[Building Sakai] LDAP caching
Sam Ottenhoff
ottenhoff at longsight.com
Fri Dec 20 10:56:05 PST 2013
On Fri, Dec 20, 2013 at 1:53 PM, Kusnetz, Jeremy <JKusnetz at apus.edu> wrote:
> Actually I guess what you are saying is I need to set
>
>
>
> I see the timeToLiveSeconds is set to 300:
>
>
>
> [ name = org.sakaiproject.user.api.UserDirectoryService.callCache status =
> STATUS_ALIVE eternal = false overflowToDisk = false maxEntriesLocalHeap =
> 10000 maxEntriesLocalDisk = 0 memoryStoreEvictionPolicy = LRU
> timeToLiveSeconds = 300 timeToIdleSeconds = 300 diskPersistent = false
> diskExpiryThreadIntervalSeconds = 120 cacheEventListeners:
> net.sf.ehcache.statistics.LiveCacheStatisticsWrapper hitCount = 459530
> memoryStoreHitCount = 459530 diskStoreHitCount = 0 missCountNotFound =
> 22147 missCountExpired = 10295 maxBytesLocalHeap = 0 overflowToOffHeap =
> false maxBytesLocalOffHeap = 0 maxBytesLocalDisk = 0 pinned = false ]
>
>
>
> So I would add this to sakai.properties?
>
Correct
>
>
>
> memory.org.sakaiproject.user.api.UserDirectoryService.callCache=timeToLiveSeconds=14400,timeToIdleSeconds=0,maxElementsInMemory=50000
>
>
>
> With this being cached so long, if a user updates their password it could
> take up to 4 hours to see the change?
>
No, passwords aren't cached. Authentications occur live against LDAP. If
the user's last name changes in LDAP it will not update in Sakai until the
cache expires. That small downside seems worth it for vastly better
performance.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://collab.sakaiproject.org/pipermail/sakai-dev/attachments/20131220/4aced55b/attachment.html
More information about the sakai-dev
mailing list