Add ldap IO timeout option to manager (#2267)

lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/DefaultValues.pm

@@ -138,12 +138,13 @@ sub defaultValues {
         'ldapGroupAttributeNameSearch'    => 'cn',
         'ldapGroupAttributeNameUser'      => 'dn',
         'ldapGroupObjectClass'            => 'groupOfNames',
+        'ldapIOTimeout'                   => 10,
         'ldapPasswordResetAttribute'      => 'pwdReset',
         'ldapPasswordResetAttributeValue' => 'TRUE',
         'ldapPwdEnc'                      => 'utf-8',
         'ldapSearchDeref'                 => 'find',
         'ldapServer'                      => 'ldap://localhost',
-        'ldapTimeout'                     => 120,
+        'ldapTimeout'                     => 10,
         'ldapUsePasswordResetAttribute'   => 1,
         'ldapVerify'                      => 'require',
         'ldapVersion'                     => 3,

lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/ReConstants.pm

@@ -45,7 +45,7 @@ our $authParameters = {
   githubParams => [qw(githubAuthnLevel githubClientID githubClientSecret githubUserField githubScope)],
   gpgParams => [qw(gpgAuthnLevel gpgDb)],
   kerberosParams => [qw(krbAuthnLevel krbKeytab krbByJs krbRemoveDomain)],
-  ldapParams => [qw(ldapAuthnLevel ldapExportedVars ldapServer ldapPort ldapVerify ldapBase managerDn managerPassword ldapTimeout ldapVersion ldapRaw ldapCAFile ldapCAPath LDAPFilter AuthLDAPFilter mailLDAPFilter ldapSearchDeref ldapGroupBase ldapGroupObjectClass ldapGroupAttributeName ldapGroupAttributeNameUser ldapGroupAttributeNameSearch ldapGroupDecodeSearchedValue ldapGroupRecursive ldapGroupAttributeNameGroup ldapPpolicyControl ldapSetPassword ldapChangePasswordAsUser ldapPwdEnc ldapUsePasswordResetAttribute ldapPasswordResetAttribute ldapPasswordResetAttributeValue ldapAllowResetExpiredPassword ldapITDS)],
+  ldapParams => [qw(ldapAuthnLevel ldapExportedVars ldapServer ldapPort ldapVerify ldapBase managerDn managerPassword ldapTimeout ldapIOTimeout ldapVersion ldapRaw ldapCAFile ldapCAPath LDAPFilter AuthLDAPFilter mailLDAPFilter ldapSearchDeref ldapGroupBase ldapGroupObjectClass ldapGroupAttributeName ldapGroupAttributeNameUser ldapGroupAttributeNameSearch ldapGroupDecodeSearchedValue ldapGroupRecursive ldapGroupAttributeNameGroup ldapPpolicyControl ldapSetPassword ldapChangePasswordAsUser ldapPwdEnc ldapUsePasswordResetAttribute ldapPasswordResetAttribute ldapPasswordResetAttributeValue ldapAllowResetExpiredPassword ldapITDS)],
   linkedinParams => [qw(linkedInAuthnLevel linkedInClientID linkedInClientSecret linkedInFields linkedInUserField linkedInScope)],
   nullParams => [qw(nullAuthnLevel)],
   oidcParams => [qw(oidcAuthnLevel oidcRPCallbackGetParam oidcRPStateTimeout)],

lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm

@@ -1660,6 +1660,10 @@ qr/^(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-
             'default' => 0,
             'type'    => 'bool'
         },
+        'ldapIOTimeout' => {
+            'default' => 10,
+            'type'    => 'int'
+        },
         'ldapITDS' => {
             'default' => 0,
             'type'    => 'bool'
@@ -1728,7 +1732,7 @@ m[^(?:ldapi://[^/]*/?|\w[\w\-\.]*(?::\d{1,5})?|ldap(?:s|\+tls)?://\w[\w\-\.]*(?:
             'type'    => 'bool'
         },
         'ldapTimeout' => {
-            'default' => 120,
+            'default' => 10,
             'type'    => 'int'
         },
         'ldapUsePasswordResetAttribute' => {

lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm

@@ -3304,9 +3304,14 @@ m{^(?:ldapi://[^/]*/?|\w[\w\-\.]*(?::\d{1,5})?|ldap(?:s|\+tls)?://\w[\w\-\.]*(?:
         },
         ldapTimeout => {
             type          => 'int',
-            default       => 120,
+            default       => 10,
             documentation => 'LDAP connection timeout',
         },
+        ldapIOTimeout => {
+            type          => 'int',
+            default       => 10,
+            documentation => 'LDAP operation timeout',
+        },
         ldapVersion => {
             type          => 'int',
             default       => 3,

lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Tree.pm

@@ -259,9 +259,9 @@ sub tree {
                                         'ldapServer',  'ldapPort',
                                         'ldapVerify',  'ldapBase',
                                         'managerDn',   'managerPassword',
-                                        'ldapTimeout', 'ldapVersion',
+                                        'ldapTimeout', 'ldapIOTimeout',
-                                        'ldapRaw',     'ldapCAFile',
+                                        'ldapVersion', 'ldapRaw',
-                                        'ldapCAPath',
+                                        'ldapCAFile', 'ldapCAPath',
                                     ]
                                 },
                                 {

lemonldap-ng-manager/site/htdocs/static/languages/ar.json

@@ -443,7 +443,8 @@
 "ldapSearchDeref":"الاسم المستعار",
 "ldapServer":"مضيف الخادم",
 "ldapSetPassword":"تعديل كلمة المرور مع عملية موسعة",
-"ldapTimeout":"مهلة",
+"ldapTimeout":"Connection timeout",
+"ldapIOTimeout": "Operation timeout",
 "ldapUsePasswordResetAttribute":"استخدام سمة إعادة الضبط",
 "ldapVerify":"Verify LDAP server certificate",
 "ldapVersion":"الإصدار",
@@ -1160,4 +1161,4 @@
 "samlRelayStateTimeout":"تناوب حالة مهلة الجلسة ",
 "samlUseQueryStringSpecific":"استخدام أسلوب query_string المعين",
 "samlOverrideIDPEntityID":"Override Entity ID when acting as IDP"
-}
+}

lemonldap-ng-manager/site/htdocs/static/languages/de.json

@@ -443,7 +443,8 @@
 "ldapSearchDeref":"Alias dereference",
 "ldapServer":"Server host",
 "ldapSetPassword":"Password modify extended operation",
-"ldapTimeout":"Timeout",
+"ldapTimeout":"Connection timeout",
+"ldapIOTimeout": "Operation timeout",
 "ldapUsePasswordResetAttribute":"Use reset attribute",
 "ldapVerify":"Verify LDAP server certificate",
 "ldapVersion":"Version",
@@ -1160,4 +1161,4 @@
 "samlRelayStateTimeout":"RelayState session timeout",
 "samlUseQueryStringSpecific":"Use specific query_string method",
 "samlOverrideIDPEntityID":"Override Entity ID when acting as IDP"
-}
+}

lemonldap-ng-manager/site/htdocs/static/languages/en.json

@@ -443,7 +443,8 @@
 "ldapSearchDeref":"Alias dereference",
 "ldapServer":"Server host",
 "ldapSetPassword":"Password modify extended operation",
-"ldapTimeout":"Timeout",
+"ldapTimeout":"Connection timeout",
+"ldapIOTimeout": "Operation timeout",
 "ldapUsePasswordResetAttribute":"Use reset attribute",
 "ldapVerify":"Verify LDAP server certificate",
 "ldapVersion":"Version",

lemonldap-ng-manager/site/htdocs/static/languages/fr.json

@@ -443,7 +443,8 @@
 "ldapSearchDeref":"Déréférence des alias",
 "ldapServer":"Hôte",
 "ldapSetPassword":"Opération étendue password modify",
-"ldapTimeout":"Temps maximum d'inactivité",
+"ldapTimeout":"Délai maximum de connexion",
+"ldapIOTimeout": "Délai maximum d'opération",
 "ldapUsePasswordResetAttribute":"Utiliser l'attribut de réinitialisation",
 "ldapVerify":"Vérifier le certificat du serveur LDAP",
 "ldapVersion":"Version",

