diff options
| author | Ade Lee <alee@redhat.com> | 2012-02-29 23:31:15 -0500 |
|---|---|---|
| committer | Ade Lee <alee@redhat.com> | 2012-03-09 01:55:38 -0500 |
| commit | 87585b101172461d2ad175515154a3f4dbdcd089 (patch) | |
| tree | ffd2b86f8a5ee724a4957972850445ebfc00d017 /pki/base/common/src/com/netscape/cmscore | |
| parent | a4942509ef7bca864df619a94b90d05cf2204114 (diff) | |
| download | pki-87585b101172461d2ad175515154a3f4dbdcd089.tar.gz pki-87585b101172461d2ad175515154a3f4dbdcd089.tar.xz pki-87585b101172461d2ad175515154a3f4dbdcd089.zip | |
Fixes to cloning and security domain tables for client auth internaldb user
The mechanism for getting an ldap connection to the internaldb was incorrect,
both in the Security Domain Session Table and the DatabasePanel. As a result,
connections to the internaldb failed for accessing the security domain session
table and when trying to clone a master which connects to its database using
client auth.
The thread that handles reading the security domain session table is now only
instantiated when running on a configured security domain master.
Additionally, needed acls for the client auth certificate ldap user have been
moved to manager.ldif. This includes acls to allow creation and management of
replication agreements and replication users (now being created under
ou=csusers, cn=config)
Added logs to show when ldif import errors occur. Also made sure to write and
remove master ldap password for use in replication.
Ticket #5
Diffstat (limited to 'pki/base/common/src/com/netscape/cmscore')
| -rw-r--r-- | pki/base/common/src/com/netscape/cmscore/apps/CMSEngine.java | 23 |
1 files changed, 12 insertions, 11 deletions
diff --git a/pki/base/common/src/com/netscape/cmscore/apps/CMSEngine.java b/pki/base/common/src/com/netscape/cmscore/apps/CMSEngine.java index 5fdcaece0..6ca1b6e7e 100644 --- a/pki/base/common/src/com/netscape/cmscore/apps/CMSEngine.java +++ b/pki/base/common/src/com/netscape/cmscore/apps/CMSEngine.java @@ -345,18 +345,19 @@ public class CMSEngine implements ICMSEngine { String secdomain_source = config.getString("securitydomain.source", "memory"); String secdomain_check_interval = config.getString("securitydomain.checkinterval", "5000"); - if (secdomain_source.equals("ldap")) { - mSecurityDomainSessionTable = new LDAPSecurityDomainSessionTable((new Long(flush_timeout)).longValue()); - } else { - mSecurityDomainSessionTable = new SecurityDomainSessionTable((new Long(flush_timeout)).longValue()); - } + if ((state == 1) && (!sd.equals("existing"))) { + // check session domain table only if this is a + // configured security domain host + + if (secdomain_source.equals("ldap")) { + mSecurityDomainSessionTable = new LDAPSecurityDomainSessionTable((new Long(flush_timeout)).longValue()); + } else { + mSecurityDomainSessionTable = new SecurityDomainSessionTable((new Long(flush_timeout)).longValue()); + } + + mSDTimer = new Timer(); + SessionTimer timertask = new SessionTimer(mSecurityDomainSessionTable); - mSDTimer = new Timer(); - SessionTimer timertask = new SessionTimer(mSecurityDomainSessionTable); - if ((state != 1) || (sd.equals("existing"))) { - // for non-security domain hosts or if not yet configured, - // do not check session domain table - } else { mSDTimer.schedule(timertask, 5, (new Long(secdomain_check_interval)).longValue()); } |