LDAP authentication timing out
Hello All,
I have the following config:
host samerole +myrole samenet ldap ldapserver="ldap1,ldap2,ldap3" ldapbinddn="mybinddn" ldapbindpasswd="mypass" ldapbasedn="mybase" ldapsearchattribute="myatt"
Usually auth works perfectly with LDAP (starting a session from psql using an LDAP connection, authenticating with the LDAP password then exiting straight away) I see this:
2013-06-20 15:19:53 EST DEBUG: edb-postgres child[15901]: starting with (
2013-06-20 15:19:53 EST DEBUG: forked new backend, pid=15901 socket=10
2013-06-20 15:19:53 EST DEBUG: edb-postgres
2013-06-20 15:19:53 EST DEBUG: dccn
2013-06-20 15:19:53 EST DEBUG: )
2013-06-20 15:19:53 EST DEBUG: InitPostgres
2013-06-20 15:19:53 EST DEBUG: my backend ID is 1
2013-06-20 15:19:53 EST DEBUG: StartTransaction
2013-06-20 15:19:53 EST DEBUG: name: unnamed; blockState: DEFAULT; state: INPROGR, xid/subid/cid: 0/1/0, nestlvl: 1, children:
2013-06-20 15:19:53 EST DEBUG: received password packet
2013-06-20 15:19:53 EST DEBUG: CommitTransaction
2013-06-20 15:19:53 EST DEBUG: name: unnamed; blockState: STARTED; state: INPROGR, xid/subid/cid: 0/1/0, nestlvl: 1, children:
2013-06-20 15:19:56 EST DEBUG: shmem_exit(0): 7 callbacks to make
2013-06-20 15:19:56 EST DEBUG: proc_exit(0): 3 callbacks to make
2013-06-20 15:19:56 EST DEBUG: exit(0)
2013-06-20 15:19:56 EST DEBUG: shmem_exit(-1): 0 callbacks to make
2013-06-20 15:19:56 EST DEBUG: proc_exit(-1): 0 callbacks to make
2013-06-20 15:19:56 EST DEBUG: reaping dead processes
2013-06-20 15:19:56 EST DEBUG: server process (PID 15901) exited with exit code 0
However around 10% of the time (although this varies) the session hangs after I type in my password till the auth timeout and I see this:
2013-06-20 15:07:46 EST DEBUG: forked new backend, pid=15587 socket=10
2013-06-20 15:07:46 EST DEBUG: edb-postgres child[15587]: starting with (
2013-06-20 15:07:46 EST DEBUG: edb-postgres
2013-06-20 15:07:46 EST DEBUG: dccn
2013-06-20 15:07:46 EST DEBUG: )
2013-06-20 15:07:46 EST DEBUG: InitPostgres
2013-06-20 15:07:46 EST DEBUG: my backend ID is 1
2013-06-20 15:07:46 EST DEBUG: StartTransaction
2013-06-20 15:07:46 EST DEBUG: name: unnamed; blockState: DEFAULT; state: INPROGR, xid/subid/cid: 0/1/0, nestlvl: 1, children:
2013-06-20 15:07:46 EST DEBUG: received password packet
2013-06-20 15:08:46 EST DEBUG: shmem_exit(1): 7 callbacks to make
2013-06-20 15:08:46 EST DEBUG: proc_exit(1): 3 callbacks to make
2013-06-20 15:08:46 EST DEBUG: exit(1)
2013-06-20 15:08:46 EST DEBUG: shmem_exit(-1): 0 callbacks to make
2013-06-20 15:08:46 EST DEBUG: proc_exit(-1): 0 callbacks to make
2013-06-20 15:08:46 EST DEBUG: reaping dead processes
2013-06-20 15:08:46 EST DEBUG: server process (PID 15587) exited with exit code 1
Anyone have any ideas? I never see this with MD5.
I can multiple quickfire binds from an LDAP application and the same bind DN with no problems.
Cheers,
James Sewell
PostgreSQL Team Lead / Solutions Architect
_____________________________________
The contents of this email are confidential and may be subject to legal or professional privilege and copyright. No representation is made that this email is free of viruses or other defects. If you have received this communication in error, you may not copy or distribute any part of it or otherwise disclose its contents to anyone. Please advise the sender of your incorrect receipt of this correspondence.
Вложения
В списке pgsql-general по дате отправления: