> From: "Ben Reser" <ben_at_reser.org> Sent: Friday, October 18, 2013 1:51:56 PM
> On 10/18/13 10:01 AM, Naumenko, Roman wrote:
> > What I noticed is that svn server making a request for each svn URI or
> > operation, which neither LDAP server likes nor users that could be
> > waiting for their turn to be authenticated and see delays in svn server
> > response.
> >
> > Could somebody point me where the problem is?
> > I'd expect only one authentication request from the server when user
> > presents himself first time (or after cache expires).
>
> This is a feature. It allows you to use Apache authentication setups that
> are path based like mod_authz_svn is. In your case (and most users case) the
> only authentication handler that cares about the path is mod_authz_svn, in which
> case you can use the mod_dav_svn configuration directive "SVNPathAuthz
> short_circuit" which will prevent subrequests from being generated for
> additional paths that a request touches other than the path in the request
> URI and instead simply ask mod_authz_svn to process the path directly. This will
> speed up your server by quite a bit since subrequests are slow as well as
> resolving your problem with LDAP.
Another option is caching the LDAP requests to avoid beating up the LDAP server(s).
# Allocate maximum of 256K RAM for cache
LDAPSharedCacheSize 262144
# Save 1K cache entries for successful search/binds
LDAPCacheEntries 1024
# Keep entries in cache for 8 hours for successful search/binds
LDAPCacheTTL 28800
# Save 1K cache entries for successful compare operations
LDAPOpCacheEntries 1024
# Keep entries in cache for 8 hours for successful compare operations
LDAPOpCacheTTL 28800
Received on 2013-10-19 18:30:55 CEST