么要在优雅和非优雅的关闭之间关心?显然,您的收盘是在唯一相关的情况下执行的:您成功的情况.在另一种情况下,没有什么可以关闭,所以你什么都不能调用.在另一种情况下,JNDI LDAP 提供者将其关闭,很明显,它正在执行中止关闭.这一切都在 JNDI LDAP 提供者的底层.你无能为力.我建议他找点别的担心,这实际上很重要.
Why does he care between a graceful and non-graceful close? Clearly your close is being executed in the only relevant case: the case where you succeeded. In the other case there is nothing to close, so nothing you can call. The JNDI LDAP provider closes it in the other case, and clearly it is that which is doing the abortive close. This is all under the hood in the JNDI LDAP provider. Nothing you can do about it. I suggest he find something else to worry about that's actually important.
相关文章