LDAP Url failover Issue with UnboundID / V4

Jarno Huuskonen jarno.huuskonen at uef.fi
Mon Dec 21 13:39:10 UTC 2020


On Mon, 2020-11-09 at 19:05 +0100, Etienne Dysli Metref wrote:
> On 09/11/2020 18.50, Etienne Dysli Metref wrote:
> > > Does IdP expose ldaptive / unboundID connection strategy / failoverset
> > > settings for authn ?
> > 
> > AFAIK v3 doesn't. We're currently running with only one LDAP URL, until
> > I can hack enough Spring beans together to change the connection
> > strategy to active-passive for password authentication.

Thanks Etienne.
Have you looked if idp-4.0.1 exposes ACTIVE_PASSIVE ConnectionStrategy by
default ?

I think we'd like to use two pools for authentication: pool1 for local
servers(two) and pool2 for servers in remote data center and have
active_passive set for both pools(with fairly short timeouts) and try to use
local servers(pool1) first and if that fails then use pool2 (with chained

Are chained CredentialValidator tried in sequence ?


> Here are my changes to conf/authn/ldap-authn-config.xml

Jarno Huuskonen

More information about the users mailing list