lemonldap-ng-manager/site/htdocs/static/languages/it.json

@@ -443,7 +443,8 @@
 "ldapSearchDeref":"Alias dereference",
 "ldapServer":"Host del server",
 "ldapSetPassword":"Operazione prolungata di modifica password",
-"ldapTimeout":"Timeout",
+"ldapTimeout":"Connection timeout",
+"ldapIOTimeout": "Operation timeout",
 "ldapUsePasswordResetAttribute":"Utilizza l'attributo di ripristino",
 "ldapVerify":"Verify LDAP server certificate",
 "ldapVersion":"Versione",
@@ -1160,4 +1161,4 @@
 "samlRelayStateTimeout":"Timeout di sessione di RelayState",
 "samlUseQueryStringSpecific":"Utilizza il metodo specifico query_string",
 "samlOverrideIDPEntityID":"Sostituisci l'ID entità quando agisce come IDP"
-}
+}

lemonldap-ng-manager/site/htdocs/static/languages/pl.json

@@ -443,7 +443,8 @@
 "ldapSearchDeref":"Dereferencja aliasu",
 "ldapServer":"Host serwera",
 "ldapSetPassword":"Rozszerzona operacja modyfikacji hasła",
-"ldapTimeout":"Limit czasu",
+"ldapTimeout":"Connection timeout",
+"ldapIOTimeout": "Operation timeout",
 "ldapUsePasswordResetAttribute":"Użyj atrybutu reset",
 "ldapVerify":"Verify LDAP server certificate",
 "ldapVersion":"Wersja",
@@ -1160,4 +1161,4 @@
 "samlRelayStateTimeout":"Limit czasu sesji RelayState",
 "samlUseQueryStringSpecific":"Użyj określonej metody query_string",
 "samlOverrideIDPEntityID":"Zastąp identyfikator jednostki podczas działania jako IDP"
-}
+}

lemonldap-ng-manager/site/htdocs/static/languages/tr.json

@@ -443,7 +443,8 @@
 "ldapSearchDeref":"Takma ad yönlendirmeleri",
 "ldapServer":"Konak sunucu",
 "ldapSetPassword":"Parola değiştirme işlemi genişletilmiş",
-"ldapTimeout":"Zaman aşımı",
+"ldapTimeout":"Connection timeout",
+"ldapIOTimeout": "Operation timeout",
 "ldapUsePasswordResetAttribute":"Sıfırlama niteliklerini kullan",
 "ldapVerify":"LDAP sunucu sertifikasını doğrulayın",
 "ldapVersion":"Sürüm",
@@ -1160,4 +1161,4 @@
 "samlRelayStateTimeout":"RelayState oturum zaman aşımı",
 "samlUseQueryStringSpecific":"Spesifik query_string metodu kullan",
 "samlOverrideIDPEntityID":"IDP olarak davrandığında Varlık ID'yi geçersiz kıl"
-}
+}

lemonldap-ng-manager/site/htdocs/static/languages/vi.json

@@ -443,7 +443,8 @@
 "ldapSearchDeref":"Bí danh ngoại tham chiếu ",
 "ldapServer":"Máy chủ lưu trữ",
 "ldapSetPassword":"Mật khẩu sửa đổi hoạt động mở rộng",
-"ldapTimeout":"Thời gian chờ",
+"ldapTimeout":"Connection timeout",
+"ldapIOTimeout": "Operation timeout",
 "ldapUsePasswordResetAttribute":"Sử dụng thuộc tính đặt lại",
 "ldapVerify":"Verify LDAP server certificate",
 "ldapVersion":"Phiên bản",
@@ -1160,4 +1161,4 @@
 "samlRelayStateTimeout":"Thời gian hết hạn phiên RelayState ",
 "samlUseQueryStringSpecific":"Sử dụng phương pháp query_string cụ thể",
 "samlOverrideIDPEntityID":"Override Entity ID when acting as IDP"
-}
+}

lemonldap-ng-manager/site/htdocs/static/languages/zh.json

@@ -443,7 +443,8 @@
 "ldapSearchDeref":"Alias dereference",
 "ldapServer":"Server host",
 "ldapSetPassword":"Password modify extended operation",
-"ldapTimeout":"Timeout",
+"ldapTimeout":"Connection timeout",
+"ldapIOTimeout": "Operation timeout",
 "ldapUsePasswordResetAttribute":"Use reset attribute",
 "ldapVerify":"Verify LDAP server certificate",
 "ldapVersion":"版本",
@@ -1160,4 +1161,4 @@
 "samlRelayStateTimeout":"RelayState session timeout",
 "samlUseQueryStringSpecific":"Use specific query_string method",
 "samlOverrideIDPEntityID":"Override Entity ID when acting as IDP"
-}
+}