Connections pool implementation

Hello everyone,

I need to create a rails app where authentication and permissions for certain application actions will be provided by LDAP server. There is a problem with LDAP connection management, as every user login will spawn new connection object instance it may dangerously increase application memory usage (tbh i dont know what will happen, nothing good for sure) - LDAP server can close connection remotly after some idle time, but some connection resources will remain in memory non the less. I've made some google research what may be best course of action to manage this issue and i think creating connection pool sounds good. I've commited few average sized rails projects but nothing i've experienced so far is giving me any clues how to implement this solution.

I'll be happy to hear how You would do it.

Marcin,

Hello everyone,

I need to create a rails app where authentication and permissions for certain application actions will be provided by LDAP server. There is a problem with LDAP connection management, as every user login will spawn new connection object instance it may dangerously increase application memory usage (tbh i dont know what will happen, nothing good for sure) - LDAP server can close connection remotly after some idle time, but some connection resources will remain in memory non the less. I've made some google research what may be best course of action to manage this issue and i think creating connection pool sounds good. I've commited few average sized rails projects but nothing i've experienced so far is giving me any clues how to implement this solution.

I'll be happy to hear how You would do it.

Yeah i have login covered already, in simmilar way, but what with application permissions? I can read it at login time, save it somewhere and never user LDAP again until next login - but when i give that user a cookie, and then authenticate him with it any permissions changes on ldap wont have any effect (untile next login) How would You solve that?

Marcin

Hello everyone,

I need to create a rails app where authentication and permissions for certain application actions will be provided by LDAP server. There is a problem with LDAP connection management, as every user login will spawn new connection object instance it may dangerously increase application memory usage (tbh i dont know what will happen, nothing good for sure) - LDAP server can close connection remotly after some idle time, but some connection resources will remain in memory non the less. I've made some google research what may be best course of action to manage this issue and i think creating connection pool sounds good. I've commited few average sized rails projects but nothing i've experienced so far is giving me any clues how to implement this solution.

I'll be happy to hear how You would do it.

---- No - only 1 connection to LDAP server using a special account for the purpose with sufficient privileges for the task.

It's easy enough to create 'local' users who authenticate via LDAP and then you can manage their privileges/permissions via Rights/Roles if you want.

simple ruby app using net-ldap

#!/usr/local/bin/ruby # require 'rubygems' require 'net/ldap'

$person = "cwhite" $passwd = "won't_work"

ldap = Net::LDAP.new :encryption => :simple_tls, :host => 'ldap.server', :port => 636, # use 389 for non-ssl :auth => {    :method => :simple,    :username => "uid=" + $person + ", ou=people, dc=example, dc=com",    :password => $passwd }

if ldap.bind p "LDAP authentication succeeded" else p "LDAP authentication failed" end

Should give you enough of a concept for implementing in Rails

Craig

Yeah i have login covered already, in simmilar way, but what with application permissions? I can read it at login time, save it somewhere and never user LDAP again until next login - but when i give that user a cookie, and then authenticate him with it any permissions changes on ldap wont have any effect (untile next login) How would You solve that?