-
Type:
Suggestion
-
Resolution: Unresolved
-
None
-
Component/s: Authentication / Security
-
7
Authentication request for LDAP is not pooled and it leads to following error in the logs if there are multiple simultaneous request coming in through scripts or client:
Symptoms:
Directory 'localhost.com' is not functional during authentication of 'APIUser'. Skipped. Error occurred while trying to authenticate user 'APIUser'. localhost.com:636; nested exception is javax.naming.CommunicationException: localhost.com:636 \[Root exception is java.net.BindException: Address already in use: connect]
Notice the logging below it explicitly says pooling is disabled:
Logging with debug enabled below, shows it is writing logs from AbstractContextSource that pooling is not used: 2020-10-29 16:06:56,312+0000 https-jsse-nio-443-exec-22 url:/jira/rest/api/2/search DEBUG anonymous 966x1488320x3 - 3.122.134.153 /rest/api/2/search [c.a.crowd.directory.SpringLDAPConnector] Authenticating user 'abc' with DN 'cn=service account jira jiraalign,ou=abc,ou=it,ou=main,dc=abc,dc=abc,dc=com' 2020-10-29 16:06:56,312+0000 https-jsse-nio-443-exec-22 url:/jira/rest/api/2/search DEBUG anonymous 966x1488320x3 - 3.122.134.153 /rest/api/2/search [o.s.l.core.support.AbstractContextSource] AuthenticationSource not set - using default implementation 2020-10-29 16:06:56,312+0000 https-jsse-nio-443-exec-22 url:/jira/rest/api/2/search DEBUG anonymous 966x1488320x3 - 3.122.134.153 /rest/api/2/search [o.s.l.core.support.AbstractContextSource] Not using LDAP pooling 2020-10-29 16:06:56,312+0000 https-jsse-nio-443-exec-22 url:/jira/rest/api/2/search DEBUG anonymous 966x1488320x3 - 3.122.134.153 /rest/api/2/search [o.s.l.core.support.AbstractContextSource] Trying provider Urls: ldaps://localhost.com:636
Expected Behavior:
Pooling of connection should be used and new connection request should not fail with error above.
Workaround:
Switch to other authentication mechanism.