Hi Guys
I am using Openfire 3.6.4 with Openldap, its working f9 with openldap auth, i define two ldap hosts, i test the
ldap fail over below two cases.
Case1: If primary ldap is running and pinging but ldap service is not running for some reasons
Case2: If primary ldap is down/unreachable/network time out from isp side
Currently ldap failover auth works in case1 only but not working for case2, is there need to add some
additonal server property value to make it effective ?.
Please suggest
Thanks
Muzi
Correction above in version define
Version using 3.6.4
More Info:
My ldap client library sets also network time out parameter to 4 seconds and its working f9/perfect with
ldap clients like (apache,ssh) etc. but openfire not effective also,if primary ldap1 is down
In debug logs, its not show any info to switch to ldap2, still trying to connect with ldap1.
2010.01.12 16:15:53 LdapManager: … context created successfully, returning.
2010.01.12 16:15:53 LdapManager: Starting LDAP search…
2010.01.12 16:15:53 LdapManager: … search finished
2010.01.12 16:15:53 LdapManager: In LdapManager.checkAuthentication(userDN, password), userDN is: uid=“muelasar”…
2010.01.12 16:15:53 LdapManager: Created context values, attempting to create context…
Please suggest. what need to do extra.
Muzi
kHi Guys
As per openfire ldap guide.
http://www.igniterealtime.org/builds/openfire/docs/latest/documentation/ldap-gui de.html
You should set several Java system properties to change default pool settings. For more information, see the following pages:
I tried to use the below system properies and add in openfire via system properties with values
com.sun.jndi.ldap.connect.pool true
com.sun.jndi.ldap.connect.timeout 5000 (for 5 seconds)
`com.sun.jndi.ldap.connect.pool.timeout 5000 `(for 5 seconds)
But it not works, i not understand either these need to be set on openfire system properties or need to
install java for it, as openfire already java.
please suggest. where these java system properties need to be set ?.
A look on http://www.igniterealtime.org/community/docs/DOC-1061 says:
ldap.connectionPoolEnabled
a value of “false” disables LDAP connection pooling.
true
so the default value should be already true and the pool should be enabled, but you could try to make this explicit. I haven’t used this before, but maybe this helps.
Hi Niess
I try with out above options using, and currently value of connection pool is true by default, but problem
need to set Java system properties to change default pool settings
like for ldap time out set --> com.sun.jndi.ldap.connect.timeout
but i cant find the way from where its need to be set, i tried to set this in system properties of openfire
but its not effective. Can you please guide where i need to modify or set this option ? and also thanks for
your reply.
Thanks
As per LdapManger.html in openfire docs
ldap.initialContextFactory – if this value is not specified, “com.sun.jndi.ldap.LdapCtxFactory” will be used.
So i think --> com.sun.jndi.ldap.connect.timeout is by default use and its default time is 10 seconds i think ?
One thing more i am using SSL so i think its no problem with SSL ?
I think may be its a bug if by default set or need to set ?, i want to set time out option for 5sec delay.
Please help and suggest.
Muzi
Can no one using ldap connection pooling over ssl ? or not have any suggestions ? I think i am the only
one who use it and need to find solution myself
Where are the top members of community. I not enjoying commuinity, no response except mr Neizz, i am thankful
to mr Neizz who respond in this thread, but its good luck to me if i touch with seniors in this thread
Muzi.