[OpenAM] LDAP Module failover
Bernhard Thalmayr
bernhard.thalmayr at painstakingminds.com
Mon Jul 9 04:02:47 EDT 2012
Have you read some of my postings regarding LDAP connection pool?
Are you familiar how TCP works in detail?
Am 7/9/12 9:57 AM, schrieb werdex86-yahoo:
> Hi,
> I have found this ticket
> https://bugster.forgerock.org/jira/browse/OPENAM-986
>
> -- the problem is how and when can it deteced if all connections in the
> connection pool are 'stale'.
> So LDAP module and LdapV3Repo will reconnect to the second server if the
> primary server is down (after the initialization but before next auth
> attempt) (I suppose we will have all connections in stale state in the
> pool)?
> Does LDAP module/ LdapV3Repo actually performs retry with another connection
> if connection is stale? Or it just invalidates the stale connection and only
> the second authentication attempt will use new LDAP server?
>
> P.S LDAP auth module provides a way to only to specify 2 ldap servers
> (primary and backup). However, in LdapV3Repo it is possible to specify more
> than 2 LDAP servers.
You can at least specify different server pairs for different OpenAM
instances. If more than one server fails you have an issue anyway.
>
>
>
> -----Original Message-----
> From: openam-bounces at forgerock.org [mailto:openam-bounces at forgerock.org] On
> Behalf Of Bernhard Thalmayr
> Sent: Monday, July 09, 2012 10:50 AM
> To: Users
> Subject: Re: [OpenAM] LDAP Module failover
>
> If does fail over ... the problem is how and when can it deteced if all
> connections in the connection pool are 'stale'.
>
> If the pool has not been initialized (or is reinitilized) and the target
> server sends a TCP RST it's easy ... in all other cases it's not that easy
> ... see my various postings about this topic....
>
> -Bernhard
>
> Am 7/9/12 9:30 AM, schrieb werdex86-yahoo:
>> Hi folks,
>>
>> Do we really have failover for LDAP module? It's seems that LDAP
>> module fetch the primaryServer name using local server name. But it
>> does not check/reconnect to other ldaps if LDAP is down.
>>
>> AFAIK LDAPV3Repo plugin handles automatic failover (correct me if I
>> wrong), so I want to have the similar behavior for LDAP module.
>>
>> Thanks.
>>
>>
>>
>> _______________________________________________
>> OpenAM mailing list
>> OpenAM at forgerock.org
>> https://lists.forgerock.org/mailman/listinfo/openam
>>
>
>
> --
> Painstaking Minds
> IT-Consulting Bernhard Thalmayr
> Herxheimer Str. 5, 83620 Vagen (Munich area), Germany
> Tel: +49 (0)8062 7769174
> Mobile: +49 (0)176 55060699
>
> bernhard.thalmayr at painstakingminds.com - Solution Architect
>
> This e-mail may contain confidential and/or privileged information.If you
> are not the intended recipient (or have received this email in
> error) please notify the sender immediately and delete this e-mail. Any
> unauthorized copying, disclosure or distribution of the material in this
> e-mail is strictly forbidden.
>
>
> _______________________________________________
> OpenAM mailing list
> OpenAM at forgerock.org
> https://lists.forgerock.org/mailman/listinfo/openam
>
> _______________________________________________
> OpenAM mailing list
> OpenAM at forgerock.org
> https://lists.forgerock.org/mailman/listinfo/openam
>
>
--
Painstaking Minds
IT-Consulting Bernhard Thalmayr
Herxheimer Str. 5, 83620 Vagen (Munich area), Germany
Tel: +49 (0)8062 7769174
Mobile: +49 (0)176 55060699
bernhard.thalmayr at painstakingminds.com - Solution Architect
This e-mail may contain confidential and/or privileged information.If
you are not the intended recipient (or have received this email in
error) please notify the sender immediately and delete this e-mail. Any
unauthorized copying, disclosure or distribution of the material in this
e-mail is strictly forbidden.
More information about the OpenAM
mailing list