[PHP-DEV] slow ldap operation

Mon, 04 Mar 2002 03:31:26 -0800 

Hi,

i have the next code that puts all groups of an apllication from ldap into
an array with membership check of the current user:

function check_group($group, $uid, $ds)
 {
    global $LDAP_SERVER_ADDRESS;
 global $LDAP_SERVER_PORT;
 global $LDAP_BASE_DN;
 global $appnm;
 global $cfg;
 $authorization = 0;

 $res_id= ldap_search($ds, "$LDAP_BASE_DN", "cn=$group");
 $entry= ldap_get_entries($ds, $res_id);
 if ($entry)
  {
  $obj_dn = $entry[0]["dn"];
  if ($obj_dn["dn"]<>"")
   {
   foreach ($entry[0][uniquemember] as $show)
    {
    if ($show[0]=="c")
     {
     $ufn=ldap_dn2ufn($show);
     $exp=explode(",",$ufn);
     if(check_group("$exp[0]",$uid, $ds))
      {
      $authorization=1;
      }
     }
    else
     {
     if ($show==$uid)
      {
      $authorization = 1;
      }
     }
    }
   }
  }
 return $authorization;
 }




function authorizations()
 {
 global $LDAP_SERVER_ADDRESS;
 global $LDAP_SERVER_PORT;
 global $LDAP_BASE_DN;
 global $appnm;
 global $PHP_AUTH_USER;

 $uid_ds=ldap_connect("$LDAP_SERVER_ADDRESS", "$LDAP_SERVER_PORT");
 $uid_r = ldap_bind($uid_ds);
 $res_uid= ldap_search($uid_ds, "$LDAP_BASE_DN", "uid=$PHP_AUTH_USER");
 $uid_entry= ldap_get_entries($uid_ds, $res_uid);
 $uid=$uid_entry[0][dn];
 ldap_close($uid_ds);

 $ds=ldap_connect("$LDAP_SERVER_ADDRESS", "$LDAP_SERVER_PORT");
 $r = ldap_bind($ds);
 if ($r)
  {
  $res_id= ldap_search($ds, "$LDAP_BASE_DN", "ou=$appnm");
  $entry = ldap_get_entries($ds, $res_id);
  $app_dn = $entry[0]["dn"];
  $res = ldap_search($ds, "$app_dn", "objectclass=groupOfUniqueNames");
  $entry = ldap_get_entries($ds, $res);
  for($i=0; $i<$entry[count]; $i++)
   {
   $dn=$entry[$i]["dn"];
   $ufn=ldap_dn2ufn($dn);
   $grnm=explode(",",$ufn);

   $authorization[$grnm[0]]=check_group($grnm[0], $uid, $ds);
   }
  }
 ldap_close($ds);
 return $authorization;
 }

when running authorization() it searches for all groups in a sub tree
(location of the application authorization groups) put those groups into an
array and checks of the currnet user is member of this group(it is checked
recursive)

the script is very slow and often i get a timed out, there are approximately
30 groups in the sub-tree i'm using.



-- 
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to