> It turns out the pooling uses > the binding username as part of the key to determine if a connection can > be reused.
Very interesting, I did not know this detail. Probably the best argument against JNDI pooling of LDAP connections. Our primary argument in the past was concern about remnants of the previous bind could accidentally be present on a subsequent bind by a different user. Apparently that is not a valid concern with the Sun JNDI provider; yet it should still be considered for other providers (if anyone uses anything but Sun). > does anyone know of a way to pool > SSL connections to LDAP, so that the connections are reused by multiple > binds for multiple users? An object pool that guarantees discarding of bind credentials/remnants after every bind. Unfortunately no such component exists that I'm aware of, and moreover the CAS auth handlers won't accept the Spring PoolingContextSource that would be a reasonable starting point for this hypothetical pooler. I'm open to developing a solution for your use case since it seems generally useful. I'd be curious, though, if anyone else would use it. Speak up if you're interested. Just curious, what directory server are you running? M -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
