[security-dev] IDM: LDAP Custom Attributes
Boleslaw Dawidowicz
bdawidow at redhat.com
Thu Dec 6 03:18:27 EST 2012
On Dec 6, 2012, at 3:06 AM, Anil Saldhana <Anil.Saldhana at redhat.com> wrote:
> Pedro,
> we had discussions on performance associated in querying custom
> attributes in the LDAP implementation. I realized that since we will
> have an identity cache operating in the IDM layer. The cache needs to
> have LRU entries (or whatever policy that gets configured) thus avoiding
> round trips to the Identity Store.
>
> Bolek had opined about the use of LDAP entry change notifications to
> update the IDM cache. This is when the admin may have used some form of
> LDAP browser to update the entries or update happens via software not
> controlled by IDM.
Yes, we had a lot of request to cover such scenario in portal. IdentityStore provisioned using external tools and some REST/JMX hook to flush caches or resync db state if it pulls from LDAP.
>
> Regards,
> Anil
> _______________________________________________
> security-dev mailing list
> security-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/security-dev
More information about the security-dev
mailing list