Hi Teddy, Frustrated by similar timeout messages, I cobbled together a one page web app running on a CAS server that shows speedometer-like gauges indicating how long it takes to bind and search directory services used by CAS. I use it to help isolate connectivity problems - if our directory systems are under load, a gauge will typically report longer than normal bind and search times; if there is a freak networking anomaly the app will show a timeout.
If you haven't already, you might take a look at the con.sun.jndi.ldap read and bind timeout values in your cas.properties file to see if they are at a level that is reasonable for your systems and acceptable for your users. Another thought is to bump up the log level from INFO to DEBUG for a time and see if any patterns jump out. My experience is limited to just a few years and the only time a CommunicationException could be credited to the CAS app or a CAS server was when the read and bind timeout values were set too low. Most always the cause is connectivity to a directory or an overloaded directory system. Good luck! Dave -----Original Message----- From: Tadeusz Sacilowski [mailto:[email protected]] Sent: Tuesday, April 21, 2015 10:48 PM To: [email protected] Subject: [cas-user] Intermittent LDAP Connection Reset Hello, We are in the process of updating our CAS to version 3.5.3 using an LDAP (not LDAPS at the moment) for attributes. The current setup is two CAS nodes behind an f5 LTM for load balancing, using the Ehcache distributed ticket registry. All seems to be working ok for the most part except that we get the following intermittent login error: :org.springframework.ldap.CommunicationException: Connection reset; nested exception is javax.naming.CommunicationException: Connection reset [Root exception is java.net.SocketException: Connection reset]; remaining name 'ou=People,o=cp' Here are the first several lines from the trace in the CAS log: ERROR [org.jasig.cas.authentication.AuthenticationManagerImpl] - org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler threw error authenticating [username: teststudent] org.springframework.ldap.CommunicationException: Connection reset; nested exception is javax.naming.CommunicationException: Connection reset [Root exception is java.net.SocketException: Connection reset]; remaining name 'ou=People,o=cp' at org.springframework.ldap.support.LdapUtils.convertLdapException(LdapUtils.java:100) at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:318) at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:360) at org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler.authenticateUsernamePasswordInternal(BindLdapAuthenticationHandler.java:90) at org.jasig.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler.doAuthentication(AbstractUsernamePasswordAuthenticationHandler.java:71) at org.jasig.cas.authentication.handler.support.AbstractPreAndPostProcessingAuthenticationHandler.authenticate_aroundBody2(AbstractPreAndPostProcessingAuthenticationHandler.java:85) I've seen some related post here but haven't found any documented resolutions. Any suggestions on how to troubleshoot this? Thank you, Teddy -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
