Details
-
Bug
-
Resolution: Unresolved
-
Minor
-
None
-
2.2.1
-
None
Description
While the shib attribute resolver's DataConnector has a mechanism for configuring VT Ldap's pool validation, the rest of the PSP has no such way of exposing that configuration. It is partially exposed if you're using the "grouper" ldappoolidsource, but not if you're using the Spring one. This means that even if you configure the LDAP pool to validate (or configure no pool) the connections are not properly exercised & will likely be terminated by aggressive idle connection termination settings on LDAP servers.