[
https://issues.apache.org/jira/browse/QPID-7198?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15391963#comment-15391963
]
ASF subversion and git services commented on QPID-7198:
-------------------------------------------------------
Commit 1754010 from [~lorenz.quack] in branch 'java/trunk'
[ https://svn.apache.org/r1754010 ]
QPID-7198: [Java Broker] Make LDAP and OAUTH2 Authentication Providers cache
authentication results for a configurable time period
> LDAP and OAUTH2 Authentication Providers should cache authentication results
> for a short period
> -----------------------------------------------------------------------------------------------
>
> Key: QPID-7198
> URL: https://issues.apache.org/jira/browse/QPID-7198
> Project: Qpid
> Issue Type: Improvement
> Components: Java Broker
> Reporter: Keith Wall
> Assignee: Lorenz Quack
> Fix For: qpid-java-6.1
>
> Attachments:
> 0001-QPID-7198-Java-Broker-WIP-Make-LDAP-and-OAUTH2-Authe.patch
>
>
> The OAUTH2 and LDAP authentication providers should be changed to cache
> authentication results for a short (configurable) period. If the same
> authentication provider receives the same credentials again (i.e. matching
> username and password in the case of LDAP), it should reuse the cached
> authentication result. The cached authentication result should expire
> automatically. Negative authentication results should be cached too.
> This will serve to reduce load on authentication backends (such as
> Directories). It will be especially useful when the REST API to used for
> programmatically monitoring the Broker which otherwise may create an
> excessive load on the backend.
> The authentication provider must not retain the user passwords in clear. The
> size of the cache should be constrained.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
