Beefy Boxes and Bandwidth Generously Provided by pair Networks DiBona
The stupid question is the question not asked
 
PerlMonks  

Keeping LDAP connections between program runs

by jpfarmer (Pilgrim)
on Aug 30, 2005 at 16:21 UTC ( [id://487935]=perlquestion: print w/replies, xml ) Need Help??

This is an archived low-energy page for bots and other anonmyous visitors. Please sign up if you are a human and want to interact.

jpfarmer has asked for the wisdom of the Perl Monks concerning the following question:

Recently, I have found myself in a position where I need to optimize a web service that my company uses. This service is basically a web front-end an LDAP directory service. The application has increased in traffic, and so the overhead of repeated binds is starting to be a problem. As a result, I am in search of a way to use a persistant connection to the directory.

My first thought was to create a dameon that would maintain a connection to the LDAP server and then have the address book application talk to the dameon, but I don't know how reliable the dameon modules are (I was looking at Net::Daemon...is it trustworthy?) and I also don't know if Net::LDAP is threadsafe.

Is there a better way to go about this or is a daemon the way to go?

  • Comment on Keeping LDAP connections between program runs

Replies are listed 'Best First'.
Re: Keeping LDAP connectsion between program runs
by Tanktalus (Canon) on Aug 30, 2005 at 16:28 UTC

    This sounds vaguely similar to Apache::DBI's purpose in life: to cache DBI connections. So, I suppose the first question is: are you using mod_perl? The second is: can you? :-)

[reply]

      I ran across that, but the LDAP connection isn't a DBI connection, so I'm not sure that would help.

      I'm not using mod_perl. We don't need it for performance reasons on the web server and I don't have any experience with it, but I could learn if that's the only real solution.

[reply]
        Even if the rest of your app doesn't need mod_perl for performance, this part may. The whole purpose of mod_perl is to save time through persistence inside an apache instance. Using mod_perl, it is easy to keep the connection open from hit to hit. And to pool connections in all sorts of ways.

        Even though I haven't used LDAP, it seems from your description that it is similar in spirit to a database in that a client opens a connection to the server. Building that connection takes time and eventually becomes a bottlenck.

        Apache::DBI could serve as a code modle for an Apache::LDAP if one does not already exist. Having written the last sentence, I went to search cpan and found Apache::AuthenLDAP and its cousin Apache::AuthzLDAP. These might be just what you need, or another model for your own code.

        Phil

[reply]

        I believe you want DBD::LDAP (in conjunction with Apache::DBI)

             use DBI;
     $dbh = DBI->connect("DBI:LDAP:ldapdb",'user','password')
         or die "Cannot connect as user: " . $DBI::errstr;

     $dbh = DBI->connect("DBI:LDAP:ldapdb")  #ANONYMOUS
         or die "Cannot connect as guest (readonly): " . $DBI::errstr;

        [download]

        Updated: You might also want to look at ResourcePool, which specifically calls out Net::LDAP connection caching as a target use.

        The intelligent reader will judge for himself. Without examining the facts fully and fairly, there is no way of knowing whether vox populi is really vox dei, or merely vox asinorum. -- Cyrus H. Gordon
[reply]
[d/l]
Re: Keeping LDAP connections between program runs
by ghenry (Vicar) on Aug 30, 2005 at 17:44 UTC

    How many binds are we talking about here?

    LDAP is designed for the sole purpose of high read requests, so if you are just requesting a read, be it TLS/Start_TLS or SASL, I suggest you have a word with the guys who setup the server. That could be the main problem.

    Just a thought.

    Walking the road to enlightenment... I found a penguin and a camel on the way.....
    Fancy a yourname@perl.me.uk? Just ask!!!
[reply]

      At high load, about 3000 binds/hour. They're simple binds; there's a SSH tunnel between the server and the client so we could avoid the overhead of SASL.

[reply]

        Not that many, compared to some places

        Please don't tell me you are using a ldbm backend? I hope it's a bdb (if you are using OpenLDAP that is).

        Walking the road to enlightenment... I found a penguin and a camel on the way.....
        Fancy a yourname@perl.me.uk? Just ask!!!
[reply]

Back to Seekers of Perl Wisdom

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?

www.com | www.net | www.org
Node Status?
node history
Node Type: perlquestion [id://487935]
Approved by Tanktalus
help
Sections?
Information?
Find Nodes?
Leftovers?
    Notices?
    hippoepoptai's answer Re: how do I set a cookie and redirect was blessed by hippo!
    erzuuliAnonymous Monks are no longer allowed to use Super Search, due to an excessive use of this resource by robots.