archiva-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Olivier Lamy <ol...@apache.org>
Subject Re: Archiva issue with LDAP (MRM-1488)
Date Wed, 24 Aug 2011 07:03:33 GMT
+1.
Nice improvement !


2011/8/24 Deng Ching <oching@apache.org>:
> Hi,
>
> Jev and I are currently working on MRM-1488 (Using Archiva as proxy for
> downloading artifacts is very slow when used with LDAP authentication). The
> problem we saw here was that for each artifact request, authentication
> happens which in turn results to a call to the LDAP server.
>
> To fix this, we're planning to use an in-memory cache for the LDAP
> credentials. For every authentication request made, Redback will:
>
> 1. look for the user in the cache
> 2. if user is found in the cache, compare credentials
>     - if it matches, return successful
>     - if it doesn't match, reject it
> 3. if user is not found in the cache
>     - retrieve user from LDAP server
>     - check provided credentials against the retrieved user
>     - if it matches, return successful and add retrieved user to the cache
>     - if it doesn't match, reject it
>
> We're planning to use EhCache for this so we can also set a TTL
> (time-to-live) for the cached objects. A password change done from the
> webapp would flush the user in the cache.
> Also, in the logs, we've noticed a number of calls to the LDAP server
> (search for users then authenticate) which may not be necessary so we'll
> also check if we can improve those.
>
> Any thoughts or comments?
>
> Thanks,
> Deng
>



-- 
Olivier Lamy
Talend : http://talend.com
http://twitter.com/olamy | http://linkedin.com/in/olamy

Mime
View raw message