IdP use of LDAP and connection pooling
Ryan Larscheidt
larscheidt at doit.wisc.edu
Thu Sep 8 20:16:53 BST 2011
A setting that is not specified on that page, but is useful to set, is "com.sun.jndi.ldap.read.timeout". It will save you when the IdP can connect to the directory server host, but the directory server process doesn't reply to the bind (because it's dead, etc). Otherwise, the IdP waits until the TCP connection times out, which is way too long.
Ryan
On Sep 8, 2011, at 2:01 PM, Chad La Joie wrote:
> Indirectly. They are VT LDAP provider options, you can find them here:
>
> http://code.google.com/p/vt-middleware/wiki/vtldapProperties
>
> On Thu, Sep 8, 2011 at 14:58, Cantor, Scott <cantor.2 at osu.edu> wrote:
>> On 9/8/11 2:49 PM, "Chad La Joie" <lajoie at itumi.biz> wrote:
>>
>>> The LDAP data connector does allow you to customize what exactly
>>> happens when a connection is closed unbeknownst to the IdP. The
>>> default is to just retry, I believe. I think the only time you'll
>>> ever see a connection failure is if your servers are actually
>>> unreachable.
>>
>> Is that option documented? I didn't see anything that jumped out. Not all
>> of the pool options are exposed in the XML, for example, so some of the
>> validateOnBorrow-type calls aren't exposed.
>>
>> -- Scott
>>
>> --
>> To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net
>>
>
>
>
> --
> Chad La Joie
> www.itumi.biz
> trusted identities, delivered
> --
> To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net
More information about the users
mailing list