在 ldap 中搜索用户时出现问题
Issue while searching user into ldap
我在一台服务器上使用开放式 LDAP 运行,它在 10.0 上是 运行。26.X IP,我的客户端是 运行在 IP 10.0.25.X 和介于两者之间的防火墙上,但端口 389 已打开并处于侦听状态。所以我面临的客户端问题是它关闭了客户端服务器,之后我必须每 6 小时重新启动客户端然后它工作正常一段时间然后再次出现同样的问题。
我尝试打开我的客户端和打开 LDAP 之间的连接,但同样的问题。
同样从防火墙端我们已经尝试了一切。
Hashtable<String, String> envMap = new Hashtable<>();
envMap.put(Context.INITIAL_CONTEXT_FACTORY, initContextFactory);
envMap.put(Context.PROVIDER_URL, providerUrl);
envMap.put(Context.SECURITY_AUTHENTICATION, securityAuthentication);
envMap.put(Context.SECURITY_PRINCIPAL, userDN);
envMap.put(Context.SECURITY_CREDENTIALS, password);
DirContext userCtx = new InitialDirContext(envMap);
SearchControls controls = new SearchControls();
controls.setSearchScope(SearchControls.SUBTREE_SCOPE);
String filter = MessageFormat.format(Constants.LDAP_PERSON_FILTER, attrKey, attrValue);
NamingEnumeration<SearchResult> userResults = dirReaderctx.search(Constants.LDAP_DOMAIN_NAME,
filter, controls);
if (userResults.hasMore()) {
searchResult = userResults.next();
return searchResult;
}
我得到的异常是:
[com.sun.jndi.ldap.LdapCtx.doSearch(LdapCtx.java:2002), com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1844), com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1769) , com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(ComponentDirContext.java:392), com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:358), com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:341), javax.naming.directory.InitialDirContext.search(InitialDirContext.java:267), sun.reflect.GeneratedMethodAccessor100.invoke(未知来源), sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43), java.lang.reflect.Method.invoke(Method.java:498), org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:209), org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:136), org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandler Method.java:102), org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:877), org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:783), org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdater.handle(AbstractHandlerMethodAdapter.java :87), org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:991), org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:925), org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:974), org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:877), javax.servlet.http.HttpServlet.service(HttpServlet.java:661), org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:851), javax.servlet.http.HttpServlet.service( HttpServlet.java:742), org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231), org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166), org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java :52), org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193), org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166), org.springframework.boot.actuate.web.trace.servlet.HttpTraceFilter.doFilterInternal(HttpTraceFilter.java:90), org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107), org.apache.catalina.core.ApplicationFilterChain.inernalDoFilter(ApplicationFilterChain.java:193), org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166), org.springframework.web.filter.OncePerRequestFilter.doFilter( OncePerRequestFilter.java:107), org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193), org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166), org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java :99), org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107), org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193),org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96), org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:493), org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:140), org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81), org.apache.catalina.core.StandardEngineValve.invoke( StandardEngineValve.java:87), org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:342), org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:800), org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66),org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:800), org.apache.tomcat.utit.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1471), org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49), java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149), java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624), org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61), java.lang.Thread.run(Thread.java:748)]
不知道异常,有一点是错误的,那就是您没有在 NamingEnumeration 上调用 close() 方法,所以您正在泄漏资源。
如果它工作了一段时间,然后停止工作,这很可能是您遇到的资源耗尽异常。
NamingEnumeration<SearchResult> userResults = dirReaderctx.search(Constants.LDAP_DOMAIN_NAME,
filter, controls);
if (userResults.hasMore()) {
searchResult = userResults.next();
userResults.close(); // <-- add this line
return searchResult;
}
调试了很多东西后得到了这个问题的答案。
因为我在整个应用程序中只创建一次连接。它在 IP 上的同一子网上工作,因为它们之间没有防火墙。但是当它被移动到不同的子网时,由于连接关闭,这个错误出现在图片中,因为防火墙关闭了一个代表更长时间的连接。为了解决这个问题,我在需要时创建一个连接请求并汇集同一个连接,所以如果下一个请求到来,如果连接可用到连接池中,那么将使用相同的连接,否则创建新连接并在完成工作后关闭相同的连接. :)
