Stuart Krivis wrote:
> This may be a place where it is more cost-effective to use one of the
> commercial LDAP servers. Solaris comes with a license for 200,000-user
> iPlanet Directory Server. With the number of auths/sec that you need, you
> will want a very high-performance auth mechanism.
>
We've found pwcheck+MySQL+InnoDB to be an extremely high-performance auth
mechanism. LDAP has a higher overhead because it is more complex--if you
just want a table of usernames a passwords for basic authentication InnoDB
is a great choice. If that's still not fast enough, you can generate CDB
file from your DB table when your userlist changes and just use that from
your pwcheck daemon, as long as your user list doesn't change too often. A
hybrid choice is to build a CDB file hourly, and if the CDB lookup fails,
fall through to the DB table.
