Bug 38239 – pwd_scheme_kinit needs caching

Bug 38239 - pwd_scheme_kinit needs caching


Summary:	pwd_scheme_kinit needs caching

Status:	NEW

Product:	UCS
Classification:	Unclassified
Component:	LDAP
Version:	UCS 5.0
Hardware:	Other Linux

Importance:	P5 enhancement (vote)
Target Milestone:	---
Assigned To:	UCS maintainers
QA Contact:

URL:
Keywords:

Depends on:
Blocks:	38618
	Show dependency tree / graph

Reported:	2015-04-13 10:18 CEST by Janis Meybohm
Modified:	2020-06-22 17:25 CEST (History)
CC List:	5 users (show)

See Also:
What kind of report is it?:	Feature Request
What type of bug is this?:	---
Who will be affected by this bug?:	---
How will those affected feel about the bug?:	---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:	2015040121000218
Bug group (optional):	External feedback, Roadmap discussion (moved), UCS Performance
Max CVSS v3 score:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Janis Meybohm

2015-04-13 10:18:14 CEST

Ticket#2015040121000218 

LDAP-Binds in AD Member Mode environment are quite less performant that "normal" LDAP-Binds. Probably this is because of the "overhead" added by pwd_scheme_kinit.

This is especially seen with apps like Zarafa as the Zarafa WebApp does not cache credentials itself and does a lot of LDAP binds (more than 10 within a minute of "normal work" for a user) because of this.

pwd_scheme_kinit should cache the hash of the users password (for X time units) when the ticket is granted so that consequent binds can use the local hash for authentication.