Experts:
After we deploy our application to production in Tomcat server 9.0.33, we got following error when multiple users login for some time and the server hangs. When user click the "Login" button on the login form, it has a security realm that connect to the LDAP as in the server.xml: <Realm className="org.apache.catalina.realm.LockOutRealm"> &LDAP_realm; </Realm> cat LDAP_realm.xml <Realm className="org.apache.catalina.realm.JNDIRealm" connectionURL="ldaps://XXXX" connectionName="XXX" authentication="simple" referrals="ignore" userSearch="(sAMAccountName={0})" userBase="XXX " userSubtree="true" roleSearch="(member={0})" roleName="cn" roleSubtree="true" roleBase="XXXX" adCompat="true" /> 30-Mar-2020 12:47:29.218 INFO [https-jsse-nio-9443-exec-30] org.apache.catalina.realm.JNDIRealm.authenticate Exception performing authentication. Retrying... javax.naming.CommunicationException: Connection reset [Root exception is java.net.SocketException: Connection reset]; remaining name "XXX" at com.sun.jndi.ldap.LdapCtx.doSearch(LdapCtx.java:2002) at com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1844) at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1769) at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(ComponentDirContext.java:392) at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:358) at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:341) at javax.naming.directory.InitialDirContext.search(InitialDirContext.java:267) at org.apache.catalina.realm.JNDIRealm.getUserBySearch(JNDIRealm.java:1685) at org.apache.catalina.realm.JNDIRealm.getUser(JNDIRealm.java:1521) at org.apache.catalina.realm.JNDIRealm.getUser(JNDIRealm.java:1469) at org.apache.catalina.realm.JNDIRealm.authenticate(JNDIRealm.java:1414) at org.apache.catalina.realm.JNDIRealm.authenticate(JNDIRealm.java:1296) at org.apache.catalina.realm.CombinedRealm.authenticate(CombinedRealm.java:190) at org.apache.catalina.realm.LockOutRealm.authenticate(LockOutRealm.java:154) at org.apache.catalina.authenticator.FormAuthenticator.doAuthenticate(FormAuthenticator.java:243) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:631) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:139) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92) at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:688) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343) at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:373) at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65) at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:868) at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1594) at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) at java.lang.Thread.run(Thread.java:748) Caused by: java.net.SocketException: Connection reset at java.net.SocketInputStream.read(SocketInputStream.java:210) at java.net.SocketInputStream.read(SocketInputStream.java:141) at sun.security.ssl.InputRecord.readFully(InputRecord.java:465) at sun.security.ssl.InputRecord.read(InputRecord.java:503) at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:975) at sun.security.ssl.SSLSocketImpl.readDataRecord(SSLSocketImpl.java:933) at sun.security.ssl.AppInputStream.read(AppInputStream.java:105) at java.io.BufferedInputStream.fill(BufferedInputStream.java:246) at java.io.BufferedInputStream.read1(BufferedInputStream.java:286) at java.io.BufferedInputStream.read(BufferedInputStream.java:345) at com.sun.jndi.ldap.Connection.run(Connection.java:836) ... 1 more Any idea? Thanks Gary