APi Gateway response time for get an oAuth Token and other endpoints sometime takes 10-14 seconds.
search cancel

APi Gateway response time for get an oAuth Token and other endpoints sometime takes 10-14 seconds.

book

Article ID: 236374

calendar_today

Updated On:

Products

CA API Gateway

Issue/Introduction

Slow response from Gateway for the endpoints /auth/oauth/v2/token sometime takes more than 10 seconds to get a token. This causes the applications to timeout. 

OTK issue with intermittent slowness when clients request OTK Token 

Post client_id. client_secret, grant_type, and scope to gateway 

https://<gateway_hostname>:8443/auth/oauth/v2/token?

Environment

Release : 10.0

Component :

Cause

Configuration of JDBC connections to Oracle with thin driver as LDAP not optimized 

Resolution

The data shows connections going into time_wait., they are not being reused.

Need to modify JDBC additional properties as recommended in our on-line docs 

https://techdocs.broadcom.com/us/en/ca-enterprise-software/layer7-api-management/api-gateway/10-0/security-configuration-in-policy-manager/tasks-menu-security-options/manage-jdbc-connections/set-jdbc-connection-properties.html

Create the following properties one at a time by providing the Property Name, Property Value, and clicking the C3P0 Pooling checkbox:

  • maxIdleTime = 0
  • maxConnectionAge = 0
  • idleConnectionTestPeriod = 600

Also add entry: hibernate.dbcp.validationQuery  SELECT 1 FROM DUAL

ALSO based on the load change MIN connection to 40 connections, leave MAX at 100 

Additional Information

Review the setup - Configuration of JDBC connections to Oracle with thin driver as LDAP

Installed Oracle driver following our documentation then configured JDBC 

JDBC properties 

jdbc:oracle:thin:@ldap://oid.<oracle_hostname>:3060/cn=ORK_DB,cn=OracleContext,dc=<domain>,dc=com

Customer setup the additional properties contained EnabledCancelTimeout=true

Troubleshoot review netstats to Oracle 

IMPORTANT:   The JDBC properties using port 3060, this is mapped to OracleDB port 1526.  If you need to find the port by capture packets during the test connections  - in the responses from Oracle is the tnsname info with port 1526:

...........objectClass0...orclnetdescstring..0...2.16.840.1.113730.3.4.20.....d...Dcn=ORK_DB,cn=OracleContext,dc=domain,dc=com0..0....orclnetdescstring1.....(DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(Host=Oracle DB Hostname)(Port=1526))(CONNECT_DATA=(SERVICE_NAME=OracleDB_hostname)))0....e.

......0"...B...0...2.16.840.1.113730.3.4.2

#netstat -an | grep 1526

tcp        0      0 GW_IP:23462    OracleDB_IP:1526    TIME_WAIT   -                   
tcp        0      0 GW_IP:23464    OracleDB_IP:1526    TIME_WAIT   -                   
tcp        0      0 GW_IP:23742    OracleDB_IP:1526    ESTABLISHED 12642/java          
tcp        0      0 GW_IP:23480    OracleDB_IP:1526    TIME_WAIT   -                   
tcp        0      0 GW_IP:23726    OracleDB_IP:1526    ESTABLISHED 12642/java          
tcp        0      0 GW_IP:23364    OracleDB_IP:1526    TIME_WAIT   -     

 

The data shows connections going into time_wait., they are not being reused.

 

 

Powered by Wolken Software