https://issues.apache.org/bugzilla/show_bug.cgi?id=54587
--- Comment #5 from Eric Covener <[email protected]> --- (In reply to comment #4) > Hi! > > we set LDAPConnectionTimeout 60 in the configuration and tested your > patch. With this patch, it looks like there is no connection pooling. All > connections to ldap seem to be closed immediately after the ldap > authentication process. > > ldap_free_request (origid 3, msgid 3) > ldap_parse_result > ldap_msgfree > ldap_get_values > ldap_msgfree > ldap_free_connection 1 1 > ldap_send_unbind > TLS trace: SSL3 alert write:warning:close notify > ldap_free_connection: actually freed That is true for connections used for authentication, because they have been bound as the web users DN/password and should not be re-used. Connections used for authz should not behave like this though. The old code marked it as unbound but did not unbind it. This would cause it to do e.g.: ldap_open ldap_simple_bind (reused) ldap_simple_bind I do not know if this is valid. If it were, then I think we just need a third state instead of bound/unbound and the check for the TTL needs to be aware of it. -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
