> From: "Ben Reser" <b...@reser.org> Sent: Friday, October 18, 2013 1:51:56 PM > On 10/18/13 10:01 AM, Naumenko, Roman wrote: > > What I noticed is that svn server making a request for each svn URI or > > operation, which neither LDAP server likes nor users that could be > > waiting for their turn to be authenticated and see delays in svn server > > response. > > > > Could somebody point me where the problem is? > > I'd expect only one authentication request from the server when user > > presents himself first time (or after cache expires). > > This is a feature. It allows you to use Apache authentication setups that > are path based like mod_authz_svn is. In your case (and most users case) the > only authentication handler that cares about the path is mod_authz_svn, in > which > case you can use the mod_dav_svn configuration directive "SVNPathAuthz > short_circuit" which will prevent subrequests from being generated for > additional paths that a request touches other than the path in the request > URI and instead simply ask mod_authz_svn to process the path directly. This > will > speed up your server by quite a bit since subrequests are slow as well as > resolving your problem with LDAP.
Another option is caching the LDAP requests to avoid beating up the LDAP server(s). # Allocate maximum of 256K RAM for cache LDAPSharedCacheSize 262144 # Save 1K cache entries for successful search/binds LDAPCacheEntries 1024 # Keep entries in cache for 8 hours for successful search/binds LDAPCacheTTL 28800 # Save 1K cache entries for successful compare operations LDAPOpCacheEntries 1024 # Keep entries in cache for 8 hours for successful compare operations LDAPOpCacheTTL 28800
