Michael Bell wrote: [...]
If the following solution is not viable, let me know - I did not checked the AC code so I could be wrong ... :-D
The access control is no longer the biggest problem. The biggest problems today are the libraries and the module loading of OpenCA::DBI (initDBI). To be more exact - OpenCA::Configuration costs much more time then the XML-based configfiles. I will check the code tomorrow and if possible then I will move DBI.conf to DBI.xml (of course DB.conf too).
I was thinking about a solution to reduce to a minimum the performance in access control. As we currently use the CGI module when the script is run we could:
- check for the cookie, if it is present and correct, then the user is authenticated and the command is executed;
- otherwise we execute the AC to generate the new cookie for the session;
This should speed up the access control verification as we only run once per session - we initialize the AC object (and therefore access all the configurations) only if needed. This should guarantee a good security level while speeding things up a little bit.
There is only one problem. We already do this except of the channel verification :)
P.S. if I can fix the problem with the request generation then I update the snapshot.
Let me know so I will put it on the main download page.
The snapshot is ready. I'm only failing with scp.
Michael -- ------------------------------------------------------------------- Michael Bell Email: [EMAIL PROTECTED] ZE Computer- und Medienservice Tel.: +49 (0)30-2093 2482 (Computing Centre) Fax: +49 (0)30-2093 2704 Humboldt-University of Berlin Unter den Linden 6 10099 Berlin Email (private): [EMAIL PROTECTED] Germany http://www.openca.org
------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ OpenCA-Devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/openca-devel
