URL: https://github.com/SSSD/sssd/pull/259 Title: #259: RESPONDER: Also populate cr_domains when initializing the responders
sumit-bose commented: """ I think it should not only be called unconditionally. It should be called after startup before any request is processed to be sure we have valid data. Additionally it should be called whenever there is a domain name we do not know but not to often to avoid DOS-attacks, that's what GET_DOMAINS_DEFAULT_TIMEOUT is for. This is needed to make sure that e.g. freshly added trusts are discovered timely. Finally it can be called once in an hour to make sure requests without a domain name as input like enumerations will see and updated the list of domains if needed as well. """ See the full comment at https://github.com/SSSD/sssd/pull/259#issuecomment-299152676
_______________________________________________ sssd-devel mailing list -- [email protected] To unsubscribe send an email to [email protected]
