On 01/29/2013 04:38 PM, Mosior, Benjamin wrote:
>
> I've been noticing a 2000-3000ms delay in the login process due to
> multiple LDAPS connections being made for any single authentication
> attempt. Non-SSL LDAP logins are nearly instantaneous. Switching to
> the FastBindLdapAuthenticationHandler helped some, but the delay is
> still near 1800ms
>
Here are a few things I might try:
* Use LDAP connection pooling (won't fix the slow connections, but
reduce the effect)
* From the CAS server, run ldapsearch against your ldaps server and
see how it performs (takes Java and CAS out of the picture)
* Use a packet capture tool like Wireshark to see if there are any
failed connections or slow responses
* Not sure if it applies in this case or with CAS, but we've had OCSP
lookup problems cause odd lag with SSL connections
Regards,
John
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
