Merge branch 'master' into update-jdk-11

Valery Kharseko

04.51.2025 d427c09f0d7fc49688ca3a2b39f87fbf0cfa2f52

Merge branch 'master' into update-jdk-11

 .github/workflows/build.yml

@@ -3,7 +3,7 @@
on:
  push:
  pull_request:
    branches: [ master ]
    branches: [ 'master','release/5.0.0-SNAPSHOT' ]

jobs:
  build-maven:

 .github/workflows/deploy.yml

@@ -2,12 +2,12 @@

on:
  workflow_run:
    branches: [ master ]
    workflows: ["Build"]
    branches: [ 'master','release/5.0.0-SNAPSHOT' ]
    workflows: ["Build","Release"]
    types: [completed]
jobs:
  package-deploy-maven:
    if: ${{ github.event.workflow_run.conclusion == 'success' }}
    if: ${{ github.event.workflow_run.conclusion == 'success' && github.event.workflow_run.event=='push'}}
    runs-on: 'ubuntu-latest'
    steps:
      - name: Print github context
@@ -31,6 +31,7 @@
        with:
          fetch-depth: 0
          submodules: recursive
          ref: ${{ github.event.workflow_run.head_branch }}
      - name: Set up Java for publishing to Maven Central Repository OSS
        uses: actions/setup-java@v4
        with:

 opendj-doc-generated-ref/src/main/asciidoc/admin-guide/chap-import-export.adoc

@@ -12,7 +12,7 @@
  information: "Portions copyright [year] [name of copyright owner]".
 
  Copyright 2017 ForgeRock AS.
  Portions Copyright 2024 3A Systems LLC.
  Portions Copyright 2025 3A Systems LLC.
////

:figure-caption!:
@@ -348,6 +348,26 @@
index-entry-limit : 4000
writability-mode  : enabled
----

If you want to add a base entry, create a template file with the base DN, for example `base.template`:
[source]
----
branch: dc=example,dc=com
----

And then use the `import-ldif` tool to import a template file as shown in the following example:

[source, console]
----
$ /opt/opendj/bin/import-ldif \
 --templateFile base.template \
 --backendID myData \
 --bindDN "cn=Directory Manager" \
 --bindPassword password
----

For details see xref:../reference/admin-tools-ref.adoc#import-ldif-1[import-ldif(1)] in the __Reference__.

Alternatively, you can create a new backend in OpenDJ control panel (Directory Data > New Base DN > Backend > New Backend: __backend-name__).
When you create a new backend using the `dsconfig` command, OpenDJ directory server creates the following indexes automatically:
[none]

 opendj-packages/opendj-docker/bootstrap/replicate.sh

@@ -36,17 +36,17 @@
    --host1 $MASTER_SERVER \
    --port1 4444 \
    --bindDN1 "$ROOT_USER_DN" \
    --bindPassword1 $ROOT_PASSWORD --replicationPort1 8989 \
    --bindPassword1 "$ROOT_PASSWORD" --replicationPort1 8989 \
    --host2 $MYHOSTNAME --port2 4444 --bindDN2 "$ROOT_USER_DN" \
    --bindPassword2 $ROOT_PASSWORD --replicationPort2 8989 \
    --adminUID admin --adminPassword $ROOT_PASSWORD \
    --baseDN $BASE_DN -X -n
    --bindPassword2 "$ROOT_PASSWORD" --replicationPort2 8989 \
    --adminUID admin --adminPassword "$ROOT_PASSWORD" \
    --baseDN "$BASE_DN" -X -n

  echo "initializing replication"

  # replicating data in MASTER_SERVER to MYHOSTNAME:
  /opt/opendj/bin/dsreplication initialize --baseDN $BASE_DN \
    --adminUID admin --adminPassword $ROOT_PASSWORD \
  /opt/opendj/bin/dsreplication initialize --baseDN "$BASE_DN" \
    --adminUID admin --adminPassword "$ROOT_PASSWORD" \
    --hostSource $MASTER_SERVER --portSource 4444 \
    --hostDestination $MYHOSTNAME --portDestination 4444 -X -n

