+1. Nice improvement !
2011/8/24 Deng Ching <[email protected]>: > Hi, > > Jev and I are currently working on MRM-1488 (Using Archiva as proxy for > downloading artifacts is very slow when used with LDAP authentication). The > problem we saw here was that for each artifact request, authentication > happens which in turn results to a call to the LDAP server. > > To fix this, we're planning to use an in-memory cache for the LDAP > credentials. For every authentication request made, Redback will: > > 1. look for the user in the cache > 2. if user is found in the cache, compare credentials > - if it matches, return successful > - if it doesn't match, reject it > 3. if user is not found in the cache > - retrieve user from LDAP server > - check provided credentials against the retrieved user > - if it matches, return successful and add retrieved user to the cache > - if it doesn't match, reject it > > We're planning to use EhCache for this so we can also set a TTL > (time-to-live) for the cached objects. A password change done from the > webapp would flush the user in the cache. > Also, in the logs, we've noticed a number of calls to the LDAP server > (search for users then authenticate) which may not be necessary so we'll > also check if we can improve those. > > Any thoughts or comments? > > Thanks, > Deng > -- Olivier Lamy Talend : http://talend.com http://twitter.com/olamy | http://linkedin.com/in/olamy
