Improving the speed of a client logon
By default, secure sockets layer (SSL) connections to lightweight directory access protocol (LDAP) servers are not pooled in the application server Java™ Virtual Machine (JVM). Non-pooled SSL connections can adversely affect the speed of a client logon when Content Platform Engine is configured for SSL.
To improve the speed of a client logon when Content Platform Engine uses SSL, configure LDAP connection pooling on the application server by adding the following system properties to the JAVA_OPTS variable:
-Dcom.sun.jndi.ldap.connect.pool.timeout=300000 "-Dcom.sun.jndi.ldap.connect.pool.protocol=plain ssl"
(UNIX only) Use escape characters for quotation marks and put the JAVA_OPTS variable in quotation marks when starting Java. (For bash shell, you can use backslash (\) to escape quotation marks.)
( WebSphere® only) If you have a WebSphere cluster environment, you must implement this configuration on all JVMs that host Content Platform Engine.
- The connection pool timeout must be less than the directory server idle connection timeout.
- If the load balancer is used to load balance directory servers then the JNDI connection pool timeout must be less than the load balancer idle connection timeout
- The specified timeout value is only a sample starting point. To ensure optimal performance, review the JVM JNDI connection pooling specification and monitor both test and production environments. Adjust the configuration accordingly.
- If the pool maxsize parameter is not set, then the pool size is dynamically managed by the JVM pool manager. An idle connection is used before new connections are created. Connections are closed when the idle time expires.
- If the pool maxsize parameter is set, the value must withstand the peak workload from Content Cortex components without (or with few) pending requests, Otherwise, Content Cortex components can encounter failures including but not limited to the application server JVM stopping.