@@ -54,17 +54,17 @@
  echo "Enabling Standalone Replication Servers..."
  dsreplication enable \
    --adminUID admin \
    --adminPassword $ROOT_PASSWORD \
    --baseDN $BASE_DN \
    --adminPassword "$ROOT_PASSWORD" \
    --baseDN "$BASE_DN" \
    --host1 $MYHOSTNAME \
    --port1 4444 \
    --bindDN1 "$ROOT_USER_DN" \
    --bindPassword1 $ROOT_PASSWORD \
    --bindPassword1 "$ROOT_PASSWORD" \
    --noReplicationServer1 \
    --host2 $MASTER_SERVER \
    --port2 4444 \
    --bindDN2 "$ROOT_USER_DN" \
    --bindPassword2 $ROOT_PASSWORD \
    --bindPassword2 "$ROOT_PASSWORD" \
    --replicationPort2 8989 \
    --onlyReplicationServer2 \
    --trustAll \
@@ -75,8 +75,8 @@
  dsreplication \
    initialize-all \
    --adminUID admin \
    --adminPassword $ROOT_PASSWORD \
    --baseDN $BASE_DN \
    --adminPassword "$ROOT_PASSWORD" \
    --baseDN "$BASE_DN" \
    --hostname $MYHOSTNAME \
    --port 4444 \
    --trustAll \
@@ -87,16 +87,16 @@
  dsreplication \
    enable \
    --adminUID admin \
    --adminPassword $ROOT_PASSWORD \
    --baseDN $BASE_DN \
    --adminPassword "$ROOT_PASSWORD" \
    --baseDN "$BASE_DN" \
    --host1 $MASTER_SERVER \
    --port1 4444 \
    --bindDN1 "$ROOT_USER_DN" \
    --bindPassword1 $ROOT_PASSWORD \
    --bindPassword1 "$ROOT_PASSWORD" \
    --host2 $MYHOSTNAME \
    --port2 4444 \
    --bindDN2 "$ROOT_USER_DN" \
    --bindPassword2 $ROOT_PASSWORD \
    --bindPassword2 "$ROOT_PASSWORD" \
    --noReplicationServer2 \
    --trustAll \
    --no-prompt
@@ -106,8 +106,8 @@
  dsreplication \
    initialize \
    --adminUID admin \
    --adminPassword $ROOT_PASSWORD \
    --baseDN $BASE_DN \
    --adminPassword "$ROOT_PASSWORD" \
    --baseDN "$BASE_DN" \
    --hostSource $MASTER_SERVER \
    --portSource 4444 \
    --hostDestination $MYHOSTNAME \
@@ -123,9 +123,9 @@
    --port 4444 \
    --hostname $MYHOSTNAME \
    --bindDN "$ROOT_USER_DN" \
    --bindPassword $ROOT_PASSWORD \
    --bindPassword "$ROOT_PASSWORD" \
    --provider-name "Multimaster Synchronization" \
    --domain-name $BASE_DN \
    --domain-name "$BASE_DN" \
    --set group-id:$OPENDJ_REPLICATION_GROUP_ID \
    --trustAll \
    --no-prompt
@@ -135,7 +135,7 @@
    --port 4444 \
    --hostname $MASTER_SERVER \
    --bindDN "$ROOT_USER_DN" \
    --bindPassword $ROOT_PASSWORD \
    --bindPassword "$ROOT_PASSWORD" \
    --provider-name "Multimaster Synchronization" \
    --set group-id:$OPENDJ_REPLICATION_GROUP_ID \
    --trustAll \

 opendj-packages/opendj-docker/bootstrap/setup.sh

@@ -41,18 +41,12 @@
  --set enabled:true --no-prompt --trustAll

if [ "$ADD_BASE_ENTRY" = "--addBaseEntry" ]; then

  DC=$(echo "$BASE_DN" | awk -F',|=' '{print $2}')

