[Building Sakai] LDAP caching

Kusnetz, Jeremy JKusnetz at APUS.EDU
Fri Dec 20 10:53:10 PST 2013 

Actually I guess what you are saying is I need to set

I see the timeToLiveSeconds is set to 300:

[ name = org.sakaiproject.user.api.UserDirectoryService.callCache status = STATUS_ALIVE eternal = false overflowToDisk = false maxEntriesLocalHeap = 10000 maxEntriesLocalDisk = 0 memoryStoreEvictionPolicy = LRU timeToLiveSeconds = 300 timeToIdleSeconds = 300 diskPersistent = false diskExpiryThreadIntervalSeconds = 120 cacheEventListeners: net.sf.ehcache.statistics.LiveCacheStatisticsWrapper hitCount = 459530 memoryStoreHitCount = 459530 diskStoreHitCount = 0 missCountNotFound = 22147 missCountExpired = 10295 maxBytesLocalHeap = 0 overflowToOffHeap = false maxBytesLocalOffHeap = 0 maxBytesLocalDisk = 0 pinned = false ]

So I would add this to sakai.properties?

memory.org.sakaiproject.user.api.UserDirectoryService.callCache=timeToLiveSeconds=14400,timeToIdleSeconds=0,maxElementsInMemory=50000

With this being cached so long, if a user updates their password it could take up to 4 hours to see the change?


From: sakai-dev-bounces at collab.sakaiproject.org [mailto:sakai-dev-bounces at collab.sakaiproject.org] On Behalf Of Kusnetz, Jeremy
Sent: Friday, December 20, 2013 1:48 PM
To: 'Sam Ottenhoff'
Cc: sakai-dev Developers
Subject: Re: [Building Sakai] LDAP caching

Thanks Sam.

I'm probably missing something here, but can I override the default of 5 minutes?

Shouldn't memory.edu.amc.sakai.user.JLDAPDirectoryProvider.userCache=timeToLiveSeconds=14400,timeToIdleSeconds=3600,maxElementsInMemory=20000
Have set it to 14400 seconds?  If so, it's not acting that way.

I do see in JLDAPDirectoryProvider.java public static final long DEFAULT_CACHE_TTL = 5 * 60 * 1000;
But I also see that there is a setCacheTTL which should be able to override it.


From: Sam Ottenhoff [mailto:ottenhoff at longsight.com]
Sent: Friday, December 20, 2013 11:24 AM
To: Kusnetz, Jeremy
Cc: sakai-dev Developers
Subject: Re: [Building Sakai] LDAP caching



Looking at the LDAP debug logs we see that the entry is found in the cache but it's expired?  This is only after a few minutes after doing the initial lookup from the LDAP server.


Yes, the default is an incredibly low 5 minutes.  If others support increasing this cache default time, let's file a JIRA and raise the default.

We added to sakai.properties:
memory.edu.amc.sakai.user.JLDAPDirectoryProvider.userCache=timeToLiveSeconds=14400,timeToIdleSeconds=3600,maxElementsInMemory=20000


I believe we should just remove this JLDAP cache in favor of caching in the central UserDirectoryService.  So I would just zero out this JLDAP cache and then increase the central cache like this:

memory.org.sakaiproject.user.api.UserDirectoryService.callCache=timeToLiveSeconds=43200,timeToIdleSeconds=0,maxElementsInMemory=50000


This message is private and confidential. If you have received it in error, please notify the sender and remove it from your system.
This message is private and confidential. If you have received it in error, please notify the sender and remove it from your system.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://collab.sakaiproject.org/pipermail/sakai-dev/attachments/20131220/eafeec89/attachment.html

More information about the sakai-dev mailing list