By default, secure sockets layer (SSL) connections to lightweight
directory access protocol (LDAP) servers are not pooled in the application
server Java™ Virtual Machine
(JVM). Non-pooled SSL connections can adversely affect the speed of
a Workplace logon
when Content Platform Engine is
configured for SSL.
To improve the speed of a Workplace logon
when Content Platform Engine uses
SSL, configure LDAP connection pooling on the application server by
adding the following system properties to the JAVA_OPTS variable:
-Dcom.sun.jndi.ldap.connect.pool.timeout=300000
"-Dcom.sun.jndi.ldap.connect.pool.protocol=plain ssl"
(UNIX only) Use escape characters
for quotation marks and put the JAVA_OPTS variable
in quotation marks when starting Java.
(For bash shell, you can use backslash (\) to escape quotation marks.)
(WebSphere® only) If you
have a WebSphere cluster environment,
you must implement this configuration on all JVMs that host Content Platform Engine.
Important: - The connection pool timeout has to be less than the directory
server idle connection timeout.
- If the load balancer is used to load balance directory servers
then the JNDI connection pool timeout must be less than the load balancer
idle connection timeout
- The specified timeout value is only a sample starting point. To
ensure optimal performance, review the JVM JNDI connection pooling
specification and monitor both test and production environments. Adjust
the configuration accordingly.
- If the pool maxsize parameter is not set,
then the pool size is dynamically managed by the JVM pool manager.
An idle connection is used before new connections are created. Connections
are closed when the idle time expires.
- If the pool maxsize parameter is set, the
value must withstand the peak workload from FileNet® P8 components without (or
with few) pending requests, Otherwise, FileNet P8 components can encounter
failures including but not limited to the application server JVM stopping.