-
Notifications
You must be signed in to change notification settings - Fork 282
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Make ldap pool period and idle time configurable #2091
Conversation
Signed-off-by: Martin Kemp <[email protected]>
Codecov Report
@@ Coverage Diff @@
## main #2091 +/- ##
============================================
+ Coverage 60.99% 61.00% +0.01%
- Complexity 3226 3227 +1
============================================
Files 256 256
Lines 18075 18075
Branches 3225 3225
============================================
+ Hits 11024 11026 +2
+ Misses 5472 5471 -1
+ Partials 1579 1578 -1
Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here. |
@@ -82,6 +82,9 @@ public final class ConfigConstants { | |||
|
|||
public static final String LDAP_POOL_TYPE = "pool.type"; | |||
|
|||
public static final String LDAP_POOL_PRUNING_PERIOD = "pool.pruning_period"; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you for creating a ConfigConstant out of these values. It looks like there's a lack in documentation for these settings: https://github.com/opensearch-project/documentation-website/search?q=pruning.period and https://github.com/opensearch-project/documentation-website/search?q=pruning.idleTime.
I will create an issue on the documentation website to review the LDAP documentation and add or update where needed.
While lower_snake_case
appears to be the convention for settings keys, this may have the potential to break existing configs referencing these settings.
What do you think about supporting the existing settings keys as well?
this.settings.getAsLong(ConfigConstants.LDAP_POOL_PRUNING_PERIOD, this.settings.getAsLong("pruning.period", 5l))
this.settings.getAsLong(ConfigConstants.LDAP_POOL_IDLE_TIME, this.settings.getAsLong("pruning.idleTime", 10l))
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@cwillum - Looks like the documentation site for LDAP Configuration needs a review. https://opensearch.org/docs/latest/security-plugin/configuration/ldap/
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@cwperks, thanks for having a look!
What do you think about supporting the existing settings keys as well?
Yes, good idea. I'll update it on Monday.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@cwillum - Looks like the documentation site for LDAP Configuration needs a review. https://opensearch.org/docs/latest/security-plugin/configuration/ldap/
The whole ldap2 backend type isn't documented, I'm not even sure if it's actually supposed to be used.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I added an issue for review and update of LDAP documentation: #1248.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We need to support backward capability, registering the previous setting as deprecated Setting.Property.Deprecated
on the current settings values, and then registering the new ones you've created. This would allow the proper behavior and allow for fallback for anyone that used the code as documentation.
I know this was mentioned on the thread with @cwperks, just making sure to document how to move forward with this PR.
Signed-off-by: Martin Kemp <[email protected]>
@peternied, I'm not sure how to do this. Could you point me in the right direction? How do I set the property to Deprecated? I've pushed another commit to support the existing keys as suggested by @cwperks |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@Martin-Kemp No worries, I'll make a follow up PR to add the deprecation notice for the legacy settings, what you've done here is great!
(cherry picked from commit 1fc02ad)
(cherry picked from commit 1fc02ad) Co-authored-by: Martin-Kemp <[email protected]>
…2091) Signed-off-by: Stephen Crawford <[email protected]>
…2091) (opensearch-project#2097) (cherry picked from commit 1fc02ad) Co-authored-by: Martin-Kemp <[email protected]>
Description
Configure ldap connection pool pruning period and idle time through config.yml. For example, currently you can enable pooling and set the min and max size. ideally pool.idle_time and pool.pruning_period should also be configurable. Like this:
To comply with strict ldap providers.
Defaults are the same, this just makes things configurable.
Issues Resolved
#2090
Is this a backport? If so, please add backport PR # and/or commits #
No
Testing
Manual testing locally.
Check List
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.