Problems connecting from IdP to LDAP service
Mark Cairney
Mark.Cairney at ed.ac.uk
Tue Sep 20 17:34:52 BST 2011
Hi Daniel,
>
> Looks like a TimeLimitExceededException was thrown? Does your idp log
> confirm that?
>
> --Daniel Fisher
>
That's what we were seeing on Shib 2.1.5. Looking more closely at the
LDAP query it appeared to be attempting alias dereferencing which was
slowing down the search considerably. We've worked around it by upping
the connection timeout and reducing the scope to ONELEVEL.
I suppose there's now 2 questions outstanding:
1. Is there any way to control this behaviour on the Shib side?
2. On the LDAP side, why are these searches taking so long (7 seconds in
one case)?
--
The University of Edinburgh is a charitable body, registered in
Scotland, with registration number SC005336.
More information about the users
mailing list