On 5/17/11 11:54 PM, Manoj Khangaonkar wrote:
Hi ,
Hi,
I am evaluating LDAP in general (Apache DS as possible LDAP) for use
as a user repository to be used for authentication /authorization for
a large scale web application.
The choice is RDBMS vs LDAP vs NoSQL.
It's not really a choice. LDAP is the only pristine solution when it
comes to manage authentication and authorization. Using a RDBMS or a
NoSQL system implies you build a authn/authz solution on top of it (I'm
not talking about LDAP over a RDBMS)
I am well aware that LDAP is used by large enterprises. These
enterprises have typically thousands of users.
Hundred of thousands, and I have seen big telco companies using LDAP for
more than 70 000 000 users...
But have not seen it referenced in large scale web application
architectures - such as those at google , facebook, linkedin which
deal
with millions of users. ( They might be using ldap but I have not seen
anything on the web that says they do)
Probably because they don't necessarily want to expose such a sensitive
part of their IT, but most certainly because they need a highly
replicated system.
Can LDAP in general and Apache DS in particular scale to millions of
users ?
Base line, yes. Dealing with millions of users is not really an issue.
What is important here is not the number of users, but much more the
operation per second you want to process on the LDAP server. On a
laptop, OpenLDAP currently deal with up to 10 000 authentication *per
second*, and with ApacheDS, last time I conducted a test (last year), it
was around 4 500 authentication per second.
Are there any blogs/articles on web that talk of LDAP use in
architectures of very large scale.
Not that I know of. But the next LDAP conference (in Germany,
http://www.daasi.de/ldapcon2011/) might see some talks about such a thing.
Hope it helps.
thanks
--
Regards,
Cordialement,
Emmanuel Lécharny
www.iktek.com
