Uploaded image for project: 'Jira Data Center'
  1. Jira Data Center
  2. JRASERVER-41025

Pool SSL LDAP connections

XMLWordPrintable

    • We collect Jira feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

      NOTE: This suggestion is for JIRA Server. Using JIRA Cloud? See the corresponding suggestion.

      Expected Behavior

      Pool LDAP connections over SSL (LDAPS) as performed when connecting over plain LDAP.

      Actual Behavior

      LDAPS connections are not pooled, requiring JIRA to renegotiate the connection every time. This leads to poor performance and could cause synchronization failures, as described on this KB article.

      Steps to Reproduce

      1. Setup any directory server with a considerable amount of users and groups (no limit pattern has been detected up until now);
      2. Enable SSL for the connection;
      3. Synchronize;

      Workaround for pooling connections over SSL

      Add the below argument to JIRA's startup options.

      -Dcom.sun.jndi.ldap.connect.pool.protocol='plain ssl'
      

      Workaround for improving synchronization time

      Albeit this won't resolve the pooling connections problem, it can significantly improve the synchronization time:

      1. Edit the LDAP directory:
      2. On Use the User Membership Attribute, under Membership Schema Settings:
        1. Uncheck "When finding the members of a group";
        2. Check "When finding the user’s group membership";
      3. Save the configuration and synchronize the directory;

              Unassigned Unassigned
              dunterwurzacher Denise Unterwurzacher [Atlassian] (Inactive)
              Votes:
              3 Vote for this issue
              Watchers:
              13 Start watching this issue

                Created:
                Updated:
                Resolved: