Layer7 API Management

Expand all | Collapse all

Is it possbile to disable LDAP blacklisting?

Jump to Best Answer
  • 1.  Is it possbile to disable LDAP blacklisting?

    Posted 03-27-2018 11:27 AM

    We have occasional micro-interruptions on our network between our API Gateway and our LDAP server (probably caused by the loadbalancer in front of the LDAP servers but for the moment we aren't sure).

     

    At the moment, the gateway detects the interruption and blacklists our LDAP server for 60 seconds. Is there a way to disable this blacklisting? The interruption on the network lasts much less than the blacklisting.

    INFO com.l7tech.server.identity.ldap.LdapUserManagerImpl: Could not establish context using LDAP URL ldaps://XXXX
    INFO com.l7tech.server.identity.ldap.LdapUrlProviderImpl: Blacklisting url for next 60 seconds : ldaps://XXXX
    INFO com.l7tech.server.identity.ldap.LdapUrlProviderImpl: Trying to recover using this url: ldaps://XXXX

    We are running 8.4.00



  • 2.  Re: Is it possbile to disable LDAP blacklisting?
    Best Answer

    Posted 03-27-2018 03:13 PM

    Set cluster property ldap.reconnect.timeout to 0 disables the blacklisting



  • 3.  Re: Is it possbile to disable LDAP blacklisting?

    Posted 03-28-2018 02:57 AM

    Thanks for your quick reply - this property isn't in the documentation I have, but I have found ldap.connection.timeout. Is this the same thing?



  • 4.  Re: Is it possbile to disable LDAP blacklisting?

    Posted 10-24-2018 11:05 AM

    Hi, this is not the same property.

     

    For the cluster properties:

    LDAP Cluster Properties - CA API Gateway - 9.3 - CA Technologies Documentation 

     

    If you wish to disable for only one idp, you have the property in the first step of the wizard:

    LDAP Identity Provider Wizard - CA API Gateway - 9.3 - CA Technologies Documentation 



  • 5.  Re: Is it possbile to disable LDAP blacklisting?

    Posted 11-01-2018 04:27 AM

    Hi

    Did the answer from Leandro answered your question? If it did please mark it as the right answer. When your question is not answered or you still have additional questions please let us know.

     

    With Kind Regards

    Conny Postma