[
https://issues.apache.org/jira/browse/AMQ-6148?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15122828#comment-15122828
]
Justin Bertram commented on AMQ-6148:
-------------------------------------
For what it's worth, [Apache ActiveMQ
Artemis|http://activemq.apache.org/artemis/] (a sub-project of Apache ActiveMQ)
employs a caching mechanism so that whatever login module is being used isn't
called *every* time an authentication is performed. It's controlled by a
simple time-out. You can see the details in
[org.apache.activemq.artemis.core.security.impl.SecurityStoreImpl|https://github.com/apache/activemq-artemis/blob/master/artemis-server/src/main/java/org/apache/activemq/artemis/core/security/impl/SecurityStoreImpl.java]
> When use LDAP auth, Activemq should not always connect to ldap service to do
> authentication
> -------------------------------------------------------------------------------------------
>
> Key: AMQ-6148
> URL: https://issues.apache.org/jira/browse/AMQ-6148
> Project: ActiveMQ
> Issue Type: Bug
> Affects Versions: 5.11.1
> Reporter: JIE CHEN
> Priority: Critical
>
> I am using LDAP service to do authentication for ActiveMQ, and I found
> everytime ActiveMQ servers try to establish a connection between ActiveMQ
> client, the ActiveMQ server will create a connection to LDAP server to do
> authentication. That's is not good, think about there are thousands of
> ActiveMQ clients are trying to connect to ActiveMQ servers, the ActiveMQ
> servers will need to create thousands of connections to LDAP servers. And
> moreover it is not reliable as well because the connection between LDAP
> servers and ActiveMQ servers could be broken sometimes. We need something
> similar as Cached LDAP Authorization Module. It is more reasonable that the
> ActiveMQ will cache the ldap account credential in local memory and refresh
> in certain interval.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
