Idea Details

Better handling of idle TCP connections

Last activity 20 days ago
Anon Anon's profile image
01-28-2016 12:50 PM

Currently, there is no way to manage an idle connection between the policy server and a ldap user directory from SiteMinder side.

We would like to request enhancement for one of the two things.

  1. Add a feature to SiteMinder to terminate TCP sessions to user directories after a period of inactivity.
  2. Apply a keep-alive methodology from SiteMinder on each TCP connection to each user directory so that the firewall will see traffic flow and maintain the connection.  This would be different then the health check that SiteMinder already does to make sure the user directory is available.

The reason we are requesting these changes is because our firewalls look for a minimum number of packets over a 30 minute duration to keep the connection open.  Idle connections are closed by the firewall and SiteMinder attempts to send traffic over these closed connections causing delays or spikes in response times.


Comments

02-11-2016 12:15 PM

Thank you for your contribution of an enhancement idea to the CA Community. CA is continually working to improve its software and services to best meet the needs of its customers. Your input is vital to that effort. The CA Single Sign-On Product Management team has reviewed your enhancement suggestion and decided to maintain the idea for possible consideration in a future release. The Community will continue to be able to vote on this enhancement idea.