Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

iPlanet Directory Server 5.0 server idle timout bug?

4 views
Skip to first unread message

Johan Persson

unread,
Mar 9, 2001, 4:45:24 AM3/9/01
to
Hello,

I am trying to use the Netscape's Java LDAP API to communicate with the
iPlanet Directory Server v 5.0 and I am experiencing problems with the
server timeout setting.

If I set the server timeout value to 10 (ten) seconds,
LDAPConnection.isConnected() still reports true well after the ten seconds
(I have tested up to the one minute range) have expired. This is a big
problem since I occasionally get LDAPExceptions when trying to use this
connection after it should have timed out.

I have tried the exact same Java code against another vendor's LDAP server
and in that case the Java code works flawlessly
(LDAPConnection.isConnected() reports false immediately when the connection
is closed by the server) which leads me to the conclusion that the iPlanet
server does not close the connections correctly. This is confirmed with a
lot of open sockets on the machine that is running the LDAP server that are
not being closed...

Is this a known problem with iPlanet's directory servers (I get the same
behaviour from Netscape's directory server 4.x)? As it is today, I do not
see how we can use iPlanet's directory server.

FYI, I am using the Windows version of the directory server in case this is
a platform dependent problem.

Thank you,
Johan Persson


Miodrag Kekic

unread,
Mar 9, 2001, 9:24:03 AM3/9/01
to Johan Persson
Can you send a snippet of the code that has the problem. It is not quite clear
which timeout you are referring to as the server timeout setting.

Miodrag

Johan Persson

unread,
Mar 9, 2001, 10:05:22 AM3/9/01
to
Please let me elaborate.

The server setting I am referring to is the "Idle timeout" under the
performance tab in the iPlanet directory server console. The documentation
for the directory server states that this setting specifies "the time (in
seconds) during which the server will maintain an idle connection before
terminating it".

Let me explain how my code was meant to work. When I have a number of LDAP
operations to perform a connection is established with the LDAP server and
then this connection is kept open until all relevant operations have been
performed. Since I at some points wait for user interaction, the connection
may need to be kept open for quite some time. The point with keeping the
connection open is to minimize delay that is inherant to
connecting/disconnecting. Only when all LDAP operations have been performed,
I want to close the connection myself.

To make sure that the connection is still up (i.e that the server has not
closed it) before each LDAP operation the following piece of code is called:

protected void Connect() throws LDAPException {
if (!ldapConnection.isConnected()) {
ldapConnection.connect(hostName, portNumber, bindDN, bindPassword);
}

The problem I am having is that, occasionally (not at all every time), I get
LDAP exceptions saying "(80) server down" or "(80) The connection is not
valid anymore" (I am not 100% sure about the wording on the last one) when
trying to perform f.ex. a search after having called Connect(). This seems
to be related to the fact that ldapConnection.isConnected() always returns
true, even though the server has disconnected.

These exceptions never happened before I changed from infinite timeout to a
ten second timeout. I am not sure whether this is a inherent problem in the
Java LDAP SDK or if it is solely a problem in the iPlanet directory server.
I have noticed that the directory server does not close sockets when it
should have timed out and it may be this that is fooling the LDAP classes.
When trying the exact same code with an LDAP server from a different vendor
the sockets were indeed closed after 10 seconds and
ldapConnection.isConnected() reported false after the server had timed out.

Any Ideas on what might be wrong?

Thank you,
Johan

"Miodrag Kekic" <mio...@netscape.com> wrote in message
news:3AA8E783...@netscape.com...

Miodrag Kekic

unread,
Mar 12, 2001, 12:52:19 PM3/12/01
to Johan Persson
iPlanet Directory Server 5.0 and Netscape Directory Servers 4.x do not
disconnect immediately when the idle timeout has been reached. The check for
idle connections to be closed is done only when a new connection is to be
opened.

You can verify this behavior simply by using 'telnet <ldaphost> <ldapport>'
from multiple command prompt windows. After the idle timeout has expired,
execute the telnet command from another window. All currently open telnet
connections will be closed with the message "Connection closed by foreign host".
If you do not open a new connection, the existing connections will remain
indefinitely.

Concerning the Java LDAP SDK, you will get error (80) SERVER_DONE if there is an
I/O error when writing the request to the server socket, or when reading the
response from it. In your error case, it looks like the connection is still
there when isConnect() is called, but it is lost while request is being sent to
the server.

By the way, the check for isConnected() is not necessary with Java LDAP SDK.
Before each request is sent, the SDK will check if connection is still there,
and if it was lost due to a network error, it will silently reconnect and
complete the request. However, if the error occurs in the middle of request, the
recovery is not possible and the error 80 is returned.

I would suggest that you catch the error code 80 and repeat the request in that
case. You do need to call your custom Connect() as JDK will reconnect
automatically.

Miodrag

0 new messages