You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@activemq.apache.org by "ASF GitHub Bot (Jira)" <ji...@apache.org> on 2021/08/19 20:41:00 UTC

[jira] [Work logged] (AMQ-6148) When use LDAP auth, Activemq should not always connect to ldap service to do authentication

     [ https://issues.apache.org/jira/browse/AMQ-6148?focusedWorklogId=640022&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-640022 ]

ASF GitHub Bot logged work on AMQ-6148:
---------------------------------------

                Author: ASF GitHub Bot
            Created on: 19/Aug/21 20:40
            Start Date: 19/Aug/21 20:40
    Worklog Time Spent: 10m 
      Work Description: Dm-Chebotarskyi opened a new pull request #699:
URL: https://github.com/apache/activemq/pull/699


   ### Description
   Re-using LDAP context for authentication. The context is created only once and re-used each time ActiveMQ server established connection with ActiveMQ clients.
   Refactoring some code in LDAPLoginModule.java
   This PR is based on fix introduced to Artemis: https://github.com/apache/activemq-artemis/commit/f3a8619d7eeabded75f3725f2e77af267e8cb450#diff-706fd9b54d2aed5a0ea5d28fa7c70f7ee733672f7e91d847137517e3b147d716
   
   ### Testing
   Manual test authentication using LDAP
   
   ### Issue
   https://issues.apache.org/jira/browse/AMQ-6148


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: gitbox-unsubscribe@activemq.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


Issue Time Tracking
-------------------

    Worklog Id:     (was: 640022)
    Time Spent: 40m  (was: 0.5h)

> When use LDAP auth, Activemq should not always connect to ldap service to do authentication
> -------------------------------------------------------------------------------------------
>
>                 Key: AMQ-6148
>                 URL: https://issues.apache.org/jira/browse/AMQ-6148
>             Project: ActiveMQ
>          Issue Type: Bug
>    Affects Versions: 5.11.1
>            Reporter: JIE CHEN
>            Priority: Critical
>          Time Spent: 40m
>  Remaining Estimate: 0h
>
> I am using LDAP service to do authentication for ActiveMQ, and I found everytime ActiveMQ servers try to establish a connection between ActiveMQ client, the ActiveMQ server will create a connection to LDAP server to do authentication. That's is not good, think about there are thousands of ActiveMQ clients are trying to connect to ActiveMQ servers, the ActiveMQ servers will need to create thousands of connections to LDAP servers. And moreover it is not reliable as well because the connection between LDAP servers and ActiveMQ servers could be broken sometimes. We need something similar as Cached LDAP Authorization Module. It is more reasonable that the ActiveMQ will cache the ldap account credential in local memory and refresh in certain interval.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)