Okay, so I'm moving my application over from non-SSL to SSL connections to my LDAP server. When running the application in non-SSL, connection pooling is working fine. However when I switch to SSL connection pools no longer work.
While researching here I realized that I never set the "com.sun.jndi.ldap.connect.pool.protocol" property to 开发者_运维知识库"plain ssl" since defaultly it is set to plain. I thought this was the problem.
When I implemented the change to include "plain ssl", it did not fix the problem and connection pools were still not being used.
Is there some other setting that I am missing?
Relevant code:
Hashtable LDAPEnvironment = new Hashtable();
LDAPEnvironment.put(Context.SECURITY_AUTHENTICATION, SECURITY_AUTHENTICATION);
LDAPEnvironment.put(Context.SECURITY_PRINCIPAL, SECURITY_PRINCIPAL);
LDAPEnvironment.put(Context.SECURITY_CREDENTIALS, SECURITY_CREDENTIALS);
LDAPEnvironment.put(Context.INITIAL_CONTEXT_FACTORY, INITIAL_CONTEXT_FACTORY);
LDAPEnvironment.put(Context.PROVIDER_URL, PROVIDER_URL );
LDAPEnvironment.put(Context.SECURITY_AUTHENTICATION, "simple");
LDAPEnvironment.put("java.naming.ldap.version", versionOfLDAP );
if (ldapProtocol != null && ldapProtocol.equalsIgnoreCase("SSL")){
LDAPEnvironment.put(Context.SECURITY_PROTOCOL,"ssl");
LDAPEnvironment.put("com.sun.jndi.ldap.connect.pool.protocol","plain ssl");
}
LDAPEnvironment.put("com.sun.jndi.ldap.connect.pool", "true");
I have found the problem. The documentation specifically states that the those properties are system properties and not environment properties. I was setting these as environment properties. :-)
If you scroll down a little, at the link you provided (scroll to "How Connections are Pooled"), you'll see the explanation to how the pooling works.
When you request a pooled connection, you will get one only if ALL the specified properties are identical. And that's a long list of properties...
I your case this is:
- connection controls
- host name, port number as specified in the "java.naming.provider.url" property, referral, or URL supplied to the initial context
- java.naming.security.protocol property
- java.naming.ldap.version property
- java.naming.security.principal property
- java.naming.security.credentials property
If you always use the same constants when request a connection from the connection pool, I think you should get the same pooled connection. That is, if you set the com.sun.jndi.ldap.connect.pool.* properties properly - but I didn't see that in the code you provided.
If you did set the com.sun.jndi.ldap.connect.pool.* properties to sensible values, try setting com.sun.jndi.ldap.connect.pool.debug to fine. This will help you debug.
Another option is to use a framework, or a provider that supports connection pooling. Note that the pooling provided to you by Java is rather limited. I used Spring-Ldap in the past, and it has very good support.
Hope this helps.
精彩评论