Layer7 API Management

  • 1.  Is it possbile to disable LDAP blacklisting?

    Posted Mar 27, 2018 11:27 AM

    We have occasional micro-interruptions on our network between our API Gateway and our LDAP server (probably caused by the loadbalancer in front of the LDAP servers but for the moment we aren't sure).

     

    At the moment, the gateway detects the interruption and blacklists our LDAP server for 60 seconds. Is there a way to disable this blacklisting? The interruption on the network lasts much less than the blacklisting.

    INFO com.l7tech.server.identity.ldap.LdapUserManagerImpl: Could not establish context using LDAP URL ldaps://XXXX
    INFO com.l7tech.server.identity.ldap.LdapUrlProviderImpl: Blacklisting url for next 60 seconds : ldaps://XXXX
    INFO com.l7tech.server.identity.ldap.LdapUrlProviderImpl: Trying to recover using this url: ldaps://XXXX

    We are running 8.4.00



  • 2.  Re: Is it possbile to disable LDAP blacklisting?
    Best Answer

    Broadcom Employee
    Posted Mar 27, 2018 03:13 PM

    Set cluster property ldap.reconnect.timeout to 0 disables the blacklisting



  • 3.  Re: Is it possbile to disable LDAP blacklisting?

    Posted Mar 28, 2018 02:57 AM

    Thanks for your quick reply - this property isn't in the documentation I have, but I have found ldap.connection.timeout. Is this the same thing?



  • 4.  Re: Is it possbile to disable LDAP blacklisting?

    Posted Oct 24, 2018 11:05 AM

    Hi, this is not the same property.

     

    For the cluster properties:

    LDAP Cluster Properties - CA API Gateway - 9.3 - CA Technologies Documentation 

     

    If you wish to disable for only one idp, you have the property in the first step of the wizard:

    LDAP Identity Provider Wizard - CA API Gateway - 9.3 - CA Technologies Documentation 



  • 5.  Re: Is it possbile to disable LDAP blacklisting?

    Broadcom Employee
    Posted Nov 01, 2018 04:27 AM

    Hi

    Did the answer from Leandro answered your question? If it did please mark it as the right answer. When your question is not answered or you still have additional questions please let us know.

     

    With Kind Regards

    Conny Postma