场景 - 当用户尝试通过门户登录时,将调用服务以通过 LDAP 对用户进行身份验证。即使增加了 ulimit 值,我们也可能会频繁地打开文件。
[5/12/20 3:52:18:258 EDT] 00000175 LdapConnectio I com.ibm.ws.wim.adapter.ldap.LdapConnection DirContext reCreateDirContext(String errorMessage) CWWIM456
4I The user registry is now connected to 'ldaps://<ldap server:port>' LDAP Server.
[5/12/20 3:52:18:262 EDT] 00000175 exception E com.ibm.ws.wim.adapter.ldap.LdapConnection DirContext reCreateDirContext(String errorMessage) CWWIM452
0E The 'javax.naming.CommunicationException: <ldap server:port> [Root exception is java.net.SocketException: Too many open files]' naming exc
eption occurred during processing.
[5/12/20 3:52:18:262 EDT] 00000175 exception **E com.ibm.ws.wim.adapter.ldap.LdapConnection DirContext reCreateDirContext(String errorMessage)
com.ibm.websphere.wim.exception.WIMSystemException: CWWIM4520E The 'javax.naming.CommunicationException: <ldap server:port> [Root exception is java.net.SocketException: Too many open files]' naming exception occurred during processing.**
at com.ibm.ws.wim.adapter.ldap.LdapConnection.reCreateDirContext(LdapConnection.java:931)
at com.ibm.ws.wim.adapter.ldap.LdapConnection.search(LdapConnection.java:3211)
at com.ibm.ws.wim.adapter.ldap.LdapConnection.checkSearchCache(LdapConnection.java:3091)
at com.ibm.ws.wim.adapter.ldap.LdapConnection.search(LdapConnection.java:3281)
at com.ibm.ws.wim.adapter.ldap.LdapConnection.searchEntities(LdapConnection.java:3502)
at com.ibm.ws.wim.adapter.ldap.LdapAdapter.search(LdapAdapter.java:3436)
at com.ibm.ws.wim.ProfileManager.searchRepository(ProfileManager.java:5297)
at com.ibm.ws.wim.ProfileManager.searchImpl(ProfileManager.java:1211)
at com.ibm.ws.wim.ProfileManager.genericProfileManagerMethod(ProfileManager.java:356)
at com.ibm.ws.wim.ProfileManager.search(ProfileManager.java:448)
at com.ibm.websphere.wim.ServiceProvider.search(ServiceProvider.java:545)
at com.ibm.ws.wim.registry.util.UniqueIdBridge.getUniqueUserId(UniqueIdBridge.java:245)
at com.ibm.ws.wim.registry.WIMUserRegistry$6.run(WIMUserRegistry.java:729)
at com.ibm.ws.security.auth.ContextManagerImpl.runAs(ContextManagerImpl.java:5477)
at com.ibm.ws.security.auth.ContextManagerImpl.runAsSystem(ContextManagerImpl.java:5603)
at com.ibm.ws.wim.security.authz.jacc.JACCSecurityManager.runAsSuperUser(JACCSecurityManager.java:438)
at com.ibm.ws.wim.env.was.JACCAuthorizationService.runAsSuperUser(JACCAuthorizationService.java:1086)
at com.ibm.ws.wim.security.authz.ProfileSecurityManager.runAsSuperUser(ProfileSecurityManager.java:285)
at com.ibm.ws.wim.registry.WIMUserRegistry.getUniqueUserId(WIMUserRegistry.java:714)
at com.ibm.ws.security.registry.UserRegistryImpl.createCredentialInternal(UserRegistryImpl.java:922)
at com.ibm.ws.security.registry.UserRegistryImpl.createCredential(UserRegistryImpl.java:833)
at com.ibm.ws.security.ltpa.LTPAServerObject.validate(LTPAServerObject.java:1615)
at com.ibm.ws.security.server.lm.ltpaLoginModule.login(ltpaLoginModule.java:881)
ulimit -a
time(seconds) unlimited
file(blocks) unlimited
data(kbytes) 131072
stack(kbytes) 131072
memory(kbytes) 131072
coredump(blocks) 2097151
nofiles(descriptors) 65536
threads(per process) unlimited
processes(per user) unlimited
最佳答案
您是否为 LDAP 注册表启用了上下文池?这将维护一个上下文池,以供在进行 LDAP 调用时使用。它可能会减少所需的文件句柄数量。
您可能还想检查是什么消耗了所有文件句柄。您可以使用“lsof”查看打开文件的列表。
关于java - WebSphere 身份验证问题——也可能打开文件,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/61753821/