Configuring the LDAP connection pool
The LDAP service provider maintains a pool of connections and assigns them as needed. When a connection is closed, LDAP returns the connection to the pool for future use. This can improve performance significantly.
This page describes the site-wide settings for LDAP connection pooling in Crowd.
The default implementation for LDAP connection pooling is using JNDI and the pool settings are set via system properties when starting Crowd.
Use system properties instead of updating the settings in Crowd
Because of a bug, the ‘Update Settings’ form used to specify the LDAP connection pool properties directly in Crowd won’t work. Any values that you set will not have any effect. Use this page to configure the connection pool using system properties instead.
View the current configuration
You can view the current settings for LDAP connection pooling in Crowd.
To view the current configuration:
Log in to the Crowd Administration Console.
In the top navigation bar, select Administration.
In the left-hand menu, select LDAP Connection Pool.
Configure the LDAP connection pool
To configure the JNDI connection pool:
Go to <installation-directory>/bin, and edit the setenv.sh (Linux) or setenv.bat (Windows) file.
Set the properties from the table below, for example:
-Dcom.sun.jndi.ldap.connect.pool.initsize=2 -Dcom.sun.jndi.ldap.connect.pool.prefsize=1 -Dcom.sun.jndi.ldap.connect.pool.maxsize=20
Pool properties
設定 | Crowd system property | 説明 | 既定値 |
---|---|---|---|
Initial pool size | com.sun.jndi.ldap.connect.pool.initsize | プールに初めて接続した時に作成される LDAP コネクションの数。 | 1 |
Preferred pool size | com.sun.jndi.ldap.connect.pool.prefsize | 最適なプールのサイズ。コネクションの数がこの値より大きくなると、LDAP はアイドル中のコネクションを削除します。値が 0 (ゼロ) の場合、推奨サイズがないことを意味するため、アイドル中のコネクションの数は制限されません。 | 10 |
Maximum pool size | com.sun.jndi.ldap.connect.pool.maxsize | The max number of connections. When the number of connections reaches this value, LDAP will refuse further connections. As a result, requests made by an application to the LDAP server will be blocked. A value of 0 (zero) means that the number of connections is unlimited. | 0 |
Pool timeout | com.sun.jndi.ldap.connect.pool.timeout | The length of time, in milliseconds, that a connection may remain idle before being removed from the pool. When the application is finished with a pooled connection, the connection is marked as idle, waiting to be reused. A value of 0 (zero) means that the idle time is unlimited, so connections will never be timed out. | 30000 |
Pool protocol | com.sun.jndi.ldap.connect.pool.protocol | Only these protocol types are allowed to connect to LDAP. If you want to allow multiple protocols, enter the values separated by a space. Valid values are:
|
|
Pool authentication | com.sun.jndi.ldap.connect.pool.authentication | Only these authentication types are allowed to connect to LDAP. If you want to allow multiple authentication types, enter the values separated by a space. See RFC 2829 for details of LDAP authentication methods. Valid values are:
|
|