[389-users] Random failures on startTLS
Chun Tat David Chu
beyonddc.storage at gmail.com
Fri Apr 16 19:38:44 UTC 2010
Aaron,
I read thru the e-mail chain but perhaps I missed it. What exactly is the
issue you are having regarding startTLS, ABANDON request and 389 Directory?
Is it causing some unexpected behavior?
I too use startTLS in my JNDI client but I don't recall seeing anything that
you are experiencing except the persistent search that Rich was talking
about.
FYI (For your information), I narrowed down what triggers an ABANDON request
within JNDI for persistent search by tracing the JNDI code that came as part
of OpenJDK.
- David
2010/4/15 Aaron Hagopian <airhead1 at gmail.com>
> I am having a hard time programmatically getting the ABANDON requests to
> show up. In my local environment I cannot reproduce at all (Fedora 12
> x86_64) but on all our server environments I see these in the logs. The
> oddest thing about it is I only see these when running in tomcat on either
> our CentOS or RHEL machines (i386 and x86_64 platforms). Running a
> standalone java program does not create the ABANDON requests, only in
> tomcat. A little research shows that tomcat does have its own
> implementation of JNDI but that doesn't then explain why in my local
> environment (running same versions of java/tomcat/389ds) this does not
> happen. I will try to find any further relevant differences between my
> local environment and the servers where the messages show up.
>
> For now we are just going SSL all the time on our connections which seems
> to fix the problem since we no longer need the startTLS.
>
>
> On Wed, Apr 14, 2010 at 5:57 PM, Rich Megginson <rmeggins at redhat.com>wrote:
>
>> Aaron Hagopian wrote:
>> >
>> >
>> > It's JNDI itself. JNDI uses ABANDON requests. Are you using
>> > persistent
>> > search at all? Another 389 user reported similar problems caused by
>> > improper handling of JNDI persistent searches + ABANDON requests.
>> > Although this looks different, both issues have JNDI and ABANDON
>> > in common.
>> >
>> >
>> > We are not using persistent search at all. I will try to track down
>> > what in our code creates the ABANDON requests but might take me a bit.
>> I think it's JNDI itself - you probably won't find anything explicitly
>> calling an ABANDON request in your code.
>> > Once successfull I'll get you something that causes the ABANDON to
>> > show up followed by a startTLS.
>> > ------------------------------------------------------------------------
>> >
>> > --
>> > 389 users mailing list
>> > 389-users at lists.fedoraproject.org
>> > https://admin.fedoraproject.org/mailman/listinfo/389-users
>>
>> --
>> 389 users mailing list
>> 389-users at lists.fedoraproject.org
>> https://admin.fedoraproject.org/mailman/listinfo/389-users
>>
>
>
> --
> 389 users mailing list
> 389-users at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/389-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20100416/a9a36f4c/attachment.html>
More information about the 389-users
mailing list