Sunday, July 3, 2011

Connection Pooling with LDAP

When we write client applications to communicate with a LDAP server and query, update entries, one thing we should keep in mind is enabling connection pooling with LDAP when creating the connection to LDAP server from our client application.

Otherwise we may run into troubles in multi-threaded environments or load testing environments. I learned it in the hard way and sharing with you the details.

When a load test was run on a LDAP client application, I observed the following errors in Windows Operating System when the load is increased beyond a certain threshold:
javax.naming.CommunicationException: localhost:10389 [Root exception is No buffer space available (maximum connections reached?): connect]
javax.naming.CommunicationException: localhost:10389 [Root exception is Address already in use: connect]
 at com.sun.jndi.ldap.Connection.(
 at com.sun.jndi.ldap.LdapClient.(

Above errors have been caused due to the running out of dynamic ports in the OS so that client application can not make any more connections to LDAP server.

Usually LDAP server is running on a specific port (say 10389) and when a connection is created from client, that is assigned a port in the range of dynamic ports which is defined as a property of Windows OS. This issue is not visible on Linux.

So the above errors can occur when the available number of ports are already being used.

1. Enable LDAP connection pooling when creating the connection to the LDAP as follows.
Hashtable environment = new Hashtable();
//set other environment properties
// Enable connection pooling
environment.put("com.sun.jndi.ldap.connect.pool", "true");
//create LDAP connection
DirContext context = context = new InitialDirContext(environment);
This tutorial explains LDAP Connection pooling in detail.

2. Close any sub Contexts and NamingEnumerations derived by a particular LDAP connection Context, close them explicitly at the end of their usage.

3. Close the LDAP connection created after using it for the purpose it was created.
You can read more about LDAP Connection closure from here.

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.