That's it, just wanted to make sure you're actually using a pool. Can you post your complete configuration?
--Daniel Fisher On Thu, Jun 22, 2017 at 11:05 AM, David Hübner <[email protected]> wrote: > What exactly are we talking about? > I have cas.authn.ldap[0].minPoolSize and maxPoolSize set to default, so > 3/10. > > Or are you talking about something else? > > On Thursday, June 22, 2017 at 5:01:20 PM UTC+2, dfisher wrote: >> >> On Thu, Jun 22, 2017 at 9:18 AM, David Hübner <[email protected]> wrote: >> >>> Fast forward to authentication. There is a timeout when reading the LDAP >>> response. So essentially there never is a response. See the log below for >>> this part: >>> >>> 2017-06-22 15:07:13,564 DEBUG [org.ldaptive.SearchOperation] - <execute >>> request=[org.ldaptive.SearchRequest@1990922963::baseDn=dc=example,dc=org, >>> searchFilter=[org.ldaptive.SearchFilter@538592870::filter=uid={user}, >>> parameters={context=null, user=t.benutzer}], returnAttributes=[1.1], >>> searchScope=SUBTREE, timeLimit=PT0S, sizeLimit=0, derefAliases=null, >>> typesOnly=false, binaryAttributes=null, sortBehavior=UNORDERED, >>> searchEntryHandlers=null, searchReferenceHandlers=null, controls=null, >>> referralHandler=null, intermediateResponseHandlers=null] with >>> connection=[org.ldaptive.DefaultConnectionFactory$DefaultCon >>> nection@1341165364::config=[org.ldaptive.ConnectionConfig@ >>> 1707652548::ldapUrl=ldap://openldap-1.daasi.prj:3890, >>> connectTimeout=PT5S, responseTimeout=PT5S, sslConfig=[org.ldaptive.ssl.Ss >>> lConfig@215657008::credentialConfig=null, trustManagers=null, >>> enabledCipherSuites=null, enabledProtocols=null, >>> handshakeCompletedListeners=null], useSSL=false, useStartTLS=false, >>> connectionInitializer=[org.ldaptive.BindConnectionInitializer@983570221 >>> ::bindDn=cn=manager,dc=example,dc=org, bindSaslConfig=null, >>> bindControls=null], connectionStrategy=org.ldaptiv >>> e.DefaultConnectionStrategy@36e4c967], providerConnectionFactory=[org >>> .ldaptive.provider.jndi.JndiConnectionFactory@1968431256:: >>> metadata=[ldapUrl=ldap://openldap-1.daasi.prj:3890, count=1], >>> environment={com.sun.jndi.ldap.connect.timeout=5000, >>> java.naming.ldap.version=3, java.naming.factory.initial=co >>> m.sun.jndi.ldap.LdapCtxFactory, com.sun.jndi.ldap.read.timeout=5000}, >>> classLoader=null, providerConfig=[org.ldaptive.p >>> rovider.jndi.JndiProviderConfig@1701617828::operationExceptionResultCodes=[PROTOCOL_ERROR, >>> SERVER_DOWN], properties={}, controlProcessor=org.ldaptive. >>> provider.ControlProcessor@622e959f, environment=null, >>> tracePackets=null, removeDnUrls=true, >>> searchIgnoreResultCodes=[TIME_LIMIT_EXCEEDED, >>> SIZE_LIMIT_EXCEEDED, PARTIAL_RESULTS], classLoader=null, >>> sslSocketFactory=null, hostnameVerifier=null]], >>> providerConnection=org.ldaptive.provider.jndi.JndiConnection@296c3fc1]> >>> 2017-06-22 15:07:18,748 DEBUG >>> [org.ldaptive.provider.jndi.NamingExceptionUtils] >>> - <naming exception class javax.naming.NamingException is ambiguous, maps >>> to multiple result codes: [OPERATIONS_ERROR, ALIAS_PROBLEM, >>> ALIAS_DEREFERENCING_PROBLEM, LOOP_DETECT, AFFECTS_MULTIPLE_DSAS, OTHER]> >>> 2017-06-22 15:07:18,760 ERROR [org.apereo.cas.authentication >>> .PolicyBasedAuthenticationManager] - <[LdapAuthenticationHandler]: >>> [Unexpected LDAP error] (Details: [javax.naming.NamingException: LDAP >>> response read timed out, timeout used:5000ms.; remaining name >>> 'dc=example,dc=org'])> >>> 2017-06-22 15:07:18,761 WARN [org.apereo.cas.authentication >>> .PolicyBasedAuthenticationManager] - <Authentication has failed. >>> Credentials may be incorrect or CAS cannot find authentication handler that >>> supports [t.benutzer] of type [UsernamePasswordCredential], which suggests >>> a configuration problem.> >>> >>> >> What does your pooling configuration look like? >> >> --Daniel Fisher >> >> -- > - CAS gitter chatroom: https://gitter.im/apereo/cas > - CAS mailing list guidelines: https://apereo.github.io/cas/ > Mailing-Lists.html > - CAS documentation website: https://apereo.github.io/cas > - CAS project website: https://github.com/apereo/cas > --- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit https://groups.google.com/a/ > apereo.org/d/msgid/cas-user/b39f3769-4914-4bf9-a51a- > bbb3b799ca5a%40apereo.org > <https://groups.google.com/a/apereo.org/d/msgid/cas-user/b39f3769-4914-4bf9-a51a-bbb3b799ca5a%40apereo.org?utm_medium=email&utm_source=footer> > . > -- - CAS gitter chatroom: https://gitter.im/apereo/cas - CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html - CAS documentation website: https://apereo.github.io/cas - CAS project website: https://github.com/apereo/cas --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAFC6YwR95oOCv3bZjH-v64US4iPrC%2BC2%3D5CVv0zswpRxJ4j%3DrA%40mail.gmail.com.
