Sun Java System Reference Configuration Series: Portal Service on Application Server Cluster

ProcedureTo Configure the Persistent Search Timeout for Access Manager

Access Manager uses Directory Server persistent searches to obtain asynchronous notifications of changes on the Directory Server. The persistent search mechanism provides an active channel through which information about changes that occur can be communicated back to Access Manager.

Each active, persistent search requires that an open TCP connection be maintained between Access Manager and Directory Server. If the persistent search connections are made through a load balancer (or firewall), then these connections are subject to being closed by the load balancer (or firewall). For some load balancers (and firewalls), the connection is not closed cleanly. As a result, the persistent searches are not automatically restarted, and change notifications are interrupted until a persistent search connection is re-established.

This interruption in persistent searches can be prevented by configuring the Access Manager idle timeout for persistent search to be shorter than the TCP idle timeout of the directory service load balancer (or firewall). Hence, persistent searches are restarted before the load balancer (or firewall) can time out.

  1. On am1, open the file in a text editor.

    The file is located at:


  2. Locate the persistent search timeout property:

    This property specifies the timeout value in minutes after which persistent searches will be restarted. A value of “0” (the default) indicates that the connection does not time out, so that searches will not be restarted.

  3. Set the persistent search timeout value as follows and save the change:

    where timeout-value is a value in minutes less than the load balancer's idle timeout value.

  4. Restart the Access Manager instance, am-inst-am1 on am1.

    # /opt/SUNWappserver/appserver/bin/asadmin stop-domain

    # /opt/SUNWappserver/appserver/bin/asadmin start-domain --user admin domain1

    When prompted, type the app-server-admin-password.

  5. Repeat Steps 1–4 on am2.

    Replace all occurrences of am1 with am2 in these steps.