Turn off LDAP connection pooling in JIRA

How can I turn off LDAP connection pooling in JIRA?

Programmatically, this is normally done in Java as follows:

Hashtable<String, String> env = new Hashtable<>();
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL, "ldap://my.ldap.server:389");
env.put("com.sun.jndi.ldap.connect.pool", "false");
DirContext ctx = new InitialDirContext(env);
// use ctx to run LDAP queries

The important thing to note is that com.sun.jndi.ldap.connect.pool is not a VM argument. Ie launching the JVM with it passed in has no effect. With this in mind, how can I get JIRA to supply com.sun.jndi.ldap.connect.pool=false to the InitialDirContext constructor?

Thanks!

3 answers

1 accepted

This widget could not be displayed.

The important thing to note is that com.sun.jndi.ldap.connect.pool is not a VM argument.

However, some of the settings are according to Oracle JVM docs:

http://docs.oracle.com/javase/jndi/tutorial/ldap/connect/config.html

You may be able to set one of these to a value that precludes pooling from being allowed for your connections?
In particular I am thinking:

  • com.sun.jndi.ldap.connect.pool.authentication
    A list of space-separated authentication types of connections that may be pooled
  • or com.sun.jndi.ldap.connect.pool.protocol
    A list of space-separated protocol types of connections that may be pooled.

Hi Mark, thanks a lot for the help. I'll give those properties a go and report back here!

Okay, it turns out that this does work! It does seem a bit of a "hack", but I'll take it! Here is the output from netstat:

[root@jira01 ~]# netstat -ap | grep ldap
tcp        0      0 ::ffff:172.24.102.15:42130  ::ffff:146.195.128.254:ldap TIME_WAIT   -
tcp        0      0 ::ffff:172.24.102.15:42129  ::ffff:146.195.128.254:ldap TIME_WAIT   -

(Previously, I had a bunch of ESTABLISHED connections with PIDs at the end.)

For anyone else reading this, I added the following to setenv.sh:

JAVA_OPTS="${JAVA_OPTS} -Dcom.sun.jndi.ldap.connect.pool.protocol=DIGEST-MD5"

It would be nice if there was a more official way to turn off LDAP connection pooling in JIRA/Crowd. Should I raise a ticket with Atlassian support for this?


Thanks again!

-Muel

This widget could not be displayed.

Currently there is no

This widget could not be displayed.

Currently JIRA does not provide any way to turn off LDAP conneciton pooling.

According to the Crowd documentation this is available in the Crowd server:

https://confluence.atlassian.com/display/CROWD/Configuring+the+LDAP+Connection+Pool

So in theory you should be able to connect JIRA to Crowd and Crowd to LDAP and turn off the pooling in the Crowd server. However, reading the Oracle docs and the Crowd source code, I am not sure if this will actually work ... please test first if you want to try this.

Suggest an answer

Log in or Sign up to answer
Atlassian Summit 2018

Meet the community IRL

Atlassian Summit is an excellent opportunity for in-person support, training, and networking.

Learn more
Community showcase
Posted Wednesday in New to Jira

Are you planning to trial, or are currently trialling Jira Software? - We want to talk to you!

Hello! I'm Rayen, a product manager at Atlassian. My team and I are working hard to improve the trial experience for Jira Software Cloud. We are interested in   talking to 20 people planning t...

91 views 1 0
Join discussion

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you