IdP use of LDAP and connection pooling

Cantor, Scott cantor.2 at
Thu Sep 8 21:24:28 BST 2011

On 9/8/11 4:14 PM, "Daniel Fisher" <dfisher at> wrote:
>That's sounds very aggressive, and would certainly discourage pooling.
>Perhaps they don't want you holding connections open? We configure
>keep-alive on the servers (OpenLDAP, not AD) to encourage it.

There's also a load balancer involved (per your other comment) that could
be affecting it.

One thing that didn't make sense to me was that the expirationTime setting
in the connector is documented as causing the pool to eject stale
connections once they're unused for that length of time. If that's shorter
than the validation interval, I wouldn't expect the background validator
to even try those connections and see that they're closed, since they
should have just expired by then.

-- Scott

More information about the users mailing list