Extremely slow IdP login
Kevin P. Foote
kpfoote at iup.edu
Thu Aug 2 07:01:49 EDT 2012
You can pull and use vt-ldap outside of the IdP...
It should work the same.
On Thu, 2 Aug 2012, Chad La Joie wrote:
-> In addition, there is also the potential difference in load if
-> ldapsearch is run on a different host and OS-level resource
-> restrictions (e.g., max number of open file handlers) if run under
-> different users.
-> The issue is almost certainly your LDAP server.
-> On Thu, Aug 2, 2012 at 5:58 AM, Peter Schober
-> <peter.schober at univie.ac.at> wrote:
-> > * Martin Haase <Martin.Haase at DAASI.de> [2012-08-02 11:38]:
-> >> I forgot - a command line ldapsearch from the same machine using the
-> >> same parameters returns promptly, so we deduce it would not be an LDAP
-> >> issue.
-> > Unless you have proof (e.g. with tcpdump) that the LDAP protocol
-> > messages sent in both cases are in fact the same I'd be sceptical
-> > of this conslusion.
-> > E.g. behaviour regarding chasing of referrals or dereferencing of
-> > aliases (if any such objects exists) will likely to be different
-> > unless you mimic the IdP's LDAP library's bahaviour exactly with
-> > options to the command line tools. Network and TLS behaviour might
-> > also be different from within the JVM as compared to native tools,
-> > etc.
-> > -peter
-> > --
-> > To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net
-> Chad La Joie
-> trusted identities, delivered
-> To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net
More information about the users