Announcement Announcement Module
No announcement yet.
LDAPFailover Page Title Module
Move Remove Collapse
Conversation Detail Module
  • Filter
  • Time
  • Show
Clear All
new posts

  • LDAPFailover

    Can someone explain if this behavour is correct.
    I've set up my ldap failover as follows
    HTML Code:
    	<bean id="contextSource2"
    		<property name="urls" value="ldap://, ldap://" />
    		<property name="pooled" value="true" />
    		<property name="base" value="o=me,c=ca" />
    		<property name="anonymousReadOnly" value="true" />
    <property name="baseEnvironmentProperties">
    <entry key="com.sun.jndi.ldap.connect.timeout" value="500" />
    <bean id="ldapTemplate"
    		<constructor-arg ref="contextSource" />
    		<property name="ignorePartialResultException" value="true"/>
    1) I started both ldap servers and ran a test app to execute queries using this context source.
    2) From Debug I noticed all queries were executed against server1 which is ok.
    3) I stopped server1 expecting it to automatically switch to server2 it didn't it just threw a socked closed exception.
    4) I restarted the app with server1 still down and it worked fine against server2.
    5) I started server1 and the app switched to server1 without server2 being shutdown.
    6) I stopped server 2 it didn't make a difference.

    So I added a try catch to rexecute the query when the an ldap servers are stopped
    HTML Code:
    public void testFailover() throws EntryNotFoundException {
            try {
                Object object = (Object) ldapTemplate.lookup(new DistinguishedName("o=service"));
            } catch (org.springframework.ldap.UncategorizedLdapException e) {
                String message = e.getMessage();
                System.out.println("message is " + message);
                if (message.indexOf("socket closed") != -1) {
                } else {
                    throw e;
    Can someone tell me if this try catch is necessary or is there a better way to get the app to switch to the redundant server?
    From what I read you have to come up with your own solution? I was just wondering does spring have something I'm not aware of?

  • #2
    I'd guess that it's the pooling flag that causes this. There's no connection validation in the built-in LDAP connection pooling (this is all in Sun's LDAP provider - there's nothing we can do about it), which means that it'll retry the same connection until it times out. You can minimize the impact of this by setting the pooling timeout to a very short period of time (e.g. 1 second). This will (for the most cases) reuse the same connection throughout one user sequence of operations and then return the connection to the pool.

    Bear in mind that the benefits of pooling with the LDAP protocol is rather limited as connection forming and release is extremely inexpensive.


    • #3
      BTW, there's a custom LDAP pooling implementation in the Spring LDAP sandbox. This implementation takes care of connection validation and all that stuff. It's not official yet, but we're planning to include it in a future release of Spring LDAP, s[ go ahead and give it a try if you feel like it.