How to Restrict Connections from a Client (i.e., OAM, OIM) to OVD 11g, Which Are Not Getting Closed and Remain Established / Open? (Doc ID 1353981.1)

Last updated on MARCH 08, 2017

Applies to:

Oracle Access Manager - Version 11.1.1.3.0 and later
Oracle Virtual Directory - Version 11.1.1.0 and later
Identity Manager - Version 11.1.1.3.0 and later
Information in this document applies to any platform.
***Checked for relevance on 14-May-2014***

Goal

A client, such as Oracle Access Manager (OAM) cluster or Oracle Identity Manager (OIM), configured with Oracle Virtual Directory (OVD) 11g (11.1.1.2 or higher).

When checking the connections established to the directory server port, the number of connections are more in the OVD server than the OAM server.  For example, with netstat commands, seeing only about twenty (20) OAM connections whereas the OVD server shows hundreds of connections as established.

It seems that, after the requests are complete, the OVD server does not close the connections.  If OVD server is not restarted, it crashes.  To temporarily prevent these crashes, when the connections are above 400, OVD is being automatically restarted.

Tried to enable quotas to limit the connections, i.e., set 'maximum length of time (in minutes) that a client connection can remain inactive before Oracle Virtual Directory closes the connection' in the OVD server properties, to a value greater than 'Max. Session Time (Min.)' in OAM configuration, as per following documentation:

Oracle® Fusion Middleware Administrator's Guide for Oracle Virtual Directory 11g Release 1 (11.1.1)
Chapter/Topic 9.1 Configuring Oracle Virtual Directory Server Properties Using Fusion Middleware Control

However, this did not work.

Tried providing a value, say 200, for Max Connections under ODSM > Advanced tab > Server Settings > Quotas > Activity Limits (Enforce Quotas), and the connection number stays at 200 and does not increase, but unsure how this affects the applications or new connections after the max. limit is reached.

What are the recommendation for this scenario to restrict these connections to OVD?

Solution

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms