[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#5440) back-meta opens too many connections in case of error

Ali Pouya wrote:
> Hi Pierangelo;
> When trying to reproduce the problem with test035 material I found a 
> problem in my own JAVA code !
> There is no such problem in back-meta :-)
> Sorry for misreporting and thanks for your help.

OK, no problem.  I note that the issue I fixed in HEAD is basically 
related to not using

pseudoroot-bind-defer	yes

The default is "no", basically to preserve the original behavior.  The 
original behavior consisted in always binding to all targets when bound 
as the rootdn.  When "pseudoroot-bind-defer" is set to "yes", the bind 
only occurs locally at the proxy, and is propagated to the targets only 
when they actually need to be used.  The reason is that binding as the 
rootdn might only be needed to operate on a subset of the targets, so 
there is no need to add extra traffic to those outside this set.  When 
"pseudoroot-bind-defer" is set to "yes", this no longer occurs, and the 
issue I observed does not show up any longer.  Probably, as an outcome 
of this ITS, we should change the default to "yes".


Ing. Pierangelo Masarati
OpenLDAP Core Team

SysNet s.r.l.
via Dossi, 8 - 27100 Pavia - ITALIA
Office:  +39 02 23998309
Mobile:  +39 333 4963172
Email:   pierangelo.masarati@sys-net.it