Uploaded image for project: 'ActiveMQ Artemis'
  1. ActiveMQ Artemis
  2. ARTEMIS-2886

Optimize security auth

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Closed
    • Major
    • Resolution: Fixed
    • None
    • 2.16.0
    • None
    • None

    Description

      Both authentication and authorization will hit the underlying security repository (e.g. files, LDAP, etc.). For example, creating a JMS connection and a consumer will result in 2 hits with the same authentication request. This can cause unwanted (and unnecessary) resource utilization, especially in the case of networked configuration like LDAP.

      There is a rudimentary cache for authorization, but it is cleared totally every 10 seconds by default (controlled via the security-invalidation-interval setting), and it must be populated initially which still results in duplicate auth requests.

      Attachments

        Issue Links

          relates to

          Improvement - An improvement or enhancement to an existing feature or task. ARTEMIS-3102 ActiveMQSecurityManager5 should disconnect user when his authentication is not valid anymore

          • Major - Major loss of function.
          • Closed
          links to

          Web Link GitHub Pull Request #3246

          Web Link GitHub Pull Request #3254

          Web Link GitHub Pull Request #3291

          Activity

            People

              jbertram Justin Bertram
              jbertram Justin Bertram
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0h
                  0h
                  Logged:
                  Time Spent - 6h 10m
                  6h 10m