Strange warnings from IdP 3.2.1

Gerd Schering gerd.schering at tu-berlin.de
Wed Apr 27 08:58:14 EDT 2016


Hello Michael,

that seems to be the good idea! I set idp.pool.LDAP.validatePeriod = 20 and the 
warnings vanished. But 20 s seems very short to me, so I think I will contact our 
network staff.

Thanks a lot. If you made any other configuration changes to help this issue, please 
let me know.

Best,
Gerd

On 27.04.2016 14:14, Domingues, Michael D wrote:
>
> Sent that last message a bit too soon. As an explanatory follow up, while I was building out our IdPv3 clusters, I encountered that error when connections to our LDAP environment were getting killed by our F5 load balancer due to inactivity.
>
> I don't remember the specific configuration change I made off-hand, but it involved dropping the verification query interval to less than the load balancer's keep-alive window. Will follow-up with details once I get into the office, unless someone else chimes in before then.
>
> Michael
> ________________________________________
> From: Domingues, Michael D
> Sent: Wednesday, April 27, 2016 7:05:43 AM
> To: Shib Users
> Subject: Re: Strange warnings from IdP 3.2.1
>
> Hello Gerd,
>
> What is the default timeout on an inactive connection to your LDAP server? Also, is there a load-balancing device in front of your LDAP server(s) by any chance?
>
> Best,
> Michael Domingues
> Directory and Authentication Services, AIS, ITS
> University of Iowa
> ________________________________________
> From: users <users-bounces at shibboleth.net> on behalf of Gerd Schering <gerd.schering at tu-berlin.de>
> Sent: Wednesday, April 27, 2016 6:36:06 AM
> To: Shib Users
> Subject: Strange warnings from IdP 3.2.1
>
> Hi,
>
> I'm using a fresh install of IdP 3.2.1.
> Everything is working, but I get strange warnings in the idp-warn/process.logs:
>
> 2016-04-27 13:17:28,748 - WARN
> [org.ldaptive.AbstractOperation$ReopenOperationExceptionHandler:277] - Operation
> exception encountered, reopening connection
> 2016-04-27 13:17:28,810 - WARN
> [org.ldaptive.AbstractOperation$ReopenOperationExceptionHandler:277] - Operation
> exception encountered, reopening connection
> 2016-04-27 13:17:28,860 - WARN
> [org.ldaptive.AbstractOperation$ReopenOperationExceptionHandler:277] - Operation
> exception encountered, reopening connection
> 2016-04-27 13:17:29,015 - WARN
> [org.ldaptive.AbstractOperation$ReopenOperationExceptionHandler:277] - Operation
> exception encountered, reopening connection
> 2016-04-27 13:17:29,073 - WARN
> [org.ldaptive.AbstractOperation$ReopenOperationExceptionHandler:277] - Operation
> exception encountered, reopening connection
> 2016-04-27 13:17:29,120 - WARN
> [org.ldaptive.AbstractOperation$ReopenOperationExceptionHandler:277] - Operation
> exception encountered, reopening connection
>
> Each time that happens, exactly 6 messages. I could figure out that the time
> interval between subsequent warnings gets controlled by the
> idp.pool.LDAP.validatePeriod parameter, set in ldap.properties.
>
> Such warnings were an issue in version 3.1 of the IdP.
> But as said, I use version 3.2.1 and it is a fresh install not an upgrade.
> By the way, the staus page of the IdP says:
> DataConnector myLDAP: has never failed.
>
> Any hints will be appreciated,
> Gerd
>
> --
> ------------------------------------------------------
> -- Gerd Schering, Email: Schering at tubit.TU-Berlin.DE--
> ------------------------------------------------------
> --
> To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net
>


-- 
------------------------------------------------------
-- Gerd Schering, Email: Schering at tubit.TU-Berlin.DE--
-- TU Berlin, tubIT IT-Service-Center               --
-- Sekr. E-N 50, Einsteinufer 17, 10587 Berlin      --
-- phone: +49 30 314 24383, fax: +49 30 314 21060   --
------------------------------------------------------


More information about the users mailing list