[KNOX-468] Add default config to optimize LDAP group lookup - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Closed
Priority: Critical
Resolution: Fixed
Affects Version/s: 0.5.0
Fix Version/s: 0.6.0
Component/s: Server
Labels:
None

Description

The config below needs to be added to the Shiro provider in order to prevent LDAP group lookup every request.

cacheManager = org.apache.shiro.cache.MemoryConstrainedCacheManager
securityManager.cacheManager = $cacheManager

<topology>
    <gateway>
        <provider>
            <role>authentication</role>
            <name>ShiroProvider</name>
            ...
            <param>
                <name>main.cacheManager</name>
                <value>org.apache.shiro.cache.MemoryConstrainedCacheManager</value>
	    </param>
            <param>
                <name>main.securityManager.cacheManager</name>
                <value>$cacheManager</value>
            </param>
            ....
        </provider>
        ....
    </gateway>
    ...
</topology>

Attachments

Activity

People

Assignee:: Sumit Gupta

Reporter:: Kevin Minder

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: 05/Nov/14 18:20

Updated:: 28/Mar/19 14:13

Resolved:: 06/Nov/14 15:09