Merge branch 'release/v4.0.7.11'

pom.xml

@@ -4,7 +4,7 @@
     <groupId>com.cloudogu.ces</groupId>
     <artifactId>cas</artifactId>
     <packaging>war</packaging>
-    <version>4.0.7.10</version>
+    <version>4.0.7.11</version>
 
     <properties>
         <cas.version>4.0.7</cas.version>

src/main/java/de/triology/cas/ldap/ConnectionAwareAuthenticator.java

@@ -6,6 +6,7 @@
 package de.triology.cas.ldap;
 
 import javax.validation.constraints.NotNull;
+import org.jasig.cas.util.LdapUtils;
 import org.ldaptive.Connection;
 import org.ldaptive.ConnectionFactory;
 import org.ldaptive.LdapEntry;
@@ -81,17 +82,31 @@ private LdapEntry resolveEntry(
             AuthenticationHandlerResponse response, AuthenticationCriteria criteria, EntryResolver resolver
     ) throws LdapException {
 
-        LdapEntry entry = resolver.resolve(getEntryResolverConnection(response), criteria);
+        LdapEntry entry;
+        if (useUserConnectionToFetchAttributes) {
+            entry = resolveEntryWithUserConnection(response, criteria, resolver);
+        } else {
+            entry = resolveEntryWithSystemConnection(criteria, resolver);
+        }
+
         logger.trace("resolved entry={} with resolver={}", entry, resolver);
         return entry;
     }
 
-    private Connection getEntryResolverConnection(AuthenticationHandlerResponse response) throws LdapException {
-        if (useUserConnectionToFetchAttributes) {
-            logger.debug("use user connection to fetch attributes");
-            return response.getConnection();
-        }
+    private LdapEntry resolveEntryWithUserConnection(AuthenticationHandlerResponse response, AuthenticationCriteria criteria, EntryResolver resolver) throws LdapException{
+        logger.debug("use user connection to fetch attributes");
+        return resolver.resolve(response.getConnection(), criteria);
+    }
+
+    private LdapEntry resolveEntryWithSystemConnection(AuthenticationCriteria criteria, EntryResolver resolver) throws LdapException {
         logger.debug("use system connection to fetch attributes");
-        return connectionFactory.getConnection();
+        Connection connection = null;
+        try {
+            connection = connectionFactory.getConnection();
+            return resolver.resolve(connection, criteria);
+        } finally {
+            LdapUtils.closeConnection(connection);
+        }
     }
+
 }

src/test/java/de/triology/cas/ldap/ConnectionAwareAuthenticatorTest.java

@@ -6,12 +6,14 @@
 
 package de.triology.cas.ldap;
 
+import static org.junit.Assert.*;
 import org.junit.Test;
 import static org.mockito.Mockito.*;
 import org.junit.Before;
 import org.junit.runner.RunWith;
 import org.ldaptive.Connection;
 import org.ldaptive.ConnectionFactory;
+import org.ldaptive.LdapEntry;
 import org.ldaptive.LdapException;
 import org.ldaptive.auth.AuthenticationCriteria;
 import org.ldaptive.auth.AuthenticationHandler;
@@ -61,6 +63,7 @@ public class ConnectionAwareAuthenticatorTest {
      */
     @Before
     public void setUpMocks() throws LdapException {
+        when(systemConnection.isOpen()).thenReturn(Boolean.TRUE);
         when(response.getConnection()).thenReturn(userConnection);
         when(connectionFactory.getConnection()).thenReturn(systemConnection);
     }
@@ -84,6 +87,9 @@ public void testResolveEntryWithUserConnection() throws LdapException {
 
         verify(entryResolver).resolve(userConnection, criteria);
         verify(entryResolver, never()).resolve(systemConnection, criteria);
+
+        verify(userConnection, never()).close();
+        verify(systemConnection, never()).close();
     }
 
     /**
@@ -101,10 +107,17 @@ public void testResolveEntryWithSystemConnection() throws LdapException {
         EntryResolver entryResolver = mock(EntryResolver.class);
         authenticator.setEntryResolver(entryResolver);
 
-        authenticator.resolveEntry(request, response, criteria);
+        LdapEntry entry = new LdapEntry();
+        when(entryResolver.resolve(systemConnection, criteria)).thenReturn(entry);
+
+        LdapEntry resolvedEntry = authenticator.resolveEntry(request, response, criteria);
+        assertSame(entry, resolvedEntry);
 
         verify(entryResolver).resolve(systemConnection, criteria);
         verify(entryResolver, never()).resolve(userConnection, criteria);
+
+        verify(userConnection, never()).close();
+        verify(systemConnection).close();
     }
 
     private ConnectionAwareAuthenticator createAuthenticator( boolean useUserConnectionToFetchAttributes ) {