Matt Sergeant wrote:
On 11-Apr-06, at 2:56 AM, Elliot Foster wrote:
I would like to submit another plugin for your consideration. This
plugin is different from auth_ldap_bind in that it supports CRAM- MD5
authentication. The two plugins have different applications (mostly
due to different security requirements,) but I could put some effort
into merging the two plugins together if it is so desired.
Could you connect to the LDAP server just once (in register()) to save
the overhead of doing that for every email in persistent environments?
That would be a bit of work, but would be possible. There would have to
(obviously) be some sort of method to do a health check/reconnect for
the connection, but I suppose that would be done when a query over the
connection fails. In the case that the query fails, simply store a new
connection object over the old (hopefully invalid) one. There would be
additional complexity in the reaction of the LDAP server to a
long-running connection, as well. This would obviously not work if
there is any forking involved (feel free to correct me if I am wrong.)
What I had planned to do for the new code was to make the LDAP queries
asynchronous, but I could see why you would want to reuse the same
connection, to not have to tear down and build up on every query.
