Hello all,

A customer and myself are experiencing the following issue. This being my
first U.A. deployment for a real-scale test, I don't have enough
experience to relate to.

If a someone keeps using the U.A. non-stop it works for hours without
running into problems (well, not the one I'm posting about anyway). But
if we don't use the UA and remain logged out for a delay estimated at
about 30 minutes, it stops accepting logons. We then have to restart
JBoss to get it working again.

When we meet this issue, JBoss and the UA itself remain up and running,
and no relevant message is found in logs/trace. However, a "netstat -atl"
command on the User Application server reveals that there are no LDAP
connection to the eDir server anymore.

In the eDirectory LDAP server configuration, we noticed that there is an
LDAP timeout parameter. Default value was 1500 seconds (25 minutes),
close to what we felt was the idle time required before running into the
problem. We changed this to 0 (no timeout) and it "solved" the problem
(of course this workaround is not acceptable for a production
environment). We changed it back to 120 (2 minutes) and the problem
occurred again, this time with a delay matching the new setting. We're
pretty sure we've found the issue : LDAP connections time out.

We're puzzled. The User Application is supposed to be running 24/7 and
waiting for users to connect to it. How come it does not (cannot?)
maintain a resilient connection with the eDirectory, or at least tries to
initiate a new connection when the previous one times out ? There must be
some settings we've missed ?!

We've looked into the User Application configuration (configupdate.sh) but
we see no relevant settings.

Is this a JBoss configuration parameter ?
A Java issue ?
Some obscure TCP setting ?

A workaround I can think of would be to set the LDAP timeout to 25 hours
(if it's possible) and have Jboss restart every 24 hours. Ugly but
probably efficient.

(As a side note : no firewalling between the 2 servers at this point, so
this is not a firewall timeout issue).

Thanks for having read thus far, and thanks for any help/hint/clue.

Jerome