httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Phil Endecott <spam_from_apache_...@chezphil.org>
Subject mod_auth[nz]_dbd password caching
Date Sat, 03 Dec 2005 11:39:59 GMT
Dear All,

First of all, congratulation on the release of 2.2.

I use mod_auth_pgsql at http://anyterm.org/my.html, and found a problem 
earlier in the year.  To get reasonable performance you need to use the 
module's caching mechanism, but this cache is not flushed or updated 
when the database changes.  So things don't work properly when the user 
changes their password.

I started to think about fixing it myself but quickly realised that both 
the database and authentication frameworks were changing in 2.1+ and 
decided to wait before doing anything.  I now see that 2.2 has 
mod_auth[nz]_dbd - great!

However, as far as I can see from 
http://httpd.apache.org/docs/2.2/mod/mod_authn_dbd.html and the source, 
this new module doesn't do any caching.  Is this true?  To get the sort 
of performance that I need for my site I really need in-memory caching 
of passwords, but I also need to solve mod_auth_pgsql's non-updating 
problem.  The solution to this is to use PostgreSQL's asynchronous 
notification mechanism: the module issues a "LISTEN" command and is then 
notified when the password table changes.  I don't know if the APR DB 
interface has any support for this (it doesn't seem to be documented at 
all at http://apr.apache.org/docs/apr-util/modules.html); even if it 
does, it is not portable to other databases.

Has anyone looked at this?  If no-one is working on this and you think 
it would be a useful feature to add, I may be able to write something 
with a bit of help.

Cheers,

--Phil.





Mime
View raw message