IdP use of LDAP and connection pooling

Daniel Fisher dfisher at
Thu Sep 8 21:14:35 BST 2011

On Thu, Sep 8, 2011 at 4:08 PM, Cantor, Scott <cantor.2 at> wrote:

> Thanks...
> On 9/8/11 3:52 PM, "Daniel Fisher" <dfisher at> wrote:
> >
> >- are there ways to maintain connections and avoid the timeouts from the
> >client end?
> >
> >You should be able to configure periodic validation to guarantee your
> >connections are always alive.
> With AD, I'm seeing the connections close on the order of minutes, if not
> sooner. That doesn't seem to fit with that strategy, so perhaps AD is
> different.
> I'll probably have to just try it under load and see how they behave. Even
> if they close fast, constant use would keep them open.
That's sounds very aggressive, and would certainly discourage pooling.
Perhaps they don't want you holding connections open? We configure
keep-alive on the servers (OpenLDAP, not AD) to encourage it.

--Daniel Fisher
-------------- next part --------------
An HTML attachment was scrubbed...

More information about the users mailing list