API Gateway: Ldap search via policy manager timeout
book
Article ID: 115334
calendar_today
Updated On:
Products
STARTER PACK-7CA Rapid App SecurityCA API Gateway
Issue/Introduction
The CA API Gateway is facing slow LDAP authentication even when the ldap read timeouts are set to high value. The Ldapsearch without gateway works fast.The issue is also seen when logging into policy manager using ldap credentials.
The ldap search for users , groups or any particular user/group showed "Awaiting response from Gateway" and logging into policy manager showed "Connection to Gateway has been broken"
Environment
CA API Gateway 10.0 Cluster of 2 however issue is seen in only one node.
Cause
The issue has been identified to be ldap referrals were turned on in ldap configuration.
Resolution
The ldap referrals can be turned off using ldap.referral=ignore in cluster wide properties in CA API Gateway.