Bug 58330 - LDAPConnectionPoolTTL not honored
Summary: LDAPConnectionPoolTTL not honored
Status: RESOLVED INVALID
Alias: None
Product: Apache httpd-2
Classification: Unclassified
Component: mod_ldap (show other bugs)
Version: 2.4.16
Hardware: PC All
: P2 major (vote)
Target Milestone: ---
Assignee: Apache HTTPD Bugs Mailing List
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2015-09-04 19:28 UTC by aswope
Modified: 2015-09-04 21:10 UTC (History)
1 user (show)



Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description aswope 2015-09-04 19:28:46 UTC
Using a windows build.

As reported elsewhere, windows closes an LDAP connection after 900 seconds, but the default Apache behavior appears to try to re-use the connection indefinitely.  If Apache tries to re-use after windows has closed the connection, there's a 60 second delay waiting for the connection to timeout, then the following is logged:

[ldap:info] [pid 10276:tid 1020] [client 127.0.0.1:53861] AH01284: ldap_simple_bind() timed out on reused connection, dropped by firewall?

Setting LDAPConnectionPoolTTL to something less than 900 should alleviate this issue, but regardless of this setting, after the windows connection is released, the above error occurs.  

Setting LDAPConnectionPoolTTL 0 seems to have no effect either.

This seems related to 54587, but needs addressed in 2.4 if at all possible.
Comment 1 Eric Covener 2015-09-04 19:51:27 UTC
can you provide trace8 logging w/ the TTL set to something conservative?
Comment 2 aswope 2015-09-04 21:10:13 UTC
I believe this to be a config error.  When tracing, I realized the configurations settings were not being used, which led to a closer inspection of the <ifmodule> tag.  The module being tested was "mod_ldap" rather than "ldap_module".

It appears after changing the ifmodule directive, LDAPConnectionPoolTTL is being honored.  I will re-open should this prove otherwise.

Sorry for the trouble, and thanks for the fast response!