[ https://issues.apache.org/jira/browse/ARTEMIS-2886?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Justin Bertram updated ARTEMIS-2886: ------------------------------------ Description: Both authentication and authorization will hit the underlying security repository (e.g. files, LDAP, etc.). For example, creating a JMS connection and a consumer will result in 2 hits with the *same* authentication request. This can cause unwanted (and unnecessary) resource utilization, especially in the case of networked configuration like LDAP. There is a rudimentary cache for authorization, but it is cleared *totally* every 10 seconds by default (controlled via the {{security-invalidation-interval setting}}), and it must be populated initially which still results in duplicate auth requests. was: Both authentication and authorization will hit the underlying security repository (e.g. files, LDAP, etc.). For example, creating a JMS connection and a consumer will result in 2 hits with the *same* authentication request. This can cause unwanted (and unnecessary) resource utilization, especially in the case of networked configuration like LDAP. There is a rudimentary cache for authorization, but it is cleared *totally* every 10 seconds by default (controlled via the {{security-invalidation-interval setting}}), and it must be populated initially which still results in duplicate auth requests. > Optimize security auth > ---------------------- > > Key: ARTEMIS-2886 > URL: https://issues.apache.org/jira/browse/ARTEMIS-2886 > Project: ActiveMQ Artemis > Issue Type: Improvement > Reporter: Justin Bertram > Assignee: Justin Bertram > Priority: Major > > Both authentication and authorization will hit the underlying security > repository (e.g. files, LDAP, etc.). For example, creating a JMS connection > and a consumer will result in 2 hits with the *same* authentication request. > This can cause unwanted (and unnecessary) resource utilization, especially in > the case of networked configuration like LDAP. > There is a rudimentary cache for authorization, but it is cleared *totally* > every 10 seconds by default (controlled via the > {{security-invalidation-interval setting}}), and it must be populated > initially which still results in duplicate auth requests. -- This message was sent by Atlassian Jira (v8.3.4#803005)