[Freeipa-devel] SASL whoami
Rob Crittenden
rcritten at redhat.com
Thu Oct 11 21:10:37 UTC 2007
The connection pool has a fairly big problem with it. When a connection
goes away, it doesn't currently see that and returns a failure rather
than reconnecting. These connections can go away if FDS restarts, for
example. Or the connection times out or we're hit by gamma rays, who knows.
Trying to figure out where this failure is occurring and retrying the
operation will be fairly difficult (for every LDAP operation basically).
Instead what I've tried to do is run a quick operation on the connection
when I pull it out of the pool. If it is bad I can easily make a new one.
I wanted an LDAP operation that wasn't going to stress the server at
all. There is an extended operation whoami so you can find out who is
authenticated on this connection.
Using this I can see whether the connection is alive or not and it
actually works fairly well.
The problem is that FDS doesn't implement it, so an error is logged. It
isn't a big deal in my mind and in fact the operation is probably quite
swift ("Do I have this extop? Nope, return.").
So, we have several options:
1. Go with my current uncommitted patch and use an unimplemented extop
to test the connection.
2. Go with the current uncommitted patch AND write a quickie plugin that
does whoami.
3. Try something else altogether, such as catching ldap.SERVER_DOWN
everywhere and trying again.
rob
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3245 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20071011/63b6ad83/attachment.bin>
More information about the Freeipa-devel
mailing list