[jboss-jira] [JBoss JIRA] (WFLY-2214) LDAP security realm needs to have configurable timeouts

Darran Lofthouse (JIRA) jira-events at lists.jboss.org
Fri Oct 4 05:43:02 EDT 2013 

    [ https://issues.jboss.org/browse/WFLY-2214?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12809365#comment-12809365 ] 

Darran Lofthouse commented on WFLY-2214:
----------------------------------------

This actually raises an interesting point to also consider - if we can detect that the first server was not used maybe for a short period of time we should re-order the server list to give a higher priority to the server we know does exist.

As authentication also establishes a connection to the server to verify the password it would be beneficial to lower the priority of the missing server.
                
> LDAP security realm needs to have configurable timeouts
> -------------------------------------------------------
>
>                 Key: WFLY-2214
>                 URL: https://issues.jboss.org/browse/WFLY-2214
>             Project: WildFly
>          Issue Type: Bug
>          Components: Domain Management
>    Affects Versions: 8.0.0.Alpha4
>            Reporter: Derek Horton
>            Assignee: Darran Lofthouse
>             Fix For: 8.0.0.Beta1
>
>
> LDAP security realm needs to have configurable timeouts.
> The default LDAP connection timeout appears to be 2 minutes.  If the ldap server is down, it could take 2 minutes for the connection to timeout.  This can cause unneeded delay if you have configured multiple ldap servers for  failover / redundancy.
> The following hack appears to work:
> +++ domain-management/src/main/java/org/jboss/as/domain/management/connections/ldap/LdapConnectionManagerService.java
> @@ -132,6 +132,7 @@ public class LdapConnectionManagerService implements Service<LdapConnectionManag
>          result.put(Context.INITIAL_CONTEXT_FACTORY,initialContextFactory);
>          String url = config.require(URL).asString();
>          result.put(Context.PROVIDER_URL,url);
> +        result.put("com.sun.jndi.ldap.connect.timeout", "500");
>          return result;
>      }

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the jboss-jira mailing list