Skip to Content.
Sympa Menu

grouper-dev - [grouper-dev] RE: [grouper] Grouper 2.1.5 loses track of ldap connection (#43)

Subject: Grouper Developers Forum

List archive

[grouper-dev] RE: [grouper] Grouper 2.1.5 loses track of ldap connection (#43)


Chronological Thread 
  • From: Chris Hyzer <>
  • To: Chris Hyzer <>, Internet2/grouper <>, Internet2/grouper <>
  • Cc: "" <>
  • Subject: [grouper-dev] RE: [grouper] Grouper 2.1.5 loses track of ldap connection (#43)
  • Date: Wed, 24 Jun 2015 12:46:22 +0000
  • Accept-language: en-US

Fyi this fixed the issue:

 

Just one line in ldap.properties:

 

edu.vt.middleware.ldap.pool.validateOnCheckOut=true

 

Thanks Hans!

 

Chris

 

 

From: [mailto:] On Behalf Of Chris Hyzer
Sent: Monday, June 22, 2015 7:01 PM
To: Internet2/grouper; Internet2/grouper
Cc:
Subject: [grouper-dev] RE: [grouper] Grouper 2.1.5 loses track of ldap connection (#43)

 

Are there vt-ldap settings that might help?

 

Make an ldap.properties in your classpath and maybe try changing some of these:

 

https://code.google.com/p/vt-middleware/wiki/vtldapPooling

 

 

edu.vt.middleware.ldap.pool.validateOnCheckIn

false

whether connections should be validated when objects are returned to the pool

edu.vt.middleware.ldap.pool.validateOnCheckOut

false

whether connections should be validated when objects are loaned out from the pool

edu.vt.middleware.ldap.pool.validatePeriodically

false

whether connections should be validated periodically when the pool is idle

edu.vt.middleware.ldap.pool.pruneTimerPeriod

300000 (5 min)

period at which pool should be pruned

edu.vt.middleware.ldap.pool.validateTimerPeriod

1800000 (30 min)

period at which pool should be validated

edu.vt.middleware.ldap.pool.expirationTime

600000 (10 min)

time an object can stay in the pool before it is considered stale and available for pruning

 

 

edu.vt.middleware.ldap.operationRetry

1

specifies the number of times an LDAP operation will be retried if a retry exception occurs; set to -1 for infinite retries

edu.vt.middleware.ldap.operationRetryWait

0

the amount of time in milliseconds that LDAP operations should wait before retrying

edu.vt.middleware.ldap.operationRetryBackoff

0

factor by which to multiply the operation retry wait time; this allows clients to progressively delay each retry

edu.vt.middleware.ldap.operationRetryExceptions

{CommunicationException, ServiceUnavailableException}

exception classes to retry operations on; supports a comma delimited list for multiple values

 

Not sure if retry will get a new connection… maybe have retry as high as your pool size?  Validate on checkin?  Validate periodically?  Expire the connections after a minute?  Validate every minute? 

 

Let us know if anything works

 

Thanks,

Chris

 

 

 

 

From: Hans Westerbeek []
Sent: Monday, June 22, 2015 7:49 AM
To: Internet2/grouper
Subject: [grouper] Grouper 2.1.5 loses track of ldap connection (#43)

 

Hi,

I am having some issues with the LDAP connection pool managed by Grouper. When grouper first starts up, things are fine. After a period of inactivity (and this occurs more often than not on our test-stage), we are seeing the following exception.

Grouper does not recover from this connection failure. The only remedy I found until now is to restart it.

Is this a known issue? Do other workarounds exist?

2015-06-16 10:55:34,772: [TP-Processor8] ERROR WsGetMembershipsResults.assignResultCodeException(384) - <  gadget - 10.0.0.122 > - clientVersion: 1.6.<
 /span>0, wsGroupLookups: null, wsMemberFilter: All, includeSubjectDetail: false, actAsSubject: null, fieldName: null, fieldType: null, subjectAttributeNames: null
, paramNames: 
, params: null
, wsSubjectLookups: Array size: 1: [0]: WsSubjectLookup[subjectId=urn:collab:person:example.com:admin]
 
