Uploaded image for project: 'Crowd'
  1. Crowd
  2. CWD-5657

Authentication requests from LDAP is not pooled

    XMLWordPrintable

    Details

    • Feedback Policy:

      Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

      Description

      Authentication request for LDAP is not pooled and it leads to following error in the logs if there are multiple simultaneous request coming in through scripts or client:

      Symptoms:

      Directory 'localhost.com' is not functional during authentication of 'APIUser'. Skipped.
      Error occurred while trying to authenticate user 'APIUser'.
      localhost.com:636; nested exception is javax.naming.CommunicationException: localhost.com:636 \[Root exception is java.net.BindException: Address already in use: connect]
      

      Notice the logging below it explicitly says pooling is disabled:

      Logging with debug enabled below, shows it is writing logs from AbstractContextSource that pooling is not used:
      2020-10-29 16:06:56,312+0000 https-jsse-nio-443-exec-22 url:/jira/rest/api/2/search DEBUG anonymous 966x1488320x3 - 3.122.134.153 /rest/api/2/search [c.a.crowd.directory.SpringLDAPConnector] Authenticating user 'abc' with DN 'cn=service account jira jiraalign,ou=abc,ou=it,ou=main,dc=abc,dc=abc,dc=com'
      2020-10-29 16:06:56,312+0000 https-jsse-nio-443-exec-22 url:/jira/rest/api/2/search DEBUG anonymous 966x1488320x3 - 3.122.134.153 /rest/api/2/search [o.s.l.core.support.AbstractContextSource] AuthenticationSource not set - using default implementation
      2020-10-29 16:06:56,312+0000 https-jsse-nio-443-exec-22 url:/jira/rest/api/2/search DEBUG anonymous 966x1488320x3 - 3.122.134.153 /rest/api/2/search [o.s.l.core.support.AbstractContextSource] Not using LDAP pooling
      2020-10-29 16:06:56,312+0000 https-jsse-nio-443-exec-22 url:/jira/rest/api/2/search DEBUG anonymous 966x1488320x3 - 3.122.134.153 /rest/api/2/search [o.s.l.core.support.AbstractContextSource] Trying provider Urls: ldaps://localhost.com:636
      

      Expected Behavior:

      Pooling of connection should be used and new connection request should not fail with error above.

      Workaround:

      Switch to other authentication mechanism.

        Attachments

          Activity

            People

            Assignee:
            Unassigned Unassigned
            Reporter:
            vpandey2@atlassian.com Vikas Pandey
            Votes:
            4 Vote for this issue
            Watchers:
            3 Start watching this issue

              Dates

              Created:
              Updated: