Guys i am using openfire 3.6.4 with openldap on ssl, its working f9, i need to enable java system property for
ldap connecitity time out performance, i am using two ldap servers so i want if primary server down then
openfire not wait for tcp timeout its switch to ldap2, so as per ldap guide. need to set system property for ldap
connect time out below.
com.sun.jndi.ldap.connect.timeout 5000 (5 secs delay)
How to enable or set this in openfire ?
Ref urls below
http://www.igniterealtime.org/builds/openfire/docs/latest/documentation/ldap-guide.html
You should set several Java system properties to change default pool settings. For more information, see the following pages:
Hi Muzi,
as already described on http://java.sun.com/products/jndi/tutorial/ldap/connect/config.html you have to specify a startup argument for the java vm. And I think this depends on your OS or distribution. I use debian and I can configure startup options within the file /etc/default/openfire. It looks like:
DAEMON_OPTS="-Xmx256m"
here you can add more parameters e.g.
DAEMON_OPTS="-Xmx256m -Dcom.sun.jndi.ldap.connect.pool.timeout=300000"
Hi @Guenther Niess
Thanks for your reply, but dear i tried this also but its not working. I pass options in /etc/sysconfig/openfire
OPENFIRE_OPTS="-Xmx1024m -Dcom.sun.jndi.ldap.connect.pool=true"
OPENFIRE_OPTS="-Xmx1024m -Dcom.sun.jndi.ldap.connect.timeout=5000"
But still ldap.connect.timeout not works, i enable connection pooling already but i think its not working on ssl,as openfire
debug logs, every connection creates its own connection not use pooling like below logs
2010.01.16 12:18:02 DefaultAdminProvider: Convert XML to provider.
2010.01.16 12:18:02 000013 (01/05/00) - Connection #3 tested: OK
2010.01.16 12:18:02 000014 (01/05/00) - Connection #3 tested: OK
2010.01.16 12:18:02 LdapManager: Trying to find a user’s DN based on their username. uid: muzi, Base DN: ou=“People”,dc=“mydomain”,dc=“com”…
2010.01.16 12:18:02 LdapManager: Creating a DirContext in LdapManager.getContext()…
2010.01.16 12:18:02 LdapManager: Created hashtable with context values, attempting to create context…
2010.01.16 12:19:14 000014 (01/05/00) - Connection #4 tested: OK
2010.01.16 12:19:14 000015 (01/05/00) - Connection #4 tested: OK
2010.01.16 12:19:14 LdapManager: Trying to find a user’s DN based on their username. uid: muzi, Base DN: ou=“People”,dc=“mydomain”,dc=“com”…
2010.01.16 12:19:14 LdapManager: Creating a DirContext in LdapManager.getContext()…
2010.01.16 12:19:14 LdapManager: Created hashtable with context values, attempting to create context
I am using SSL with ldap, so confirm what propery need to be set for enable connection pooling as per ldap openfire guide
**you must set a system property to enable pooling of SSL LDAP connections. what property need to enable for ssl ldap connection pooling ? **
http://www.igniterealtime.org/builds/openfire/docs/latest/documentation/ldap-gui de.html
I think this is the problem, as ldap.connect.timeout works with only pooled connections ?. So please suggest.
After R&D i come to know its not possible, LdapManager already use this function for 10seconds delay.
http://www.igniterealtime.org/issues/secure/attachment/10250/LdapManager.java
// Specify timeout to be 10 seconds, only on non SSL since SSL connections
// break with a teimout.
if (!sslEnabled) {
env.put("com.sun.jndi.ldap.connect.timeout", "10000");
}
It's now hurts me , i use SSL connection with ldap, so some chance of fixing it in future
or its a bug ?. I think SSL is know the common protocol and it must need to be fix.
Muzi.