idp.pool.LDAP.validatePeriod and Pruning
Fong, Trevor
trevor.fong at ubc.ca
Tue Nov 10 18:05:48 UTC 2020
Hi Everyone,
I have a question about LDAP connection pooling and pruning.
The latest Shib documentation describes the following LDAP pooling properties and defaults:
dp.pool.LDAP.validatePeriod
Duration
PT5M
Duration between validation, if idp.pool.LDAP.validatePeriodically is true
…
idp.pool.LDAP.idleTime
Duration
PT10M
Duration connections must be idle to be eligible for pruning
https://wiki.shibboleth.net/confluence/display/IDP4/LDAPAuthnConfiguration
If those above defaults were used, I don't think connections would ever get pruned, as no connection would ever be idle for 10 mins.
Please correct me if I'm mistaken.
Thanks,
Trev
Trevor Fong
Senior Programmer Analyst, Identity and Access Management
Cybersecurity | CISO Office
The University of British Columbia | Musqueam Traditional Territory
413 - 6356 Agricultural Road | Vancouver BC | V6T 1Z2 Canada
Phone 604 827 5247
Privacy Matters @ UBC
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20201110/f4c2012d/attachment.htm>
More information about the users
mailing list