Turn off LDAP connection pooling in JIRA

How can I turn off LDAP connection pooling in JIRA?

Programmatically, this is normally done in Java as follows:

Hashtable<String, String> env = new Hashtable<>();
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL, "ldap://my.ldap.server:389");
env.put("com.sun.jndi.ldap.connect.pool", "false");
DirContext ctx = new InitialDirContext(env);
// use ctx to run LDAP queries

The important thing to note is that com.sun.jndi.ldap.connect.pool is not a VM argument. Ie launching the JVM with it passed in has no effect. With this in mind, how can I get JIRA to supply com.sun.jndi.ldap.connect.pool=false to the InitialDirContext constructor?

Thanks!

3 answers

1 accepted

The important thing to note is that com.sun.jndi.ldap.connect.pool is not a VM argument.

However, some of the settings are according to Oracle JVM docs:

http://docs.oracle.com/javase/jndi/tutorial/ldap/connect/config.html

You may be able to set one of these to a value that precludes pooling from being allowed for your connections?
In particular I am thinking:

  • com.sun.jndi.ldap.connect.pool.authentication
    A list of space-separated authentication types of connections that may be pooled
  • or com.sun.jndi.ldap.connect.pool.protocol
    A list of space-separated protocol types of connections that may be pooled.

Hi Mark, thanks a lot for the help. I'll give those properties a go and report back here!

Okay, it turns out that this does work! It does seem a bit of a "hack", but I'll take it! Here is the output from netstat:

[root@jira01 ~]# netstat -ap | grep ldap
tcp        0      0 ::ffff:172.24.102.15:42130  ::ffff:146.195.128.254:ldap TIME_WAIT   -
tcp        0      0 ::ffff:172.24.102.15:42129  ::ffff:146.195.128.254:ldap TIME_WAIT   -

(Previously, I had a bunch of ESTABLISHED connections with PIDs at the end.)

For anyone else reading this, I added the following to setenv.sh:

JAVA_OPTS="${JAVA_OPTS} -Dcom.sun.jndi.ldap.connect.pool.protocol=DIGEST-MD5"

It would be nice if there was a more official way to turn off LDAP connection pooling in JIRA/Crowd. Should I raise a ticket with Atlassian support for this?


Thanks again!

-Muel

Currently there is no

Currently JIRA does not provide any way to turn off LDAP conneciton pooling.

According to the Crowd documentation this is available in the Crowd server:

https://confluence.atlassian.com/display/CROWD/Configuring+the+LDAP+Connection+Pool

So in theory you should be able to connect JIRA to Crowd and Crowd to LDAP and turn off the pooling in the Crowd server. However, reading the Oracle docs and the Crowd source code, I am not sure if this will actually work ... please test first if you want to try this.

Suggest an answer

Log in or Sign up to answer
How to earn badges on the Atlassian Community

How to earn badges on the Atlassian Community

Badges are a great way to show off community activity, whether you’re a newbie or a Champion.

Learn more
Community showcase
Published Thursday in Jira

Meet the AUG leaders of Northern Virginia

@Rachel Wright (Jira Genie), @Billy Poggi (AUG NOVA, DC), and @Dana Jansen (Confluence Queen) are just some of the folks that lead one of the world's most active Atlassian User Group (AUG)....

125 views 4 9
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you