每次从 Ldap 连接池返回新连接

问题描述

我在我的项目中实现了 LDAP 连接池，并注意到一个奇怪的行为，每次新的连接请求到来时，我配置的 LDAP 连接池都会返回新连接，而不是重新使用返回到池中的现有连接.

I have implemented LDAP connection pooling in my project and noticed a strange behavior that every time new connection request comes, LDAP connection pool I configured is returning new connection instead of re-using existing connection returned to pool.

LDAP JNDI 日志:

00:07:10,824 ERROR [stderr] (IPAdminGlobalDataReloader) Create and use com.sun.jndi.ldap.LdapClient@46728c0f[eun2p3-be.stp-qa.st.com:636]
00:07:12,222 ERROR [stderr] (IPAdminGlobalDataReloader) Release com.sun.jndi.ldap.LdapClient@46728c0f
00:07:46,704 ERROR [stderr] (Thread-65) Expired com.sun.jndi.ldap.LdapClient@674b68bd expired
00:08:46,707 ERROR [stderr] (Thread-65) Expired com.sun.jndi.ldap.LdapClient@46728c0f expired
00:22:26,329 ERROR [stderr] (IPAdminGlobalDataReloader) Create com.sun.jndi.ldap.LdapClient@386bfda[eun2p3-be.stp-qa.st.com:636]
00:22:26,333 ERROR [stderr] (IPAdminGlobalDataReloader) Create and use com.sun.jndi.ldap.LdapClient@6d9f3716[eun2p3-be.stp-qa.st.com:636]
00:22:27,748 ERROR [stderr] (IPAdminGlobalDataReloader) Release com.sun.jndi.ldap.LdapClient@6d9f3716
00:22:46,730 ERROR [stderr] (Thread-65) Expired com.sun.jndi.ldap.LdapClient@386bfda expired
00:23:46,734 ERROR [stderr] (Thread-65) Expired com.sun.jndi.ldap.LdapClient@6d9f3716 expired
00:37:45,242 ERROR [stderr] (IPAdminGlobalDataReloader) Create com.sun.jndi.ldap.LdapClient@4a21c217[eun2p3-be.stp-qa.st.com:636]
00:37:45,244 ERROR [stderr] (IPAdminGlobalDataReloader) Create and use com.sun.jndi.ldap.LdapClient@1b79ab6f[eun2p3-be.stp-qa.st.com:636]
00:37:46,759 ERROR [stderr] (Thread-65) Expired com.sun.jndi.ldap.LdapClient@4a21c217 expired
00:37:46,823 ERROR [stderr] (IPAdminGlobalDataReloader) Release com.sun.jndi.ldap.LdapClient@1b79ab6f
00:39:46,764 ERROR [stderr] (Thread-65) Expired com.sun.jndi.ldap.LdapClient@1b79ab6f expired
00:53:00,864 ERROR [stderr] (IPAdminGlobalDataReloader) Create com.sun.jndi.ldap.LdapClient@668fc34[eun2p3-be.stp-qa.st.com:636]
00:53:00,865 ERROR [stderr] (IPAdminGlobalDataReloader) Create and use com.sun.jndi.ldap.LdapClient@4674a7fb[eun2p3-be.stp-qa.st.com:636]
00:53:02,392 ERROR [stderr] (IPAdminGlobalDataReloader) Release com.sun.jndi.ldap.LdapClient@4674a7fb
00:53:46,787 ERROR [stderr] (Thread-65) Expired com.sun.jndi.ldap.LdapClient@668fc34 expired
00:54:46,791 ERROR [stderr] (Thread-65) Expired com.sun.jndi.ldap.LdapClient@4674a7fb expired

我的连接设置:

    Hashtable<String, String> env = new Hashtable<String, String>();

    env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
    env.put(Context.PROVIDER_URL, "ldaps://" + server + ":" + serverPort);
    env.put(Context.SECURITY_AUTHENTICATION, "simple");
    env.put(Context.SECURITY_PRINCIPAL, pUserName);
    env.put(Context.SECURITY_CREDENTIALS, pPassword);
    env.put(LdapContext.CONTROL_FACTORIES, "com.sun.jndi.ldap.ControlFactory");
    env.put(Context.SECURITY_PROTOCOL, "ssl");
    env.put("com.sun.jndi.ldap.read.timeout", "300000");

    Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());

    // load the location of keystore that holds trusted root certificates from web.xml
    ServletContext context = ApplicationServlet.getApplication().getServlet().getServletContext();
    String certificatePath = context.getInitParameter("AD_CERTIFICATE_PATH");

    System.setProperty("javax.net.ssl.trustStore",  certificatePath);
    //          System.setProperty("javax.net.debug", "all");

    // For connection pooling
    env.put("com.sun.jndi.ldap.connect.pool", "true");
    System.setProperty("com.sun.jndi.ldap.connect.pool.protocol", "plain ssl");
    System.setProperty("com.sun.jndi.ldap.connect.pool.maxsize", poolMaxSize);
    System.setProperty("com.sun.jndi.ldap.connect.pool.prefsize", poolPrefSize);
    System.setProperty("com.sun.jndi.ldap.connect.pool.timeout", poolTimeOut);
    System.setProperty("com.sun.jndi.ldap.connect.pool.debug", "fine");

    ctx = new InitialDirContext(env);
    return (DirContext) ctx;

感谢您确定根本原因在哪里，为什么每次都创建新连接而不是重复使用.

Thanks in identifying where is the root cause, why every time new connection is created instead of reused.

推荐答案

您还没有实现任何连接池，您使用的是 Sun 的损坏的 DirContext 连接池.这是不鼓励的.看看 Spring LDAP 的 ContextSource 池.效果很好.

You have not implemented any connection pooling, you are using the broken DirContext connection pool from Sun. This is discouraged. Take a look at Spring LDAP's ContextSource pool. It works very well.

这篇关于每次从 Ldap 连接池返回新连接的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持跟版网！