wiki:DirectoryAuthPlugin/CacheManagement

Version 1 (modified by rjollos, 19 months ago) (diff)

Content moved from ActiveDirectoryAuthPlugin/CacheManagement.

Cache Management

Because network connections are expensive in time, compute cycles and network bandwidth, a strong caching paradigm (love using that word) was implemented to help lower the use of resources and lower the response time.

Configuration

  • the timeout and size can be tweaked as needed to support a particular environment. The system will send out an INFO alert if it's purging too quickly.
  • the memory cache can be completely disabled by setting the size to 0. This should only be done if you are using a single process, as the database interface *should* be caching results.

Lookups

  • Each search to the AD server is through a cached LDAP filehandle. The restart option has been enabled to allow it to persist.
  • When valid data is found .. the data is pickled, and the key hashed and stored in a new table in the database called ad_cache.
  • It's also stored in a class variable _cache which is a dictionary.

Retrieval

  • the memory cache is checked first
  • then the database cache
  • lastly the AD server itself is searched
  • Any results are then pushed back on the cache(s)

Integration

  • data is cached by 'class' where appropriate to speed up processing,
  • all ldap searches are cached using a key which is a hashed combination of ( base_dn, scope, filter )