Grouper Developers Forum

["Michael R. Gettes" <>]

I have always done it with SSL and it seems to work just
fine.  I admit I have not done so with TLS.

/mrg

On Apr 17, 2009, at 13:18, Jim Fox wrote:

> Sun's own documentation says not to try to use connection pooling with
> TLS.  Ignoring that I've tried many times to get it to work, both with
> grouper and with a shib 1.3 IdP.  All without success.  The VT library
> works just fine right out of the box.
>
> Jim
>
>
> On Fri, 2009-04-17 at 06:53 -0700, Michael R. Gettes wrote:
> > I thought the issue of the JNDI adapter was resolved some time
> > ago to allow for connection pooling?  This involved the setting
> > of an environment variable in the grouper code enabling the pooling
> > built into the sun code.  I also believe the sun jndi does support
> > ssl and connection pooling for ssl.  What leads you to believe it
> > doesn't?  What am i missing?
> >
> > /mrg
> >
> > On Apr 16, 2009, at 17:05, Jim Fox wrote:
> >
> > > (this is my initial look, not RLBob's)
> > >
> > > We are looking at Grouper as a possibly registry for our groups
> > > service,
> > > presently supported by an LDAP directory and a RESTful webservice.
> > > We're
> > > testing and planning, not yet installing.  These are some random
> > > issues
> > > we've encountered.  Not complaining, just thought I'd let you know.
> > >
> > > 1) Jndi source adapter
> > >
> > > The jndi classes from Sun do not support ldap connections using  
> > > ssl or
> > > tls very well.  They do not support connection pooling, thereby
> > > causing
> > > a lot of connection overhead.  We wrote a source adapter using the
> > > ldap
> > > library from virginia tech - the one used by shibboleth.  It works
> > > quite
> > > a bit more efficiently.