Connections pool implementation

Hello everyone,

I need to create a rails app where authentication and permissions for
certain application actions will be provided by LDAP server. There is
a problem with LDAP connection management, as every user login will
spawn new connection object instance it may dangerously increase
application memory usage (tbh i dont know what will happen, nothing
good for sure) - LDAP server can close connection remotly after some
idle time, but some connection resources will remain in memory non the
less.
I've made some google research what may be best course of action to
manage this issue and i think creating connection pool sounds good.
I've commited few average sized rails projects but nothing i've
experienced so far is giving me any clues how to implement this
solution.

I'll be happy to hear how You would do it.

Marcin,

Hello everyone,

I need to create a rails app where authentication and permissions for
certain application actions will be provided by LDAP server. There is
a problem with LDAP connection management, as every user login will
spawn new connection object instance it may dangerously increase
application memory usage (tbh i dont know what will happen, nothing
good for sure) - LDAP server can close connection remotly after some
idle time, but some connection resources will remain in memory non the
less.
I've made some google research what may be best course of action to
manage this issue and i think creating connection pool sounds good.
I've commited few average sized rails projects but nothing i've
experienced so far is giving me any clues how to implement this
solution.

I'll be happy to hear how You would do it.

Yeah i have login covered already, in simmilar way, but what with
application permissions?
I can read it at login time, save it somewhere and never user LDAP
again until next login - but when i give that user a cookie, and then
authenticate him with it any permissions changes on ldap wont have any
effect (untile next login)
How would You solve that?

Marcin

Hello everyone,

I need to create a rails app where authentication and permissions for
certain application actions will be provided by LDAP server. There is
a problem with LDAP connection management, as every user login will
spawn new connection object instance it may dangerously increase
application memory usage (tbh i dont know what will happen, nothing
good for sure) - LDAP server can close connection remotly after some
idle time, but some connection resources will remain in memory non the
less.
I've made some google research what may be best course of action to
manage this issue and i think creating connection pool sounds good.
I've commited few average sized rails projects but nothing i've
experienced so far is giving me any clues how to implement this
solution.

I'll be happy to hear how You would do it.

----
No - only 1 connection to LDAP server using a special account for the purpose with sufficient privileges for the task.

It's easy enough to create 'local' users who authenticate via LDAP and then you can manage their privileges/permissions via Rights/Roles if you want.

simple ruby app using net-ldap

#!/usr/local/bin/ruby
#
require 'rubygems'
require 'net/ldap'

$person = "cwhite"
$passwd = "won't_work"

ldap = Net::LDAP.new :encryption => :simple_tls,
:host => 'ldap.server',
:port => 636, # use 389 for non-ssl
:auth => {
   :method => :simple,
   :username => "uid=" + $person + ", ou=people, dc=example, dc=com",
   :password => $passwd
}

if ldap.bind
p "LDAP authentication succeeded"
else
p "LDAP authentication failed"
end

Should give you enough of a concept for implementing in Rails

Craig

Yeah i have login covered already, in simmilar way, but what with
application permissions?
I can read it at login time, save it somewhere and never user LDAP
again until next login - but when i give that user a cookie, and then
authenticate him with it any permissions changes on ldap wont have any
effect (untile next login)
How would You solve that?