What I need to do is connect to an LDAP, and then pass this connection to several classes, which do various steps of processing.
The problem I face is if I should pass the connection to these classes via the constructor, or if every class should manage his own connection.
The problem I see with the first approach is that the caller may not know that he is responsible for closing the stream by itself. The second approach also doesn't seem appropriate because opening/closing/reopening the connection also makes no sense.
Any ideas on this?
I don't know why you'd have several classes dealing with an LDAP. Maybe you should consider combining those scattered operations into a single class that has all responsibility for LDAP operations.
If that's not possible, your instincts are correct. The class that opens the connection should close it in a finally block. That should be the interface-based POJO service class that knows about the unit of work for that use case. There should be no doubt about where the responsibility lies. If you don't have such a service, create one.
If the operations aren't part of a single unit of work, then they should be managed by separate services. The comments from the previous paragraph still apply.
Are you pooling your LDAP connections? I hope so.
I'd recommend looking at the Spring LDAP module, especially if you're already a Spring user. It makes dealing with LDAP resources easy, the same way it does JDBC.