ghost
commented
1 year ago Tagging subscribers to this area: @dotnet/area-system-directoryservices, @jay98014 See info in area-owners.md if you want to be subscribed.
Issue Details
### Description I'm using Negotiate authentication in ASP.NET Core app. The application runs in docker container in on-prem K8s. I also setup loading roles to ClaimPrincipal with EnableLdap settings method. Auth works fine and loading roles but after 15minutes of inactivity in the app I got exception from LdapConnection with "The LDAP server is unavailable.". After some debugging, I end with a small console app where I open a connection perform a search then wait 15 minutes and perform the search again. When I run this app on windows everything is OK but on WSL (Ubuntu 18.04 with libldap 2.4) first iteration is OK second fails. I tried to setup AutoReconnect = true in LdapConnection settings but with this connection is not able to Bind with error "The LDAP server is unavailable". Is it possible to have singleton instance of LdapConnection? Or is there a way how to setup auto reconect when app runs in Linux machine? Thank you ### Reproduction Steps - Create console app - Create LdapConnection - Bind the connection - perform search - wait 16 minutes - perform search again. - run app in Linux based machine (Ubuntu/Alpine) Or here is my [small repo](https://github.com/McMlok/LdapLinuxTimeOutTest) where I test it. ### Expected behavior LdapConnection can perform search after 15 minutes of inactivity ### Actual behavior I could not perform search after connection is inactive more than 15minutes. ### Regression? _No response_ ### Known Workarounds _No response_ ### Configuration Local dev setup - Windows 10 21H2 - dotnet 6.0.13 - System.DirectoryServices 7.0.1 - System.DirectoryServices.Protocols 7.0.0 WSL setup - Ubuntu 18.04 - dotnet 6.0.13 - System.DirectoryServices 7.0.1 - System.DirectoryServices.Protocols 7.0.0 K8s 1.24 setup - Alpine 3.13 - dotnet 6.0.13 - System.DirectoryServices 7.0.1 - System.DirectoryServices.Protocols 7.0.0 ### Other information Originally, I hit this issue in [Microsoft.AspNetCore.Authentication.Negotiate](https://github.com/dotnet/aspnetcore/tree/main/src/Security/Authentication/Negotiate) when I run my app on Linux box. But as I understand their code there is also only one LdapConnection instance for app and is reused for all search.
| Author: | McMlok |
|---|---|
| Assignees: | - |
| Labels: | `area-System.DirectoryServices`, `untriaged` |
| Milestone: | - |
steveharter
McMlok
corsiva
kgrodimov
chrbauer
SilvioSodre
Description
I'm using Negotiate authentication in ASP.NET Core app. The application runs in docker container in on-prem K8s. I also setup loading roles to ClaimPrincipal with EnableLdap settings method. Auth works fine and loading roles but after 15minutes of inactivity in the app I got exception from LdapConnection with "The LDAP server is unavailable.". After some debugging, I end with a small console app where I open a connection perform a search then wait 15 minutes and perform the search again. When I run this app on windows everything is OK but on WSL (Ubuntu 18.04 with libldap 2.4) first iteration is OK second fails.
I tried to setup AutoReconnect = true in LdapConnection settings but with this connection is not able to Bind with error "The LDAP server is unavailable".
Is it possible to have singleton instance of LdapConnection? Or is there a way how to setup auto reconect when app runs in Linux machine?
Thank you
Reproduction Steps
Or here is my small repo where I test it.
Expected behavior
LdapConnection can perform search after 15 minutes of inactivity
Actual behavior
I could not perform search after connection is inactive more than 15minutes.
Regression?
No response
Known Workarounds
No response
Configuration
Local dev setup
WSL setup
K8s 1.24 setup
Other information
Originally, I hit this issue in Microsoft.AspNetCore.Authentication.Negotiate when I run my app on Linux box. But as I understand their code there is also only one LdapConnection instance for app and is reused for all search.