IdP use of LDAP and connection pooling

Daniel Fisher dfisher at
Fri Sep 9 15:02:18 BST 2011

On Thu, Sep 8, 2011 at 4:24 PM, Cantor, Scott <cantor.2 at> wrote:

> On 9/8/11 4:14 PM, "Daniel Fisher" <dfisher at> wrote:
> >
> >That's sounds very aggressive, and would certainly discourage pooling.
> >Perhaps they don't want you holding connections open? We configure
> >keep-alive on the servers (OpenLDAP, not AD) to encourage it.
> There's also a load balancer involved (per your other comment) that could
> be affecting it.
> One thing that didn't make sense to me was that the expirationTime setting
> in the connector is documented as causing the pool to eject stale
> connections once they're unused for that length of time. If that's shorter
> than the validation interval, I wouldn't expect the background validator
> to even try those connections and see that they're closed, since they
> should have just expired by then.
I think that's correct, if I understand what you're saying. A lower
expirationTime will cause those connections to be removed before the
validator even runs. So the connections won't be in the pool and therefore
won't be validated.

--Daniel Fisher
-------------- next part --------------
An HTML attachment was scrubbed...

More information about the users mailing list