The CredentialsToLDAPAttributePrincipalResolver should be able to use a pooled source (I believe. Marvin can you confirm?). The fast ldap handler should not though.
On Wed, Aug 29, 2012 at 4:30 PM, Carlos Fernandez <[email protected]> wrote: > Good afternoon,**** > > ** ** > > I’ve implemented a CAS server cluster (using JpaServiceRegistry, > JpaTicketRegistry, and session replication) and after some tuning we’ve > been able to address most performance issues. However we’re currently > seeing the following error in our logs:**** > > ** ** > > ERROR > [org.jasig.cas.authentication.principal.CredentialsToLDAPAttributePrincipalResolver] > - <Uncategorized**** > > exception occured during LDAP processing; nested exception is > javax.naming.NamingException: LDAP response read timed out, timeout us**** > > ed:3000ms.>**** > > ** ** > > We’re using FastBindLdapAuthenticationHandler since all of our user > accounts are placed in the same OU in LDAP and thus the DNs are easy to > generate. However, per the CAS User Manual, I’ve disabled pooling in my > LdapContextSource. Before I go and increase the timeout parameter, I was > wondering if I could use PoolingContextSource with > FastBindLdapAuthenticationAdapter. Most references that I’ve found seem to > indicate that it won’t work, or at least not do anything; at least one > recommends both FastBindLdapAuthenticationHandler and PoolingContextSource > in the same message. Will the combination work, or would I have to change > to BindLdapAuthenticationHandler if I want to set up LDAP connection > pooling and not use JNDI pooling?**** > > ** ** > > Thanks in advance,**** > > --**** > > Carlos M. Fernández**** > > Sr. Enterprise Systems Administrator**** > > *Saint Joseph’s University* > > Philadelphia PA 19131**** > > T: +1 610 660 1501**** > > ** ** > > -- > You are currently subscribed to [email protected] as: > [email protected] > > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
