[DOCS-12401] Docs for SERVER-34260: Ability to reuse a single TCP connection from mongod to the LDAP server Created: 28/Jan/19  Updated: 13/Nov/23  Resolved: 24/Sep/19

Status: Closed
Project: Documentation
Component/s: manual, Server
Affects Version/s: None
Fix Version/s: 4.1.8, 4.0.9, Server_Docs_20231030, Server_Docs_20231106, Server_Docs_20231105, Server_Docs_20231113

Type: Task Priority: Major - P3
Reporter: Kay Kim (Inactive) Assignee: Kay Kim (Inactive)
Resolution: Fixed Votes: 0
Labels: platforms_security
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Documented
documents SERVER-34260 Ability to reuse a single TCP connect... Closed
Related
related to DOCS-12337 Docs for SERVER-33852: libldap is not... Closed
Participants:
Days since reply: 4 years, 20 weeks, 1 day ago
Epic Link: DOCS: 4.2 Server/Tools

 Description   

Description

Description:

This adds a connection pool to manage LDAP connections used for LDAP authn/authz. In 4.2 it is on by default if mongod is linked to the thread-safe version of openldap on Linux, and always enabled on Windows. There is also a set parameter to disable it.

Engineering Ticket Description:

When enabling LDAP in the typical setting, mongod process is using the three separate TCP connections to the LDAP server(s) for every db.auth() command:
1. One (or more) connections for the sections in the security.ldap.userToDNMapping option with the ldapQuery predicates
2. A single connection to authenticate the user by using the bind operation
3. A single connection to obtain the list of groups for authorization.

I am wondering if we could create a single TCP connection during the step 1 or 2 and reuse it for the next steps without reestablishing connection every time for the particular thread (==session) in the server?

Scope of changes

Impact to Other Docs

MVP (Work and Date)

Resources (Scope or Design Docs, Invision, etc.)



 Comments   
Comment by Githook User [ 24/Sep/19 ]

Author:

{'username': 'kay-kim', 'email': 'kay.kim@10gen.com', 'name': 'Kay Kim'}

Message: DOCS-12401: 4.0.9 connection pool to ldap server
Branch: v4.0
https://github.com/mongodb/docs/commit/9de86aa1e4e2a15815295371781e96afd2a041ec

Comment by Githook User [ 24/Sep/19 ]

Author:

{'name': 'Kay Kim', 'username': 'kay-kim', 'email': 'kay.kim@10gen.com'}

Message: DOCS-12401: 4.0.9 connection pool to ldap server
Branch: master
https://github.com/mongodb/docs/commit/556e9a74459d43cf277fd6eba61a3b30b77f3198

Generated at Thu Feb 08 08:05:09 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.