Uploaded image for project: 'camunda BPM'
  1. camunda BPM
  2. CAM-7993

LDAP authentication is cached

    XMLWordPrintable

    Details

    • Type: Feature Request
    • Status: Open
    • Priority: L3 - Default
    • Resolution: Unresolved
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: None
    • Labels:

      Description

      Given:

      • REST API with enabled HTTP Basic Authentication
      • LDAP engine plugin is enalbed

      Behavior:
      Whenever a request is sent to the REST API, then the default HttpBasicAuthenticationProvider checks the given password. Therefore a request is sent to the configured LDAP to fetch the related user information. Afterwards the given password is checked.

      Problem:
      In a scenario, where multiple requests are received by the REST API, ends up with multiple requests to the configured LDAP. Even when the requests to the REST API is always from the same user.
      Due to the amount of requests in a short time this leads to the problem, that the LDAP server does not respond anymore.

      Desired behavior:

      • There should be some kind of caching of the (LDAP) authentication. This could be done either in the REST API or in the LDAP engine plugin.
      • There should be a configuration option to determine how long the authentication should be cached.

        Attachments

          Activity

            People

            Assignee:
            Unassigned
            Reporter:
            roman.smirnov Roman Smirnov
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated: