Re: [Dev] Identity Server performs slowly with 5000+ accounts
Hi! I'm attaching user-mgt.xml. We're using IS 4.0.0 with the builtin LDAP. We are using the standard claims + few custom claims mapped to LDAP properties. I have observed that if i switch from LDAP store to JDBC store the performance is great - 300msec per new user when i already have 5000 existing users. But using LDAP is slow. On Fri, Jul 5, 2013 at 5:26 AM, Prabath Siriwardena prab...@wso2.comwrote: Also - what is the version of IS ? Thanks regards, -Prabath On Fri, Jul 5, 2013 at 7:54 AM, Prabath Siriwardena prab...@wso2.comwrote: Can you please share your user-mgt.xml and the LDAP structure? Thanks regards, -Prabath On Wed, Jul 3, 2013 at 6:40 PM, Adrian Mitev adrian.mi...@gmail.comwrote: Hi Asela! Thank you for your answer. My current configuration contains this property as specified in the documentation [1]. However the issue occurs even with this setting. 1 - http://docs.wso2.org/wiki/display/IS400/Default+LDAP+User+Store+Configuration On Wed, Jul 3, 2013 at 11:25 AM, Asela Pathberiya as...@wso2.comwrote: Hi Adrian, If you have not optimized the configuration, There may be some slowness when number of users are increased. To optimized LDAP authentication, you need to use UserDNPattern property such as following This properly must be match with your search base and this can be used with with both flat and hierarchical user search bases. Property name=UserDNPatternuid={0},ou=Users,dc=wso2,dc=org/Property Thanks, Asela. On Wed, Jul 3, 2013 at 12:44 PM, Adrian Mitev adrian.mi...@gmail.comwrote: Hi all! I'm not sure if this is the right place to ask! I'm using WSO2 Identity Server with it's bundled LDAP. I have a requirement to store 5000+ accounts. I created a test script that adds many accounts using the remote web services (RemoteUserStoreManagerService) through the Java apis. However as the users amount begin to grow, the operations get slower. Is this a known issue? Could you suggest me an optimization strategy? ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev -- Thanks Regards, Asela Mobile : +94 777 625 933 ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev -- Thanks Regards, Prabath Mobile : +94 71 809 6732 http://blog.facilelogin.com http://RampartFAQ.com -- Thanks Regards, Prabath Mobile : +94 71 809 6732 http://blog.facilelogin.com http://RampartFAQ.com !-- ~ Copyright WSO2, Inc. (http://wso2.com) ~ ~ Licensed under the Apache License, Version 2.0 (the License); ~ you may not use this file except in compliance with the License. ~ You may obtain a copy of the License at ~ ~ http://www.apache.org/licenses/LICENSE-2.0 ~ ~ Unless required by applicable law or agreed to in writing, software ~ distributed under the License is distributed on an AS IS BASIS, ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ~ See the License for the specific language governing permissions and ~ limitations under the License. -- UserManager Realm Configuration AdminRoleadmin/AdminRole AdminUser UserNameadmin/UserName Passwordadmin/Password /AdminUser EveryOneRoleNameeveryone/EveryOneRoleName !-- By default users in this role sees the registry root -- Property name=dataSourcejdbc/WSO2CarbonDB/Property Property name=MultiTenantRealmConfigBuilderorg.wso2.carbon.user.core.config.multitenancy.CommonLDAPRealmConfigBuilder/Property /Configuration !-- Following user manager is used by Identity Server (IS) as its default user manager. IS will do token replacement when building the product. Therefore do not change the syntax. If kdcEnabled parameter is true, IS will allow service principle management. Thus ServicePasswordJavaRegEx, ServiceNameJavaRegEx properties control the service name format and service password formats. In case if user core cache domain is needed to identify uniquely set property Property name=UserCoreCacheIdentifierdomain/Property -- UserStoreManager class=org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager Property name=defaultRealmNameWSO2.ORG/Property Property name=kdcEnabledfalse/Property Property name=ConnectionURLldap://localhost:${Ports.EmbeddedLDAP.LDAPServerPort}/Property Property name=ConnectionNameuid=admin,ou=system/Property Property name=ConnectionPasswordadmin/Property Property name=passwordHashMethodSHA/Property Property name=UserNameListFilter(objectClass=person)/Property Property name=UserEntryObjectClassscimPerson/Property Property
Re: [Dev] Identity Server performs slowly with 5000+ accounts
