Hi, In my test environment, I am using BindLdapAuthenticationHandler (i.e., using a service account), and have two ldap servers (AD) and pooled=true in my AuthenticatedLdapContextSource (see below).
If I gracefully shut down my first ldap server, failover works ok. However, if I pull the power from the first ldap server (or disable its network interface), the pooled connections are still being used by new logins, and are not failing over. My browser shows a status 500 exception report, complaining that an LDAP response read timed out - presumably after a read for the user's DN times out. Is this expected? I assume the graceful shutdown terminates the pooled connection(s), but obviously, not all shutdowns are nice. I can't find a setting anywhere that would address it. There is a com.sun.jndi.ldap.pool.timeout, but that relates to idle connections. Not directly a CAS issue I know, but can anyone help, or should I just set pooled=false ? Here's my AuthenticatedLdapContextSource: <bean id="contextSource" class="org.jasig.cas.adaptors.ldap.util.AuthenticatedLdapContextSource"> <property name="urls"> <list> <value>ldap://dc0.test.local/</value> <value>ldap://dc1.test.local/</value> </list> </property> <property name="userName" value="cn=CAS User,ou=ServiceAccounts,dc=test,dc=local"/> <property name="password" value="secret"/> <property name="pooled" value="true" /> <property name="baseEnvironmentProperties"> <map> <entry key="com.sun.jndi.ldap.connect.timeout" value="3000"/> <entry key="com.sun.jndi.ldap.read.timeout" value="5000"/> <entry> <key> <value>java.naming.security.authentication</value> </key> <value>simple</value> </entry> </map> </property> </bean> My test environment is CAS 3.3, Tomcat 5.5.27, JDK 6u10, CentOS 5.2. Authenticating to Active Directory 2003. Cheers, Kevin
_______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
