[
https://issues.apache.org/jira/browse/FTPSERVER-391?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12931719#action_12931719
]
Emmanuel Lecharny commented on FTPSERVER-391:
---------------------------------------------
Just to give you some information about the performances you'll get on a decent
LDAP server :
you'll be able to proceed roughly 10 000 authentications *per second* on a LDAP
server running on a Laptop, way more on a multi-core server.
It's very unlikely that the thousands users per minute you'll get on your
FtpServer will ever notice the performance gain you'll get with a password
cache.
They most certainly be pissed off if their password is exposed because it
resides in memory on a machine exposed to the external world... :)
Really, caching passwords is a *bad* idea. Cache the users DNs, it's already a
good improvement, for a very minimal price.
> LDAP support
> ------------
>
> Key: FTPSERVER-391
> URL: https://issues.apache.org/jira/browse/FTPSERVER-391
> Project: FtpServer
> Issue Type: New Feature
> Components: Core
> Reporter: Andrey Domas
> Fix For: 1.1.0
>
> Attachments: mina-1.1.0-ldap.patch
>
>
> Patch with cached LDAP support.
> Features:
> * Authentication and authorization from LDAP(JNDI client implementation).
> * Cache for the search results in a directory for authentication (password
> is cached in the successful bindu).
> Cache options:
> - ttl - time to live of the object in the cache (seconds)
> - size - max. cache size(number of the objects)
> - check-interval - interval of the periodic cleaning job(search and
> remove expired objects, seconds)
> * User preferences received from LDAP attributes:
> username
> home directory
> enabled - if present then the user has the login permission)
> write permission - if present then the user has the write permission
> under home directory
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
