LDAP API lacks timeout options leading to bad login experiences #4445
Labels
authentication
Authentication related issue/feature
bug
Undesired behaviour
ldap
Issue related to ldap authentication
resolved
A fixed issue
Milestone
Comments
TheWitness
added
bug
|
Just remember that timeouts for searching a directory may need to be longer since traversing can be slower. That happens at bind or search stages because of the user information. 120 seconds though is too longer a default. If someone needs that, it should be configurable I agree. |
|
Hmm, the syn should be quick, the bind may take longer. Should we have two settings then? |
|
Going to make these global settings. We can incorporate the domains plugin in 1.3. |
TheWitness
added a commit
that referenced
this issue
Oct 26, 2021
LDAP API lacks timeout options leading to bad login experiences. Domains will use the global setting for now.
TheWitness
added a commit
that referenced
this issue
Oct 26, 2021
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Describe the bug
The LDAP API in php provides two timeout options for both network (syn) and bind. The default is approximately two minutes. These defaults are too high and should be reduced or rather be configurable.
To Reproduce
Steps to reproduce the behavior:
Set your primary server to a host that is printable, but down
Logout of Cacti
Attempt to login
See error
Expected behavior
Cacti should fail over to the second server if the syn does not come back in two seconds. This should be approximately the same for the connect.
The text was updated successfully, but these errors were encountered: