[jboss-user] [JBoss Portal] - Portal LDAP integration problems

juhani_g do-not-reply at jboss.com
Wed Apr 2 17:25:14 EDT 2008 

Hello,

I'm am using portal 2.6.4 installed on jboss-4.2.2.GA and trying to integrate Novell eDirectory with portal following the instructions in the ref manual. 

I can't get connection pooling to work. Here's my setup in identity-config.xml (actual values changed obviously):

   <datasources>
  |       <datasource>
  |          <name>LDAP</name>
  |          <config>
  |             <option>
  |                <name>host</name>
  |                <value>ldap.server.fi</value>
  |             </option>
  |             <option>
  |                <name>port</name>
  |                <value>389</value>
  |             </option>
  |             <option>
  |                <name>adminDN</name>
  |                <value>cn=sysportaladm,ou=system,dc=foobar,dc=fi</value>
  |             </option>
  |             <option>
  |                <name>adminPassword</name>
  |                <value>password</value>
  |             </option>
  |          </config>
  |       </datasource>
  |    </datasources>
  | 
The connection work perfectly but it's leaving connection open. This is what netstat says after startup:

tcp        0      0 portaltest.server:60678 ldap.server.fi:ldap    ESTABLISHED
tcp        0      0 portaltest.server:59187 ldap.server.fi:ldap    ESTABLISHED

And after a few clicks:

tcp        0      0 portaltest.server:53923 ldap.server.fi:ldap    ESTABLISHED
tcp        0      0 portaltest.server:54577 ldap.server.fi:ldap    ESTABLISHED
tcp        0      0 portaltest.server:50183 ldap.server.fi:ldap    ESTABLISHED
tcp        0      0 portaltest.server:50343 ldap.server.fi:ldap    ESTABLISHED
tcp        0      0 portaltest.server:60678 ldap.server.fi:ldap    ESTABLISHED
tcp        0      0 portaltest.server:59187 ldap.server.fi:ldap    ESTABLISHED
tcp        0      0 portaltest.server:35797 ldap.server.fi:ldap    ESTABLISHED
tcp        0      0 portaltest.server:33029 ldap.server.fi:ldap    ESTABLISHED

And after searching members in the admin the count is over 80

Eventually when users use the portal we end up with hundreds of connections and the portal hangs.

According to the documentation pooling should be working by default?

I tried to fiddle around with poolingMaxsize, initSize, and prefSize. For instance...

            <option>
  |                <name>poolingInitsize</name>
  |                <value>8</value>
  |             </option>
  |             <option>
  |                <name>poolingMaxsize</name>
  |                <value>16</value>
  |             </option>
  | 
...didn't have any effect.

Shouldn't the connection end up as TIME_WAIT (or something) status if they are released properly?

Well, I tried the ExternalContext way also by defining a mbean in jboss-service.xml without any pooling properties (don't know how to define them there). First I thought everything was working since I got about three connections after server startup in state ESTABLISHED. If the portal isn't used in an hour or so one can't log in - it just hangs and eventually I get the following in the logs:

2008-04-02 21:16:52,781 ERROR [org.jboss.portal.identity.auth.IdentityLoginModule] Error when validating password
org.jboss.portal.common.transaction.TransactionException: Abnormal status for ending a tx STATUS_ROLLEDBACK
        at org.jboss.portal.common.transaction.Transactions.end(Transactions.java:437)
        at org.jboss.portal.common.transaction.Transactions$3.noTxAfter(Transactions.java:625)
        at org.jboss.portal.common.transaction.Transactions.apply(Transactions.java:227)
        at org.jboss.portal.common.transaction.Transactions.required(Transactions.java:289)
        at org.jboss.portal.identity.auth.IdentityLoginModule.getUserStatus(IdentityLoginModule.java:223)
        at org.jboss.portal.identity.auth.IdentityLoginModule.validatePassword(IdentityLoginModule.java:177)
        at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:210)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:585)
        at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
        at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
        at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
        at java.security.AccessController.doPrivileged(Native Method)
        at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
        at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
        at org.jboss.security.plugins.JaasSecurityManager.defaultLogin(JaasSecurityManager.java:603)
        at org.jboss.security.plugins.JaasSecurityManager.authenticate(JaasSecurityManager.java:537)
        at org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:344)
        at org.jboss.web.tomcat.security.JBossSecurityMgrRealm.authenticate(JBossSecurityMgrRealm.java:491)
        at org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:257)
        at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:416)
        at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84)
        at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
        at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
        at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157)
        at org.apache.catalina.authenticator.SingleSignOn.invoke(SingleSignOn.java:393)
        at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
        at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:262)
        at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
        at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
        at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:446)
        at java.lang.Thread.run(Thread.java:595)
2008-04-02 21:16:52,782 DEBUG [org.jboss.portal.identity.auth.IdentityLoginModule] Bad password for username=a13577

Any clues to get this right?

The organization we are developing the portal for will have atleast 20000 users using it. We will be purchasing the JBoss Enterprise Portal Platform so that we get support if these final evaluations prove that we can use the product.

Other than this problem things have been pretty straightforward!

Thanks in advance,
Juhani

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4141113#4141113

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4141113

More information about the jboss-user mailing list