added test for secure / insecure protocol

Author: iaorekhov-1980

conf/ldap.conf

@@ -42,9 +42,10 @@ ldap_user_basedn = ou=people,dc=domain,dc=com
 ldap_user_filter = (&(uid={login}))
 ldap_group_basedn = ou=group,dc=domain,dc=com
 
+# ldap_user_cache_timeout_s = 5 * 60;
+
 ## ldap_use_ssl - use secured connection to LDAP server if required (disabled by default)
 # ldap_use_ssl = false
-# ldap_user_cache_timeout_s = 5 * 60;
 
 # LDAP pool configuration
 # https://docs.spring.io/spring-ldap/docs/2.3.3.RELEASE/reference/#pool-configuration

fe/fe-common/src/main/java/org/apache/doris/common/LdapConfig.java

@@ -161,7 +161,6 @@ public class LdapConfig extends ConfigBase {
     /**
      * Flag to enable usage of LDAPS.
      */
-    @Deprecated
     @ConfigBase.ConfField
     public static boolean ldap_use_ssl = false;
 }

fe/fe-core/src/main/java/org/apache/doris/mysql/authenticate/ldap/LdapClient.java

@@ -65,8 +65,7 @@ public ClientInfo(String ldapPassword) {
 
         private void setLdapTemplateNoPool(String ldapPassword) {
             LdapContextSource contextSource = new LdapContextSource();
-            String url = (LdapConfig.ldap_use_ssl ? "ldaps://" : "ldap://") + NetUtils
-                    .getHostPortInAccessibleFormat(LdapConfig.ldap_host, LdapConfig.ldap_port);
+            String url = this.getURL();
 
             contextSource.setUrl(url);
             contextSource.setUserDn(LdapConfig.ldap_admin_name);
@@ -78,8 +77,7 @@ private void setLdapTemplateNoPool(String ldapPassword) {
 
         private void setLdapTemplatePool(String ldapPassword) {
             LdapContextSource contextSource = new LdapContextSource();
-            String url = (LdapConfig.ldap_use_ssl ? "ldaps://" : "ldap://") + NetUtils
-                    .getHostPortInAccessibleFormat(LdapConfig.ldap_host, LdapConfig.ldap_port);
+            String url = this.getURL();
 
             contextSource.setUrl(url);
             contextSource.setUserDn(LdapConfig.ldap_admin_name);
@@ -108,6 +106,11 @@ private void setLdapTemplatePool(String ldapPassword) {
         public boolean checkUpdate(String ldapPassword) {
             return this.ldapPassword == null || !this.ldapPassword.equals(ldapPassword);
         }
+
+        public String getURL() {
+            String url = (LdapConfig.ldap_use_ssl ? "ldaps" : "ldap") + "://" + NetUtils
+                    .getHostPortInAccessibleFormat(LdapConfig.ldap_host, LdapConfig.ldap_port);
+        }
     }
 
     private void init() {

fe/fe-core/src/test/java/org/apache/doris/mysql/authenticate/ldap/LdapClientTest.java

@@ -95,4 +95,25 @@ public void testGetGroups() {
         };
         Assert.assertEquals(1, ldapClient.getGroups("zhangsan").size());
     }
+
+    @Test
+    public void testSecuredProtocolIsUsed() {
+        //testing default case with not specified property ldap_use_ssl or it is specified as false
+        String insecureUrl = ldapClient.getURL();
+        Assert.assertNotNull("connection URL should not be null", insecureUrl);
+        Assert.assertTrue("with ldap_use_ssl connection = false or not specified URL should start with ldap, but received: " + insecureUrl,
+                          insecureUrl.startsWith("ldap://"));
+
+        //testing new case with specified property ldap_use_ssl as true
+        LdapConfig.ldap_use_ssl = true;
+        String secureUrl = ldapClient.getURL();
+        Assert.assertNotNull("connection URL should not be null", secureUrl);
+        Assert.assertTrue("with ldap_use_ssl = true URL connection should start with ldaps, but received: " + secureUrl,
+                          secureUrl.startsWith("ldaps://"));
+    }
+
+    @After
+    public void tearDown() {
+        LdapConfig.ldap_use_ssl = false; // restoring default value for other tests
+    }
 }