  /opt/opendj/bin/ldapmodify --hostname localhost \
    --port 1636 --bindDN "$ROOT_USER_DN" --bindPassword "$ROOT_PASSWORD" \
    --useSsl --trustAll <<EOF
dn: $BASE_DN
dc: $DC
objectClass: domain
objectClass: top
EOF

  echo "creating base entry..."
  BASE_TEMPLATE=$(mktemp)
  echo "branch: $BASE_DN" > $BASE_TEMPLATE
  /opt/opendj/bin/import-ldif --templateFile $BASE_TEMPLATE \
    --backendID=userRoot --bindDN "$ROOT_USER_DN" --bindPassword "$ROOT_PASSWORD"
  rm $BASE_TEMPLATE
fi



 opendj-server-legacy/src/main/java/org/opends/server/backends/jdbc/CachedConnection.java

@@ -11,7 +11,7 @@
 * Header, with the fields enclosed by brackets [] replaced by your own identifying
 * information: "Portions Copyright [year] [name of copyright owner]".
 *
 * Copyright 2024 3A Systems, LLC.
 * Copyright 2024-2025 3A Systems, LLC.
 */
package org.opends.server.backends.jdbc;

@@ -27,25 +27,25 @@
public class CachedConnection implements Connection {
    final Connection parent;

    static LoadingCache<String, BlockingQueue<Connection>> cached= CacheBuilder.newBuilder()
    static LoadingCache<String, BlockingQueue<CachedConnection>> cached= CacheBuilder.newBuilder()
            .expireAfterAccess(Long.parseLong(System.getProperty("org.openidentityplatform.opendj.jdbc.ttl","15000")), TimeUnit.MILLISECONDS)
            .removalListener(new RemovalListener<String, BlockingQueue<Connection>>() {
            .removalListener(new RemovalListener<String, BlockingQueue<CachedConnection>>() {
                @Override
                public void onRemoval(RemovalNotification<String, BlockingQueue<Connection>> notification) {
                public void onRemoval(RemovalNotification<String, BlockingQueue<CachedConnection>> notification) {
                    assert notification.getValue() != null;
                    for (Connection con: notification.getValue()) {
                    for (CachedConnection con: notification.getValue()) {
                            try {
                                if (!con.isClosed()) {
                                    con.close();
                                    con.parent.close();
                                }
                            } catch (SQLException e) {
                            }
                        }
                }
            })
            .build(new CacheLoader<String, BlockingQueue<Connection>>() {
            .build(new CacheLoader<String, BlockingQueue<CachedConnection>>() {
                @Override
                public BlockingQueue<Connection> load(String connectionString) throws Exception {
                public BlockingQueue<CachedConnection> load(String connectionString) throws Exception {
                    return new LinkedBlockingQueue<>();
                }
            });
@@ -61,11 +61,11 @@
    }

    static Connection getConnection(String connectionString, final int waitTime) throws Exception {
        Connection con=cached.get(connectionString).poll(waitTime,TimeUnit.MILLISECONDS);
        CachedConnection con=cached.get(connectionString).poll(waitTime,TimeUnit.MILLISECONDS);
        while(con!=null) {
            if (!con.isValid(0)) {
                try {
                    con.close();
                    con.parent.close();
                } catch (SQLException e) {
                    con=null;
                }
@@ -75,10 +75,10 @@
            }
        }
        try {
            con = DriverManager.getConnection(connectionString);
            con.setAutoCommit(false);
            con.setTransactionIsolation(TRANSACTION_READ_COMMITTED);
            return new CachedConnection(connectionString, con);
            final Connection conNew= DriverManager.getConnection(connectionString);
            conNew.setAutoCommit(false);
            conNew.setTransactionIsolation(TRANSACTION_READ_COMMITTED);
            return new CachedConnection(connectionString, conNew);
        }catch (SQLException e) { //max_connection server error: try recursion for reuse connection
            return getConnection(connectionString,(waitTime==0)?1:waitTime*2);
        }