Skip to Content.
Sympa Menu

grouper-users - Re: [grouper-users] Speed up identification of new users from a source

Subject: Grouper Users - Open Discussion List

List archive

Re: [grouper-users] Speed up identification of new users from a source

Chronological Thread 
  • From: Sonia Zorba <>
  • To:
  • Subject: Re: [grouper-users] Speed up identification of new users from a source
  • Date: Wed, 14 Sep 2016 17:04:51 +0200
  • Ironport-phdr: 9a23:61MbgR1/rvD7eeQssmDT+DRfVm0co7zxezQtwd8ZsesQLPad9pjvdHbS+e9qxAeQG96Eu7QZ0KGP7ujJYi8p39WoiDg6aptCVhsI2409vjcLJ4q7M3D9N+PgdCcgHc5PBxdP9nC/NlVJSo6lPwWB6i760TlHFQ/4KBJ4PKHoAYPIlOy20fy/4Zvef18OiTagMp1oKxDjlgLXt8Bes4x4IK95ngnOuHFBU+Nf2XguJFSakVD9+pHjr9ZY7y1Mtqd5pIZ7WqLgcvFgQA==

Hi Shilen,

yes, I search for an user by email and if I don't find it I create a new LDAP account.
I paste some simplified code for testing.

Currently I set up a workaround loop which try to retrieve the subject multiple times, until it becames not null.

// --------------------------------------------------------

public class User {

private final String uid;

private final String email;

public User(String uid, String email) {

this.uid = uid; = email;


public String getUid() {

return uid;


public String getEmail() {

return email;



// --------------------------------------------------------

public class Util {

private static final Logger log = Logger.getLogger(Util.class.getName());

private static DirContext getDirContext() throws NamingException {

Hashtable<String, String> env = new Hashtable<>();


env.put(Context.PROVIDER_URL, "ldap://localhost:389";);

env.put(Context.SECURITY_AUTHENTICATION, "simple");

env.put(Context.SECURITY_PRINCIPAL, "cn=Manager,dc=.....");

env.put(Context.SECURITY_CREDENTIALS, ".....");

return new InitialDirContext(env);


public static List<User> getUsersByEmail(String emailAddress) {

GcGetSubjects gs = new GcGetSubjects();




WsSubject[] subjects = gs.execute().getWsSubjects();

if (subjects == null) {

return null;


List<User> users = new ArrayList<>();

for (WsSubject wsSubject : subjects) {

String mail = wsSubject.getAttributeValue(0);

if (emailAddress.equals(mail)) {

String uid = wsSubject.getAttributeValue(1);

users.add(new User(uid, mail));



if (users.isEmpty()) {

return null;


return users;


public static void createUser(String scope, User user) throws
NamingException {

Attributes attributes = new BasicAttributes();

attributes.put("objectClass", "inetOrgPerson");

attributes.put("mail", user.getEmail());

attributes.put("uid", user.getUid());

attributes.put("cn", "N/A");

attributes.put("sn", "N/A");

attributes.put("userPassword", "foo");

getDirContext().createSubcontext("uid=" + user.getUid() + "," +
scope, attributes);


public static List<String> getSubjectsIdsFromAttribute(String
attributeName, String attributeValue, boolean newlyCreatedUser) {

log.debug("Searching the id of a subject with the attribute '" + attributeName + "'
equals to '" + attributeValue + "'");

GcGetSubjects gs = new GcGetSubjects();



List<String> subjectsIds = new ArrayList<>();

for (int attempt = 1; attempt <= 40; attempt++) {

WsSubject[] subjects = gs.execute().getWsSubjects();

if (subjects != null) {

for (WsSubject subject : subjects) {

String retrievedAttribute = subject.getAttributeValue(0);

if (attributeValue.equals(retrievedAttribute)) {





if (!newlyCreatedUser) {

if (subjectsIds.isEmpty()) {

return null;


return subjectsIds;


if (!subjectsIds.isEmpty()) {

return subjectsIds;


log.debug("subjectId is null, attempt #" + attempt);

try {


} catch (InterruptedException ex) {



if (subjectsIds.isEmpty()) {

return null;


return subjectsIds;



// --------------------------------------------------------

public class MainTest {


public void test() throws Exception {

String email =

boolean newlyCreated = false;

List<User> users = Util.getUsersByEmail(email);

if (users == null) {

User user = new User(email, email);

Util.createUser("ou=custom_users,dc=oats,dc=inaf,dc=it", user);

newlyCreated = true;

users = new ArrayList<>();



for (User user : users) {

user.getEmail(), newlyCreated));

// Use subject id to add user into groups




Thank you for your time.


On 14/09/2016 16:03, Shilen Patel wrote:
Hi Sonia,

Are you running GcGetSubjects for a user, then adding the ldap account,
and then running GcGetSubjects again?

If so, then I could see the first query doing some caching. Although, I
haven't been able to reproduce it. Can you send exactly how you're doing
that query?


- Shilen

On 9/14/16, 6:07 AM, "Sonia Zorba"


I have an application that adds a new account to a LDAP (using
javax.naming classes).
This LDAP is a source for Grouper and, after the insertion, the
application try to retrieve the new account using the Grouper API

For about the first 30 seconds the subject is not found, after it is
retrieved correctly.

I imagine there could be a kind of cache or other reasons for this delay
but I wasn't able to find any reference about this in the documentation.

Can you suggest me what I should configure to speed up this process?


Archive powered by MHonArc 2.6.19.

Top of Page