[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ACL optimization

To: ldap@fadesa.es
Subject: Re: ACL optimization
From: Pierangelo Masarati <ando@sys-net.it>
Date: Fri, 05 Aug 2005 08:32:54 +0200
Cc: openldap-software@OpenLDAP.org
In-reply-to: <42F2537C.C68E3D@fadesa.es>
References: <42F08EC4.A79C75F9@fadesa.es> <37558.131.175.154.56.1123080061.squirrel@131.175.154.56> <D410C909733ED33B46C2606F@cadabra-dsl.stanford.edu> <42F2537C.C68E3D@fadesa.es>
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.8) Gecko/20050524 CentOS/1.7.8-1.1.3.1.centos3

José M. Fandiño wrote:

As a curiosity, servers matched by the first rules are about 5 or 6 times faster to response than servers matched by last rules. I thought that the ACL evaluation time will be uniform because the whole set of rules would be evaluated. this makes sense to someone?

5 times sounds a lot; but access rules are evaluated only up to a match of the <what> clause, unless a <control> is specified (e.g. e "break"). So, in those cases ACL checking is particularly heavy, I 'd expect some overhead for operations that result in evaluatting all of them compared to those that result in evaluating only the first rules.

p.


   SysNet - via Dossi,8 27100 Pavia Tel: +390382573859 Fax: +390382476497

References:
- ACL optimization
  - From: "José M. Fandiño" <ldap@fadesa.es>
- Re: ACL optimization
  - From: "Pierangelo Masarati" <ando@sys-net.it>
- Re: ACL optimization
  - From: Quanah Gibson-Mount <quanah@stanford.edu>
- Re: ACL optimization
  - From: "José M. Fandiño" <ldap@fadesa.es>

Prev by Date: Re: Plugin configuration problem
Next by Date: Re: ACL optimization
Index(es):
- Chronological
- Thread