This idea has been kicked around before, we discussed on the dev list a several months ago: http://mail-archives.apache.org/mod_mbox/directory-dev/201811.mbox/%[email protected]%3e
The biggest problem with caching is creates consistency problems between highly-available and/or load-balanced nodes. In today’s computing environment (everything’s running in a container/cluster) it’s an untenable situation. This is a proposal to replace fortress usage of ehchache with the LDAP persistent search control. Specifically these cached datasets would be targeted: a. cache name="fortress.policies” b. cache name="fortress.ous” c. cache name="fortress.roles” d. cache name="fortress.admin.roles” e. cache name="fortress.pso” f. cache name="fortress.uso” g. cache name="fortress.dsd” h. cache name=“fortress.ssd” My plan, start playing in a sandbox, get an estimate of amount of work / complexity of the change. It may require changing how Fortress handles state, to be more inline with what can be done using persistent search. Of course the public APIs should not have to change nor should the behavior with the client (hint requirement). Let me know if you have any interest in participation (providing requirements, design, test) in this effort. Thanks, —Shawn
