Uploaded image for project: 'Crowd'
  1. Crowd
  2. CWD-4070

Pool SSL LDAP connections

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Resolved (View Workflow)
    • Priority: Low
    • Resolution: Fixed
    • Affects Version/s: 2.7.1
    • Fix Version/s: 2.8.2
    • Component/s: Performance
    • Labels:
      None

      Description

      LDAP connections over SSL are not pooled, meaning each operation acquires a new TCP connection as well as negotiating SSL. This significantly increases the time taken for operations like synchronisation.

      For a default Crowd with no pooling configuration changes, synchronisation is single threaded, so only a single connection is made. (In testing, two connections; it's not clear if that's due to multiple threads or a single connection only being reused so many times.)

      In terms of impact, a synchronisation with OpenLDAP that took 1m45 without SSL took as much as 8m15 when SSL was enabled.

      Fixing this may require CWD-2790.

        Attachments

          Issue Links

            Activity

              People

              • Votes:
                5 Vote for this issue
                Watchers:
                19 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:
                  Last commented:
                  3 years, 48 weeks, 4 days ago