[NGO] Re: ldap vs generic plone authentication

[Rocky Burt]

On Wed, 2006-27-09 at 12:47 -0400, Nate Aune wrote:
> We are building a Plone-based intranet solution for a customer, and  
> one of the requirements was LDAP authentication. They are hosting  
> both the LDAP server and Plone server on the same LAN, and we have  
> not experienced any significant latency issues with this setup.
> 
> However, when we test the login using a local development machine  
> which is connecting to their remote LDAP server over a VPN, the login  
> procedure is noticeably slower. I think that once you are  
> authenticated, then the site responds at favorable speeds. Rocky -  
> can you confirm this?

Yes, the latency involved when the LDAP setup and Plone setup were are
the same server was only noticeable when doing user searches (and even
then it was quite fast for us, just not as fast as standard Plone user
searches).

But when the LDAP setup and Plone setup are on separate networks, the
latency was killer.  I personally wouldn't consider the performance in
that situation acceptable.  But the only time you actually bump into
this is when logging in and when doing user related activities like
searching, granting permissions, etc.  Although it seemed like only the
first login for a user was slow, corresponding logins by the same user
were spiffy (pretty sure the ldap plugin was caching this).

- Rocky

-- 
Rocky Burt
ServerZen Software -- http://www.serverzen.com
News About The Server (blog) -- http://www.serverzen.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://lists.plone.org/pipermail/plone-ngo/attachments/20060927/9f7f8f2a/attachment.asc>