Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8257562

ldapcertstore does not release connections to jndi pool for cleanup

    XMLWordPrintable

    Details

    • Type: Enhancement
    • Status: New
    • Priority: P4
    • Resolution: Unresolved
    • Affects Version/s: 11
    • Fix Version/s: None
    • Component/s: core-libs

      Description

      A DESCRIPTION OF THE PROBLEM :
      similar to this bug here: https://bugs.openjdk.java.net/browse/JDK-8059009

      the fix was incomplete. The issue is that ldap servers may close idle ldap connections, and the ldapcertstore fails on the subsequent search. When it fails, the "communication error" flag is set to true, so re-connection will happen on a third search. Idle connections could be cleaned up if connection pooling was enabled and the ldap cert store closed the context. This doesnt happen though, if jndi pooling is on with an idle timeout, it never cleans the connection in the ldapcertstore because it stays "busy". Alternatively, forcing reconnect after some timeout on the in ldapcertstoreimpl would also fix this issue.

      No good workaround has been found so far. Creating fresh certstores doesnt work because the ldap cert stores are cached.


        Attachments

          Issue Links

            Activity

              People

              Assignee:
              Unassigned Unassigned
              Reporter:
              webbuggrp Webbug Group
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Dates

                Created:
                Updated: