Skip to content

Commit

Permalink
[BUG] 🐛 Fix max time before a connection is dropped from ldap connect…
Browse files Browse the repository at this point in the history 
…ion pool

Signed-off-by: Cécile Chemin <[email protected]>
  • Loading branch information
@CChemin @Ragatzino
CChemin authored and Ragatzino committed Dec 6, 2023
1 parent 7aa0a00 commit e46d688
Show file tree
Hide file tree
Showing 6 changed files with 54 additions and 33 deletions.
25 changes: 13 additions & 12 deletions docs/configuration.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,18 +27,19 @@ Sugoi-api is a springboot app working with extension. Each extension is activate

Realm can be load from different sources.

| Properties | Description | Default value | example |
|--------------------------------------------|:--------------------------------------------------------------------------------------------------------------------------------------------------------:|--------------------------:|------------------------------------:|
| fr.insee.sugoi.realm.config.type | RealmProvider type (could be ldap or file) | file | file |
| fr.insee.sugoi.realm.config.local.path | Use only if config type is file. Path to a file containing an array of realms in json format | | realms.json |
| fr.insee.sugoi.config.ldap.profils.url | Use only if config type is ldap. Ldap host and port where the realm configurations are stored | | my-ldap.url |
| fr.insee.sugoi.config.ldap.profils.port | Use only if config type is ldap. Ldap host and port where the realm configurations are stored | | 389 |
| fr.insee.sugoi.config.ldap.profils.branche | Use only if config type is ldap. Ldap subtree where configurations are stored | | |
| fr.insee.sugoi.config.ldap.profils.pattern | Use only if config type is ldap. String pattern to find realms ('{realm}' is replaced with realm's name). cn={realm} will search realm config for realm1 | cn=Profil\_{realm}\_Sugoi | cn=config\_{realm}\_WebServicesLdap |
| fr.insee.sugoi.config.ldap.profils.timeout | Timeout before failing to get profiles in milliseconds | 30000 | 30000 |
| fr.insee.sugoi.ldap.default.vlv.enabled | enable vlv searched on ldap | false | |
| fr.insee.sugoi.config.ldap.default.sortKey | attribute on which paging request will be ordered | | uid |
| fr.insee.sugoi.verify-unique-mail | indicate if a check on user email must be done before each update/creation | | true |
| Properties | Description | Default value | example |
|------------------------------------------------------------|:--------------------------------------------------------------------------------------------------------------------------------------------------------:|--------------------------:|------------------------------------:|
| fr.insee.sugoi.realm.config.type | RealmProvider type (could be ldap or file) | file | file |
| fr.insee.sugoi.realm.config.local.path | Use only if config type is file. Path to a file containing an array of realms in json format | | realms.json |
| fr.insee.sugoi.config.ldap.profils.url | Use only if config type is ldap. Ldap host and port where the realm configurations are stored | | my-ldap.url |
| fr.insee.sugoi.config.ldap.profils.port | Use only if config type is ldap. Ldap host and port where the realm configurations are stored | | 389 |
| fr.insee.sugoi.config.ldap.profils.branche | Use only if config type is ldap. Ldap subtree where configurations are stored | | |
| fr.insee.sugoi.config.ldap.profils.pattern | Use only if config type is ldap. String pattern to find realms ('{realm}' is replaced with realm's name). cn={realm} will search realm config for realm1 | cn=Profil\_{realm}\_Sugoi | cn=config\_{realm}\_WebServicesLdap |
| fr.insee.sugoi.config.ldap.profils.timeout | Timeout before failing to get profiles in milliseconds | 30000 | 30000 |
| fr.insee.sugoi.ldap.default.vlv.enabled | enable vlv searched on ldap | false | |
| fr.insee.sugoi.config.ldap.default.sortKey | attribute on which paging request will be ordered | | uid |
| fr.insee.sugoi.config.ldap.default.max-pool-connection-age | default time before a connection is dropped from connection pool in millis | 60000 | uid |
| fr.insee.sugoi.verify-unique-mail | indicate if a check on user email must be done before each update/creation | | true |

### Reader writer configuration

Expand Down
25 changes: 13 additions & 12 deletions docs/realm-configuration.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -80,18 +80,19 @@ A list of custom key/values can be added at the end.

