Uploaded image for project: 'Confluence Data Center'
  1. Confluence Data Center
  2. CONFSERVER-23943

Group Lookup for Delegated Authentication Directory should not query for all membership attributes

    XMLWordPrintable

Details

    • Bug
    • Resolution: Fixed
    • Medium
    • 5.0
    • 3.5.11
    • None

    Description

      Scenario: Delegated Authentication Directory with "Copy Groups on Login"

      When a user logs in, we do N+1 LDAP queries to check for this user's groups, where N = # of groups this user is in.

      This group lookup pulls in all the attributes: This leads to a performance problem if N is very large or if each group has many members.

      It isn't necessary for us to pull in the membership attributes: it's enough for us to check for mere presence of each group: the only attribute we need to return for this purpose is the groupname attribute.

      Attachments

        Issue Links

          relates to

          Suggestion - CWD-1860 Retrieve only the necessary attributes when searching for LDAP users and groups

          • Closed
          supersedes

          Suggestion - CONFSERVER-15783 LDAP perfromance in certain areas could be improved for instances hooked up to large LDAP instances with lots of entries

          • Closed
          mentioned in

          Page Loading...

          Activity

            People

              jwalton joe
              twong Tim Wong (Inactive)
              Votes:
              3 Vote for this issue
              Watchers:
              15 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: