Viewing information about Crowd LDAP connection pools in the Support ZIP file
Platform Notice: Data Center Only - This article only applies to Atlassian products on the Data Center platform.
Note that this KB was created for the Data Center version of the product. Data Center KBs for non-Data-Center-specific features may also work for Server versions of the product, however they have not been tested. Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.
*Except Fisheye and Crucible
Summary
You can find information about LDAP connection pools used by each LDAP directory in the application.xml file of the Support ZIP. This includes the type of connection pool and parameters with their values.
Solution
LDAP connection pool types
Crowd has the following types of connection pools:
JNDI
Default LDAP connection pool for each new directory. It used to be the only type before Crowd 5.1.
Dynamic pool
Improved LDAP connection pool that needs to be enabled for each directory separately, introduced in Crowd 5.1. It’s based on Apache Commons Pool 2.
How to recognize the pool type configured
You can recognize the type configured for each LDAP directory by searching for the XML tag “Attributes.ldap.pool.type” in the application.xml file. An example for each pool type is provided below.
JNDI
1
<crowd.Directory-2.Attributes.ldap.pool.type>JNDI</crowd.Directory-2.Attributes.ldap.pool.type>Dynamic pool
1
<crowd.Directory-3.Attributes.ldap.pool.type>COMMONS_POOL2</crowd.Directory-3.Attributes.ldap.pool.type>LDAP connection pool parameters
When using LDAP connection pools in Crowd, you can customize their parameters. These parameters and their values are also included in the application.xml file.
Important: How to recognize which LDAP parameters apply to each directory
The application.xml file usually includes parameters for both JNDI (because they apply to all the LDAP directories configured with this type of connection pool) and the Dynamic Pool (because once a directory is configured with this pool type they’re not removed, even if the directory’s configuration is changed later to JNDI).
To identify which parameters are actually used by a directory, you need to check its type, as described in the section above.
If the type is JNDI, the global JNDI parameters apply to this directory.
If the type is COMMONS_POOL2, the Dynamic Pool parameters apply to this directory.
JNDI parameters
These parameters are always present in the application.xml file, even if there aren’t any directories configured to use JNDI. That’s because these are global parameters that will apply to any future JNDI LDAP directories.
Different parameters are used depending on whether you’re using JDK8 or JDK11.
JDK11
For JDK11, search the application.xml file for the following parameters (they might be in different places of the file). You can recognize them by being enclosed in angle brackets (<>):
1
2
3
4
5
6
<com.sun.jndi.ldap.connect.pool.authentication>simple</com.sun.jndi.ldap.connect.pool.authentication>
<com.sun.jndi.ldap.connect.pool.protocol>plain ssl</com.sun.jndi.ldap.connect.pool.protocol>
<com.sun.jndi.ldap.connect.pool.prefsize>0</com.sun.jndi.ldap.connect.pool.prefsize>
<com.sun.jndi.ldap.connect.pool.maxsize>0</com.sun.jndi.ldap.connect.pool.maxsize>
<com.sun.jndi.ldap.connect.pool.initsize>1</com.sun.jndi.ldap.connect.pool.initsize>
<com.sun.jndi.ldap.connect.pool.timeout>300000</com.sun.jndi.ldap.connect.pool.timeout>JDK8
For JDK8, the parameters are part of the <virtual-machine-arguments> value, like in the following example:
1
2
3
4
5
6
<virtual-machine-arguments>
-Djava.util.logging.config.file=/Users/admin/standalone/crowd-5.1.0/apache-tomcat/conf/logging.properties
-Dcom.sun.jndi.ldap.connect.pool.initsize=3
-Dcom.sun.jndi.ldap.connect.pool.prefsize=4
-Dcom.sun.jndi.ldap.connect.pool.prefsize=5
</virtual-machine-arguments>If any parameters aren’t included in <virtual-machine-arguments>, it means they weren’t modified. In this case, you can assume that the default values are used. For more info on the default values, see Configure the JNDI connection pool.
Dynamic Pool parameters
These parameters appear in the application.xml file when a new LDAP directory is created. They aren’t global, so each directory will have its own set of parameters. Also:
Regardless of what type of pool a new directory is configured to use, the Dynamic Pool parameters will appear in the application.xml file for this directory. Whether they’re used or not, depends on the directory type.
If a directory is initially configured to use Dynamic Pool and later changed to use JNDI, the Dynamic Pool parameters won’t be removed for this directory. The directory just won’t use them.
To find the parameters, search for Attributes.ldap.pool.config, for example:
1
<crowd.Directory-3.Attributes.ldap.pool.config>{maxIdlePerKey:8,maxTotal:-1,maxTotalPerKey:8,minIdlePerKey:0,blockWhenExhausted:true,evictionPolicyClassName:org.apache.commons.pool2.impl.DefaultEvictionPolicy,fairness:false,jmxEnabled:true,jmxNameBase:null,jmxNamePrefix:pool-directory-,lifo:true,maxWaitMillis:-1,minEvictableIdleTimeMillis:1800000,numTestsPerEvictionRun:3,softMinEvictableIdleTimeMillis:-1,testOnBorrow:true,testOnCreate:false,testOnReturn:false,testWhileIdle:false,timeBetweenEvictionRunsMillis:-1000}</crowd.Directory-3.Attributes.ldap.pool.config>Was this helpful?