GUACAMOLE-234: Fix resource leaks in new LDAP code.
diff --git a/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/LDAPConnectionService.java b/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/LDAPConnectionService.java
index ecde74c..49a3f7c 100644
--- a/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/LDAPConnectionService.java
+++ b/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/LDAPConnectionService.java
@@ -128,10 +128,8 @@
public LdapNetworkConnection bindAs(Dn userDN, String password)
throws GuacamoleException {
- // Obtain appropriately-configured LdapNetworkConnection instance
- LdapNetworkConnection ldapConnection = createLDAPConnection();
-
- try {
+ // Get ldapConnection and try to connect and bind.
+ try (LdapNetworkConnection ldapConnection = createLDAPConnection()) {
// Connect to LDAP server
ldapConnection.connect();
@@ -140,14 +138,7 @@
if (confService.getEncryptionMethod() == EncryptionMethod.STARTTLS)
ldapConnection.startTls();
- }
- catch (LdapException e) {
- throw new GuacamoleServerException("Error connecting to LDAP server.", e);
- }
-
- // Bind using provided credentials
- try {
-
+ // Bind using provided credentials
BindRequest bindRequest = new BindRequestImpl();
bindRequest.setDn(userDN);
bindRequest.setCredentials(password);
@@ -165,7 +156,6 @@
// Disconnect if an error occurs during bind
catch (LdapException e) {
logger.debug("Unable to bind to LDAP server.", e);
- disconnect(ldapConnection);
throw new GuacamoleInvalidCredentialsException(
"Unable to bind to the LDAP server.",
CredentialsInfo.USERNAME_PASSWORD);
diff --git a/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/ObjectQueryService.java b/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/ObjectQueryService.java
index f9d7956..ebf9792 100644
--- a/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/ObjectQueryService.java
+++ b/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/ObjectQueryService.java
@@ -20,6 +20,7 @@
package org.apache.guacamole.auth.ldap;
import com.google.inject.Inject;
+import java.io.IOException;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
@@ -188,26 +189,24 @@
logger.debug("Searching \"{}\" for objects matching \"{}\".", baseDN, query);
- try {
-
- LdapConnectionConfig ldapConnectionConfig = ldapConnection.getConfig();
+ LdapConnectionConfig ldapConnectionConfig = ldapConnection.getConfig();
- // Search within subtree of given base DN
- SearchRequest request = ldapService.getSearchRequest(baseDN,
- query);
+ // Search within subtree of given base DN
+ SearchRequest request = ldapService.getSearchRequest(baseDN,
+ query);
- SearchCursor results = ldapConnection.search(request);
-
- // Produce list of all entries in the search result, automatically
- // following referrals if configured to do so
- List<Entry> entries = new ArrayList<>();
+ // Produce list of all entries in the search result, automatically
+ // following referrals if configured to do so
+ List<Entry> entries = new ArrayList<>();
+
+ try (SearchCursor results = ldapConnection.search(request)) {
while (results.next()) {
if (results.isEntry()) {
entries.add(results.getEntry());
}
else if (results.isReferral() && request.isFollowReferrals()) {
-
+
Referral referral = results.getReferral();
for (String url : referral.getLdapUrls()) {
LdapNetworkConnection referralConnection =
@@ -218,15 +217,15 @@
entries.addAll(search(referralConnection, baseDN, query,
searchHop));
}
-
+
}
-
+
}
return entries;
}
- catch (CursorException | LdapException e) {
+ catch (CursorException | IOException | LdapException e) {
throw new GuacamoleServerException("Unable to query list of "
+ "objects from LDAP directory.", e);
}
