You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by Scott Lamb <sl...@slamb.org> on 2002/07/11 02:04:23 UTC
httpd-ldap maintained?
Is httpd-ldap being maintained? Is this the appropriate list to ask
about it?
With the worker MPM, it seems to work - ldap_status doesn't ever show
anything being cached, but mod_auth_ldap authenticates correctly.
With the prefork MPM (I had unrelated problems with worker), it's going
horribly wrong. Still ldap_status doesn't show anything being cached.
Connections accumulate until OpenLDAP runs out of filehandles and bad
things happen.
Is this a known problem? Any workaround?
Thanks,
Scott Lamb
Re: httpd-ldap maintained?
Posted by Scott Lamb <sl...@slamb.org>.
Graham Leggett wrote:
> Ok... worker is threaded? (I don't know my MPM's, been focusing on the
> other modules).
Yes, worker is threaded. But I was wrong - it has the same problem as
with prefork. I think I was not as brutal the first time I tested with
worker; see below.
>> Connections accumulate until OpenLDAP runs out of filehandles and bad
>> things happen.
>
> Hmmm... I haven't encountered this behaviour before, I would have
> thought that threaded environments would have caused more problems as
> the codebase came from the fork v1.3 server.
There's one thing that made it fail very dramatically: mod_autoindex and
large directories. I aliased in /usr/share/doc on my RedHat system and
password-protected it. When viewing that URL, the number of LDAP
connections shoots up dramatically. A few views and OpenLDAP runs out of
file handles. (Is it authenticating against each entry? why?)
My workaround was to set LDAPCacheEntries and LDAPOpCacheEntries to -1.
I probably won't have enough people authenticating against it to require
the cache for performance.
> Overhauling the code is on my lists of things to do once my other
> projects have settled down, so no, httpd-ldap has not been forgotten.
Cool, good to know.
> Regards,
> Graham
Thanks,
Scott
Re: httpd-ldap maintained?
Posted by Graham Leggett <mi...@sharp.fm>.
Scott Lamb wrote:
> Is httpd-ldap being maintained? Is this the appropriate list to ask
> about it?
It is being watched, if not actively maintained :) I have had tonnes of
work to do of late, so it's fallen behind...
> With the worker MPM, it seems to work - ldap_status doesn't ever show
> anything being cached, but mod_auth_ldap authenticates correctly.
Ok... worker is threaded? (I don't know my MPM's, been focusing on the
other modules).
> With the prefork MPM (I had unrelated problems with worker), it's going
> horribly wrong. Still ldap_status doesn't show anything being cached.
I think in the ldap_status case ldap_status might be broken, because on
the debug log there were lines there saying caching was taking place,
but we can look at that.
> Connections accumulate until OpenLDAP runs out of filehandles and bad
> things happen.
Hmmm... I haven't encountered this behaviour before, I would have
thought that threaded environments would have caused more problems as
the codebase came from the fork v1.3 server.
Overhauling the code is on my lists of things to do once my other
projects have settled down, so no, httpd-ldap has not been forgotten.
Regards,
Graham
--
-----------------------------------------
minfrin@sharp.fm
"There's a moon
over Bourbon Street
tonight..."