Bug 49193 - Implement LDAP scope-aware caching in APR-Util
Implement LDAP scope-aware caching in APR-Util
Status: NEW
Product: APR
Classification: Unclassified
Component: APR-util
HEAD
All All
: P2 enhancement (vote)
: ---
Assigned To: Apache Portable Runtime bugs mailinglist
: RFC
Depends on:
Blocks:
  Show dependency tree
 
Reported: 2010-04-27 08:11 UTC by Peter Thomas
Modified: 2010-07-15 20:25 UTC (History)
0 users



Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Peter Thomas 2010-04-27 08:11:59 UTC
The current LDAP cache implemented for httpd's mod_ldap only does exact matches based on LDAP URL and filter expression.  An intelligent caching mechanism would respect basedn and scope of a given LDAP search.  Essentially we need the caching to implement the behavior of an RFC-compliant "mini-LDAP server."

Please enhance APR-Util's LDAP implementation to the extent necessary to support "scope-aware" caching, specifically:

1) the current implementation works for exact matches of both search expression and basedn, this is equivalent to "basedn scoped" searches.
2) onelevel cache searches would include case 1 and also any cache entries with no more than one additional DN entry.
3) subtree-scoped cache searches; would include both case 1, case 2, and any deeper matches.

I will write a companion bug against httpd's mod_ldap and update this as a blocker.
Comment 1 Eric Covener 2010-04-27 08:15:02 UTC
It's unlikely that an LDAP cache would be moved into APR and enhanced. There are currently discussion to even move the portability aspects of LDAP into httpd.
Comment 2 Peter Thomas 2010-04-27 13:12:52 UTC
Makes sense...rather than build a "dependency tree," I'll clone this into httpd, proper.
Comment 3 Peter Thomas 2010-07-15 20:25:38 UTC
(In reply to comment #1)
> It's unlikely that an LDAP cache would be moved into APR and enhanced. There
> are currently discussion to even move the portability aspects of LDAP into
> httpd.

FYI, the httpd copy of this bug is at https://issues.apache.org/bugzilla/show_bug.cgi?id=49199 .  Have the discussions about moving LDAP portability into httpd reached a conclusion?