Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
4,293,210
Community Members
 
Community Events
165
Community Groups

crowd apache connector performance issues

Hello,

 

I am using crowd apache connector for SVN SSO with crowd.

The SSO configuration is working fine and I can see it from browser as well as IDE/Tortoise SVN client etc.

configuration is:

AuthName "Atlassian Crowd"
        AuthType Basic
        AuthBasicProvider crowd
        CrowdAppName <SVN APP NAME>
        CrowdAppPassword <SVN APP PWD>
        CrowdURL https://<CROWD HOST>:9443/crowd/
        CrowdSSLVerifyPeer Off
        CrowdCreateSSO off  # Improves performance when using Subversion clients that don't store cookies

We do have many repos and each repo had its own acl with list of users defined.

We can reuse the same files for authorization as well, however, we are having performance issues. e.g. it used to take 2 sec, now it is taking 40 sec.

Is there any setting to control that e.g. cache data or not to go to crowd for every request etc?

 

Thanks

Shailesh

 

2 answers

Thanks,

 

Although I have

 

LoadModule authnz_crowd_module modules/mod_authnz_crowd.so

LoadModule  authz_svn_module       modules/mod_authz_svn.so

 

I am getting

 

CrowdCacheMaxAge not allowed here

 

Any suggestions.

 

Thanks

I guess I had to add those cache options outside of location tag of apache. However, even after doing that, performance didn't improve much. What I have is crowd configuration in place, and not for each individual repo. Each individual repo location, I have specified acl file. Not sure if that makes any difference..

0 votes

You have two options to control the cache behavior, which are documented in Integrating Crowd with Apache:

CrowdCacheMaxAge 120

The maximum number of seconds that a response from Crowd will be cached by the Apache Crowd connector.

60

CrowdCacheMaxEntries 1000

The maximum number of entries cached at any time by the Apache Crowd connector. If set to 0, caching is disabled.

500

 

The last column denotes the default value, and a note further down on that page confirms that caching should already be enabled by default:

  • If the CrowdCacheMaxEntries setting is missing or set to a non-zero value, then requests to Crowd are cached in order to increase performance. This means that changes to passwords, group membership and session expiry in Crowd may not be reflected immediately in user access.

Given your scenario comprises many repos, you probably need to ensure that CrowdCacheMaxEntries is sufficiently large to avoid items being purged from the cache early and actually yield them to be cached for CrowdCacheMaxAge.

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Posted in Jira Service Management

Jira Service Management Documentation Opportunities

Hello everyone, Hope everyone is safe! A few months ago we posted an article sharing all the new articles and documentation that we, the AMER Jira Service Management team created. As mentioned ...

145 views 0 3
Join discussion

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you