| | |
|---|
| | | import com.gitblit.service.LdapSyncService; |
|---|
| | | import com.gitblit.utils.ArrayUtils; |
|---|
| | | import com.gitblit.utils.StringUtils; |
|---|
| | | import com.gitblit.utils.TimeUtils; |
|---|
| | | import com.unboundid.ldap.sdk.Attribute; |
|---|
| | | import com.unboundid.ldap.sdk.DereferencePolicy; |
|---|
| | | import com.unboundid.ldap.sdk.ExtendedResult; |
|---|
| | |
|---|
| | | super("ldap"); |
|---|
| | | } |
|---|
| | | |
|---|
| | | private long getSynchronizationPeriod() { |
|---|
| | | final String cacheDuration = settings.getString(Keys.realm.ldap.ldapCachePeriod, "2 MINUTES"); |
|---|
| | | private long getSynchronizationPeriodInMilliseconds(String name) { |
|---|
| | | final String cacheDuration = settings.getString(name, "2 MINUTES"); |
|---|
| | | try { |
|---|
| | | final String[] s = cacheDuration.split(" ", 2); |
|---|
| | | long duration = Long.parseLong(s[0]); |
|---|
| | | long duration = Math.abs(Long.parseLong(s[0])); |
|---|
| | | TimeUnit timeUnit = TimeUnit.valueOf(s[1]); |
|---|
| | | return timeUnit.toMillis(duration); |
|---|
| | | } catch (RuntimeException ex) { |
|---|
| | | throw new IllegalArgumentException(Keys.realm.ldap.ldapCachePeriod + " must have format '<long> <TimeUnit>' where <TimeUnit> is one of 'MILLISECONDS', 'SECONDS', 'MINUTES', 'HOURS', 'DAYS'"); |
|---|
| | | throw new IllegalArgumentException(name + " must have format '<long> <TimeUnit>' where <TimeUnit> is one of 'MILLISECONDS', 'SECONDS', 'MINUTES', 'HOURS', 'DAYS'"); |
|---|
| | | } |
|---|
| | | } |
|---|
| | | |
|---|
| | |
|---|
| | | protected synchronized void synchronizeLdapUsers() { |
|---|
| | | final boolean enabled = settings.getBoolean(Keys.realm.ldap.synchronizeUsers.enable, false); |
|---|
| | | if (enabled) { |
|---|
| | | if (System.currentTimeMillis() > (lastLdapUserSync.get() + getSynchronizationPeriod())) { |
|---|
| | | if (System.currentTimeMillis() > (lastLdapUserSync.get() + getSynchronizationPeriodInMilliseconds(Keys.realm.ldap.ldapCachePeriod))) { |
|---|
| | | logger.info("Synchronizing with LDAP @ " + settings.getRequiredString(Keys.realm.ldap.server)); |
|---|
| | | final boolean deleteRemovedLdapUsers = settings.getBoolean(Keys.realm.ldap.synchronizeUsers.removeDeleted, true); |
|---|
| | | LDAPConnection ldapConnection = getLdapConnection(); |
|---|
| | |
|---|
| | | logger.info("Start configuring ldap sync service"); |
|---|
| | | LdapSyncService ldapSyncService = new LdapSyncService(settings, this); |
|---|
| | | if (ldapSyncService.isReady()) { |
|---|
| | | int mins = TimeUtils.convertFrequencyToMinutes(settings.getString(Keys.realm.ldap.synchronizeUsers.ldapSyncPeriod, "5 mins")); |
|---|
| | | if (mins < 5) { |
|---|
| | | mins = 5; |
|---|
| | | long ldapSyncPeriod = getSynchronizationPeriodInMilliseconds(Keys.realm.ldap.synchronizeUsers.ldapSyncPeriod); |
|---|
| | | long ldapCachePeriod = getSynchronizationPeriodInMilliseconds(Keys.realm.ldap.synchronizeUsers.ldapSyncPeriod); |
|---|
| | | if (ldapSyncPeriod < ldapCachePeriod) { |
|---|
| | | ldapSyncPeriod = ldapCachePeriod; |
|---|
| | | } |
|---|
| | | int delay = 1; |
|---|
| | | ScheduledExecutorService scheduledExecutorService = Executors.newSingleThreadScheduledExecutor(); |
|---|
| | | scheduledExecutorService.scheduleAtFixedRate(ldapSyncService, delay, mins, TimeUnit.MINUTES); |
|---|
| | | logger.info("Ldap sync service will update user and groups every {} minutes.", mins); |
|---|
| | | scheduledExecutorService.scheduleAtFixedRate(ldapSyncService, delay, ldapSyncPeriod, TimeUnit.MILLISECONDS); |
|---|
| | | logger.info("Ldap sync service will update user and groups every {} minutes.", ldapSyncPeriod); |
|---|
| | | logger.info("Next scheduled ldap sync is in {} minutes", delay); |
|---|
| | | } else { |
|---|
| | | logger.info("Ldap sync service is disabled."); |
|---|
