IdP use of LDAP and connection pooling
fox at washington.edu
Thu Sep 8 20:15:54 BST 2011
We don't turn on any of the validation options. Looking at them now
the validatePeriodically looks like it might be useful.
On Thu, 8 Sep 2011, Cantor, Scott wrote:
> Date: Thu, 8 Sep 2011 12:10:14 -0700
> From: "Cantor, Scott" <cantor.2 at osu.edu>
> To: "users at shibboleth.net" <users at shibboleth.net>
> Reply-To: Shib Users <users at shibboleth.net>
> Subject: Re: IdP use of LDAP and connection pooling
> On 9/8/11 3:02 PM, "Jim Fox" <fox at washington.edu> wrote:
>> We use connection pooling for all our accesses to LDAP. We use TLS, and
>> the overhead of starting up a new session on each query seemed excessive
>> to me. Our openldap servers keep the sessions open all day.
> Are you using any of the validation options in the pooling element? I see
> the retry count defaults to 1 inside the vt-ldap code, so I'm sure no
> matter what I do, it's just going to drop the failed connection and retry.
> With some cases like that, the problem is if the closed connections hangs
> (very common with database pools) but these don't seem to.
> -- Scott
> To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net
More information about the users