Details
Major Description
Every user.login operation (for portal login, basic auth or dav) calls refreshUser() to sync the user's realms with an "external" group provider (which could be a CM implementation).
Such implementations may be slow and expensive (i.e. involve a lot of db queries or slow to run), and it's thus not desireable to do this too often. Specifically in the case of WebDAV, currently every dav operation generates a new login, but the same would be true for users who login repeatedly through the UI or webservice, basic auth or other methods.
To reduce performance impact, implement a cache with a short default TTL (e.g. 1 minute) so that refreshUser is only called for each user once within the cache TTL seconds.
Develop from the "in-progress" patch submitted by Matthew Buckett for SAK-11636
Gliffy Diagrams
Zeplin
Attachments
Issue Links
- relates to
-
SAK-11636 HTTP Basic operations create a login event for each request and refreshes authzgroups.
-
- CLOSED
-