Uploaded image for project: 'Jira Platform Cloud'
  1. Jira Platform Cloud
  2. JRACLOUD-41025

Pool SSL LDAP connections

XMLWordPrintable

    • Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

      NOTE: This suggestion is for JIRA Cloud. Using JIRA Server? See the corresponding suggestion.

      Expected Behavior

      Pool LDAP connections over SSL (LDAPS) as performed when connecting over plain LDAP.

      Actual Behavior

      LDAPS connections are not pooled, requiring JIRA to renegotiate the connection every time. This leads to poor performance and could cause synchronization failures, as described on this KB article.

      Steps to Reproduce

      1. Setup any directory server with a considerable amount of users and groups (no limit pattern has been detected up until now);
      2. Enable SSL for the connection;
      3. Synchronize;

      Workaround for pooling connections over SSL

      Add the below argument to JIRA's startup options.

      -Dcom.sun.jndi.ldap.connect.pool.protocol='plain ssl'

      Workaround for improving synchronization time

      Albeit this won't resolve the pooling connections problem, it can significantly improve the synchronization time:

      1. Edit the LDAP directory:
      2. On Use the User Membership Attribute, under Membership Schema Settings:
        1. Uncheck "When finding the members of a group";
        2. Check "When finding the user’s group membership";
      3. Save the configuration and synchronize the directory;

              Unassigned Unassigned
              dunterwurzacher Denise Unterwurzacher [Atlassian] (Inactive)
              Votes:
              3 Vote for this issue
              Watchers:
              13 Start watching this issue

                Created:
                Updated:
                Resolved: