[SERVER-40930] Run all LDAP operations in thread pool Created: 01/May/19  Updated: 29/Oct/23  Resolved: 13/Aug/19

Status: Closed
Project: Core Server
Component/s: None
Affects Version/s: None
Fix Version/s: 4.3.1

Type: Improvement Priority: Major - P3
Reporter: Jonathan Reams Assignee: Jonathan Reams
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Backwards Compatibility: Fully Compatible
Sprint: Security 2019-07-29, Security 2019-08-12, Security 2019-08-26
Participants:

 Description   

We've found that LDAP operations can hang if establishing a new LDAP connection needs to perform side-channel operations - such as GSSAPI auth for the LDAP lookup user - that don't respect the LDAP timeout values. Since we introduced a thread pool for doing LDAP connection pooling, we should just run all LDAP operations inside that thread pool so we can abandon long-running operations and return a quick and reliable error to the user on failure rather than hanging for forever.



 Comments   
Comment by Githook User [ 13/Aug/19 ]

Author:

{'name': 'Jonathan Reams', 'username': 'jbreams', 'email': 'jbreams@mongodb.com'}

Message: SERVER-40930 Run all LDAP operations on thread pool
Branch: master
https://github.com/10gen/mongo-enterprise-modules/commit/fb4bc2b04e67d20686c78caa7aa83eadd7e8dd0f

Generated at Thu Feb 08 04:56:21 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.