Uploaded image for project: 'Documentation'
  1. Documentation
  2. DOCS-12401

Docs for SERVER-34260: Ability to reuse a single TCP connection from mongod to the LDAP server

    XMLWordPrintable

Details

    Description

      Description

      Description:

      This adds a connection pool to manage LDAP connections used for LDAP authn/authz. In 4.2 it is on by default if mongod is linked to the thread-safe version of openldap on Linux, and always enabled on Windows. There is also a set parameter to disable it.

      Engineering Ticket Description:

      When enabling LDAP in the typical setting, mongod process is using the three separate TCP connections to the LDAP server(s) for every db.auth() command:
      1. One (or more) connections for the sections in the security.ldap.userToDNMapping option with the ldapQuery predicates
      2. A single connection to authenticate the user by using the bind operation
      3. A single connection to obtain the list of groups for authorization.

      I am wondering if we could create a single TCP connection during the step 1 or 2 and reuse it for the next steps without reestablishing connection every time for the particular thread (==session) in the server?

      Scope of changes

      Impact to Other Docs

      MVP (Work and Date)

      Resources (Scope or Design Docs, Invision, etc.)

      Attachments

        Issue Links

          Activity

            People

              kay.kim@mongodb.com Kay Kim (Inactive)
              kay.kim@mongodb.com Kay Kim (Inactive)
              Kay Kim Kay Kim (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:
                3 years, 9 weeks, 6 days ago