2 Replies Latest reply on Oct 4, 2016 3:06 PM by simranjeetsingh1786

    Set timeout property for ldap Connections

    simranjeetsingh1786
    simranjeetsingh1786 Oct 3, 2016 3:35 PM

      Hi,

       

      i am getting a socket closed exception in the logs.

      TRACE [org.jboss.as.domain.management.security] (management task-2) Unable to verify identity.: javax.naming.ServiceUnavailableException: <my_ldapserver>:636; socket closed

       

      Is there any way i can increase the time out for ldap.

       

      I tried adding properties in outbound configuration in ldap, but it does not seem to work.

       

      <property name="com.sun.jndi.ldap.connect.timeout" value="100000" />

          <property name="com.sun.jndi.ldap.read.timeout" value="200000" />

       

      Can anybody please help me on this issue ?

       

      Message was edited by: Simranjit Singh

      • 842 Views
      • Tags:
        • 1. Re: Set timeout property for ldap Connections
          mchoma
          mchoma Oct 4, 2016 1:30 AM (in response to simranjeetsingh1786)

          Hi,

           

          probably it has nothing to do with timeouts.

           

          you are connecting to port 636, what use to be ldaps protocol (ldap over TLS).  And you get "Unable to verify identity" , so probably your truststore doesn't contain proper certificate of server.

           

          Does it work on non-secured connection?

           

          Martin

            • Actions
          • 2. Re: Set timeout property for ldap Connections
            simranjeetsingh1786
            simranjeetsingh1786 Oct 4, 2016 3:06 PM (in response to mchoma)

            Hi Martin,

             

            I am not using any truststore for connecting to ldap Server.

            Below is the snippet from standalone.xml configuration for ldap

             

            <security-realm name="ManagementRealm">

                            <authentication>

              <ldap connection="LDAP" base-dn="ou=divisions,dc=corp,dc=mydomain,dc=com" recursive="false">

              <advanced-filter filter="(&amp;(sAMAccountName={%v})(objectcategory=user)(memberOf=cn=xxxx,ou=Service Accounts,dc=corp,dc=mydomain,dc=com))"/>

              </ldap>

                            </authentication>

                            <authorization map-groups-to-roles="false">

                                <properties path="mgmt-groups.properties" relative-to="jboss.server.config.dir"/>

                            </authorization>

                        </security-realm>

             

            <outbound-connections> 

              <ldap name="LDAP" url="ldap://ldapserver_name:636/" search-dn="cn=xxxx,ou=Service Accounts,dc=corp,dc=mydomain,dc=com" search-credential="password">

              <properties> 

                 <property name="com.sun.jndi.ldap.read.timeout" value="1000" /> 

              </properties>

              </ldap>

              </outbound-connections>

              • Actions