Data Center 5.3
Versions

Configuring the Dynamic LDAP connection pool

Configuring LDAP connection pooling

On this page

In this section

Related content

  • No related content found

Still need help?

The Atlassian Community is here for you.

Ask the community

Dynamic LDAP connection pool provides support for detailed pool configuration on a per-directory basis and adds parameters to control the validation and maintenance of each connection pool. It's available only for directories of type Connector and Delegated Authentication. It also supports StartTLS connections.

Before you begin

When you switch between the JNDI and Dynamic pools, or change the configuration of the Dynamic pool, you don’t need to restart Crowd.

However, we recommend that you change the configuration only outside of working hours. Any change might terminate all actions that are being performed on a directory, resulting in short outages.

Tell me more...

When you change the connection settings (URL, secure mode, credentials) or the pool configuration, Crowd creates a new connection pool with your updated configuration. The pool is created almost immediately, but there’s still a chance that actions performed by your users will require borrowing connections from the old pool, which will fail during this short period of time. The problem isn’t guaranteed – the connections already borrowed from the old pool will continue to work, it’s only the new connections that fail. To prevent any problems, it’s safer to wait until there aren’t many users around.

Enable the connection pool

To enable the Dynamic LDAP connection pool for a directory:

  1. Log in to the Crowd Administration Console.

  2. In the top navigation bar, click Directories.
    The Directory Browser opens.

  3. Select an existing Connector or Delegated Directory

  4. Select the LDAP Connection Pooling tab.

  5. Select Dynamic pool option for LDAP connection pooling.

  6. Configure the parameters. You can find more information about them in the table further below.

Pool parameters

You can configure the following parameters for each Dynamic connection pool.

Pool size

Dynamic pool parameterDescriptionDefault value
Max totalThe maximum number of active connections (for all types) that can be allocated from the pool at the same time. A non-positive value sets the number to unlimited.-1
Max total per typeThe limit of connection slots allocated by the pool (checked out or idle), per key. Each key type determines a sub-pool of read-only or read-write connections. When the limit is reached, the sub-pool is exhausted. A non-positive value sets the number to unlimited.-1
Max idle per typeThe maximum number of active connections of each key type (read-only and read-write) that can remain idle in the pool without extra connections being released. Each key type determines a sub-pool of read-only and read-write connections. A non-positive value sets the number to unlimited.-1
Min idle per typeThe minimum number of active connections of each key type (read-only and read-write) that can remain idle in the pool, without extra connections being created. Each key type determines a sub-pool of read-only and read-write connections. A non-positive value sets the number to unlimited.0

Pool behavior when exhausted

The following parameters are different from the 'Connection timeout' parameter that you can find in the Connector tab. 

Tell me more...

The 'Connection timeout' parameter works differently depending on the type of your connection pool.

  • Dynamic pool: It only specifies the time limit for connecting to a directory.
  • JNDI pool: It specifies both the time limit for connecting to a directory and the max time the pool waits for a connection to be returned after the pool has been exhausted.

For the Dynamic pool, the max time the pool waits for a connection to be returned is separated and controlled by 'Max time', described below.

Dynamic pool parameterDescriptionDefault value
Wait when exhausted

If enabled, the pool waits for a connection to be returned if none are available. Otherwise, it saves an error into the log file saying the pool has been exhausted.

If the Max wait parameter is configured with a positive value, then a NoSuchElementException is thrown if there aren’t new available connection slots after the waiting period is exceeded.

true
Max wait

Determines the maximum time the pool waits for a connection to be returned if the ‘Wait when exhausted’ option is enabled. Choose a non-positive value to wait indefinitely.

This is only applicable when the Wait when exhausted option is enabled. 

-1

Testing connections

Dynamic pool parameterDescriptionDefault value
Test when creating a connectionValidates connections when they’re created. If the connection fails to validate, it can’t be borrowed.false
Test when borrowing a connectionValidates connections when borrowing them from the pool. If the connection fails to validate, it’s dropped from the pool and an attempt to borrow another one is made.true
Test when returning a connectionValidates connections when returning them to the pool.false
Test idle connectionsValidates idle connections. If a connection fails to validate, it’s dropped from the pool.false

Evicting idle connections

Dynamic pool parameterDescriptionDefault value
Eviction frequency (seconds)Determines the frequency of evicting connections that are eligible for eviction. The value must be a positive integer.300 sec
(5 minutes)
Eviction eligibility time (seconds)Determines how long a connection needs to be idle to be eligible for eviction.300 sec
(5 minutes)


Monitor the connection pool

You can monitor the LDAP connection pool by using REST API or a JMX interface. For more info, see Monitoring the Dynamic LDAP connection pool.

Last modified on Nov 24, 2022

Was this helpful?

Yes
No
Provide feedback about this article

In this section

Related content

  • No related content found
Powered by Confluence and Scroll Viewport.