|Applies To||RSA Product Set: Adaptive Authentication (OnPrem)|
RSA Product/Service Type: Adaptive Authentication (OnPrem)
|Issue||Observing DB Connection time out and cannot open connection errors on WebSphere and aa_server.log, and degraded AA performance.|
|Cause||"Cannot open connection" & "ConnectionWaitTimeoutException" exceptions in aa_server.log & Web Sphere SystemOut.log.|
Along with "Connection not available while invoking method createOrWaitForConnection for resource jdbc/PassMarkDB" errors in the Web Sphere SystemOut.log
These errors could be caused due to low number of DB connections available in the pool.
It's recommended that the number of DB connections should at least be 30% or more of the max number of threads configured for web container.
Also, noticed below messages which suggest that the database connections in the pool are shared (default setting for Web Sphere):
"[9/23/16 11:00:46:384 EDT] 000000fb SharedPool I J2CA0086W: Shareable connection MCWrapper id c135915c
|Resolution||Increased the max number of connections set in the connection pool (from Web Sphere admin).|
And RSA recommends setting the DB connections as "unshareable", on Web Sphere.
Follow steps below to set the connections to "unshareable", by default Web Sphere setting the connections are set to "shareable".
Please refer the below link for more information:
You can change the DB connections from "shareable" to "unshareable", by setting the below value inside AdaptiveAuthentication/WEB-INF/web.xml file.
Recommend applying these settings for AA Admin application & all other back office applications installed on Web sphere (inside respective web.xml files)