Are you describing this as something beyond the session based optimization that is already being used to eliminate multiple binds? As long as this detail stays within the Shiro provider then we should leverage it as appropriate.
In the near-term, at least, we cannot have this leak into out into the rest of the project. It doesn't seem to me that there should be any reason to leak it but I just want to make sure that that design requirement is noted. On Tue, Oct 15, 2013 at 2:18 AM, Dilli Arumugam (JIRA) <[email protected]>wrote: > Dilli Arumugam created KNOX-185: > ----------------------------------- > > Summary: Use Shiro AuthenticationInfo caching to avoid > repeated ldap bind > Key: KNOX-185 > URL: https://issues.apache.org/jira/browse/KNOX-185 > Project: Apache Knox > Issue Type: Improvement > Components: Server > Affects Versions: 0.4.0 > Reporter: Dilli Arumugam > Assignee: Dilli Arumugam > Fix For: 0.4.0 > > > We should leverage AuthenticationInfo caching of Shiro to cut repeated > ldap binds for the same user in short time frame. Otherwise, the REST > calls can tirgger too many ldap binds. > > We are using "ldap bind" here for simpilicity. This is applicable really > for any auth store bind/lookup. > > it is possible we may be already getting this benefit. > Would have to test, verify and fix as appropriate. > > > > -- > This message was sent by Atlassian JIRA > (v6.1#6144) >