### Realm configuration properties

| Field name | Example | Optional | Default | Description |
|-------------------------------------| :-----------------------------------------------: |----------------------------------------------------------------------------------------:|------------------------------------------------------------:|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| seealso_attributes | "seeAlso, otherSeeAlso" | no, set to enable seealso functionnality | | All values in the corresponding attributes will be parsed as [SeeAlso](concepts.md#SeeAlso) string to add a new attributes to a user. It can be a single attribute name or a list of attribute names separated by a comma. |
| app-managed-attribute-keys-list | "inseeGroupeDefaut, inseeGroupeApplicatif" | yes, it just allow person with app right to give (or remove) properties on an attribute | | The name of the attribute to modify |
| app-managed-attribute-patterns-list | "(.\*)\_$(application),$(application)\\$\\$(.\*)" | yes | | The pattern that the attribute value must follow |
| vlv_enabled | true or false | yes, disabled by default | | Allowed to make vlv search on ldap |
| sort_key | uid | no | | Attribute on which ordered will be done when making a paging request |
| usersMaxOutputSize | 100 | yes | fr.insee.sugoi.users.maxoutputsize | The maximum number of user outputs allowed |
| groupsMaxOutputSize | 100 | yes | fr.insee.sugoi.groups.maxoutputsize | The maximum number of grouos outputs allowed |
| applicationsMaxOutputSize | 100 | yes | fr.insee.sugoi.applications.maxoutputsize | The maximum number of applications outputs allowed |
| organizationsMaxOutputSize | 100 | yes | fr.insee.sugoi.organizations.maxoutputsize | The maximum number of organizations outputs allowed |
| group_manager_source_pattern | "uid=ASI\_$(appliname),ou=Applications,o=insee,c=fr" | | the default can be set via the instance property : fr.insee.sugoi.ldap.default.group_manager_source_pattern | Describe where the group manager of the application {appliname} should be fetch. Users belonging to this group can create, delete, add or remove users from ${appliname}'s groups. |
| Field name | Example | Optional | Default | Description |
|-------------------------------------|:----------------------------------------------------:|----------------------------------------------------------------------------------------:|--------------------------------------------------------------------------------------------------------------:|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| seealso_attributes | "seeAlso, otherSeeAlso" | no, set to enable seealso functionnality | | All values in the corresponding attributes will be parsed as [SeeAlso](concepts.md#SeeAlso) string to add a new attributes to a user. It can be a single attribute name or a list of attribute names separated by a comma. |
| app-managed-attribute-keys-list | "inseeGroupeDefaut, inseeGroupeApplicatif" | yes, it just allow person with app right to give (or remove) properties on an attribute | | The name of the attribute to modify |
| app-managed-attribute-patterns-list | "(.\*)\_$(application),$(application)\\$\\$(.\*)" | yes | | The pattern that the attribute value must follow |
| vlv_enabled | true or false | yes, disabled by default | | Allowed to make vlv search on ldap |
| sort_key | uid | no | | Attribute on which ordered will be done when making a paging request |
| usersMaxOutputSize | 100 | yes | fr.insee.sugoi.users.maxoutputsize | The maximum number of user outputs allowed |
| groupsMaxOutputSize | 100 | yes | fr.insee.sugoi.groups.maxoutputsize | The maximum number of grouos outputs allowed |
| applicationsMaxOutputSize | 100 | yes | fr.insee.sugoi.applications.maxoutputsize | The maximum number of applications outputs allowed |
| organizationsMaxOutputSize | 100 | yes | fr.insee.sugoi.organizations.maxoutputsize | The maximum number of organizations outputs allowed |
| group_manager_source_pattern | "uid=ASI\_$(appliname),ou=Applications,o=insee,c=fr" | | the default can be set via the instance property : fr.insee.sugoi.ldap.default.group_manager_source_pattern | Describe where the group manager of the application {appliname} should be fetch. Users belonging to this group can create, delete, add or remove users from ${appliname}'s groups. |
| max_pool_connection_age | 30000 | | the default can be set via the instance property : fr.insee.sugoi.config.ldap.default.max-pool-connection-age | time before a connection is dropped from connection pool |

Realm configuration properties can be set as:

Expand Down
Loading

0 comments on commit e46d688

Please sign in to comment.