FWIW, we are running against AD as well, and what we have done is configure multiple AD servers to authenticate against, with short connect timeouts. Ie. if the first fails, it will shortly try the next. (This assumes you have multiple DCs) We have never seen an issue with that (mind you, we have not be brave enough yet to dive into 3.4.2, still running on 3.3.5)
See the multiple ldap server config and timeout related sections in http://www.ja-sig.org/wiki/display/CASUM/LDAP Johan On 4/22/2010 8:12 AM, Scott Battaglia wrote: > If you have connection pooling turned on, try disabling it. > > Cheers, > Scott > > > On Thu, Apr 22, 2010 at 11:08 AM, Marvin Addison > <[email protected] <mailto:[email protected]>> wrote: > > > Thank you for your answer, this problem occurs only seldom and > moreover > > Active Directory is used for authenticated users on other > applications > > Java likes to use long-lived connections for LDAP operations. I > wonder if either endpoint is prematurely closing the socket underlying > the JNDI connection for some reason. That would explain why other > applications work and why it's intermittent with CAS. Feels like a > networking problem in any case; hopefully you can work with your > network admins to investigate further. Please report back if you find > anything interesting. > > M > > -- > You are currently subscribed to [email protected] > <mailto:[email protected]> as: [email protected] > <mailto:[email protected]> > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
