Emilio,
Few thoughts:
o Is the call syntax you're using for ldap_read() correct? The online
manual page describes the second parameter as being the base dn,
you're passing the user's username. ( getenv("REMOTE_USER")). I'm
surprised that this code works.
o The comparisons you're making: Are they comparing similar LDAP searches.
There are issues that may not involve PHP at all that could be the cause
of you're performance issue. For example, you're search could find all
entries with a cn attribute at the base dn. This could potentially be
a large number of entries. Also, if you search for something and the
attributes you reference in your search filter are not indexed performance
will degrade linearly as you add more entries to your directory.
o Session Caching. At CommNav, we've had good success with this strategy.
We store quite a bit of information in the users session. It's not
uncommon for our user sessions to grow to above 100Kb, and I've seen
them as big as 300Kb. Retrieving data from the session (i.e. the
unserialize() function) is much less expensive then going to LDAP for
every hit to the web app.
Since these thoughts are not related to PHP, you can feel free to contact
me off-list to discuss further.
Andy
On Sat, Aug 18, 2001 at 05:07:26PM -0400, Emilio Panighetti wrote:
> I have OpenLDAP and PHP 4.0.4p1 on a RedHat 7.1 (plain distribution, didn't
> recompile anything, and I use MOD_LDAP to authenticate users to an intranet
> site. I want PHP pages to show the real username so I have this function I
> call when I want to know the username.
>
> the mod_ldap queries and ldap queries from a Perl CGI return very fast. On
> Perl I don't notice an performance issue (with less than a couple
> queries/second), but each query using PHP takes about two full seconds (or
> more). I did a workaround keeping the result on a session variable, but it's
> still slow every time I call this function.
> mod_ldap stores the user's dn on the REMOTE_USER environment variable.
>
> Here's the function. I don't know how to make it faster.
>
> Thanks,
> Emilio Panighetti
>
> <?php
> // Retrieves user's real name from LDAP
> function ldapcnsearch()
> {
> $s_ldapserver = "localhost";
> $s_ldapport = 389;
> $ds = ldap_connect( "ldap://".$s_ldapserver.":".$s_ldapport );
> ldap_set_option( $ds, LDAP_OPT_PROTOCOL_VERSION, 3);
> $qar[] = "cn";
> if ( $ds ) {
> $r = ldap_bind( $ds );
> $sr = ldap_read( $ds, getenv( "REMOTE_USER" ), "cn=*", $qar, 0, 1,
> 1 );
> $info = ldap_get_entries($ds, $sr);
> $s_RealName = $info[0]["cn"][0];
> ldap_close( $ds );
> return( $s_RealName );
> }
> }
> ?>
>
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> To contact the list administrators, e-mail: [EMAIL PROTECTED]
>
--
--------------------------------------------------
Andrew Libby
Director of Technology
CommNav, Inc
[EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
