As I said, we do not have much visibility / access on the LDAP side to do a deep dive. Neither am I a networking expert but some more info on what actually happens (application - netstat log) when I say...tomcat(or JVM as you say) keeps on trying the 'broken' connection.. tcp 0 81 ::ffff:1.2.3.4:59356 ::ffff:4.3.2.1:636 ESTABLISHED 5009 587231913 on (51.70/14/0) tcp 0 81 ::ffff:1.2.3.4:59356 ::ffff:4.3.2.1:636 ESTABLISHED 5009 587231913 on (49.55/14/0) tcp 0 81 ::ffff:1.2.3.4:59356 ::ffff:4.3.2.1:636 ESTABLISHED 5009 587231913 on (47.39/14/0) tcp 0 81 ::ffff:1.2.3.4:59356 ::ffff:4.3.2.1:636 ESTABLISHED 5009 587231913 on (45.23/14/0) tcp 0 81 ::ffff:1.2.3.4:59356 ::ffff:4.3.2.1:636 ESTABLISHED 5009 587231913 on (43.08/14/0) tcp 0 81 ::ffff:1.2.3.4:59356 ::ffff:4.3.2.1:636 ESTABLISHED 5009 587231913 on (40.93/14/0) tcp 0 81 ::ffff:1.2.3.4:59356 ::ffff:4.3.2.1:636 ESTABLISHED 5009 587231913 on (38.77/14/0) tcp 0 81 ::ffff:1.2.3.4:59356 ::ffff:4.3.2.1:636 ESTABLISHED 5009 587231913 on (36.61/14/0) tcp 0 81 ::ffff:1.2.3.4:59356 ::ffff:4.3.2.1:636 ESTABLISHED 5009 587231913 on (34.45/14/0)
This keeps on going till the point a new connection is established as below... tcp 0 0 ::ffff:1.2.3.4:56309 ::ffff:4.3.2.1:636 ESTABLISHED 5009 587536364 off (0.00/0/0) 1.2.3.4 - app ip 4.3.2.1 - ldap ip You can see the timer part changing. Do you get any idea as to what exactly might be happening? -----Original Message----- From: André Warnier [mailto:a...@ice-sa.com] Sent: Monday, February 25, 2013 10:34 AM To: Tomcat Users List Subject: Re: Question regarding JNDIRealm - tomcat 6.0.35 Tanmoy Chatterjee wrote: > We are not using openldap but eDirectory. Unfortunately we do not have access > to the ldap configurations...only information we have is that after about 2 > mins of idle connection, ldap drops the same from its side. Bit if we see in > app server side using netstat, we can still see the same connection. Just a comment on what you say above : When "Tomcat" opens a connection, it is really the JVM under which Tomcat runs which does that, or in some cases some native code library. And this JVM / native library uses the OS TCP/IP stack to do that. What you see with netstat is the status of connections at the OS level. In other words, if netstat says that a connection is "established", then that is what it is, and any code in Tomcat will see it that way, and has no way to see it otherwise. So, on the face of it, there seems to be a contradiction between you saying on the one hand that the LDAP server closes the connection, and on the other hand that netstat shows the connection still being active. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
