IdP use of LDAP and connection pooling

Jim Fox fox at
Thu Sep 8 20:15:54 BST 2011

We don't turn on any of the validation options.  Looking at them now
the validatePeriodically looks like it might be useful.


On Thu, 8 Sep 2011, Cantor, Scott wrote:

> Date: Thu, 8 Sep 2011 12:10:14 -0700
> From: "Cantor, Scott" <cantor.2 at>
> To: "users at" <users at>
> Reply-To: Shib Users <users at>
> Subject: Re: IdP use of LDAP and connection pooling
> On 9/8/11 3:02 PM, "Jim Fox" <fox at> wrote:
>> We use connection pooling for all our accesses to LDAP.  We use TLS, and
>> the overhead of starting up a new session on each query seemed excessive
>> to me.  Our openldap servers keep the sessions open all day.
> Are you using any of the validation options in the pooling element? I see
> the retry count defaults to 1 inside the vt-ldap code, so I'm sure no
> matter what I do, it's just going to drop the failed connection and retry.
> With some cases like that, the problem is if the closed connections hangs
> (very common with database pools) but these don't seem to.
> -- Scott
> --
> To unsubscribe from this list send an email to users-unsubscribe at

More information about the users mailing list