[SERVER-40930] Run all LDAP operations in thread pool Created: 01/May/19 Updated: 29/Oct/23 Resolved: 13/Aug/19 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | None |
| Affects Version/s: | None |
| Fix Version/s: | 4.3.1 |
| Type: | Improvement | Priority: | Major - P3 |
| Reporter: | Jonathan Reams | Assignee: | Jonathan Reams |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Backwards Compatibility: | Fully Compatible |
| Sprint: | Security 2019-07-29, Security 2019-08-12, Security 2019-08-26 |
| Participants: |
| Description |
|
We've found that LDAP operations can hang if establishing a new LDAP connection needs to perform side-channel operations - such as GSSAPI auth for the LDAP lookup user - that don't respect the LDAP timeout values. Since we introduced a thread pool for doing LDAP connection pooling, we should just run all LDAP operations inside that thread pool so we can abandon long-running operations and return a quick and reliable error to the user on failure rather than hanging for forever. |
| Comments |
| Comment by Githook User [ 13/Aug/19 ] |
|
Author: {'name': 'Jonathan Reams', 'username': 'jbreams', 'email': 'jbreams@mongodb.com'}Message: |