[jboss-jira] [JBoss JIRA] (SECURITY-891) rolesSearch is doing a needless LDAP call for each individual role
Ivo Studensky (JIRA)
issues at jboss.org
Wed Sep 2 07:56:05 EDT 2015
[ https://issues.jboss.org/browse/SECURITY-891?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Ivo Studensky resolved SECURITY-891.
------------------------------------
Resolution: Done
Merged upstream.
> rolesSearch is doing a needless LDAP call for each individual role
> ------------------------------------------------------------------
>
> Key: SECURITY-891
> URL: https://issues.jboss.org/browse/SECURITY-891
> Project: PicketBox
> Issue Type: Bug
> Components: JBossSX, Security-SPI
> Affects Versions: PicketBox_4_9_2.Final
> Reporter: Tom Fonteyne
> Assignee: Tom Fonteyne
>
> https://github.com/picketbox/picketbox/blob/master/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/spi/LdapExtLoginModule.java
> line 690:
> // Query the context for the roleDN values
> String[] attrNames = {roleAttributeID};
> Attributes result = null;
> if (sr.isRelative()) {
> result = ldapCtx.getAttributes(quoteDN(dn), attrNames);
> The getAttributes method forces another roundtrip to the LDAP server, while the required attribute is in fact already present on the "sr" SearchResult object.
> If a user is a member of (lets say) 100 groups, then we can get an extra 100 calls to the LDAP server.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
More information about the jboss-jira
mailing list