Policy Server with Oracle DB User Store connections questions

book

Article ID: 221754

calendar_today

Updated On:

Products

SITEMINDER

Issue/Introduction

 

When running a Policy Server with a Oracle DB as User Store, one might
like to know :

  1. How does Policy server to Oracle DB works ? How the connection
     are managed ?
  
  2. How many connections can be made from PS to Oracle DB as user
     store ?

  3. Will there be any keepalive from Policy Server to Data Base to
     maintain the idle time ?

 

Resolution

 

At first glance, here the answers :

  1. Policy Server uses and/or makes a connection each time a thread
     request the ODBC Server (1)(2).

     The ODBC Driver offers also the possibility to use a connection pool
     a the driver level if required (3).
          
  2. It's limited to the capacity of the ODBC Server. Meanwhile, we
     recommend to set the Maximum Connection to be at least the double
     of the worker thread amount defined in the Policy Server as per
     this KD (4).
     
  3. At the Driver level, you can define the parameter KeepAlive as
     per the following KD (5).
     

The driver documentation offers a way to configure a pool with min and
max connections as reported in this KD (6).

 

Additional Information

 

(1)

     Policy Server ODBC connectiontimeout and loadbalancetimeout
     settings
     
       Configure ODBC Registry Settings for Timeout

         - "ConnectionTimeout"

         The maximum wait time on a connection. In cases where the query
         timeout or the log-in timeout apply, those values override the
         connection timeout.
     
        https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/siteminder/12-8/configuring/policy-server-configuration/configure-policy-server-data-storage-options/configure-odbc-data-store-options.html
  
     https://knowledge.broadcom.com/external/article?articleId=136252

(2)

     Policy Server Configuration Warning
  
       As each of the Policy Server's threads are capable of making a
       Session Store connection

     https://knowledge.broadcom.com/external/article?articleId=105828

(3)

 
          
     Policy Server ODBC driver connection pooling parameters meaning

       DataDirect connection pooling

       Connection pooling allows you to reuse connections rather than
       creating a new one every time the driver needs to establish a
       connection to the underlying database.
       
     https://knowledge.broadcom.com/external/article?articleId=98921

(4)

     Policy Server Configuration Warning

       The recommended value for the Maximum Session DB connections
       size should exceed the number of policy server worker threads
       by at least 2. (16, 32)

       [...]
       
       In the Policy Server Management Console, click on the Settings
       tab to confirm the Maximum Threads. Next click the Data tab and
       then switch to the Session Store in the Database drop-down list
       where Maximum Connections can be configured.
  
     https://knowledge.broadcom.com/external/article?articleId=105828

(5)

     Policy Server doesn't connect back to the first ODBC Session Store


       In order to avoid trailing connections to down ODBC instances, in
       system_odbc.ini, configure the following :

         - Set the KeepAlive parameter to 1 in order to 
           close any connection to a down server (3)(4)(5).

       https://knowledge.broadcom.com/external/article?articleId=130316

(6)
 

    Policy Server ODBC driver connection pooling parameters meaning
 
    (2)

      DataDirect connection pooling

 Connection pooling allows you to reuse connections rather than
 creating a new one every time the driver needs to establish a
 connection to the underlying database.

 To configure the driver to use connection pooling:

   Set the Connection Pooling (Pooling) option to 1.

   Set the Connection Reset (ConnectionReset) option to 1 or 0. Setting
   it to 1 resets the state of connections removed from the connection
  pool for reuse by an application to the initial configuration of the
   connection. Setting it to 0 does not reset the state of connections.

  Set the Load Balance Timeout (LoadBalanceTimeout) option to specify an
   integer value to specify the amount of time, in seconds, to keep
  connections open in a connection pool.

   Set the Max Pool Size (MaxPoolSize) option to specify an integer value
   to specify the maximum number of connections within a single pool.

   Set the Min Pool Size (MinPoolSize) option to an integer value to
   specify the minimum number of connections that are opened and placed
   in a connection pool when it is created.

  [...]

   Pooling=1
   ...
   ConnectionReset=0
   ...
   LoadBalanceTimeout=0
   ...
   MaxPoolSize=100
 ...
   MinPoolSize=0

  https://docs.progress.com/bundle/datadirect-google-bigquery-odbc-80/page/DataDirect-connection-pooling.html