Timeout when requesting status page while metadata refresh
Bergmann, Clemens
clemens.bergmann at tu-darmstadt.de
Thu Sep 2 12:06:29 UTC 2021
Hi,
I run two idps (currently 4.1.4) behind a Loadbalancer. The LB checks the /idp/status page to determine which IdP is responsive.
I noticed that sometimes one IdP gets removed from the LB. While investigating I found out, that The IdP times out when the status page is requested.
It seems that the rate (every 7-8 minutes) at which the timeout of the /idp/status page happens is the same of an error in the log that Remote metadata of one of my SPs could not be refreshed.
These IdPs are freshly set up and therefore also do not have backup of the remote metadata.
I configured that FileBackedHTTPMetadataProvider with failFastInitialization="false" and idp.service.metadata.failFast is not set so the default of false should be used.
[1] suggests that that the rest of the IdP (including /idp/status) should not be influenced by missing metadata in this configuration.
Can someone see any reason for this timeout?
[1] https://shibboleth.atlassian.net/wiki/spaces/IDP4/pages/1265631639/FileBackedHTTPMetadataProvider
Viele Grüße
Clemens (Bergmann)
--
Clemens Bergmann
Gruppe Nutzermanagement und Entwicklung
Technische Universität Darmstadt
Hochschulrechenzentrum, Alexanderstraße 2, 64289 Darmstadt
Tel. +49 6151 16 71184
<http://www.hrz.tu-darmstadt.de/> http://www.hrz.tu-darmstadt.de/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20210902/7e244be1/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 6377 bytes
Desc: not available
URL: <http://shibboleth.net/pipermail/users/attachments/20210902/7e244be1/attachment.p7s>
More information about the users
mailing list