Diagnosing LDAP connection errors.

Tom Poage tfpoage at ucdavis.edu
Wed Sep 28 20:02:36 BST 2011

On 09/27/2011 11:16 AM, Cantor, Scott wrote:
> The empty strategy is what gets used when there is no pool. Every checkout
> of the pool creates a connection and the checkin destroys it.
> A recent poster indicated that leaving out a pool config causes the data
> connector to still reuse some connections. If that's true, it's below the
> layers of software and somewhere inside the JVM, because the code in the
> IdP is pretty clearly not doing any reuse.

Is there a way to monitor the number of (simultaneous) LDAP connections
on the IdP when pooling is not enabled?

One might sift through LDAP logs (ours are about 40 GB/day spread across
a handful of busy servers), perhaps infer from the number of SSO
requests logged prior to corresponding audit entries, or turn up
debugging and analyze IdP logs. These all seem to require 'stateful' log
file inspection.

I do see that when pooling is enabled and edu.vt.middleware.ldap is set
to DEBUG it reports pool size information.


More information about the users mailing list