Can you please share your user-mgt.xml and the LDAP structure? Thanks regards, -Prabath On Wed, Jul 3, 2013 at 6:40 PM, Adrian Mitev adrian.mi...@gmail.com wrote: Hi Asela! Thank you for your answer. My current configuration contains this property as specified in the documentation [1]. However the issue occurs even with this setting. 1 - http://docs.wso2.org/wiki/display/IS400/Default+LDAP+User+Store+Configuration On Wed, Jul 3, 2013 at 11:25 AM, Asela Pathberiya as...@wso2.com wrote: Hi Adrian, If you have not optimized the configuration, There may be some slowness when number of users are increased. To optimized LDAP authentication, you need to use UserDNPattern property such as following This properly must be match with your search base and this can be used with with both flat and hierarchical user search bases. Property name=UserDNPatternuid={0},ou=Users,dc=wso2,dc=org/Property Thanks, Asela. On Wed, Jul 3, 2013 at 12:44 PM, Adrian Mitev adrian.mi...@gmail.comwrote: Hi all! I'm not sure if this is the right place to ask! I'm using WSO2 Identity Server with it's bundled LDAP. I have a requirement to store 5000+ accounts. I created a test script that adds many accounts using the remote web services (RemoteUserStoreManagerService) through the Java apis. However as the users amount begin to grow, the operations get slower. Is this a known issue? Could you suggest me an optimization strategy? ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev -- Thanks Regards, Asela Mobile : +94 777 625 933 ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev -- Thanks Regards, Prabath Mobile : +94 71 809 6732 http://blog.facilelogin.com http://RampartFAQ.com ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
Re: [Dev] Identity Server performs slowly with 5000+ accounts
Also - what is the version of IS ? Thanks regards, -Prabath On Fri, Jul 5, 2013 at 7:54 AM, Prabath Siriwardena prab...@wso2.comwrote: Can you please share your user-mgt.xml and the LDAP structure? Thanks regards, -Prabath On Wed, Jul 3, 2013 at 6:40 PM, Adrian Mitev adrian.mi...@gmail.comwrote: Hi Asela! Thank you for your answer. My current configuration contains this property as specified in the documentation [1]. However the issue occurs even with this setting. 1 - http://docs.wso2.org/wiki/display/IS400/Default+LDAP+User+Store+Configuration On Wed, Jul 3, 2013 at 11:25 AM, Asela Pathberiya as...@wso2.com wrote: Hi Adrian, If you have not optimized the configuration, There may be some slowness when number of users are increased. To optimized LDAP authentication, you need to use UserDNPattern property such as following This properly must be match with your search base and this can be used with with both flat and hierarchical user search bases. Property name=UserDNPatternuid={0},ou=Users,dc=wso2,dc=org/Property Thanks, Asela. On Wed, Jul 3, 2013 at 12:44 PM, Adrian Mitev adrian.mi...@gmail.comwrote: Hi all! I'm not sure if this is the right place to ask! I'm using WSO2 Identity Server with it's bundled LDAP. I have a requirement to store 5000+ accounts. I created a test script that adds many accounts using the remote web services (RemoteUserStoreManagerService) through the Java apis. However as the users amount begin to grow, the operations get slower. Is this a known issue? Could you suggest me an optimization strategy? ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev -- Thanks Regards, Asela Mobile : +94 777 625 933 ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev -- Thanks Regards, Prabath Mobile : +94 71 809 6732 http://blog.facilelogin.com http://RampartFAQ.com -- Thanks Regards, Prabath Mobile : +94 71 809 6732 http://blog.facilelogin.com http://RampartFAQ.com ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
[Dev] Identity Server performs slowly with 5000+ accounts
Hi all! I'm not sure if this is the right place to ask! I'm using WSO2 Identity Server with it's bundled LDAP. I have a requirement to store 5000+ accounts. I created a test script that adds many accounts using the remote web services (RemoteUserStoreManagerService) through the Java apis. However as the users amount begin to grow, the operations get slower. Is this a known issue? Could you suggest me an optimization strategy? ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
Re: [Dev] Identity Server performs slowly with 5000+ accounts
Hi Adrian, If you have not optimized the configuration, There may be some slowness when number of users are increased. To optimized LDAP authentication, you need to use UserDNPattern property such as following This properly must be match with your search base and this can be used with with both flat and hierarchical user search bases. Property name=UserDNPatternuid={0},ou=Users,dc=wso2,dc=org/Property Thanks, Asela. On Wed, Jul 3, 2013 at 12:44 PM, Adrian Mitev adrian.mi...@gmail.comwrote: Hi all! I'm not sure if this is the right place to ask! I'm using WSO2 Identity Server with it's bundled LDAP. I have a requirement to store 5000+ accounts. I created a test script that adds many accounts using the remote web services (RemoteUserStoreManagerService) through the Java apis. However as the users amount begin to grow, the operations get slower. Is this a known issue? Could you suggest me an optimization strategy? ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev -- Thanks Regards, Asela Mobile : +94 777 625 933 ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev