LDAP security realm needs to have configurable timeouts.
The default LDAP connection timeout appears to be 2 minutes. If the ldap server is down, it could take 2 minutes for the connection to timeout. This can cause unneeded delay if you have configured multiple ldap servers for failover / redundancy.
The following hack appears to work:
@@ -132,6 +132,7 @@ public class LdapConnectionManagerService implements Service<LdapConnectionManag
String url = config.require(URL).asString();
+ result.put("com.sun.jndi.ldap.connect.timeout", "500");