You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@knox.apache.org by "Larry McCay (JIRA)" <ji...@apache.org> on 2013/10/15 13:16:41 UTC
[jira] [Commented] (KNOX-185) Use Shiro AuthenticationInfo caching
to avoid repeated ldap bind
[ https://issues.apache.org/jira/browse/KNOX-185?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13795081#comment-13795081 ]
Larry McCay commented on KNOX-185:
----------------------------------
Are you describing this as something beyond the session based optimization
that is already being used to eliminate multiple binds?
As long as this detail stays within the Shiro provider then we should
leverage it as appropriate.
In the near-term, at least, we cannot have this leak into out into the rest
of the project.
It doesn't seem to me that there should be any reason to leak it but I just
want to make sure that that design requirement is noted.
> Use Shiro AuthenticationInfo caching to avoid repeated ldap bind
> ----------------------------------------------------------------
>
> Key: KNOX-185
> URL: https://issues.apache.org/jira/browse/KNOX-185
> Project: Apache Knox
> Issue Type: Improvement
> Components: Server
> Affects Versions: 0.4.0
> Reporter: Dilli Arumugam
> Assignee: Dilli Arumugam
> Fix For: 0.4.0
>
>
> We should leverage AuthenticationInfo caching of Shiro to cut repeated ldap binds for the same user in short time frame. Otherwise, the REST calls can tirgger too many ldap binds.
> We are using "ldap bind" here for simpilicity. This is applicable really for any auth store bind/lookup.
> it is possible we may be already getting this benefit.
> Would have to test, verify and fix as appropriate.
--
This message was sent by Atlassian JIRA
(v6.1#6144)