3 Replies Latest reply on Sep 18, 2008 11:06 AM by Boleslaw Dawidowicz

    Using LdapLoginModule opens many connections to LDAP

    eyal zfira Newbie

      Hi,
      I'm using LdapLoginModule to authenticate users using the LDAP service.
      I see (using netstat) that there are hundreds (!!) of ESTABLISHED connections from my JBoss server to the LDAP server.
      There are more and more connections adding after almost every action I perform in my application. Eventually the application hangs.

      I tried adding pooling attributes to the login-config.xml but it didn't seem to solve the issue.

      here is the LDAP login-module from the login-config.xml:

      <login-module code="org.jboss.security.auth.spi.LdapLoginModule" flag="optional">
       <module-option name="password-stacking">useFirstPass</module-option>
       <module-option name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory</module-option>
       <module-option name="java.naming.provider.url">ldap://00.00.00.00/</module-option>
       <module-option name="java.naming.security.authentication">simple</module-option>
       <module-option name="java.naming.security.principal">cn=xxx</module-option>
       <module-option name="java.naming.security.credentials">xxx</module-option>
       <module-option name="principalDNPrefix">uid=</module-option>
       <module-option name="uidAttributeID">member</module-option>
       <module-option name="matchOnUserDN">true</module-option>
       <module-option name="principalDNSuffix">,ou=xxx,dc=xxx,dc=xxx</module-option>
       <module-option name="com.sun.jndi.ldap.connect.pool">true</module-option>
       <module-option name="com.sun.jndi.ldap.connect.pool.authentication">simple</module-option>
       <module-option name="com.sun.jndi.ldap.connect.pool.maxsize">20</module-option>
       <module-option name="com.sun.jndi.ldap.connect.pool.prefsize">10</module-option>
       <module-option name="com.sun.jndi.ldap.connect.pool.timeout">300000</module-option>
       <module-option name="com.sun.jndi.ldap.connect.pool.debug">fine</module-option>
      </login-module>


      Thanks!