2013/2/20 Tanmoy Chatterjee <tanmoy.chatter...@nxp.com>:
> Hello Cédric,
> The reason I want to do is as follows:
> I am facing the problem already expressed in
> https://issues.apache.org/bugzilla/show_bug.cgi?id=33774
> I see that the bug status shows as Fixed, however I still get the same Issue
> on the Stack mentioned earlier.
>
> Hence what I have done is that I have already extended the JNDIRealm class
> (CustomJNDIRealm) to disconnect as soon as authentication is successful.
> (ref:
> http://stackoverflow.com/questions/10911897/tomcat-7-0-14-ldap-authentication)
>
> public class CustomJNDIRealm extends JNDIRealm {
> @Override
> public Principal authenticate(String username, String credentials) {
> Principal principal = super.authenticate(username, credentials);
>
> if (context != null) {
> close(context);
> }
> return principal;
> }
> }
>
> Have tested this and I see it to be working great except a small problem.
> After tomcat starts successfully and remains idle i.e let's say there is no
> user who logs in (gets authenticated) for 5-10 mins...I face the same issue
> as mentioned in the above bug. This is because the initial connection to the
> LDAP exists and the above overridden authenticate () doesn't get called.
> Hence I want to prevent the initial connection started by tomcat to LDAP as
> well.
> I am looking for some good way of doing this only on tomcat start-up and not
> all other the times.
> What I am not able to understand is why Tomcat doesn't allow configurable
> parameters to either select / deselect the Realm connections on startup.
So you don't mind the initial connection but want to close it as soon
as possible. Then what about writing a custom start method in your
CustomJNDIRealm based on your overriding of the authenticate method :
@Override
public void start() throws LifecycleException {
super.start();
if (context != null) {
close(context);
}
}
To come back to the root of the problem. In tomcat6, there is a chance
an exception is thrown with JNDIRealm when no user has tried to log in
in a certain time.
That exception is logged at a WARNING level and I tend to ignore them
because tomcat retries anyway. I don't think you should do anything
just to avoid those.
Hope this helps,
Cédric
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
