Enable LDAP connection pool by default when using the Admin UI

Closes #35852

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>

federation/ldap/src/main/java/org/keycloak/storage/ldap/LDAPStorageProviderFactory.java

@@ -265,7 +265,8 @@ public class LDAPStorageProviderFactory implements UserStorageProviderFactory<LD
             }
         }
 
-        if(cfg.isStartTls() && cfg.getConnectionPooling() != null) {
+        // This parses the configuration directly as cfg.getConnectionPooling() will take into account the current StartTLS setting
+        if(cfg.isStartTls() && Boolean.parseBoolean(config.getConfig().getFirst(LDAPConstants.CONNECTION_POOLING))) {
             throw new ComponentValidationException("ldapErrorCantEnableStartTlsAndConnectionPooling");
         }
 

js/apps/admin-ui/maven-resources/theme/keycloak.v2/admin/messages/messages_en.properties

@@ -1530,7 +1530,7 @@ events-disable-title=Unsave events?
 ellipticCurve=Elliptic Curve
 forceArtifactBindingHelp=Should response messages be returned to the client through the SAML ARTIFACT binding system?
 forceAuthentication=Force authentication
-connectionPoolingHelp=Determines if Keycloak should use connection pooling for accessing LDAP server.
+connectionPoolingHelp=Determines if Keycloak should use connection pooling for accessing LDAP server. Connection pooling cannot be used if StartTLS is enabled.
 unlink=Unlink
 groupRemove_other=Groups removed
 claimFilterName=Essential claim

js/apps/admin-ui/src/user-federation/ldap/LdapSettingsConnection.tsx

@@ -167,7 +167,7 @@ export const LdapSettingsConnection = ({
         >
           <Controller
             name="config.connectionPooling"
-            defaultValue={["false"]}
+            defaultValue={["true"]}
             control={form.control}
             render={({ field }) => (
               <Switch

js/apps/admin-ui/src/user-federation/ldap/LdapSettingsSearching.tsx

@@ -134,7 +134,7 @@ export const LdapSettingsSearching = ({
         >
           <Controller
             name="config.pagination"
-            defaultValue={["false"]}
+            defaultValue={["true"]}
             control={form.control}
             render={({ field }) => (
               <Switch

testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/java/org/keycloak/testsuite/rest/resource/TestLDAPResource.java

@@ -77,7 +77,6 @@ public class TestLDAPResource {
         MultivaluedHashMap<String, String> ldapConfig = toComponentConfig(ldapCfg);
         ldapConfig.putSingle(LDAPConstants.SYNC_REGISTRATIONS, "true");
         ldapConfig.putSingle(LDAPConstants.EDIT_MODE, UserStorageProvider.EditMode.WRITABLE.toString());
-        ldapConfig.putSingle(LDAPConstants.CONNECTION_POOLING, "true");
         UserStorageProviderModel model = new UserStorageProviderModel();
         model.setLastSync(0);
         model.setChangedSyncPeriod(-1);

testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/LDAPRule.java

@@ -244,6 +244,7 @@ public class LDAPRule extends ExternalResource {
                 config.put(LDAPConstants.START_TLS, "true");
                 // Use truststore from TruststoreSPI also for StartTLS connections
                 config.put(LDAPConstants.USE_TRUSTSTORE_SPI, LDAPConstants.USE_TRUSTSTORE_ALWAYS);
+                config.put(LDAPConstants.CONNECTION_POOLING, "false");
                 break;
             default:
                 // Default to startTLS disabled