From e441d9d5a9f469152b7b94db3d373a2b075a5efb Mon Sep 17 00:00:00 2001
From: Juan Carlos Luciani <jluciani@novell.com>
Date: Fri, 1 Feb 2008 20:05:38 +0000
Subject: [PATCH] Added code to override the default LDAP connect timeout to
 something more reasonable to allow fail-over to other LDAP servers without
 holding up the end-user for too long.

---
 .../Svc/src/com/novell/casa/authtoksvc/CasaIdentityToken.java   | 1 +
 .../Svc/src/com/novell/casa/authtoksvc/Krb5Authenticate.java    | 1 +
 .../Svc/src/com/novell/casa/authtoksvc/PwdAuthenticate.java     | 2 ++
 .../Svc/src/com/novell/casa/authtoksvc/RealmsInfo.java          | 1 +
 4 files changed, 5 insertions(+)

diff --git a/CASA-auth-token/server-java/Svc/src/com/novell/casa/authtoksvc/CasaIdentityToken.java b/CASA-auth-token/server-java/Svc/src/com/novell/casa/authtoksvc/CasaIdentityToken.java
index 401a768e..93df011b 100644
--- a/CASA-auth-token/server-java/Svc/src/com/novell/casa/authtoksvc/CasaIdentityToken.java
+++ b/CASA-auth-token/server-java/Svc/src/com/novell/casa/authtoksvc/CasaIdentityToken.java
@@ -737,6 +737,7 @@ public final class CasaIdentityToken implements IdentityToken
       {
          // Open a directory context and use it to read the identity attributes.
          Hashtable env = new Hashtable();
+         env.put("com.sun.jndi.ldap.connect.timeout", 15000); // Override default LDAP timeout
          env.put(Context.INITIAL_CONTEXT_FACTORY, "org.bandit.ia.IAInitialCtxFactory");
          env.put(Realm.REALM_CONFIG_LOCATION, svcConfig.getSetting(SvcConfig.IdentityAbstractionConfigFile));
          env.put(Realm.REALM_SELECTOR, sourceName);
diff --git a/CASA-auth-token/server-java/Svc/src/com/novell/casa/authtoksvc/Krb5Authenticate.java b/CASA-auth-token/server-java/Svc/src/com/novell/casa/authtoksvc/Krb5Authenticate.java
index 9b9fe1cb..cb9112aa 100644
--- a/CASA-auth-token/server-java/Svc/src/com/novell/casa/authtoksvc/Krb5Authenticate.java
+++ b/CASA-auth-token/server-java/Svc/src/com/novell/casa/authtoksvc/Krb5Authenticate.java
@@ -208,6 +208,7 @@ public final class Krb5Authenticate implements AuthMechanism, Serializable
          // Open a directory context and use it to identify the users
          // associated with the specified surname.
          Hashtable env = new Hashtable();
+         env.put("com.sun.jndi.ldap.connect.timeout", 15000); // Override default LDAP timeout
          env.put(Context.INITIAL_CONTEXT_FACTORY, "org.bandit.ia.IAInitialCtxFactory");
          env.put(Realm.REALM_CONFIG_LOCATION, m_svcConfig.getSetting(SvcConfig.IdentityAbstractionConfigFile));
          env.put(Realm.REALM_SELECTOR, authReqMsg.getRealm());
diff --git a/CASA-auth-token/server-java/Svc/src/com/novell/casa/authtoksvc/PwdAuthenticate.java b/CASA-auth-token/server-java/Svc/src/com/novell/casa/authtoksvc/PwdAuthenticate.java
index 3166a82d..8d2ad028 100644
--- a/CASA-auth-token/server-java/Svc/src/com/novell/casa/authtoksvc/PwdAuthenticate.java
+++ b/CASA-auth-token/server-java/Svc/src/com/novell/casa/authtoksvc/PwdAuthenticate.java
@@ -183,6 +183,7 @@ public final class PwdAuthenticate implements AuthMechanism, Serializable
          // Open a directory context and use it to identify the users
          // associated with the specified surname.
          Hashtable env = new Hashtable();
+         env.put("com.sun.jndi.ldap.connect.timeout", 15000); // Override default LDAP timeout
          env.put(Context.INITIAL_CONTEXT_FACTORY, "org.bandit.ia.IAInitialCtxFactory");
          env.put(Realm.REALM_CONFIG_LOCATION, m_svcConfig.getSetting(SvcConfig.IdentityAbstractionConfigFile));
          env.put(Realm.REALM_SELECTOR, authReqMsg.getRealm());
@@ -272,6 +273,7 @@ public final class PwdAuthenticate implements AuthMechanism, Serializable
                      try
                      {
                         Hashtable env2 = new Hashtable();
+                        env2.put("com.sun.jndi.ldap.connect.timeout", 15000); // Override default LDAP timeout
                         env2.put(Context.INITIAL_CONTEXT_FACTORY, "org.bandit.ia.IAInitialCtxFactory");
                         env2.put(Realm.REALM_CONFIG_LOCATION, m_svcConfig.getSetting(SvcConfig.IdentityAbstractionConfigFile));
                         env2.put(Realm.REALM_SELECTOR, authReqMsg.getRealm());
diff --git a/CASA-auth-token/server-java/Svc/src/com/novell/casa/authtoksvc/RealmsInfo.java b/CASA-auth-token/server-java/Svc/src/com/novell/casa/authtoksvc/RealmsInfo.java
index e5047f06..d313ab69 100644
--- a/CASA-auth-token/server-java/Svc/src/com/novell/casa/authtoksvc/RealmsInfo.java
+++ b/CASA-auth-token/server-java/Svc/src/com/novell/casa/authtoksvc/RealmsInfo.java
@@ -215,6 +215,7 @@ public class RealmsInfo
                      // users attribute which theoretically should only be valid on an AD
                      // server.
                      Hashtable env = new Hashtable();
+                     env.put("com.sun.jndi.ldap.connect.timeout", 15000); // Override default LDAP timeout
                      env.put(Context.INITIAL_CONTEXT_FACTORY, "org.bandit.ia.IAInitialCtxFactory");
                      env.put(Realm.REALM_CONFIG_LOCATION, realmConfigFilePath);
                      env.put(Realm.REALM_SELECTOR, realm.getId());