我在一台服务器上使用开放式 LDAP 运行,它在 10.0 上是 运行。26.X IP,我的客户端是 运行在 IP 10.0.25.X 和介于两者之间的防火墙上,但端口 389 已打开并处于侦听状态。所以我面临的客户端问题是它关闭了客户端服务器,之后我必须每 6 小时重新启动客户端然后它工作正常一段时间然后再次出现同样的问题。
我尝试打开我的客户端和打开 LDAP 之间的连接,但同样的问题。 同样从防火墙端我们已经尝试了一切。
Hashtable<String, String> envMap = new Hashtable<>();
envMap.put(Context.INITIAL_CONTEXT_FACTORY, initContextFactory);
envMap.put(Context.PROVIDER_URL, providerUrl);
envMap.put(Context.SECURITY_AUTHENTICATION, securityAuthentication);
envMap.put(Context.SECURITY_PRINCIPAL, userDN);
envMap.put(Context.SECURITY_CREDENTIALS, password);
DirContext userCtx = new InitialDirContext(envMap);
SearchControls controls = new SearchControls();
controls.setSearchScope(SearchControls.SUBTREE_SCOPE);
String filter = MessageFormat.format(Constants.LDAP_PERSON_FILTER, attrKey, attrValue);
NamingEnumeration<SearchResult> userResults = dirReaderctx.search(Constants.LDAP_DOMAIN_NAME,
filter, controls);
if (userResults.hasMore()) {
searchResult = userResults.next();
return searchResult;
}
我得到的异常是:
[com.sun.jndi.ldap.LdapCtx.doSearch(LdapCtx.java:2002), com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1844), com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1769) , com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(ComponentDirContext.java:392), com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:358), com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:341), javax.naming.directory.InitialDirContext.search(InitialDirContext.java:267), sun.reflect.GeneratedMethodAccessor100.invoke(未知来源), sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43), java.lang.reflect.Method.invoke(Method.java:498), org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:209), org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:136), org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandler Method.java:102), org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:877), org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:783), org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdater.handle(AbstractHandlerMethodAdapter.java :87), org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:991), org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:925), org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:974), org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:877), javax.servlet.http.HttpServlet.service(HttpServlet.java:661), org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:851), javax.servlet.http.HttpServlet.service( HttpServlet.java:742), org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231), org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166), org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java :52), org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193), org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166), org.springframework.boot.actuate.web.trace.servlet.HttpTraceFilter.doFilterInternal(HttpTraceFilter.java:90), org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107), org.apache.catalina.core.ApplicationFilterChain.inernalDoFilter(ApplicationFilterChain.java:193), org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166), org.springframework.web.filter.OncePerRequestFilter.doFilter( OncePerRequestFilter.java:107), org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193), org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166), org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java :99), org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107), org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193),org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96), org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:493), org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:140), org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81), org.apache.catalina.core.StandardEngineValve.invoke( StandardEngineValve.java:87), org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:342), org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:800), org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66),org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:800), org.apache.tomcat.utit.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1471), org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49), java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149), java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624), org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61), java.lang.Thread.run(Thread.java:748)]
不知道异常,有一点是错误的,那就是您没有在 NamingEnumeration 上调用 close() 方法,所以您正在泄漏资源。
如果它工作了一段时间,然后停止工作,这很可能是您遇到的资源耗尽异常。
NamingEnumeration<SearchResult> userResults = dirReaderctx.search(Constants.LDAP_DOMAIN_NAME,
filter, controls);
if (userResults.hasMore()) {
searchResult = userResults.next();
userResults.close(); // <-- add this line
return searchResult;
}
调试了很多东西后得到了这个问题的答案。 因为我在整个应用程序中只创建一次连接。它在 IP 上的同一子网上工作,因为它们之间没有防火墙。但是当它被移动到不同的子网时,由于连接关闭,这个错误出现在图片中,因为防火墙关闭了一个代表更长时间的连接。为了解决这个问题,我在需要时创建一个连接请求并汇集同一个连接,所以如果下一个请求到来,如果连接可用到连接池中,那么将使用相同的连接,否则创建新连接并在完成工作后关闭相同的连接. :)