, sourceIds: null
, scope: null, wsStemLookup: null, stemScope: null, enabled: null
, membershipIds: null
, wsStemLookups: null
, wsAttributeDefLookups: null
java.lang.RuntimeException: Cant find subject from login id: gadget
    at edu.internet2.middleware.grouper.ws.GrouperServiceJ2ee$1.callback(GrouperServiceJ2ee.java:261)
    at edu.internet2.middleware.grouper.GrouperSession.callbackGrouperSession(GrouperSession.java:803)
    at edu.internet2.middleware.grouper.ws.GrouperServiceJ2ee.retrieveSubjectLoggedIn(GrouperServiceJ2ee.java:246)
    at edu.internet2.middleware.grouper.ws.GrouperServiceJ2ee.retrieveSubjectActAsHelper(GrouperServiceJ2ee.java:358)
    at edu.internet2.middleware.grouper.ws.GrouperServiceJ2ee.retrieveSubjectActAs(GrouperServiceJ2ee.java:330)
    at edu.internet2.middleware.grouper.ws.util.GrouperServiceUtils.retrieveGrouperSession(GrouperServiceUtils.java:849)
    at edu.internet2.middleware.grouper.ws.GrouperServiceLogic.getMemberships(GrouperServiceLogic.java:1584)
    at edu.internet2.middleware.grouper.ws.coresoap.GrouperService.getMemberships(GrouperService.java:2428)
    at edu.internet2.middleware.grouper.ws.rest.GrouperServiceRest.getMemberships(GrouperServiceRest.java:1285)
    at edu.internet2.middleware.grouper.ws.rest.method.GrouperWsRestGet$7.service(GrouperWsRestGet.java:386)
    at edu.internet2.middleware.grouper.ws.rest.method.GrouperRestHttpMethod$1.service(GrouperRestHttpMethod.java:57)
    at edu.internet2.middleware.grouper.ws.rest.GrouperRestServlet.service(GrouperRestServlet.java:199)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
    at edu.internet2.middleware.grouper.ws.GrouperServiceJ2ee.doFilter(GrouperServiceJ2ee.java:659)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
    at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:558)
    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:298)
    at org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:190)
    at org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:291)
    at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:769)
    at org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:698)
    at org.apache.jk.common.ChannelSocket$SocketConnection.runIt(ChannelSocket.java:891)
    at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:690)
    at java.lang.Thread.run(Thread.java:745)
Caused by: edu.internet2.middleware.subject.SourceUnavailableException: Ldap NamingException: LDAP response read timed out, timeout used:-1ms.
    at edu.internet2.middleware.subject.provider.LdapSourceAdapter.getLdapResultsHelper(LdapSourceAdapter.java:704)
    at edu.internet2.middleware.subject.provider.LdapSourceAdapter.getLdapResults(LdapSourceAdapter.java:591)
    at edu.internet2.middleware.subject.provider.LdapSourceAdapter.getLdapUnique(LdapSourceAdapter.java:724)
    at edu.internet2.middleware.subject.provider.LdapSourceAdapter.getSubject(LdapSourceAdapter.java:314)
    at edu.internet2.middleware.subject.provider.BaseSourceAdapter.getSubjectByIdOrIdentifier(BaseSourceAdapter.java:164)
    at edu.internet2.middleware.grouper.subj.SourcesXmlResolver$4.callLogic(SourcesXmlResolver.java:517)
    at edu.internet2.middleware.grouper.subj.SourcesXmlResolver$4.callLogic(SourcesXmlResolver.java:514)
    at edu.internet2.middleware.grouper.subj.SourcesXmlResolver$LogLabelCallable.call(SourcesXmlResolver.java:170)
    at edu.internet2.middleware.grouper.subj.SourcesXmlResolver.executeCallables(SourcesXmlResolver.java:231)
    at edu.internet2.middleware.grouper.subj.SourcesXmlResolver.findByIdOrIdentifier(SourcesXmlResolver.java:523)
    at edu.internet2.middleware.grouper.subj.CachingResolver.findByIdOrIdentifier(CachingResolver.java:377)
    at edu.internet2.middleware.grouper.subj.ValidatingResolver.findByIdOrIdentifier(ValidatingResolver.java:202)
    at edu.internet2.middleware.grouper.SubjectFinder.findByIdOrIdentifier(SubjectFinder.java:160)
    at edu.internet2.middleware.grouper.ws.GrouperServiceJ2ee$1.callback(GrouperServiceJ2ee.java:254)
    ... 31 more
Caused by: javax.naming.NamingException: LDAP response read timed out, timeout used:-1ms.; remaining name 'dc=sowewhere,dc=nl'
    at com.sun.jndi.ldap.Connection.readReply(Connection.java:483)
    at com.sun.jndi.ldap.LdapClient.getSearchReply(LdapClient.java:639)
    at com.sun.jndi.ldap.LdapClient.search(LdapClient.java:562)
    at com.sun.jndi.ldap.LdapCtx.doSearch(LdapCtx.java:1985)
    at com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1847)
    at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1772)
    at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1789)
    at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(ComponentDirContext.java:412)
    at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:394)
    at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:376)
    at edu.vt.middleware.ldap.AbstractLdap.search(AbstractLdap.java:215)
    at edu.vt.middleware.ldap.Ldap.search(Ldap.java:431)
    at edu.vt.middleware.ldap.Ldap.search(Ldap.java:347)
    at edu.internet2.middleware.subject.provider.LdapSourceAdapter.getLdapResultsHelper(LdapSourceAdapter.java:701)
    ... 44 more

—
Reply to this email directly or view it on GitHub.




Archive powered by MHonArc 2.6.16.

Top of Page