3

I am trying to set up LDAP secondary user store in the WSO2 API manager 2.1.0. Settings are checked against this tutorial and also against WSO2 Integrator which is running smoothly on the same server. After I had few failed attempts to load the users from the company's LDAP server, I suddenly was able to connect once. Half an hour later, when I tried to get all users again, it failed and has been unsuccessful ever after. Every time the same error shows up: ERROR LDAPConnectionContext Error Obtaining connection with socketTimeoutException: Read timed out.

2018-07-04 10:35:52,044 [-] [localhost-startStop-1] ERROR LDAPConnectionContext Error Obtaining connection. our.domain.org:636
javax.naming.CommunicationException: our.domain.org:636 [Root exception is java.net.socketTimeoutException: Read timed out]
    at com.sun.jndi.ldap.Connection.<init>(Connection.java:226)
    at com.sun.jndi.ldap.LdapClient.<init>(LdapClient.jav":137)
    at com.sun.jndi.ldap.LdapClient.getInstance(LdapClient.java:1615)
    at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2749)
    at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:319)
    at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:192)
    at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:210)
    at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:153)
    at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:83)
    at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:684)
    at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:313)
    ....
    ....
Caused by: org.wso2.carbon.user.core.UserStoreException: Cannot create connection to LDAP server. Error message Error obtaining connection. our.domain.org:636
    at org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager, <init>(ReadOnlyLDAPUserStoreManager.java: 184)
    at org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager, <init>(ReadWriteLDAPUserStoreManager.java: 112)
    at org.wso2.carbon.user.core.ldap.ActiveDirectoryUserStoreManager, <init>(ActiveDirectoryUserStoreManager.java: 99)
    ... 108 more

Has anyone experienced such behavior with LDAP? Any suggestions welcome - at this point I am not really sure where should I look for the error because:

  1. It was actually able to pool the data from LDAP server at least once and
  2. Same settings (synapse.properties and passthru-http.properties) are applied to the Integrator and it works just fine.
ZenOctober
  • 45
  • 1
  • 5
  • You can increase read timeout and LDAP connection timeout values of the LDAP connection by configuring below user Store properties. `true 10000 10000` – Chandana Jul 09 '18 at 22:08
  • Thank you for the reply Chandana, but it still fails to connect even with increased connection timeout limit. What's peculiar is that it did connect once and the wso2 EI with the same timeout settings works great. There should be something that breaks/time outs the connection but the stack trace that I am getting is hard to tell where to look for. I was wondering if anyone else have experienced similar behavior. – ZenOctober Jul 10 '18 at 09:46
  • Can't we increase the RetryAttempts from 0 to 3? how will it impact? – suresh kumar Dec 24 '19 at 07:47
  • did you ever figure out what it was? im having the same issue – luisluix May 11 '22 at 20:17

0 Answers0