Hi all, Problem: Asset listing page loading in anonymous view takes considerably lots of time, If there are many assets in the system, but there are only few or no public assets(public assets count < search limit). Loading time will increase with the total assets count.
Reason: In registry search implementation, we are iterating search results(total assets) till we get the authorized assets list(list of assets which are authorized to view for the user) count to certain limit(This limit is varying with the user case, can be defined in query time). but if the logged in user (or anonymous user in public view) doesn't have enough assets(authorized assets < defined limit) to view, we have to iterate all the assets and check the authorization to get the final asset count for that user. e.g: Lets say we have 1000 total assets in the system. In our search query, we have set the limit to get 10 assets. In our search impl, we are iterating through assets(1000) and checking authorization for each asset till we get the authorized list count equals to our limit(10). Once we get the required asset count, we stop checking and return the asset list. If a user authorize only to view 05 assets in the system (user doesn't have enough assets to view), we have to iterate through all assets(1000) to the final count as 05. This authorization check is an expensive operation. Since we need to get this information from external user store(database, ldap etc). Sometime this call takes couple of seconds and it depends network latency etc. So if there are lots of assets, System takes lots of time to load asset listing page. Currently we don't have a solution for this issue. According to the solr, one way is to bind the access control list(user roles list) with the document in indexed data and pass user role id with the search query. Please refer [1][2]. But this will not work for us, since we are managing permission for each role separately. Your suggestions on this please. We need to come up better solution to fix this issue. 1. http://www.slideshare.net/lucenerevolution/pdf-lucene-solrrevdocumentlevelsecurityrajanimaskifinal 2. https://lucidworks.com/blog/2015/05/15/custom-security-filtering-solr-5/ Thanks -- Danesh Kuruppu Software Engineer WSO2 Inc, Mobile: +94 (77) 1690552
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
