thank you!!!!!!!!! thank you!!!!!!!!!!!!!!!!!!!!!!!!! Le jeudi 7 novembre 2019 19:07:47 UTC+1, Trenton D. Adams a écrit : > > This is also happening on Java 8 and 5.2.x I'll have to look into whether > that's valid for 5.2.x. > On 11/6/19 7:16 AM, n99 wrote: > > For anyone else who finds themselves scratching their head over this.... > > cas.authn.ldap[0].providerClass=org.ldaptive.provider.unboundid. > UnboundIDProvider > > > is the magic setting if you are using open JDK 9, 11, 12, 13. > > https://bugs.openjdk.java.net/browse/JDK-8217606 > > and > > "The JNDI provider is broken in Java version 9 and later. It is recommend > that you use the UnboundID provider with newer versions of Java and > ldaptive v1.x" at https://www.ldaptive.org/v1/ (not easy to find on the > ldaptive site) > > finally got us there. > > Shame this is not highlighted as an issue on the CAS 6.0.x docs....esp at > the fix with jdk 14 is not out until next year! > > > On Thursday, 31 October 2019 14:12:04 UTC, n99 wrote: >> >> Hi >> >> We are seeing issues with CAS 6.0.5 running against our OPEN Ldap where >> we are seeing too many connections being made to LDAP. >> >> . We have the following settings. >> >> cas.authn.ldap[0].type=AUTHENTICATED >> cas.authn.ldap[0].poolPassivator=NONE >> cas.authn.ldap[0].baseDn=[BASE_DN] >> cas.authn.ldap[0].searchFilter=[FILTER] >> cas.authn.ldap[0].bindDn=[LDAP_BIND_USER] >> cas.authn.ldap[0].bindCredential=[LDAP_BIND_CREDENTIAL] >> cas.authn.ldap[0].useSsl=false >> cas.authn.ldap[0].ldapUrl=[CAS_AUTHN_LDAP_LDAPURL] >> cas.monitor.ldap.ldapUrl=[CAS_AUTHN_LDAP_LDAPURL] >> cas.monitor.ldap.useSsl=false >> cas.monitor.ldap.poolPassivator=NONE >> >> Also I guess >> >> minPoolSize=3 >> maxPoolSize=10 >> >> are on by default. >> >> Using netstat to monitor the ESTABLISHED connections to our LDAP, I can >> see that CAS starts up with 18 connections that are then pruned down to 9. >> These remain after the periodic "validate task" process >> >> I can then see each login creates a new connection to LDAP, even if I >> login/logout as the same user each time in my browser. >> >> I increased the number of connections, testing this simple way, to 55 >> connections before stopping. >> >> I could see that these ESTABLISHED connections dropped away over time >> and eventually, after a few periodic "validate task" scheduled processes I >> got back down to 9 connections and 3 pools. >> >> I was wondering what behaviour I am seeing here? Why are there 3 >> connection pools sitting dormant? Is there anything to limit the number of >> connection pools and thus connections being created? Why do I see no >> apparent ldap connection re-use? >> >> Am I misunderstanding expected behaviour or have things configured >> incorrectly? >> >> We've not really changed default settings. (Although I did add >> poolPassivator=NONE which changed it from the default value of BIND, I >> believe. Under BIND, I was seeing 4 new connections being created per >> login!) >> >> I can post more info on our OPEN LDAP if that would be useful? >> >> Many thanks for any advice. >> >> cheers >> >> >> >> -- > - Website: https://apereo.github.io/cas > - Gitter Chatroom: https://gitter.im/apereo/cas > - List Guidelines: https://goo.gl/1VRrw7 > - Contributions: https://goo.gl/mh7qDG > --- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected] <javascript:>. > To view this discussion on the web visit > https://groups.google.com/a/apereo.org/d/msgid/cas-user/bdb832b9-0fd1-4987-9a61-9d61719a8422%40apereo.org > > <https://groups.google.com/a/apereo.org/d/msgid/cas-user/bdb832b9-0fd1-4987-9a61-9d61719a8422%40apereo.org?utm_medium=email&utm_source=footer> > . > > -- > Trenton D. Adams > Senior Systems Analyst/Web Software Developer > Applications Unit - ITS > Athabasca University > (780) 675-6195 > > It is only when you are surrounded by a supportive team, that you can achieve > your best. Instead of tearing people down, try building them up! > > -- > > This communication is intended for the use of the recipient to whom it is > addressed, and may contain confidential, personal, and or privileged > information. Please contact us immediately if you are not the intended > recipient of this communication, and do not copy, distribute, or take > action relying on it. Any communications received in error, or subsequent > reply, should be deleted or destroyed. > > --- >
-- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/99250d88-5fa2-40fc-9b64-c040364bbc71%40apereo.org.
