NIFI-5935:
authorMatt Gilman <matt.c.gilman@gmail.com>
Mon, 7 Jan 2019 19:02:42 +0000 (14:02 -0500)
committerPierre Villard <pierre.villard.fr@gmail.com>
Tue, 8 Jan 2019 10:13:38 +0000 (11:13 +0100)
- Ensuring exceptions are handled in the ldap user/group sync background thread.
- Adding additional logging around what users/groups were discovered.

Signed-off-by: Pierre Villard <pierre.villard.fr@gmail.com>
This closes #3247.

nifi-framework-api/src/main/java/org/apache/nifi/authorization/Group.java
nifi-nar-bundles/nifi-ldap-iaa-providers-bundle/nifi-ldap-iaa-providers/src/main/java/org/apache/nifi/ldap/tenants/LdapUserGroupProvider.java

index 7908e85..72e03c6 100644 (file)
@@ -89,7 +89,7 @@ public class Group { // TODO rename to UserGroup
 
     @Override
     public String toString() {
-        return String.format("identifier[%s], name[%s]", getIdentifier(), getName());
+        return String.format("identifier[%s], name[%s], users[%s]", getIdentifier(), getName(), String.join(", ", users));
     }
 
 
index 2282578..9b5dada 100644 (file)
@@ -392,7 +392,16 @@ public class LdapUserGroupProvider implements UserGroupProvider {
             }
 
             // schedule the background thread to load the users/groups
-            ldapSync.scheduleWithFixedDelay(() -> load(context), syncInterval, syncInterval, TimeUnit.MILLISECONDS);
+            ldapSync.scheduleWithFixedDelay(() -> {
+                try {
+                    load(context);
+                } catch (final Throwable t) {
+                    logger.error("Failed to sync User/Groups from LDAP due to {}. Will try again in {} millis.", new Object[] {t.toString(), syncInterval});
+                    if (logger.isDebugEnabled()) {
+                        logger.error("", t);
+                    }
+                }
+            }, syncInterval, syncInterval, TimeUnit.MILLISECONDS);
         } catch (final AuthorizationAccessException e) {
             throw new AuthorizerCreationException(e);
         }
@@ -639,6 +648,16 @@ public class LdapUserGroupProvider implements UserGroupProvider {
                 });
             }
 
+            if (logger.isDebugEnabled()) {
+                logger.debug("-------------------------------------");
+                logger.debug("Loaded the following users from LDAP:");
+                userList.forEach((user) -> logger.debug(" - " + user));
+                logger.debug("--------------------------------------");
+                logger.debug("Loaded the following groups from LDAP:");
+                groupList.forEach((group) -> logger.debug(" - " + group));
+                logger.debug("--------------------------------------");
+            }
+
             // record the updated tenants
             tenants.set(new TenantHolder(new HashSet<>(userList), new HashSet<>(groupList)));
         } finally {